Back to mt-daapd PTS page

Accepted mt-daapd 0.2.4+r1376-1.1+etch1 (source amd64)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon,  9 Jun 2008 06:36:18 +0000
Source: mt-daapd
Binary: mt-daapd
Architecture: source amd64
Version: 0.2.4+r1376-1.1+etch1
Distribution: stable-security
Urgency: high
Maintainer: Joshua Kwan <joshk@triplehelix.org>
Changed-By: Devin Carraway <devin@debian.org>
Description: 
 mt-daapd   - iTunes-compatible DAAP server
Closes: 459961 476241
Changes: 
 mt-daapd (0.2.4+r1376-1.1+etch1) stable-security; urgency=high
 .
   * Non-maintainer upload by the security team
   * Apply backport of upstream fixes for two related
     vulnerabilities (Closes: #459961):
     + CVE-2007-5824: Remote denial-of-service through a null pointer
       dereference in src/webserver.c's authorization header handling
     + CVE-2007-5825: Remote arbitrary code execution through a format
       string vulnerability in authorization header of an /xml-rpc request
   * Apply fix from Nico Golde <nion@debian.org> for CVE-2008-1771, an
     integer overflow vulnerability also in src/webserver.c, potentilly
     enabling execution of arbitrary code (Closes: #476241)
Files: 
 a303c40811df75fd395c28485d038ceb 765 sound optional mt-daapd_0.2.4+r1376-1.1+etch1.dsc
 c427c26e93914290b7cd615835ea333a 995301 sound optional mt-daapd_0.2.4+r1376.orig.tar.gz
 a565dacb5773182a44b367b6c78a0da8 8929 sound optional mt-daapd_0.2.4+r1376-1.1+etch1.diff.gz
 9297976354240c5a75b2c3636fe0746d 610844 sound optional mt-daapd_0.2.4+r1376-1.1+etch1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFITOyZU5XKDemr/NIRAjnwAKDPSxgW//tr2N7GewWAvyUIHWYS3QCeNlN2
A3JUS/iPA+M/yIpWDPGPlBc=
=bwia
-----END PGP SIGNATURE-----


Accepted:
mt-daapd_0.2.4+r1376-1.1+etch1.diff.gz
  to pool/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1.diff.gz
mt-daapd_0.2.4+r1376-1.1+etch1.dsc
  to pool/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1.dsc
mt-daapd_0.2.4+r1376-1.1+etch1_amd64.deb
  to pool/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_amd64.deb