========================================= Sat, 12 Apr 2008 - Debian 3.1r8 released ========================================= oldstable/main/binary-sparc/libxine-dev_1.0.1-1sarge7_sparc.deb oldstable/main/binary-sparc/libxine1_1.0.1-1sarge7_sparc.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-s390/libxine1_1.0.1-1sarge7_s390.deb oldstable/main/binary-s390/libxine-dev_1.0.1-1sarge7_s390.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-powerpc/libxine-dev_1.0.1-1sarge7_powerpc.deb oldstable/main/binary-powerpc/libxine1_1.0.1-1sarge7_powerpc.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-mipsel/libxine1_1.0.1-1sarge7_mipsel.deb oldstable/main/binary-mipsel/libxine-dev_1.0.1-1sarge7_mipsel.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-mips/libxine1_1.0.1-1sarge7_mips.deb oldstable/main/binary-mips/libxine-dev_1.0.1-1sarge7_mips.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-m68k/libxine-dev_1.0.1-1sarge7_m68k.deb oldstable/main/binary-m68k/libxine1_1.0.1-1sarge7_m68k.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-ia64/libxine-dev_1.0.1-1sarge7_ia64.deb oldstable/main/binary-ia64/libxine1_1.0.1-1sarge7_ia64.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-hppa/libxine1_1.0.1-1sarge7_hppa.deb oldstable/main/binary-hppa/libxine-dev_1.0.1-1sarge7_hppa.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-arm/libxine1_1.0.1-1sarge7_arm.deb oldstable/main/binary-arm/libxine-dev_1.0.1-1sarge7_arm.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-amd64/libxine-dev_1.0.1-1sarge7_amd64.deb oldstable/main/binary-amd64/libxine1_1.0.1-1sarge7_amd64.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-alpha/libxine-dev_1.0.1-1sarge7_alpha.deb oldstable/main/binary-alpha/libxine1_1.0.1-1sarge7_alpha.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/source/xine-lib_1.0.1-1sarge7.diff.gz oldstable/main/source/xine-lib_1.0.1-1sarge7.dsc oldstable/main/binary-i386/libxine-dev_1.0.1-1sarge7_i386.deb oldstable/main/binary-i386/libxine1_1.0.1-1sarge7_i386.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-sparc/libxpm4_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libx11-6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xserver-common_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxaw7_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxmuu1_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxext-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libdps-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libx11-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xfs_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xutils_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-dri_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxext6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxi-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxtrap6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxi6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxv1_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxext6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libice6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxtst6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxp6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibosmesa-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/proxymngr_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libsm-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/x-window-system-core_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libice6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxt6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxmu6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/lbxproxy_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libdps1-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xmh_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxmuu-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxmu-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxv-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxp-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/twm_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxtst-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xterm_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxp6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xvfb_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xbase-clients_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libdps1_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa3_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libsm6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxt-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xserver-xfree86_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xdm_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxrandr2_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxaw6-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxft1-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxt6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxft1_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxi6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibosmesa4_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libsm6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxaw6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxpm-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxaw7-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxv1-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxrandr-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xfwp_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libice-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/x-window-system-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xnest_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxtrap-dev_4.3.0.dfsg.1-14sarge7_sparc.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-s390/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libdps-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxv1_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxext-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/x-window-system-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxp-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libdps1_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xbase-clients_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/twm_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxext6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xterm_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxi6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxmu-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/x-window-system-core_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibmesa3_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxmu6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxft1-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxtst6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxpm-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xutils_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libx11-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xmh_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxaw6-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxv1-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xserver-common_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libice6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxp6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxtrap-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libice-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxmuu1_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxpm4_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libsm-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libsm6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxtrap6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxrandr-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxext6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xnest_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxt-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxi6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxaw7_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libdps1-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxtst-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxrandr2_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xvfb_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxp6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxt6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxv-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xfs_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libice6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxt6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xdm_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libsm6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xfwp_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxmuu-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/lbxproxy_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxi-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxft1_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxaw7-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libx11-6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/proxymngr_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxaw6_4.3.0.dfsg.1-14sarge7_s390.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-powerpc/xmh_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxft1-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxmuu1_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/proxymngr_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxmu6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libx11-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xutils_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibosmesa-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/x-window-system-core_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libice-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxaw7-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libdps1-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxrandr-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxpm4_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xnest_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa3_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/x-window-system-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxi6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libsm6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxext6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxrandr2_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxtst-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/lbxproxy_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xdm_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxft1_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xterm_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxpm-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xvfb_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/twm_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxi-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xbase-clients_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxaw6-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xfwp_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libice6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxext6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xfs_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxv1_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxaw6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libsm-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxt-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxv-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-dri_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xserver-common_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxaw7_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libsm6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libx11-6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxp6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxmuu-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxp6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxt6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxtrap6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libdps-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxi6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxp-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxt6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xserver-xfree86_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxtst6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxv1-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libice6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibosmesa4_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxext-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxtrap-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libdps1_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxmu-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-mipsel/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxaw6-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xserver-common_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libsm6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxft1-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxpm-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/x-window-system-core_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxft1_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxp6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxpm4_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xmh_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxp-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxmuu-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xfs_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xterm_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libice6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxtrap6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xnest_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libx11-6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libdps1_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xdm_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxrandr-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxext6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libx11-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxi6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xfwp_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxaw7_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxmu6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxv-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xbase-clients_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/twm_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/lbxproxy_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxv1-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxp6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxi6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibmesa3_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xserver-xfree86_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libice6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxtst6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxt-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xutils_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libsm6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxaw6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xvfb_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxi-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxt6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libdps-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/proxymngr_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/x-window-system-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxv1_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxaw7-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxmu-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxt6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxmuu1_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxtrap-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libice-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libsm-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxrandr2_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxext-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libdps1-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxtst-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxext6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-mips/libxmu6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxext-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libdps-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/twm_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xdm_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxmuu-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxp6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxext6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxaw6-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxi6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxt-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxt6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xserver-common_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xbase-clients_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxtst6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxft1-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xmh_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxp-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libice6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/x-window-system-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxv1-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxmuu1_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libx11-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libsm6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxp6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xutils_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libdps1_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xfs_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxi6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xterm_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxv-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxpm-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxft1_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libdps1-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xserver-xfree86_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/proxymngr_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libsm6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxext6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xfwp_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxaw6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/x-window-system-core_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xnest_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxmu-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxrandr-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxaw7-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxv1_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxaw7_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxrandr2_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/lbxproxy_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxt6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libsm-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxtrap-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libice-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libice6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xvfb_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxtrap6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxtst-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libx11-6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxi-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxpm4_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibmesa3_4.3.0.dfsg.1-14sarge7_mips.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-m68k/libsm6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/proxymngr_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/x-window-system-core_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libice-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxv1-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxrandr-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xserver-xfree86_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libsm6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxv-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxp6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/twm_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxi6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xbase-clients_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxmuu-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xterm_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxtst-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xserver-common_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xvfb_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibmesa3_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xdm_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxtrap6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xfwp_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxt-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxrandr2_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxmu-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxft1-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libdps1_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxaw7-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxt6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xfs_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxmuu1_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libx11-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/lbxproxy_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxt6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxext6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxp-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libdps-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xutils_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxpm-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libice6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxmu6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxext6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxaw6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libsm-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxaw7_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxp6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxi-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libx11-6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxv1_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/x-window-system-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxext-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxft1_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libice6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxtrap-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxpm4_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxi6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libdps1-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxaw6-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xmh_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxtst6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xnest_4.3.0.dfsg.1-14sarge7_m68k.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-ia64/xutils_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxext-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxaw6-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxmuu-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxft1_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxext6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxp6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxp6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libsm-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libdps1-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libdps1_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibosmesa4_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libx11-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xbase-clients_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxi6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-dri_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libdps-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/twm_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xdm_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/x-window-system-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxp-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxaw7-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxext6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxv-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxaw7_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibosmesa-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxtst6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxv1-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libx11-6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxi6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxmu-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxpm-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/x-window-system-core_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xterm_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libice6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libsm6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/lbxproxy_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/proxymngr_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxtrap-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libice-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxrandr2_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxt-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxft1-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxi-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxmuu1_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxpm4_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxrandr-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxv1_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xnest_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libice6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xserver-xfree86_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxmu6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxaw6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxtrap6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xfwp_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxtst-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxt6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xmh_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xvfb_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa3_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxt6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xserver-common_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libsm6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xfs_4.3.0.dfsg.1-14sarge7_ia64.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-hppa/libxi6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxaw7-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxpm4_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xfs_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxft1_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxt-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xterm_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxext6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xmh_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxaw6-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxext6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxi6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxt6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxv-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libsm6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxmuu1_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libsm-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libx11-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xutils_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxp-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxaw7_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxv1_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xdm_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxft1-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxt6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibmesa3_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxp6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxv1-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxmuu-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libx11-6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/x-window-system-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libdps-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxi-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libsm6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/proxymngr_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xserver-xfree86_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxaw6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxext-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xfwp_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxtst6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxtrap6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxmu-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libdps1-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libice6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxp6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxrandr-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxrandr2_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxmu6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xnest_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libice6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxtrap-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/x-window-system-core_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libice-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxpm-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xserver-common_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxtst-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xvfb_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/twm_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/lbxproxy_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libdps1_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xbase-clients_4.3.0.dfsg.1-14sarge7_hppa.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-arm/libxi6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxext-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xmh_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxt6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxtst6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libdps1_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxmuu-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/twm_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxext6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibmesa3_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xbase-clients_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxp6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxmuu1_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxv-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xdm_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxaw6-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxv1_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxft1_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxp-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/proxymngr_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxft1-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxtrap6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libx11-6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libsm6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxmu-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/lbxproxy_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xfs_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xnest_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxi6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxrandr-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libdps-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libsm-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xutils_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxaw7_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xserver-xfree86_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libx11-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxi-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxaw6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xvfb_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxaw7-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xfwp_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxtst-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xterm_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libice6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/x-window-system-core_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libdps1-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxp6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxrandr2_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/x-window-system-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libsm6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libice6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxmu6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xserver-common_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxv1-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxpm4_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxt6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxt-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxpm-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxtrap-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxext6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libice-dev_4.3.0.dfsg.1-14sarge7_arm.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-amd64/libxaw6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libice6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xfwp_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xvfb_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxrandr2_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libx11-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xutils_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxmu6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libx11-6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxtst-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-dri_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxv1-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xbase-clients_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxi6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/x-window-system-core_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/twm_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxext6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxft1-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibosmesa-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libsm6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/x-window-system-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxp-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxpm4_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxi6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxft1_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibosmesa4_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xnest_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxext-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxext6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxrandr-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libsm6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libice-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxtrap-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xdm_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libice6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxtrap6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xmh_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libsm-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxv-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxt-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxaw7_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/lbxproxy_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxmuu1_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxaw6-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libdps1-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xserver-common_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxp6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxt6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxt6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxi-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libdps-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxpm-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa3_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxaw7-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xfs_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/proxymngr_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxtst6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxp6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxmuu-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxv1_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxmu-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libdps1_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xterm_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xserver-xfree86_4.3.0.dfsg.1-14sarge7_amd64.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-alpha/libxft1-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xnest_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xfwp_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxrandr-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxaw6-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxt6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libdps-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxaw7-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxtst6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xvfb_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libsm6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxtst-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libdps1_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xdm_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xutils_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxext6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libx11-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxv1_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxaw6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xfs_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libx11-6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libice6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libsm-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xterm_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxv1-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libdps1-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxp6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxp6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxrandr2_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libice-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxtrap-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxt-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xbase-clients_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxpm4_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxi-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libice6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxtrap6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/x-window-system-core_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/x-window-system-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibosmesa-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxft1_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxmuu-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/twm_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxi6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxmu-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxext6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxi6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxp-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibosmesa4_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxmu6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxv-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxt6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xmh_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxext-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxaw7_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/lbxproxy_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xserver-common_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/proxymngr_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libsm6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-dri_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxpm-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xserver-xfree86_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa3_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxmuu1_4.3.0.dfsg.1-14sarge7_alpha.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-i386/libxmuu-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libice6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxp6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xfree86-common_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libxtrap6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xlibs_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libsm6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxrandr2_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxmu-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxpm4_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxv1_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xserver-xfree86_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxv1-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxaw6-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxaw6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxmu6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xfwp_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xfonts-base_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libx11-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-all/xfonts-75dpi_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/xutils_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/x-window-system_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/proxymngr_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xlibs-dbg_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-all/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libxi-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libdps-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxt6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxmuu1_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libdps1-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxp6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xnest_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxext6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xfonts-scalable_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libxt6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxrandr-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxpm-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xlibs-data_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libxi6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xdm_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xterm_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/x-dev_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-all/pm-dev_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxaw7_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xlibs-pic_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-all/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/xlibosmesa4_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xfonts-100dpi_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libdps1_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/source/xfree86_4.3.0.dfsg.1-14sarge7.dsc oldstable/main/binary-i386/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libsm-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libsm6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxv-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libice-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxtrap-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxt-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/lbxproxy_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xmh_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxtst6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xvfb_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/source/xfree86_4.3.0.dfsg.1-14sarge7.diff.gz oldstable/main/binary-i386/libxi6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xspecs_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libx11-6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xbase-clients_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xfs_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxft1_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xserver-common_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xlibs-dev_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxext6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibosmesa-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/twm_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/x-window-system-core_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxft1-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa3_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libice6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xfonts-cyrillic_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libxp-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/x-window-system-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxext-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xlibmesa-dev_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libxaw7-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxtst-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa-dri_4.3.0.dfsg.1-14sarge7_i386.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-sparc/wzdftpd-back-mysql_0.5.2-1.1sarge3_sparc.deb oldstable/main/binary-sparc/wzdftpd_0.5.2-1.1sarge3_sparc.deb oldstable/main/binary-sparc/wzdftpd-mod-perl_0.5.2-1.1sarge3_sparc.deb oldstable/main/binary-sparc/wzdftpd-mod-tcl_0.5.2-1.1sarge3_sparc.deb oldstable/main/binary-sparc/wzdftpd-dev_0.5.2-1.1sarge3_sparc.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-s390/wzdftpd-back-mysql_0.5.2-1.1sarge3_s390.deb oldstable/main/binary-s390/wzdftpd-mod-perl_0.5.2-1.1sarge3_s390.deb oldstable/main/binary-s390/wzdftpd-dev_0.5.2-1.1sarge3_s390.deb oldstable/main/binary-s390/wzdftpd-mod-tcl_0.5.2-1.1sarge3_s390.deb oldstable/main/binary-s390/wzdftpd_0.5.2-1.1sarge3_s390.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-powerpc/wzdftpd_0.5.2-1.1sarge3_powerpc.deb oldstable/main/binary-powerpc/wzdftpd-mod-perl_0.5.2-1.1sarge3_powerpc.deb oldstable/main/binary-powerpc/wzdftpd-mod-tcl_0.5.2-1.1sarge3_powerpc.deb oldstable/main/binary-powerpc/wzdftpd-dev_0.5.2-1.1sarge3_powerpc.deb oldstable/main/binary-powerpc/wzdftpd-back-mysql_0.5.2-1.1sarge3_powerpc.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-mipsel/wzdftpd-mod-tcl_0.5.2-1.1sarge3_mipsel.deb oldstable/main/binary-mipsel/wzdftpd-back-mysql_0.5.2-1.1sarge3_mipsel.deb oldstable/main/binary-mipsel/wzdftpd_0.5.2-1.1sarge3_mipsel.deb oldstable/main/binary-mipsel/wzdftpd-dev_0.5.2-1.1sarge3_mipsel.deb oldstable/main/binary-mipsel/wzdftpd-mod-perl_0.5.2-1.1sarge3_mipsel.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-mips/wzdftpd-back-mysql_0.5.2-1.1sarge3_mips.deb oldstable/main/binary-mips/wzdftpd-mod-tcl_0.5.2-1.1sarge3_mips.deb oldstable/main/binary-mips/wzdftpd-mod-perl_0.5.2-1.1sarge3_mips.deb oldstable/main/binary-mips/wzdftpd_0.5.2-1.1sarge3_mips.deb oldstable/main/binary-mips/wzdftpd-dev_0.5.2-1.1sarge3_mips.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-m68k/wzdftpd-back-mysql_0.5.2-1.1sarge3_m68k.deb oldstable/main/binary-m68k/wzdftpd-mod-tcl_0.5.2-1.1sarge3_m68k.deb oldstable/main/binary-m68k/wzdftpd-dev_0.5.2-1.1sarge3_m68k.deb oldstable/main/binary-m68k/wzdftpd_0.5.2-1.1sarge3_m68k.deb oldstable/main/binary-m68k/wzdftpd-mod-perl_0.5.2-1.1sarge3_m68k.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-ia64/wzdftpd-dev_0.5.2-1.1sarge3_ia64.deb oldstable/main/binary-ia64/wzdftpd_0.5.2-1.1sarge3_ia64.deb oldstable/main/binary-ia64/wzdftpd-mod-tcl_0.5.2-1.1sarge3_ia64.deb oldstable/main/binary-ia64/wzdftpd-back-mysql_0.5.2-1.1sarge3_ia64.deb oldstable/main/binary-ia64/wzdftpd-mod-perl_0.5.2-1.1sarge3_ia64.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-hppa/wzdftpd-back-mysql_0.5.2-1.1sarge3_hppa.deb oldstable/main/binary-hppa/wzdftpd-dev_0.5.2-1.1sarge3_hppa.deb oldstable/main/binary-hppa/wzdftpd_0.5.2-1.1sarge3_hppa.deb oldstable/main/binary-hppa/wzdftpd-mod-perl_0.5.2-1.1sarge3_hppa.deb oldstable/main/binary-hppa/wzdftpd-mod-tcl_0.5.2-1.1sarge3_hppa.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-arm/wzdftpd-back-mysql_0.5.2-1.1sarge3_arm.deb oldstable/main/binary-arm/wzdftpd-dev_0.5.2-1.1sarge3_arm.deb oldstable/main/binary-arm/wzdftpd-mod-tcl_0.5.2-1.1sarge3_arm.deb oldstable/main/binary-arm/wzdftpd-mod-perl_0.5.2-1.1sarge3_arm.deb oldstable/main/binary-arm/wzdftpd_0.5.2-1.1sarge3_arm.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-amd64/wzdftpd-mod-perl_0.5.2-1.1sarge3_amd64.deb oldstable/main/binary-amd64/wzdftpd-dev_0.5.2-1.1sarge3_amd64.deb oldstable/main/binary-amd64/wzdftpd_0.5.2-1.1sarge3_amd64.deb oldstable/main/binary-amd64/wzdftpd-mod-tcl_0.5.2-1.1sarge3_amd64.deb oldstable/main/binary-amd64/wzdftpd-back-mysql_0.5.2-1.1sarge3_amd64.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-alpha/wzdftpd-dev_0.5.2-1.1sarge3_alpha.deb oldstable/main/binary-alpha/wzdftpd-back-mysql_0.5.2-1.1sarge3_alpha.deb oldstable/main/binary-alpha/wzdftpd-mod-perl_0.5.2-1.1sarge3_alpha.deb oldstable/main/binary-alpha/wzdftpd_0.5.2-1.1sarge3_alpha.deb oldstable/main/binary-alpha/wzdftpd-mod-tcl_0.5.2-1.1sarge3_alpha.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-i386/wzdftpd_0.5.2-1.1sarge3_i386.deb oldstable/main/source/wzdftpd_0.5.2-1.1sarge3.diff.gz oldstable/main/binary-i386/wzdftpd-mod-tcl_0.5.2-1.1sarge3_i386.deb oldstable/main/binary-i386/wzdftpd-mod-perl_0.5.2-1.1sarge3_i386.deb oldstable/main/binary-i386/wzdftpd-dev_0.5.2-1.1sarge3_i386.deb oldstable/main/binary-i386/wzdftpd-back-mysql_0.5.2-1.1sarge3_i386.deb oldstable/main/source/wzdftpd_0.5.2-1.1sarge3.dsc wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-m68k/wesnoth-server_0.9.0-8_m68k.deb oldstable/main/binary-m68k/wesnoth-editor_0.9.0-8_m68k.deb oldstable/main/binary-m68k/wesnoth_0.9.0-8_m68k.deb wesnoth (0.9.0-8) oldstable; urgency=low * Remove WML turn_cmd which can lead to forking yes and through that 100% CPU usage and stdout filling [CVE-2007-6201]. Patch 05_CVE-2007-6201 was pulled from upstream svn (revision 21907). oldstable/main/binary-arm/wesnoth-editor_0.9.0-8_arm.deb oldstable/main/binary-arm/wesnoth_0.9.0-8_arm.deb oldstable/main/binary-arm/wesnoth-server_0.9.0-8_arm.deb wesnoth (0.9.0-8) oldstable; urgency=low * Remove WML turn_cmd which can lead to forking yes and through that 100% CPU usage and stdout filling [CVE-2007-6201]. Patch 05_CVE-2007-6201 was pulled from upstream svn (revision 21907). oldstable/main/binary-sparc/mount_2.12p-4sarge2_sparc.deb oldstable/main/binary-sparc/util-linux_2.12p-4sarge2_sparc.deb oldstable/main/binary-sparc/fdisk-udeb_2.12p-4sarge2_sparc.udeb oldstable/main/binary-sparc/bsdutils_2.12p-4sarge2_sparc.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-s390/util-linux_2.12p-4sarge2_s390.deb oldstable/main/binary-s390/mount_2.12p-4sarge2_s390.deb oldstable/main/binary-s390/fdisk-udeb_2.12p-4sarge2_s390.udeb oldstable/main/binary-s390/bsdutils_2.12p-4sarge2_s390.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-powerpc/mount_2.12p-4sarge2_powerpc.deb oldstable/main/binary-powerpc/fdisk-udeb_2.12p-4sarge2_powerpc.udeb oldstable/main/binary-powerpc/util-linux_2.12p-4sarge2_powerpc.deb oldstable/main/binary-powerpc/bsdutils_2.12p-4sarge2_powerpc.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-mipsel/fdisk-udeb_2.12p-4sarge2_mipsel.udeb oldstable/main/binary-mipsel/mount_2.12p-4sarge2_mipsel.deb oldstable/main/binary-mipsel/util-linux_2.12p-4sarge2_mipsel.deb oldstable/main/binary-mipsel/bsdutils_2.12p-4sarge2_mipsel.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-mips/mount_2.12p-4sarge2_mips.deb oldstable/main/binary-mips/util-linux_2.12p-4sarge2_mips.deb oldstable/main/binary-mips/fdisk-udeb_2.12p-4sarge2_mips.udeb oldstable/main/binary-mips/bsdutils_2.12p-4sarge2_mips.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-m68k/mount_2.12p-4sarge2_m68k.deb oldstable/main/binary-m68k/bsdutils_2.12p-4sarge2_m68k.deb oldstable/main/binary-m68k/util-linux_2.12p-4sarge2_m68k.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-ia64/util-linux_2.12p-4sarge2_ia64.deb oldstable/main/binary-ia64/fdisk-udeb_2.12p-4sarge2_ia64.udeb oldstable/main/binary-ia64/mount_2.12p-4sarge2_ia64.deb oldstable/main/binary-ia64/bsdutils_2.12p-4sarge2_ia64.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-hppa/util-linux_2.12p-4sarge2_hppa.deb oldstable/main/binary-hppa/fdisk-udeb_2.12p-4sarge2_hppa.udeb oldstable/main/binary-hppa/mount_2.12p-4sarge2_hppa.deb oldstable/main/binary-hppa/bsdutils_2.12p-4sarge2_hppa.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-arm/util-linux_2.12p-4sarge2_arm.deb oldstable/main/binary-arm/bsdutils_2.12p-4sarge2_arm.deb oldstable/main/binary-arm/fdisk-udeb_2.12p-4sarge2_arm.udeb oldstable/main/binary-arm/mount_2.12p-4sarge2_arm.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-alpha/util-linux_2.12p-4sarge2_alpha.deb oldstable/main/binary-alpha/mount_2.12p-4sarge2_alpha.deb oldstable/main/binary-alpha/fdisk-udeb_2.12p-4sarge2_alpha.udeb oldstable/main/binary-alpha/bsdutils_2.12p-4sarge2_alpha.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/source/util-linux_2.12p-4sarge2.dsc oldstable/main/binary-i386/fdisk-udeb_2.12p-4sarge2_i386.udeb oldstable/main/binary-i386/util-linux_2.12p-4sarge2_i386.deb oldstable/main/binary-i386/mount_2.12p-4sarge2_i386.deb oldstable/main/source/util-linux_2.12p-4sarge2.diff.gz oldstable/main/binary-i386/bsdutils_2.12p-4sarge2_i386.deb oldstable/main/binary-all/util-linux-locales_2.12p-4sarge2_all.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-sparc/unzip_5.52-1sarge5_sparc.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-s390/unzip_5.52-1sarge5_s390.