Accepted guile-2.0 2.0.11+1-9+deb8u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 22 Oct 2016 11:36:24 -0500
Source: guile-2.0
Binary: guile-2.0 guile-2.0-dev guile-2.0-doc guile-2.0-libs
Architecture: source amd64 all
Version: 2.0.11+1-9+deb8u1
Distribution: jessie
Urgency: high
Maintainer: Rob Browning <rlb@defaultvalue.org>
Changed-By: Rob Browning <rlb@defaultvalue.org>
Description:
guile-2.0 - GNU extension language and Scheme interpreter
guile-2.0-dev - Development files for Guile 2.0
guile-2.0-doc - Documentation for Guile 2.0
guile-2.0-libs - Core Guile libraries
Closes: 840555 840556
Changes:
guile-2.0 (2.0.11+1-9+deb8u1) jessie; urgency=high
.
* Fix REPL server vulnerability (CVE-2016-8606). Add
0017-REPL-Server-Guard-against-HTTP-inter-protocol-exploi.patch to
incorporate the fix. See that file for further information.
(Closes: 840555)
.
* Fix mkdir umask-related vulnerability (CVE-2016-8605). Previously,
whenever the second argument to mkdir was omitted, it would
temporarily change the umask to 0, a change which would also affect
any concurrent threads. Add
0018-Remove-umask-calls-from-mkdir.patch to incorporate the fix.
See that file for further information. (Closes: 840556)
Checksums-Sha1:
8b0d5bd116b96c25bdbad401c9dd62851a6187ec 2146 guile-2.0_2.0.11+1-9+deb8u1.dsc
988b39c4a0a5c9409caeb57a53462de51679c665 30144 guile-2.0_2.0.11+1-9+deb8u1.debian.tar.xz
df1e8f41380125071d47d7920539f38da1d4eff8 18792 guile-2.0_2.0.11+1-9+deb8u1_amd64.deb
f94535159dbe193d83bf38f899efbb1355b90eb4 693138 guile-2.0-dev_2.0.11+1-9+deb8u1_amd64.deb
649cdad689ba068a2a86441c7c0369d60a4f4152 861176 guile-2.0-doc_2.0.11+1-9+deb8u1_all.deb
8f4244777607553c424e87979a35614e295e6396 2222004 guile-2.0-libs_2.0.11+1-9+deb8u1_amd64.deb
Checksums-Sha256:
50d4ee3d029eae392e054a9856a63a949d1e6606207de6d9f58737e17a57fd10 2146 guile-2.0_2.0.11+1-9+deb8u1.dsc
9b491a042d39f47fcff84235f41b6d94a8eca06199c68a45a515584ee64354ca 30144 guile-2.0_2.0.11+1-9+deb8u1.debian.tar.xz
9c832ded0d71b15516680d603e13b4f6ab30c28c46bd9e6f452b7a918bcc032b 18792 guile-2.0_2.0.11+1-9+deb8u1_amd64.deb
fc332b2082e07a36916dab57171e6d950394cb7a63757b4b27103b627a353256 693138 guile-2.0-dev_2.0.11+1-9+deb8u1_amd64.deb
9267e9924f5fafd4f17170fb6e5eabeaaaddbfa0932be2536e30fb7cf4e8bba4 861176 guile-2.0-doc_2.0.11+1-9+deb8u1_all.deb
22b0f1c94685faf057aa91621dab9682ed66a58a70d05d8886e2ab11003326b5 2222004 guile-2.0-libs_2.0.11+1-9+deb8u1_amd64.deb
Files:
8f9d0ad50d0cc037b1e42c9fc58b4c0c 2146 interpreters optional guile-2.0_2.0.11+1-9+deb8u1.dsc
2ecf8adaa9c161b6188d5ac1554acd4e 30144 interpreters optional guile-2.0_2.0.11+1-9+deb8u1.debian.tar.xz
8cabab206056acb1e47f68022d324e37 18792 lisp optional guile-2.0_2.0.11+1-9+deb8u1_amd64.deb
dbcaf4a32d19c39cd056e0bd4c1ec57e 693138 lisp optional guile-2.0-dev_2.0.11+1-9+deb8u1_amd64.deb
5f99a527c950f70c51e91d27f07c1669 861176 doc optional guile-2.0-doc_2.0.11+1-9+deb8u1_all.deb
16454fbef01ce79ef648a2491b07de6b 2222004 lisp optional guile-2.0-libs_2.0.11+1-9+deb8u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIyBAEBCAAcBQJYeqQ5FRxybGJAZGVmYXVsdHZhbHVlLm9yZwAKCRDu8RbFWlpC
8adZD/4gmbfNTqtrhPhdBV1/pB8CGnZ7Ww7T1b7x6vtHsiQvw6D6DQqQIlwMrJpu
UXnKF0zULJ6rBlCzzAswWkkswY3eDYfJxmczUmPonsjEG3fI+hH/COiysNSXq7mX
47qYv/zjkuUEiOvncUqgIGk1N8esZA/vN4H0dCvy/S9AYRWJzHbmngRQhVHuArja
QPgGviuSa3JJ3qEUW9HtsCmx2TWtLFg4qRjlFbuM4B4suQRuKXkBvveqQJPr0UWO
/MVT0JBQbEhxBEeniWhNBMgEHqYo+S86dymKXI0hwBZR0JF/EwzOZ4zP2QfGByb1
Qm87nTnLH3H28rH6Xk7Yk+SBWiuAR7TNWvefapMf1aAk9QlTm90tPjDYhdFOpFIS
L+6K4EwmdJ+Rk8O7JEqYskqB9DWYn75pSJPstv22/yauMSPgq1Yfy8wBCYKWp/fF
nNpUDrJ9+uwzxvcot4iPiu/IN2UJdNEkR639HVlmo+4CPc6kFCZlHvY+tuZZtd2z
umknCeZSHogyQGQ9nhX2IKBCQzlqyyrV74py28EMK2jkiEwHg+OuUX3rrYMp6CD/
sEPn3z7FpAueWNjvQYiCc2zdVuCHK4kuKLNIIDX4FW4Bshfs1K4pPH+KjAv0jghO
OazJ0WS0bwL5KKt53c8e4Fl46PZjWePqdJGYCyRc1F4p23UB+Q==
=4Fad
-----END PGP SIGNATURE-----