Accepted ia32-libs 20140911 (source amd64) into squeeze-lts
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 11 Sep 2014 21:16:18 +0200
Source: ia32-libs
Binary: ia32-libs ia32-libs-dev
Architecture: source amd64
Version: 20140911
Distribution: squeeze-lts
Urgency: low
Maintainer: Debian ia32-libs Team <pkg-ia32-libs-maintainers@lists.alioth.debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description:
ia32-libs - ia32 shared libraries for use on amd64 and ia64 systems
ia32-libs-dev - ia32 development files for use on amd64 and ia64 systems
Changes:
ia32-libs (20140911) squeeze-lts; urgency=low
.
* Packages updated
.
[ cups (1.4.4-7+squeeze6) squeeze-lts; urgency=medium ]
.
* Backport upstream patches to fix:
- insufficient checking when allowing files download from the webinterface
(STR #4455), fixes CVE-2014-5029, CVE-2014-5030 and CVE-2014-5031
- privilege escalation through the CUPS webinterface (STR #4450), fixes
CVE-2014-3537.
.
[ cups (1.4.4-7+squeeze5) oldstable; urgency=low ]
.
* Import upstream patch to fix XSS in the CUPS webinterface (STR #4356),
fixes CVE-2014-2856
.
[ gnutls26 (2.8.6-1+squeeze4) squeeze-lts; urgency=medium ]
.
* Fix CVE-2014-3466
.
[ krb5 (1.8.3+dfsg-4squeeze8) squeeze-lts; urgency=medium ]
.
* Non-maintainer upload by the Squeeze LTS Team.
* Apply upstream patches for several issues:
- CVE-2014-4341: denial of service due to improper GSSAPI message
validation, Bug: #753624
- CVE-2014-4342: denial of service due to improper GSSAPI message
validation, Bug: #753625
- CVE-2014-4343: double-free in SPNEGO initiator during renegotiation,
#755520
- CVE-2014-4344: NULL dereference in SPNEGO acceptor, Bug: #755521
- CVE-2014-4345 [MITKRB5-SA-2014-001]: buffer overrun in kadmind with
LDAP backend, Bug: #757416
* put patches into debian/patches (0026-* .. 0029-*)
.
[ libxml2 (2.7.8.dfsg-2+squeeze9) squeeze-lts; urgency=high ]
.
* libxml2 could be made to consume resources if it processed
a specially crafted file.
(CVE-2014-0191)
patch for parser.c copied from debian/patches/cve-2014-0191.patch
for Wheezy
.
[ lzo2 (2.03-2+deb6u1) squeeze-lts; urgency=medium ]
.
* Non-maintainer upload by the Squeeze LTS Team.
* Add CVE-2014-4607.patch from DSA-2995-1.
CVE-2014-4607: lzo1x_decompress_safe() integer overflow allowing denial
of service or code execution. (#752861)
.
[ nspr (4.8.6-1+squeeze2) squeeze-lts; urgency=high ]
.
* CVE-2014-1545
.
[ nss (3.12.8-1+squeeze8) squeeze-lts; urgency=high ]
.
* Non-maintainer upload by the Security Team.
* Fix CVE-2014-1492: Incorrect IDNA domain name matching for wildcard
certificates.
* Fix CVE-2014-1491: Do not allow p-1 as a public DH value.
* Fix CVE-2013-5606: Properly return a certificate validation error when
using the verifylog mode.
* Fix CVE-2013-1741: Runaway memset in certificate parsing on 64-bit
computers leading to a crash by attempting to write 4Gb of nulls.
.
[ openssl (0.9.8o-4squeeze17) squeeze-lts; urgency=medium ]
.
* Fix for CVE-2014-3510
* Fix for CVE-2014-3507
* Fix for CVE-2014-3506
* Fix for CVE-2014-3505
* Fix for CVE-2014-3508
.
[ openssl (0.9.8o-4squeeze16) squeeze-lts; urgency=medium ]
.