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-powerpc/unzip_5.52-1sarge5_powerpc.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-mipsel/unzip_5.52-1sarge5_mipsel.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-mips/unzip_5.52-1sarge5_mips.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-m68k/unzip_5.52-1sarge5_m68k.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-ia64/unzip_5.52-1sarge5_ia64.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-hppa/unzip_5.52-1sarge5_hppa.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-arm/unzip_5.52-1sarge5_arm.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-amd64/unzip_5.52-1sarge5_amd64.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-alpha/unzip_5.52-1sarge5_alpha.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/source/unzip_5.52-1sarge5.dsc oldstable/main/source/unzip_5.52-1sarge5.diff.gz oldstable/main/binary-i386/unzip_5.52-1sarge5_i386.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/non-free/binary-sparc/unrar_3.5.2-0.2_sparc.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-s390/unrar_3.5.2-0.2_s390.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-powerpc/unrar_3.5.2-0.2_powerpc.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-mipsel/unrar_3.5.2-0.2_mipsel.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-mips/unrar_3.5.2-0.2_mips.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-m68k/unrar_3.5.2-0.2_m68k.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-ia64/unrar_3.5.2-0.2_ia64.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-hppa/unrar_3.5.2-0.2_hppa.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-arm/unrar_3.5.2-0.2_arm.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-alpha/unrar_3.5.2-0.2_alpha.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-i386/unrar_3.5.2-0.2_i386.deb oldstable/non-free/source/unrar-nonfree_3.5.2-0.2.dsc oldstable/non-free/source/unrar-nonfree_3.5.2-0.2.diff.gz unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/main/source/turba2_2.0.2-1sarge1.dsc oldstable/main/source/turba2_2.0.2-1sarge1.diff.gz oldstable/main/binary-all/turba2_2.0.2-1sarge1_all.deb turba2 (2.0.2-1sarge1) oldstable-security; urgency=high * Fix unchecked access to contacts in the same SQL table, if the unique key of another user's contact can be guessed. See CVE-2008-0807 for more informations. (Closes: #464058) * Fix privilege escalation in Horde API. * Close several XSS vulnerabilities with address book and contact data. oldstable/main/binary-sparc/tk8.4_8.4.9-1sarge2_sparc.deb oldstable/main/binary-sparc/tk8.4-dev_8.4.9-1sarge2_sparc.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-s390/tk8.4-dev_8.4.9-1sarge2_s390.deb oldstable/main/binary-s390/tk8.4_8.4.9-1sarge2_s390.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-powerpc/tk8.4_8.4.9-1sarge2_powerpc.deb oldstable/main/binary-powerpc/tk8.4-dev_8.4.9-1sarge2_powerpc.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-mipsel/tk8.4-dev_8.4.9-1sarge2_mipsel.deb oldstable/main/binary-mipsel/tk8.4_8.4.9-1sarge2_mipsel.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-mips/tk8.4-dev_8.4.9-1sarge2_mips.deb oldstable/main/binary-mips/tk8.4_8.4.9-1sarge2_mips.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-m68k/tk8.4-dev_8.4.9-1sarge2_m68k.deb oldstable/main/binary-m68k/tk8.4_8.4.9-1sarge2_m68k.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-ia64/tk8.4-dev_8.4.9-1sarge2_ia64.deb oldstable/main/binary-ia64/tk8.4_8.4.9-1sarge2_ia64.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-hppa/tk8.4-dev_8.4.9-1sarge2_hppa.deb oldstable/main/binary-hppa/tk8.4_8.4.9-1sarge2_hppa.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-arm/tk8.4-dev_8.4.9-1sarge2_arm.deb oldstable/main/binary-arm/tk8.4_8.4.9-1sarge2_arm.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-amd64/tk8.4-dev_8.4.9-1sarge2_amd64.deb oldstable/main/binary-amd64/tk8.4_8.4.9-1sarge2_amd64.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-alpha/tk8.4-dev_8.4.9-1sarge2_alpha.deb oldstable/main/binary-alpha/tk8.4_8.4.9-1sarge2_alpha.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-all/tk8.4-doc_8.4.9-1sarge2_all.deb oldstable/main/binary-i386/tk8.4_8.4.9-1sarge2_i386.deb oldstable/main/source/tk8.4_8.4.9-1sarge2.dsc oldstable/main/source/tk8.4_8.4.9-1sarge2.diff.gz oldstable/main/binary-i386/tk8.4-dev_8.4.9-1sarge2_i386.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-sparc/tk8.3_8.3.5-4sarge1_sparc.deb oldstable/main/binary-sparc/tk8.3-dev_8.3.5-4sarge1_sparc.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-s390/tk8.3_8.3.5-4sarge1_s390.deb oldstable/main/binary-s390/tk8.3-dev_8.3.5-4sarge1_s390.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-powerpc/tk8.3_8.3.5-4sarge1_powerpc.deb oldstable/main/binary-powerpc/tk8.3-dev_8.3.5-4sarge1_powerpc.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-mipsel/tk8.3_8.3.5-4sarge1_mipsel.deb oldstable/main/binary-mipsel/tk8.3-dev_8.3.5-4sarge1_mipsel.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-mips/tk8.3-dev_8.3.5-4sarge1_mips.deb oldstable/main/binary-mips/tk8.3_8.3.5-4sarge1_mips.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-m68k/tk8.3-dev_8.3.5-4sarge1_m68k.deb oldstable/main/binary-m68k/tk8.3_8.3.5-4sarge1_m68k.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-ia64/tk8.3-dev_8.3.5-4sarge1_ia64.deb oldstable/main/binary-ia64/tk8.3_8.3.5-4sarge1_ia64.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-hppa/tk8.3_8.3.5-4sarge1_hppa.deb oldstable/main/binary-hppa/tk8.3-dev_8.3.5-4sarge1_hppa.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-arm/tk8.3-dev_8.3.5-4sarge1_arm.deb oldstable/main/binary-arm/tk8.3_8.3.5-4sarge1_arm.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-amd64/tk8.3_8.3.5-4sarge1_amd64.deb oldstable/main/binary-amd64/tk8.3-dev_8.3.5-4sarge1_amd64.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-alpha/tk8.3-dev_8.3.5-4sarge1_alpha.deb oldstable/main/binary-alpha/tk8.3_8.3.5-4sarge1_alpha.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/source/tk8.3_8.3.5-4sarge1.dsc oldstable/main/binary-i386/tk8.3_8.3.5-4sarge1_i386.deb oldstable/main/source/tk8.3_8.3.5-4sarge1.diff.gz oldstable/main/binary-i386/tk8.3-dev_8.3.5-4sarge1_i386.deb oldstable/main/binary-all/tk8.3-doc_8.3.5-4sarge1_all.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-sparc/tar_1.14-2.4_sparc.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-s390/tar_1.14-2.4_s390.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-powerpc/tar_1.14-2.4_powerpc.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-mipsel/tar_1.14-2.4_mipsel.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-mips/tar_1.14-2.4_mips.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-m68k/tar_1.14-2.4_m68k.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-ia64/tar_1.14-2.4_ia64.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-hppa/tar_1.14-2.4_hppa.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-arm/tar_1.14-2.4_arm.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-amd64/tar_1.14-2.4_amd64.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-alpha/tar_1.14-2.4_alpha.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-i386/tar_1.14-2.4_i386.deb oldstable/main/source/tar_1.14-2.4.dsc oldstable/main/source/tar_1.14-2.4.diff.gz tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-sparc/libsword4_1.5.7-7sarge1_sparc.deb oldstable/main/binary-sparc/libsword-dev_1.5.7-7sarge1_sparc.deb oldstable/main/binary-sparc/diatheke_1.5.7-7sarge1_sparc.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-s390/diatheke_1.5.7-7sarge1_s390.deb oldstable/main/binary-s390/libsword4_1.5.7-7sarge1_s390.deb oldstable/main/binary-s390/libsword-dev_1.5.7-7sarge1_s390.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-powerpc/libsword4_1.5.7-7sarge1_powerpc.deb oldstable/main/binary-powerpc/diatheke_1.5.7-7sarge1_powerpc.deb oldstable/main/binary-powerpc/libsword-dev_1.5.7-7sarge1_powerpc.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-mipsel/diatheke_1.5.7-7sarge1_mipsel.deb oldstable/main/binary-mipsel/libsword4_1.5.7-7sarge1_mipsel.deb oldstable/main/binary-mipsel/libsword-dev_1.5.7-7sarge1_mipsel.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-mips/diatheke_1.5.7-7sarge1_mips.deb oldstable/main/binary-mips/libsword4_1.5.7-7sarge1_mips.deb oldstable/main/binary-mips/libsword-dev_1.5.7-7sarge1_mips.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-m68k/libsword4_1.5.7-7sarge1_m68k.deb oldstable/main/binary-m68k/diatheke_1.5.7-7sarge1_m68k.deb oldstable/main/binary-m68k/libsword-dev_1.5.7-7sarge1_m68k.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-ia64/libsword4_1.5.7-7sarge1_ia64.deb oldstable/main/binary-ia64/diatheke_1.5.7-7sarge1_ia64.deb oldstable/main/binary-ia64/libsword-dev_1.5.7-7sarge1_ia64.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-hppa/diatheke_1.5.7-7sarge1_hppa.deb oldstable/main/binary-hppa/libsword4_1.5.7-7sarge1_hppa.deb oldstable/main/binary-hppa/libsword-dev_1.5.7-7sarge1_hppa.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-arm/diatheke_1.5.7-7sarge1_arm.deb oldstable/main/binary-arm/libsword-dev_1.5.7-7sarge1_arm.deb oldstable/main/binary-arm/libsword4_1.5.7-7sarge1_arm.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-amd64/libsword-dev_1.5.7-7sarge1_amd64.deb oldstable/main/binary-amd64/diatheke_1.5.7-7sarge1_amd64.deb oldstable/main/binary-amd64/libsword4_1.5.7-7sarge1_amd64.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-alpha/libsword-dev_1.5.7-7sarge1_alpha.deb oldstable/main/binary-alpha/libsword4_1.5.7-7sarge1_alpha.deb oldstable/main/binary-alpha/diatheke_1.5.7-7sarge1_alpha.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-i386/libsword-dev_1.5.7-7sarge1_i386.deb oldstable/main/source/sword_1.5.7-7sarge1.dsc oldstable/main/binary-i386/diatheke_1.5.7-7sarge1_i386.deb oldstable/main/source/sword_1.5.7-7sarge1.diff.gz oldstable/main/binary-i386/libsword4_1.5.7-7sarge1_i386.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-sparc/squidclient_2.5.9-10sarge5_sparc.deb oldstable/main/binary-sparc/squid_2.5.9-10sarge5_sparc.deb oldstable/main/binary-sparc/squid-cgi_2.5.9-10sarge5_sparc.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-s390/squidclient_2.5.9-10sarge5_s390.deb oldstable/main/binary-s390/squid_2.5.9-10sarge5_s390.deb oldstable/main/binary-s390/squid-cgi_2.5.9-10sarge5_s390.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-powerpc/squid-cgi_2.5.9-10sarge5_powerpc.deb oldstable/main/binary-powerpc/squidclient_2.5.9-10sarge5_powerpc.deb oldstable/main/binary-powerpc/squid_2.5.9-10sarge5_powerpc.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-mipsel/squid-cgi_2.5.9-10sarge5_mipsel.deb oldstable/main/binary-mipsel/squidclient_2.5.9-10sarge5_mipsel.deb oldstable/main/binary-mipsel/squid_2.5.9-10sarge5_mipsel.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-mips/squidclient_2.5.9-10sarge5_mips.deb oldstable/main/binary-mips/squid_2.5.9-10sarge5_mips.deb oldstable/main/binary-mips/squid-cgi_2.5.9-10sarge5_mips.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-m68k/squid_2.5.9-10sarge5_m68k.deb oldstable/main/binary-m68k/squidclient_2.5.9-10sarge5_m68k.deb oldstable/main/binary-m68k/squid-cgi_2.5.9-10sarge5_m68k.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-ia64/squidclient_2.5.9-10sarge5_ia64.deb oldstable/main/binary-ia64/squid-cgi_2.5.9-10sarge5_ia64.deb oldstable/main/binary-ia64/squid_2.5.9-10sarge5_ia64.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-hppa/squid_2.5.9-10sarge5_hppa.deb oldstable/main/binary-hppa/squidclient_2.5.9-10sarge5_hppa.deb oldstable/main/binary-hppa/squid-cgi_2.5.9-10sarge5_hppa.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-arm/squid_2.5.9-10sarge5_arm.deb oldstable/main/binary-arm/squid-cgi_2.5.9-10sarge5_arm.deb oldstable/main/binary-arm/squidclient_2.5.9-10sarge5_arm.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-amd64/squid_2.5.9-10sarge5_amd64.deb oldstable/main/binary-amd64/squidclient_2.5.9-10sarge5_amd64.deb oldstable/main/binary-amd64/squid-cgi_2.5.9-10sarge5_amd64.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-alpha/squid_2.5.9-10sarge5_alpha.deb oldstable/main/binary-alpha/squid-cgi_2.5.9-10sarge5_alpha.deb oldstable/main/binary-alpha/squidclient_2.5.9-10sarge5_alpha.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-i386/squid-cgi_2.5.9-10sarge5_i386.deb oldstable/main/source/squid_2.5.9-10sarge5.diff.gz oldstable/main/binary-i386/squid_2.5.9-10sarge5_i386.deb oldstable/main/source/squid_2.5.9-10sarge5.dsc oldstable/main/binary-all/squid-common_2.5.9-10sarge5_all.deb oldstable/main/binary-i386/squidclient_2.5.9-10sarge5_i386.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/source/smarty_2.6.9-1sarge1.dsc oldstable/main/binary-all/smarty_2.6.9-1sarge1_all.deb oldstable/main/source/smarty_2.6.9-1sarge1.diff.gz smarty (2.6.9-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A \0 character in a search string could be abused to call arbitrary PHP functions via templates. CVE-2008-1066, closes: #469492 oldstable/main/binary-sparc/sing_1.1-9sarge1_sparc.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-s390/sing_1.1-9sarge1_s390.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-powerpc/sing_1.1-9sarge1_powerpc.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-mipsel/sing_1.1-9sarge1_mipsel.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-mips/sing_1.1-9sarge1_mips.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-m68k/sing_1.1-9sarge1_m68k.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-ia64/sing_1.1-9sarge1_ia64.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-hppa/sing_1.1-9sarge1_hppa.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-arm/sing_1.1-9sarge1_arm.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-alpha/sing_1.1-9sarge1_alpha.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/source/sing_1.1-9sarge1.dsc oldstable/main/binary-i386/sing_1.1-9sarge1_i386.deb oldstable/main/source/sing_1.1-9sarge1.diff.gz sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-sparc/libsdl-image1.2_1.2.4-1etch1_sparc.deb oldstable/main/binary-sparc/libsdl-image1.2-dev_1.2.4-1etch1_sparc.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-s390/libsdl-image1.2_1.2.4-1etch1_s390.deb oldstable/main/binary-s390/libsdl-image1.2-dev_1.2.4-1etch1_s390.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-powerpc/libsdl-image1.2-dev_1.2.4-1etch1_powerpc.deb oldstable/main/binary-powerpc/libsdl-image1.2_1.2.4-1etch1_powerpc.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-mipsel/libsdl-image1.2-dev_1.2.4-1etch1_mipsel.deb oldstable/main/binary-mipsel/libsdl-image1.2_1.2.4-1etch1_mipsel.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-mips/libsdl-image1.2_1.2.4-1etch1_mips.deb oldstable/main/binary-mips/libsdl-image1.2-dev_1.2.4-1etch1_mips.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-m68k/libsdl-image1.2-dev_1.2.4-1etch1_m68k.deb oldstable/main/binary-m68k/libsdl-image1.2_1.2.4-1etch1_m68k.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-ia64/libsdl-image1.2_1.2.4-1etch1_ia64.deb oldstable/main/binary-ia64/libsdl-image1.2-dev_1.2.4-1etch1_ia64.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-hppa/libsdl-image1.2_1.2.4-1etch1_hppa.deb oldstable/main/binary-hppa/libsdl-image1.2-dev_1.2.4-1etch1_hppa.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-arm/libsdl-image1.2_1.2.4-1etch1_arm.deb oldstable/main/binary-arm/libsdl-image1.2-dev_1.2.4-1etch1_arm.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-amd64/libsdl-image1.2_1.2.4-1etch1_amd64.deb oldstable/main/binary-amd64/libsdl-image1.2-dev_1.2.4-1etch1_amd64.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-alpha/libsdl-image1.2_1.2.4-1etch1_alpha.deb oldstable/main/binary-alpha/libsdl-image1.2-dev_1.2.4-1etch1_alpha.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-i386/libsdl-image1.2-dev_1.2.4-1etch1_i386.deb oldstable/main/source/sdl-image1.2_1.2.4-1etch1.diff.gz oldstable/main/binary-i386/libsdl-image1.2_1.2.4-1etch1_i386.deb oldstable/main/source/sdl-image1.2_1.2.4-1etch1.dsc sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-sparc/scponly_4.0-1sarge2_sparc.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-s390/scponly_4.0-1sarge2_s390.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-powerpc/scponly_4.0-1sarge2_powerpc.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-mipsel/scponly_4.0-1sarge2_mipsel.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-mips/scponly_4.0-1sarge2_mips.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-m68k/scponly_4.0-1sarge2_m68k.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-ia64/scponly_4.0-1sarge2_ia64.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-hppa/scponly_4.0-1sarge2_hppa.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-arm/scponly_4.0-1sarge2_arm.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-amd64/scponly_4.0-1sarge2_amd64.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-alpha/scponly_4.0-1sarge2_alpha.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-i386/scponly_4.0-1sarge2_i386.deb oldstable/main/source/scponly_4.0-1sarge2.dsc oldstable/main/source/scponly_4.0-1sarge2.diff.gz scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-m68k/libpt-dbg_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-plugins-v4l2_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-plugins-alsa_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-1.8.3_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-plugins-avc_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-dev_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-plugins-v4l_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-plugins-oss_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-plugins-dc_1.8.4-1+sarge1.1_m68k.deb pwlib (1.8.4-1+sarge1.1) oldstable-proposed-updates; urgency=low * Non-maintainer upload. * Fix to build with sudo on the autobuilders. oldstable/main/binary-sparc/postgresql-contrib_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/postgresql-client_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/libecpg4_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/libpgtcl-dev_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/postgresql-dev_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/libpq3_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/libpgtcl_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/postgresql_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/libecpg-dev_7.4.7-6sarge6_sparc.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-s390/libpgtcl-dev_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/postgresql_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/libecpg4_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/libpgtcl_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/postgresql-dev_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/postgresql-client_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/postgresql-contrib_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/libpq3_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/libecpg-dev_7.4.7-6sarge6_s390.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-powerpc/libpq3_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/libecpg-dev_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/postgresql_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/libpgtcl-dev_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/postgresql-contrib_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/libpgtcl_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/postgresql-dev_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/libecpg4_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/postgresql-client_7.4.7-6sarge6_powerpc.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-mipsel/libecpg4_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/postgresql-client_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/postgresql_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/libpgtcl-dev_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/libecpg-dev_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/libpq3_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/libpgtcl_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/postgresql-dev_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/postgresql-contrib_7.4.7-6sarge6_mipsel.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-mips/postgresql_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/libecpg-dev_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/libpq3_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/libpgtcl_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/libecpg4_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/libpgtcl-dev_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/postgresql-dev_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/postgresql-contrib_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/postgresql-client_7.4.7-6sarge6_mips.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-m68k/postgresql-contrib_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/libpgtcl_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/libpq3_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/libecpg4_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/libecpg-dev_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/postgresql_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/libpgtcl-dev_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/postgresql-client_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/postgresql-dev_7.4.7-6sarge6_m68k.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-ia64/libpgtcl-dev_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/libpgtcl_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/postgresql-contrib_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/libecpg4_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/libecpg-dev_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/postgresql_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/libpq3_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/postgresql-client_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/postgresql-dev_7.4.7-6sarge6_ia64.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-hppa/libpq3_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/postgresql-contrib_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/libecpg-dev_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/libpgtcl_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/libecpg4_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/postgresql-dev_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/postgresql_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/libpgtcl-dev_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/postgresql-client_7.4.7-6sarge6_hppa.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-arm/postgresql-client_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/libpq3_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/postgresql_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/libecpg4_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/libpgtcl_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/postgresql-contrib_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/libpgtcl-dev_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/postgresql-dev_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/libecpg-dev_7.4.7-6sarge6_arm.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-amd64/postgresql_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/postgresql-dev_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/libpgtcl_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/libecpg4_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/postgresql-client_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/libpq3_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/libecpg-dev_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/postgresql-contrib_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/libpgtcl-dev_7.4.7-6sarge6_amd64.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-alpha/postgresql_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/libpq3_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/libpgtcl-dev_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/postgresql-dev_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/libpgtcl_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/libecpg4_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/postgresql-client_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/postgresql-contrib_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/libecpg-dev_7.4.7-6sarge6_alpha.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-i386/postgresql-client_7.4.7-6sarge6_i386.deb oldstable/main/binary-i386/libecpg-dev_7.4.7-6sarge6_i386.deb oldstable/main/binary-i386/postgresql_7.4.7-6sarge6_i386.deb oldstable/main/binary-i386/libpq3_7.4.7-6sarge6_i386.deb oldstable/main/binary-i386/libpgtcl_7.4.7-6sarge6_i386.deb oldstable/main/binary-i386/postgresql-dev_7.4.7-6sarge6_i386.deb oldstable/main/source/postgresql_7.4.7-6sarge6.dsc oldstable/main/source/postgresql_7.4.7-6sarge6.diff.gz oldstable/main/binary-i386/libecpg4_7.4.7-6sarge6_i386.deb oldstable/main/binary-all/postgresql-doc_7.4.7-6sarge6_all.deb oldstable/main/binary-i386/postgresql-contrib_7.4.7-6sarge6_i386.deb oldstable/main/binary-i386/libpgtcl-dev_7.4.7-6sarge6_i386.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/source/phpbb2_2.0.13+1-6sarge4.dsc oldstable/main/binary-all/phpbb2_2.0.13-6sarge4_all.deb oldstable/main/binary-all/phpbb2-conf-mysql_2.0.13-6sarge4_all.deb oldstable/main/binary-all/phpbb2-languages_2.0.13-6sarge4_all.deb oldstable/main/source/phpbb2_2.0.13+1-6sarge4.diff.gz phpbb2 (2.0.13+1-6sarge4) oldstable-security; urgency=high * Upload to sarge to address security issues. * CVE-2006-4758: authenticated admin may upload arbitrary files (very minor issue, closes: 388120). * CVE-2006-6839: update criteria for redirection targets. * CVE-2006-6840: fix negative start parameter. * CVE-2006-6508/CVE-2006-6841: fix csrf (closes: 405980). * CVE-2008-0471: fix csrf (closes: 463589). oldstable/main/binary-sparc/libpcre3-dev_4.5+7.4-2_sparc.deb oldstable/main/binary-sparc/libpcre3_4.5+7.4-2_sparc.deb oldstable/main/binary-sparc/pcregrep_4.5+7.4-2_sparc.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-s390/libpcre3_4.5+7.4-2_s390.deb oldstable/main/binary-s390/pcregrep_4.5+7.4-2_s390.deb oldstable/main/binary-s390/libpcre3-dev_4.5+7.4-2_s390.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-powerpc/libpcre3_4.5+7.4-2_powerpc.deb oldstable/main/binary-powerpc/libpcre3-dev_4.5+7.4-2_powerpc.deb oldstable/main/binary-powerpc/pcregrep_4.5+7.4-2_powerpc.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-mipsel/libpcre3-dev_4.5+7.4-2_mipsel.deb oldstable/main/binary-mipsel/libpcre3_4.5+7.4-2_mipsel.deb oldstable/main/binary-mipsel/pcregrep_4.5+7.4-2_mipsel.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-mips/libpcre3_4.5+7.4-2_mips.deb oldstable/main/binary-mips/libpcre3-dev_4.5+7.4-2_mips.deb oldstable/main/binary-mips/pcregrep_4.5+7.4-2_mips.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-m68k/libpcre3_4.5+7.4-2_m68k.deb oldstable/main/binary-m68k/pcregrep_4.5+7.4-2_m68k.deb oldstable/main/binary-m68k/libpcre3-dev_4.5+7.4-2_m68k.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-ia64/libpcre3-dev_4.5+7.4-2_ia64.deb oldstable/main/binary-ia64/libpcre3_4.5+7.4-2_ia64.deb oldstable/main/binary-ia64/pcregrep_4.5+7.4-2_ia64.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-hppa/libpcre3-dev_4.5+7.4-2_hppa.deb oldstable/main/binary-hppa/libpcre3_4.5+7.4-2_hppa.deb oldstable/main/binary-hppa/pcregrep_4.5+7.4-2_hppa.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-arm/libpcre3_4.5+7.4-2_arm.deb oldstable/main/binary-arm/libpcre3-dev_4.5+7.4-2_arm.deb oldstable/main/binary-arm/pcregrep_4.5+7.4-2_arm.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-amd64/libpcre3_4.5+7.4-2_amd64.deb oldstable/main/binary-amd64/libpcre3-dev_4.5+7.4-2_amd64.deb oldstable/main/binary-amd64/pcregrep_4.5+7.4-2_amd64.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-alpha/libpcre3_4.5+7.4-2_alpha.deb oldstable/main/binary-alpha/libpcre3-dev_4.5+7.4-2_alpha.deb oldstable/main/binary-alpha/pcregrep_4.5+7.4-2_alpha.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-i386/libpcre3_4.5+7.4-2_i386.deb oldstable/main/binary-i386/libpcre3-dev_4.5+7.4-2_i386.deb oldstable/main/source/pcre3_4.5+7.4-2.dsc oldstable/main/binary-i386/pcregrep_4.5+7.4-2_i386.deb oldstable/main/binary-all/pgrep_4.5+7.4-2_all.deb oldstable/main/source/pcre3_4.5+7.4-2.diff.gz pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-sparc/openafs-kpasswd_1.3.81-3sarge3_sparc.deb oldstable/main/binary-sparc/openafs-dbserver_1.3.81-3sarge3_sparc.deb oldstable/main/binary-sparc/libpam-openafs-kaserver_1.3.81-3sarge3_sparc.deb oldstable/main/binary-sparc/openafs-client_1.3.81-3sarge3_sparc.deb oldstable/main/binary-sparc/libopenafs-dev_1.3.81-3sarge3_sparc.deb oldstable/main/binary-sparc/openafs-fileserver_1.3.81-3sarge3_sparc.deb openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-s390/openafs-dbserver_1.3.81-3sarge3_s390.deb oldstable/main/binary-s390/libpam-openafs-kaserver_1.3.81-3sarge3_s390.deb oldstable/main/binary-s390/openafs-client_1.3.81-3sarge3_s390.deb oldstable/main/binary-s390/libopenafs-dev_1.3.81-3sarge3_s390.deb oldstable/main/binary-s390/openafs-fileserver_1.3.81-3sarge3_s390.deb oldstable/main/binary-s390/openafs-kpasswd_1.3.81-3sarge3_s390.deb openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-powerpc/openafs-dbserver_1.3.81-3sarge3_powerpc.deb oldstable/main/binary-powerpc/openafs-kpasswd_1.3.81-3sarge3_powerpc.deb oldstable/main/binary-powerpc/openafs-client_1.3.81-3sarge3_powerpc.deb oldstable/main/binary-powerpc/openafs-fileserver_1.3.81-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libopenafs-dev_1.3.81-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libpam-openafs-kaserver_1.3.81-3sarge3_powerpc.deb openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-ia64/libopenafs-dev_1.3.81-3sarge3_ia64.deb oldstable/main/binary-ia64/openafs-dbserver_1.3.81-3sarge3_ia64.deb oldstable/main/binary-ia64/openafs-client_1.3.81-3sarge3_ia64.deb oldstable/main/binary-ia64/openafs-kpasswd_1.3.81-3sarge3_ia64.deb oldstable/main/binary-ia64/libpam-openafs-kaserver_1.3.81-3sarge3_ia64.deb oldstable/main/binary-ia64/openafs-fileserver_1.3.81-3sarge3_ia64.deb openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-hppa/libopenafs-dev_1.3.81-3sarge3_hppa.deb oldstable/main/binary-hppa/openafs-kpasswd_1.3.81-3sarge3_hppa.deb oldstable/main/binary-hppa/openafs-fileserver_1.3.81-3sarge3_hppa.deb oldstable/main/binary-hppa/libpam-openafs-kaserver_1.3.81-3sarge3_hppa.deb oldstable/main/binary-hppa/openafs-dbserver_1.3.81-3sarge3_hppa.deb oldstable/main/binary-hppa/openafs-client_1.3.81-3sarge3_hppa.deb openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-amd64/libpam-openafs-kaserver_1.3.81-3sarge3_amd64.deb oldstable/main/binary-amd64/libopenafs-dev_1.3.81-3sarge3_amd64.deb oldstable/main/binary-amd64/openafs-client_1.3.81-3sarge3_amd64.deb oldstable/main/binary-amd64/openafs-fileserver_1.3.81-3sarge3_amd64.deb oldstable/main/binary-amd64/openafs-dbserver_1.3.81-3sarge3_amd64.deb oldstable/main/binary-amd64/openafs-kpasswd_1.3.81-3sarge3_amd64.deb openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-alpha/openafs-fileserver_1.3.81-3sarge3_alpha.deb oldstable/main/binary-alpha/openafs-client_1.3.81-3sarge3_alpha.deb oldstable/main/binary-alpha/libpam-openafs-kaserver_1.3.81-3sarge3_alpha.deb oldstable/main/binary-alpha/libopenafs-dev_1.3.81-3sarge3_alpha.deb oldstable/main/binary-alpha/openafs-dbserver_1.3.81-3sarge3_alpha.deb oldstable/main/binary-alpha/openafs-kpasswd_1.3.81-3sarge3_alpha.deb openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-i386/libpam-openafs-kaserver_1.3.81-3sarge3_i386.deb oldstable/main/binary-all/openafs-modules-source_1.3.81-3sarge3_all.deb oldstable/main/binary-i386/openafs-client_1.3.81-3sarge3_i386.deb oldstable/main/binary-i386/openafs-fileserver_1.3.81-3sarge3_i386.deb oldstable/main/binary-i386/libopenafs-dev_1.3.81-3sarge3_i386.deb oldstable/main/binary-i386/openafs-kpasswd_1.3.81-3sarge3_i386.deb oldstable/main/source/openafs_1.3.81-3sarge3.diff.gz oldstable/main/binary-i386/openafs-dbserver_1.3.81-3sarge3_i386.deb oldstable/main/source/openafs_1.3.81-3sarge3.dsc openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-sparc/nagios-plugins_1.4-6sarge2_sparc.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-s390/nagios-plugins_1.4-6sarge2_s390.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-powerpc/nagios-plugins_1.4-6sarge2_powerpc.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-mipsel/nagios-plugins_1.4-6sarge2_mipsel.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-mips/nagios-plugins_1.4-6sarge2_mips.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-m68k/nagios-plugins_1.4-6sarge2_m68k.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-ia64/nagios-plugins_1.4-6sarge2_ia64.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-hppa/nagios-plugins_1.4-6sarge2_hppa.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-arm/nagios-plugins_1.4-6sarge2_arm.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-amd64/nagios-plugins_1.4-6sarge2_amd64.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-alpha/nagios-plugins_1.4-6sarge2_alpha.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-i386/nagios-plugins_1.4-6sarge2_i386.deb oldstable/main/source/nagios-plugins_1.4-6sarge2.dsc oldstable/main/source/nagios-plugins_1.4-6sarge2.diff.gz nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-sparc/maradns_1.0.27-2_sparc.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-s390/maradns_1.0.27-2_s390.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-powerpc/maradns_1.0.27-2_powerpc.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-mipsel/maradns_1.0.27-2_mipsel.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-mips/maradns_1.0.27-2_mips.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-m68k/maradns_1.0.27-2_m68k.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-ia64/maradns_1.0.27-2_ia64.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-hppa/maradns_1.0.27-2_hppa.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-arm/maradns_1.0.27-2_arm.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-amd64/maradns_1.0.27-2_amd64.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-alpha/maradns_1.0.27-2_alpha.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-i386/maradns_1.0.27-2_i386.deb oldstable/main/source/maradns_1.0.27-2.dsc oldstable/main/source/maradns_1.0.27-2.diff.gz maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-all/mantis_0.19.2-5sarge5_all.deb oldstable/main/source/mantis_0.19.2-5sarge5.dsc oldstable/main/source/mantis_0.19.2-5sarge5.diff.gz mantis (0.19.2-5sarge5) oldstable-security; urgency=high * Maintainer upload for the security team * Fixed security issue CVE-2007-6611: "Upload File" Script insertion vulnerability by applying the patch from sid. (Closes: #458377) * Fixed security issue CVE-2006-6574: Custom Field Information Disclosure by backporting changes in history_api.php from sid (Closes: #402802) * Fixed security issue: Email notifications bypass security on custom fields * Fixed multiple XSS vulnerabilites by backporting changes from upstream version 1.0.7 oldstable/main/binary-sparc/loop-aes-utils_2.12p-4sarge2_sparc.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-s390/loop-aes-utils_2.12p-4sarge2_s390.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-powerpc/loop-aes-utils_2.12p-4sarge2_powerpc.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-mipsel/loop-aes-utils_2.12p-4sarge2_mipsel.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-mips/loop-aes-utils_2.12p-4sarge2_mips.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-m68k/loop-aes-utils_2.12p-4sarge2_m68k.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-ia64/loop-aes-utils_2.12p-4sarge2_ia64.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-hppa/loop-aes-utils_2.12p-4sarge2_hppa.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-arm/loop-aes-utils_2.12p-4sarge2_arm.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-amd64/loop-aes-utils_2.12p-4sarge2_amd64.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-alpha/loop-aes-utils_2.12p-4sarge2_alpha.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-i386/loop-aes-utils_2.12p-4sarge2_i386.deb oldstable/main/source/loop-aes-utils_2.12p-4sarge2.dsc oldstable/main/source/loop-aes-utils_2.12p-4sarge2.diff.gz loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-sparc/libxml2-utils_2.6.16-7sarge1_sparc.deb oldstable/main/binary-sparc/libxml2-dev_2.6.16-7sarge1_sparc.deb oldstable/main/binary-sparc/python2.4-libxml2_2.6.16-7sarge1_sparc.deb oldstable/main/binary-sparc/libxml2_2.6.16-7sarge1_sparc.deb oldstable/main/binary-sparc/python2.3-libxml2_2.6.16-7sarge1_sparc.deb oldstable/main/binary-sparc/python2.2-libxml2_2.6.16-7sarge1_sparc.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-s390/python2.4-libxml2_2.6.16-7sarge1_s390.deb oldstable/main/binary-s390/libxml2-dev_2.6.16-7sarge1_s390.deb oldstable/main/binary-s390/python2.3-libxml2_2.6.16-7sarge1_s390.deb oldstable/main/binary-s390/libxml2-utils_2.6.16-7sarge1_s390.deb oldstable/main/binary-s390/libxml2_2.6.16-7sarge1_s390.deb oldstable/main/binary-s390/python2.2-libxml2_2.6.16-7sarge1_s390.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-powerpc/python2.2-libxml2_2.6.16-7sarge1_powerpc.deb oldstable/main/binary-powerpc/libxml2-utils_2.6.16-7sarge1_powerpc.deb oldstable/main/binary-powerpc/python2.4-libxml2_2.6.16-7sarge1_powerpc.deb oldstable/main/binary-powerpc/libxml2-dev_2.6.16-7sarge1_powerpc.deb oldstable/main/binary-powerpc/libxml2_2.6.16-7sarge1_powerpc.deb oldstable/main/binary-powerpc/python2.3-libxml2_2.6.16-7sarge1_powerpc.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-mipsel/libxml2_2.6.16-7sarge1_mipsel.deb oldstable/main/binary-mipsel/libxml2-dev_2.6.16-7sarge1_mipsel.deb oldstable/main/binary-mipsel/python2.3-libxml2_2.6.16-7sarge1_mipsel.deb oldstable/main/binary-mipsel/libxml2-utils_2.6.16-7sarge1_mipsel.deb oldstable/main/binary-mipsel/python2.2-libxml2_2.6.16-7sarge1_mipsel.deb oldstable/main/binary-mipsel/python2.4-libxml2_2.6.16-7sarge1_mipsel.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-mips/libxml2-dev_2.6.16-7sarge1_mips.deb oldstable/main/binary-mips/libxml2_2.6.16-7sarge1_mips.deb oldstable/main/binary-mips/python2.2-libxml2_2.6.16-7sarge1_mips.deb oldstable/main/binary-mips/python2.3-libxml2_2.6.16-7sarge1_mips.deb oldstable/main/binary-mips/python2.4-libxml2_2.6.16-7sarge1_mips.deb oldstable/main/binary-mips/libxml2-utils_2.6.16-7sarge1_mips.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-m68k/libxml2_2.6.16-7sarge1_m68k.deb oldstable/main/binary-m68k/libxml2-dev_2.6.16-7sarge1_m68k.deb oldstable/main/binary-m68k/python2.2-libxml2_2.6.16-7sarge1_m68k.deb oldstable/main/binary-m68k/libxml2-utils_2.6.16-7sarge1_m68k.deb oldstable/main/binary-m68k/python2.4-libxml2_2.6.16-7sarge1_m68k.deb oldstable/main/binary-m68k/python2.3-libxml2_2.6.16-7sarge1_m68k.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-ia64/python2.4-libxml2_2.6.16-7sarge1_ia64.deb oldstable/main/binary-ia64/libxml2_2.6.16-7sarge1_ia64.deb oldstable/main/binary-ia64/python2.2-libxml2_2.6.16-7sarge1_ia64.deb oldstable/main/binary-ia64/libxml2-utils_2.6.16-7sarge1_ia64.deb oldstable/main/binary-ia64/python2.3-libxml2_2.6.16-7sarge1_ia64.deb oldstable/main/binary-ia64/libxml2-dev_2.6.16-7sarge1_ia64.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-hppa/python2.4-libxml2_2.6.16-7sarge1_hppa.deb oldstable/main/binary-hppa/python2.3-libxml2_2.6.16-7sarge1_hppa.deb oldstable/main/binary-hppa/libxml2-dev_2.6.16-7sarge1_hppa.deb oldstable/main/binary-hppa/python2.2-libxml2_2.6.16-7sarge1_hppa.deb oldstable/main/binary-hppa/libxml2_2.6.16-7sarge1_hppa.deb oldstable/main/binary-hppa/libxml2-utils_2.6.16-7sarge1_hppa.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-arm/libxml2-utils_2.6.16-7sarge1_arm.deb oldstable/main/binary-arm/python2.2-libxml2_2.6.16-7sarge1_arm.deb oldstable/main/binary-arm/python2.4-libxml2_2.6.16-7sarge1_arm.deb oldstable/main/binary-arm/python2.3-libxml2_2.6.16-7sarge1_arm.deb oldstable/main/binary-arm/libxml2_2.6.16-7sarge1_arm.deb oldstable/main/binary-arm/libxml2-dev_2.6.16-7sarge1_arm.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-amd64/libxml2-dev_2.6.16-7sarge1_amd64.deb oldstable/main/binary-amd64/libxml2_2.6.16-7sarge1_amd64.deb oldstable/main/binary-amd64/python2.2-libxml2_2.6.16-7sarge1_amd64.deb oldstable/main/binary-amd64/libxml2-utils_2.6.16-7sarge1_amd64.deb oldstable/main/binary-amd64/python2.3-libxml2_2.6.16-7sarge1_amd64.deb oldstable/main/binary-amd64/python2.4-libxml2_2.6.16-7sarge1_amd64.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-alpha/libxml2_2.6.16-7sarge1_alpha.deb oldstable/main/binary-alpha/python2.3-libxml2_2.6.16-7sarge1_alpha.deb oldstable/main/binary-alpha/python2.4-libxml2_2.6.16-7sarge1_alpha.deb oldstable/main/binary-alpha/libxml2-dev_2.6.16-7sarge1_alpha.deb oldstable/main/binary-alpha/python2.2-libxml2_2.6.16-7sarge1_alpha.deb oldstable/main/binary-alpha/libxml2-utils_2.6.16-7sarge1_alpha.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-all/python-libxml2_2.6.16-7sarge1_all.deb oldstable/main/source/libxml2_2.6.16-7sarge1.diff.gz oldstable/main/binary-i386/libxml2-dev_2.6.16-7sarge1_i386.deb oldstable/main/source/libxml2_2.6.16-7sarge1.dsc oldstable/main/binary-all/libxml2-python2.3_2.6.16-7sarge1_all.deb oldstable/main/binary-i386/python2.2-libxml2_2.6.16-7sarge1_i386.deb oldstable/main/binary-i386/python2.3-libxml2_2.6.16-7sarge1_i386.deb oldstable/main/binary-i386/libxml2-utils_2.6.16-7sarge1_i386.deb oldstable/main/binary-i386/python2.4-libxml2_2.6.16-7sarge1_i386.deb oldstable/main/binary-i386/libxml2_2.6.16-7sarge1_i386.deb oldstable/main/binary-all/libxml2-doc_2.6.16-7sarge1_all.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-sparc/libvorbisenc2_1.1.0-2_sparc.deb oldstable/main/binary-sparc/libvorbis0a_1.1.0-2_sparc.deb oldstable/main/binary-sparc/libvorbisfile3_1.1.0-2_sparc.deb oldstable/main/binary-sparc/libvorbis-dev_1.1.0-2_sparc.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-s390/libvorbisfile3_1.1.0-2_s390.deb oldstable/main/binary-s390/libvorbis-dev_1.1.0-2_s390.deb oldstable/main/binary-s390/libvorbis0a_1.1.0-2_s390.deb oldstable/main/binary-s390/libvorbisenc2_1.1.0-2_s390.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-powerpc/libvorbis0a_1.1.0-2_powerpc.deb oldstable/main/binary-powerpc/libvorbisfile3_1.1.0-2_powerpc.deb oldstable/main/binary-powerpc/libvorbisenc2_1.1.0-2_powerpc.deb oldstable/main/binary-powerpc/libvorbis-dev_1.1.0-2_powerpc.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-mipsel/libvorbisenc2_1.1.0-2_mipsel.deb oldstable/main/binary-mipsel/libvorbis-dev_1.1.0-2_mipsel.deb oldstable/main/binary-mipsel/libvorbisfile3_1.1.0-2_mipsel.deb oldstable/main/binary-mipsel/libvorbis0a_1.1.0-2_mipsel.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-mips/libvorbisenc2_1.1.0-2_mips.deb oldstable/main/binary-mips/libvorbisfile3_1.1.0-2_mips.deb oldstable/main/binary-mips/libvorbis0a_1.1.0-2_mips.deb oldstable/main/binary-mips/libvorbis-dev_1.1.0-2_mips.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-m68k/libvorbisenc2_1.1.0-2_m68k.deb oldstable/main/binary-m68k/libvorbisfile3_1.1.0-2_m68k.deb oldstable/main/binary-m68k/libvorbis-dev_1.1.0-2_m68k.deb oldstable/main/binary-m68k/libvorbis0a_1.1.0-2_m68k.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-ia64/libvorbisfile3_1.1.0-2_ia64.deb oldstable/main/binary-ia64/libvorbisenc2_1.1.0-2_ia64.deb oldstable/main/binary-ia64/libvorbis-dev_1.1.0-2_ia64.deb oldstable/main/binary-ia64/libvorbis0a_1.1.0-2_ia64.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-hppa/libvorbisenc2_1.1.0-2_hppa.deb oldstable/main/binary-hppa/libvorbis0a_1.1.0-2_hppa.deb oldstable/main/binary-hppa/libvorbisfile3_1.1.0-2_hppa.deb oldstable/main/binary-hppa/libvorbis-dev_1.1.0-2_hppa.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-arm/libvorbis-dev_1.1.0-2_arm.deb oldstable/main/binary-arm/libvorbisenc2_1.1.0-2_arm.deb oldstable/main/binary-arm/libvorbis0a_1.1.0-2_arm.deb oldstable/main/binary-arm/libvorbisfile3_1.1.0-2_arm.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-amd64/libvorbis0a_1.1.0-2_amd64.deb oldstable/main/binary-amd64/libvorbis-dev_1.1.0-2_amd64.deb oldstable/main/binary-amd64/libvorbisenc2_1.1.0-2_amd64.deb oldstable/main/binary-amd64/libvorbisfile3_1.1.0-2_amd64.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-alpha/libvorbis-dev_1.1.0-2_alpha.deb oldstable/main/binary-alpha/libvorbisenc2_1.1.0-2_alpha.deb oldstable/main/binary-alpha/libvorbis0a_1.1.0-2_alpha.deb oldstable/main/binary-alpha/libvorbisfile3_1.1.0-2_alpha.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-i386/libvorbisfile3_1.1.0-2_i386.deb oldstable/main/binary-i386/libvorbisenc2_1.1.0-2_i386.deb oldstable/main/binary-i386/libvorbis-dev_1.1.0-2_i386.deb oldstable/main/binary-i386/libvorbis0a_1.1.0-2_i386.deb oldstable/main/source/libvorbis_1.1.0-2.diff.gz oldstable/main/source/libvorbis_1.1.0-2.dsc libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-sparc/libnet-dns-perl_0.48-1sarge1_sparc.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-s390/libnet-dns-perl_0.48-1sarge1_s390.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-powerpc/libnet-dns-perl_0.48-1sarge1_powerpc.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-mipsel/libnet-dns-perl_0.48-1sarge1_mipsel.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-mips/libnet-dns-perl_0.48-1sarge1_mips.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-m68k/libnet-dns-perl_0.48-1sarge1_m68k.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-ia64/libnet-dns-perl_0.48-1sarge1_ia64.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-hppa/libnet-dns-perl_0.48-1sarge1_hppa.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-arm/libnet-dns-perl_0.48-1sarge1_arm.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-amd64/libnet-dns-perl_0.48-1sarge1_amd64.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-alpha/libnet-dns-perl_0.48-1sarge1_alpha.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/source/libnet-dns-perl_0.48-1sarge1.diff.gz oldstable/main/binary-i386/libnet-dns-perl_0.48-1sarge1_i386.deb oldstable/main/source/libnet-dns-perl_0.48-1sarge1.dsc libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-sparc/libexif-dev_0.6.9-6sarge2_sparc.deb oldstable/main/binary-sparc/libexif10_0.6.9-6sarge2_sparc.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-s390/libexif10_0.6.9-6sarge2_s390.deb oldstable/main/binary-s390/libexif-dev_0.6.9-6sarge2_s390.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-powerpc/libexif10_0.6.9-6sarge2_powerpc.deb oldstable/main/binary-powerpc/libexif-dev_0.6.9-6sarge2_powerpc.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-mipsel/libexif-dev_0.6.9-6sarge2_mipsel.deb oldstable/main/binary-mipsel/libexif10_0.6.9-6sarge2_mipsel.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-mips/libexif-dev_0.6.9-6sarge2_mips.deb oldstable/main/binary-mips/libexif10_0.6.9-6sarge2_mips.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-m68k/libexif-dev_0.6.9-6sarge2_m68k.deb oldstable/main/binary-m68k/libexif10_0.6.9-6sarge2_m68k.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-ia64/libexif-dev_0.6.9-6sarge2_ia64.deb oldstable/main/binary-ia64/libexif10_0.6.9-6sarge2_ia64.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-hppa/libexif-dev_0.6.9-6sarge2_hppa.deb oldstable/main/binary-hppa/libexif10_0.6.9-6sarge2_hppa.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-arm/libexif-dev_0.6.9-6sarge2_arm.deb oldstable/main/binary-arm/libexif10_0.6.9-6sarge2_arm.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-amd64/libexif-dev_0.6.9-6sarge2_amd64.deb oldstable/main/binary-amd64/libexif10_0.6.9-6sarge2_amd64.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-alpha/libexif-dev_0.6.9-6sarge2_alpha.deb oldstable/main/binary-alpha/libexif10_0.6.9-6sarge2_alpha.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-i386/libexif10_0.6.9-6sarge2_i386.deb oldstable/main/source/libexif_0.6.9-6sarge2.dsc oldstable/main/binary-i386/libexif-dev_0.6.9-6sarge2_i386.deb oldstable/main/source/libexif_0.6.9-6sarge2.diff.gz libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-sparc/libkrb5-dev_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/krb5-telnetd_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/krb5-ftpd_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/krb5-rsh-server_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/krb5-admin-server_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/libkadm55_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/krb5-kdc_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/krb5-user_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/krb5-clients_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/libkrb53_1.3.6-2sarge6_sparc.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-s390/krb5-clients_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/krb5-user_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/krb5-telnetd_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/krb5-ftpd_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/libkrb5-dev_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/krb5-admin-server_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/libkrb53_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/krb5-rsh-server_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/libkadm55_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/krb5-kdc_1.3.6-2sarge6_s390.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-powerpc/krb5-rsh-server_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/krb5-clients_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/krb5-admin-server_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/krb5-user_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/krb5-ftpd_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/libkadm55_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/libkrb5-dev_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/libkrb53_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/krb5-telnetd_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/krb5-kdc_1.3.6-2sarge6_powerpc.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-mipsel/krb5-user_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/krb5-admin-server_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/krb5-telnetd_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/krb5-clients_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/krb5-rsh-server_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/libkrb53_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/krb5-ftpd_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/krb5-kdc_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/libkadm55_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/libkrb5-dev_1.3.6-2sarge6_mipsel.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-mips/krb5-user_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/libkadm55_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/krb5-ftpd_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/libkrb5-dev_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/krb5-kdc_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/krb5-admin-server_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/krb5-clients_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/krb5-rsh-server_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/libkrb53_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/krb5-telnetd_1.3.6-2sarge6_mips.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-m68k/libkadm55_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/libkrb5-dev_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/krb5-ftpd_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/krb5-kdc_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/krb5-rsh-server_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/libkrb53_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/krb5-user_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/krb5-clients_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/krb5-telnetd_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/krb5-admin-server_1.3.6-2sarge6_m68k.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-ia64/krb5-rsh-server_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/krb5-clients_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/libkrb53_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/krb5-user_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/libkadm55_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/krb5-telnetd_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/krb5-ftpd_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/krb5-admin-server_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/libkrb5-dev_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/krb5-kdc_1.3.6-2sarge6_ia64.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-hppa/krb5-admin-server_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/krb5-telnetd_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/krb5-ftpd_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/libkrb5-dev_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/libkadm55_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/krb5-kdc_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/libkrb53_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/krb5-rsh-server_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/krb5-user_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/krb5-clients_1.3.6-2sarge6_hppa.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-arm/krb5-kdc_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/libkrb5-dev_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/libkadm55_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/krb5-ftpd_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/krb5-telnetd_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/krb5-clients_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/krb5-user_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/krb5-rsh-server_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/libkrb53_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/krb5-admin-server_1.3.6-2sarge6_arm.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-amd64/krb5-user_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/libkadm55_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/krb5-kdc_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/krb5-admin-server_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/krb5-telnetd_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/libkrb53_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/krb5-rsh-server_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/krb5-ftpd_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/libkrb5-dev_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/krb5-clients_1.3.6-2sarge6_amd64.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-alpha/krb5-admin-server_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/libkrb53_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/libkadm55_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/krb5-ftpd_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/krb5-rsh-server_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/libkrb5-dev_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/krb5-telnetd_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/krb5-user_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/krb5-clients_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/krb5-kdc_1.3.6-2sarge6_alpha.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/source/krb5_1.3.6-2sarge6.diff.gz oldstable/main/binary-i386/krb5-kdc_1.3.6-2sarge6_i386.deb oldstable/main/binary-i386/libkadm55_1.3.6-2sarge6_i386.deb oldstable/main/source/krb5_1.3.6-2sarge6.dsc oldstable/main/binary-i386/krb5-ftpd_1.3.6-2sarge6_i386.deb oldstable/main/binary-all/krb5-doc_1.3.6-2sarge6_all.deb oldstable/main/binary-i386/libkrb53_1.3.6-2sarge6_i386.deb oldstable/main/binary-i386/krb5-user_1.3.6-2sarge6_i386.deb oldstable/main/binary-i386/krb5-admin-server_1.3.6-2sarge6_i386.deb oldstable/main/binary-i386/libkrb5-dev_1.3.6-2sarge6_i386.deb oldstable/main/binary-i386/krb5-clients_1.3.6-2sarge6_i386.deb oldstable/main/binary-i386/krb5-telnetd_1.3.6-2sarge6_i386.deb oldstable/main/binary-i386/krb5-rsh-server_1.3.6-2sarge6_i386.