Accepted pam-u2f 1.0.8-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 20 Jul 2019 13:01:18 +0200
Source: pam-u2f
Architecture: source
Version: 1.0.8-1
Distribution: unstable
Urgency: high
Maintainer: Debian Authentication Maintainers <team+auth@tracker.debian.org>
Changed-By: Nicolas Braud-Santoni <nicoo@debian.org>
Closes: 930021 930023
Changes:
pam-u2f (1.0.8-1) unstable; urgency=high (security)
.
[ Nicolas Braud-Santoni ]
* New upstream version 1.0.8 (2019-06-04)
+ Fix insecure debug file handling CVE-2019-12209. (Closes: #930021)
+ Fix debug file descriptor leak CVE-2019-12210. (Closes: #930023)
+ Fix a non-critical buffer out-of-bounds access.
.
* Comply with Debian policy v4.4.0
+ debian/control: Set Rules-Requires-Root to no
+ debian/rules: Install upstream's changelog
.
* debian/control: Update my email address
* debian/gbp.conf: Move the packaging ranch to debian/sid
.
[ Simon Josefsson ]
* Drop myself from Uploader's.
Checksums-Sha1:
50ed2dd861a6dc76dfe357f1802465b1c38d3d8e 2059 pam-u2f_1.0.8-1.dsc
5d925e314ce45ed0e354e58240e6d94d25dbee4f 384163 pam-u2f_1.0.8.orig.tar.gz
47df77d5e2468d851208147ed318f87e9bf3fa28 50580 pam-u2f_1.0.8-1.debian.tar.xz
ea68586ff89ed227ee0dcb056ea3b228bc3db373 6441 pam-u2f_1.0.8-1_amd64.buildinfo
Checksums-Sha256:
351504138974f823b02ad75cdcef30a617aa4582de549919551328aa50288716 2059 pam-u2f_1.0.8-1.dsc
52a203a6fab6160e06c1369ff104afed62007ca3ffbb40c297352232fa975c99 384163 pam-u2f_1.0.8.orig.tar.gz
d2e2707fb82a986ccede92f4ca05845f605e8a94ee77e5a61788cdd7702085c2 50580 pam-u2f_1.0.8-1.debian.tar.xz
c111b3c705ba8219c9ab737100fbc7be0f760f746a4e82c5a677c7a8497022d3 6441 pam-u2f_1.0.8-1_amd64.buildinfo
Files:
4f46d48921b239886368efbedafdbe21 2059 admin optional pam-u2f_1.0.8-1.dsc
e39e6bbb73921a7e015319fe8397b890 384163 admin optional pam-u2f_1.0.8.orig.tar.gz
24e962d24313019ea4491b8f0d10e535 50580 admin optional pam-u2f_1.0.8-1.debian.tar.xz
e51f61ac93398e7d2fb5af663a0606cc 6441 admin optional pam-u2f_1.0.8-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEU7EqA8ZVHYoLJhPE5vmO4pLV7MsFAl0y9k4ACgkQ5vmO4pLV
7MulxQ//X4aX6pv5qvAo+htY67UE+2l/zGVgywYqlolslNbhxiL3W8qDP1wCfP65
xyyaFCaroVTjg9xMssnH9Icb5x+myMOytCRrBswQA6piWX52vTt24rO1BAvYLRjQ
rbT9X9AsRGYlVvQS2MeU6goFM+5KuGGkn7X4sdbHrwIfDiqrgRRf6p22yBcIWHS+
J3LENMxrN9XP+WjL4+vKpbZBzExaPMESqhydf7lLFB2dVe2BsFkpbNRY7I+m3hMQ
E/Uz9WP/P3YLUrtk331O4xQcePqFrcwcm5ssHmU8RLWpj2/gCyqytLUde3JBU0Nn
/cTcJX+DL96dJ22I8Bkl/w51BWjlwIilPYtBtWx7SLTJbYy1NWQ5gYXsFjGRCn3P
5rso3hEZDc6MBMvGA00H9R5JleG5MhNBSAynheCc8bl47OTkvLxK25fQkLEqeRj9
UdVcRH4zpysqFvmFtXIAh1Y41E5nIJLk6Ij69mFcFytTPDYZSQoTOpNuqqBJ+kN+
5Y93K8P2PoQTzPNEpfqC+9sPGg5tdP4xuYxbMoPKwwAGnFIoExseGuFbC2RebnOf
vwRq1gFRxhLDgfv5ofQG8L29w7Y5lZ0rydXmLTeGpMQNEobWm8BPKE9ja+PlTAeV
9VQ0vZj5gOqo057eIAw8fQIerd6RpDRG7VzT584FyKknzr8CQZs=
=FnsC
-----END PGP SIGNATURE-----