Accepted ia32-libs 20160228 (source amd64) into squeeze-lts
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 28 Feb 2016 11:54:58 +0100
Source: ia32-libs
Binary: ia32-libs ia32-libs-dev
Architecture: source amd64
Version: 20160228
Distribution: squeeze-lts
Urgency: low
Maintainer: Debian ia32-libs Team <pkg-ia32-libs-maintainers@lists.alioth.debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description:
ia32-libs - ia32 shared libraries for use on amd64 and ia64 systems
ia32-libs-dev - ia32 development files for use on amd64 and ia64 systems
Changes:
ia32-libs (20160228) squeeze-lts; urgency=low
.
* Packages updated
.
[ krb5 (1.8.3+dfsg-4squeeze11) squeeze-lts; urgency=medium ]
.
* Non-maintainer upload by the Squeeze LTS Team.
* patches taken from the Wheezy version
(prepared by Salvatore Bonaccorso)
* Verify decoded kadmin C strings [CVE-2015-8629]
CVE-2015-8629: An authenticated attacker can cause kadmind to read
beyond the end of allocated memory by sending a string without a
terminating zero byte. Information leakage may be possible for an
attacker with permission to modify the database. (#813296)
* Fix leaks in kadmin server stubs [CVE-2015-8631]
CVE-2015-8631: An authenticated attacker can cause kadmind to leak
memory by supplying a null principal name in a request which uses one.
Repeating these requests will eventually cause kadmind to exhaust all
available memory. (#813126)
.
[ libssh2 (1.2.6-1+deb6u2) squeeze-lts; urgency=high ]
.
* Non-maintainer upload by the Debian LTS team
* diffie_hellman_sha256: convert bytes to bits (CVE-2016-0787)
.
[ nss (3.12.8-1+squeeze14) squeeze-lts; urgency=medium ]
.
* Non-maintainer upload by the Debian LTS Team.
* Add CVE-2016-1938.patch:
CVE-2016-1938: The s_mp_div function improperly divides numbers
.
[ openssl (0.9.8o-4squeeze23) squeeze-lts; urgency=medium ]
.
* Fix CVE-2015-3197
* Always generate new key for DHE.
.
[ tiff (3.9.4-5+squeeze14) squeeze-lts; urgency=medium ]
.
* Non-maintainer upload by the Squeeze LTS Team
* Fix CVE-2015-8781, CVE-2015-8782 and CVE-2015-8783: out-of-band read/write
when decoding invalid data
* Fix CVE-2015-8784: potential out-of-bound write in NeXTDecode()
.
[ tiff (3.9.4-5+squeeze13) squeeze-lts; urgency=medium ]
.
* Non-maintainer upload by the Debian LTS Team.
* Fix CVE-2015-8665: Out-of-bounds read in TIFFRGBAImage interface.
* Fix CVE-2015-8683: Out-of-bounds read in CIE Lab image format.
Checksums-Sha1:
6a1815cbea9bc7705c5e1ba36771a1d6906629b4 1548 ia32-libs_20160228.dsc
096298b9369a068bf22ae0148a65bcd3364460aa 335235152 ia32-libs_20160228.tar.gz
4a61947f3d9abad67376155024321b4cb2ec903e 34281432 ia32-libs_20160228_amd64.deb
d31af4cfe11372b7735b6b2661aa119fd7eda916 13098456 ia32-libs-dev_20160228_amd64.deb
Checksums-Sha256:
dc6c5b9177edce33ab60c6550109fd6b284127a635ad71c4707a7a4b3f320cc7 1548 ia32-libs_20160228.dsc
2542732c55716372211b70293408a6e3c19e9dc816a2ef33132482c6b68e0ba9 335235152 ia32-libs_20160228.tar.gz
4b97c424b0cf42ad34dd52c10f305d03710a2458b9f4905b479b7d406d628491 34281432 ia32-libs_20160228_amd64.deb
2396bf4433869e5b06be1e6a95fb44cccdb4aa76267822872876323d56f1553c 13098456 ia32-libs-dev_20160228_amd64.deb
Files:
138c28032b85866c932555f4620a9eb0 1548 libs optional ia32-libs_20160228.dsc
340d0fb6487b4a74d9570fea94683a99 335235152 libs optional ia32-libs_20160228.tar.gz
d367f97dd673aa75e53f2fc96aa5a2ca 34281432 libs optional ia32-libs_20160228_amd64.deb
7726106e4c46be05b31de050d9c9cc1e 13098456 libdevel extra ia32-libs-dev_20160228_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJW0thjAAoJEFb2GnlAHawECwgH/0fvfrTixHze6zepLjgQO6C3
Y4pPl8lpSNfK5J+7YibIB58IM39obLkFD56OSfLMwleddzcEz2z0pQICK01Pi7rT
ITZv+F1fgPcqittOLrUc6rPsQP58eqe2BvDqhwb+v71dbaHdDZUrxASjTEsmxAG8
tVOjMuvW423QN7Eg8FxCGBWh3NWLn6rPNjTjTZC7OHKYAuAKmQ50l5jqtYvXWpfK
NDTZHuZWzyzRlIx4Vz5SRWh7l5GllYw2ownrzyuWPmIgysOAxFfTU4S1F5Hra4kD
NmDEQ9O0ZZUHmM1TdFBofna2WmyjVOhZGX99B/3WcUPysqJniIB9Awg8JLHiJ9c=
=WxSw
-----END PGP SIGNATURE-----