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-all/kernel-source-2.6.8_2.6.8-17sarge1_all.deb oldstable/main/binary-all/kernel-tree-2.6.8_2.6.8-17sarge1_all.deb oldstable/main/source/kernel-source-2.6.8_2.6.8-17sarge1.dsc oldstable/main/binary-all/kernel-patch-debian-2.6.8_2.6.8-17sarge1_all.deb oldstable/main/source/kernel-source-2.6.8_2.6.8-17sarge1.diff.gz oldstable/main/binary-all/kernel-doc-2.6.8_2.6.8-17sarge1_all.deb kernel-source-2.6.8 (2.6.8-17sarge1) oldstable-security; urgency=high * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/source/kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.dsc oldstable/main/binary-powerpc/kernel-headers-2.6.8-4_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb oldstable/main/source/kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.tar.gz oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb kernel-patch-powerpc-2.6.8 (2.6.8-13sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-sparc/kernel-image-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb oldstable/main/binary-sparc/kernel-image-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6.8-4_2.6.8-16sarge1_sparc.deb oldstable/main/binary-sparc/kernel-image-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb oldstable/main/source/kernel-image-2.6.8-sparc_2.6.8-16sarge1.tar.gz oldstable/main/source/kernel-image-2.6.8-sparc_2.6.8-16sarge1.dsc oldstable/main/binary-sparc/kernel-headers-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb oldstable/main/binary-sparc/kernel-build-2.6.8-4_2.6.8-16sarge1_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb kernel-image-2.6.8-sparc (2.6.8-16sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-s390/kernel-image-2.6.8-4-s390x_2.6.8-6sarge1_s390.deb oldstable/main/source/kernel-image-2.6.8-s390_2.6.8-6sarge1.tar.gz oldstable/main/binary-all/kernel-patch-2.6.8-s390_2.6.8-6sarge1_all.deb oldstable/main/binary-s390/kernel-headers-2.6.8-4_2.6.8-6sarge1_s390.deb oldstable/main/source/kernel-image-2.6.8-s390_2.6.8-6sarge1.dsc oldstable/main/binary-s390/kernel-image-2.6.8-4-s390_2.6.8-6sarge1_s390.deb oldstable/main/binary-s390/kernel-image-2.6.8-4-s390-tape_2.6.8-6sarge1_s390.deb kernel-image-2.6.8-s390 (2.6.8-6sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-m68k/kernel-image-2.6.8-sun3_2.6.8-5sarge1_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-mvme16x_2.6.8-5sarge1_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-q40_2.6.8-5sarge1_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-atari_2.6.8-5sarge1_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-amiga_2.6.8-5sarge1_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-hp_2.6.8-5sarge1_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-mvme147_2.6.8-5sarge1_m68k.deb oldstable/main/source/kernel-image-2.6.8-m68k_2.6.8-5sarge1.tar.gz oldstable/main/binary-m68k/kernel-image-2.6.8-bvme6000_2.6.8-5sarge1_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-mac_2.6.8-5sarge1_m68k.deb oldstable/main/source/kernel-image-2.6.8-m68k_2.6.8-5sarge1.dsc kernel-image-2.6.8-m68k (2.6.8-5sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-ia64/kernel-image-2.6.8-4-itanium_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-mckinley-smp_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-mckinley_2.6.8-15sarge1_ia64.deb oldstable/main/source/kernel-image-2.6.8-ia64_2.6.8-15sarge1.dsc oldstable/main/binary-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6-itanium_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-itanium_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-mckinley_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-itanium_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-itanium-smp_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-itanium-smp_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6-itanium-smp_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6-mckinley_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6.8-4-mckinley_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6.8-4-itanium-smp_2.6.8-15sarge1_ia64.deb oldstable/main/source/kernel-image-2.6.8-ia64_2.6.8-15sarge1.tar.gz oldstable/main/binary-ia64/kernel-image-2.6.8-4-mckinley-smp_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-mckinley-smp_2.6.8-15sarge1_ia64.deb kernel-image-2.6.8-ia64 (2.6.8-15sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/source/kernel-image-2.6.8-i386_2.6.8-17sarge1.dsc oldstable/main/binary-i386/kernel-headers-2.6.8-4-k7-smp_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-386_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-k7-smp_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-k7_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-686_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4_2.6.8-17sarge1_i386.deb oldstable/main/source/kernel-image-2.6.8-i386_2.6.8-17sarge1.tar.gz oldstable/main/binary-i386/kernel-image-2.6.8-4-686-smp_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-686_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-386_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-k7_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-686-smp_2.6.8-17sarge1_i386.deb kernel-image-2.6.8-i386 (2.6.8-17sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-hppa/kernel-headers-2.6.8-4_2.6.8-7sarge1_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6.8-4-64_2.6.8-7sarge1_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6.8-4-64-smp_2.6.8-7sarge1_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6.8-4-64-smp_2.6.8-7sarge1_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6.8-4-32-smp_2.6.8-7sarge1_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6.8-4-32-smp_2.6.8-7sarge1_hppa.deb oldstable/main/source/kernel-image-2.6.8-hppa_2.6.8-7sarge1.dsc oldstable/main/binary-hppa/kernel-image-2.6.8-4-32_2.6.8-7sarge1_hppa.deb oldstable/main/source/kernel-image-2.6.8-hppa_2.6.8-7sarge1.tar.gz oldstable/main/binary-hppa/kernel-headers-2.6.8-4-64_2.6.8-7sarge1_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6.8-4-32_2.6.8-7sarge1_hppa.deb kernel-image-2.6.8-hppa (2.6.8-7sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6.8-13_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_amd64.deb kernel-image-2.6.8-amd64 (2.6.8-17sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-i386/kernel-headers-2.6.8-13_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb oldstable/main/source/kernel-image-2.6.8-amd64_2.6.8-17sarge1.tar.gz oldstable/main/source/kernel-image-2.6.8-amd64_2.6.8-17sarge1.dsc kernel-image-2.6.8-amd64 (2.6.8-17sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-alpha/kernel-headers-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb oldstable/main/binary-alpha/kernel-image-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb oldstable/main/source/kernel-image-2.6.8-alpha_2.6.8-17sarge1.tar.gz oldstable/main/binary-alpha/kernel-image-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb oldstable/main/binary-alpha/kernel-headers-2.6.8-4_2.6.8-17sarge1_alpha.deb oldstable/main/source/kernel-image-2.6.8-alpha_2.6.8-17sarge1.dsc oldstable/main/binary-alpha/kernel-headers-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb kernel-image-2.6.8-alpha (2.6.8-17sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/source/horde3_3.0.4-4sarge7.dsc oldstable/main/binary-all/horde3_3.0.4-4sarge7_all.deb oldstable/main/source/horde3_3.0.4-4sarge7.diff.gz horde3 (3.0.4-4sarge7) oldstable-security; urgency=high * Fix arbitrary file inclusion through abuse of the theme preference (see CVE-2008-1284 for more informations). (Closes: #470640) oldstable/main/binary-sparc/gs-gpl_8.01-6_sparc.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-s390/gs-gpl_8.01-6_s390.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-powerpc/gs-gpl_8.01-6_powerpc.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-mipsel/gs-gpl_8.01-6_mipsel.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-mips/gs-gpl_8.01-6_mips.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-m68k/gs-gpl_8.01-6_m68k.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-ia64/gs-gpl_8.01-6_ia64.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-hppa/gs-gpl_8.01-6_hppa.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-arm/gs-gpl_8.01-6_arm.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-amd64/gs-gpl_8.01-6_amd64.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-alpha/gs-gpl_8.01-6_alpha.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-i386/gs-gpl_8.01-6_i386.deb oldstable/main/source/gs-gpl_8.01-6.diff.gz oldstable/main/binary-all/gs_8.01-6_all.deb oldstable/main/source/gs-gpl_8.01-6.dsc gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-sparc/gs-esp_7.07.1-9sarge1_sparc.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-s390/gs-esp_7.07.1-9sarge1_s390.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-powerpc/gs-esp_7.07.1-9sarge1_powerpc.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-mipsel/gs-esp_7.07.1-9sarge1_mipsel.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-mips/gs-esp_7.07.1-9sarge1_mips.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-m68k/gs-esp_7.07.1-9sarge1_m68k.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-ia64/gs-esp_7.07.1-9sarge1_ia64.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-hppa/gs-esp_7.07.1-9sarge1_hppa.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-arm/gs-esp_7.07.1-9sarge1_arm.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-amd64/gs-esp_7.07.1-9sarge1_amd64.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-alpha/gs-esp_7.07.1-9sarge1_alpha.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-i386/gs-esp_7.07.1-9sarge1_i386.deb oldstable/main/source/gs-esp_7.07.1-9sarge1.dsc oldstable/main/source/gs-esp_7.07.1-9sarge1.diff.gz gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-all/gforge-web-apache_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-lists-mailman_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-ftp-proftpd_3.1-31sarge5_all.deb oldstable/main/source/gforge_3.1-31sarge5.diff.gz oldstable/main/source/gforge_3.1-31sarge5.dsc oldstable/main/binary-all/gforge-sourceforge-transition_3.1-31sarge5_all.deb oldstable/main/binary-all/sourceforge_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-mta-exim4_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-db-postgresql_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-common_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-dns-bind9_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-cvs_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-mta-exim_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-shell-ldap_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-mta-postfix_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-ldap-openldap_3.1-31sarge5_all.deb gforge (3.1-31sarge5) oldstable-security; urgency=high * Fixed SQL injection vulnerability due to insufficient input sanitizing (CVE-2008-0173). oldstable/main/binary-sparc/libflac6_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/liboggflac++0c102_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/flac_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/libflac++4_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/libflac++-dev_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/xmms-flac_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/liboggflac++-dev_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/liboggflac1_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/liboggflac-dev_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/libflac-dev_1.1.1-5sarge1_sparc.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-s390/liboggflac-dev_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/xmms-flac_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/liboggflac++0c102_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/libflac-dev_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/liboggflac1_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/flac_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/libflac6_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/liboggflac++-dev_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/libflac++-dev_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/libflac++4_1.1.1-5sarge1_s390.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-powerpc/libflac6_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/libflac-dev_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/flac_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/liboggflac1_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/liboggflac-dev_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/liboggflac++-dev_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/libflac++4_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/xmms-flac_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/liboggflac++0c102_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/libflac++-dev_1.1.1-5sarge1_powerpc.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-mipsel/liboggflac-dev_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/liboggflac++0c102_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/liboggflac1_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/libflac++4_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/libflac6_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/libflac-dev_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/liboggflac++-dev_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/libflac++-dev_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/flac_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/xmms-flac_1.1.1-5sarge1_mipsel.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-mips/liboggflac++0c102_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/liboggflac1_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/libflac6_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/liboggflac-dev_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/libflac++4_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/xmms-flac_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/flac_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/libflac++-dev_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/libflac-dev_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/liboggflac++-dev_1.1.1-5sarge1_mips.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-m68k/flac_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/libflac++-dev_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/liboggflac-dev_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/liboggflac1_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/liboggflac++0c102_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/liboggflac++-dev_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/libflac-dev_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/xmms-flac_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/libflac6_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/libflac++4_1.1.1-5sarge1_m68k.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-ia64/libflac6_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/libflac++-dev_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/xmms-flac_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/libflac-dev_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/liboggflac++0c102_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/liboggflac-dev_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/liboggflac1_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/libflac++4_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/liboggflac++-dev_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/flac_1.1.1-5sarge1_ia64.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-hppa/liboggflac-dev_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/libflac-dev_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/liboggflac++-dev_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/libflac++-dev_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/liboggflac++0c102_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/libflac++4_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/liboggflac1_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/libflac6_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/xmms-flac_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/flac_1.1.1-5sarge1_hppa.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-arm/liboggflac++-dev_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/liboggflac1_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/libflac++4_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/flac_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/xmms-flac_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/liboggflac++0c102_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/libflac++-dev_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/liboggflac-dev_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/libflac6_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/libflac-dev_1.1.1-5sarge1_arm.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-amd64/liboggflac1_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/libflac++4_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/liboggflac++-dev_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/libflac++-dev_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/liboggflac++0c102_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/flac_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/libflac6_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/libflac-dev_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/xmms-flac_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/liboggflac-dev_1.1.1-5sarge1_amd64.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-alpha/xmms-flac_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/liboggflac-dev_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/libflac6_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/liboggflac++0c102_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/liboggflac1_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/flac_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/liboggflac++-dev_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/libflac-dev_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/libflac++4_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/libflac++-dev_1.1.1-5sarge1_alpha.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-i386/liboggflac-dev_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/libflac6_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/libflac-dev_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/flac_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/libflac++4_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/liboggflac++-dev_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/liboggflac1_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/libflac++-dev_1.1.1-5sarge1_i386.deb oldstable/main/source/flac_1.1.1-5sarge1.diff.gz oldstable/main/source/flac_1.1.1-5sarge1.dsc oldstable/main/binary-i386/xmms-flac_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/liboggflac++0c102_1.1.1-5sarge1_i386.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/source/fai-kernels_1.9.1sarge7.1.tar.gz oldstable/main/source/fai-kernels_1.9.1sarge7.1.dsc oldstable/main/binary-i386/fai-kernels_1.9.1sarge7.1_i386.deb fai-kernels (1.9.1sarge7.1) oldstable; urgency=high * Build against kernel-tree-2.6.8-17sarge1: * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-sparc/exiftags_0.98-1.1+0sarge1_sparc.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-s390/exiftags_0.98-1.1+0sarge1_s390.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-powerpc/exiftags_0.98-1.1+0sarge1_powerpc.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-mipsel/exiftags_0.98-1.1+0sarge1_mipsel.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-mips/exiftags_0.98-1.1+0sarge1_mips.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-m68k/exiftags_0.98-1.1+0sarge1_m68k.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-ia64/exiftags_0.98-1.1+0sarge1_ia64.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-hppa/exiftags_0.98-1.1+0sarge1_hppa.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-arm/exiftags_0.98-1.1+0sarge1_arm.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-amd64/exiftags_0.98-1.1+0sarge1_amd64.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-alpha/exiftags_0.98-1.1+0sarge1_alpha.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/source/exiftags_0.98-1.1+0sarge1.diff.gz oldstable/main/binary-i386/exiftags_0.98-1.1+0sarge1_i386.deb oldstable/main/source/exiftags_0.98-1.1+0sarge1.dsc exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-sparc/evolution-dev_2.0.4-2sarge3_sparc.deb oldstable/main/binary-sparc/evolution_2.0.4-2sarge3_sparc.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-s390/evolution-dev_2.0.4-2sarge3_s390.deb oldstable/main/binary-s390/evolution_2.0.4-2sarge3_s390.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-powerpc/evolution-dev_2.0.4-2sarge3_powerpc.deb oldstable/main/binary-powerpc/evolution_2.0.4-2sarge3_powerpc.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-mipsel/evolution_2.0.4-2sarge3_mipsel.deb oldstable/main/binary-mipsel/evolution-dev_2.0.4-2sarge3_mipsel.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-mips/evolution_2.0.4-2sarge3_mips.deb oldstable/main/binary-mips/evolution-dev_2.0.4-2sarge3_mips.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-m68k/evolution-dev_2.0.4-2sarge3_m68k.deb oldstable/main/binary-m68k/evolution_2.0.4-2sarge3_m68k.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-ia64/evolution_2.0.4-2sarge3_ia64.deb oldstable/main/binary-ia64/evolution-dev_2.0.4-2sarge3_ia64.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-hppa/evolution-dev_2.0.4-2sarge3_hppa.deb oldstable/main/binary-hppa/evolution_2.0.4-2sarge3_hppa.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-arm/evolution_2.0.4-2sarge3_arm.deb oldstable/main/binary-arm/evolution-dev_2.0.4-2sarge3_arm.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-amd64/evolution-dev_2.0.4-2sarge3_amd64.deb oldstable/main/binary-amd64/evolution_2.0.4-2sarge3_amd64.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-alpha/evolution-dev_2.0.4-2sarge3_alpha.deb oldstable/main/binary-alpha/evolution_2.0.4-2sarge3_alpha.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/source/evolution_2.0.4-2sarge3.dsc oldstable/main/source/evolution_2.0.4-2sarge3.diff.gz oldstable/main/binary-i386/evolution-dev_2.0.4-2sarge3_i386.deb oldstable/main/binary-i386/evolution_2.0.4-2sarge3_i386.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-sparc/ethereal-common_0.10.10-2sarge11_sparc.deb oldstable/main/binary-sparc/ethereal-dev_0.10.10-2sarge11_sparc.deb oldstable/main/binary-sparc/tethereal_0.10.10-2sarge11_sparc.deb oldstable/main/binary-sparc/ethereal_0.10.10-2sarge11_sparc.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-s390/ethereal-common_0.10.10-2sarge11_s390.deb oldstable/main/binary-s390/ethereal-dev_0.10.10-2sarge11_s390.deb oldstable/main/binary-s390/tethereal_0.10.10-2sarge11_s390.deb oldstable/main/binary-s390/ethereal_0.10.10-2sarge11_s390.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-powerpc/ethereal-common_0.10.10-2sarge11_powerpc.deb oldstable/main/binary-powerpc/ethereal_0.10.10-2sarge11_powerpc.deb oldstable/main/binary-powerpc/tethereal_0.10.10-2sarge11_powerpc.deb oldstable/main/binary-powerpc/ethereal-dev_0.10.10-2sarge11_powerpc.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-mipsel/tethereal_0.10.10-2sarge11_mipsel.deb oldstable/main/binary-mipsel/ethereal-dev_0.10.10-2sarge11_mipsel.deb oldstable/main/binary-mipsel/ethereal_0.10.10-2sarge11_mipsel.deb oldstable/main/binary-mipsel/ethereal-common_0.10.10-2sarge11_mipsel.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-mips/ethereal-common_0.10.10-2sarge11_mips.deb oldstable/main/binary-mips/ethereal_0.10.10-2sarge11_mips.deb oldstable/main/binary-mips/ethereal-dev_0.10.10-2sarge11_mips.deb oldstable/main/binary-mips/tethereal_0.10.10-2sarge11_mips.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-m68k/ethereal_0.10.10-2sarge11_m68k.deb oldstable/main/binary-m68k/ethereal-common_0.10.10-2sarge11_m68k.deb oldstable/main/binary-m68k/tethereal_0.10.10-2sarge11_m68k.deb oldstable/main/binary-m68k/ethereal-dev_0.10.10-2sarge11_m68k.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-ia64/ethereal-dev_0.10.10-2sarge11_ia64.deb oldstable/main/binary-ia64/tethereal_0.10.10-2sarge11_ia64.deb oldstable/main/binary-ia64/ethereal_0.10.10-2sarge11_ia64.deb oldstable/main/binary-ia64/ethereal-common_0.10.10-2sarge11_ia64.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-hppa/ethereal-dev_0.10.10-2sarge11_hppa.deb oldstable/main/binary-hppa/ethereal-common_0.10.10-2sarge11_hppa.deb oldstable/main/binary-hppa/tethereal_0.10.10-2sarge11_hppa.deb oldstable/main/binary-hppa/ethereal_0.10.10-2sarge11_hppa.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-arm/ethereal-common_0.10.10-2sarge11_arm.deb oldstable/main/binary-arm/ethereal-dev_0.10.10-2sarge11_arm.deb oldstable/main/binary-arm/tethereal_0.10.10-2sarge11_arm.deb oldstable/main/binary-arm/ethereal_0.10.10-2sarge11_arm.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-amd64/ethereal_0.10.10-2sarge11_amd64.deb oldstable/main/binary-amd64/ethereal-common_0.10.10-2sarge11_amd64.deb oldstable/main/binary-amd64/tethereal_0.10.10-2sarge11_amd64.deb oldstable/main/binary-amd64/ethereal-dev_0.10.10-2sarge11_amd64.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-alpha/ethereal-common_0.10.10-2sarge11_alpha.deb oldstable/main/binary-alpha/ethereal_0.10.10-2sarge11_alpha.deb oldstable/main/binary-alpha/tethereal_0.10.10-2sarge11_alpha.deb oldstable/main/binary-alpha/ethereal-dev_0.10.10-2sarge11_alpha.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-i386/tethereal_0.10.10-2sarge11_i386.deb oldstable/main/source/ethereal_0.10.10-2sarge11.diff.gz oldstable/main/binary-i386/ethereal-dev_0.10.10-2sarge11_i386.deb oldstable/main/binary-i386/ethereal_0.10.10-2sarge11_i386.deb oldstable/main/binary-i386/ethereal-common_0.10.10-2sarge11_i386.deb oldstable/main/source/ethereal_0.10.10-2sarge11.dsc ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-sparc/eggdrop_1.6.17-3sarge1_sparc.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-s390/eggdrop_1.6.17-3sarge1_s390.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-powerpc/eggdrop_1.6.17-3sarge1_powerpc.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-mipsel/eggdrop_1.6.17-3sarge1_mipsel.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-mips/eggdrop_1.6.17-3sarge1_mips.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-m68k/eggdrop_1.6.17-3sarge1_m68k.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-ia64/eggdrop_1.6.17-3sarge1_ia64.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-hppa/eggdrop_1.6.17-3sarge1_hppa.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-arm/eggdrop_1.6.17-3sarge1_arm.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-amd64/eggdrop_1.6.17-3sarge1_amd64.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-alpha/eggdrop_1.6.17-3sarge1_alpha.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-all/eggdrop-data_1.6.17-3sarge1_all.deb oldstable/main/source/eggdrop_1.6.17-3sarge1.dsc oldstable/main/binary-i386/eggdrop_1.6.17-3sarge1_i386.deb oldstable/main/source/eggdrop_1.6.17-3sarge1.diff.gz eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/source/debian-goodies_0.23+sarge1.tar.gz oldstable/main/source/debian-goodies_0.23+sarge1.dsc oldstable/main/binary-all/debian-goodies_0.23+sarge1_all.deb debian-goodies (0.23+sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix security bug that enables users to generate files in the filesystem with shell metacharacters and have the checkrestart script run external code (as root, since the script will only run as admin). (CVE-2007-3912, closes: 440411) oldstable/main/source/backup-manager_0.5.7-1sarge2.dsc oldstable/main/binary-all/backup-manager_0.5.7-1sarge2_all.deb oldstable/main/source/backup-manager_0.5.7-1sarge2.diff.gz backup-manager (0.5.7-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix FTP password disclosure during FTP uploads, based on maintainer-supplied patch. Closes: #439392. CVE-2007-4656 oldstable/main/binary-i386/alsa-modules-2.4-386_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4-686-smp_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4-k7_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4.27-3-k6_1.0.8+2sarge1.1_i386.deb oldstable/main/source/alsa-modules-i386_1.0.8+2sarge1.1.dsc oldstable/main/binary-i386/alsa-modules-2.4.27-3-k7-smp_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4-686_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4.27-3-386_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4-586tsc_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4.27-3-686-smp_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4-k6_1.0.8+2sarge1.1_i386.deb oldstable/main/source/alsa-modules-i386_1.0.8+2sarge1.1.tar.gz oldstable/main/binary-i386/alsa-modules-2.4.27-3-k7_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4-k7-smp_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4.27-3-686_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4.27-3-586tsc_1.0.8+2sarge1.1_i386.deb alsa-modules-i386 (1.0.8+2sarge1.1) oldstable; urgency=high * Rebuild against alsa-driver_1.0.8-7sarge1: * NMU by the Security Team * 20_snd-page-alloc-leak.dpatch: Fix an issue in the alsa subsystem that allows a local user to read potentially sensitive kernel memory from the proc filesystem. See CVE-2007-4571 oldstable/main/source/alsa-driver_1.0.8-7sarge1.dsc oldstable/main/source/alsa-driver_1.0.8-7sarge1.diff.gz oldstable/main/binary-all/alsa-source_1.0.8-7sarge1_all.deb oldstable/main/binary-all/alsa-base_1.0.8-7sarge1_all.deb oldstable/main/binary-all/alsa-headers_1.0.8-7sarge1_all.deb alsa-driver (1.0.8-7sarge1) oldstable-security; urgency=high * NMU by the Security Team * 20_snd-page-alloc-leak.dpatch: Fix an issue in the alsa subsystem that allows a local user to read potentially sensitive kernel memory from the proc filesystem. See CVE-2007-4571 Removals: flyspray | 0.9.7-2.1 | source, all Closed bugs: 459345 ------------------- Reason ------------------- RoM: security nightmare, unsupported upstream, not in unstable anymore ---------------------------------------------- flashplugin-nonfree | 7.0.25-5 | source, i386 Closed bugs: 473556 ------------------- Reason ------------------- RoSRM; security nightmare ---------------------------------------------- ========================================= Thu, 27 Dec 2007 - Debian 3.1r7 released ========================================= oldstable/main/binary-arm/adesklets_0.4.7-1_arm.deb adesklets (0.4.7-1) unstable; urgency=low * New upstream release. oldstable/main/binary-mipsel/agenda.app_0.1-2_mipsel.deb agenda.app (0.1-2) unstable; urgency=low * Updated debian/control build-depends for GNUstep 0.9.4. * Renamed source package to agenda.app. * Fixed debian/copyright. oldstable/main/binary-arm/libantlr-dev_2.7.2-6_arm.deb antlr (2.7.2-6) unstable; urgency=low * changed debhelper compatibility level to 4 * added versioned dependency on debhelper oldstable/main/binary-alpha/apache2-common_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/apache2-utils_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/apache2-mpm-worker_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/apache2-mpm-perchild_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/apache2-mpm-prefork_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/apache2-prefork-dev_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/apache2-threaded-dev_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/libapr0_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/libapr0-dev_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/apache2_2.0.54-5sarge2_alpha.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-arm/apache2-common_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/apache2-utils_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/apache2-mpm-worker_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/apache2-mpm-perchild_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/apache2-mpm-prefork_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/apache2-prefork-dev_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/apache2-threaded-dev_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/libapr0_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/libapr0-dev_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/apache2_2.0.54-5sarge2_arm.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-hppa/apache2-common_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/apache2-utils_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/apache2-mpm-worker_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/apache2-mpm-perchild_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/apache2-mpm-prefork_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/apache2-prefork-dev_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/apache2-threaded-dev_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/libapr0_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/libapr0-dev_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/apache2_2.0.54-5sarge2_hppa.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/source/apache2_2.0.54-5sarge2.dsc oldstable/main/source/apache2_2.0.54-5sarge2.diff.gz oldstable/main/binary-all/apache2-mpm-threadpool_2.0.54-5sarge2_all.deb oldstable/main/binary-all/apache2-doc_2.0.54-5sarge2_all.deb oldstable/main/binary-i386/apache2-common_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/apache2-utils_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/apache2-mpm-worker_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/apache2-mpm-perchild_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/apache2-mpm-prefork_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/apache2-prefork-dev_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/apache2-threaded-dev_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/libapr0_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/libapr0-dev_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/apache2_2.0.54-5sarge2_i386.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-ia64/apache2-common_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/apache2-utils_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/apache2-mpm-worker_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/apache2-mpm-perchild_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/apache2-mpm-prefork_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/apache2-prefork-dev_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/apache2-threaded-dev_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/libapr0_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/libapr0-dev_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/apache2_2.0.54-5sarge2_ia64.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-m68k/apache2-common_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/apache2-utils_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/apache2-mpm-worker_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/apache2-mpm-perchild_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/apache2-mpm-prefork_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/apache2-prefork-dev_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/apache2-threaded-dev_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/libapr0_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/libapr0-dev_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/apache2_2.0.54-5sarge2_m68k.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-mips/apache2-common_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/apache2-utils_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/apache2-mpm-worker_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/apache2-mpm-perchild_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/apache2-mpm-prefork_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/apache2-prefork-dev_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/apache2-threaded-dev_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/libapr0_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/libapr0-dev_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/apache2_2.0.54-5sarge2_mips.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-mipsel/apache2-common_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/apache2-utils_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/apache2-mpm-worker_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/apache2-mpm-perchild_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/apache2-mpm-prefork_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/apache2-prefork-dev_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/apache2-threaded-dev_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/libapr0_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/libapr0-dev_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/apache2_2.0.54-5sarge2_mipsel.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-powerpc/apache2-common_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/apache2-utils_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/apache2-mpm-worker_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/apache2-mpm-perchild_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/apache2-mpm-prefork_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/apache2-prefork-dev_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/apache2-threaded-dev_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/libapr0_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/libapr0-dev_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/apache2_2.0.54-5sarge2_powerpc.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-s390/apache2-common_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/apache2-utils_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/apache2-mpm-worker_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/apache2-mpm-perchild_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/apache2-mpm-prefork_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/apache2-prefork-dev_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/apache2-threaded-dev_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/libapr0_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/libapr0-dev_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/apache2_2.0.54-5sarge2_s390.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-sparc/apache2-common_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/apache2-utils_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/apache2-mpm-worker_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/apache2-mpm-perchild_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/apache2-mpm-prefork_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/apache2-prefork-dev_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/apache2-threaded-dev_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/libapr0_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/libapr0-dev_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/apache2_2.0.54-5sarge2_sparc.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-alpha/asterisk_1.0.7.dfsg.1-2sarge5_alpha.deb oldstable/main/binary-alpha/asterisk-h323_1.0.7.dfsg.1-2sarge5_alpha.deb oldstable/main/binary-alpha/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_alpha.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-amd64/asterisk_1.0.7.dfsg.1-2sarge5_amd64.deb oldstable/main/binary-amd64/asterisk-h323_1.0.7.dfsg.1-2sarge5_amd64.deb oldstable/main/binary-amd64/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_amd64.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-arm/asterisk_1.0.7.dfsg.1-2sarge5_arm.deb oldstable/main/binary-arm/asterisk-h323_1.0.7.dfsg.1-2sarge5_arm.deb oldstable/main/binary-arm/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_arm.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-hppa/asterisk_1.0.7.dfsg.1-2sarge5_hppa.deb oldstable/main/binary-hppa/asterisk-h323_1.0.7.dfsg.1-2sarge5_hppa.deb oldstable/main/binary-hppa/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_hppa.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/source/asterisk_1.0.7.dfsg.1-2sarge5.dsc oldstable/main/source/asterisk_1.0.7.dfsg.1-2sarge5.diff.gz oldstable/main/binary-all/asterisk-doc_1.0.7.dfsg.1-2sarge5_all.deb oldstable/main/binary-all/asterisk-dev_1.0.7.dfsg.1-2sarge5_all.deb oldstable/main/binary-all/asterisk-sounds-main_1.0.7.dfsg.1-2sarge5_all.deb oldstable/main/binary-all/asterisk-web-vmail_1.0.7.dfsg.1-2sarge5_all.deb oldstable/main/binary-all/asterisk-config_1.0.7.dfsg.1-2sarge5_all.deb oldstable/main/binary-i386/asterisk_1.0.7.dfsg.1-2sarge5_i386.deb oldstable/main/binary-i386/asterisk-h323_1.0.7.dfsg.1-2sarge5_i386.deb oldstable/main/binary-i386/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_i386.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-ia64/asterisk_1.0.7.dfsg.1-2sarge5_ia64.deb oldstable/main/binary-ia64/asterisk-h323_1.0.7.dfsg.1-2sarge5_ia64.deb oldstable/main/binary-ia64/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_ia64.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-m68k/asterisk_1.0.7.dfsg.1-2sarge5_m68k.deb oldstable/main/binary-m68k/asterisk-h323_1.0.7.dfsg.1-2sarge5_m68k.deb oldstable/main/binary-m68k/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_m68k.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-mips/asterisk_1.0.7.dfsg.1-2sarge5_mips.deb oldstable/main/binary-mips/asterisk-h323_1.0.7.dfsg.1-2sarge5_mips.deb oldstable/main/binary-mips/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_mips.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-mipsel/asterisk_1.0.7.dfsg.1-2sarge5_mipsel.deb oldstable/main/binary-mipsel/asterisk-h323_1.0.7.dfsg.1-2sarge5_mipsel.deb oldstable/main/binary-mipsel/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_mipsel.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-powerpc/asterisk_1.0.7.dfsg.1-2sarge5_powerpc.deb oldstable/main/binary-powerpc/asterisk-h323_1.0.7.dfsg.1-2sarge5_powerpc.deb oldstable/main/binary-powerpc/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_powerpc.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-s390/asterisk_1.0.7.dfsg.1-2sarge5_s390.deb oldstable/main/binary-s390/asterisk-h323_1.0.7.dfsg.1-2sarge5_s390.deb oldstable/main/binary-s390/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_s390.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-sparc/asterisk_1.0.7.dfsg.1-2sarge5_sparc.deb oldstable/main/binary-sparc/asterisk-h323_1.0.7.dfsg.1-2sarge5_sparc.deb oldstable/main/binary-sparc/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_sparc.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-alpha/asterisk_1.0.7.dfsg.1-2sarge6_alpha.deb oldstable/main/binary-alpha/asterisk-h323_1.0.7.dfsg.1-2sarge6_alpha.deb oldstable/main/binary-alpha/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_alpha.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-amd64/asterisk_1.0.7.dfsg.1-2sarge6_amd64.deb oldstable/main/binary-amd64/asterisk-h323_1.0.7.dfsg.1-2sarge6_amd64.deb oldstable/main/binary-amd64/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_amd64.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-arm/asterisk_1.0.7.dfsg.1-2sarge6_arm.deb oldstable/main/binary-arm/asterisk-h323_1.0.7.dfsg.1-2sarge6_arm.deb oldstable/main/binary-arm/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_arm.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-hppa/asterisk_1.0.7.dfsg.1-2sarge6_hppa.deb oldstable/main/binary-hppa/asterisk-h323_1.0.7.dfsg.1-2sarge6_hppa.deb oldstable/main/binary-hppa/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_hppa.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/source/asterisk_1.0.7.dfsg.1-2sarge6.dsc oldstable/main/source/asterisk_1.0.7.dfsg.1-2sarge6.diff.gz oldstable/main/binary-all/asterisk-doc_1.0.7.dfsg.1-2sarge6_all.deb oldstable/main/binary-all/asterisk-dev_1.0.7.dfsg.1-2sarge6_all.deb oldstable/main/binary-all/asterisk-sounds-main_1.0.7.dfsg.1-2sarge6_all.deb oldstable/main/binary-all/asterisk-web-vmail_1.0.7.dfsg.1-2sarge6_all.deb oldstable/main/binary-all/asterisk-config_1.0.7.dfsg.1-2sarge6_all.deb oldstable/main/binary-i386/asterisk_1.0.7.dfsg.1-2sarge6_i386.deb oldstable/main/binary-i386/asterisk-h323_1.0.7.dfsg.1-2sarge6_i386.deb oldstable/main/binary-i386/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_i386.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-ia64/asterisk_1.0.7.dfsg.1-2sarge6_ia64.deb oldstable/main/binary-ia64/asterisk-h323_1.0.7.dfsg.1-2sarge6_ia64.deb oldstable/main/binary-ia64/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_ia64.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-m68k/asterisk_1.0.7.dfsg.1-2sarge6_m68k.deb oldstable/main/binary-m68k/asterisk-h323_1.0.7.dfsg.1-2sarge6_m68k.deb oldstable/main/binary-m68k/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_m68k.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-mips/asterisk_1.0.7.dfsg.1-2sarge6_mips.deb oldstable/main/binary-mips/asterisk-h323_1.0.7.dfsg.1-2sarge6_mips.deb oldstable/main/binary-mips/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_mips.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-mipsel/asterisk_1.0.7.dfsg.1-2sarge6_mipsel.deb oldstable/main/binary-mipsel/asterisk-h323_1.0.7.dfsg.1-2sarge6_mipsel.deb oldstable/main/binary-mipsel/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_mipsel.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-powerpc/asterisk_1.0.7.dfsg.1-2sarge6_powerpc.deb oldstable/main/binary-powerpc/asterisk-h323_1.0.7.dfsg.1-2sarge6_powerpc.deb oldstable/main/binary-powerpc/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_powerpc.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-s390/asterisk_1.0.7.dfsg.1-2sarge6_s390.deb oldstable/main/binary-s390/asterisk-h323_1.0.7.dfsg.1-2sarge6_s390.deb oldstable/main/binary-s390/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_s390.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-sparc/asterisk_1.0.7.dfsg.1-2sarge6_sparc.deb oldstable/main/binary-sparc/asterisk-h323_1.0.7.dfsg.1-2sarge6_sparc.deb oldstable/main/binary-sparc/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_sparc.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-alpha/asterisk-app-fax_0.0.20050203-4_alpha.deb oldstable/main/binary-alpha/asterisk-app-dtmftotext_0.0.20050203-4_alpha.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-arm/asterisk-app-fax_0.0.20050203-4_arm.deb oldstable/main/binary-arm/asterisk-app-dtmftotext_0.0.20050203-4_arm.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-hppa/asterisk-app-fax_0.0.20050203-4_hppa.deb oldstable/main/binary-hppa/asterisk-app-dtmftotext_0.0.20050203-4_hppa.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-ia64/asterisk-app-fax_0.0.20050203-4_ia64.deb oldstable/main/binary-ia64/asterisk-app-dtmftotext_0.0.20050203-4_ia64.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-m68k/asterisk-app-fax_0.0.20050203-4_m68k.deb oldstable/main/binary-m68k/asterisk-app-dtmftotext_0.0.20050203-4_m68k.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-mips/asterisk-app-fax_0.0.20050203-4_mips.deb oldstable/main/binary-mips/asterisk-app-dtmftotext_0.0.20050203-4_mips.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-mipsel/asterisk-app-fax_0.0.20050203-4_mipsel.deb oldstable/main/binary-mipsel/asterisk-app-dtmftotext_0.0.20050203-4_mipsel.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-powerpc/asterisk-app-fax_0.0.20050203-4_powerpc.deb oldstable/main/binary-powerpc/asterisk-app-dtmftotext_0.0.20050203-4_powerpc.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-s390/asterisk-app-fax_0.0.20050203-4_s390.deb oldstable/main/binary-s390/asterisk-app-dtmftotext_0.0.20050203-4_s390.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-sparc/asterisk-app-fax_0.0.20050203-4_sparc.deb oldstable/main/binary-sparc/asterisk-app-dtmftotext_0.0.20050203-4_sparc.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-arm/atomix_1.1.2-1_arm.deb atomix (1.1.2-1) unstable; urgency=medium * New upstream release * debian/copyright: - Fixed plural ("Upstream Author" -> "Upstream Authors") * debian/rules: - Included simple-patchsys.mk from CDBS - Made dh_fixperms ignore /usr/games, in order not to mess with the executable's permissions - Moved creation of scores file to postinst, so that we do not override it on every single upgrade * debian/patches: - 00_amd64_gcc4_ftbfs.patch: apply patch from Andreas Jochens to fix FTBFS on amd64 with gcc 4 (Closes: #301776). Thanks! oldstable/main/source/base-config_2.53.10.3.dsc oldstable/main/source/base-config_2.53.10.3.tar.gz oldstable/main/binary-all/base-config_2.53.10.3_all.deb base-config (2.53.10.3) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Update translations with thanks to translators. * Add myself to uploaders. oldstable/main/base-installer_1.13.4sarge3_alpha.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_arm.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_hppa.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/source/base-installer_1.13.4sarge3.dsc oldstable/main/source/base-installer_1.13.4sarge3.tar.gz oldstable/main/base-installer_1.13.4sarge3_i386.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_ia64.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_m68k.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_mips.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_mipsel.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_powerpc.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_s390.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_sparc.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/binary-arm/bazaar_1.1.1-1_arm.deb bazaar (1.1.1-1) unstable; urgency=low * Initial Debian Release. oldstable/main/binary-alpha/bind9_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/bind9-host_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/libbind-dev_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/libdns16_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/libisc7_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/liblwres1_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/libisccc0_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/libisccfg0_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/dnsutils_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/lwresd_9.2.4-1sarge3_alpha.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-arm/bind9_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/bind9-host_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/libbind-dev_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/libdns16_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/libisc7_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/liblwres1_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/libisccc0_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/libisccfg0_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/dnsutils_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/lwresd_9.2.4-1sarge3_arm.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-hppa/bind9_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/bind9-host_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/libbind-dev_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/libdns16_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/libisc7_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/liblwres1_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/libisccc0_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/libisccfg0_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/dnsutils_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/lwresd_9.2.4-1sarge3_hppa.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/source/bind9_9.2.4-1sarge3.dsc oldstable/main/source/bind9_9.2.4-1sarge3.diff.gz oldstable/main/binary-all/bind9-doc_9.2.4-1sarge3_all.deb oldstable/main/binary-i386/bind9_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/bind9-host_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/libbind-dev_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/libdns16_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/libisc7_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/liblwres1_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/libisccc0_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/libisccfg0_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/dnsutils_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/lwresd_9.2.4-1sarge3_i386.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-ia64/bind9_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/bind9-host_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/libbind-dev_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/libdns16_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/libisc7_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/liblwres1_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/libisccc0_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/libisccfg0_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/dnsutils_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/lwresd_9.2.4-1sarge3_ia64.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-m68k/bind9_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/bind9-host_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/libbind-dev_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/libdns16_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/libisc7_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/liblwres1_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/libisccc0_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/libisccfg0_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/dnsutils_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/lwresd_9.2.4-1sarge3_m68k.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-mips/bind9_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/bind9-host_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/libbind-dev_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/libdns16_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/libisc7_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/liblwres1_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/libisccc0_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/libisccfg0_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/dnsutils_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/lwresd_9.2.4-1sarge3_mips.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-mipsel/bind9_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/bind9-host_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/libbind-dev_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/libdns16_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/libisc7_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/liblwres1_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/libisccc0_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/libisccfg0_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/dnsutils_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/lwresd_9.2.4-1sarge3_mipsel.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-powerpc/bind9_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/bind9-host_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/libbind-dev_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/libdns16_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/libisc7_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/liblwres1_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/libisccc0_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/libisccfg0_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/dnsutils_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/lwresd_9.2.4-1sarge3_powerpc.