* Update CVE-2014-0224 patch: Accept CCS after sending finished.
(#751093)
* Fix CVE-2012-4929 (CRiME) by disabling zlib compression by default.
It can be enabled again by setting the environment variable
OPENSSL_NO_DEFAULT_ZLIB. (#728055)
.
[ openssl (0.9.8o-4squeeze15) squeeze-lts; urgency=medium ]
.
* Fix CVE-2014-0076.patch
* Fix CVE-2014-0195.patch
* Fix CVE-2014-0221.patch
* Fix CVE-2014-3470.patch
* Fix CVE-2014-0224.patch
.
[ tiff (3.9.4-5+squeeze11) squeeze-lts; urgency=high ]
.
* Fix for CVE-2013-4243 (validation for gif2tiff) from Red Hat.
DSA-2965-1
#742917
Checksums-Sha1:
dc5dc349ebccb30b0e95c6f2d243bd77772d7684 1546 ia32-libs_20140911.dsc
be124000b604d84e8ae8862078721371db28f886 334698469 ia32-libs_20140911.tar.gz
6791e2c48732fad01b33b537accd43db7b0844fb 34262108 ia32-libs_20140911_amd64.deb
fa853e0f3e80a64135bceef3d66ae22c7a7c168b 13093078 ia32-libs-dev_20140911_amd64.deb
Checksums-Sha256:
3afd32897d4bd30cb2e655aa2de341a3e74c81cf98922dd1afad4aa27065c4aa 1546 ia32-libs_20140911.dsc
48506b0d6ad298d7cc77e9b74f0abda25f4e7911abcc9f51aec44b8a0157a9fa 334698469 ia32-libs_20140911.tar.gz
72c14ecf223b39a27f24793db42fac77acf11afad897bfce4a2b69d6bb9fc665 34262108 ia32-libs_20140911_amd64.deb
133ee1081065aa878797ef22775a5ccd59652e19189dfb2c549c2b7e12f31837 13093078 ia32-libs-dev_20140911_amd64.deb
Files:
54e4a1cf5852cf427a68318dcae7f444 1546 libs optional ia32-libs_20140911.dsc
0bedd2f3985f0d9bc6f44d752c90be93 334698469 libs optional ia32-libs_20140911.tar.gz
f42ec15d8cd29d53b26da344b642264e 34262108 libs optional ia32-libs_20140911_amd64.deb
7ab2e408bb7c134a0451b17cdbfe7d86 13093078 libdevel extra ia32-libs-dev_20140911_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJUEfwOAAoJEFb2GnlAHawETwsH/3T7w2Aidfshj7I0DC3G2UOw
FvUEgbxs/1ny8jVnzF1nkQlRrJfPXEG5xQ7ZOGdP5x7jp96KN5bzj3Yzgt1koRuT
T/4Lg2iJMO3h1BtjCkE73KNa8zda9ET6gFg5J/YMiUrwUXLjR9H4NvBsuA8DbL3c
2YNrV3HGZ+Wg7fTZhd1LhIQs2y1yaT1FbPGMoQAVn6wgQpaOxszLmMOuAeR3UTBS
r7BoYmCceu7dAtq8MCBsFKr7OVRoCWW41qM04qkdGiqNyUEOS4FF1iac0koJtKQr
VSzPTZ1X9Sv1EWGdjwaMnZ84DgOI5k8y/EE6z1OtKFfiUi5U+Wz77u+P13cmR10=
=5H9B
-----END PGP SIGNATURE-----
FF1iac0koJtKQr
VSzPTZ1X9Sv1EWGdjwaMnZ84DgOI5k8y/EE6z1OtKFfiUi5U+Wz77u+P13cmR10=
=5H9B
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-lts-changes-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: E1XSBtF-0002YC-VE@franck.debian.org">https://lists.debian.org/E1XSBtF-0002YC-VE@franck.debian.org