Accepted pound 2.6-6+deb8u2 (source amd64) into oldoldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 29 Apr 2020 19:03:02 +0200
Source: pound
Binary: pound
Architecture: source amd64
Version: 2.6-6+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Brett Parker <iDunno@sommitrealweird.co.uk>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
pound - reverse proxy, load balancer and HTTPS front-end for Web servers
Changes:
pound (2.6-6+deb8u2) jessie-security; urgency=high
.
* Non-maintainer upload by the LTS Team.
* CVE-2016-10711
A request smuggling vulnerability was discovered in pound that may allow
attackers to send a specially crafted http request to a web server or
reverse proxy while pound may see a different set of requests.
This facilitates several possible exploitations, such as partial cache
poisoning, bypassing firewall protection and XSS.
Checksums-Sha1:
d256af44f2fb9c9e79a12c3a7786e807229b6509 1914 pound_2.6-6+deb8u2.dsc
91ba84c6db579b06dc82fceb790e55e344b1dc40 180595 pound_2.6.orig.tar.gz
ddc634cdd7d6e91cbe91d6b74346eee981a167e9 16000 pound_2.6-6+deb8u2.debian.tar.xz
95f146d3e6ce38b1a370c9f0ffce7ad83533fa7c 103154 pound_2.6-6+deb8u2_amd64.deb
Checksums-Sha256:
b36e7a5e06cbf5458a1d97cb5b25b9dc41509567dfe6b74cf28dddf834024835 1914 pound_2.6-6+deb8u2.dsc
0ad25e3652e22117abbc17a70b5d8913e05991318a5506bc7437e662616fdf21 180595 pound_2.6.orig.tar.gz
be119df05c7427e344eaf77e025bdea2ac6a35971b3dbff51e840dbf16e2accc 16000 pound_2.6-6+deb8u2.debian.tar.xz
9bf22cd5582ce25115ec74b4dc8fe7afa438cbfc92517ddeb8704ce2ed241a12 103154 pound_2.6-6+deb8u2_amd64.deb
Files:
902b8359f06754fe24e5ca5b23fbe24e 1914 net extra pound_2.6-6+deb8u2.dsc
8c913b527332694943c4c67c8f152071 180595 net extra pound_2.6.orig.tar.gz
72319580b182ec82e47fc17bf9dd8c02 16000 net extra pound_2.6-6+deb8u2.debian.tar.xz
2382a445b4fd9a0c5167b64062477136 103154 net extra pound_2.6-6+deb8u2_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl6qeDVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR077D/4z4YcYKm4Mzoci09W/hdAQUVuQ78+r
VpZAK9N3YOFEV9JgV49EZmsLjwWv9vE/n00GUenM30GIGFcM94ZaPI14xh23RDla
p7bdCNAhtX+Qzd4kEHhkjvVeScfOyT3diEtNNrL55x3Zi0iVWz3TbZO5dQvcjqsb
9BSzqlVoqQ+t8+PR7ebjB5s97Fo/NC9d0z3F2fzYhy02yJtf1veYI7A7+bhiaKiD
wVt9BpMsewDZcNH1Qo+JqLxGZI4qyA4AeglAZ2RpVkPp3lyUsYDj+V6lk6UZJVdO
i5IO4GcROocFtOXZyWKkjAnEhwWsvwYuWTvwqUVGvgbxRqhxhycG7HxRQZ1mivcx
S+cqwWr3MZBCgXZYp3DiZeeOAUm46V0W170CLReXh3MSVwYMdvpQ3WrFCL5UhWUW
DLgDSuQmYlL1lgBpqbFE0tLSUooWc8/Nqu7zYsdhcoI+oHFKJw4TGG2+Jo9M78GH
klCMVM/MwimsVy/8e0f++wUy9X5F7AuZL4KbHwHuGOiF6gu99yy+LCVZrK1WIP0y
gyxZ3CCxf6xbkid8e91RWBz77bfvbtECg4dsx1bIyOFcdxPxrLVvAc47wSN17/qX
546bWP7j24mKFmQ+nAKDEaPa7RcjbXHU7CexV7pbON9Z9V9Az8qVkWRMQltFdpHg
y0fNZP0JBHouRQ==
=ZfWD
-----END PGP SIGNATURE-----