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-s390/bind9_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/bind9-host_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/libbind-dev_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/libdns16_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/libisc7_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/liblwres1_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/libisccc0_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/libisccfg0_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/dnsutils_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/lwresd_9.2.4-1sarge3_s390.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-sparc/bind9_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/bind9-host_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/libbind-dev_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/libdns16_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/libisc7_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/liblwres1_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/libisccc0_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/libisccfg0_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/dnsutils_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/lwresd_9.2.4-1sarge3_sparc.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-alpha/bochs_2.1.1+20041109-3sarge1_alpha.deb oldstable/main/binary-alpha/bochs-wx_2.1.1+20041109-3sarge1_alpha.deb oldstable/main/binary-alpha/bochs-sdl_2.1.1+20041109-3sarge1_alpha.deb oldstable/main/binary-alpha/bochs-term_2.1.1+20041109-3sarge1_alpha.deb oldstable/main/binary-alpha/bochs-x_2.1.1+20041109-3sarge1_alpha.deb oldstable/main/binary-alpha/bximage_2.1.1+20041109-3sarge1_alpha.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-arm/bochs_2.1.1+20041109-3sarge1_arm.deb oldstable/main/binary-arm/bochs-wx_2.1.1+20041109-3sarge1_arm.deb oldstable/main/binary-arm/bochs-sdl_2.1.1+20041109-3sarge1_arm.deb oldstable/main/binary-arm/bochs-term_2.1.1+20041109-3sarge1_arm.deb oldstable/main/binary-arm/bochs-x_2.1.1+20041109-3sarge1_arm.deb oldstable/main/binary-arm/bximage_2.1.1+20041109-3sarge1_arm.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-hppa/bochs_2.1.1+20041109-3sarge1_hppa.deb oldstable/main/binary-hppa/bochs-wx_2.1.1+20041109-3sarge1_hppa.deb oldstable/main/binary-hppa/bochs-sdl_2.1.1+20041109-3sarge1_hppa.deb oldstable/main/binary-hppa/bochs-term_2.1.1+20041109-3sarge1_hppa.deb oldstable/main/binary-hppa/bochs-x_2.1.1+20041109-3sarge1_hppa.deb oldstable/main/binary-hppa/bximage_2.1.1+20041109-3sarge1_hppa.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/source/bochs_2.1.1+20041109-3sarge1.dsc oldstable/main/source/bochs_2.1.1+20041109.orig.tar.gz oldstable/main/source/bochs_2.1.1+20041109-3sarge1.diff.gz oldstable/main/binary-i386/bochs_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-i386/bochs-wx_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-i386/bochs-sdl_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-i386/bochs-term_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-i386/bochs-x_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-i386/bochs-svga_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-i386/bximage_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-i386/sb16ctrl-bochs_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-all/bochs-doc_2.1.1+20041109-3sarge1_all.deb oldstable/main/binary-all/bochsbios_2.1.1+20041109-3sarge1_all.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-ia64/bochs_2.1.1+20041109-3sarge1_ia64.deb oldstable/main/binary-ia64/bochs-wx_2.1.1+20041109-3sarge1_ia64.deb oldstable/main/binary-ia64/bochs-sdl_2.1.1+20041109-3sarge1_ia64.deb oldstable/main/binary-ia64/bochs-term_2.1.1+20041109-3sarge1_ia64.deb oldstable/main/binary-ia64/bochs-x_2.1.1+20041109-3sarge1_ia64.deb oldstable/main/binary-ia64/bximage_2.1.1+20041109-3sarge1_ia64.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-m68k/bochs_2.1.1+20041109-3sarge1_m68k.deb oldstable/main/binary-m68k/bochs-wx_2.1.1+20041109-3sarge1_m68k.deb oldstable/main/binary-m68k/bochs-sdl_2.1.1+20041109-3sarge1_m68k.deb oldstable/main/binary-m68k/bochs-term_2.1.1+20041109-3sarge1_m68k.deb oldstable/main/binary-m68k/bochs-x_2.1.1+20041109-3sarge1_m68k.deb oldstable/main/binary-m68k/bximage_2.1.1+20041109-3sarge1_m68k.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-mips/bochs_2.1.1+20041109-3sarge1_mips.deb oldstable/main/binary-mips/bochs-wx_2.1.1+20041109-3sarge1_mips.deb oldstable/main/binary-mips/bochs-sdl_2.1.1+20041109-3sarge1_mips.deb oldstable/main/binary-mips/bochs-term_2.1.1+20041109-3sarge1_mips.deb oldstable/main/binary-mips/bochs-x_2.1.1+20041109-3sarge1_mips.deb oldstable/main/binary-mips/bximage_2.1.1+20041109-3sarge1_mips.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-mipsel/bochs_2.1.1+20041109-3sarge1_mipsel.deb oldstable/main/binary-mipsel/bochs-wx_2.1.1+20041109-3sarge1_mipsel.deb oldstable/main/binary-mipsel/bochs-sdl_2.1.1+20041109-3sarge1_mipsel.deb oldstable/main/binary-mipsel/bochs-term_2.1.1+20041109-3sarge1_mipsel.deb oldstable/main/binary-mipsel/bochs-x_2.1.1+20041109-3sarge1_mipsel.deb oldstable/main/binary-mipsel/bximage_2.1.1+20041109-3sarge1_mipsel.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-powerpc/bochs_2.1.1+20041109-3sarge1_powerpc.deb oldstable/main/binary-powerpc/bochs-wx_2.1.1+20041109-3sarge1_powerpc.deb oldstable/main/binary-powerpc/bochs-sdl_2.1.1+20041109-3sarge1_powerpc.deb oldstable/main/binary-powerpc/bochs-term_2.1.1+20041109-3sarge1_powerpc.deb oldstable/main/binary-powerpc/bochs-x_2.1.1+20041109-3sarge1_powerpc.deb oldstable/main/binary-powerpc/bximage_2.1.1+20041109-3sarge1_powerpc.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-s390/bochs_2.1.1+20041109-3sarge1_s390.deb oldstable/main/binary-s390/bochs-wx_2.1.1+20041109-3sarge1_s390.deb oldstable/main/binary-s390/bochs-sdl_2.1.1+20041109-3sarge1_s390.deb oldstable/main/binary-s390/bochs-term_2.1.1+20041109-3sarge1_s390.deb oldstable/main/binary-s390/bochs-x_2.1.1+20041109-3sarge1_s390.deb oldstable/main/binary-s390/bximage_2.1.1+20041109-3sarge1_s390.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-sparc/bochs_2.1.1+20041109-3sarge1_sparc.deb oldstable/main/binary-sparc/bochs-wx_2.1.1+20041109-3sarge1_sparc.deb oldstable/main/binary-sparc/bochs-sdl_2.1.1+20041109-3sarge1_sparc.deb oldstable/main/binary-sparc/bochs-term_2.1.1+20041109-3sarge1_sparc.deb oldstable/main/binary-sparc/bochs-x_2.1.1+20041109-3sarge1_sparc.deb oldstable/main/binary-sparc/bximage_2.1.1+20041109-3sarge1_sparc.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/source/cacti_0.8.6c-7sarge5.dsc oldstable/main/source/cacti_0.8.6c-7sarge5.diff.gz oldstable/main/binary-all/cacti_0.8.6c-7sarge5_all.deb cacti (0.8.6c-7sarge5) oldstable-security; urgency=high * SECURITY UPDATE: + CVE-2007-6035: SQL injection vulnerability in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via unspecified vectors. * debian/patches/10_CVE-2007-6035.dpatch: applied patch by upstream (Link: http://www.cacti.net/downloads/patches/0.8.6j/sec_sql_injection-0.8.6j.patch) * References: CVE-2007-6035 oldstable/main/binary-ia64/camediaplay_20010211-4_ia64.deb camediaplay (20010211-4) unstable; urgency=low * removed a nonstandard abbreviation in the package description Closes: #124480: Spelling error in description oldstable/main/binary-m68k/camediaplay_20010211-4_m68k.deb camediaplay (20010211-4) unstable; urgency=low * removed a nonstandard abbreviation in the package description Closes: #124480: Spelling error in description oldstable/main/binary-mipsel/camediaplay_20010211-4_mipsel.deb camediaplay (20010211-4) unstable; urgency=low * removed a nonstandard abbreviation in the package description Closes: #124480: Spelling error in description oldstable/main/binary-s390/camediaplay_20010211-4_s390.deb camediaplay (20010211-4) unstable; urgency=low * removed a nonstandard abbreviation in the package description Closes: #124480: Spelling error in description oldstable/main/source/cdrom-detect_1.05sarge1.dsc oldstable/main/source/cdrom-detect_1.05sarge1.tar.gz oldstable/main/cdrom-detect_1.05sarge1_all.udeb cdrom-detect (1.05sarge1) oldstable; urgency=low * Add support for installing oldstable (checking for oldstable in the postinst should not be necessary). * Update translations with thanks to translators. oldstable/main/binary-alpha/centericq-common_4.20.0-1sarge5_alpha.deb oldstable/main/binary-alpha/centericq_4.20.0-1sarge5_alpha.deb oldstable/main/binary-alpha/centericq-utf8_4.20.0-1sarge5_alpha.deb oldstable/main/binary-alpha/centericq-fribidi_4.20.0-1sarge5_alpha.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-amd64/centericq-common_4.20.0-1sarge5_amd64.deb oldstable/main/binary-amd64/centericq_4.20.0-1sarge5_amd64.deb oldstable/main/binary-amd64/centericq-utf8_4.20.0-1sarge5_amd64.deb oldstable/main/binary-amd64/centericq-fribidi_4.20.0-1sarge5_amd64.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-arm/centericq-common_4.20.0-1sarge5_arm.deb oldstable/main/binary-arm/centericq_4.20.0-1sarge5_arm.deb oldstable/main/binary-arm/centericq-utf8_4.20.0-1sarge5_arm.deb oldstable/main/binary-arm/centericq-fribidi_4.20.0-1sarge5_arm.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-hppa/centericq-common_4.20.0-1sarge5_hppa.deb oldstable/main/binary-hppa/centericq_4.20.0-1sarge5_hppa.deb oldstable/main/binary-hppa/centericq-utf8_4.20.0-1sarge5_hppa.deb oldstable/main/binary-hppa/centericq-fribidi_4.20.0-1sarge5_hppa.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/source/centericq_4.20.0-1sarge5.dsc oldstable/main/source/centericq_4.20.0-1sarge5.diff.gz oldstable/main/binary-i386/centericq-common_4.20.0-1sarge5_i386.deb oldstable/main/binary-i386/centericq_4.20.0-1sarge5_i386.deb oldstable/main/binary-i386/centericq-utf8_4.20.0-1sarge5_i386.deb oldstable/main/binary-i386/centericq-fribidi_4.20.0-1sarge5_i386.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-ia64/centericq-common_4.20.0-1sarge5_ia64.deb oldstable/main/binary-ia64/centericq_4.20.0-1sarge5_ia64.deb oldstable/main/binary-ia64/centericq-utf8_4.20.0-1sarge5_ia64.deb oldstable/main/binary-ia64/centericq-fribidi_4.20.0-1sarge5_ia64.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-m68k/centericq-common_4.20.0-1sarge5_m68k.deb oldstable/main/binary-m68k/centericq_4.20.0-1sarge5_m68k.deb oldstable/main/binary-m68k/centericq-utf8_4.20.0-1sarge5_m68k.deb oldstable/main/binary-m68k/centericq-fribidi_4.20.0-1sarge5_m68k.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-mips/centericq-common_4.20.0-1sarge5_mips.deb oldstable/main/binary-mips/centericq_4.20.0-1sarge5_mips.deb oldstable/main/binary-mips/centericq-utf8_4.20.0-1sarge5_mips.deb oldstable/main/binary-mips/centericq-fribidi_4.20.0-1sarge5_mips.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-mipsel/centericq-common_4.20.0-1sarge5_mipsel.deb oldstable/main/binary-mipsel/centericq_4.20.0-1sarge5_mipsel.deb oldstable/main/binary-mipsel/centericq-utf8_4.20.0-1sarge5_mipsel.deb oldstable/main/binary-mipsel/centericq-fribidi_4.20.0-1sarge5_mipsel.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-powerpc/centericq-common_4.20.0-1sarge5_powerpc.deb oldstable/main/binary-powerpc/centericq_4.20.0-1sarge5_powerpc.deb oldstable/main/binary-powerpc/centericq-utf8_4.20.0-1sarge5_powerpc.deb oldstable/main/binary-powerpc/centericq-fribidi_4.20.0-1sarge5_powerpc.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-s390/centericq-common_4.20.0-1sarge5_s390.deb oldstable/main/binary-s390/centericq_4.20.0-1sarge5_s390.deb oldstable/main/binary-s390/centericq-utf8_4.20.0-1sarge5_s390.deb oldstable/main/binary-s390/centericq-fribidi_4.20.0-1sarge5_s390.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-sparc/centericq-common_4.20.0-1sarge5_sparc.deb oldstable/main/binary-sparc/centericq_4.20.0-1sarge5_sparc.deb oldstable/main/binary-sparc/centericq-utf8_4.20.0-1sarge5_sparc.deb oldstable/main/binary-sparc/centericq-fribidi_4.20.0-1sarge5_sparc.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/choose-mirror_1.07sarge1_alpha.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_arm.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_hppa.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/source/choose-mirror_1.07sarge1.dsc oldstable/main/source/choose-mirror_1.07sarge1.tar.gz oldstable/main/choose-mirror_1.07sarge1_i386.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_ia64.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_m68k.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_mips.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_mipsel.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_powerpc.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_s390.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_sparc.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/binary-alpha/libclamav1_0.84-2.sarge.17_alpha.deb oldstable/main/binary-alpha/clamav_0.84-2.sarge.17_alpha.deb oldstable/main/binary-alpha/clamav-daemon_0.84-2.sarge.17_alpha.deb oldstable/main/binary-alpha/clamav-freshclam_0.84-2.sarge.17_alpha.deb oldstable/main/binary-alpha/clamav-milter_0.84-2.sarge.17_alpha.deb oldstable/main/binary-alpha/libclamav-dev_0.84-2.sarge.17_alpha.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-arm/libclamav1_0.84-2.sarge.17_arm.deb oldstable/main/binary-arm/clamav_0.84-2.sarge.17_arm.deb oldstable/main/binary-arm/clamav-daemon_0.84-2.sarge.17_arm.deb oldstable/main/binary-arm/clamav-freshclam_0.84-2.sarge.17_arm.deb oldstable/main/binary-arm/clamav-milter_0.84-2.sarge.17_arm.deb oldstable/main/binary-arm/libclamav-dev_0.84-2.sarge.17_arm.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-hppa/libclamav1_0.84-2.sarge.17_hppa.deb oldstable/main/binary-hppa/clamav_0.84-2.sarge.17_hppa.deb oldstable/main/binary-hppa/clamav-daemon_0.84-2.sarge.17_hppa.deb oldstable/main/binary-hppa/clamav-freshclam_0.84-2.sarge.17_hppa.deb oldstable/main/binary-hppa/clamav-milter_0.84-2.sarge.17_hppa.deb oldstable/main/binary-hppa/libclamav-dev_0.84-2.sarge.17_hppa.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/source/clamav_0.84-2.sarge.17.dsc oldstable/main/source/clamav_0.84-2.sarge.17.diff.gz oldstable/main/binary-all/clamav-base_0.84-2.sarge.17_all.deb oldstable/main/binary-all/clamav-testfiles_0.84-2.sarge.17_all.deb oldstable/main/binary-all/clamav-docs_0.84-2.sarge.17_all.deb oldstable/main/binary-i386/libclamav1_0.84-2.sarge.17_i386.deb oldstable/main/binary-i386/clamav_0.84-2.sarge.17_i386.deb oldstable/main/binary-i386/clamav-daemon_0.84-2.sarge.17_i386.deb oldstable/main/binary-i386/clamav-freshclam_0.84-2.sarge.17_i386.deb oldstable/main/binary-i386/clamav-milter_0.84-2.sarge.17_i386.deb oldstable/main/binary-i386/libclamav-dev_0.84-2.sarge.17_i386.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-ia64/libclamav1_0.84-2.sarge.17_ia64.deb oldstable/main/binary-ia64/clamav_0.84-2.sarge.17_ia64.deb oldstable/main/binary-ia64/clamav-daemon_0.84-2.sarge.17_ia64.deb oldstable/main/binary-ia64/clamav-freshclam_0.84-2.sarge.17_ia64.deb oldstable/main/binary-ia64/clamav-milter_0.84-2.sarge.17_ia64.deb oldstable/main/binary-ia64/libclamav-dev_0.84-2.sarge.17_ia64.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-m68k/libclamav1_0.84-2.sarge.17_m68k.deb oldstable/main/binary-m68k/clamav_0.84-2.sarge.17_m68k.deb oldstable/main/binary-m68k/clamav-daemon_0.84-2.sarge.17_m68k.deb oldstable/main/binary-m68k/clamav-freshclam_0.84-2.sarge.17_m68k.deb oldstable/main/binary-m68k/clamav-milter_0.84-2.sarge.17_m68k.deb oldstable/main/binary-m68k/libclamav-dev_0.84-2.sarge.17_m68k.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-mips/libclamav1_0.84-2.sarge.17_mips.deb oldstable/main/binary-mips/clamav_0.84-2.sarge.17_mips.deb oldstable/main/binary-mips/clamav-daemon_0.84-2.sarge.17_mips.deb oldstable/main/binary-mips/clamav-freshclam_0.84-2.sarge.17_mips.deb oldstable/main/binary-mips/clamav-milter_0.84-2.sarge.17_mips.deb oldstable/main/binary-mips/libclamav-dev_0.84-2.sarge.17_mips.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-mipsel/libclamav1_0.84-2.sarge.17_mipsel.deb oldstable/main/binary-mipsel/clamav_0.84-2.sarge.17_mipsel.deb oldstable/main/binary-mipsel/clamav-daemon_0.84-2.sarge.17_mipsel.deb oldstable/main/binary-mipsel/clamav-freshclam_0.84-2.sarge.17_mipsel.deb oldstable/main/binary-mipsel/clamav-milter_0.84-2.sarge.17_mipsel.deb oldstable/main/binary-mipsel/libclamav-dev_0.84-2.sarge.17_mipsel.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-powerpc/libclamav1_0.84-2.sarge.17_powerpc.deb oldstable/main/binary-powerpc/clamav_0.84-2.sarge.17_powerpc.deb oldstable/main/binary-powerpc/clamav-daemon_0.84-2.sarge.17_powerpc.deb oldstable/main/binary-powerpc/clamav-freshclam_0.84-2.sarge.17_powerpc.deb oldstable/main/binary-powerpc/clamav-milter_0.84-2.sarge.17_powerpc.deb oldstable/main/binary-powerpc/libclamav-dev_0.84-2.sarge.17_powerpc.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-s390/libclamav1_0.84-2.sarge.17_s390.deb oldstable/main/binary-s390/clamav_0.84-2.sarge.17_s390.deb oldstable/main/binary-s390/clamav-daemon_0.84-2.sarge.17_s390.deb oldstable/main/binary-s390/clamav-freshclam_0.84-2.sarge.17_s390.deb oldstable/main/binary-s390/clamav-milter_0.84-2.sarge.17_s390.deb oldstable/main/binary-s390/libclamav-dev_0.84-2.sarge.17_s390.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-sparc/libclamav1_0.84-2.sarge.17_sparc.deb oldstable/main/binary-sparc/clamav_0.84-2.sarge.17_sparc.deb oldstable/main/binary-sparc/clamav-daemon_0.84-2.sarge.17_sparc.deb oldstable/main/binary-sparc/clamav-freshclam_0.84-2.sarge.17_sparc.deb oldstable/main/binary-sparc/clamav-milter_0.84-2.sarge.17_sparc.deb oldstable/main/binary-sparc/libclamav-dev_0.84-2.sarge.17_sparc.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-sparc/jsvc_1.0-5_sparc.deb commons-daemon (1.0-5) unstable; urgency=low * upload with the sources. * Build with free tools now, therefore buildable on all architectures and a jsvc binary should be provided (closes: #286871) * Move to main as built with free tools * Shortened and clarified description (closes: #279752) oldstable/main/binary-alpha/debian-installer-manual_20050317sarge2_alpha.deb oldstable/main/source/debian-installer-images_20050317sarge2_alpha.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-arm/debian-installer-manual_20050317sarge2_arm.deb oldstable/main/source/debian-installer-images_20050317sarge2_arm.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-hppa/debian-installer-manual_20050317sarge2_hppa.deb oldstable/main/source/debian-installer-images_20050317sarge2_hppa.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/source/debian-installer_20050317sarge2.dsc oldstable/main/source/debian-installer_20050317sarge2.tar.gz oldstable/main/binary-i386/debian-installer-manual_20050317sarge2_i386.deb oldstable/main/source/debian-installer-images_20050317sarge2_i386.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-ia64/debian-installer-manual_20050317sarge2_ia64.deb oldstable/main/source/debian-installer-images_20050317sarge2_ia64.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-m68k/debian-installer-manual_20050317sarge2_m68k.deb oldstable/main/source/debian-installer-images_20050317sarge2_m68k.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-mips/debian-installer-manual_20050317sarge2_mips.deb oldstable/main/source/debian-installer-images_20050317sarge2_mips.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-mipsel/debian-installer-manual_20050317sarge2_mipsel.deb oldstable/main/source/debian-installer-images_20050317sarge2_mipsel.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-powerpc/debian-installer-manual_20050317sarge2_powerpc.deb oldstable/main/source/debian-installer-images_20050317sarge2_powerpc.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-s390/debian-installer-manual_20050317sarge2_s390.deb oldstable/main/source/debian-installer-images_20050317sarge2_s390.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-sparc/debian-installer-manual_20050317sarge2_sparc.deb oldstable/main/source/debian-installer-images_20050317sarge2_sparc.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-hppa/debtags-edit_0.9.2_hppa.deb debtags-edit (0.9.2) unstable; urgency=low * Compiles with gcc 3.4. Closes: bug#264146. Thanks to Andreas Jochens for the patch. oldstable/main/binary-alpha/dhcp_2.0pl5-19.1sarge3_alpha.deb oldstable/main/binary-alpha/dhcp-client_2.0pl5-19.1sarge3_alpha.deb oldstable/main/binary-alpha/dhcp-relay_2.0pl5-19.1sarge3_alpha.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_alpha.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-amd64/dhcp_2.0pl5-19.1sarge3_amd64.deb oldstable/main/binary-amd64/dhcp-client_2.0pl5-19.1sarge3_amd64.deb oldstable/main/binary-amd64/dhcp-relay_2.0pl5-19.1sarge3_amd64.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_amd64.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-arm/dhcp_2.0pl5-19.1sarge3_arm.deb oldstable/main/binary-arm/dhcp-client_2.0pl5-19.1sarge3_arm.deb oldstable/main/binary-arm/dhcp-relay_2.0pl5-19.1sarge3_arm.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_arm.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-hppa/dhcp_2.0pl5-19.1sarge3_hppa.deb oldstable/main/binary-hppa/dhcp-client_2.0pl5-19.1sarge3_hppa.deb oldstable/main/binary-hppa/dhcp-relay_2.0pl5-19.1sarge3_hppa.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_hppa.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/source/dhcp_2.0pl5-19.1sarge3.dsc oldstable/main/source/dhcp_2.0pl5-19.1sarge3.diff.gz oldstable/main/binary-i386/dhcp_2.0pl5-19.1sarge3_i386.deb oldstable/main/binary-i386/dhcp-client_2.0pl5-19.1sarge3_i386.deb oldstable/main/binary-i386/dhcp-relay_2.0pl5-19.1sarge3_i386.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_i386.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-ia64/dhcp_2.0pl5-19.1sarge3_ia64.deb oldstable/main/binary-ia64/dhcp-client_2.0pl5-19.1sarge3_ia64.deb oldstable/main/binary-ia64/dhcp-relay_2.0pl5-19.1sarge3_ia64.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_ia64.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-m68k/dhcp_2.0pl5-19.1sarge3_m68k.deb oldstable/main/binary-m68k/dhcp-client_2.0pl5-19.1sarge3_m68k.deb oldstable/main/binary-m68k/dhcp-relay_2.0pl5-19.1sarge3_m68k.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_m68k.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-mips/dhcp_2.0pl5-19.1sarge3_mips.deb oldstable/main/binary-mips/dhcp-client_2.0pl5-19.1sarge3_mips.deb oldstable/main/binary-mips/dhcp-relay_2.0pl5-19.1sarge3_mips.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_mips.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-mipsel/dhcp_2.0pl5-19.1sarge3_mipsel.deb oldstable/main/binary-mipsel/dhcp-client_2.0pl5-19.1sarge3_mipsel.deb oldstable/main/binary-mipsel/dhcp-relay_2.0pl5-19.1sarge3_mipsel.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_mipsel.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-powerpc/dhcp_2.0pl5-19.1sarge3_powerpc.deb oldstable/main/binary-powerpc/dhcp-client_2.0pl5-19.1sarge3_powerpc.deb oldstable/main/binary-powerpc/dhcp-relay_2.0pl5-19.1sarge3_powerpc.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_powerpc.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-s390/dhcp_2.0pl5-19.1sarge3_s390.deb oldstable/main/binary-s390/dhcp-client_2.0pl5-19.1sarge3_s390.deb oldstable/main/binary-s390/dhcp-relay_2.0pl5-19.1sarge3_s390.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_s390.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-sparc/dhcp_2.0pl5-19.1sarge3_sparc.deb oldstable/main/binary-sparc/dhcp-client_2.0pl5-19.1sarge3_sparc.deb oldstable/main/binary-sparc/dhcp-relay_2.0pl5-19.1sarge3_sparc.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_sparc.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-alpha/ekg_1.5+20050411-7_alpha.deb oldstable/main/binary-alpha/libgadu-dev_1.5+20050411-7_alpha.deb oldstable/main/binary-alpha/libgadu3_1.5+20050411-7_alpha.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-arm/ekg_1.5+20050411-7_arm.deb oldstable/main/binary-arm/libgadu-dev_1.5+20050411-7_arm.deb oldstable/main/binary-arm/libgadu3_1.5+20050411-7_arm.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-hppa/ekg_1.5+20050411-7_hppa.deb oldstable/main/binary-hppa/libgadu-dev_1.5+20050411-7_hppa.deb oldstable/main/binary-hppa/libgadu3_1.5+20050411-7_hppa.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/source/ekg_1.5+20050411-7.dsc oldstable/main/source/ekg_1.5+20050411-7.diff.gz oldstable/main/binary-i386/ekg_1.5+20050411-7_i386.deb oldstable/main/binary-i386/libgadu-dev_1.5+20050411-7_i386.deb oldstable/main/binary-i386/libgadu3_1.5+20050411-7_i386.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-ia64/ekg_1.5+20050411-7_ia64.deb oldstable/main/binary-ia64/libgadu-dev_1.5+20050411-7_ia64.deb oldstable/main/binary-ia64/libgadu3_1.5+20050411-7_ia64.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-m68k/ekg_1.5+20050411-7_m68k.deb oldstable/main/binary-m68k/libgadu-dev_1.5+20050411-7_m68k.deb oldstable/main/binary-m68k/libgadu3_1.5+20050411-7_m68k.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-mips/ekg_1.5+20050411-7_mips.deb oldstable/main/binary-mips/libgadu-dev_1.5+20050411-7_mips.deb oldstable/main/binary-mips/libgadu3_1.5+20050411-7_mips.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-mipsel/ekg_1.5+20050411-7_mipsel.deb oldstable/main/binary-mipsel/libgadu-dev_1.5+20050411-7_mipsel.deb oldstable/main/binary-mipsel/libgadu3_1.5+20050411-7_mipsel.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-powerpc/ekg_1.5+20050411-7_powerpc.deb oldstable/main/binary-powerpc/libgadu-dev_1.5+20050411-7_powerpc.deb oldstable/main/binary-powerpc/libgadu3_1.5+20050411-7_powerpc.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-s390/ekg_1.5+20050411-7_s390.deb oldstable/main/binary-s390/libgadu-dev_1.5+20050411-7_s390.deb oldstable/main/binary-s390/libgadu3_1.5+20050411-7_s390.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-sparc/ekg_1.5+20050411-7_sparc.deb oldstable/main/binary-sparc/libgadu-dev_1.5+20050411-7_sparc.deb oldstable/main/binary-sparc/libgadu3_1.5+20050411-7_sparc.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-alpha/ethereal-common_0.10.10-2sarge10_alpha.deb oldstable/main/binary-alpha/ethereal_0.10.10-2sarge10_alpha.deb oldstable/main/binary-alpha/tethereal_0.10.10-2sarge10_alpha.deb oldstable/main/binary-alpha/ethereal-dev_0.10.10-2sarge10_alpha.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-amd64/ethereal-common_0.10.10-2sarge10_amd64.deb oldstable/main/binary-amd64/ethereal_0.10.10-2sarge10_amd64.deb oldstable/main/binary-amd64/tethereal_0.10.10-2sarge10_amd64.deb oldstable/main/binary-amd64/ethereal-dev_0.10.10-2sarge10_amd64.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-arm/ethereal-common_0.10.10-2sarge10_arm.deb oldstable/main/binary-arm/ethereal_0.10.10-2sarge10_arm.deb oldstable/main/binary-arm/tethereal_0.10.10-2sarge10_arm.deb oldstable/main/binary-arm/ethereal-dev_0.10.10-2sarge10_arm.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-hppa/ethereal-common_0.10.10-2sarge10_hppa.deb oldstable/main/binary-hppa/ethereal_0.10.10-2sarge10_hppa.deb oldstable/main/binary-hppa/tethereal_0.10.10-2sarge10_hppa.deb oldstable/main/binary-hppa/ethereal-dev_0.10.10-2sarge10_hppa.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/source/ethereal_0.10.10-2sarge10.dsc oldstable/main/source/ethereal_0.10.10-2sarge10.diff.gz oldstable/main/binary-i386/ethereal-common_0.10.10-2sarge10_i386.deb oldstable/main/binary-i386/ethereal_0.10.10-2sarge10_i386.deb oldstable/main/binary-i386/tethereal_0.10.10-2sarge10_i386.deb oldstable/main/binary-i386/ethereal-dev_0.10.10-2sarge10_i386.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-ia64/ethereal-common_0.10.10-2sarge10_ia64.deb oldstable/main/binary-ia64/ethereal_0.10.10-2sarge10_ia64.deb oldstable/main/binary-ia64/tethereal_0.10.10-2sarge10_ia64.deb oldstable/main/binary-ia64/ethereal-dev_0.10.10-2sarge10_ia64.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-m68k/ethereal-common_0.10.10-2sarge10_m68k.deb oldstable/main/binary-m68k/ethereal_0.10.10-2sarge10_m68k.deb oldstable/main/binary-m68k/tethereal_0.10.10-2sarge10_m68k.deb oldstable/main/binary-m68k/ethereal-dev_0.10.10-2sarge10_m68k.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-mips/ethereal-common_0.10.10-2sarge10_mips.deb oldstable/main/binary-mips/ethereal_0.10.10-2sarge10_mips.deb oldstable/main/binary-mips/tethereal_0.10.10-2sarge10_mips.deb oldstable/main/binary-mips/ethereal-dev_0.10.10-2sarge10_mips.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-mipsel/ethereal-common_0.10.10-2sarge10_mipsel.deb oldstable/main/binary-mipsel/ethereal_0.10.10-2sarge10_mipsel.deb oldstable/main/binary-mipsel/tethereal_0.10.10-2sarge10_mipsel.deb oldstable/main/binary-mipsel/ethereal-dev_0.10.10-2sarge10_mipsel.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-powerpc/ethereal-common_0.10.10-2sarge10_powerpc.deb oldstable/main/binary-powerpc/ethereal_0.10.10-2sarge10_powerpc.deb oldstable/main/binary-powerpc/tethereal_0.10.10-2sarge10_powerpc.deb oldstable/main/binary-powerpc/ethereal-dev_0.10.10-2sarge10_powerpc.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-s390/ethereal-common_0.10.10-2sarge10_s390.deb oldstable/main/binary-s390/ethereal_0.10.10-2sarge10_s390.deb oldstable/main/binary-s390/tethereal_0.10.10-2sarge10_s390.deb oldstable/main/binary-s390/ethereal-dev_0.10.10-2sarge10_s390.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-sparc/ethereal-common_0.10.10-2sarge10_sparc.deb oldstable/main/binary-sparc/ethereal_0.10.10-2sarge10_sparc.deb oldstable/main/binary-sparc/tethereal_0.10.10-2sarge10_sparc.deb oldstable/main/binary-sparc/ethereal-dev_0.10.10-2sarge10_sparc.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-alpha/evolution_2.0.4-2sarge2_alpha.deb oldstable/main/binary-alpha/evolution-dev_2.0.4-2sarge2_alpha.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-arm/evolution_2.0.4-2sarge2_arm.deb oldstable/main/binary-arm/evolution-dev_2.0.4-2sarge2_arm.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-hppa/evolution_2.0.4-2sarge2_hppa.deb oldstable/main/binary-hppa/evolution-dev_2.0.4-2sarge2_hppa.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/source/evolution_2.0.4-2sarge2.dsc oldstable/main/source/evolution_2.0.4-2sarge2.diff.gz oldstable/main/binary-i386/evolution_2.0.4-2sarge2_i386.deb oldstable/main/binary-i386/evolution-dev_2.0.4-2sarge2_i386.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-ia64/evolution_2.0.4-2sarge2_ia64.deb oldstable/main/binary-ia64/evolution-dev_2.0.4-2sarge2_ia64.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-m68k/evolution_2.0.4-2sarge2_m68k.deb oldstable/main/binary-m68k/evolution-dev_2.0.4-2sarge2_m68k.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-mips/evolution_2.0.4-2sarge2_mips.deb oldstable/main/binary-mips/evolution-dev_2.0.4-2sarge2_mips.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-mipsel/evolution_2.0.4-2sarge2_mipsel.deb oldstable/main/binary-mipsel/evolution-dev_2.0.4-2sarge2_mipsel.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-powerpc/evolution_2.0.4-2sarge2_powerpc.deb oldstable/main/binary-powerpc/evolution-dev_2.0.4-2sarge2_powerpc.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-s390/evolution_2.0.4-2sarge2_s390.deb oldstable/main/binary-s390/evolution-dev_2.0.4-2sarge2_s390.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-sparc/evolution_2.0.4-2sarge2_sparc.deb oldstable/main/binary-sparc/evolution-dev_2.0.4-2sarge2_sparc.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/source/fai-kernels_1.9.1sarge7.dsc oldstable/main/source/fai-kernels_1.9.1sarge7.tar.gz oldstable/main/binary-i386/fai-kernels_1.9.1sarge7_i386.deb fai-kernels (1.9.1sarge7) oldstable; urgency=low * Build against kerenl-tree-2.6.8-17 oldstable/main/binary-sparc/fet_3.12.30-1_sparc.deb fet (3.12.30-1) unstable; urgency=low * New upstream release (closes: #298292) (new Catalan translation) oldstable/main/binary-alpha/file_4.12-1sarge2_alpha.deb oldstable/main/binary-alpha/libmagic1_4.12-1sarge2_alpha.deb oldstable/main/binary-alpha/libmagic-dev_4.12-1sarge2_alpha.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-arm/file_4.12-1sarge2_arm.deb oldstable/main/binary-arm/libmagic1_4.12-1sarge2_arm.deb oldstable/main/binary-arm/libmagic-dev_4.12-1sarge2_arm.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-hppa/file_4.12-1sarge2_hppa.deb oldstable/main/binary-hppa/libmagic1_4.12-1sarge2_hppa.deb oldstable/main/binary-hppa/libmagic-dev_4.12-1sarge2_hppa.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/source/file_4.12-1sarge2.dsc oldstable/main/source/file_4.12-1sarge2.diff.gz oldstable/main/binary-i386/file_4.12-1sarge2_i386.deb oldstable/main/binary-i386/libmagic1_4.12-1sarge2_i386.deb oldstable/main/binary-i386/libmagic-dev_4.12-1sarge2_i386.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-ia64/file_4.12-1sarge2_ia64.deb oldstable/main/binary-ia64/libmagic1_4.12-1sarge2_ia64.deb oldstable/main/binary-ia64/libmagic-dev_4.12-1sarge2_ia64.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-m68k/file_4.12-1sarge2_m68k.deb oldstable/main/binary-m68k/libmagic1_4.12-1sarge2_m68k.deb oldstable/main/binary-m68k/libmagic-dev_4.12-1sarge2_m68k.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-mips/file_4.12-1sarge2_mips.deb oldstable/main/binary-mips/libmagic1_4.12-1sarge2_mips.deb oldstable/main/binary-mips/libmagic-dev_4.12-1sarge2_mips.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-mipsel/file_4.12-1sarge2_mipsel.deb oldstable/main/binary-mipsel/libmagic1_4.12-1sarge2_mipsel.deb oldstable/main/binary-mipsel/libmagic-dev_4.12-1sarge2_mipsel.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-powerpc/file_4.12-1sarge2_powerpc.deb oldstable/main/binary-powerpc/libmagic1_4.12-1sarge2_powerpc.deb oldstable/main/binary-powerpc/libmagic-dev_4.12-1sarge2_powerpc.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-s390/file_4.12-1sarge2_s390.deb oldstable/main/binary-s390/libmagic1_4.12-1sarge2_s390.deb oldstable/main/binary-s390/libmagic-dev_4.12-1sarge2_s390.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-sparc/file_4.12-1sarge2_sparc.deb oldstable/main/binary-sparc/libmagic1_4.12-1sarge2_sparc.deb oldstable/main/binary-sparc/libmagic-dev_4.12-1sarge2_sparc.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-alpha/fireflier-server_1.1.5-1sarge1_alpha.deb oldstable/main/binary-alpha/fireflier-client-qt_1.1.5-1sarge1_alpha.deb oldstable/main/binary-alpha/fireflier-client-kde_1.1.5-1sarge1_alpha.deb oldstable/main/binary-alpha/fireflier-client-gtk_1.1.5-1sarge1_alpha.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-arm/fireflier-server_1.1.5-1sarge1_arm.deb oldstable/main/binary-arm/fireflier-client-qt_1.1.5-1sarge1_arm.deb oldstable/main/binary-arm/fireflier-client-kde_1.1.5-1sarge1_arm.deb oldstable/main/binary-arm/fireflier-client-gtk_1.1.5-1sarge1_arm.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-hppa/fireflier-server_1.1.5-1sarge1_hppa.deb oldstable/main/binary-hppa/fireflier-client-qt_1.1.5-1sarge1_hppa.deb oldstable/main/binary-hppa/fireflier-client-kde_1.1.5-1sarge1_hppa.deb oldstable/main/binary-hppa/fireflier-client-gtk_1.1.5-1sarge1_hppa.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/source/fireflier_1.1.5-1sarge1.dsc oldstable/main/source/fireflier_1.1.5-1sarge1.tar.gz oldstable/main/binary-i386/fireflier-server_1.1.5-1sarge1_i386.deb oldstable/main/binary-i386/fireflier-client-qt_1.1.5-1sarge1_i386.deb oldstable/main/binary-i386/fireflier-client-kde_1.1.5-1sarge1_i386.deb oldstable/main/binary-i386/fireflier-client-gtk_1.1.5-1sarge1_i386.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-ia64/fireflier-server_1.1.5-1sarge1_ia64.deb oldstable/main/binary-ia64/fireflier-client-qt_1.1.5-1sarge1_ia64.deb oldstable/main/binary-ia64/fireflier-client-kde_1.1.5-1sarge1_ia64.deb oldstable/main/binary-ia64/fireflier-client-gtk_1.1.5-1sarge1_ia64.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-m68k/fireflier-server_1.1.5-1sarge1_m68k.deb oldstable/main/binary-m68k/fireflier-client-qt_1.1.5-1sarge1_m68k.deb oldstable/main/binary-m68k/fireflier-client-kde_1.1.5-1sarge1_m68k.deb oldstable/main/binary-m68k/fireflier-client-gtk_1.1.5-1sarge1_m68k.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-mips/fireflier-server_1.1.5-1sarge1_mips.deb oldstable/main/binary-mips/fireflier-client-qt_1.1.5-1sarge1_mips.deb oldstable/main/binary-mips/fireflier-client-kde_1.1.5-1sarge1_mips.deb oldstable/main/binary-mips/fireflier-client-gtk_1.1.5-1sarge1_mips.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-mipsel/fireflier-server_1.1.5-1sarge1_mipsel.deb oldstable/main/binary-mipsel/fireflier-client-qt_1.1.5-1sarge1_mipsel.deb oldstable/main/binary-mipsel/fireflier-client-kde_1.1.5-1sarge1_mipsel.deb oldstable/main/binary-mipsel/fireflier-client-gtk_1.1.5-1sarge1_mipsel.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-powerpc/fireflier-server_1.1.5-1sarge1_powerpc.deb oldstable/main/binary-powerpc/fireflier-client-qt_1.1.5-1sarge1_powerpc.deb oldstable/main/binary-powerpc/fireflier-client-kde_1.1.5-1sarge1_powerpc.deb oldstable/main/binary-powerpc/fireflier-client-gtk_1.1.5-1sarge1_powerpc.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-s390/fireflier-server_1.1.5-1sarge1_s390.deb oldstable/main/binary-s390/fireflier-client-qt_1.1.5-1sarge1_s390.deb oldstable/main/binary-s390/fireflier-client-kde_1.1.5-1sarge1_s390.deb oldstable/main/binary-s390/fireflier-client-gtk_1.1.5-1sarge1_s390.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-sparc/fireflier-server_1.1.5-1sarge1_sparc.deb oldstable/main/binary-sparc/fireflier-client-qt_1.1.5-1sarge1_sparc.deb oldstable/main/binary-sparc/fireflier-client-kde_1.1.5-1sarge1_sparc.deb oldstable/main/binary-sparc/fireflier-client-gtk_1.1.5-1sarge1_sparc.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-arm/freepops_0.0.27-1_arm.deb freepops (0.0.27-1) unstable; urgency=low * new upastream release oldstable/main/binary-alpha/libfreetype6_2.1.7-8_alpha.deb oldstable/main/binary-alpha/libfreetype6-dev_2.1.7-8_alpha.deb oldstable/main/binary-alpha/freetype2-demos_2.1.7-8_alpha.deb oldstable/main/libfreetype6-udeb_2.1.7-8_alpha.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-arm/libfreetype6_2.1.7-8_arm.deb oldstable/main/binary-arm/libfreetype6-dev_2.1.7-8_arm.deb oldstable/main/binary-arm/freetype2-demos_2.1.7-8_arm.deb oldstable/main/libfreetype6-udeb_2.1.7-8_arm.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-hppa/libfreetype6_2.1.7-8_hppa.deb oldstable/main/binary-hppa/libfreetype6-dev_2.1.7-8_hppa.deb oldstable/main/binary-hppa/freetype2-demos_2.1.7-8_hppa.deb oldstable/main/libfreetype6-udeb_2.1.7-8_hppa.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/source/freetype_2.1.7-8.dsc oldstable/main/source/freetype_2.1.7-8.diff.gz oldstable/main/binary-i386/libfreetype6_2.1.7-8_i386.deb oldstable/main/binary-i386/libfreetype6-dev_2.1.7-8_i386.deb oldstable/main/binary-i386/freetype2-demos_2.1.7-8_i386.deb oldstable/main/libfreetype6-udeb_2.1.7-8_i386.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-ia64/libfreetype6_2.1.7-8_ia64.deb oldstable/main/binary-ia64/libfreetype6-dev_2.1.7-8_ia64.deb oldstable/main/binary-ia64/freetype2-demos_2.1.7-8_ia64.deb oldstable/main/libfreetype6-udeb_2.1.7-8_ia64.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-m68k/libfreetype6_2.1.7-8_m68k.deb oldstable/main/binary-m68k/libfreetype6-dev_2.1.7-8_m68k.deb oldstable/main/binary-m68k/freetype2-demos_2.1.7-8_m68k.deb oldstable/main/libfreetype6-udeb_2.1.7-8_m68k.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-mips/libfreetype6_2.1.7-8_mips.deb oldstable/main/binary-mips/libfreetype6-dev_2.1.7-8_mips.deb oldstable/main/binary-mips/freetype2-demos_2.1.7-8_mips.deb oldstable/main/libfreetype6-udeb_2.1.7-8_mips.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-mipsel/libfreetype6_2.1.7-8_mipsel.deb oldstable/main/binary-mipsel/libfreetype6-dev_2.1.7-8_mipsel.deb oldstable/main/binary-mipsel/freetype2-demos_2.1.7-8_mipsel.deb oldstable/main/libfreetype6-udeb_2.1.7-8_mipsel.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-powerpc/libfreetype6_2.1.7-8_powerpc.deb oldstable/main/binary-powerpc/libfreetype6-dev_2.1.7-8_powerpc.deb oldstable/main/binary-powerpc/freetype2-demos_2.1.7-8_powerpc.deb oldstable/main/libfreetype6-udeb_2.1.7-8_powerpc.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-s390/libfreetype6_2.1.7-8_s390.deb oldstable/main/binary-s390/libfreetype6-dev_2.1.7-8_s390.deb oldstable/main/binary-s390/freetype2-demos_2.1.7-8_s390.deb oldstable/main/libfreetype6-udeb_2.1.7-8_s390.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-sparc/libfreetype6_2.1.7-8_sparc.deb oldstable/main/binary-sparc/libfreetype6-dev_2.1.7-8_sparc.deb oldstable/main/binary-sparc/freetype2-demos_2.1.7-8_sparc.deb oldstable/main/libfreetype6-udeb_2.1.7-8_sparc.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-arm/gaim-encryption_2.36-3_arm.deb gaim-encryption (2.36-3) unstable; urgency=low * re-compile with new version of Gaim to make the warning go away (while I don't come up with a permanent fix) (closes: #303732) * depend on gaim >= 1.2 (closes: #302838) oldstable/main/binary-alpha/gfax_0.4.2-11sarge1_alpha.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-arm/gfax_0.4.2-11sarge1_arm.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-hppa/gfax_0.4.2-11sarge1_hppa.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/source/gfax_0.4.2-11sarge1.dsc oldstable/main/source/gfax_0.4.2-11sarge1.diff.gz oldstable/main/binary-i386/gfax_0.4.2-11sarge1_i386.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-ia64/gfax_0.4.2-11sarge1_ia64.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-m68k/gfax_0.4.2-11sarge1_m68k.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-mips/gfax_0.4.2-11sarge1_mips.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-mipsel/gfax_0.4.2-11sarge1_mipsel.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-powerpc/gfax_0.4.2-11sarge1_powerpc.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-s390/gfax_0.4.2-11sarge1_s390.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-sparc/gfax_0.4.2-11sarge1_sparc.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-arm/gff2aplot_2.0-1_arm.deb gff2aplot (2.0-1) unstable; urgency=low * Initial Release (Closes: #300828) oldstable/main/source/gforge_3.1-31sarge2.dsc oldstable/main/source/gforge_3.1-31sarge2.diff.gz oldstable/main/binary-all/gforge_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-common_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-web-apache_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-db-postgresql_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-mta-exim4_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-mta-exim_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-mta-postfix_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-shell-ldap_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-cvs_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-ftp-proftpd_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-ldap-openldap_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-dns-bind9_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-lists-mailman_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-sourceforge-transition_3.1-31sarge2_all.deb oldstable/main/binary-all/sourceforge_3.1-31sarge2_all.deb gforge (3.1-31sarge2) oldstable-security; urgency=high * Fixed SQL injection vulnerability due to insufficient input sanitizing (CVE-2007-3913). oldstable/main/source/gforge_3.1-31sarge3.dsc oldstable/main/source/gforge_3.1-31sarge3.diff.gz oldstable/main/binary-all/gforge_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-common_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-web-apache_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-db-postgresql_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-mta-exim4_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-mta-exim_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-mta-postfix_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-shell-ldap_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-cvs_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-ftp-proftpd_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-ldap-openldap_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-dns-bind9_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-lists-mailman_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-sourceforge-transition_3.1-31sarge3_all.deb oldstable/main/binary-all/sourceforge_3.1-31sarge3_all.deb gforge (3.1-31sarge3) oldstable-security; urgency=high * Fixed cross-site scripting vulnerability (CVE-2007-3918). oldstable/main/source/gforge_3.1-31sarge4.dsc oldstable/main/source/gforge_3.1-31sarge4.diff.gz oldstable/main/binary-all/gforge_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-common_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-web-apache_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-db-postgresql_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-mta-exim4_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-mta-exim_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-mta-postfix_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-shell-ldap_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-cvs_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-ftp-proftpd_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-ldap-openldap_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-dns-bind9_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-lists-mailman_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-sourceforge-transition_3.1-31sarge4_all.deb oldstable/main/binary-all/sourceforge_3.1-31sarge4_all.deb gforge (3.1-31sarge4) oldstable-security; urgency=high * Fixed file truncation vulnerabilities (CVE-2007-3921) (this version of Gforge isn't vulnerable to the denial of service part of that CVE). oldstable/main/binary-alpha/libgimp2.0_2.2.6-1sarge4_alpha.deb oldstable/main/binary-alpha/gimp-helpbrowser_2.2.6-1sarge4_alpha.deb oldstable/main/binary-alpha/gimp-python_2.2.6-1sarge4_alpha.deb oldstable/main/binary-alpha/gimp-svg_2.2.6-1sarge4_alpha.deb oldstable/main/binary-alpha/gimp_2.2.6-1sarge4_alpha.deb oldstable/main/binary-alpha/libgimp2.0-dev_2.2.6-1sarge4_alpha.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-arm/libgimp2.0_2.2.6-1sarge4_arm.deb oldstable/main/binary-arm/gimp-helpbrowser_2.2.6-1sarge4_arm.deb oldstable/main/binary-arm/gimp-python_2.2.6-1sarge4_arm.deb oldstable/main/binary-arm/gimp-svg_2.2.6-1sarge4_arm.deb oldstable/main/binary-arm/gimp_2.2.6-1sarge4_arm.deb oldstable/main/binary-arm/libgimp2.0-dev_2.2.6-1sarge4_arm.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-hppa/libgimp2.0_2.2.6-1sarge4_hppa.deb oldstable/main/binary-hppa/gimp-helpbrowser_2.2.6-1sarge4_hppa.deb oldstable/main/binary-hppa/gimp-python_2.2.6-1sarge4_hppa.deb oldstable/main/binary-hppa/gimp-svg_2.2.6-1sarge4_hppa.deb oldstable/main/binary-hppa/gimp_2.2.6-1sarge4_hppa.deb oldstable/main/binary-hppa/libgimp2.0-dev_2.2.6-1sarge4_hppa.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/source/gimp_2.2.6-1sarge4.dsc oldstable/main/source/gimp_2.2.6-1sarge4.diff.gz oldstable/main/binary-all/gimp-data_2.2.6-1sarge4_all.deb oldstable/main/binary-all/libgimp2.0-doc_2.2.6-1sarge4_all.deb oldstable/main/binary-all/gimp1.2_2.2.6-1sarge4_all.deb oldstable/main/binary-i386/libgimp2.0_2.2.6-1sarge4_i386.deb oldstable/main/binary-i386/gimp-helpbrowser_2.2.6-1sarge4_i386.deb oldstable/main/binary-i386/gimp-python_2.2.6-1sarge4_i386.deb oldstable/main/binary-i386/gimp-svg_2.2.6-1sarge4_i386.deb oldstable/main/binary-i386/gimp_2.2.6-1sarge4_i386.deb oldstable/main/binary-i386/libgimp2.0-dev_2.2.6-1sarge4_i386.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-ia64/libgimp2.0_2.2.6-1sarge4_ia64.deb oldstable/main/binary-ia64/gimp-helpbrowser_2.2.6-1sarge4_ia64.deb oldstable/main/binary-ia64/gimp-python_2.2.6-1sarge4_ia64.deb oldstable/main/binary-ia64/gimp-svg_2.2.6-1sarge4_ia64.deb oldstable/main/binary-ia64/gimp_2.2.6-1sarge4_ia64.deb oldstable/main/binary-ia64/libgimp2.0-dev_2.2.6-1sarge4_ia64.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-m68k/libgimp2.0_2.2.6-1sarge4_m68k.deb oldstable/main/binary-m68k/gimp-helpbrowser_2.2.6-1sarge4_m68k.deb oldstable/main/binary-m68k/gimp-python_2.2.6-1sarge4_m68k.deb oldstable/main/binary-m68k/gimp-svg_2.2.6-1sarge4_m68k.deb oldstable/main/binary-m68k/gimp_2.2.6-1sarge4_m68k.deb oldstable/main/binary-m68k/libgimp2.0-dev_2.2.6-1sarge4_m68k.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-mips/libgimp2.0_2.2.6-1sarge4_mips.deb oldstable/main/binary-mips/gimp-helpbrowser_2.2.6-1sarge4_mips.deb oldstable/main/binary-mips/gimp-python_2.2.6-1sarge4_mips.deb oldstable/main/binary-mips/gimp-svg_2.2.6-1sarge4_mips.deb oldstable/main/binary-mips/gimp_2.2.6-1sarge4_mips.deb oldstable/main/binary-mips/libgimp2.0-dev_2.2.6-1sarge4_mips.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-mipsel/libgimp2.0_2.2.6-1sarge4_mipsel.deb oldstable/main/binary-mipsel/gimp-helpbrowser_2.2.6-1sarge4_mipsel.deb oldstable/main/binary-mipsel/gimp-python_2.2.6-1sarge4_mipsel.deb oldstable/main/binary-mipsel/gimp-svg_2.2.6-1sarge4_mipsel.deb oldstable/main/binary-mipsel/gimp_2.2.6-1sarge4_mipsel.deb oldstable/main/binary-mipsel/libgimp2.0-dev_2.2.6-1sarge4_mipsel.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-powerpc/libgimp2.0_2.2.6-1sarge4_powerpc.deb oldstable/main/binary-powerpc/gimp-helpbrowser_2.2.6-1sarge4_powerpc.deb oldstable/main/binary-powerpc/gimp-python_2.2.6-1sarge4_powerpc.deb oldstable/main/binary-powerpc/gimp-svg_2.2.6-1sarge4_powerpc.deb oldstable/main/binary-powerpc/gimp_2.2.6-1sarge4_powerpc.deb oldstable/main/binary-powerpc/libgimp2.0-dev_2.2.6-1sarge4_powerpc.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-s390/libgimp2.0_2.2.6-1sarge4_s390.deb oldstable/main/binary-s390/gimp-helpbrowser_2.2.6-1sarge4_s390.deb oldstable/main/binary-s390/gimp-python_2.2.6-1sarge4_s390.deb oldstable/main/binary-s390/gimp-svg_2.2.6-1sarge4_s390.deb oldstable/main/binary-s390/gimp_2.2.6-1sarge4_s390.deb oldstable/main/binary-s390/libgimp2.0-dev_2.2.6-1sarge4_s390.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-sparc/libgimp2.0_2.2.6-1sarge4_sparc.deb oldstable/main/binary-sparc/gimp-helpbrowser_2.2.6-1sarge4_sparc.deb oldstable/main/binary-sparc/gimp-python_2.2.6-1sarge4_sparc.deb oldstable/main/binary-sparc/gimp-svg_2.2.6-1sarge4_sparc.deb oldstable/main/binary-sparc/gimp_2.2.6-1sarge4_sparc.deb oldstable/main/binary-sparc/libgimp2.0-dev_2.2.6-1sarge4_sparc.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-arm/libgnuradio-core0-dev_2.4-2_arm.deb oldstable/main/binary-arm/libgnuradio-core0_2.4-2_arm.deb oldstable/main/binary-arm/gnuradio-doc_2.4-2_arm.deb oldstable/main/binary-arm/python-gnuradio_2.4-2_arm.deb gnuradio-core (2.4-2) unstable; urgency=low * Changed Section of libgnuradio-core0-devel from 'devel' to 'libdevel'. oldstable/main/binary-alpha/gpdf_2.8.2-1.2sarge6_alpha.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-arm/gpdf_2.8.2-1.2sarge6_arm.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-hppa/gpdf_2.8.2-1.2sarge6_hppa.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/source/gpdf_2.8.2-1.2sarge6.dsc oldstable/main/source/gpdf_2.8.2-1.2sarge6.diff.gz oldstable/main/binary-i386/gpdf_2.8.2-1.2sarge6_i386.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-ia64/gpdf_2.8.2-1.2sarge6_ia64.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-m68k/gpdf_2.8.2-1.2sarge6_m68k.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-mips/gpdf_2.8.2-1.2sarge6_mips.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-mipsel/gpdf_2.8.2-1.2sarge6_mipsel.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-powerpc/gpdf_2.8.2-1.2sarge6_powerpc.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-s390/gpdf_2.8.2-1.2sarge6_s390.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-sparc/gpdf_2.8.2-1.2sarge6_sparc.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-mips/gr-audio-oss_0.5-3_mips.deb gr-audio-oss (0.5-3) unstable; urgency=low * Added Build-Depends on cppunit, fftw3-dev, libboost-dev. (closes: #302217) oldstable/main/source/horde3_3.0.4-4sarge5.dsc oldstable/main/source/horde3_3.0.4-4sarge5.diff.gz oldstable/main/binary-all/horde3_3.0.4-4sarge5_all.deb horde3 (3.0.4-4sarge5) oldstable-security; urgency=high * Fix XSS vulnerability. See CVE-2007-1473 for more information. (Closes: #434045) oldstable/main/source/horde3_3.0.4-4sarge6.dsc oldstable/main/source/horde3_3.0.4-4sarge6.diff.gz oldstable/main/binary-all/horde3_3.0.4-4sarge6_all.deb horde3 (3.0.4-4sarge6) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames. (CVE-2007-1474) * services/go.php in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 does not properly restrict its image proxy capability, which allows remote attackers to perform "Web tunneling" attacks and use the server as a proxy via (1) http, (2) https, and (3) ftp URL in the url parameter, which is requested from the server. (CVE-2006-3549) * Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 allow remote attackers to inject arbitrary web script or HTML via a (1) javascript URI or an external (2) http, (3) https, or (4) ftp URI in the url parameter in services/go.php (aka the dereferrer), (5) a javascript URI in the module parameter in services/help (aka the help viewer), and (6) the name parameter in services/problem.php (aka the problem reporting screen). (CVE-2006-3548) * index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS. (CVE-2006-4256) * Closes: 383416, 378281 oldstable/main/source/hostap-modules-i386_0.3.7-1sarge2.dsc oldstable/main/source/hostap-modules-i386_0.3.7-1sarge2.tar.gz oldstable/main/binary-i386/hostap-modules-2.4.27-3-386_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.4.27-3-586tsc_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.4.27-3-686_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.4.27-3-686-smp_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.4.27-3-k6_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.4.27-3-k7_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.4.27-3-k7-smp_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.6.8-4-386_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.6.8-4-686_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.6.8-4-686-smp_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.6.8-4-k7_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.6.8-4-k7-smp_0.3.7-1sarge2_i386.deb hostap-modules-i386 (1:0.3.7-1sarge2) oldstable-security; urgency=high * Rebuild for 2.6.8-4 ABI oldstable/main/binary-alpha/libid3-3.8.3-dev_3.8.3-4.1sarge1_alpha.deb oldstable/main/binary-alpha/libid3-3.8.3_3.8.3-4.1sarge1_alpha.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-amd64/libid3-3.8.3-dev_3.8.3-4.1sarge1_amd64.deb oldstable/main/binary-amd64/libid3-3.8.3_3.8.3-4.1sarge1_amd64.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-arm/libid3-3.8.3-dev_3.8.3-4.1sarge1_arm.deb oldstable/main/binary-arm/libid3-3.8.3_3.8.3-4.1sarge1_arm.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-hppa/libid3-3.8.3-dev_3.8.3-4.1sarge1_hppa.deb oldstable/main/binary-hppa/libid3-3.8.3_3.8.3-4.1sarge1_hppa.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/source/id3lib3.8.3_3.8.3-4.1sarge1.dsc oldstable/main/source/id3lib3.8.3_3.8.3.orig.tar.gz oldstable/main/source/id3lib3.8.3_3.8.3-4.1sarge1.diff.gz oldstable/main/binary-i386/libid3-3.8.3-dev_3.8.3-4.1sarge1_i386.deb oldstable/main/binary-i386/libid3-3.8.3_3.8.3-4.1sarge1_i386.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-ia64/libid3-3.8.3-dev_3.8.3-4.1sarge1_ia64.deb oldstable/main/binary-ia64/libid3-3.8.3_3.8.3-4.1sarge1_ia64.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-m68k/libid3-3.8.3-dev_3.8.3-4.1sarge1_m68k.deb oldstable/main/binary-m68k/libid3-3.8.3_3.8.3-4.1sarge1_m68k.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-mips/libid3-3.8.3-dev_3.8.3-4.1sarge1_mips.deb oldstable/main/binary-mips/libid3-3.8.3_3.8.3-4.1sarge1_mips.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-mipsel/libid3-3.8.3-dev_3.8.3-4.1sarge1_mipsel.deb oldstable/main/binary-mipsel/libid3-3.8.3_3.8.3-4.1sarge1_mipsel.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-powerpc/libid3-3.8.3-dev_3.8.3-4.1sarge1_powerpc.deb oldstable/main/binary-powerpc/libid3-3.8.3_3.8.3-4.1sarge1_powerpc.