Back to sympa PTS page

Accepted sympa 6.2.16~dfsg-3+deb9u3 (source) into oldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted sympa 6.2.16~dfsg-3+deb9u3 (source) into oldstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 07 Oct 2020 21:10:12 +0000
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1kQGhQ-0000ca-5C@seger.debian.org>
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 07 Oct 2020 10:31:34 +0200
Source: sympa
Binary: sympa
Architecture: source
Version: 6.2.16~dfsg-3+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Debian Sympa team <pkg-sympa-devel@lists.alioth.debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Description:
 sympa      - Modern mailing list manager
Closes: 961491
Changes:
 sympa (6.2.16~dfsg-3+deb9u3) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2020-10936: Sympa allows privilege escalation through setuid
     wrappers. (Closes: #961491)
   * Restrict access to sympa_newaliases-wrapper (setuid root) to group
     sympa.
   * Ignore lintian warning due to #863701 fix in 6.2.16~dfsg-3+deb9u2.
Checksums-Sha1:
 64aa5ccca30e9600886630090dd7515f0a13627f 2160 sympa_6.2.16~dfsg-3+deb9u3.dsc
 1d7ff398e6dd88516219631b3bfb5320b072f419 175428 sympa_6.2.16~dfsg-3+deb9u3.debian.tar.xz
 3eaca69c703d02798082f7cf2a8ed45272ab6e9b 7333 sympa_6.2.16~dfsg-3+deb9u3_amd64.buildinfo
Checksums-Sha256:
 a179a5f1353c3cf437df7e518983cd5e158bdbcccc90e8bb4551036ce8a9ebbd 2160 sympa_6.2.16~dfsg-3+deb9u3.dsc
 d446858ad93f8e947dca59f2cf330cc55f288e8a21bd770517880417c7c94013 175428 sympa_6.2.16~dfsg-3+deb9u3.debian.tar.xz
 426e2e5c0e5326d749f30383db02e5df64887a48db284c3f447d8bc48a7a2432 7333 sympa_6.2.16~dfsg-3+deb9u3_amd64.buildinfo
Files:
 656c3241c39deec871d3830c6263fdbb 2160 mail optional sympa_6.2.16~dfsg-3+deb9u3.dsc
 9a1f763e7797c463f486c9b8bf6cb4e2 175428 mail optional sympa_6.2.16~dfsg-3+deb9u3.debian.tar.xz
 43072e9f73eec1701ea11b02db1e9ee5 7333 mail optional sympa_6.2.16~dfsg-3+deb9u3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAl9+JocACgkQj/HLbo2J
BZ/uFQgAkjMobVdJCSOPskwHG0nvv7kowhs3Sq+SL9pfViiEyfGaIFM8+WhuAdAm
vhtl5kigetxFQRDdR8xdrI6Gfp60r19Xo5zMhO9ccrNRSjv/l6BWcQkjIH0T5Hj0
tudnghW0uaBvVWlKQKuJqVhGcP1ANSQWNXDq+Lmb9f02DhOlOCdbdzPdvFNAQmaE
A8veyVwtuDrUMwPMo0CBxbkyNh9MuvYP8FkV78BX1UhbCANMj/hKeMDdOWG0dMWy
gL3aG+sUPabcOESG6kOYnauuSunIm80rXMl/qWi+mP1ePn1jT/km/C1Qv5lgyI9+
ENNGIHvp3Vg3dIcTDJn/WBv5p2Sg0Q==
=fgKJ
-----END PGP SIGNATURE-----