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-s390/libid3-3.8.3-dev_3.8.3-4.1sarge1_s390.deb oldstable/main/binary-s390/libid3-3.8.3_3.8.3-4.1sarge1_s390.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-sparc/libid3-3.8.3-dev_3.8.3-4.1sarge1_sparc.deb oldstable/main/binary-sparc/libid3-3.8.3_3.8.3-4.1sarge1_sparc.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-arm/iroffer_1.4.b02-1_arm.deb iroffer (1.4.b02-1) unstable; urgency=low * New upstream release (Closes: #291941) * Created debian/watch file. oldstable/main/binary-hppa/iroffer_1.4.b02-1_hppa.deb iroffer (1.4.b02-1) unstable; urgency=low * New upstream release (Closes: #291941) * Created debian/watch file. oldstable/main/binary-ia64/iroffer_1.4.b02-1_ia64.deb iroffer (1.4.b02-1) unstable; urgency=low * New upstream release (Closes: #291941) * Created debian/watch file. oldstable/main/binary-m68k/iroffer_1.4.b02-1_m68k.deb iroffer (1.4.b02-1) unstable; urgency=low * New upstream release (Closes: #291941) * Created debian/watch file. oldstable/main/binary-mips/iroffer_1.4.b02-1_mips.deb iroffer (1.4.b02-1) unstable; urgency=low * New upstream release (Closes: #291941) * Created debian/watch file. oldstable/main/binary-mipsel/iroffer_1.4.b02-1_mipsel.deb iroffer (1.4.b02-1) unstable; urgency=low * New upstream release (Closes: #291941) * Created debian/watch file. oldstable/main/binary-s390/iroffer_1.4.b02-1_s390.deb iroffer (1.4.b02-1) unstable; urgency=low * New upstream release (Closes: #291941) * Created debian/watch file. oldstable/main/source/iso-scan_1.04sarge1.dsc oldstable/main/source/iso-scan_1.04sarge1.tar.gz oldstable/main/iso-scan_1.04sarge1_all.udeb oldstable/main/load-iso_1.04sarge1_all.udeb iso-scan (1.04sarge1) oldstable; urgency=low * Matt Kraai - Fix the spelling of "file system". * Frans Pop - Add support for installing oldstable (checking for oldstable in the postinst should not be necessary). - Update translations with thanks to translators. oldstable/main/binary-powerpc/joystick_20010903-2_powerpc.deb joystick (20010903-2) unstable; urgency=low * debian/control: updated Standards-Version. * debian/control: added version number to debhelper Build-Depends. * debian/copyright: improved with more text from the GPL and a description of changes to the package. * debian/template: German translation from Sebastian Feltel . (Closes: Bug#119939) oldstable/main/binary-arm/k3d_0.4.3.0-3_arm.deb oldstable/main/binary-arm/k3d-dev_0.4.3.0-3_arm.deb k3d (0.4.3.0-3) unstable; urgency=low * _Really_ apply patch from #274172 (closes: #274172). Sorry. :-( oldstable/main/binary-alpha/kamera_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kcoloredit_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kdegraphics-dev_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kdegraphics-kfile-plugins_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kdvi_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kfax_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kgamma_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kghostview_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kiconedit_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kmrml_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kolourpaint_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kooka_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kpdf_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kpovmodeler_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kruler_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/ksnapshot_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/ksvg_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kuickshow_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kview_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kviewshell_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/libkscan-dev_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/libkscan1_3.3.2-2sarge5_alpha.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-arm/kamera_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kcoloredit_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kdegraphics-dev_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kdegraphics-kfile-plugins_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kdvi_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kfax_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kgamma_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kghostview_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kiconedit_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kmrml_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kolourpaint_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kooka_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kpdf_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kpovmodeler_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kruler_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/ksnapshot_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/ksvg_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kuickshow_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kview_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kviewshell_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/libkscan-dev_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/libkscan1_3.3.2-2sarge5_arm.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-hppa/kamera_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kcoloredit_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kdegraphics-dev_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kdegraphics-kfile-plugins_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kdvi_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kfax_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kgamma_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kghostview_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kiconedit_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kmrml_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kolourpaint_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kooka_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kpdf_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kpovmodeler_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kruler_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/ksnapshot_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/ksvg_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kuickshow_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kview_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kviewshell_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/libkscan-dev_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/libkscan1_3.3.2-2sarge5_hppa.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/source/kdegraphics_3.3.2-2sarge5.dsc oldstable/main/source/kdegraphics_3.3.2-2sarge5.diff.gz oldstable/main/binary-i386/kamera_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kcoloredit_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kdegraphics-dev_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kdegraphics-kfile-plugins_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kdvi_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kfax_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kgamma_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kghostview_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kiconedit_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kmrml_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kolourpaint_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kooka_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kpdf_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kpovmodeler_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kruler_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/ksnapshot_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/ksvg_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kuickshow_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kview_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kviewshell_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/libkscan-dev_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/libkscan1_3.3.2-2sarge5_i386.deb oldstable/main/binary-all/kdegraphics_3.3.2-2sarge5_all.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-ia64/kamera_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kcoloredit_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kdegraphics-dev_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kdegraphics-kfile-plugins_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kdvi_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kfax_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kgamma_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kghostview_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kiconedit_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kmrml_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kolourpaint_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kooka_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kpdf_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kpovmodeler_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kruler_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/ksnapshot_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/ksvg_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kuickshow_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kview_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kviewshell_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/libkscan-dev_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/libkscan1_3.3.2-2sarge5_ia64.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-m68k/kamera_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kcoloredit_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kdegraphics-dev_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kdegraphics-kfile-plugins_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kdvi_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kfax_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kgamma_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kghostview_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kiconedit_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kmrml_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kolourpaint_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kooka_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kpdf_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kpovmodeler_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kruler_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/ksnapshot_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/ksvg_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kuickshow_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kview_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kviewshell_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/libkscan-dev_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/libkscan1_3.3.2-2sarge5_m68k.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-mips/kamera_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kcoloredit_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kdegraphics-dev_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kdegraphics-kfile-plugins_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kdvi_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kfax_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kgamma_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kghostview_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kiconedit_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kmrml_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kolourpaint_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kooka_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kpdf_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kpovmodeler_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kruler_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/ksnapshot_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/ksvg_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kuickshow_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kview_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kviewshell_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/libkscan-dev_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/libkscan1_3.3.2-2sarge5_mips.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-mipsel/kamera_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kcoloredit_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kdegraphics-dev_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kdegraphics-kfile-plugins_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kdvi_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kfax_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kgamma_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kghostview_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kiconedit_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kmrml_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kolourpaint_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kooka_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kpdf_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kpovmodeler_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kruler_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/ksnapshot_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/ksvg_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kuickshow_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kview_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kviewshell_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/libkscan-dev_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/libkscan1_3.3.2-2sarge5_mipsel.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-powerpc/kamera_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kcoloredit_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kdegraphics-dev_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kdegraphics-kfile-plugins_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kdvi_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kfax_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kgamma_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kghostview_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kiconedit_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kmrml_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kolourpaint_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kooka_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kpdf_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kpovmodeler_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kruler_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/ksnapshot_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/ksvg_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kuickshow_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kview_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kviewshell_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/libkscan-dev_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/libkscan1_3.3.2-2sarge5_powerpc.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-s390/kamera_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kcoloredit_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kdegraphics-dev_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kdegraphics-kfile-plugins_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kdvi_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kfax_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kgamma_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kghostview_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kiconedit_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kmrml_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kolourpaint_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kooka_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kpdf_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kpovmodeler_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kruler_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/ksnapshot_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/ksvg_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kuickshow_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kview_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kviewshell_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/libkscan-dev_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/libkscan1_3.3.2-2sarge5_s390.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-sparc/kamera_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kcoloredit_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kdegraphics-dev_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kdegraphics-kfile-plugins_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kdvi_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kfax_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kgamma_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kghostview_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kiconedit_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kmrml_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kolourpaint_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kooka_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kpdf_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kpovmodeler_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kruler_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/ksnapshot_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/ksvg_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kuickshow_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kview_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kviewshell_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/libkscan-dev_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/libkscan1_3.3.2-2sarge5_sparc.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-arm/kdissert_0.3.8-1_arm.deb kdissert (0.3.8-1) unstable; urgency=low * New upstream release * Converted to CDBS * Do not compress .docbook files (closes: #302109) oldstable/main/source/kernel-image-2.6.8-alpha_2.6.8-17.dsc oldstable/main/source/kernel-image-2.6.8-alpha_2.6.8-17.tar.gz oldstable/main/binary-alpha/kernel-headers-2.6.8-4_2.6.8-17_alpha.deb oldstable/main/binary-alpha/kernel-headers-2.6.8-4-smp_2.6.8-17_alpha.deb oldstable/main/binary-alpha/kernel-image-2.6.8-4-smp_2.6.8-17_alpha.deb oldstable/main/binary-alpha/kernel-headers-2.6.8-4-generic_2.6.8-17_alpha.deb oldstable/main/binary-alpha/kernel-image-2.6.8-4-generic_2.6.8-17_alpha.deb kernel-image-2.6.8-alpha (2.6.8-17) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-image-2.6.8-amd64_2.6.8-17.dsc oldstable/main/source/kernel-image-2.6.8-amd64_2.6.8-17.tar.gz oldstable/main/binary-i386/kernel-headers-2.6.8-13_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-amd64-k8_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-amd64-generic_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-em64t-p4_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17_i386.deb kernel-image-2.6.8-amd64 (2.6.8-17) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-image-2.6.8-hppa_2.6.8-7.dsc oldstable/main/source/kernel-image-2.6.8-hppa_2.6.8-7.tar.gz oldstable/main/binary-hppa/kernel-headers-2.6.8-4_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6.8-4-32-smp_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6.8-4-32-smp_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6.8-4-64_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6.8-4-64_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6.8-4-32_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6.8-4-32_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6.8-4-64-smp_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6.8-4-64-smp_2.6.8-7_hppa.deb kernel-image-2.6.8-hppa (2.6.8-7) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-image-2.6.8-i386_2.6.8-17.dsc oldstable/main/source/kernel-image-2.6.8-i386_2.6.8-17.tar.gz oldstable/main/binary-i386/kernel-headers-2.6.8-4_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-686_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-686_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-k7-smp_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-k7-smp_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-686-smp_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-686-smp_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-k7_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-k7_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-386_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-386_2.6.8-17_i386.deb kernel-image-2.6.8-i386 (2.6.8-17) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-image-2.6.8-ia64_2.6.8-15.dsc oldstable/main/source/kernel-image-2.6.8-ia64_2.6.8-15.tar.gz oldstable/main/binary-ia64/kernel-headers-2.6.8-4_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6-itanium-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-itanium-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-itanium-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6.8-4-itanium-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-mckinley-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-mckinley-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6.8-4-mckinley-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6-itanium_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-itanium_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-itanium_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6.8-4-itanium_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6-mckinley_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-mckinley_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-mckinley_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6.8-4-mckinley_2.6.8-15_ia64.deb kernel-image-2.6.8-ia64 (2.6.8-15) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-image-2.6.8-m68k_2.6.8-5.dsc oldstable/main/source/kernel-image-2.6.8-m68k_2.6.8-5.tar.gz oldstable/main/binary-m68k/kernel-image-2.6.8-sun3_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-bvme6000_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-atari_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-mvme16x_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-mac_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-amiga_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-mvme147_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-q40_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-hp_2.6.8-5_m68k.deb kernel-image-2.6.8-m68k (2.6.8-5) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-image-2.6.8-s390_2.6.8-6.dsc oldstable/main/source/kernel-image-2.6.8-s390_2.6.8-6.tar.gz oldstable/main/binary-all/kernel-patch-2.6.8-s390_2.6.8-6_all.deb oldstable/main/binary-s390/kernel-headers-2.6.8-4_2.6.8-6_s390.deb oldstable/main/binary-s390/kernel-image-2.6.8-4-s390_2.6.8-6_s390.deb oldstable/main/binary-s390/kernel-image-2.6.8-4-s390x_2.6.8-6_s390.deb oldstable/main/binary-s390/kernel-image-2.6.8-4-s390-tape_2.6.8-6_s390.deb kernel-image-2.6.8-s390 (2.6.8-6) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-image-2.6.8-sparc_2.6.8-16.dsc oldstable/main/source/kernel-image-2.6.8-sparc_2.6.8-16.tar.gz oldstable/main/binary-sparc/kernel-headers-2.6.8-4_2.6.8-16_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6.8-4-sparc32_2.6.8-16_sparc.deb oldstable/main/binary-sparc/kernel-image-2.6.8-4-sparc32_2.6.8-16_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6.8-4-sparc64_2.6.8-16_sparc.deb oldstable/main/binary-sparc/kernel-image-2.6.8-4-sparc64_2.6.8-16_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6.8-4-sparc64-smp_2.6.8-16_sparc.deb oldstable/main/binary-sparc/kernel-image-2.6.8-4-sparc64-smp_2.6.8-16_sparc.deb oldstable/main/binary-sparc/kernel-build-2.6.8-4_2.6.8-16_sparc.deb kernel-image-2.6.8-sparc (2.6.8-16) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17: [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-latest-2.6-alpha_101sarge2.dsc oldstable/main/source/kernel-latest-2.6-alpha_101sarge2.tar.gz oldstable/main/binary-alpha/kernel-image-2.6-generic_101sarge2_alpha.deb oldstable/main/binary-alpha/kernel-headers-2.6-generic_101sarge2_alpha.deb oldstable/main/binary-alpha/kernel-image-2.6-smp_101sarge2_alpha.deb oldstable/main/binary-alpha/kernel-headers-2.6-smp_101sarge2_alpha.deb kernel-latest-2.6-alpha (101sarge2) oldstable-security; urgency=high * Update for the -4 ABI oldstable/main/binary-i386/kernel-headers-2.6-em64t-p4-smp_103sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-amd64-k8-smp_103sarge2_i386.deb oldstable/main/binary-i386/kernel-image-2.6-amd64-k8-smp_103sarge2_i386.deb oldstable/main/binary-amd64/kernel-headers-2.6-amd64-generic_103sarge2_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6-amd64-generic_103sarge2_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6-em64t-p4_103sarge2_amd64.deb oldstable/main/source/kernel-latest-2.6-amd64_103sarge2.tar.gz oldstable/main/binary-amd64/kernel-image-2.6-amd64-k8-smp_103sarge2_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6-em64t-p4-smp_103sarge2_amd64.deb oldstable/main/binary-i386/kernel-image-2.6-amd64-k8_103sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-amd64-generic_103sarge2_i386.deb oldstable/main/binary-i386/kernel-image-2.6-em64t-p4_103sarge2_i386.deb oldstable/main/binary-amd64/kernel-image-2.6-amd64-k8_103sarge2_amd64.deb oldstable/main/binary-i386/kernel-image-2.6-amd64-generic_103sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-amd64-k8_103sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-em64t-p4_103sarge2_i386.deb oldstable/main/binary-amd64/kernel-headers-2.6-em64t-p4_103sarge2_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6-em64t-p4-smp_103sarge2_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6-amd64-k8_103sarge2_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6-amd64-k8-smp_103sarge2_amd64.deb oldstable/main/binary-i386/kernel-image-2.6-em64t-p4-smp_103sarge2_i386.deb oldstable/main/source/kernel-latest-2.6-amd64_103sarge2.dsc kernel-latest-2.6-amd64 (103sarge2) oldstable-security; urgency=high * Update for the -13 ABI oldstable/main/source/kernel-latest-2.6-hppa_2.6.8-1sarge2.dsc oldstable/main/source/kernel-latest-2.6-hppa_2.6.8-1sarge2.tar.gz oldstable/main/binary-hppa/kernel-headers-2.6_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6-32_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6-32_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6-32-smp_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6-32-smp_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6-64_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6-64_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6-64-smp_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6-64-smp_2.6.8-1sarge2_hppa.deb kernel-latest-2.6-hppa (2.6.8-1sarge2) oldstable-security; urgency=high * Update for the -4 ABI oldstable/main/source/kernel-latest-2.6-i386_101sarge2.dsc oldstable/main/source/kernel-latest-2.6-i386_101sarge2.tar.gz oldstable/main/binary-i386/kernel-headers-2.6-386_101sarge2_i386.deb oldstable/main/binary-i386/kernel-image-2.6-386_101sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-686_101sarge2_i386.deb oldstable/main/binary-i386/kernel-image-2.6-686_101sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-686-smp_101sarge2_i386.deb oldstable/main/binary-i386/kernel-image-2.6-686-smp_101sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-k7_101sarge2_i386.deb oldstable/main/binary-i386/kernel-image-2.6-k7_101sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-k7-smp_101sarge2_i386.deb oldstable/main/binary-i386/kernel-image-2.6-k7-smp_101sarge2_i386.deb kernel-latest-2.6-i386 (101sarge2) oldstable-security; urgency=high * Update for the -4 ABI oldstable/main/source/kernel-latest-2.6-sparc_101sarge2.dsc oldstable/main/source/kernel-latest-2.6-sparc_101sarge2.tar.gz oldstable/main/binary-sparc/kernel-image-2.6-sparc32_101sarge2_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6-sparc32_101sarge2_sparc.deb oldstable/main/binary-sparc/kernel-image-2.6-sparc64_101sarge2_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6-sparc64_101sarge2_sparc.deb oldstable/main/binary-sparc/kernel-image-2.6-sparc64-smp_101sarge2_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6-sparc64-smp_101sarge2_sparc.deb kernel-latest-2.6-sparc (101sarge2) oldstable-security; urgency=high * Update for the -4 ABI oldstable/main/source/kernel-latest-powerpc_102sarge2.dsc oldstable/main/source/kernel-latest-powerpc_102sarge2.tar.gz oldstable/main/binary-powerpc/kernel-headers-2.6_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-headers_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6-powerpc_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-powerpc_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6-powerpc-smp_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-powerpc-smp_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6-power3_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-power3_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6-power3-smp_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-power3-smp_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6-power4_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-power4_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6-power4-smp_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-power4-smp_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-headers-2.4_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.4-powerpc_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.4-powerpc-smp_102sarge2_powerpc.deb kernel-latest-powerpc (102sarge2) oldstable-security; urgency=high * Update 2.6 dependencies for the -4 ABI. oldstable/main/source/kernel-patch-powerpc-2.6.8_2.6.8-13.dsc oldstable/main/source/kernel-patch-powerpc-2.6.8_2.6.8-13.tar.gz oldstable/main/binary-powerpc/kernel-headers-2.6.8-4_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power3_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power3_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power3-smp_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power3-smp_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power4_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power4_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power4-smp_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power4-smp_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-powerpc_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-powerpc_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-powerpc-smp_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-powerpc-smp_2.6.8-13_powerpc.deb kernel-patch-powerpc-2.6.8 (2.6.8-13) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-source-2.6.8_2.6.8-17.dsc oldstable/main/source/kernel-source-2.6.8_2.6.8-17.diff.gz oldstable/main/binary-all/kernel-patch-debian-2.6.8_2.6.8-17_all.deb oldstable/main/binary-all/kernel-source-2.6.8_2.6.8-17_all.deb oldstable/main/binary-all/kernel-tree-2.6.8_2.6.8-17_all.deb oldstable/main/binary-all/kernel-doc-2.6.8_2.6.8-17_all.deb kernel-source-2.6.8 (2.6.8-17) oldstable; urgency=high [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/binary-arm/kexi_0.1cvs20050408-1_arm.deb oldstable/main/binary-arm/kexi-postgresql-driver_0.1cvs20050408-1_arm.deb oldstable/main/binary-arm/kexi-mysql-driver_0.1cvs20050408-1_arm.deb oldstable/main/binary-arm/libkexi-dev_0.1cvs20050408-1_arm.deb kexi (0.1cvs20050408-1) unstable; urgency=low * New CVS Snapshot * new upload packages do not have missing files more and closes all the related bugs (Closes: #303525, #260613, #298172) oldstable/main/binary-ia64/kimdaba_2.0-4_ia64.deb kimdaba (2.0-4) unstable; urgency=low * Broken i386 package on Sid, unnecessary dependency on kdelibs 4:4.3.0 removed (closes: #309752). * Upstream KDE-help documentation is only in Docbook format. Only HTML, DebianDoc-SGML or Text are acceptable. Removed debian/kimdaba.doc-base (closes: #308985). oldstable/main/binary-alpha/libkadm55_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/libkrb53_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/krb5-user_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/krb5-clients_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/krb5-rsh-server_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/krb5-ftpd_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/krb5-telnetd_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/krb5-kdc_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/krb5-admin-server_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/libkrb5-dev_1.3.6-2sarge5_alpha.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-arm/libkadm55_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/libkrb53_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/krb5-user_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/krb5-clients_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/krb5-rsh-server_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/krb5-ftpd_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/krb5-telnetd_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/krb5-kdc_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/krb5-admin-server_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/libkrb5-dev_1.3.6-2sarge5_arm.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-hppa/libkadm55_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/libkrb53_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/krb5-user_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/krb5-clients_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/krb5-rsh-server_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/krb5-ftpd_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/krb5-telnetd_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/krb5-kdc_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/krb5-admin-server_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/libkrb5-dev_1.3.6-2sarge5_hppa.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/source/krb5_1.3.6-2sarge5.dsc oldstable/main/source/krb5_1.3.6-2sarge5.diff.gz oldstable/main/binary-all/krb5-doc_1.3.6-2sarge5_all.deb oldstable/main/binary-i386/libkadm55_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/libkrb53_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/krb5-user_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/krb5-clients_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/krb5-rsh-server_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/krb5-ftpd_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/krb5-telnetd_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/krb5-kdc_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/krb5-admin-server_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/libkrb5-dev_1.3.6-2sarge5_i386.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-ia64/libkadm55_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/libkrb53_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/krb5-user_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/krb5-clients_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/krb5-rsh-server_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/krb5-ftpd_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/krb5-telnetd_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/krb5-kdc_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/krb5-admin-server_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/libkrb5-dev_1.3.6-2sarge5_ia64.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-m68k/libkadm55_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/libkrb53_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/krb5-user_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/krb5-clients_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/krb5-rsh-server_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/krb5-ftpd_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/krb5-telnetd_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/krb5-kdc_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/krb5-admin-server_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/libkrb5-dev_1.3.6-2sarge5_m68k.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-mips/libkadm55_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/libkrb53_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/krb5-user_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/krb5-clients_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/krb5-rsh-server_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/krb5-ftpd_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/krb5-telnetd_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/krb5-kdc_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/krb5-admin-server_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/libkrb5-dev_1.3.6-2sarge5_mips.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-mipsel/libkadm55_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/libkrb53_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/krb5-user_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/krb5-clients_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/krb5-rsh-server_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/krb5-ftpd_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/krb5-telnetd_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/krb5-kdc_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/krb5-admin-server_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/libkrb5-dev_1.3.6-2sarge5_mipsel.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-powerpc/libkadm55_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/libkrb53_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/krb5-user_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/krb5-clients_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/krb5-rsh-server_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/krb5-ftpd_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/krb5-telnetd_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/krb5-kdc_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/krb5-admin-server_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/libkrb5-dev_1.3.6-2sarge5_powerpc.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-s390/libkadm55_1.3.6-2sarge5_s390.deb oldstable/main/binary-s390/libkrb53_1.3.6-2sarge5_s390.deb oldstable/main/binary-s390/krb5-user_1.3.6-2sarge5_s390.deb oldstable/main/binary-s390/krb5-clients_1.3.6-2sarge5_s390.deb oldstable/main/binary-s390/krb5-rsh-server_1.3.6-2sarge5_s390.deb oldstable/main/binary-s390/krb5-ftpd_1.3.6-2sarge5_s390.deb oldstable/main/binary-s390/krb5-telnetd_1.3.6-2sarge5_s390.deb oldstable/main/binary-s390/krb5-kdc_1.3.6-2sarge5_s390.deb oldstable/main/binary-s390/krb5-admin-server_1.3.6-2sarge5_s390.deb oldstable/main/binary-s390/libkrb5-dev_1.3.6-2sarge5_s390.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-sparc/libkadm55_1.3.6-2sarge5_sparc.deb oldstable/main/binary-sparc/libkrb53_1.3.6-2sarge5_sparc.deb oldstable/main/binary-sparc/krb5-user_1.3.6-2sarge5_sparc.deb oldstable/main/binary-sparc/krb5-clients_1.3.6-2sarge5_sparc.deb oldstable/main/binary-sparc/krb5-rsh-server_1.3.6-2sarge5_sparc.deb oldstable/main/binary-sparc/krb5-ftpd_1.3.6-2sarge5_sparc.deb oldstable/main/binary-sparc/krb5-telnetd_1.3.6-2sarge5_sparc.deb oldstable/main/binary-sparc/krb5-kdc_1.3.6-2sarge5_sparc.deb oldstable/main/binary-sparc/krb5-admin-server_1.3.6-2sarge5_sparc.deb oldstable/main/binary-sparc/libkrb5-dev_1.3.6-2sarge5_sparc.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/source/ldap-account-manager_0.4.9-2sarge1.dsc oldstable/main/source/ldap-account-manager_0.4.9.orig.tar.gz oldstable/main/source/ldap-account-manager_0.4.9-2sarge1.diff.gz oldstable/main/binary-all/ldap-account-manager_0.4.9-2sarge1_all.deb ldap-account-manager (0.4.9-2sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix improper quoting of user description field in lib/modules.inc that lead to a cross-site scripting vulnerability. (CVE-2007-1840) * Fix local root vulnerability in lamdaemon.pl that allowed local users to execute arbitrary code by specifying a PATH variable pointing to a malicius rm program (CVE-2006-7191) oldstable/main/binary-arm/leafpad_0.7.9-4_arm.deb leafpad (0.7.9-4) unstable; urgency=low * debian/leafpad.lintian-overrides, debian/source.lintian-overrides - use override to prevent lintian warning, thanks Lucas Wall * upload to official debian repository (Closes: #274512, #288577) oldstable/main/binary-alpha/libapache-mod-jk_1.2.5-2sarge1_alpha.deb libapache-mod-jk (1:1.2.5-2sarge1) oldstable-security; urgency=high * Forward unparsed URI to tomcat. Closes: #425836. CVE-2007-1860 oldstable/main/binary-arm/libapache-mod-jk_1.2.5-2sarge1_arm.deb libapache-mod-jk (1:1.2.5-2sarge1) oldstable-security; urgency=high * Forward unparsed URI to tomcat. Closes: #425836. CVE-2007-1860 oldstable/main/binary-hppa/libapache-mod-jk_1.2.5-2sarge1_hppa.deb libapache-mod-jk (1:1.2.5-2sarge1) oldstable-security; urgency=high * Forward unparsed URI to tomcat. Closes: #425836. CVE-2007-1860 oldstable/main/source/libapache-mod-jk_1.2.5-2sarge1.dsc oldstable/main/source/libapache-mod-jk_1.2.5-2sarge1.diff.gz oldstable/main/binary-i386/libapache-mod-jk_1.2.5-2sarge1_i386.deb libapache-mod-jk (1:1.2.5-2sarge1) oldstable-security; urgency=high * Forward unparsed URI to tomcat. Closes: #425836. CVE-2007-1860 oldstable/main/binary-ia64/libapache-mod-jk_1.2.5-2sarge1_ia64.deb libapache-mod-jk (1:1.2.5-2sarge1) oldstable-security; urgency=high * Forward unparsed URI to tomcat. Closes: #425836. CVE-2007-1860 oldstable/main/binary-m68k/libapache-mod-jk_1.2.5-2sarge1_m68k.deb libapache-mod-jk (1:1.2.5-2sarge1) oldstable-security; urgency=high * Forward unparsed URI to tomcat. Closes: #425836. CVE-2007-1860 oldstable/main/binary-mips/libapache-mod-jk_1.2.5-2sarge1_mips.deb libapache-mod-jk (1:1.2.5-2sarge1) oldstable-security; urgency=high * Forward unparsed URI to tomcat. Closes: #425836. CVE-2007-1860 oldstable/main/binary-mipsel/libapache-mod-jk_1.2.5-2sarge1_mipsel.deb libapache-mod-jk (1:1.2.5-2sarge1) oldstable-security; urgency=high * Forward unparsed URI to tomcat. Closes: #425836. CVE-2007-1860 oldstable/main/binary-powerpc/libapache-mod-jk_1.2.5-2sarge1_powerpc.deb libapache-mod-jk (1:1.2.5-2sarge1) oldstable-security; urgency=high * Forward unparsed URI to tomcat. Closes: #425836. CVE-2007-1860 oldstable/main/binary-s390/libapache-mod-jk_1.2.5-2sarge1_s390.deb libapache-mod-jk (1:1.2.5-2sarge1) oldstable-security; urgency=high * Forward unparsed URI to tomcat. Closes: #425836. CVE-2007-1860 oldstable/main/binary-sparc/libapache-mod-jk_1.2.5-2sarge1_sparc.deb libapache-mod-jk (1:1.2.5-2sarge1) oldstable-security; urgency=high * Forward unparsed URI to tomcat. Closes: #425836. CVE-2007-1860 oldstable/main/binary-arm/libdbd-sqlite2-perl_0.33-3_arm.deb libdbd-sqlite2-perl (2:0.33-3) unstable; urgency=low * debian/control: changed maintainer to DPG. oldstable/main/binary-alpha/libexif-dev_0.6.9-6sarge1_alpha.deb oldstable/main/binary-alpha/libexif10_0.6.9-6sarge1_alpha.deb libexif (0.6.9-6sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team * Fix integer overflow in loading images. [CVE-2006-4168] oldstable/main/binary-arm/libexif-dev_0.6.9-6sarge1_arm.deb oldstable/main/binary-arm/libexif10_0.6.9-6sarge1_arm.deb libexif (0.6.9-6sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team * Fix integer overflow in loading images. [CVE-2006-4168] oldstable/main/binary-hppa/libexif-dev_0.6.9-6sarge1_hppa.deb oldstable/main/binary-hppa/libexif10_0.6.9-6sarge1_hppa.deb libexif (0.6.9-6sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team * Fix integer overflow in loading images. [CVE-2006-4168] oldstable/main/source/libexif_0.6.9-6sarge1.dsc oldstable/main/source/libexif_0.6.9-6sarge1.diff.gz oldstable/main/binary-i386/libexif-dev_0.6.9-6sarge1_i386.deb oldstable/main/binary-i386/libexif10_0.6.9-6sarge1_i386.deb libexif (0.6.9-6sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team * Fix integer overflow in loading images. [CVE-2006-4168] oldstable/main/binary-ia64/libexif-dev_0.6.9-6sarge1_ia64.deb oldstable/main/binary-ia64/libexif10_0.6.9-6sarge1_ia64.deb libexif (0.6.9-6sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team * Fix integer overflow in loading images. [CVE-2006-4168] oldstable/main/binary-m68k/libexif-dev_0.6.9-6sarge1_m68k.deb oldstable/main/binary-m68k/libexif10_0.6.9-6sarge1_m68k.deb libexif (0.6.9-6sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team * Fix integer overflow in loading images. [CVE-2006-4168] oldstable/main/binary-mips/libexif-dev_0.6.9-6sarge1_mips.deb oldstable/main/binary-mips/libexif10_0.6.9-6sarge1_mips.deb libexif (0.6.9-6sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team * Fix integer overflow in loading images. [CVE-2006-4168] oldstable/main/binary-mipsel/libexif-dev_0.6.9-6sarge1_mipsel.deb oldstable/main/binary-mipsel/libexif10_0.6.9-6sarge1_mipsel.deb libexif (0.6.9-6sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team * Fix integer overflow in loading images. [CVE-2006-4168] oldstable/main/binary-powerpc/libexif-dev_0.6.9-6sarge1_powerpc.deb oldstable/main/binary-powerpc/libexif10_0.6.9-6sarge1_powerpc.deb libexif (0.6.9-6sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team * Fix integer overflow in loading images. [CVE-2006-4168] oldstable/main/binary-s390/libexif-dev_0.6.9-6sarge1_s390.deb oldstable/main/binary-s390/libexif10_0.6.9-6sarge1_s390.deb libexif (0.6.9-6sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team * Fix integer overflow in loading images. [CVE-2006-4168] oldstable/main/binary-sparc/libexif-dev_0.6.9-6sarge1_sparc.deb oldstable/main/binary-sparc/libexif10_0.6.9-6sarge1_sparc.deb libexif (0.6.9-6sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team * Fix integer overflow in loading images. [CVE-2006-4168] oldstable/main/binary-alpha/extract_0.4.2-2sarge6_alpha.deb oldstable/main/binary-alpha/libextractor1_0.4.2-2sarge6_alpha.deb oldstable/main/binary-alpha/libextractor1-dev_0.4.2-2sarge6_alpha.deb libextractor (0.4.2-2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-arm/extract_0.4.2-2sarge6_arm.deb oldstable/main/binary-arm/libextractor1_0.4.2-2sarge6_arm.deb oldstable/main/binary-arm/libextractor1-dev_0.4.2-2sarge6_arm.deb libextractor (0.4.2-2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-hppa/extract_0.4.2-2sarge6_hppa.deb oldstable/main/binary-hppa/libextractor1_0.4.2-2sarge6_hppa.deb oldstable/main/binary-hppa/libextractor1-dev_0.4.2-2sarge6_hppa.deb libextractor (0.4.2-2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/source/libextractor_0.4.2-2sarge6.dsc oldstable/main/source/libextractor_0.4.2-2sarge6.diff.gz oldstable/main/binary-i386/extract_0.4.2-2sarge6_i386.deb oldstable/main/binary-i386/libextractor1_0.4.2-2sarge6_i386.deb oldstable/main/binary-i386/libextractor1-dev_0.4.2-2sarge6_i386.deb libextractor (0.4.2-2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-ia64/extract_0.4.2-2sarge6_ia64.deb oldstable/main/binary-ia64/libextractor1_0.4.2-2sarge6_ia64.deb oldstable/main/binary-ia64/libextractor1-dev_0.4.2-2sarge6_ia64.deb libextractor (0.4.2-2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-m68k/extract_0.4.2-2sarge6_m68k.deb oldstable/main/binary-m68k/libextractor1_0.4.2-2sarge6_m68k.deb oldstable/main/binary-m68k/libextractor1-dev_0.4.2-2sarge6_m68k.deb libextractor (0.4.2-2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-mips/extract_0.4.2-2sarge6_mips.deb oldstable/main/binary-mips/libextractor1_0.4.2-2sarge6_mips.deb oldstable/main/binary-mips/libextractor1-dev_0.4.2-2sarge6_mips.deb libextractor (0.4.2-2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-mipsel/extract_0.4.2-2sarge6_mipsel.deb oldstable/main/binary-mipsel/libextractor1_0.4.2-2sarge6_mipsel.deb oldstable/main/binary-mipsel/libextractor1-dev_0.4.2-2sarge6_mipsel.deb libextractor (0.4.2-2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-powerpc/extract_0.4.2-2sarge6_powerpc.deb oldstable/main/binary-powerpc/libextractor1_0.4.2-2sarge6_powerpc.deb oldstable/main/binary-powerpc/libextractor1-dev_0.4.2-2sarge6_powerpc.deb libextractor (0.4.2-2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-s390/extract_0.4.2-2sarge6_s390.deb oldstable/main/binary-s390/libextractor1_0.4.2-2sarge6_s390.deb oldstable/main/binary-s390/libextractor1-dev_0.4.2-2sarge6_s390.deb libextractor (0.4.2-2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-sparc/extract_0.4.2-2sarge6_sparc.deb oldstable/main/binary-sparc/libextractor1_0.4.2-2sarge6_sparc.deb oldstable/main/binary-sparc/libextractor1-dev_0.4.2-2sarge6_sparc.deb libextractor (0.4.2-2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-sparc/libgconf-java_2.8.3.1-2_sparc.deb libgconf-java (2.8.3.1-2) unstable; urgency=medium * Changed libgcj4-dev build dependency to new libgcj-dev * Clean *.Plo files. Closes: #303470. Thanks to Andreas Jochens * Patch Makefile.in to fix distclean and run full distclean. Closes: #304643 oldstable/main/binary-powerpc/libglade-java_2.8.3.1-2_powerpc.deb libglade-java (2.8.3.1-2) unstable; urgency=medium * Patched Makefile.in to distclean correctly. * Build-depend on libgcj-dev instead of libgcj4-dev * Clean up *.Plo files oldstable/main/binary-sparc/libgnome-jni_2.8.3.1-2_sparc.deb libgnome-java (2.8.3.1-2) unstable; urgency=medium * Use distclean as clean target, patch scripts to ensure *.ac and *.am aren't deleted. Closes: #303646 * Build-depend on libgcj-dev instead of libgcj4-dev * Clean up *.Plo files oldstable/main/binary-alpha/libnss-ldap_238-1sarge1_alpha.deb libnss-ldap (238-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix race condition, which could lead to a DoS, when applications use pthread and fork after a call to nss_ldap Fixes: CVE-2007-5794 oldstable/main/binary-amd64/libnss-ldap_238-1sarge1_amd64.deb libnss-ldap (238-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix race condition, which could lead to a DoS, when applications use pthread and fork after a call to nss_ldap Fixes: CVE-2007-5794 oldstable/main/binary-arm/libnss-ldap_238-1sarge1_arm.deb libnss-ldap (238-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix race condition, which could lead to a DoS, when applications use pthread and fork after a call to nss_ldap Fixes: CVE-2007-5794 oldstable/main/binary-hppa/libnss-ldap_238-1sarge1_hppa.deb libnss-ldap (238-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix race condition, which could lead to a DoS, when applications use pthread and fork after a call to nss_ldap Fixes: CVE-2007-5794 oldstable/main/source/libnss-ldap_238-1sarge1.dsc oldstable/main/source/libnss-ldap_238.orig.tar.gz oldstable/main/source/libnss-ldap_238-1sarge1.diff.gz oldstable/main/binary-i386/libnss-ldap_238-1sarge1_i386.deb libnss-ldap (238-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix race condition, which could lead to a DoS, when applications use pthread and fork after a call to nss_ldap Fixes: CVE-2007-5794 oldstable/main/binary-ia64/libnss-ldap_238-1sarge1_ia64.deb libnss-ldap (238-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix race condition, which could lead to a DoS, when applications use pthread and fork after a call to nss_ldap Fixes: CVE-2007-5794 oldstable/main/binary-m68k/libnss-ldap_238-1sarge1_m68k.deb libnss-ldap (238-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix race condition, which could lead to a DoS, when applications use pthread and fork after a call to nss_ldap Fixes: CVE-2007-5794 oldstable/main/binary-mips/libnss-ldap_238-1sarge1_mips.deb libnss-ldap (238-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix race condition, which could lead to a DoS, when applications use pthread and fork after a call to nss_ldap Fixes: CVE-2007-5794 oldstable/main/binary-mipsel/libnss-ldap_238-1sarge1_mipsel.deb libnss-ldap (238-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix race condition, which could lead to a DoS, when applications use pthread and fork after a call to nss_ldap Fixes: CVE-2007-5794 oldstable/main/binary-powerpc/libnss-ldap_238-1sarge1_powerpc.deb libnss-ldap (238-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix race condition, which could lead to a DoS, when applications use pthread and fork after a call to nss_ldap Fixes: CVE-2007-5794 oldstable/main/binary-s390/libnss-ldap_238-1sarge1_s390.deb libnss-ldap (238-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix race condition, which could lead to a DoS, when applications use pthread and fork after a call to nss_ldap Fixes: CVE-2007-5794 oldstable/main/binary-sparc/libnss-ldap_238-1sarge1_sparc.deb libnss-ldap (238-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix race condition, which could lead to a DoS, when applications use pthread and fork after a call to nss_ldap Fixes: CVE-2007-5794 oldstable/main/binary-alpha/libopenssl-ruby1.6_0.1.4a-1sarge1_alpha.deb libopenssl-ruby (0.1.4a-1sarge1) oldstable-security; urgency=high * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-amd64/libopenssl-ruby1.6_0.1.4a-1sarge1_amd64.deb libopenssl-ruby (0.1.4a-1sarge1) oldstable-security; urgency=high * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-arm/libopenssl-ruby1.6_0.1.4a-1sarge1_arm.deb libopenssl-ruby (0.1.4a-1sarge1) oldstable-security; urgency=high * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-hppa/libopenssl-ruby1.6_0.1.4a-1sarge1_hppa.deb libopenssl-ruby (0.1.4a-1sarge1) oldstable-security; urgency=high * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/source/libopenssl-ruby_0.1.4a-1sarge1.dsc oldstable/main/source/libopenssl-ruby_0.1.4a.orig.tar.gz oldstable/main/source/libopenssl-ruby_0.1.4a-1sarge1.diff.gz oldstable/main/binary-i386/libopenssl-ruby1.6_0.1.4a-1sarge1_i386.deb libopenssl-ruby (0.1.4a-1sarge1) oldstable-security; urgency=high * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-ia64/libopenssl-ruby1.6_0.1.4a-1sarge1_ia64.deb libopenssl-ruby (0.1.4a-1sarge1) oldstable-security; urgency=high * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-m68k/libopenssl-ruby1.6_0.1.4a-1sarge1_m68k.deb libopenssl-ruby (0.1.4a-1sarge1) oldstable-security; urgency=high * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-mips/libopenssl-ruby1.6_0.1.4a-1sarge1_mips.deb libopenssl-ruby (0.1.4a-1sarge1) oldstable-security; urgency=high * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-mipsel/libopenssl-ruby1.6_0.1.4a-1sarge1_mipsel.deb libopenssl-ruby (0.1.4a-1sarge1) oldstable-security; urgency=high * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-powerpc/libopenssl-ruby1.6_0.1.4a-1sarge1_powerpc.deb libopenssl-ruby (0.1.4a-1sarge1) oldstable-security; urgency=high * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-s390/libopenssl-ruby1.6_0.1.4a-1sarge1_s390.deb libopenssl-ruby (0.1.4a-1sarge1) oldstable-security; urgency=high * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-sparc/libopenssl-ruby1.6_0.1.4a-1sarge1_sparc.deb libopenssl-ruby (0.1.4a-1sarge1) oldstable-security; urgency=high * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/source/linux-kernel-di-hppa-2.6_1.1sarge3.dsc oldstable/main/source/linux-kernel-di-hppa-2.6_1.1sarge3.tar.gz oldstable/main/kernel-image-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/nic-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/ppp-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/socket-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/ide-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/cdrom-core-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/cdrom-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/firewire-core-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/scsi-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/loop-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/ipv6-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/ext3-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/xfs-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/md-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/usb-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/usb-storage-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/input-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/sata-modules-2.6.8-4-32-di_1.1sarge3_hppa.udeb oldstable/main/kernel-image-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/nic-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/ppp-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/socket-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/ide-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/cdrom-core-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/cdrom-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/firewire-core-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/scsi-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/loop-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/ipv6-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/ext3-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/xfs-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/md-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/usb-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/usb-storage-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/input-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb oldstable/main/sata-modules-2.6.8-4-64-di_1.1sarge3_hppa.udeb linux-kernel-di-hppa-2.6 (1.1sarge3) oldstable; urgency=low * Update to kernel image version 2.6.8-7. oldstable/main/source/linux-kernel-di-i386-2.6_1.02sarge5.dsc oldstable/main/source/linux-kernel-di-i386-2.6_1.02sarge5.tar.gz oldstable/main/kernel-image-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/nic-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/nic-extra-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/nic-shared-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/serial-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/ppp-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/socket-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/ide-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/ide-core-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/cdrom-core-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/cdrom-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/firewire-core-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/scsi-core-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/scsi-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/scsi-common-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/scsi-extra-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/plip-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/floppy-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/loop-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/ipv6-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/ext3-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/jfs-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/ntfs-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/reiserfs-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/xfs-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/fat-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/ufs-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/md-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/usb-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/usb-storage-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/pcmcia-storage-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/fb-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/input-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/irda-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/parport-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/nic-pcmcia-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/pcmcia-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/nic-usb-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/sata-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/firmware-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb oldstable/main/acpi-modules-2.6.8-4-386-di_1.02sarge5_i386.udeb linux-kernel-di-i386-2.6 (1.02sarge5) oldstable; urgency=low * Update to kernel image version 2.6.8-17. oldstable/main/source/linux-kernel-di-ia64-2.6_1.1sarge3.dsc oldstable/main/source/linux-kernel-di-ia64-2.6_1.1sarge3.tar.gz oldstable/main/kernel-image-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/nic-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/nic-shared-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/serial-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/ppp-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/ide-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/ide-core-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/cdrom-core-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/firewire-core-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/scsi-core-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/scsi-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/plip-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/loop-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/ipv6-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/ext3-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/ntfs-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/reiserfs-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/xfs-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/fat-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/ufs-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/md-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/usb-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/usb-storage-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/fb-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/input-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/irda-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/parport-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/pcmcia-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/nic-usb-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/sata-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb oldstable/main/firmware-modules-2.6.8-4-itanium-smp-di_1.1sarge3_ia64.udeb linux-kernel-di-ia64-2.6 (1.1sarge3) oldstable; urgency=low * Update to kernel image version 2.6.8-15. oldstable/main/source/linux-kernel-di-m68k-2.6_0.66sarge3.dsc oldstable/main/source/linux-kernel-di-m68k-2.6_0.66sarge3.tar.gz oldstable/main/kernel-image-2.6.8-amiga-di_0.66sarge3_m68k.udeb oldstable/main/nic-shared-modules-2.6.8-amiga-di_0.66sarge3_m68k.udeb oldstable/main/ppp-modules-2.6.8-amiga-di_0.66sarge3_m68k.udeb oldstable/main/scsi-modules-2.6.8-amiga-di_0.66sarge3_m68k.udeb oldstable/main/jfs-modules-2.6.8-amiga-di_0.66sarge3_m68k.udeb oldstable/main/reiserfs-modules-2.6.8-amiga-di_0.66sarge3_m68k.udeb oldstable/main/fat-modules-2.6.8-amiga-di_0.66sarge3_m68k.udeb oldstable/main/kernel-image-2.6.8-atari-di_0.66sarge3_m68k.udeb oldstable/main/nic-shared-modules-2.6.8-atari-di_0.66sarge3_m68k.udeb oldstable/main/ppp-modules-2.6.8-atari-di_0.66sarge3_m68k.udeb oldstable/main/scsi-modules-2.6.8-atari-di_0.66sarge3_m68k.udeb oldstable/main/jfs-modules-2.6.8-atari-di_0.66sarge3_m68k.udeb oldstable/main/reiserfs-modules-2.6.8-atari-di_0.66sarge3_m68k.udeb oldstable/main/fat-modules-2.6.8-atari-di_0.66sarge3_m68k.udeb oldstable/main/kernel-image-2.6.8-bvme6000-di_0.66sarge3_m68k.udeb oldstable/main/nic-shared-modules-2.6.8-bvme6000-di_0.66sarge3_m68k.udeb oldstable/main/ppp-modules-2.6.8-bvme6000-di_0.66sarge3_m68k.udeb oldstable/main/scsi-modules-2.6.8-bvme6000-di_0.66sarge3_m68k.udeb oldstable/main/jfs-modules-2.6.8-bvme6000-di_0.66sarge3_m68k.udeb oldstable/main/reiserfs-modules-2.6.8-bvme6000-di_0.66sarge3_m68k.udeb oldstable/main/fat-modules-2.6.8-bvme6000-di_0.66sarge3_m68k.udeb oldstable/main/kernel-image-2.6.8-hp-di_0.66sarge3_m68k.udeb oldstable/main/nic-shared-modules-2.6.8-hp-di_0.66sarge3_m68k.udeb oldstable/main/ppp-modules-2.6.8-hp-di_0.66sarge3_m68k.udeb oldstable/main/scsi-modules-2.6.8-hp-di_0.66sarge3_m68k.udeb oldstable/main/jfs-modules-2.6.8-hp-di_0.66sarge3_m68k.udeb oldstable/main/reiserfs-modules-2.6.8-hp-di_0.66sarge3_m68k.udeb oldstable/main/fat-modules-2.6.8-hp-di_0.66sarge3_m68k.udeb oldstable/main/kernel-image-2.6.8-mac-di_0.66sarge3_m68k.udeb oldstable/main/nic-shared-modules-2.6.8-mac-di_0.66sarge3_m68k.udeb oldstable/main/ppp-modules-2.6.8-mac-di_0.66sarge3_m68k.udeb oldstable/main/scsi-modules-2.6.8-mac-di_0.66sarge3_m68k.udeb oldstable/main/jfs-modules-2.6.8-mac-di_0.66sarge3_m68k.udeb oldstable/main/reiserfs-modules-2.6.8-mac-di_0.66sarge3_m68k.udeb oldstable/main/fat-modules-2.6.8-mac-di_0.66sarge3_m68k.udeb oldstable/main/kernel-image-2.6.8-mvme147-di_0.66sarge3_m68k.udeb oldstable/main/nic-shared-modules-2.6.8-mvme147-di_0.66sarge3_m68k.udeb oldstable/main/ppp-modules-2.6.8-mvme147-di_0.66sarge3_m68k.udeb oldstable/main/scsi-modules-2.6.8-mvme147-di_0.66sarge3_m68k.udeb oldstable/main/jfs-modules-2.6.8-mvme147-di_0.66sarge3_m68k.udeb oldstable/main/reiserfs-modules-2.6.8-mvme147-di_0.66sarge3_m68k.udeb oldstable/main/fat-modules-2.6.8-mvme147-di_0.66sarge3_m68k.udeb oldstable/main/kernel-image-2.6.8-mvme16x-di_0.66sarge3_m68k.udeb oldstable/main/nic-shared-modules-2.6.8-mvme16x-di_0.66sarge3_m68k.udeb oldstable/main/ppp-modules-2.6.8-mvme16x-di_0.66sarge3_m68k.udeb oldstable/main/scsi-modules-2.6.8-mvme16x-di_0.66sarge3_m68k.udeb oldstable/main/jfs-modules-2.6.8-mvme16x-di_0.66sarge3_m68k.udeb oldstable/main/reiserfs-modules-2.6.8-mvme16x-di_0.66sarge3_m68k.udeb oldstable/main/fat-modules-2.6.8-mvme16x-di_0.66sarge3_m68k.udeb oldstable/main/kernel-image-2.6.8-q40-di_0.66sarge3_m68k.udeb oldstable/main/nic-shared-modules-2.6.8-q40-di_0.66sarge3_m68k.udeb oldstable/main/ppp-modules-2.6.8-q40-di_0.66sarge3_m68k.udeb oldstable/main/scsi-modules-2.6.8-q40-di_0.66sarge3_m68k.udeb oldstable/main/jfs-modules-2.6.8-q40-di_0.66sarge3_m68k.udeb oldstable/main/reiserfs-modules-2.6.8-q40-di_0.66sarge3_m68k.udeb oldstable/main/fat-modules-2.6.8-q40-di_0.66sarge3_m68k.udeb oldstable/main/kernel-image-2.6.8-sun3-di_0.66sarge3_m68k.udeb oldstable/main/nic-shared-modules-2.6.8-sun3-di_0.66sarge3_m68k.udeb oldstable/main/ppp-modules-2.6.8-sun3-di_0.66sarge3_m68k.udeb oldstable/main/scsi-modules-2.6.8-sun3-di_0.66sarge3_m68k.udeb oldstable/main/jfs-modules-2.6.8-sun3-di_0.66sarge3_m68k.udeb oldstable/main/reiserfs-modules-2.6.8-sun3-di_0.66sarge3_m68k.udeb oldstable/main/fat-modules-2.6.8-sun3-di_0.66sarge3_m68k.udeb linux-kernel-di-m68k-2.6 (0.66sarge3) oldstable; urgency=low * Update to kernel image version 2.6.8-5. oldstable/main/source/linux-kernel-di-powerpc-2.6_0.78sarge3.dsc oldstable/main/source/linux-kernel-di-powerpc-2.6_0.78sarge3.tar.gz oldstable/main/kernel-image-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/nic-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/nic-extra-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/nic-shared-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/serial-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/ppp-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/socket-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/ide-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/cdrom-core-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/firewire-core-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/scsi-core-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/scsi-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/scsi-common-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/scsi-extra-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/floppy-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/loop-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/ipv6-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/ext2-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/ext3-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/jfs-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/reiserfs-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/xfs-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/fat-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/hfs-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/affs-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/ufs-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/md-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/usb-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/usb-storage-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/pcmcia-storage-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/fb-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/input-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/irda-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/nic-pcmcia-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/pcmcia-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/sata-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/firmware-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/fs-common-modules-2.6.8-4-powerpc-di_0.78sarge3_powerpc.udeb oldstable/main/kernel-image-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/nic-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/nic-extra-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/nic-shared-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/serial-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/ppp-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/socket-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/ide-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/cdrom-core-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/firewire-core-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/scsi-core-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/scsi-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/scsi-common-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/scsi-extra-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/floppy-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/loop-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/ipv6-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/ext2-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/ext3-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/jfs-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/reiserfs-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/xfs-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/fat-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/hfs-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/affs-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/ufs-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/md-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/usb-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/usb-storage-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/pcmcia-storage-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/fb-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/input-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/irda-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/nic-pcmcia-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/pcmcia-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/sata-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/firmware-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/fs-common-modules-2.6.8-4-power3-di_0.78sarge3_powerpc.udeb oldstable/main/kernel-image-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/nic-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/nic-extra-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/nic-shared-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/serial-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/ppp-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/socket-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/ide-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/cdrom-core-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/firewire-core-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/scsi-core-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/scsi-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/scsi-common-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/scsi-extra-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/floppy-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/loop-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/ipv6-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/ext2-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/ext3-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/jfs-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/reiserfs-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/xfs-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/fat-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/hfs-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/affs-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/ufs-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/md-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/usb-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/usb-storage-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/pcmcia-storage-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/fb-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/input-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/irda-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/nic-pcmcia-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/pcmcia-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/sata-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/firmware-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb oldstable/main/fs-common-modules-2.6.8-4-power4-di_0.78sarge3_powerpc.udeb linux-kernel-di-powerpc-2.6 (0.78sarge3) oldstable; urgency=low * Update to kernel image version 2.6.8-13. oldstable/main/source/linux-kernel-di-sparc-2.6_0.05sarge3.dsc oldstable/main/source/linux-kernel-di-sparc-2.6_0.05sarge3.tar.gz oldstable/main/kernel-image-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/nic-modules-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/ppp-modules-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/ide-modules-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/cdrom-core-modules-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/scsi-core-modules-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/scsi-common-modules-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/plip-modules-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/ipv6-modules-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/ext3-modules-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/reiserfs-modules-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/xfs-modules-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/fat-modules-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/md-modules-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/usb-modules-2.6.8-4-sparc64-di_0.05sarge3_sparc.udeb oldstable/main/kernel-image-2.6.8-4-sparc32-di_0.05sarge3_sparc.udeb oldstable/main/nic-modules-2.6.8-4-sparc32-di_0.05sarge3_sparc.udeb oldstable/main/ppp-modules-2.6.8-4-sparc32-di_0.05sarge3_sparc.udeb oldstable/main/cdrom-core-modules-2.6.8-4-sparc32-di_0.05sarge3_sparc.udeb oldstable/main/scsi-core-modules-2.6.8-4-sparc32-di_0.05sarge3_sparc.udeb oldstable/main/scsi-common-modules-2.6.8-4-sparc32-di_0.05sarge3_sparc.udeb oldstable/main/plip-modules-2.6.8-4-sparc32-di_0.05sarge3_sparc.udeb oldstable/main/ipv6-modules-2.6.8-4-sparc32-di_0.05sarge3_sparc.udeb oldstable/main/ext3-modules-2.6.8-4-sparc32-di_0.05sarge3_sparc.udeb oldstable/main/reiserfs-modules-2.6.8-4-sparc32-di_0.05sarge3_sparc.udeb oldstable/main/xfs-modules-2.6.8-4-sparc32-di_0.05sarge3_sparc.udeb oldstable/main/fat-modules-2.6.8-4-sparc32-di_0.05sarge3_sparc.udeb oldstable/main/md-modules-2.6.8-4-sparc32-di_0.05sarge3_sparc.udeb linux-kernel-di-sparc-2.6 (0.05sarge3) oldstable; urgency=low * Update to kernel image version 2.6.8-16. oldstable/main/source/mol-modules-2.6.8_0.9.70+2.6.8+12sarge2.dsc oldstable/main/source/mol-modules-2.6.8_0.9.70+2.6.8+12sarge2.tar.gz oldstable/main/binary-powerpc/mol-modules-2.6.8-4-powerpc_0.9.70+2.6.8+12sarge2_powerpc.deb oldstable/main/binary-powerpc/mol-modules-2.6.8-4-powerpc-smp_0.9.70+2.6.8+12sarge2_powerpc.deb mol-modules-2.6.8 (1:0.9.70+2.6.8+12sarge2) oldstable-security; urgency=high * NMU by the Security Team * Rebuild against the -4 ABI oldstable/main/binary-alpha/mozilla-firefox_1.0.4-2sarge17_alpha.deb oldstable/main/binary-alpha/mozilla-firefox-dom-inspector_1.0.4-2sarge17_alpha.deb oldstable/main/binary-alpha/mozilla-firefox-gnome-support_1.0.4-2sarge17_alpha.deb mozilla-firefox (1.0.4-2sarge17) oldstable-security; urgency=critical * fix a bunch of security issues (all fixed in 1.5.0.10 except mfsa2007-01-Part3/3). Patches available at http://people.debian.org/~asac/ffox-patches-1.5.0.10_for_1.0.x.tar.gz: 0001-mfsa-2007-10-CVE-2007-1282-bz362735.txt 0002-mfsa-2007-09-CVE-2007-0994-Part1-2-bz368763.txt 0003-mfsa-2007-09-CVE-2007-0994-Part2-2-bz368655.txt 0004-mfsa-2007-07-CVE-2007-0981-bz370445.txt 0005-mfsa-2007-06-Part1-2-CVE-2007-0008-bz364319.txt 0006-mfsa-2007-06-Part2-2-CVE-2007-0009-bz364323.txt 0007-mfsa-2007-01-Part-1-3-CVE-2007-0775-Part-1-x-bz326864.txt 0008-mfsa-2007-02-Part1-3-CVE-2007-0995-Part1-2-bz314980.txt 0009-mfsa-2007-02-Part1-3-CVE-2007-0995-Part2-2-bz315473.txt 0010-mfsa-2007-02-Part2-3-CVE-2007-0996-bz356280.txt 0011-mfsa-2007-02-Part3-4-CVE-2006-6077-bz360493.txt 0012-mfsa-2007-02-Part4-4-CVE-2007-0045-bz366082.txt 0013-mfsa-2007-03-CVE-2007-0778-bz347852.txt oldstable/main/binary-arm/mozilla-firefox_1.0.4-2sarge17_arm.deb oldstable/main/binary-arm/mozilla-firefox-dom-inspector_1.0.4-2sarge17_arm.deb oldstable/main/binary-arm/mozilla-firefox-gnome-support_1.0.4-2sarge17_arm.deb mozilla-firefox (1.0.4-2sarge17) oldstable-security; urgency=critical * fix a bunch of security issues (all fixed in 1.5.0.10 except mfsa2007-01-Part3/3). Patches available at http://people.debian.org/~asac/ffox-patches-1.5.0.10_for_1.0.x.tar.gz: 0001-mfsa-2007-10-CVE-2007-1282-bz362735.txt 0002-mfsa-2007-09-CVE-2007-0994-Part1-2-bz368763.txt 0003-mfsa-2007-09-CVE-2007-0994-Part2-2-bz368655.txt 0004-mfsa-2007-07-CVE-2007-0981-bz370445.txt 0005-mfsa-2007-06-Part1-2-CVE-2007-0008-bz364319.txt 0006-mfsa-2007-06-Part2-2-CVE-2007-0009-bz364323.txt 0007-mfsa-2007-01-Part-1-3-CVE-2007-0775-Part-1-x-bz326864.txt 0008-mfsa-2007-02-Part1-3-CVE-2007-0995-Part1-2-bz314980.txt 0009-mfsa-2007-02-Part1-3-CVE-2007-0995-Part2-2-bz315473.txt 0010-mfsa-2007-02-Part2-3-CVE-2007-0996-bz356280.txt 0011-mfsa-2007-02-Part3-4-CVE-2006-6077-bz360493.txt 0012-mfsa-2007-02-Part4-4-CVE-2007-0045-bz366082.txt 0013-mfsa-2007-03-CVE-2007-0778-bz347852.txt oldstable/main/binary-hppa/mozilla-firefox_1.0.4-2sarge17_hppa.deb oldstable/main/binary-hppa/mozilla-firefox-dom-inspector_1.0.4-2sarge17_hppa.deb oldstable/main/binary-hppa/mozilla-firefox-gnome-support_1.0.4-2sarge17_hppa.deb mozilla-firefox (1.0.4-2sarge17) oldstable-security; urgency=critical * fix a bunch of security issues (all fixed in 1.5.0.10 except mfsa2007-01-Part3/3). Patches available at http://people.debian.org/~asac/ffox-patches-1.5.0.10_for_1.0.x.tar.gz: 0001-mfsa-2007-10-CVE-2007-1282-bz362735.txt 0002-mfsa-2007-09-CVE-2007-0994-Part1-2-bz368763.txt 0003-mfsa-2007-09-CVE-2007-0994-Part2-2-bz368655.txt 0004-mfsa-2007-07-CVE-2007-0981-bz370445.txt 0005-mfsa-2007-06-Part1-2-CVE-2007-0008-bz364319.txt 0006-mfsa-2007-06-Part2-2-CVE-2007-0009-bz364323.txt 0007-mfsa-2007-01-Part-1-3-CVE-2007-0775-Part-1-x-bz326864.txt 0008-mfsa-2007-02-Part1-3-CVE-2007-0995-Part1-2-bz314980.txt 0009-mfsa-2007-02-Part1-3-CVE-2007-0995-Part2-2-bz315473.txt 0010-mfsa-2007-02-Part2-3-CVE-2007-0996-bz356280.txt 0011-mfsa-2007-02-Part3-4-CVE-2006-6077-bz360493.txt 0012-mfsa-2007-02-Part4-4-CVE-2007-0045-bz366082.txt 0013-mfsa-2007-03-CVE-2007-0778-bz347852.txt oldstable/main/source/mozilla-firefox_1.0.4-2sarge17.dsc oldstable/main/source/mozilla-firefox_1.0.4-2sarge17.diff.gz oldstable/main/binary-i386/mozilla-firefox_1.0.4-2sarge17_i386.deb oldstable/main/binary-i386/mozilla-firefox-dom-inspector_1.0.4-2sarge17_i386.deb oldstable/main/binary-i386/mozilla-firefox-gnome-support_1.0.4-2sarge17_i386.deb mozilla-firefox (1.0.4-2sarge17) oldstable-security; urgency=critical * fix a bunch of security issues (all fixed in 1.5.0.10 except mfsa2007-01-Part3/3). Patches available at http://people.debian.org/~asac/ffox-patches-1.5.0.10_for_1.0.x.tar.gz: 0001-mfsa-2007-10-CVE-2007-1282-bz362735.txt 0002-mfsa-2007-09-CVE-2007-0994-Part1-2-bz368763.txt 0003-mfsa-2007-09-CVE-2007-0994-Part2-2-bz368655.txt 0004-mfsa-2007-07-CVE-2007-0981-bz370445.txt 0005-mfsa-2007-06-Part1-2-CVE-2007-0008-bz364319.txt 0006-mfsa-2007-06-Part2-2-CVE-2007-0009-bz364323.txt 0007-mfsa-2007-01-Part-1-3-CVE-2007-0775-Part-1-x-bz326864.txt 0008-mfsa-2007-02-Part1-3-CVE-2007-0995-Part1-2-bz314980.txt 0009-mfsa-2007-02-Part1-3-CVE-2007-0995-Part2-2-bz315473.txt 0010-mfsa-2007-02-Part2-3-CVE-2007-0996-bz356280.txt 0011-mfsa-2007-02-Part3-4-CVE-2006-6077-bz360493.txt 0012-mfsa-2007-02-Part4-4-CVE-2007-0045-bz366082.txt 0013-mfsa-2007-03-CVE-2007-0778-bz347852.txt oldstable/main/binary-ia64/mozilla-firefox_1.0.4-2sarge17_ia64.deb oldstable/main/binary-ia64/mozilla-firefox-dom-inspector_1.0.4-2sarge17_ia64.deb oldstable/main/binary-ia64/mozilla-firefox-gnome-support_1.0.4-2sarge17_ia64.deb mozilla-firefox (1.0.4-2sarge17) oldstable-security; urgency=critical * fix a bunch of security issues (all fixed in 1.5.0.10 except mfsa2007-01-Part3/3). Patches available at http://people.debian.org/~asac/ffox-patches-1.5.0.10_for_1.0.x.tar.gz: 0001-mfsa-2007-10-CVE-2007-1282-bz362735.txt 0002-mfsa-2007-09-CVE-2007-0994-Part1-2-bz368763.txt 0003-mfsa-2007-09-CVE-2007-0994-Part2-2-bz368655.txt 0004-mfsa-2007-07-CVE-2007-0981-bz370445.txt 0005-mfsa-2007-06-Part1-2-CVE-2007-0008-bz364319.txt 0006-mfsa-2007-06-Part2-2-CVE-2007-0009-bz364323.txt 0007-mfsa-2007-01-Part-1-3-CVE-2007-0775-Part-1-x-bz326864.txt 0008-mfsa-2007-02-Part1-3-CVE-2007-0995-Part1-2-bz314980.txt 0009-mfsa-2007-02-Part1-3-CVE-2007-0995-Part2-2-bz315473.txt 0010-mfsa-2007-02-Part2-3-CVE-2007-0996-bz356280.txt 0011-mfsa-2007-02-Part3-4-CVE-2006-6077-bz360493.txt 0012-mfsa-2007-02-Part4-4-CVE-2007-0045-bz366082.txt 0013-mfsa-2007-03-CVE-2007-0778-bz347852.txt oldstable/main/binary-m68k/mozilla-firefox_1.0.4-2sarge17_m68k.deb oldstable/main/binary-m68k/mozilla-firefox-dom-inspector_1.0.4-2sarge17_m68k.deb oldstable/main/binary-m68k/mozilla-firefox-gnome-support_1.0.4-2sarge17_m68k.deb mozilla-firefox (1.0.4-2sarge17) oldstable-security; urgency=critical * fix a bunch of security issues (all fixed in 1.5.0.10 except mfsa2007-01-Part3/3). Patches available at http://people.debian.org/~asac/ffox-patches-1.5.0.10_for_1.0.x.tar.gz: 0001-mfsa-2007-10-CVE-2007-1282-bz362735.txt 0002-mfsa-2007-09-CVE-2007-0994-Part1-2-bz368763.txt 0003-mfsa-2007-09-CVE-2007-0994-Part2-2-bz368655.txt 0004-mfsa-2007-07-CVE-2007-0981-bz370445.txt 0005-mfsa-2007-06-Part1-2-CVE-2007-0008-bz364319.txt 0006-mfsa-2007-06-Part2-2-CVE-2007-0009-bz364323.txt 0007-mfsa-2007-01-Part-1-3-CVE-2007-0775-Part-1-x-bz326864.txt 0008-mfsa-2007-02-Part1-3-CVE-2007-0995-Part1-2-bz314980.txt 0009-mfsa-2007-02-Part1-3-CVE-2007-0995-Part2-2-bz315473.txt 0010-mfsa-2007-02-Part2-3-CVE-2007-0996-bz356280.txt 0011-mfsa-2007-02-Part3-4-CVE-2006-6077-bz360493.txt 0012-mfsa-2007-02-Part4-4-CVE-2007-0045-bz366082.txt 0013-mfsa-2007-03-CVE-2007-0778-bz347852.txt oldstable/main/binary-mips/mozilla-firefox_1.0.4-2sarge17_mips.deb oldstable/main/binary-mips/mozilla-firefox-dom-inspector_1.0.4-2sarge17_mips.deb oldstable/main/binary-mips/mozilla-firefox-gnome-support_1.0.4-2sarge17_mips.deb mozilla-firefox (1.0.4-2sarge17) oldstable-security; urgency=critical * fix a bunch of security issues (all fixed in 1.5.0.10 except mfsa2007-01-Part3/3). Patches available at http://people.debian.org/~asac/ffox-patches-1.5.0.10_for_1.0.x.tar.gz: 0001-mfsa-2007-10-CVE-2007-1282-bz362735.txt 0002-mfsa-2007-09-CVE-2007-0994-Part1-2-bz368763.txt 0003-mfsa-2007-09-CVE-2007-0994-Part2-2-bz368655.txt 0004-mfsa-2007-07-CVE-2007-0981-bz370445.txt 0005-mfsa-2007-06-Part1-2-CVE-2007-0008-bz364319.txt 0006-mfsa-2007-06-Part2-2-CVE-2007-0009-bz364323.txt 0007-mfsa-2007-01-Part-1-3-CVE-2007-0775-Part-1-x-bz326864.txt 0008-mfsa-2007-02-Part1-3-CVE-2007-0995-Part1-2-bz314980.txt 0009-mfsa-2007-02-Part1-3-CVE-2007-0995-Part2-2-bz315473.txt 0010-mfsa-2007-02-Part2-3-CVE-2007-0996-bz356280.txt 0011-mfsa-2007-02-Part3-4-CVE-2006-6077-bz360493.txt 0012-mfsa-2007-02-Part4-4-CVE-2007-0045-bz366082.txt 0013-mfsa-2007-03-CVE-2007-0778-bz347852.txt oldstable/main/binary-mipsel/mozilla-firefox_1.0.4-2sarge17_mipsel.deb oldstable/main/binary-mipsel/mozilla-firefox-dom-inspector_1.0.4-2sarge17_mipsel.deb oldstable/main/binary-mipsel/mozilla-firefox-gnome-support_1.0.4-2sarge17_mipsel.deb mozilla-firefox (1.0.4-2sarge17) oldstable-security; urgency=critical * fix a bunch of security issues (all fixed in 1.5.0.10 except mfsa2007-01-Part3/3). Patches available at http://people.debian.org/~asac/ffox-patches-1.5.0.10_for_1.0.x.tar.gz: 0001-mfsa-2007-10-CVE-2007-1282-bz362735.txt 0002-mfsa-2007-09-CVE-2007-0994-Part1-2-bz368763.txt 0003-mfsa-2007-09-CVE-2007-0994-Part2-2-bz368655.txt 0004-mfsa-2007-07-CVE-2007-0981-bz370445.txt 0005-mfsa-2007-06-Part1-2-CVE-2007-0008-bz364319.txt 0006-mfsa-2007-06-Part2-2-CVE-2007-0009-bz364323.txt 0007-mfsa-2007-01-Part-1-3-CVE-2007-0775-Part-1-x-bz326864.txt 0008-mfsa-2007-02-Part1-3-CVE-2007-0995-Part1-2-bz314980.txt 0009-mfsa-2007-02-Part1-3-CVE-2007-0995-Part2-2-bz315473.txt 0010-mfsa-2007-02-Part2-3-CVE-2007-0996-bz356280.txt 0011-mfsa-2007-02-Part3-4-CVE-2006-6077-bz360493.txt 0012-mfsa-2007-02-Part4-4-CVE-2007-0045-bz366082.txt 0013-mfsa-2007-03-CVE-2007-0778-bz347852.txt oldstable/main/binary-powerpc/mozilla-firefox_1.0.4-2sarge17_powerpc.deb oldstable/main/binary-powerpc/mozilla-firefox-dom-inspector_1.0.4-2sarge17_powerpc.deb oldstable/main/binary-powerpc/mozilla-firefox-gnome-support_1.0.4-2sarge17_powerpc.deb mozilla-firefox (1.0.4-2sarge17) oldstable-security; urgency=critical * fix a bunch of security issues (all fixed in 1.5.0.10 except mfsa2007-01-Part3/3). Patches available at http://people.debian.org/~asac/ffox-patches-1.5.0.10_for_1.0.x.tar.gz: 0001-mfsa-2007-10-CVE-2007-1282-bz362735.txt 0002-mfsa-2007-09-CVE-2007-0994-Part1-2-bz368763.txt 0003-mfsa-2007-09-CVE-2007-0994-Part2-2-bz368655.txt 0004-mfsa-2007-07-CVE-2007-0981-bz370445.txt 0005-mfsa-2007-06-Part1-2-CVE-2007-0008-bz364319.txt 0006-mfsa-2007-06-Part2-2-CVE-2007-0009-bz364323.txt 0007-mfsa-2007-01-Part-1-3-CVE-2007-0775-Part-1-x-bz326864.txt 0008-mfsa-2007-02-Part1-3-CVE-2007-0995-Part1-2-bz314980.txt 0009-mfsa-2007-02-Part1-3-CVE-2007-0995-Part2-2-bz315473.txt 0010-mfsa-2007-02-Part2-3-CVE-2007-0996-bz356280.txt 0011-mfsa-2007-02-Part3-4-CVE-2006-6077-bz360493.txt 0012-mfsa-2007-02-Part4-4-CVE-2007-0045-bz366082.txt 0013-mfsa-2007-03-CVE-2007-0778-bz347852.txt oldstable/main/binary-s390/mozilla-firefox_1.0.4-2sarge17_s390.deb oldstable/main/binary-s390/mozilla-firefox-dom-inspector_1.0.4-2sarge17_s390.deb oldstable/main/binary-s390/mozilla-firefox-gnome-support_1.0.4-2sarge17_s390.deb mozilla-firefox (1.0.4-2sarge17) oldstable-security; urgency=critical * fix a bunch of security issues (all fixed in 1.5.0.10 except mfsa2007-01-Part3/3). Patches available at http://people.debian.org/~asac/ffox-patches-1.5.0.10_for_1.0.x.tar.gz: 0001-mfsa-2007-10-CVE-2007-1282-bz362735.txt 0002-mfsa-2007-09-CVE-2007-0994-Part1-2-bz368763.txt 0003-mfsa-2007-09-CVE-2007-0994-Part2-2-bz368655.txt 0004-mfsa-2007-07-CVE-2007-0981-bz370445.txt 0005-mfsa-2007-06-Part1-2-CVE-2007-0008-bz364319.txt 0006-mfsa-2007-06-Part2-2-CVE-2007-0009-bz364323.txt 0007-mfsa-2007-01-Part-1-3-CVE-2007-0775-Part-1-x-bz326864.txt 0008-mfsa-2007-02-Part1-3-CVE-2007-0995-Part1-2-bz314980.txt 0009-mfsa-2007-02-Part1-3-CVE-2007-0995-Part2-2-bz315473.txt 0010-mfsa-2007-02-Part2-3-CVE-2007-0996-bz356280.txt 0011-mfsa-2007-02-Part3-4-CVE-2006-6077-bz360493.txt 0012-mfsa-2007-02-Part4-4-CVE-2007-0045-bz366082.txt 0013-mfsa-2007-03-CVE-2007-0778-bz347852.txt oldstable/main/binary-sparc/mozilla-firefox_1.0.4-2sarge17_sparc.deb oldstable/main/binary-sparc/mozilla-firefox-dom-inspector_1.0.4-2sarge17_sparc.deb oldstable/main/binary-sparc/mozilla-firefox-gnome-support_1.0.4-2sarge17_sparc.deb mozilla-firefox (1.0.4-2sarge17) oldstable-security; urgency=critical * fix a bunch of security issues (all fixed in 1.5.0.10 except mfsa2007-01-Part3/3). Patches available at http://people.debian.org/~asac/ffox-patches-1.5.0.10_for_1.0.x.tar.gz: 0001-mfsa-2007-10-CVE-2007-1282-bz362735.txt 0002-mfsa-2007-09-CVE-2007-0994-Part1-2-bz368763.txt 0003-mfsa-2007-09-CVE-2007-0994-Part2-2-bz368655.txt 0004-mfsa-2007-07-CVE-2007-0981-bz370445.txt 0005-mfsa-2007-06-Part1-2-CVE-2007-0008-bz364319.txt 0006-mfsa-2007-06-Part2-2-CVE-2007-0009-bz364323.txt 0007-mfsa-2007-01-Part-1-3-CVE-2007-0775-Part-1-x-bz326864.txt 0008-mfsa-2007-02-Part1-3-CVE-2007-0995-Part1-2-bz314980.txt 0009-mfsa-2007-02-Part1-3-CVE-2007-0995-Part2-2-bz315473.txt 0010-mfsa-2007-02-Part2-3-CVE-2007-0996-bz356280.txt 0011-mfsa-2007-02-Part3-4-CVE-2006-6077-bz360493.txt 0012-mfsa-2007-02-Part4-4-CVE-2007-0045-bz366082.txt 0013-mfsa-2007-03-CVE-2007-0778-bz347852.txt oldstable/main/binary-alpha/libmysqlclient12_4.0.24-10sarge3_alpha.deb oldstable/main/binary-alpha/libmysqlclient12-dev_4.0.24-10sarge3_alpha.deb oldstable/main/binary-alpha/mysql-client_4.0.24-10sarge3_alpha.deb oldstable/main/binary-alpha/mysql-server_4.0.24-10sarge3_alpha.deb mysql-dfsg (4.0.24-10sarge3) oldstable-security; urgency=high * Security upload prepared for the security team by the debian mysql package maintainers. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements which allows remote authenticated users to rename arbitrary tables. Closes: #424778 oldstable/main/binary-amd64/libmysqlclient12_4.0.24-10sarge3_amd64.deb oldstable/main/binary-amd64/libmysqlclient12-dev_4.0.24-10sarge3_amd64.deb oldstable/main/binary-amd64/mysql-client_4.0.24-10sarge3_amd64.deb oldstable/main/binary-amd64/mysql-server_4.0.24-10sarge3_amd64.deb mysql-dfsg (4.0.24-10sarge3) oldstable-security; urgency=high * Security upload prepared for the security team by the debian mysql package maintainers. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements which allows remote authenticated users to rename arbitrary tables. Closes: #424778 oldstable/main/binary-arm/libmysqlclient12_4.0.24-10sarge3_arm.deb oldstable/main/binary-arm/libmysqlclient12-dev_4.0.24-10sarge3_arm.deb oldstable/main/binary-arm/mysql-client_4.0.24-10sarge3_arm.deb oldstable/main/binary-arm/mysql-server_4.0.24-10sarge3_arm.deb mysql-dfsg (4.0.24-10sarge3) oldstable-security; urgency=high * Security upload prepared for the security team by the debian mysql package maintainers. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements which allows remote authenticated users to rename arbitrary tables. Closes: #424778 oldstable/main/binary-hppa/libmysqlclient12_4.0.24-10sarge3_hppa.deb oldstable/main/binary-hppa/libmysqlclient12-dev_4.0.24-10sarge3_hppa.deb oldstable/main/binary-hppa/mysql-client_4.0.24-10sarge3_hppa.deb oldstable/main/binary-hppa/mysql-server_4.0.24-10sarge3_hppa.deb mysql-dfsg (4.0.24-10sarge3) oldstable-security; urgency=high * Security upload prepared for the security team by the debian mysql package maintainers. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements which allows remote authenticated users to rename arbitrary tables. Closes: #424778 oldstable/main/source/mysql-dfsg_4.0.24-10sarge3.dsc oldstable/main/source/mysql-dfsg_4.0.24-10sarge3.diff.gz oldstable/main/binary-all/mysql-common_4.0.24-10sarge3_all.deb oldstable/main/binary-i386/libmysqlclient12_4.0.24-10sarge3_i386.deb oldstable/main/binary-i386/libmysqlclient12-dev_4.0.24-10sarge3_i386.deb oldstable/main/binary-i386/mysql-client_4.0.24-10sarge3_i386.deb oldstable/main/binary-i386/mysql-server_4.0.24-10sarge3_i386.deb mysql-dfsg (4.0.24-10sarge3) oldstable-security; urgency=high * Security upload prepared for the security team by the debian mysql package maintainers. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements which allows remote authenticated users to rename arbitrary tables. Closes: #424778 oldstable/main/binary-ia64/libmysqlclient12_4.0.24-10sarge3_ia64.deb oldstable/main/binary-ia64/libmysqlclient12-dev_4.0.24-10sarge3_ia64.deb oldstable/main/binary-ia64/mysql-client_4.0.24-10sarge3_ia64.deb oldstable/main/binary-ia64/mysql-server_4.0.24-10sarge3_ia64.deb mysql-dfsg (4.0.24-10sarge3) oldstable-security; urgency=high * Security upload prepared for the security team by the debian mysql package maintainers. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements which allows remote authenticated users to rename arbitrary tables. Closes: #424778 oldstable/main/binary-m68k/libmysqlclient12_4.0.24-10sarge3_m68k.deb oldstable/main/binary-m68k/libmysqlclient12-dev_4.0.24-10sarge3_m68k.deb oldstable/main/binary-m68k/mysql-client_4.0.24-10sarge3_m68k.deb oldstable/main/binary-m68k/mysql-server_4.0.24-10sarge3_m68k.deb mysql-dfsg (4.0.24-10sarge3) oldstable-security; urgency=high * Security upload prepared for the security team by the debian mysql package maintainers. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements which allows remote authenticated users to rename arbitrary tables. Closes: #424778 oldstable/main/binary-mips/libmysqlclient12_4.0.24-10sarge3_mips.deb oldstable/main/binary-mips/libmysqlclient12-dev_4.0.24-10sarge3_mips.deb oldstable/main/binary-mips/mysql-client_4.0.24-10sarge3_mips.deb oldstable/main/binary-mips/mysql-server_4.0.24-10sarge3_mips.deb mysql-dfsg (4.0.24-10sarge3) oldstable-security; urgency=high * Security upload prepared for the security team by the debian mysql package maintainers. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements which allows remote authenticated users to rename arbitrary tables. Closes: #424778 oldstable/main/binary-mipsel/libmysqlclient12_4.0.24-10sarge3_mipsel.deb oldstable/main/binary-mipsel/libmysqlclient12-dev_4.0.24-10sarge3_mipsel.deb oldstable/main/binary-mipsel/mysql-client_4.0.24-10sarge3_mipsel.deb oldstable/main/binary-mipsel/mysql-server_4.0.24-10sarge3_mipsel.deb mysql-dfsg (4.0.24-10sarge3) oldstable-security; urgency=high * Security upload prepared for the security team by the debian mysql package maintainers. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements which allows remote authenticated users to rename arbitrary tables. Closes: #424778 oldstable/main/binary-powerpc/libmysqlclient12_4.0.24-10sarge3_powerpc.deb oldstable/main/binary-powerpc/libmysqlclient12-dev_4.0.24-10sarge3_powerpc.deb oldstable/main/binary-powerpc/mysql-client_4.0.24-10sarge3_powerpc.deb oldstable/main/binary-powerpc/mysql-server_4.0.24-10sarge3_powerpc.deb mysql-dfsg (4.0.24-10sarge3) oldstable-security; urgency=high * Security upload prepared for the security team by the debian mysql package maintainers. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements which allows remote authenticated users to rename arbitrary tables. Closes: #424778 oldstable/main/binary-s390/libmysqlclient12_4.0.24-10sarge3_s390.deb oldstable/main/binary-s390/libmysqlclient12-dev_4.0.24-10sarge3_s390.deb oldstable/main/binary-s390/mysql-client_4.0.24-10sarge3_s390.deb oldstable/main/binary-s390/mysql-server_4.0.24-10sarge3_s390.deb mysql-dfsg (4.0.24-10sarge3) oldstable-security; urgency=high * Security upload prepared for the security team by the debian mysql package maintainers. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements which allows remote authenticated users to rename arbitrary tables. Closes: #424778 oldstable/main/binary-sparc/libmysqlclient12_4.0.24-10sarge3_sparc.deb oldstable/main/binary-sparc/libmysqlclient12-dev_4.0.24-10sarge3_sparc.deb oldstable/main/binary-sparc/mysql-client_4.0.24-10sarge3_sparc.deb oldstable/main/binary-sparc/mysql-server_4.0.24-10sarge3_sparc.deb mysql-dfsg (4.0.24-10sarge3) oldstable-security; urgency=high * Security upload prepared for the security team by the debian mysql package maintainers. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements which allows remote authenticated users to rename arbitrary tables. Closes: #424778 oldstable/main/binary-alpha/libmysqlclient14_4.1.11a-4sarge8_alpha.deb oldstable/main/binary-alpha/libmysqlclient14-dev_4.1.11a-4sarge8_alpha.deb oldstable/main/binary-alpha/mysql-client-4.1_4.1.11a-4sarge8_alpha.deb oldstable/main/binary-alpha/mysql-server-4.1_4.1.11a-4sarge8_alpha.deb mysql-dfsg-4.1 (4.1.11a-4sarge8) oldstable-security; urgency=high * Security release prepared for the security team by the Debian MySQL maintainers. Some patches were taken from the Ubuntu project. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. Closes: #424778 * CVE-2007-3780: It was discovered that MySQL could be made to overflow a signed char during authentication. Remote attackers could use crafted authentication requests to cause a denial of service. oldstable/main/binary-amd64/libmysqlclient14_4.1.11a-4sarge8_amd64.deb oldstable/main/binary-amd64/libmysqlclient14-dev_4.1.11a-4sarge8_amd64.deb oldstable/main/binary-amd64/mysql-client-4.1_4.1.11a-4sarge8_amd64.deb oldstable/main/binary-amd64/mysql-server-4.1_4.1.11a-4sarge8_amd64.deb mysql-dfsg-4.1 (4.1.11a-4sarge8) oldstable-security; urgency=high * Security release prepared for the security team by the Debian MySQL maintainers. Some patches were taken from the Ubuntu project. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. Closes: #424778 * CVE-2007-3780: It was discovered that MySQL could be made to overflow a signed char during authentication. Remote attackers could use crafted authentication requests to cause a denial of service. oldstable/main/binary-arm/libmysqlclient14_4.1.11a-4sarge8_arm.deb oldstable/main/binary-arm/libmysqlclient14-dev_4.1.11a-4sarge8_arm.deb oldstable/main/binary-arm/mysql-client-4.1_4.1.11a-4sarge8_arm.deb oldstable/main/binary-arm/mysql-server-4.1_4.1.11a-4sarge8_arm.deb mysql-dfsg-4.1 (4.1.11a-4sarge8) oldstable-security; urgency=high * Security release prepared for the security team by the Debian MySQL maintainers. Some patches were taken from the Ubuntu project. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. Closes: #424778 * CVE-2007-3780: It was discovered that MySQL could be made to overflow a signed char during authentication. Remote attackers could use crafted authentication requests to cause a denial of service. oldstable/main/binary-hppa/libmysqlclient14_4.1.11a-4sarge8_hppa.deb oldstable/main/binary-hppa/libmysqlclient14-dev_4.1.11a-4sarge8_hppa.deb oldstable/main/binary-hppa/mysql-client-4.1_4.1.11a-4sarge8_hppa.deb oldstable/main/binary-hppa/mysql-server-4.1_4.1.11a-4sarge8_hppa.deb mysql-dfsg-4.1 (4.1.11a-4sarge8) oldstable-security; urgency=high * Security release prepared for the security team by the Debian MySQL maintainers. Some patches were taken from the Ubuntu project. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. Closes: #424778 * CVE-2007-3780: It was discovered that MySQL could be made to overflow a signed char during authentication. Remote attackers could use crafted authentication requests to cause a denial of service. oldstable/main/source/mysql-dfsg-4.1_4.1.11a-4sarge8.dsc oldstable/main/source/mysql-dfsg-4.1_4.1.11a-4sarge8.diff.gz oldstable/main/binary-all/mysql-common-4.1_4.1.11a-4sarge8_all.deb oldstable/main/binary-i386/libmysqlclient14_4.1.11a-4sarge8_i386.deb oldstable/main/binary-i386/libmysqlclient14-dev_4.1.11a-4sarge8_i386.deb oldstable/main/binary-i386/mysql-client-4.1_4.1.11a-4sarge8_i386.deb oldstable/main/binary-i386/mysql-server-4.1_4.1.11a-4sarge8_i386.deb mysql-dfsg-4.1 (4.1.11a-4sarge8) oldstable-security; urgency=high * Security release prepared for the security team by the Debian MySQL maintainers. Some patches were taken from the Ubuntu project. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. Closes: #424778 * CVE-2007-3780: It was discovered that MySQL could be made to overflow a signed char during authentication. Remote attackers could use crafted authentication requests to cause a denial of service. oldstable/main/binary-ia64/libmysqlclient14_4.1.11a-4sarge8_ia64.deb oldstable/main/binary-ia64/libmysqlclient14-dev_4.1.11a-4sarge8_ia64.deb oldstable/main/binary-ia64/mysql-client-4.1_4.1.11a-4sarge8_ia64.deb oldstable/main/binary-ia64/mysql-server-4.1_4.1.11a-4sarge8_ia64.deb mysql-dfsg-4.1 (4.1.11a-4sarge8) oldstable-security; urgency=high * Security release prepared for the security team by the Debian MySQL maintainers. Some patches were taken from the Ubuntu project. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. Closes: #424778 * CVE-2007-3780: It was discovered that MySQL could be made to overflow a signed char during authentication. Remote attackers could use crafted authentication requests to cause a denial of service. oldstable/main/binary-m68k/libmysqlclient14_4.1.11a-4sarge8_m68k.deb oldstable/main/binary-m68k/libmysqlclient14-dev_4.1.11a-4sarge8_m68k.deb oldstable/main/binary-m68k/mysql-client-4.1_4.1.11a-4sarge8_m68k.deb oldstable/main/binary-m68k/mysql-server-4.1_4.1.11a-4sarge8_m68k.deb mysql-dfsg-4.1 (4.1.11a-4sarge8) oldstable-security; urgency=high * Security release prepared for the security team by the Debian MySQL maintainers. Some patches were taken from the Ubuntu project. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. Closes: #424778 * CVE-2007-3780: It was discovered that MySQL could be made to overflow a signed char during authentication. Remote attackers could use crafted authentication requests to cause a denial of service. oldstable/main/binary-mips/libmysqlclient14_4.1.11a-4sarge8_mips.deb oldstable/main/binary-mips/libmysqlclient14-dev_4.1.11a-4sarge8_mips.deb oldstable/main/binary-mips/mysql-client-4.1_4.1.11a-4sarge8_mips.deb oldstable/main/binary-mips/mysql-server-4.1_4.1.11a-4sarge8_mips.deb mysql-dfsg-4.1 (4.1.11a-4sarge8) oldstable-security; urgency=high * Security release prepared for the security team by the Debian MySQL maintainers. Some patches were taken from the Ubuntu project. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. Closes: #424778 * CVE-2007-3780: It was discovered that MySQL could be made to overflow a signed char during authentication. Remote attackers could use crafted authentication requests to cause a denial of service. oldstable/main/binary-mipsel/libmysqlclient14_4.1.11a-4sarge8_mipsel.deb oldstable/main/binary-mipsel/libmysqlclient14-dev_4.1.11a-4sarge8_mipsel.deb oldstable/main/binary-mipsel/mysql-client-4.1_4.1.11a-4sarge8_mipsel.deb oldstable/main/binary-mipsel/mysql-server-4.1_4.1.11a-4sarge8_mipsel.deb mysql-dfsg-4.1 (4.1.11a-4sarge8) oldstable-security; urgency=high * Security release prepared for the security team by the Debian MySQL maintainers. Some patches were taken from the Ubuntu project. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. Closes: #424778 * CVE-2007-3780: It was discovered that MySQL could be made to overflow a signed char during authentication. Remote attackers could use crafted authentication requests to cause a denial of service. oldstable/main/binary-powerpc/libmysqlclient14_4.1.11a-4sarge8_powerpc.deb oldstable/main/binary-powerpc/libmysqlclient14-dev_4.1.11a-4sarge8_powerpc.deb oldstable/main/binary-powerpc/mysql-client-4.1_4.1.11a-4sarge8_powerpc.deb oldstable/main/binary-powerpc/mysql-server-4.1_4.1.11a-4sarge8_powerpc.deb mysql-dfsg-4.1 (4.1.11a-4sarge8) oldstable-security; urgency=high * Security release prepared for the security team by the Debian MySQL maintainers. Some patches were taken from the Ubuntu project. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. Closes: #424778 * CVE-2007-3780: It was discovered that MySQL could be made to overflow a signed char during authentication. Remote attackers could use crafted authentication requests to cause a denial of service. oldstable/main/binary-s390/libmysqlclient14_4.1.11a-4sarge8_s390.deb oldstable/main/binary-s390/libmysqlclient14-dev_4.1.11a-4sarge8_s390.deb oldstable/main/binary-s390/mysql-client-4.1_4.1.11a-4sarge8_s390.deb oldstable/main/binary-s390/mysql-server-4.1_4.1.11a-4sarge8_s390.deb mysql-dfsg-4.1 (4.1.11a-4sarge8) oldstable-security; urgency=high * Security release prepared for the security team by the Debian MySQL maintainers. Some patches were taken from the Ubuntu project. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. Closes: #424778 * CVE-2007-3780: It was discovered that MySQL could be made to overflow a signed char during authentication. Remote attackers could use crafted authentication requests to cause a denial of service. oldstable/main/binary-sparc/libmysqlclient14_4.1.11a-4sarge8_sparc.deb oldstable/main/binary-sparc/libmysqlclient14-dev_4.1.11a-4sarge8_sparc.deb oldstable/main/binary-sparc/mysql-client-4.1_4.1.11a-4sarge8_sparc.deb oldstable/main/binary-sparc/mysql-server-4.1_4.1.11a-4sarge8_sparc.deb mysql-dfsg-4.1 (4.1.11a-4sarge8) oldstable-security; urgency=high * Security release prepared for the security team by the Debian MySQL maintainers. Some patches were taken from the Ubuntu project. * CVE-2007-2691: Fixes the problem that MySQL did not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. Closes: #424778 * CVE-2007-3780: It was discovered that MySQL could be made to overflow a signed char during authentication. Remote attackers could use crafted authentication requests to cause a denial of service. oldstable/main/source/ndiswrapper-modules-i386_1.1-2sarge2.dsc oldstable/main/source/ndiswrapper-modules-i386_1.1-2sarge2.tar.gz oldstable/main/binary-i386/ndiswrapper-modules-2.6.8-4-386_1.1-2sarge2_i386.deb oldstable/main/binary-i386/ndiswrapper-modules-2.6.8-4-686_1.1-2sarge2_i386.deb oldstable/main/binary-i386/ndiswrapper-modules-2.6.8-4-686-smp_1.1-2sarge2_i386.deb oldstable/main/binary-i386/ndiswrapper-modules-2.6.8-4-k7_1.1-2sarge2_i386.deb oldstable/main/binary-i386/ndiswrapper-modules-2.6.8-4-k7-smp_1.1-2sarge2_i386.deb ndiswrapper-modules-i386 (1.1-2sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Rebuild for -4 ABI oldstable/main/binary-arm/libhttp-ocaml-dev_0.1.0-3_arm.deb ocaml-http (0.1.0-3) unstable; urgency=low * rebuilt against ocamlnet 1.0 * uses dpatch, changed debian/{control,rules,patches} accordingly * patched http_daemon.ml so that it doesn't flush data, this apparently solves some issues with approx (see debian/patches/17_flush.dpatch) oldstable/main/binary-ia64/libhttp-ocaml-dev_0.1.0-3_ia64.deb ocaml-http (0.1.0-3) unstable; urgency=low * rebuilt against ocamlnet 1.0 * uses dpatch, changed debian/{control,rules,patches} accordingly * patched http_daemon.ml so that it doesn't flush data, this apparently solves some issues with approx (see debian/patches/17_flush.dpatch) oldstable/main/binary-alpha/octaviz_0.4.0-10sarge1_alpha.deb octaviz (0.4.0-10sarge1) stable; urgency=low +++ Changes by Thomas Weber * recompile to pick up correct Octave version (Closes: #341676, #304162) * Apply 40-cast-pointer-long.patch. This should bring all released stable architectures back in sync oldstable/main/binary-ia64/octaviz_0.4.0-10sarge1_ia64.deb octaviz (0.4.0-10sarge1) stable; urgency=low +++ Changes by Thomas Weber * recompile to pick up correct Octave version (Closes: #341676, #304162) * Apply 40-cast-pointer-long.patch. This should bring all released stable architectures back in sync oldstable/main/binary-i386/openoffice.org-bin_1.1.3-9sarge7_i386.deb oldstable/main/binary-i386/openoffice.org-kde_1.1.3-9sarge7_i386.deb oldstable/main/binary-i386/openoffice.org-gtk-gnome_1.1.3-9sarge7_i386.deb oldstable/main/binary-i386/openoffice.org-dev_1.1.3-9sarge7_i386.deb oldstable/main/binary-i386/openoffice.org-evolution_1.1.3-9sarge7_i386.deb openoffice.org (1.1.3-9sarge7) oldstable-security; urgency=high * ooo-build/patches/OOO_1_1/sw.rtf.prtdata.patch: add, fix heap overflow in parsing of RTF data (CVE-2007-0244) oldstable/main/binary-s390/openoffice.org-bin_1.1.3-9sarge7_s390.deb oldstable/main/binary-s390/openoffice.org-kde_1.1.3-9sarge7_s390.deb oldstable/main/binary-s390/openoffice.org-gtk-gnome_1.1.3-9sarge7_s390.deb oldstable/main/binary-s390/openoffice.org-dev_1.1.3-9sarge7_s390.deb oldstable/main/binary-s390/openoffice.org-evolution_1.1.3-9sarge7_s390.deb openoffice.org (1.1.3-9sarge7) oldstable-security; urgency=high * ooo-build/patches/OOO_1_1/sw.rtf.prtdata.patch: add, fix heap overflow in parsing of RTF data (CVE-2007-0244) oldstable/main/binary-all/openoffice.org-l10n-ns_1.1.3-9sarge7_all.deb oldstable/main/source/openoffice.org_1.1.3-9sarge7.diff.gz oldstable/main/binary-powerpc/openoffice.org-gtk-gnome_1.1.3-9sarge7_powerpc.deb oldstable/main/binary-all/openoffice.org-l10n-el_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-et_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-sl_1.1.3-9sarge7_all.deb oldstable/main/binary-sparc/openoffice.org-evolution_1.1.3-9sarge7_sparc.deb oldstable/main/binary-all/openoffice.org-l10n-tn_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-sk_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-sv_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-da_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-hu_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-es_1.1.3-9sarge7_all.deb oldstable/main/binary-sparc/openoffice.org-dev_1.1.3-9sarge7_sparc.deb oldstable/main/binary-all/openoffice.org-l10n-pl_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-zu_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-ru_1.1.3-9sarge7_all.deb oldstable/main/binary-sparc/openoffice.org-gtk-gnome_1.1.3-9sarge7_sparc.deb oldstable/main/binary-sparc/openoffice.org-bin_1.1.3-9sarge7_sparc.deb oldstable/main/binary-all/openoffice.org_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-pt_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-eu_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-he_1.1.3-9sarge7_all.deb oldstable/main/source/openoffice.org_1.1.3-9sarge7.dsc oldstable/main/binary-all/openoffice.org-mimelnk_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-fr_1.1.3-9sarge7_all.deb oldstable/main/binary-powerpc/openoffice.org-evolution_1.1.3-9sarge7_powerpc.deb oldstable/main/binary-all/openoffice.org-l10n-cy_1.1.3-9sarge7_all.deb oldstable/main/binary-powerpc/openoffice.org-kde_1.1.3-9sarge7_powerpc.deb oldstable/main/binary-all/openoffice.org-thesaurus-en-us_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-th_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-de_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-ja_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-en_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-zh-tw_1.1.3-9sarge7_all.deb oldstable/main/binary-all/ttf-opensymbol_1.1.3-9sarge7_all.deb oldstable/main/binary-sparc/openoffice.org-kde_1.1.3-9sarge7_sparc.deb oldstable/main/binary-powerpc/openoffice.org-bin_1.1.3-9sarge7_powerpc.deb oldstable/main/binary-all/openoffice.org-l10n-ca_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-nl_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-gl_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-ko_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-tr_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-lt_1.1.3-9sarge7_all.deb oldstable/main/binary-powerpc/openoffice.org-dev_1.1.3-9sarge7_powerpc.deb oldstable/main/binary-all/openoffice.org-l10n-fi_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-ar_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-pt-br_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-nb_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-nn_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-cs_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-zh-cn_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-hi_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-kn_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-it_1.1.3-9sarge7_all.deb oldstable/main/binary-all/openoffice.org-l10n-af_1.1.3-9sarge7_all.deb openoffice.org (1.1.3-9sarge7) oldstable-security; urgency=high * ooo-build/patches/OOO_1_1/sw.rtf.prtdata.patch: add, fix heap overflow in parsing of RTF data (CVE-2007-0244) oldstable/main/binary-i386/openoffice.org-bin_1.1.3-9sarge8_i386.deb oldstable/main/binary-i386/openoffice.org-kde_1.1.3-9sarge8_i386.deb oldstable/main/binary-i386/openoffice.org-gtk-gnome_1.1.3-9sarge8_i386.deb oldstable/main/binary-i386/openoffice.org-dev_1.1.3-9sarge8_i386.deb oldstable/main/binary-i386/openoffice.org-evolution_1.1.3-9sarge8_i386.deb openoffice.org (1.1.3-9sarge8) oldstable-security; urgency=high * ooo-build/patches/OOO_1_1/itiff.patch: fix tiff heap overflow (CVE-2007-2834) oldstable/main/binary-s390/openoffice.org-bin_1.1.3-9sarge8_s390.deb oldstable/main/binary-s390/openoffice.org-kde_1.1.3-9sarge8_s390.deb oldstable/main/binary-s390/openoffice.org-gtk-gnome_1.1.3-9sarge8_s390.deb oldstable/main/binary-s390/openoffice.org-dev_1.1.3-9sarge8_s390.deb oldstable/main/binary-s390/openoffice.org-evolution_1.1.3-9sarge8_s390.deb openoffice.org (1.1.3-9sarge8) oldstable-security; urgency=high * ooo-build/patches/OOO_1_1/itiff.patch: fix tiff heap overflow (CVE-2007-2834) oldstable/main/binary-all/openoffice.org-l10n-zu_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-cs_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-hi_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-ko_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-nl_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-tn_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-ru_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-pt-br_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-sk_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-sl_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-af_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-eu_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-thesaurus-en-us_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-mimelnk_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-it_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-de_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-fi_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-th_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-gl_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-el_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-sv_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-es_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-pl_1.1.3-9sarge8_all.deb oldstable/main/source/openoffice.org_1.1.3-9sarge8.dsc oldstable/main/binary-all/openoffice.org-l10n-tr_1.1.3-9sarge8_all.deb oldstable/main/binary-all/ttf-opensymbol_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-ns_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-fr_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-cy_1.1.3-9sarge8_all.deb oldstable/main/binary-powerpc/openoffice.org-gtk-gnome_1.1.3-9sarge8_powerpc.deb oldstable/main/source/openoffice.org_1.1.3-9sarge8.diff.gz oldstable/main/binary-all/openoffice.org-l10n-nb_1.1.3-9sarge8_all.deb oldstable/main/binary-powerpc/openoffice.org-dev_1.1.3-9sarge8_powerpc.deb oldstable/main/binary-all/openoffice.org-l10n-ca_1.1.3-9sarge8_all.deb oldstable/main/binary-powerpc/openoffice.org-kde_1.1.3-9sarge8_powerpc.deb oldstable/main/binary-all/openoffice.org-l10n-en_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-kn_1.1.3-9sarge8_all.deb oldstable/main/binary-powerpc/openoffice.org-bin_1.1.3-9sarge8_powerpc.deb oldstable/main/binary-all/openoffice.org-l10n-nn_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-ar_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-da_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-ja_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-he_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-pt_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-zh-tw_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-et_1.1.3-9sarge8_all.deb oldstable/main/binary-powerpc/openoffice.org-evolution_1.1.3-9sarge8_powerpc.deb oldstable/main/binary-all/openoffice.org-l10n-lt_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-zh-cn_1.1.3-9sarge8_all.deb oldstable/main/binary-all/openoffice.org-l10n-hu_1.1.3-9sarge8_all.deb openoffice.org (1.1.3-9sarge8) oldstable-security; urgency=high * ooo-build/patches/OOO_1_1/itiff.patch: fix tiff heap overflow (CVE-2007-2834) oldstable/main/binary-sparc/openoffice.org-bin_1.1.3-9sarge8_sparc.deb oldstable/main/binary-sparc/openoffice.org-kde_1.1.3-9sarge8_sparc.deb oldstable/main/binary-sparc/openoffice.org-gtk-gnome_1.1.3-9sarge8_sparc.deb oldstable/main/binary-sparc/openoffice.org-dev_1.1.3-9sarge8_sparc.deb oldstable/main/binary-sparc/openoffice.org-evolution_1.1.3-9sarge8_sparc.deb openoffice.org (1.1.3-9sarge8) oldstable-security; urgency=high * ooo-build/patches/OOO_1_1/itiff.patch: fix tiff heap overflow (CVE-2007-2834) oldstable/main/binary-alpha/libssl0.9.6_0.9.6m-1sarge5_alpha.deb openssl096 (0.9.6m-1sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-amd64/libssl0.9.6_0.9.6m-1sarge5_amd64.deb openssl096 (0.9.6m-1sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-arm/libssl0.9.6_0.9.6m-1sarge5_arm.deb openssl096 (0.9.6m-1sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-hppa/libssl0.9.6_0.9.6m-1sarge5_hppa.deb openssl096 (0.9.6m-1sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/source/openssl096_0.9.6m-1sarge5.dsc oldstable/main/source/openssl096_0.9.6m-1sarge5.diff.gz oldstable/main/binary-i386/libssl0.9.6_0.9.6m-1sarge5_i386.deb openssl096 (0.9.6m-1sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-ia64/libssl0.9.6_0.9.6m-1sarge5_ia64.deb openssl096 (0.9.6m-1sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-m68k/libssl0.9.6_0.9.6m-1sarge5_m68k.deb openssl096 (0.9.6m-1sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-mips/libssl0.9.6_0.9.6m-1sarge5_mips.deb openssl096 (0.9.6m-1sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-mipsel/libssl0.9.6_0.9.6m-1sarge5_mipsel.deb openssl096 (0.9.6m-1sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-powerpc/libssl0.9.6_0.9.6m-1sarge5_powerpc.deb openssl096 (0.9.6m-1sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-s390/libssl0.9.6_0.9.6m-1sarge5_s390.deb openssl096 (0.9.6m-1sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-sparc/libssl0.9.6_0.9.6m-1sarge5_sparc.deb openssl096 (0.9.6m-1sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-alpha/openssl_0.9.7e-3sarge5_alpha.deb oldstable/main/binary-alpha/libssl0.9.7_0.9.7e-3sarge5_alpha.deb oldstable/main/libcrypto0.9.7-udeb_0.9.7e-3sarge5_alpha.udeb oldstable/main/binary-alpha/libssl-dev_0.9.7e-3sarge5_alpha.deb openssl (0.9.7e-3sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). (Closes: #444435) * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-amd64/openssl_0.9.7e-3sarge5_amd64.deb oldstable/main/binary-amd64/libssl0.9.7_0.9.7e-3sarge5_amd64.deb oldstable/main/libcrypto0.9.7-udeb_0.9.7e-3sarge5_amd64.udeb oldstable/main/binary-amd64/libssl-dev_0.9.7e-3sarge5_amd64.deb openssl (0.9.7e-3sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). (Closes: #444435) * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-arm/openssl_0.9.7e-3sarge5_arm.deb oldstable/main/binary-arm/libssl0.9.7_0.9.7e-3sarge5_arm.deb oldstable/main/libcrypto0.9.7-udeb_0.9.7e-3sarge5_arm.udeb oldstable/main/binary-arm/libssl-dev_0.9.7e-3sarge5_arm.deb openssl (0.9.7e-3sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). (Closes: #444435) * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-hppa/openssl_0.9.7e-3sarge5_hppa.deb oldstable/main/binary-hppa/libssl0.9.7_0.9.7e-3sarge5_hppa.deb oldstable/main/libcrypto0.9.7-udeb_0.9.7e-3sarge5_hppa.udeb oldstable/main/binary-hppa/libssl-dev_0.9.7e-3sarge5_hppa.deb openssl (0.9.7e-3sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). (Closes: #444435) * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/source/openssl_0.9.7e-3sarge5.dsc oldstable/main/source/openssl_0.9.7e-3sarge5.diff.gz oldstable/main/binary-i386/openssl_0.9.7e-3sarge5_i386.deb oldstable/main/binary-i386/libssl0.9.7_0.9.7e-3sarge5_i386.deb oldstable/main/libcrypto0.9.7-udeb_0.9.7e-3sarge5_i386.udeb oldstable/main/binary-i386/libssl-dev_0.9.7e-3sarge5_i386.deb openssl (0.9.7e-3sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). (Closes: #444435) * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-ia64/openssl_0.9.7e-3sarge5_ia64.deb oldstable/main/binary-ia64/libssl0.9.7_0.9.7e-3sarge5_ia64.deb oldstable/main/libcrypto0.9.7-udeb_0.9.7e-3sarge5_ia64.udeb oldstable/main/binary-ia64/libssl-dev_0.9.7e-3sarge5_ia64.deb openssl (0.9.7e-3sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). (Closes: #444435) * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-m68k/openssl_0.9.7e-3sarge5_m68k.deb oldstable/main/binary-m68k/libssl0.9.7_0.9.7e-3sarge5_m68k.deb oldstable/main/libcrypto0.9.7-udeb_0.9.7e-3sarge5_m68k.udeb oldstable/main/binary-m68k/libssl-dev_0.9.7e-3sarge5_m68k.deb openssl (0.9.7e-3sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). (Closes: #444435) * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-mips/openssl_0.9.7e-3sarge5_mips.deb oldstable/main/binary-mips/libssl0.9.7_0.9.7e-3sarge5_mips.deb oldstable/main/libcrypto0.9.7-udeb_0.9.7e-3sarge5_mips.udeb oldstable/main/binary-mips/libssl-dev_0.9.7e-3sarge5_mips.deb openssl (0.9.7e-3sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). (Closes: #444435) * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-mipsel/openssl_0.9.7e-3sarge5_mipsel.deb oldstable/main/binary-mipsel/libssl0.9.7_0.9.7e-3sarge5_mipsel.deb oldstable/main/libcrypto0.9.7-udeb_0.9.7e-3sarge5_mipsel.udeb oldstable/main/binary-mipsel/libssl-dev_0.9.7e-3sarge5_mipsel.deb openssl (0.9.7e-3sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). (Closes: #444435) * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-powerpc/openssl_0.9.7e-3sarge5_powerpc.deb oldstable/main/binary-powerpc/libssl0.9.7_0.9.7e-3sarge5_powerpc.deb oldstable/main/libcrypto0.9.7-udeb_0.9.7e-3sarge5_powerpc.udeb oldstable/main/binary-powerpc/libssl-dev_0.9.7e-3sarge5_powerpc.deb openssl (0.9.7e-3sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). (Closes: #444435) * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-s390/openssl_0.9.7e-3sarge5_s390.deb oldstable/main/binary-s390/libssl0.9.7_0.9.7e-3sarge5_s390.deb oldstable/main/libcrypto0.9.7-udeb_0.9.7e-3sarge5_s390.udeb oldstable/main/binary-s390/libssl-dev_0.9.7e-3sarge5_s390.deb openssl (0.9.7e-3sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). (Closes: #444435) * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-sparc/openssl_0.9.7e-3sarge5_sparc.deb oldstable/main/binary-sparc/libssl0.9.7_0.9.7e-3sarge5_sparc.deb oldstable/main/libcrypto0.9.7-udeb_0.9.7e-3sarge5_sparc.udeb oldstable/main/binary-sparc/libssl-dev_0.9.7e-3sarge5_sparc.deb openssl (0.9.7e-3sarge5) oldstable-security; urgency=low * CVE-2007-5135: Fix off by one error in SSL_get_shared_ciphers(). (Closes: #444435) * Call dh_fixperms before dh_strip so that stripping actually works. oldstable/main/binary-arm/libossp-sa-dev_1.2.2-1_arm.deb oldstable/main/binary-arm/libossp-sa12_1.2.2-1_arm.deb osspsa (1.2.2-1) unstable; urgency=low * Initial Release (Closes: #285820). oldstable/main/binary-arm/paje.app_1.3.2-3_arm.deb paje.app (1.3.2-3) unstable; urgency=low * Do really drop this build-dep by editing control.in, not control (which gets rewritten by cdbs). Sorry for the noise. oldstable/main/binary-m68k/paje.app_1.3.2-3_m68k.deb paje.app (1.3.2-3) unstable; urgency=low * Do really drop this build-dep by editing control.in, not control (which gets rewritten by cdbs). Sorry for the noise. oldstable/main/source/partman-jfs_13sarge1.dsc oldstable/main/source/partman-jfs_13sarge1.tar.gz oldstable/main/partman-jfs_13sarge1_all.udeb partman-jfs (13sarge1) oldstable; urgency=low * Frans Pop Fix script error from missing ']' in commit script. * Christian Perrier - Fix the spelling of "a JFS file system" oldstable/main/binary-arm/pasmo_0.5.1-3_arm.deb pasmo (0.5.1-3) unstable; urgency=low * Fixes ITP (Closes: #286947) * fix cleanup manual page on clean target oldstable/main/binary-alpha/libpcre3_4.5+7.4-1_alpha.deb oldstable/main/binary-alpha/libpcre3-dev_4.5+7.4-1_alpha.deb oldstable/main/binary-alpha/pcregrep_4.5+7.4-1_alpha.deb pcre3 (4.5+7.4-1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Upgrade to upstream version 7.4 to incorporate results of a security audit. The version included here tries to expose the 4.5 API unchanged, and the pattern language is compatible with version 4.5. * This update fixes CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768. * Note that externally stored compiled patterns need to be recompiled becaue the internal bytecodes have changed. (This feature is only rarely used; no further action is required by most users.) oldstable/main/binary-arm/libpcre3_4.5+7.4-1_arm.deb oldstable/main/binary-arm/libpcre3-dev_4.5+7.4-1_arm.deb oldstable/main/binary-arm/pcregrep_4.5+7.4-1_arm.deb pcre3 (4.5+7.4-1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Upgrade to upstream version 7.4 to incorporate results of a security audit. The version included here tries to expose the 4.5 API unchanged, and the pattern language is compatible with version 4.5. * This update fixes CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768. * Note that externally stored compiled patterns need to be recompiled becaue the internal bytecodes have changed. (This feature is only rarely used; no further action is required by most users.) oldstable/main/binary-hppa/libpcre3_4.5+7.4-1_hppa.deb oldstable/main/binary-hppa/libpcre3-dev_4.5+7.4-1_hppa.deb oldstable/main/binary-hppa/pcregrep_4.5+7.4-1_hppa.deb pcre3 (4.5+7.4-1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Upgrade to upstream version 7.4 to incorporate results of a security audit. The version included here tries to expose the 4.5 API unchanged, and the pattern language is compatible with version 4.5. * This update fixes CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768. * Note that externally stored compiled patterns need to be recompiled becaue the internal bytecodes have changed. (This feature is only rarely used; no further action is required by most users.) oldstable/main/source/pcre3_4.5+7.4-1.dsc oldstable/main/source/pcre3_4.5+7.4.orig.tar.gz oldstable/main/source/pcre3_4.5+7.4-1.diff.gz oldstable/main/binary-all/pgrep_4.5+7.4-1_all.deb oldstable/main/binary-i386/libpcre3_4.5+7.4-1_i386.deb oldstable/main/binary-i386/libpcre3-dev_4.5+7.4-1_i386.deb oldstable/main/binary-i386/pcregrep_4.5+7.4-1_i386.deb pcre3 (4.5+7.4-1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Upgrade to upstream version 7.4 to incorporate results of a security audit. The version included here tries to expose the 4.5 API unchanged, and the pattern language is compatible with version 4.5. * This update fixes CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768. * Note that externally stored compiled patterns need to be recompiled becaue the internal bytecodes have changed. (This feature is only rarely used; no further action is required by most users.) oldstable/main/binary-ia64/libpcre3_4.5+7.4-1_ia64.deb oldstable/main/binary-ia64/libpcre3-dev_4.5+7.4-1_ia64.deb oldstable/main/binary-ia64/pcregrep_4.5+7.4-1_ia64.deb pcre3 (4.5+7.4-1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Upgrade to upstream version 7.4 to incorporate results of a security audit. The version included here tries to expose the 4.5 API unchanged, and the pattern language is compatible with version 4.5. * This update fixes CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768. * Note that externally stored compiled patterns need to be recompiled becaue the internal bytecodes have changed. (This feature is only rarely used; no further action is required by most users.) oldstable/main/binary-m68k/libpcre3_4.5+7.4-1_m68k.deb oldstable/main/binary-m68k/libpcre3-dev_4.5+7.4-1_m68k.deb oldstable/main/binary-m68k/pcregrep_4.5+7.4-1_m68k.deb pcre3 (4.5+7.4-1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Upgrade to upstream version 7.4 to incorporate results of a security audit. The version included here tries to expose the 4.5 API unchanged, and the pattern language is compatible with version 4.5. * This update fixes CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768. * Note that externally stored compiled patterns need to be recompiled becaue the internal bytecodes have changed. (This feature is only rarely used; no further action is required by most users.) oldstable/main/binary-mips/libpcre3_4.5+7.4-1_mips.deb oldstable/main/binary-mips/libpcre3-dev_4.5+7.4-1_mips.deb oldstable/main/binary-mips/pcregrep_4.5+7.4-1_mips.deb pcre3 (4.5+7.4-1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Upgrade to upstream version 7.4 to incorporate results of a security audit. The version included here tries to expose the 4.5 API unchanged, and the pattern language is compatible with version 4.5. * This update fixes CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768. * Note that externally stored compiled patterns need to be recompiled becaue the internal bytecodes have changed. (This feature is only rarely used; no further action is required by most users.) oldstable/main/binary-mipsel/libpcre3_4.5+7.4-1_mipsel.deb oldstable/main/binary-mipsel/libpcre3-dev_4.5+7.4-1_mipsel.deb oldstable/main/binary-mipsel/pcregrep_4.5+7.4-1_mipsel.deb pcre3 (4.5+7.4-1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Upgrade to upstream version 7.4 to incorporate results of a security audit. The version included here tries to expose the 4.5 API unchanged, and the pattern language is compatible with version 4.5. * This update fixes CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768. * Note that externally stored compiled patterns need to be recompiled becaue the internal bytecodes have changed. (This feature is only rarely used; no further action is required by most users.) oldstable/main/binary-powerpc/libpcre3_4.5+7.4-1_powerpc.deb oldstable/main/binary-powerpc/libpcre3-dev_4.5+7.4-1_powerpc.deb oldstable/main/binary-powerpc/pcregrep_4.5+7.4-1_powerpc.deb pcre3 (4.5+7.4-1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Upgrade to upstream version 7.4 to incorporate results of a security audit. The version included here tries to expose the 4.5 API unchanged, and the pattern language is compatible with version 4.5. * This update fixes CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768. * Note that externally stored compiled patterns need to be recompiled becaue the internal bytecodes have changed. (This feature is only rarely used; no further action is required by most users.) oldstable/main/binary-s390/libpcre3_4.5+7.4-1_s390.deb oldstable/main/binary-s390/libpcre3-dev_4.5+7.4-1_s390.deb oldstable/main/binary-s390/pcregrep_4.5+7.4-1_s390.deb pcre3 (4.5+7.4-1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Upgrade to upstream version 7.4 to incorporate results of a security audit. The version included here tries to expose the 4.5 API unchanged, and the pattern language is compatible with version 4.5. * This update fixes CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768. * Note that externally stored compiled patterns need to be recompiled becaue the internal bytecodes have changed. (This feature is only rarely used; no further action is required by most users.) oldstable/main/binary-sparc/libpcre3_4.5+7.4-1_sparc.deb oldstable/main/binary-sparc/libpcre3-dev_4.5+7.4-1_sparc.deb oldstable/main/binary-sparc/pcregrep_4.5+7.4-1_sparc.deb pcre3 (4.5+7.4-1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Upgrade to upstream version 7.4 to incorporate results of a security audit. The version included here tries to expose the 4.5 API unchanged, and the pattern language is compatible with version 4.5. * This update fixes CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768. * Note that externally stored compiled patterns need to be recompiled becaue the internal bytecodes have changed. (This feature is only rarely used; no further action is required by most users.) oldstable/main/binary-alpha/pdfkit.framework_0.8-2sarge4_alpha.deb pdfkit.framework (0.8-2sarge4) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-arm/pdfkit.framework_0.8-2sarge4_arm.deb pdfkit.framework (0.8-2sarge4) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-hppa/pdfkit.framework_0.8-2sarge4_hppa.deb pdfkit.framework (0.8-2sarge4) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/source/pdfkit.framework_0.8-2sarge4.dsc oldstable/main/source/pdfkit.framework_0.8-2sarge4.diff.gz oldstable/main/binary-i386/pdfkit.framework_0.8-2sarge4_i386.deb pdfkit.framework (0.8-2sarge4) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-ia64/pdfkit.framework_0.8-2sarge4_ia64.deb pdfkit.framework (0.8-2sarge4) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-m68k/pdfkit.framework_0.8-2sarge4_m68k.deb pdfkit.framework (0.8-2sarge4) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-mips/pdfkit.framework_0.8-2sarge4_mips.deb pdfkit.framework (0.8-2sarge4) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-mipsel/pdfkit.framework_0.8-2sarge4_mipsel.deb pdfkit.framework (0.8-2sarge4) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-powerpc/pdfkit.framework_0.8-2sarge4_powerpc.deb pdfkit.framework (0.8-2sarge4) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-s390/pdfkit.framework_0.8-2sarge4_s390.deb pdfkit.framework (0.8-2sarge4) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-sparc/pdfkit.framework_0.8-2sarge4_sparc.deb pdfkit.framework (0.8-2sarge4) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-alpha/perdition_1.15-5sarge1_alpha.deb oldstable/main/binary-alpha/perdition-dev_1.15-5sarge1_alpha.deb oldstable/main/binary-alpha/perdition-ldap_1.15-5sarge1_alpha.deb oldstable/main/binary-alpha/perdition-mysql_1.15-5sarge1_alpha.deb oldstable/main/binary-alpha/perdition-odbc_1.15-5sarge1_alpha.deb oldstable/main/binary-alpha/perdition-postgresql_1.15-5sarge1_alpha.deb perdition (1.15-5sarge1) oldstable-security; urgency=high * Verify that tag read from end-users is valid - CVE-2007-5740 The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. oldstable/main/binary-arm/perdition_1.15-5sarge1_arm.deb oldstable/main/binary-arm/perdition-dev_1.15-5sarge1_arm.deb oldstable/main/binary-arm/perdition-ldap_1.15-5sarge1_arm.deb oldstable/main/binary-arm/perdition-mysql_1.15-5sarge1_arm.deb oldstable/main/binary-arm/perdition-odbc_1.15-5sarge1_arm.deb oldstable/main/binary-arm/perdition-postgresql_1.15-5sarge1_arm.deb perdition (1.15-5sarge1) oldstable-security; urgency=high * Verify that tag read from end-users is valid - CVE-2007-5740 The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. oldstable/main/binary-hppa/perdition_1.15-5sarge1_hppa.deb oldstable/main/binary-hppa/perdition-dev_1.15-5sarge1_hppa.deb oldstable/main/binary-hppa/perdition-ldap_1.15-5sarge1_hppa.deb oldstable/main/binary-hppa/perdition-mysql_1.15-5sarge1_hppa.deb oldstable/main/binary-hppa/perdition-odbc_1.15-5sarge1_hppa.deb oldstable/main/binary-hppa/perdition-postgresql_1.15-5sarge1_hppa.deb perdition (1.15-5sarge1) oldstable-security; urgency=high * Verify that tag read from end-users is valid - CVE-2007-5740 The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. oldstable/main/source/perdition_1.15-5sarge1.dsc oldstable/main/source/perdition_1.15-5sarge1.diff.gz oldstable/main/source/perdition_1.15.orig.tar.gz oldstable/main/binary-i386/perdition_1.15-5sarge1_i386.deb oldstable/main/binary-i386/perdition-dev_1.15-5sarge1_i386.deb oldstable/main/binary-i386/perdition-ldap_1.15-5sarge1_i386.deb oldstable/main/binary-i386/perdition-mysql_1.15-5sarge1_i386.deb oldstable/main/binary-i386/perdition-odbc_1.15-5sarge1_i386.deb oldstable/main/binary-i386/perdition-postgresql_1.15-5sarge1_i386.deb perdition (1.15-5sarge1) oldstable-security; urgency=high * Verify that tag read from end-users is valid - CVE-2007-5740 The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. oldstable/main/binary-ia64/perdition_1.15-5sarge1_ia64.deb oldstable/main/binary-ia64/perdition-dev_1.15-5sarge1_ia64.deb oldstable/main/binary-ia64/perdition-ldap_1.15-5sarge1_ia64.deb oldstable/main/binary-ia64/perdition-mysql_1.15-5sarge1_ia64.deb oldstable/main/binary-ia64/perdition-odbc_1.15-5sarge1_ia64.deb oldstable/main/binary-ia64/perdition-postgresql_1.15-5sarge1_ia64.deb perdition (1.15-5sarge1) oldstable-security; urgency=high * Verify that tag read from end-users is valid - CVE-2007-5740 The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. oldstable/main/binary-m68k/perdition_1.15-5sarge1_m68k.deb oldstable/main/binary-m68k/perdition-dev_1.15-5sarge1_m68k.deb oldstable/main/binary-m68k/perdition-ldap_1.15-5sarge1_m68k.deb oldstable/main/binary-m68k/perdition-mysql_1.15-5sarge1_m68k.deb oldstable/main/binary-m68k/perdition-odbc_1.15-5sarge1_m68k.deb oldstable/main/binary-m68k/perdition-postgresql_1.15-5sarge1_m68k.deb perdition (1.15-5sarge1) oldstable-security; urgency=high * Verify that tag read from end-users is valid - CVE-2007-5740 The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. oldstable/main/binary-mips/perdition_1.15-5sarge1_mips.deb oldstable/main/binary-mips/perdition-dev_1.15-5sarge1_mips.deb oldstable/main/binary-mips/perdition-ldap_1.15-5sarge1_mips.deb oldstable/main/binary-mips/perdition-mysql_1.15-5sarge1_mips.deb oldstable/main/binary-mips/perdition-odbc_1.15-5sarge1_mips.deb oldstable/main/binary-mips/perdition-postgresql_1.15-5sarge1_mips.deb perdition (1.15-5sarge1) oldstable-security; urgency=high * Verify that tag read from end-users is valid - CVE-2007-5740 The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. oldstable/main/binary-mipsel/perdition_1.15-5sarge1_mipsel.deb oldstable/main/binary-mipsel/perdition-dev_1.15-5sarge1_mipsel.deb oldstable/main/binary-mipsel/perdition-ldap_1.15-5sarge1_mipsel.deb oldstable/main/binary-mipsel/perdition-mysql_1.15-5sarge1_mipsel.deb oldstable/main/binary-mipsel/perdition-odbc_1.15-5sarge1_mipsel.deb oldstable/main/binary-mipsel/perdition-postgresql_1.15-5sarge1_mipsel.deb perdition (1.15-5sarge1) oldstable-security; urgency=high * Verify that tag read from end-users is valid - CVE-2007-5740 The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. oldstable/main/binary-powerpc/perdition_1.15-5sarge1_powerpc.deb oldstable/main/binary-powerpc/perdition-dev_1.15-5sarge1_powerpc.deb oldstable/main/binary-powerpc/perdition-ldap_1.15-5sarge1_powerpc.deb oldstable/main/binary-powerpc/perdition-mysql_1.15-5sarge1_powerpc.deb oldstable/main/binary-powerpc/perdition-odbc_1.15-5sarge1_powerpc.deb oldstable/main/binary-powerpc/perdition-postgresql_1.15-5sarge1_powerpc.deb perdition (1.15-5sarge1) oldstable-security; urgency=high * Verify that tag read from end-users is valid - CVE-2007-5740 The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. oldstable/main/binary-s390/perdition_1.15-5sarge1_s390.deb oldstable/main/binary-s390/perdition-dev_1.15-5sarge1_s390.deb oldstable/main/binary-s390/perdition-ldap_1.15-5sarge1_s390.deb oldstable/main/binary-s390/perdition-mysql_1.15-5sarge1_s390.deb oldstable/main/binary-s390/perdition-odbc_1.15-5sarge1_s390.deb oldstable/main/binary-s390/perdition-postgresql_1.15-5sarge1_s390.deb perdition (1.15-5sarge1) oldstable-security; urgency=high * Verify that tag read from end-users is valid - CVE-2007-5740 The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. oldstable/main/binary-sparc/perdition_1.15-5sarge1_sparc.deb oldstable/main/binary-sparc/perdition-dev_1.15-5sarge1_sparc.deb oldstable/main/binary-sparc/perdition-ldap_1.15-5sarge1_sparc.deb oldstable/main/binary-sparc/perdition-mysql_1.15-5sarge1_sparc.deb oldstable/main/binary-sparc/perdition-odbc_1.15-5sarge1_sparc.deb oldstable/main/binary-sparc/perdition-postgresql_1.15-5sarge1_sparc.deb perdition (1.15-5sarge1) oldstable-security; urgency=high * Verify that tag read from end-users is valid - CVE-2007-5740 The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism. oldstable/main/binary-alpha/perl-base_5.8.4-8sarge6_alpha.deb oldstable/main/binary-alpha/perl-debug_5.8.4-8sarge6_alpha.deb oldstable/main/binary-alpha/perl-suid_5.8.4-8sarge6_alpha.deb oldstable/main/binary-alpha/libperl5.8_5.8.4-8sarge6_alpha.deb oldstable/main/binary-alpha/libperl-dev_5.8.4-8sarge6_alpha.deb oldstable/main/binary-alpha/perl_5.8.4-8sarge6_alpha.deb perl (5.8.4-8sarge6) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Apply patch by Yves Orton to fix CVE-2007-5116. oldstable/main/binary-amd64/perl-base_5.8.4-8sarge6_amd64.deb oldstable/main/binary-amd64/perl-debug_5.8.4-8sarge6_amd64.deb oldstable/main/binary-amd64/perl-suid_5.8.4-8sarge6_amd64.deb oldstable/main/binary-amd64/libperl5.8_5.8.4-8sarge6_amd64.deb oldstable/main/binary-amd64/libperl-dev_5.8.4-8sarge6_amd64.deb oldstable/main/binary-amd64/perl_5.8.4-8sarge6_amd64.deb perl (5.8.4-8sarge6) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Apply patch by Yves Orton to fix CVE-2007-5116. oldstable/main/binary-arm/perl-base_5.8.4-8sarge6_arm.deb oldstable/main/binary-arm/perl-debug_5.8.4-8sarge6_arm.deb oldstable/main/binary-arm/perl-suid_5.8.4-8sarge6_arm.deb oldstable/main/binary-arm/libperl5.8_5.8.4-8sarge6_arm.deb oldstable/main/binary-arm/libperl-dev_5.8.4-8sarge6_arm.deb oldstable/main/binary-arm/perl_5.8.4-8sarge6_arm.deb perl (5.8.4-8sarge6) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Apply patch by Yves Orton to fix CVE-2007-5116. oldstable/main/binary-hppa/perl-base_5.8.4-8sarge6_hppa.deb oldstable/main/binary-hppa/perl-debug_5.8.4-8sarge6_hppa.deb oldstable/main/binary-hppa/perl-suid_5.8.4-8sarge6_hppa.deb oldstable/main/binary-hppa/libperl5.8_5.8.4-8sarge6_hppa.deb oldstable/main/binary-hppa/libperl-dev_5.8.4-8sarge6_hppa.deb oldstable/main/binary-hppa/perl_5.8.4-8sarge6_hppa.deb perl (5.8.4-8sarge6) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Apply patch by Yves Orton to fix CVE-2007-5116. oldstable/main/source/perl_5.8.4-8sarge6.dsc oldstable/main/source/perl_5.8.4-8sarge6.diff.gz oldstable/main/binary-all/libcgi-fast-perl_5.8.4-8sarge6_all.deb oldstable/main/binary-all/perl-doc_5.8.4-8sarge6_all.deb oldstable/main/binary-all/perl-modules_5.8.4-8sarge6_all.deb oldstable/main/binary-i386/perl-base_5.8.4-8sarge6_i386.deb oldstable/main/binary-i386/perl-debug_5.8.4-8sarge6_i386.deb oldstable/main/binary-i386/perl-suid_5.8.4-8sarge6_i386.deb oldstable/main/binary-i386/libperl5.8_5.8.4-8sarge6_i386.deb oldstable/main/binary-i386/libperl-dev_5.8.4-8sarge6_i386.deb oldstable/main/binary-i386/perl_5.8.4-8sarge6_i386.deb perl (5.8.4-8sarge6) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Apply patch by Yves Orton to fix CVE-2007-5116. oldstable/main/binary-ia64/perl-base_5.8.4-8sarge6_ia64.deb oldstable/main/binary-ia64/perl-debug_5.8.4-8sarge6_ia64.deb oldstable/main/binary-ia64/perl-suid_5.8.4-8sarge6_ia64.deb oldstable/main/binary-ia64/libperl5.8_5.8.4-8sarge6_ia64.deb oldstable/main/binary-ia64/libperl-dev_5.8.4-8sarge6_ia64.deb oldstable/main/binary-ia64/perl_5.8.4-8sarge6_ia64.deb perl (5.8.4-8sarge6) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Apply patch by Yves Orton to fix CVE-2007-5116. oldstable/main/binary-m68k/perl-base_5.8.4-8sarge6_m68k.deb oldstable/main/binary-m68k/perl-debug_5.8.4-8sarge6_m68k.deb oldstable/main/binary-m68k/perl-suid_5.8.4-8sarge6_m68k.deb oldstable/main/binary-m68k/libperl5.8_5.8.4-8sarge6_m68k.deb oldstable/main/binary-m68k/libperl-dev_5.8.4-8sarge6_m68k.deb oldstable/main/binary-m68k/perl_5.8.4-8sarge6_m68k.deb perl (5.8.4-8sarge6) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Apply patch by Yves Orton to fix CVE-2007-5116. oldstable/main/binary-mips/perl-base_5.8.4-8sarge6_mips.deb oldstable/main/binary-mips/perl-debug_5.8.4-8sarge6_mips.deb oldstable/main/binary-mips/perl-suid_5.8.4-8sarge6_mips.deb oldstable/main/binary-mips/libperl5.8_5.8.4-8sarge6_mips.deb oldstable/main/binary-mips/libperl-dev_5.8.4-8sarge6_mips.deb oldstable/main/binary-mips/perl_5.8.4-8sarge6_mips.deb perl (5.8.4-8sarge6) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Apply patch by Yves Orton to fix CVE-2007-5116. oldstable/main/binary-mipsel/perl-base_5.8.4-8sarge6_mipsel.deb oldstable/main/binary-mipsel/perl-debug_5.8.4-8sarge6_mipsel.deb oldstable/main/binary-mipsel/perl-suid_5.8.4-8sarge6_mipsel.deb oldstable/main/binary-mipsel/libperl5.8_5.8.4-8sarge6_mipsel.deb oldstable/main/binary-mipsel/libperl-dev_5.8.4-8sarge6_mipsel.deb oldstable/main/binary-mipsel/perl_5.8.4-8sarge6_mipsel.deb perl (5.8.4-8sarge6) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Apply patch by Yves Orton to fix CVE-2007-5116. oldstable/main/binary-powerpc/perl-base_5.8.4-8sarge6_powerpc.deb oldstable/main/binary-powerpc/perl-debug_5.8.4-8sarge6_powerpc.deb oldstable/main/binary-powerpc/perl-suid_5.8.4-8sarge6_powerpc.deb oldstable/main/binary-powerpc/libperl5.8_5.8.4-8sarge6_powerpc.deb oldstable/main/binary-powerpc/libperl-dev_5.8.4-8sarge6_powerpc.deb oldstable/main/binary-powerpc/perl_5.8.4-8sarge6_powerpc.deb perl (5.8.4-8sarge6) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Apply patch by Yves Orton to fix CVE-2007-5116. oldstable/main/binary-s390/perl-base_5.8.4-8sarge6_s390.deb oldstable/main/binary-s390/perl-debug_5.8.4-8sarge6_s390.deb oldstable/main/binary-s390/perl-suid_5.8.4-8sarge6_s390.deb oldstable/main/binary-s390/libperl5.8_5.8.4-8sarge6_s390.deb oldstable/main/binary-s390/libperl-dev_5.8.4-8sarge6_s390.deb oldstable/main/binary-s390/perl_5.8.4-8sarge6_s390.deb perl (5.8.4-8sarge6) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Apply patch by Yves Orton to fix CVE-2007-5116. oldstable/main/binary-sparc/perl-base_5.8.4-8sarge6_sparc.deb oldstable/main/binary-sparc/perl-debug_5.8.4-8sarge6_sparc.deb oldstable/main/binary-sparc/perl-suid_5.8.4-8sarge6_sparc.deb oldstable/main/binary-sparc/libperl5.8_5.8.4-8sarge6_sparc.deb oldstable/main/binary-sparc/libperl-dev_5.8.4-8sarge6_sparc.deb oldstable/main/binary-sparc/perl_5.8.4-8sarge6_sparc.deb perl (5.8.4-8sarge6) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Apply patch by Yves Orton to fix CVE-2007-5116. oldstable/main/binary-alpha/php4-common_4.3.10-20_alpha.deb oldstable/main/binary-alpha/libapache-mod-php4_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-curl_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-domxml_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-gd_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-imap_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-ldap_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-mcal_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-mhash_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-mysql_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-odbc_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-recode_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-xslt_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-snmp_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-sybase_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-cgi_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-cli_4.3.10-20_alpha.deb oldstable/main/binary-alpha/php4-dev_4.3.10-20_alpha.deb oldstable/main/binary-alpha/libapache2-mod-php4_4.3.10-20_alpha.deb php4 (4:4.3.10-20) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * The following security issues are addressed with this update: - CVE-2007-0910/MOPB-32 session_decode() Double Free Vulnerability * note that this is an update to the previous version of the upstream fix for CVE-2007-0910, which introduced a seperate exploit path. - CVE-2007-1286/MOPB-04 unserialize() ZVAL Reference Counter Overflow - CVE-2007-1380/MOPB-10 php_binary Session Deserialization Information Leak - CVE-2007-1521/MOPB-22 session_regenerate_id() Double Free Vulnerability - CVE-2007-1583/MOPB-26 mb_parse_str() register_globals Activation Vuln. - CVE-2007-1777/MOPB-35 zip_entry_read() Integer Overflow Vulnerability * The other security issues resulting from the "Month of PHP bugs" either did not affect the version of php4 shipped in sarge, or did not merit a security update according to the established security policy for php in debian. You are encouraged to verify that your configuration is not affected by any of the other vulnerabilities by visiting: http://www.php-security.org/ oldstable/main/binary-arm/php4-common_4.3.10-20_arm.deb oldstable/main/binary-arm/libapache-mod-php4_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-curl_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-domxml_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-gd_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-imap_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-ldap_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-mcal_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-mhash_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-mysql_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-odbc_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-recode_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-xslt_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-snmp_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-sybase_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-cgi_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-cli_4.3.10-20_arm.deb oldstable/main/binary-arm/php4-dev_4.3.10-20_arm.deb oldstable/main/binary-arm/libapache2-mod-php4_4.3.10-20_arm.deb php4 (4:4.3.10-20) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * The following security issues are addressed with this update: - CVE-2007-0910/MOPB-32 session_decode() Double Free Vulnerability * note that this is an update to the previous version of the upstream fix for CVE-2007-0910, which introduced a seperate exploit path. - CVE-2007-1286/MOPB-04 unserialize() ZVAL Reference Counter Overflow - CVE-2007-1380/MOPB-10 php_binary Session Deserialization Information Leak - CVE-2007-1521/MOPB-22 session_regenerate_id() Double Free Vulnerability - CVE-2007-1583/MOPB-26 mb_parse_str() register_globals Activation Vuln. - CVE-2007-1777/MOPB-35 zip_entry_read() Integer Overflow Vulnerability * The other security issues resulting from the "Month of PHP bugs" either did not affect the version of php4 shipped in sarge, or did not merit a security update according to the established security policy for php in debian. You are encouraged to verify that your configuration is not affected by any of the other vulnerabilities by visiting: http://www.php-security.org/ oldstable/main/binary-hppa/php4-common_4.3.10-20_hppa.deb oldstable/main/binary-hppa/libapache-mod-php4_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-curl_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-domxml_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-gd_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-imap_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-ldap_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-mcal_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-mhash_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-mysql_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-odbc_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-recode_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-xslt_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-snmp_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-sybase_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-cgi_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-cli_4.3.10-20_hppa.deb oldstable/main/binary-hppa/php4-dev_4.3.10-20_hppa.deb oldstable/main/binary-hppa/libapache2-mod-php4_4.3.10-20_hppa.deb php4 (4:4.3.10-20) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * The following security issues are addressed with this update: - CVE-2007-0910/MOPB-32 session_decode() Double Free Vulnerability * note that this is an update to the previous version of the upstream fix for CVE-2007-0910, which introduced a seperate exploit path. - CVE-2007-1286/MOPB-04 unserialize() ZVAL Reference Counter Overflow - CVE-2007-1380/MOPB-10 php_binary Session Deserialization Information Leak - CVE-2007-1521/MOPB-22 session_regenerate_id() Double Free Vulnerability - CVE-2007-1583/MOPB-26 mb_parse_str() register_globals Activation Vuln. - CVE-2007-1777/MOPB-35 zip_entry_read() Integer Overflow Vulnerability * The other security issues resulting from the "Month of PHP bugs" either did not affect the version of php4 shipped in sarge, or did not merit a security update according to the established security policy for php in debian. You are encouraged to verify that your configuration is not affected by any of the other vulnerabilities by visiting: http://www.php-security.org/ oldstable/main/source/php4_4.3.10-20.dsc oldstable/main/source/php4_4.3.10.orig.tar.gz oldstable/main/source/php4_4.3.10-20.diff.gz oldstable/main/binary-i386/php4-common_4.3.10-20_i386.deb oldstable/main/binary-i386/libapache-mod-php4_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-curl_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-domxml_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-gd_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-imap_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-ldap_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-mcal_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-mhash_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-mysql_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-odbc_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-recode_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-xslt_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-snmp_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-sybase_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-cgi_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-cli_4.3.10-20_i386.deb oldstable/main/binary-i386/php4-dev_4.3.10-20_i386.deb oldstable/main/binary-i386/libapache2-mod-php4_4.3.10-20_i386.deb oldstable/main/binary-all/php4_4.3.10-20_all.deb oldstable/main/binary-all/php4-pear_4.3.10-20_all.deb php4 (4:4.3.10-20) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * The following security issues are addressed with this update: - CVE-2007-0910/MOPB-32 session_decode() Double Free Vulnerability * note that this is an update to the previous version of the upstream fix for CVE-2007-0910, which introduced a seperate exploit path. - CVE-2007-1286/MOPB-04 unserialize() ZVAL Reference Counter Overflow - CVE-2007-1380/MOPB-10 php_binary Session Deserialization Information Leak - CVE-2007-1521/MOPB-22 session_regenerate_id() Double Free Vulnerability - CVE-2007-1583/MOPB-26 mb_parse_str() register_globals Activation Vuln. - CVE-2007-1777/MOPB-35 zip_entry_read() Integer Overflow Vulnerability * The other security issues resulting from the "Month of PHP bugs" either did not affect the version of php4 shipped in sarge, or did not merit a security update according to the established security policy for php in debian. You are encouraged to verify that your configuration is not affected by any of the other vulnerabilities by visiting: http://www.php-security.org/ oldstable/main/binary-ia64/php4-common_4.3.10-20_ia64.deb oldstable/main/binary-ia64/libapache-mod-php4_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-curl_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-domxml_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-gd_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-imap_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-ldap_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-mcal_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-mhash_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-mysql_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-odbc_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-recode_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-xslt_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-snmp_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-sybase_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-cgi_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-cli_4.3.10-20_ia64.deb oldstable/main/binary-ia64/php4-dev_4.3.10-20_ia64.deb oldstable/main/binary-ia64/libapache2-mod-php4_4.3.10-20_ia64.deb php4 (4:4.3.10-20) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * The following security issues are addressed with this update: - CVE-2007-0910/MOPB-32 session_decode() Double Free Vulnerability * note that this is an update to the previous version of the upstream fix for CVE-2007-0910, which introduced a seperate exploit path. - CVE-2007-1286/MOPB-04 unserialize() ZVAL Reference Counter Overflow - CVE-2007-1380/MOPB-10 php_binary Session Deserialization Information Leak - CVE-2007-1521/MOPB-22 session_regenerate_id() Double Free Vulnerability - CVE-2007-1583/MOPB-26 mb_parse_str() register_globals Activation Vuln. - CVE-2007-1777/MOPB-35 zip_entry_read() Integer Overflow Vulnerability * The other security issues resulting from the "Month of PHP bugs" either did not affect the version of php4 shipped in sarge, or did not merit a security update according to the established security policy for php in debian. You are encouraged to verify that your configuration is not affected by any of the other vulnerabilities by visiting: http://www.php-security.org/ oldstable/main/binary-mips/php4-common_4.3.10-20_mips.deb oldstable/main/binary-mips/libapache-mod-php4_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-curl_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-domxml_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-gd_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-imap_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-ldap_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-mcal_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-mhash_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-mysql_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-odbc_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-recode_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-xslt_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-snmp_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-sybase_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-cgi_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-cli_4.3.10-20_mips.deb oldstable/main/binary-mips/php4-dev_4.3.10-20_mips.deb oldstable/main/binary-mips/libapache2-mod-php4_4.3.10-20_mips.deb php4 (4:4.3.10-20) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * The following security issues are addressed with this update: - CVE-2007-0910/MOPB-32 session_decode() Double Free Vulnerability * note that this is an update to the previous version of the upstream fix for CVE-2007-0910, which introduced a seperate exploit path. - CVE-2007-1286/MOPB-04 unserialize() ZVAL Reference Counter Overflow - CVE-2007-1380/MOPB-10 php_binary Session Deserialization Information Leak - CVE-2007-1521/MOPB-22 session_regenerate_id() Double Free Vulnerability - CVE-2007-1583/MOPB-26 mb_parse_str() register_globals Activation Vuln. - CVE-2007-1777/MOPB-35 zip_entry_read() Integer Overflow Vulnerability * The other security issues resulting from the "Month of PHP bugs" either did not affect the version of php4 shipped in sarge, or did not merit a security update according to the established security policy for php in debian. You are encouraged to verify that your configuration is not affected by any of the other vulnerabilities by visiting: http://www.php-security.org/ oldstable/main/binary-mipsel/php4-common_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/libapache-mod-php4_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-curl_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-domxml_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-gd_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-imap_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-ldap_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-mcal_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-mhash_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-mysql_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-odbc_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-recode_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-xslt_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-snmp_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-sybase_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-cgi_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-cli_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/php4-dev_4.3.10-20_mipsel.deb oldstable/main/binary-mipsel/libapache2-mod-php4_4.3.10-20_mipsel.deb php4 (4:4.3.10-20) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * The following security issues are addressed with this update: - CVE-2007-0910/MOPB-32 session_decode() Double Free Vulnerability * note that this is an update to the previous version of the upstream fix for CVE-2007-0910, which introduced a seperate exploit path. - CVE-2007-1286/MOPB-04 unserialize() ZVAL Reference Counter Overflow - CVE-2007-1380/MOPB-10 php_binary Session Deserialization Information Leak - CVE-2007-1521/MOPB-22 session_regenerate_id() Double Free Vulnerability - CVE-2007-1583/MOPB-26 mb_parse_str() register_globals Activation Vuln. - CVE-2007-1777/MOPB-35 zip_entry_read() Integer Overflow Vulnerability * The other security issues resulting from the "Month of PHP bugs" either did not affect the version of php4 shipped in sarge, or did not merit a security update according to the established security policy for php in debian. You are encouraged to verify that your configuration is not affected by any of the other vulnerabilities by visiting: http://www.php-security.org/ oldstable/main/binary-powerpc/php4-common_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/libapache-mod-php4_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-curl_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-domxml_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-gd_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-imap_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-ldap_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-mcal_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-mhash_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-mysql_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-odbc_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-recode_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-xslt_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-snmp_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-sybase_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-cgi_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-cli_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/php4-dev_4.3.10-20_powerpc.deb oldstable/main/binary-powerpc/libapache2-mod-php4_4.3.10-20_powerpc.deb php4 (4:4.3.10-20) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * The following security issues are addressed with this update: - CVE-2007-0910/MOPB-32 session_decode() Double Free Vulnerability * note that this is an update to the previous version of the upstream fix for CVE-2007-0910, which introduced a seperate exploit path. - CVE-2007-1286/MOPB-04 unserialize() ZVAL Reference Counter Overflow - CVE-2007-1380/MOPB-10 php_binary Session Deserialization Information Leak - CVE-2007-1521/MOPB-22 session_regenerate_id() Double Free Vulnerability - CVE-2007-1583/MOPB-26 mb_parse_str() register_globals Activation Vuln. - CVE-2007-1777/MOPB-35 zip_entry_read() Integer Overflow Vulnerability * The other security issues resulting from the "Month of PHP bugs" either did not affect the version of php4 shipped in sarge, or did not merit a security update according to the established security policy for php in debian. You are encouraged to verify that your configuration is not affected by any of the other vulnerabilities by visiting: http://www.php-security.org/ oldstable/main/binary-s390/php4-common_4.3.10-20_s390.deb oldstable/main/binary-s390/libapache-mod-php4_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-curl_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-domxml_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-gd_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-imap_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-ldap_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-mcal_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-mhash_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-mysql_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-odbc_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-recode_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-xslt_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-snmp_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-sybase_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-cgi_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-cli_4.3.10-20_s390.deb oldstable/main/binary-s390/php4-dev_4.3.10-20_s390.deb oldstable/main/binary-s390/libapache2-mod-php4_4.3.10-20_s390.deb php4 (4:4.3.10-20) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * The following security issues are addressed with this update: - CVE-2007-0910/MOPB-32 session_decode() Double Free Vulnerability * note that this is an update to the previous version of the upstream fix for CVE-2007-0910, which introduced a seperate exploit path. - CVE-2007-1286/MOPB-04 unserialize() ZVAL Reference Counter Overflow - CVE-2007-1380/MOPB-10 php_binary Session Deserialization Information Leak - CVE-2007-1521/MOPB-22 session_regenerate_id() Double Free Vulnerability - CVE-2007-1583/MOPB-26 mb_parse_str() register_globals Activation Vuln. - CVE-2007-1777/MOPB-35 zip_entry_read() Integer Overflow Vulnerability * The other security issues resulting from the "Month of PHP bugs" either did not affect the version of php4 shipped in sarge, or did not merit a security update according to the established security policy for php in debian. You are encouraged to verify that your configuration is not affected by any of the other vulnerabilities by visiting: http://www.php-security.org/ oldstable/main/binary-sparc/php4-common_4.3.10-20_sparc.deb oldstable/main/binary-sparc/libapache-mod-php4_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-curl_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-domxml_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-gd_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-imap_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-ldap_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-mcal_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-mhash_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-mysql_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-odbc_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-recode_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-xslt_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-snmp_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-sybase_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-cgi_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-cli_4.3.10-20_sparc.deb oldstable/main/binary-sparc/php4-dev_4.3.10-20_sparc.deb oldstable/main/binary-sparc/libapache2-mod-php4_4.3.10-20_sparc.deb php4 (4:4.3.10-20) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * The following security issues are addressed with this update: - CVE-2007-0910/MOPB-32 session_decode() Double Free Vulnerability * note that this is an update to the previous version of the upstream fix for CVE-2007-0910, which introduced a seperate exploit path. - CVE-2007-1286/MOPB-04 unserialize() ZVAL Reference Counter Overflow - CVE-2007-1380/MOPB-10 php_binary Session Deserialization Information Leak - CVE-2007-1521/MOPB-22 session_regenerate_id() Double Free Vulnerability - CVE-2007-1583/MOPB-26 mb_parse_str() register_globals Activation Vuln. - CVE-2007-1777/MOPB-35 zip_entry_read() Integer Overflow Vulnerability * The other security issues resulting from the "Month of PHP bugs" either did not affect the version of php4 shipped in sarge, or did not merit a security update according to the established security policy for php in debian. You are encouraged to verify that your configuration is not affected by any of the other vulnerabilities by visiting: http://www.php-security.org/ oldstable/main/binary-alpha/php4-common_4.3.10-22_alpha.deb oldstable/main/binary-alpha/libapache-mod-php4_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-curl_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-domxml_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-gd_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-imap_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-ldap_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-mcal_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-mhash_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-mysql_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-odbc_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-recode_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-xslt_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-snmp_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-sybase_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-cgi_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-cli_4.3.10-22_alpha.deb oldstable/main/binary-alpha/php4-dev_4.3.10-22_alpha.deb oldstable/main/binary-alpha/libapache2-mod-php4_4.3.10-22_alpha.deb php4 (4:4.3.10-22) oldstable-security; urgency=low * NMU prepared for the security team by the package maintainer. * The following security issue is addressed with this update: - CVE-2007-1864: Buffer overflow in the bundled libxmlrpc library. (Thanks to Joe Orton from redhat for sharing the patch.) - CVE-2006-0207: HTTP response splitting vulnerabilities. This was reported to not affect this version of PHP, but it has been independantly verified that it does (closes: #354683). - CVE-2006-4486: Int. overflows in memory mgmt code for 64bit architectures. oldstable/main/binary-arm/php4-common_4.3.10-22_arm.deb oldstable/main/binary-arm/libapache-mod-php4_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-curl_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-domxml_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-gd_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-imap_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-ldap_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-mcal_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-mhash_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-mysql_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-odbc_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-recode_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-xslt_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-snmp_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-sybase_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-cgi_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-cli_4.3.10-22_arm.deb oldstable/main/binary-arm/php4-dev_4.3.10-22_arm.deb oldstable/main/binary-arm/libapache2-mod-php4_4.3.10-22_arm.deb php4 (4:4.3.10-22) oldstable-security; urgency=low * NMU prepared for the security team by the package maintainer. * The following security issue is addressed with this update: - CVE-2007-1864: Buffer overflow in the bundled libxmlrpc library. (Thanks to Joe Orton from redhat for sharing the patch.) - CVE-2006-0207: HTTP response splitting vulnerabilities. This was reported to not affect this version of PHP, but it has been independantly verified that it does (closes: #354683). - CVE-2006-4486: Int. overflows in memory mgmt code for 64bit architectures. oldstable/main/binary-hppa/php4-common_4.3.10-22_hppa.deb oldstable/main/binary-hppa/libapache-mod-php4_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-curl_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-domxml_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-gd_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-imap_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-ldap_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-mcal_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-mhash_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-mysql_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-odbc_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-recode_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-xslt_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-snmp_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-sybase_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-cgi_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-cli_4.3.10-22_hppa.deb oldstable/main/binary-hppa/php4-dev_4.3.10-22_hppa.deb oldstable/main/binary-hppa/libapache2-mod-php4_4.3.10-22_hppa.deb php4 (4:4.3.10-22) oldstable-security; urgency=low * NMU prepared for the security team by the package maintainer. * The following security issue is addressed with this update: - CVE-2007-1864: Buffer overflow in the bundled libxmlrpc library. (Thanks to Joe Orton from redhat for sharing the patch.) - CVE-2006-0207: HTTP response splitting vulnerabilities. This was reported to not affect this version of PHP, but it has been independantly verified that it does (closes: #354683). - CVE-2006-4486: Int. overflows in memory mgmt code for 64bit architectures. oldstable/main/source/php4_4.3.10-22.dsc oldstable/main/source/php4_4.3.10-22.diff.gz oldstable/main/binary-i386/php4-common_4.3.10-22_i386.deb oldstable/main/binary-i386/libapache-mod-php4_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-curl_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-domxml_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-gd_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-imap_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-ldap_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-mcal_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-mhash_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-mysql_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-odbc_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-recode_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-xslt_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-snmp_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-sybase_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-cgi_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-cli_4.3.10-22_i386.deb oldstable/main/binary-i386/php4-dev_4.3.10-22_i386.deb oldstable/main/binary-i386/libapache2-mod-php4_4.3.10-22_i386.deb oldstable/main/binary-all/php4_4.3.10-22_all.deb oldstable/main/binary-all/php4-pear_4.3.10-22_all.deb php4 (4:4.3.10-22) oldstable-security; urgency=low * NMU prepared for the security team by the package maintainer. * The following security issue is addressed with this update: - CVE-2007-1864: Buffer overflow in the bundled libxmlrpc library. (Thanks to Joe Orton from redhat for sharing the patch.) - CVE-2006-0207: HTTP response splitting vulnerabilities. This was reported to not affect this version of PHP, but it has been independantly verified that it does (closes: #354683). - CVE-2006-4486: Int. overflows in memory mgmt code for 64bit architectures. oldstable/main/binary-ia64/php4-common_4.3.10-22_ia64.deb oldstable/main/binary-ia64/libapache-mod-php4_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-curl_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-domxml_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-gd_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-imap_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-ldap_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-mcal_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-mhash_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-mysql_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-odbc_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-recode_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-xslt_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-snmp_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-sybase_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-cgi_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-cli_4.3.10-22_ia64.deb oldstable/main/binary-ia64/php4-dev_4.3.10-22_ia64.deb oldstable/main/binary-ia64/libapache2-mod-php4_4.3.10-22_ia64.deb php4 (4:4.3.10-22) oldstable-security; urgency=low * NMU prepared for the security team by the package maintainer. * The following security issue is addressed with this update: - CVE-2007-1864: Buffer overflow in the bundled libxmlrpc library. (Thanks to Joe Orton from redhat for sharing the patch.) - CVE-2006-0207: HTTP response splitting vulnerabilities. This was reported to not affect this version of PHP, but it has been independantly verified that it does (closes: #354683). - CVE-2006-4486: Int. overflows in memory mgmt code for 64bit architectures. oldstable/main/binary-m68k/php4-common_4.3.10-22_m68k.deb oldstable/main/binary-m68k/libapache-mod-php4_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-curl_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-domxml_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-gd_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-imap_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-ldap_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-mcal_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-mhash_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-mysql_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-odbc_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-recode_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-xslt_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-snmp_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-sybase_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-cgi_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-cli_4.3.10-22_m68k.deb oldstable/main/binary-m68k/php4-dev_4.3.10-22_m68k.deb oldstable/main/binary-m68k/libapache2-mod-php4_4.3.10-22_m68k.deb php4 (4:4.3.10-22) oldstable-security; urgency=low * NMU prepared for the security team by the package maintainer. * The following security issue is addressed with this update: - CVE-2007-1864: Buffer overflow in the bundled libxmlrpc library. (Thanks to Joe Orton from redhat for sharing the patch.) - CVE-2006-0207: HTTP response splitting vulnerabilities. This was reported to not affect this version of PHP, but it has been independantly verified that it does (closes: #354683). - CVE-2006-4486: Int. overflows in memory mgmt code for 64bit architectures. oldstable/main/binary-mips/php4-common_4.3.10-22_mips.deb oldstable/main/binary-mips/libapache-mod-php4_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-curl_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-domxml_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-gd_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-imap_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-ldap_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-mcal_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-mhash_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-mysql_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-odbc_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-recode_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-xslt_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-snmp_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-sybase_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-cgi_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-cli_4.3.10-22_mips.deb oldstable/main/binary-mips/php4-dev_4.3.10-22_mips.deb oldstable/main/binary-mips/libapache2-mod-php4_4.3.10-22_mips.deb php4 (4:4.3.10-22) oldstable-security; urgency=low * NMU prepared for the security team by the package maintainer. * The following security issue is addressed with this update: - CVE-2007-1864: Buffer overflow in the bundled libxmlrpc library. (Thanks to Joe Orton from redhat for sharing the patch.) - CVE-2006-0207: HTTP response splitting vulnerabilities. This was reported to not affect this version of PHP, but it has been independantly verified that it does (closes: #354683). - CVE-2006-4486: Int. overflows in memory mgmt code for 64bit architectures. oldstable/main/binary-mipsel/php4-common_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/libapache-mod-php4_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-curl_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-domxml_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-gd_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-imap_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-ldap_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-mcal_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-mhash_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-mysql_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-odbc_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-recode_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-xslt_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-snmp_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-sybase_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-cgi_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-cli_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/php4-dev_4.3.10-22_mipsel.deb oldstable/main/binary-mipsel/libapache2-mod-php4_4.3.10-22_mipsel.deb php4 (4:4.3.10-22) oldstable-security; urgency=low * NMU prepared for the security team by the package maintainer. * The following security issue is addressed with this update: - CVE-2007-1864: Buffer overflow in the bundled libxmlrpc library. (Thanks to Joe Orton from redhat for sharing the patch.) - CVE-2006-0207: HTTP response splitting vulnerabilities. This was reported to not affect this version of PHP, but it has been independantly verified that it does (closes: #354683). - CVE-2006-4486: Int. overflows in memory mgmt code for 64bit architectures. oldstable/main/binary-powerpc/php4-common_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/libapache-mod-php4_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-curl_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-domxml_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-gd_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-imap_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-ldap_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-mcal_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-mhash_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-mysql_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-odbc_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-recode_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-xslt_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-snmp_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-sybase_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-cgi_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-cli_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/php4-dev_4.3.10-22_powerpc.deb oldstable/main/binary-powerpc/libapache2-mod-php4_4.3.10-22_powerpc.deb php4 (4:4.3.10-22) oldstable-security; urgency=low * NMU prepared for the security team by the package maintainer. * The following security issue is addressed with this update: - CVE-2007-1864: Buffer overflow in the bundled libxmlrpc library. (Thanks to Joe Orton from redhat for sharing the patch.) - CVE-2006-0207: HTTP response splitting vulnerabilities. This was reported to not affect this version of PHP, but it has been independantly verified that it does (closes: #354683). - CVE-2006-4486: Int. overflows in memory mgmt code for 64bit architectures. oldstable/main/binary-s390/php4-common_4.3.10-22_s390.deb oldstable/main/binary-s390/libapache-mod-php4_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-curl_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-domxml_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-gd_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-imap_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-ldap_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-mcal_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-mhash_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-mysql_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-odbc_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-recode_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-xslt_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-snmp_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-sybase_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-cgi_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-cli_4.3.10-22_s390.deb oldstable/main/binary-s390/php4-dev_4.3.10-22_s390.deb oldstable/main/binary-s390/libapache2-mod-php4_4.3.10-22_s390.deb php4 (4:4.3.10-22) oldstable-security; urgency=low * NMU prepared for the security team by the package maintainer. * The following security issue is addressed with this update: - CVE-2007-1864: Buffer overflow in the bundled libxmlrpc library. (Thanks to Joe Orton from redhat for sharing the patch.) - CVE-2006-0207: HTTP response splitting vulnerabilities. This was reported to not affect this version of PHP, but it has been independantly verified that it does (closes: #354683). - CVE-2006-4486: Int. overflows in memory mgmt code for 64bit architectures. oldstable/main/binary-sparc/php4-common_4.3.10-22_sparc.deb oldstable/main/binary-sparc/libapache-mod-php4_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-curl_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-domxml_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-gd_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-imap_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-ldap_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-mcal_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-mhash_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-mysql_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-odbc_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-recode_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-xslt_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-snmp_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-sybase_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-cgi_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-cli_4.3.10-22_sparc.deb oldstable/main/binary-sparc/php4-dev_4.3.10-22_sparc.deb oldstable/main/binary-sparc/libapache2-mod-php4_4.3.10-22_sparc.deb php4 (4:4.3.10-22) oldstable-security; urgency=low * NMU prepared for the security team by the package maintainer. * The following security issue is addressed with this update: - CVE-2007-1864: Buffer overflow in the bundled libxmlrpc library. (Thanks to Joe Orton from redhat for sharing the patch.) - CVE-2006-0207: HTTP response splitting vulnerabilities. This was reported to not affect this version of PHP, but it has been independantly verified that it does (closes: #354683). - CVE-2006-4486: Int. overflows in memory mgmt code for 64bit architectures. oldstable/main/source/phpmyadmin_2.6.2-3sarge5.dsc oldstable/main/source/phpmyadmin_2.6.2-3sarge5.diff.gz oldstable/main/binary-all/phpmyadmin_2.6.2-3sarge5_all.deb phpmyadmin (4:2.6.2-3sarge5) oldstable-security; urgency=low * Upload to oldstable-security. oldstable/main/source/phpmyadmin_2.6.2-3sarge6.dsc oldstable/main/source/phpmyadmin_2.6.2-3sarge6.diff.gz oldstable/main/binary-all/phpmyadmin_2.6.2-3sarge6_all.deb phpmyadmin (4:2.6.2-3sarge6) oldstable-security; urgency=high * Update for sarge to address a security issue. * Muliple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in (1) PHP_SELF in (a) server_status.php, and (b) grab_globals.lib.php, (c) display_change_password.lib.php, and (d) common.lib.php in libraries/; and certain input available in PHP_SELF and (2) PATH_INFO in libraries/common.inc.php. (CVE-2007-5589, PMASA-2007-6) oldstable/main/binary-arm/plptools_0.12-5_arm.deb oldstable/main/binary-arm/plptools-dev_0.12-5_arm.deb plptools (0.12-5) unstable; urgency=low * Only build plptools and plptools-dev, remove the KDE dependent targets as a workaround to get plptools into testing (Closes: #246475) oldstable/main/source/po4a_0.20-2sarge1.dsc oldstable/main/source/po4a_0.20-2sarge1.diff.gz oldstable/main/binary-all/po4a_0.20-2sarge1_all.deb po4a (0.20-2sarge1) oldstable-proposed-updates; urgency=low * Fix possible arbitrary files overwriting via a symlink attack. (CVE-2007-4462). Closes: #439226 oldstable/main/binary-alpha/postgresql_7.4.7-6sarge5_alpha.deb oldstable/main/binary-alpha/postgresql-client_7.4.7-6sarge5_alpha.deb oldstable/main/binary-alpha/postgresql-dev_7.4.7-6sarge5_alpha.deb oldstable/main/binary-alpha/libpq3_7.4.7-6sarge5_alpha.deb oldstable/main/binary-alpha/libecpg4_7.4.7-6sarge5_alpha.deb oldstable/main/binary-alpha/libecpg-dev_7.4.7-6sarge5_alpha.deb oldstable/main/binary-alpha/libpgtcl_7.4.7-6sarge5_alpha.deb oldstable/main/binary-alpha/libpgtcl-dev_7.4.7-6sarge5_alpha.deb oldstable/main/binary-alpha/postgresql-contrib_7.4.7-6sarge5_alpha.deb postgresql (7.4.7-6sarge5) oldstable-security; urgency=high * SECURITY UPDATE: User privilege escalation. * Add debian/patches/62secure_search_path.path: - Support explicit placement of the temporary-table schema within search_path. This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, a malicious user can use temporary objects to execute code with the privileges of the security-definer function. Even pushing the temp schema to the back of the search path is not quite good enough, because a function or operator at the back of the path might still capture control from one nearer the front due to having a more exact datatype match. Hence, disable searching the temp schema altogether for functions and operators. [CVE-2007-2138] - Patch backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/catalog/namespace.c.diff?r1=1.58;r2=1.58.2.1 - Add test cases for the placement of the temp schema in the search path. Backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/expected/temp.out.diff?r1=1.9;r2=1.9.2.1 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/sql/temp.sql.diff?r1=1.5;r2=1.5.4.1 * Add debian/docs.patch: manpage and HTML documentation patches which explain the changes above. Upstream keeps them in the SGML source, but since we do not build this and instead use the pre-built files which come in man.tar.gz and postgresql.tar.gz, we cannot use a regular debian/patches/ patch for this. * debian/rules: Apply debian/docs.patch in the install target to update the files in the binary install directories. oldstable/main/binary-arm/postgresql_7.4.7-6sarge5_arm.deb oldstable/main/binary-arm/postgresql-client_7.4.7-6sarge5_arm.deb oldstable/main/binary-arm/postgresql-dev_7.4.7-6sarge5_arm.deb oldstable/main/binary-arm/libpq3_7.4.7-6sarge5_arm.deb oldstable/main/binary-arm/libecpg4_7.4.7-6sarge5_arm.deb oldstable/main/binary-arm/libecpg-dev_7.4.7-6sarge5_arm.deb oldstable/main/binary-arm/libpgtcl_7.4.7-6sarge5_arm.deb oldstable/main/binary-arm/libpgtcl-dev_7.4.7-6sarge5_arm.deb oldstable/main/binary-arm/postgresql-contrib_7.4.7-6sarge5_arm.deb postgresql (7.4.7-6sarge5) oldstable-security; urgency=high * SECURITY UPDATE: User privilege escalation. * Add debian/patches/62secure_search_path.path: - Support explicit placement of the temporary-table schema within search_path. This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, a malicious user can use temporary objects to execute code with the privileges of the security-definer function. Even pushing the temp schema to the back of the search path is not quite good enough, because a function or operator at the back of the path might still capture control from one nearer the front due to having a more exact datatype match. Hence, disable searching the temp schema altogether for functions and operators. [CVE-2007-2138] - Patch backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/catalog/namespace.c.diff?r1=1.58;r2=1.58.2.1 - Add test cases for the placement of the temp schema in the search path. Backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/expected/temp.out.diff?r1=1.9;r2=1.9.2.1 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/sql/temp.sql.diff?r1=1.5;r2=1.5.4.1 * Add debian/docs.patch: manpage and HTML documentation patches which explain the changes above. Upstream keeps them in the SGML source, but since we do not build this and instead use the pre-built files which come in man.tar.gz and postgresql.tar.gz, we cannot use a regular debian/patches/ patch for this. * debian/rules: Apply debian/docs.patch in the install target to update the files in the binary install directories. oldstable/main/binary-hppa/postgresql_7.4.7-6sarge5_hppa.deb oldstable/main/binary-hppa/postgresql-client_7.4.7-6sarge5_hppa.deb oldstable/main/binary-hppa/postgresql-dev_7.4.7-6sarge5_hppa.deb oldstable/main/binary-hppa/libpq3_7.4.7-6sarge5_hppa.deb oldstable/main/binary-hppa/libecpg4_7.4.7-6sarge5_hppa.deb oldstable/main/binary-hppa/libecpg-dev_7.4.7-6sarge5_hppa.deb oldstable/main/binary-hppa/libpgtcl_7.4.7-6sarge5_hppa.deb oldstable/main/binary-hppa/libpgtcl-dev_7.4.7-6sarge5_hppa.deb oldstable/main/binary-hppa/postgresql-contrib_7.4.7-6sarge5_hppa.deb postgresql (7.4.7-6sarge5) oldstable-security; urgency=high * SECURITY UPDATE: User privilege escalation. * Add debian/patches/62secure_search_path.path: - Support explicit placement of the temporary-table schema within search_path. This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, a malicious user can use temporary objects to execute code with the privileges of the security-definer function. Even pushing the temp schema to the back of the search path is not quite good enough, because a function or operator at the back of the path might still capture control from one nearer the front due to having a more exact datatype match. Hence, disable searching the temp schema altogether for functions and operators. [CVE-2007-2138] - Patch backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/catalog/namespace.c.diff?r1=1.58;r2=1.58.2.1 - Add test cases for the placement of the temp schema in the search path. Backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/expected/temp.out.diff?r1=1.9;r2=1.9.2.1 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/sql/temp.sql.diff?r1=1.5;r2=1.5.4.1 * Add debian/docs.patch: manpage and HTML documentation patches which explain the changes above. Upstream keeps them in the SGML source, but since we do not build this and instead use the pre-built files which come in man.tar.gz and postgresql.tar.gz, we cannot use a regular debian/patches/ patch for this. * debian/rules: Apply debian/docs.patch in the install target to update the files in the binary install directories. oldstable/main/source/postgresql_7.4.7-6sarge5.dsc oldstable/main/source/postgresql_7.4.7-6sarge5.diff.gz oldstable/main/binary-all/postgresql-doc_7.4.7-6sarge5_all.deb oldstable/main/binary-i386/postgresql_7.4.7-6sarge5_i386.deb oldstable/main/binary-i386/postgresql-client_7.4.7-6sarge5_i386.deb oldstable/main/binary-i386/postgresql-dev_7.4.7-6sarge5_i386.deb oldstable/main/binary-i386/libpq3_7.4.7-6sarge5_i386.deb oldstable/main/binary-i386/libecpg4_7.4.7-6sarge5_i386.deb oldstable/main/binary-i386/libecpg-dev_7.4.7-6sarge5_i386.deb oldstable/main/binary-i386/libpgtcl_7.4.7-6sarge5_i386.deb oldstable/main/binary-i386/libpgtcl-dev_7.4.7-6sarge5_i386.deb oldstable/main/binary-i386/postgresql-contrib_7.4.7-6sarge5_i386.deb postgresql (7.4.7-6sarge5) oldstable-security; urgency=high * SECURITY UPDATE: User privilege escalation. * Add debian/patches/62secure_search_path.path: - Support explicit placement of the temporary-table schema within search_path. This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, a malicious user can use temporary objects to execute code with the privileges of the security-definer function. Even pushing the temp schema to the back of the search path is not quite good enough, because a function or operator at the back of the path might still capture control from one nearer the front due to having a more exact datatype match. Hence, disable searching the temp schema altogether for functions and operators. [CVE-2007-2138] - Patch backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/catalog/namespace.c.diff?r1=1.58;r2=1.58.2.1 - Add test cases for the placement of the temp schema in the search path. Backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/expected/temp.out.diff?r1=1.9;r2=1.9.2.1 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/sql/temp.sql.diff?r1=1.5;r2=1.5.4.1 * Add debian/docs.patch: manpage and HTML documentation patches which explain the changes above. Upstream keeps them in the SGML source, but since we do not build this and instead use the pre-built files which come in man.tar.gz and postgresql.tar.gz, we cannot use a regular debian/patches/ patch for this. * debian/rules: Apply debian/docs.patch in the install target to update the files in the binary install directories. oldstable/main/binary-ia64/postgresql_7.4.7-6sarge5_ia64.deb oldstable/main/binary-ia64/postgresql-client_7.4.7-6sarge5_ia64.deb oldstable/main/binary-ia64/postgresql-dev_7.4.7-6sarge5_ia64.deb oldstable/main/binary-ia64/libpq3_7.4.7-6sarge5_ia64.deb oldstable/main/binary-ia64/libecpg4_7.4.7-6sarge5_ia64.deb oldstable/main/binary-ia64/libecpg-dev_7.4.7-6sarge5_ia64.deb oldstable/main/binary-ia64/libpgtcl_7.4.7-6sarge5_ia64.deb oldstable/main/binary-ia64/libpgtcl-dev_7.4.7-6sarge5_ia64.deb oldstable/main/binary-ia64/postgresql-contrib_7.4.7-6sarge5_ia64.deb postgresql (7.4.7-6sarge5) oldstable-security; urgency=high * SECURITY UPDATE: User privilege escalation. * Add debian/patches/62secure_search_path.path: - Support explicit placement of the temporary-table schema within search_path. This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, a malicious user can use temporary objects to execute code with the privileges of the security-definer function. Even pushing the temp schema to the back of the search path is not quite good enough, because a function or operator at the back of the path might still capture control from one nearer the front due to having a more exact datatype match. Hence, disable searching the temp schema altogether for functions and operators. [CVE-2007-2138] - Patch backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/catalog/namespace.c.diff?r1=1.58;r2=1.58.2.1 - Add test cases for the placement of the temp schema in the search path. Backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/expected/temp.out.diff?r1=1.9;r2=1.9.2.1 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/sql/temp.sql.diff?r1=1.5;r2=1.5.4.1 * Add debian/docs.patch: manpage and HTML documentation patches which explain the changes above. Upstream keeps them in the SGML source, but since we do not build this and instead use the pre-built files which come in man.tar.gz and postgresql.tar.gz, we cannot use a regular debian/patches/ patch for this. * debian/rules: Apply debian/docs.patch in the install target to update the files in the binary install directories. oldstable/main/binary-m68k/postgresql_7.4.7-6sarge5_m68k.deb oldstable/main/binary-m68k/postgresql-client_7.4.7-6sarge5_m68k.deb oldstable/main/binary-m68k/postgresql-dev_7.4.7-6sarge5_m68k.deb oldstable/main/binary-m68k/libpq3_7.4.7-6sarge5_m68k.deb oldstable/main/binary-m68k/libecpg4_7.4.7-6sarge5_m68k.deb oldstable/main/binary-m68k/libecpg-dev_7.4.7-6sarge5_m68k.deb oldstable/main/binary-m68k/libpgtcl_7.4.7-6sarge5_m68k.deb oldstable/main/binary-m68k/libpgtcl-dev_7.4.7-6sarge5_m68k.deb oldstable/main/binary-m68k/postgresql-contrib_7.4.7-6sarge5_m68k.deb postgresql (7.4.7-6sarge5) oldstable-security; urgency=high * SECURITY UPDATE: User privilege escalation. * Add debian/patches/62secure_search_path.path: - Support explicit placement of the temporary-table schema within search_path. This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, a malicious user can use temporary objects to execute code with the privileges of the security-definer function. Even pushing the temp schema to the back of the search path is not quite good enough, because a function or operator at the back of the path might still capture control from one nearer the front due to having a more exact datatype match. Hence, disable searching the temp schema altogether for functions and operators. [CVE-2007-2138] - Patch backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/catalog/namespace.c.diff?r1=1.58;r2=1.58.2.1 - Add test cases for the placement of the temp schema in the search path. Backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/expected/temp.out.diff?r1=1.9;r2=1.9.2.1 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/sql/temp.sql.diff?r1=1.5;r2=1.5.4.1 * Add debian/docs.patch: manpage and HTML documentation patches which explain the changes above. Upstream keeps them in the SGML source, but since we do not build this and instead use the pre-built files which come in man.tar.gz and postgresql.tar.gz, we cannot use a regular debian/patches/ patch for this. * debian/rules: Apply debian/docs.patch in the install target to update the files in the binary install directories. oldstable/main/binary-mips/postgresql_7.4.7-6sarge5_mips.deb oldstable/main/binary-mips/postgresql-client_7.4.7-6sarge5_mips.deb oldstable/main/binary-mips/postgresql-dev_7.4.7-6sarge5_mips.deb oldstable/main/binary-mips/libpq3_7.4.7-6sarge5_mips.deb oldstable/main/binary-mips/libecpg4_7.4.7-6sarge5_mips.deb oldstable/main/binary-mips/libecpg-dev_7.4.7-6sarge5_mips.deb oldstable/main/binary-mips/libpgtcl_7.4.7-6sarge5_mips.deb oldstable/main/binary-mips/libpgtcl-dev_7.4.7-6sarge5_mips.deb oldstable/main/binary-mips/postgresql-contrib_7.4.7-6sarge5_mips.deb postgresql (7.4.7-6sarge5) oldstable-security; urgency=high * SECURITY UPDATE: User privilege escalation. * Add debian/patches/62secure_search_path.path: - Support explicit placement of the temporary-table schema within search_path. This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, a malicious user can use temporary objects to execute code with the privileges of the security-definer function. Even pushing the temp schema to the back of the search path is not quite good enough, because a function or operator at the back of the path might still capture control from one nearer the front due to having a more exact datatype match. Hence, disable searching the temp schema altogether for functions and operators. [CVE-2007-2138] - Patch backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/catalog/namespace.c.diff?r1=1.58;r2=1.58.2.1 - Add test cases for the placement of the temp schema in the search path. Backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/expected/temp.out.diff?r1=1.9;r2=1.9.2.1 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/sql/temp.sql.diff?r1=1.5;r2=1.5.4.1 * Add debian/docs.patch: manpage and HTML documentation patches which explain the changes above. Upstream keeps them in the SGML source, but since we do not build this and instead use the pre-built files which come in man.tar.gz and postgresql.tar.gz, we cannot use a regular debian/patches/ patch for this. * debian/rules: Apply debian/docs.patch in the install target to update the files in the binary install directories. oldstable/main/binary-mipsel/postgresql_7.4.7-6sarge5_mipsel.deb oldstable/main/binary-mipsel/postgresql-client_7.4.7-6sarge5_mipsel.deb oldstable/main/binary-mipsel/postgresql-dev_7.4.7-6sarge5_mipsel.deb oldstable/main/binary-mipsel/libpq3_7.4.7-6sarge5_mipsel.deb oldstable/main/binary-mipsel/libecpg4_7.4.7-6sarge5_mipsel.deb oldstable/main/binary-mipsel/libecpg-dev_7.4.7-6sarge5_mipsel.deb oldstable/main/binary-mipsel/libpgtcl_7.4.7-6sarge5_mipsel.deb oldstable/main/binary-mipsel/libpgtcl-dev_7.4.7-6sarge5_mipsel.deb oldstable/main/binary-mipsel/postgresql-contrib_7.4.7-6sarge5_mipsel.deb postgresql (7.4.7-6sarge5) oldstable-security; urgency=high * SECURITY UPDATE: User privilege escalation. * Add debian/patches/62secure_search_path.path: - Support explicit placement of the temporary-table schema within search_path. This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, a malicious user can use temporary objects to execute code with the privileges of the security-definer function. Even pushing the temp schema to the back of the search path is not quite good enough, because a function or operator at the back of the path might still capture control from one nearer the front due to having a more exact datatype match. Hence, disable searching the temp schema altogether for functions and operators. [CVE-2007-2138] - Patch backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/catalog/namespace.c.diff?r1=1.58;r2=1.58.2.1 - Add test cases for the placement of the temp schema in the search path. Backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/expected/temp.out.diff?r1=1.9;r2=1.9.2.1 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/sql/temp.sql.diff?r1=1.5;r2=1.5.4.1 * Add debian/docs.patch: manpage and HTML documentation patches which explain the changes above. Upstream keeps them in the SGML source, but since we do not build this and instead use the pre-built files which come in man.tar.gz and postgresql.tar.gz, we cannot use a regular debian/patches/ patch for this. * debian/rules: Apply debian/docs.patch in the install target to update the files in the binary install directories. oldstable/main/binary-powerpc/postgresql_7.4.7-6sarge5_powerpc.deb oldstable/main/binary-powerpc/postgresql-client_7.4.7-6sarge5_powerpc.deb oldstable/main/binary-powerpc/postgresql-dev_7.4.7-6sarge5_powerpc.deb oldstable/main/binary-powerpc/libpq3_7.4.7-6sarge5_powerpc.deb oldstable/main/binary-powerpc/libecpg4_7.4.7-6sarge5_powerpc.deb oldstable/main/binary-powerpc/libecpg-dev_7.4.7-6sarge5_powerpc.deb oldstable/main/binary-powerpc/libpgtcl_7.4.7-6sarge5_powerpc.deb oldstable/main/binary-powerpc/libpgtcl-dev_7.4.7-6sarge5_powerpc.deb oldstable/main/binary-powerpc/postgresql-contrib_7.4.7-6sarge5_powerpc.deb postgresql (7.4.7-6sarge5) oldstable-security; urgency=high * SECURITY UPDATE: User privilege escalation. * Add debian/patches/62secure_search_path.path: - Support explicit placement of the temporary-table schema within search_path. This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, a malicious user can use temporary objects to execute code with the privileges of the security-definer function. Even pushing the temp schema to the back of the search path is not quite good enough, because a function or operator at the back of the path might still capture control from one nearer the front due to having a more exact datatype match. Hence, disable searching the temp schema altogether for functions and operators. [CVE-2007-2138] - Patch backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/catalog/namespace.c.diff?r1=1.58;r2=1.58.2.1 - Add test cases for the placement of the temp schema in the search path. Backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/expected/temp.out.diff?r1=1.9;r2=1.9.2.1 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/sql/temp.sql.diff?r1=1.5;r2=1.5.4.1 * Add debian/docs.patch: manpage and HTML documentation patches which explain the changes above. Upstream keeps them in the SGML source, but since we do not build this and instead use the pre-built files which come in man.tar.gz and postgresql.tar.gz, we cannot use a regular debian/patches/ patch for this. * debian/rules: Apply debian/docs.patch in the install target to update the files in the binary install directories. oldstable/main/binary-s390/postgresql_7.4.7-6sarge5_s390.deb oldstable/main/binary-s390/postgresql-client_7.4.7-6sarge5_s390.deb oldstable/main/binary-s390/postgresql-dev_7.4.7-6sarge5_s390.deb oldstable/main/binary-s390/libpq3_7.4.7-6sarge5_s390.deb oldstable/main/binary-s390/libecpg4_7.4.7-6sarge5_s390.deb oldstable/main/binary-s390/libecpg-dev_7.4.7-6sarge5_s390.deb oldstable/main/binary-s390/libpgtcl_7.4.7-6sarge5_s390.deb oldstable/main/binary-s390/libpgtcl-dev_7.4.7-6sarge5_s390.deb oldstable/main/binary-s390/postgresql-contrib_7.4.7-6sarge5_s390.deb postgresql (7.4.7-6sarge5) oldstable-security; urgency=high * SECURITY UPDATE: User privilege escalation. * Add debian/patches/62secure_search_path.path: - Support explicit placement of the temporary-table schema within search_path. This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, a malicious user can use temporary objects to execute code with the privileges of the security-definer function. Even pushing the temp schema to the back of the search path is not quite good enough, because a function or operator at the back of the path might still capture control from one nearer the front due to having a more exact datatype match. Hence, disable searching the temp schema altogether for functions and operators. [CVE-2007-2138] - Patch backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/catalog/namespace.c.diff?r1=1.58;r2=1.58.2.1 - Add test cases for the placement of the temp schema in the search path. Backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/expected/temp.out.diff?r1=1.9;r2=1.9.2.1 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/sql/temp.sql.diff?r1=1.5;r2=1.5.4.1 * Add debian/docs.patch: manpage and HTML documentation patches which explain the changes above. Upstream keeps them in the SGML source, but since we do not build this and instead use the pre-built files which come in man.tar.gz and postgresql.tar.gz, we cannot use a regular debian/patches/ patch for this. * debian/rules: Apply debian/docs.patch in the install target to update the files in the binary install directories. oldstable/main/binary-sparc/postgresql_7.4.7-6sarge5_sparc.deb oldstable/main/binary-sparc/postgresql-client_7.4.7-6sarge5_sparc.deb oldstable/main/binary-sparc/postgresql-dev_7.4.7-6sarge5_sparc.deb oldstable/main/binary-sparc/libpq3_7.4.7-6sarge5_sparc.deb oldstable/main/binary-sparc/libecpg4_7.4.7-6sarge5_sparc.deb oldstable/main/binary-sparc/libecpg-dev_7.4.7-6sarge5_sparc.deb oldstable/main/binary-sparc/libpgtcl_7.4.7-6sarge5_sparc.deb oldstable/main/binary-sparc/libpgtcl-dev_7.4.7-6sarge5_sparc.deb oldstable/main/binary-sparc/postgresql-contrib_7.4.7-6sarge5_sparc.deb postgresql (7.4.7-6sarge5) oldstable-security; urgency=high * SECURITY UPDATE: User privilege escalation. * Add debian/patches/62secure_search_path.path: - Support explicit placement of the temporary-table schema within search_path. This is needed to allow a security-definer function to set a truly secure value of search_path. Without it, a malicious user can use temporary objects to execute code with the privileges of the security-definer function. Even pushing the temp schema to the back of the search path is not quite good enough, because a function or operator at the back of the path might still capture control from one nearer the front due to having a more exact datatype match. Hence, disable searching the temp schema altogether for functions and operators. [CVE-2007-2138] - Patch backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/catalog/namespace.c.diff?r1=1.58;r2=1.58.2.1 - Add test cases for the placement of the temp schema in the search path. Backported from 7.4.17 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/expected/temp.out.diff?r1=1.9;r2=1.9.2.1 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/test/regress/sql/temp.sql.diff?r1=1.5;r2=1.5.4.1 * Add debian/docs.patch: manpage and HTML documentation patches which explain the changes above. Upstream keeps them in the SGML source, but since we do not build this and instead use the pre-built files which come in man.tar.gz and postgresql.tar.gz, we cannot use a regular debian/patches/ patch for this. * debian/rules: Apply debian/docs.patch in the install target to update the files in the binary install directories. oldstable/main/source/prebaseconfig_1.07sarge1.dsc oldstable/main/source/prebaseconfig_1.07sarge1.tar.gz oldstable/main/prebaseconfig_1.07sarge1_all.udeb prebaseconfig (1.07sarge1) oldstable; urgency=low * Change permissions of log files and cdebconf files to 600 to guard against any possible leakage of sensitive data. This has previously been worked around by changes in base-installer. oldstable/main/binary-alpha/libpt-1.8.3_1.8.4-1+sarge1.1_alpha.deb oldstable/main/binary-alpha/libpt-dev_1.8.4-1+sarge1.1_alpha.deb oldstable/main/binary-alpha/libpt-dbg_1.8.4-1+sarge1.1_alpha.deb oldstable/main/binary-alpha/libpt-plugins-v4l_1.8.4-1+sarge1.1_alpha.deb oldstable/main/binary-alpha/libpt-plugins-v4l2_1.8.4-1+sarge1.1_alpha.deb oldstable/main/binary-alpha/libpt-plugins-avc_1.8.4-1+sarge1.1_alpha.deb oldstable/main/binary-alpha/libpt-plugins-dc_1.8.4-1+sarge1.1_alpha.deb oldstable/main/binary-alpha/libpt-plugins-oss_1.8.4-1+sarge1.1_alpha.deb oldstable/main/binary-alpha/libpt-plugins-alsa_1.8.4-1+sarge1.1_alpha.deb pwlib (1.8.4-1+sarge1.1) oldstable-proposed-updates; urgency=low * Non-maintainer upload. * Fix to build with sudo on the autobuilders. oldstable/main/binary-arm/libpt-1.8.3_1.8.4-1+sarge1.1_arm.deb oldstable/main/binary-arm/libpt-dev_1.8.4-1+sarge1.1_arm.deb oldstable/main/binary-arm/libpt-dbg_1.8.4-1+sarge1.1_arm.deb oldstable/main/binary-arm/libpt-plugins-v4l_1.8.4-1+sarge1.1_arm.deb oldstable/main/binary-arm/libpt-plugins-v4l2_1.8.4-1+sarge1.1_arm.deb oldstable/main/binary-arm/libpt-plugins-avc_1.8.4-1+sarge1.1_arm.deb oldstable/main/binary-arm/libpt-plugins-dc_1.8.4-1+sarge1.1_arm.deb oldstable/main/binary-arm/libpt-plugins-oss_1.8.4-1+sarge1.1_arm.deb oldstable/main/binary-arm/libpt-plugins-alsa_1.8.4-1+sarge1.1_arm.deb pwlib (1.8.4-1+sarge1.1) oldstable-proposed-updates; urgency=low * Non-maintainer upload. * Fix to build with sudo on the autobuilders. oldstable/main/binary-hppa/libpt-1.8.3_1.8.4-1+sarge1.1_hppa.deb oldstable/main/binary-hppa/libpt-dev_1.8.4-1+sarge1.1_hppa.deb oldstable/main/binary-hppa/libpt-dbg_1.8.4-1+sarge1.1_hppa.deb oldstable/main/binary-hppa/libpt-plugins-v4l_1.8.4-1+sarge1.1_hppa.deb oldstable/main/binary-hppa/libpt-plugins-v4l2_1.8.4-1+sarge1.1_hppa.deb oldstable/main/binary-hppa/libpt-plugins-avc_1.8.4-1+sarge1.1_hppa.deb oldstable/main/binary-hppa/libpt-plugins-dc_1.8.4-1+sarge1.1_hppa.deb oldstable/main/binary-hppa/libpt-plugins-oss_1.8.4-1+sarge1.1_hppa.deb oldstable/main/binary-hppa/libpt-plugins-alsa_1.8.4-1+sarge1.1_hppa.deb pwlib (1.8.4-1+sarge1.1) oldstable-proposed-updates; urgency=low * Non-maintainer upload. * Fix to build with sudo on the autobuilders. oldstable/main/source/pwlib_1.8.4-1+sarge1.1.dsc oldstable/main/source/pwlib_1.8.4-1+sarge1.1.diff.gz oldstable/main/binary-i386/libpt-1.8.3_1.8.4-1+sarge1.1_i386.deb oldstable/main/binary-i386/libpt-dev_1.8.4-1+sarge1.1_i386.deb oldstable/main/binary-i386/libpt-dbg_1.8.4-1+sarge1.1_i386.deb oldstable/main/binary-i386/libpt-plugins-v4l_1.8.4-1+sarge1.1_i386.deb oldstable/main/binary-i386/libpt-plugins-v4l2_1.8.4-1+sarge1.1_i386.deb oldstable/main/binary-i386/libpt-plugins-avc_1.8.4-1+sarge1.1_i386.deb oldstable/main/binary-i386/libpt-plugins-dc_1.8.4-1+sarge1.1_i386.deb oldstable/main/binary-i386/libpt-plugins-oss_1.8.4-1+sarge1.1_i386.deb oldstable/main/binary-i386/libpt-plugins-alsa_1.8.4-1+sarge1.1_i386.deb oldstable/main/binary-all/libpt-doc_1.8.4-1+sarge1.1_all.deb pwlib (1.8.4-1+sarge1.1) oldstable-proposed-updates; urgency=low * Non-maintainer upload. * Fix to build with sudo on the autobuilders. oldstable/main/binary-ia64/libpt-1.8.3_1.8.4-1+sarge1.1_ia64.deb oldstable/main/binary-ia64/libpt-dev_1.8.4-1+sarge1.1_ia64.deb oldstable/main/binary-ia64/libpt-dbg_1.8.4-1+sarge1.1_ia64.deb oldstable/main/binary-ia64/libpt-plugins-v4l_1.8.4-1+sarge1.1_ia64.deb oldstable/main/binary-ia64/libpt-plugins-v4l2_1.8.4-1+sarge1.1_ia64.deb oldstable/main/binary-ia64/libpt-plugins-avc_1.8.4-1+sarge1.1_ia64.deb oldstable/main/binary-ia64/libpt-plugins-dc_1.8.4-1+sarge1.1_ia64.deb oldstable/main/binary-ia64/libpt-plugins-oss_1.8.4-1+sarge1.1_ia64.deb oldstable/main/binary-ia64/libpt-plugins-alsa_1.8.4-1+sarge1.1_ia64.deb pwlib (1.8.4-1+sarge1.1) oldstable-proposed-updates; urgency=low * Non-maintainer upload. * Fix to build with sudo on the autobuilders. oldstable/main/binary-mips/libpt-1.8.3_1.8.4-1+sarge1.1_mips.deb oldstable/main/binary-mips/libpt-dev_1.8.4-1+sarge1.1_mips.deb oldstable/main/binary-mips/libpt-dbg_1.8.4-1+sarge1.1_mips.deb oldstable/main/binary-mips/libpt-plugins-v4l_1.8.4-1+sarge1.1_mips.deb oldstable/main/binary-mips/libpt-plugins-v4l2_1.8.4-1+sarge1.1_mips.deb oldstable/main/binary-mips/libpt-plugins-avc_1.8.4-1+sarge1.1_mips.deb oldstable/main/binary-mips/libpt-plugins-dc_1.8.4-1+sarge1.1_mips.deb oldstable/main/binary-mips/libpt-plugins-oss_1.8.4-1+sarge1.1_mips.deb oldstable/main/binary-mips/libpt-plugins-alsa_1.8.4-1+sarge1.1_mips.deb pwlib (1.8.4-1+sarge1.1) oldstable-proposed-updates; urgency=low * Non-maintainer upload. * Fix to build with sudo on the autobuilders. oldstable/main/binary-mipsel/libpt-1.8.3_1.8.4-1+sarge1.1_mipsel.deb oldstable/main/binary-mipsel/libpt-dev_1.8.4-1+sarge1.1_mipsel.deb oldstable/main/binary-mipsel/libpt-dbg_1.8.4-1+sarge1.1_mipsel.deb oldstable/main/binary-mipsel/libpt-plugins-v4l_1.8.4-1+sarge1.1_mipsel.deb oldstable/main/binary-mipsel/libpt-plugins-v4l2_1.8.4-1+sarge1.1_mipsel.deb oldstable/main/binary-mipsel/libpt-plugins-avc_1.8.4-1+sarge1.1_mipsel.deb oldstable/main/binary-mipsel/libpt-plugins-dc_1.8.4-1+sarge1.1_mipsel.deb oldstable/main/binary-mipsel/libpt-plugins-oss_1.8.4-1+sarge1.1_mipsel.deb oldstable/main/binary-mipsel/libpt-plugins-alsa_1.8.4-1+sarge1.1_mipsel.deb pwlib (1.8.4-1+sarge1.1) oldstable-proposed-updates; urgency=low * Non-maintainer upload. * Fix to build with sudo on the autobuilders. oldstable/main/binary-powerpc/libpt-1.8.3_1.8.4-1+sarge1.1_powerpc.deb oldstable/main/binary-powerpc/libpt-dev_1.8.4-1+sarge1.1_powerpc.deb oldstable/main/binary-powerpc/libpt-dbg_1.8.4-1+sarge1.1_powerpc.deb oldstable/main/binary-powerpc/libpt-plugins-v4l_1.8.4-1+sarge1.1_powerpc.deb oldstable/main/binary-powerpc/libpt-plugins-v4l2_1.8.4-1+sarge1.1_powerpc.deb oldstable/main/binary-powerpc/libpt-plugins-avc_1.8.4-1+sarge1.1_powerpc.deb oldstable/main/binary-powerpc/libpt-plugins-dc_1.8.4-1+sarge1.1_powerpc.deb oldstable/main/binary-powerpc/libpt-plugins-oss_1.8.4-1+sarge1.1_powerpc.deb oldstable/main/binary-powerpc/libpt-plugins-alsa_1.8.4-1+sarge1.1_powerpc.deb pwlib (1.8.4-1+sarge1.1) oldstable-proposed-updates; urgency=low * Non-maintainer upload. * Fix to build with sudo on the autobuilders. oldstable/main/binary-s390/libpt-1.8.3_1.8.4-1+sarge1.1_s390.deb oldstable/main/binary-s390/libpt-dev_1.8.4-1+sarge1.1_s390.deb oldstable/main/binary-s390/libpt-dbg_1.8.4-1+sarge1.1_s390.deb oldstable/main/binary-s390/libpt-plugins-v4l_1.8.4-1+sarge1.1_s390.deb oldstable/main/binary-s390/libpt-plugins-v4l2_1.8.4-1+sarge1.1_s390.deb oldstable/main/binary-s390/libpt-plugins-avc_1.8.4-1+sarge1.1_s390.deb oldstable/main/binary-s390/libpt-plugins-dc_1.8.4-1+sarge1.1_s390.deb oldstable/main/binary-s390/libpt-plugins-oss_1.8.4-1+sarge1.1_s390.deb oldstable/main/binary-s390/libpt-plugins-alsa_1.8.4-1+sarge1.1_s390.deb pwlib (1.8.4-1+sarge1.1) oldstable-proposed-updates; urgency=low * Non-maintainer upload. * Fix to build with sudo on the autobuilders. oldstable/main/binary-sparc/libpt-1.8.3_1.8.4-1+sarge1.1_sparc.deb oldstable/main/binary-sparc/libpt-dev_1.8.4-1+sarge1.1_sparc.deb oldstable/main/binary-sparc/libpt-dbg_1.8.4-1+sarge1.1_sparc.deb oldstable/main/binary-sparc/libpt-plugins-v4l_1.8.4-1+sarge1.1_sparc.deb oldstable/main/binary-sparc/libpt-plugins-v4l2_1.8.4-1+sarge1.1_sparc.deb oldstable/main/binary-sparc/libpt-plugins-avc_1.8.4-1+sarge1.1_sparc.deb oldstable/main/binary-sparc/libpt-plugins-dc_1.8.4-1+sarge1.1_sparc.deb oldstable/main/binary-sparc/libpt-plugins-oss_1.8.4-1+sarge1.1_sparc.deb oldstable/main/binary-sparc/libpt-plugins-alsa_1.8.4-1+sarge1.1_sparc.deb pwlib (1.8.4-1+sarge1.1) oldstable-proposed-updates; urgency=low * Non-maintainer upload. * Fix to build with sudo on the autobuilders. oldstable/main/binary-arm/libpt-1.8.3_1.8.4-1+sarge1_arm.deb oldstable/main/binary-arm/libpt-dev_1.8.4-1+sarge1_arm.deb oldstable/main/binary-arm/libpt-dbg_1.8.4-1+sarge1_arm.deb oldstable/main/binary-arm/libpt-plugins-v4l_1.8.4-1+sarge1_arm.deb oldstable/main/binary-arm/libpt-plugins-v4l2_1.8.4-1+sarge1_arm.deb oldstable/main/binary-arm/libpt-plugins-avc_1.8.4-1+sarge1_arm.deb oldstable/main/binary-arm/libpt-plugins-dc_1.8.4-1+sarge1_arm.deb oldstable/main/binary-arm/libpt-plugins-oss_1.8.4-1+sarge1_arm.deb oldstable/main/binary-arm/libpt-plugins-alsa_1.8.4-1+sarge1_arm.deb pwlib (1.8.4-1+sarge1) oldstable-proposed-updates; urgency=high * Fix remote denial of service vulnerability caused by a call to PString::vsprintf if the used object already contained more than 1000 characters (CVE-2007-4897; Closes: #454133). oldstable/main/binary-hppa/libpt-1.8.3_1.8.4-1+sarge1_hppa.deb oldstable/main/binary-hppa/libpt-dev_1.8.4-1+sarge1_hppa.deb oldstable/main/binary-hppa/libpt-dbg_1.8.4-1+sarge1_hppa.deb oldstable/main/binary-hppa/libpt-plugins-v4l_1.8.4-1+sarge1_hppa.deb oldstable/main/binary-hppa/libpt-plugins-v4l2_1.8.4-1+sarge1_hppa.deb oldstable/main/binary-hppa/libpt-plugins-avc_1.8.4-1+sarge1_hppa.deb oldstable/main/binary-hppa/libpt-plugins-dc_1.8.4-1+sarge1_hppa.deb oldstable/main/binary-hppa/libpt-plugins-oss_1.8.4-1+sarge1_hppa.deb oldstable/main/binary-hppa/libpt-plugins-alsa_1.8.4-1+sarge1_hppa.deb pwlib (1.8.4-1+sarge1) oldstable-proposed-updates; urgency=high * Fix remote denial of service vulnerability caused by a call to PString::vsprintf if the used object already contained more than 1000 characters (CVE-2007-4897; Closes: #454133). oldstable/main/source/pwlib_1.8.4-1+sarge1.dsc oldstable/main/source/pwlib_1.8.4-1+sarge1.diff.gz oldstable/main/binary-i386/libpt-1.8.3_1.8.4-1+sarge1_i386.deb oldstable/main/binary-i386/libpt-dev_1.8.4-1+sarge1_i386.deb oldstable/main/binary-i386/libpt-dbg_1.8.4-1+sarge1_i386.deb oldstable/main/binary-i386/libpt-plugins-v4l_1.8.4-1+sarge1_i386.deb oldstable/main/binary-i386/libpt-plugins-v4l2_1.8.4-1+sarge1_i386.deb oldstable/main/binary-i386/libpt-plugins-avc_1.8.4-1+sarge1_i386.deb oldstable/main/binary-i386/libpt-plugins-dc_1.8.4-1+sarge1_i386.deb oldstable/main/binary-i386/libpt-plugins-oss_1.8.4-1+sarge1_i386.deb oldstable/main/binary-i386/libpt-plugins-alsa_1.8.4-1+sarge1_i386.deb oldstable/main/binary-all/libpt-doc_1.8.4-1+sarge1_all.deb pwlib (1.8.4-1+sarge1) oldstable-proposed-updates; urgency=high * Fix remote denial of service vulnerability caused by a call to PString::vsprintf if the used object already contained more than 1000 characters (CVE-2007-4897; Closes: #454133). oldstable/main/binary-ia64/libpt-1.8.3_1.8.4-1+sarge1_ia64.deb oldstable/main/binary-ia64/libpt-dev_1.8.4-1+sarge1_ia64.deb oldstable/main/binary-ia64/libpt-dbg_1.8.4-1+sarge1_ia64.deb oldstable/main/binary-ia64/libpt-plugins-v4l_1.8.4-1+sarge1_ia64.deb oldstable/main/binary-ia64/libpt-plugins-v4l2_1.8.4-1+sarge1_ia64.deb oldstable/main/binary-ia64/libpt-plugins-avc_1.8.4-1+sarge1_ia64.deb oldstable/main/binary-ia64/libpt-plugins-dc_1.8.4-1+sarge1_ia64.deb oldstable/main/binary-ia64/libpt-plugins-oss_1.8.4-1+sarge1_ia64.deb oldstable/main/binary-ia64/libpt-plugins-alsa_1.8.4-1+sarge1_ia64.deb pwlib (1.8.4-1+sarge1) oldstable-proposed-updates; urgency=high * Fix remote denial of service vulnerability caused by a call to PString::vsprintf if the used object already contained more than 1000 characters (CVE-2007-4897; Closes: #454133). oldstable/main/binary-powerpc/libpt-1.8.3_1.8.4-1+sarge1_powerpc.deb oldstable/main/binary-powerpc/libpt-dev_1.8.4-1+sarge1_powerpc.deb oldstable/main/binary-powerpc/libpt-dbg_1.8.4-1+sarge1_powerpc.deb oldstable/main/binary-powerpc/libpt-plugins-v4l_1.8.4-1+sarge1_powerpc.deb oldstable/main/binary-powerpc/libpt-plugins-v4l2_1.8.4-1+sarge1_powerpc.deb oldstable/main/binary-powerpc/libpt-plugins-avc_1.8.4-1+sarge1_powerpc.deb oldstable/main/binary-powerpc/libpt-plugins-dc_1.8.4-1+sarge1_powerpc.deb oldstable/main/binary-powerpc/libpt-plugins-oss_1.8.4-1+sarge1_powerpc.deb oldstable/main/binary-powerpc/libpt-plugins-alsa_1.8.4-1+sarge1_powerpc.deb pwlib (1.8.4-1+sarge1) oldstable-proposed-updates; urgency=high * Fix remote denial of service vulnerability caused by a call to PString::vsprintf if the used object already contained more than 1000 characters (CVE-2007-4897; Closes: #454133). oldstable/main/binary-s390/libpt-1.8.3_1.8.4-1+sarge1_s390.deb oldstable/main/binary-s390/libpt-dev_1.8.4-1+sarge1_s390.deb oldstable/main/binary-s390/libpt-dbg_1.8.4-1+sarge1_s390.deb oldstable/main/binary-s390/libpt-plugins-v4l_1.8.4-1+sarge1_s390.deb oldstable/main/binary-s390/libpt-plugins-v4l2_1.8.4-1+sarge1_s390.deb oldstable/main/binary-s390/libpt-plugins-avc_1.8.4-1+sarge1_s390.deb oldstable/main/binary-s390/libpt-plugins-dc_1.8.4-1+sarge1_s390.deb oldstable/main/binary-s390/libpt-plugins-oss_1.8.4-1+sarge1_s390.deb oldstable/main/binary-s390/libpt-plugins-alsa_1.8.4-1+sarge1_s390.deb pwlib (1.8.4-1+sarge1) oldstable-proposed-updates; urgency=high * Fix remote denial of service vulnerability caused by a call to PString::vsprintf if the used object already contained more than 1000 characters (CVE-2007-4897; Closes: #454133). oldstable/main/binary-sparc/libpt-1.8.3_1.8.4-1+sarge1_sparc.deb oldstable/main/binary-sparc/libpt-dev_1.8.4-1+sarge1_sparc.deb oldstable/main/binary-sparc/libpt-dbg_1.8.4-1+sarge1_sparc.deb oldstable/main/binary-sparc/libpt-plugins-v4l_1.8.4-1+sarge1_sparc.deb oldstable/main/binary-sparc/libpt-plugins-v4l2_1.8.4-1+sarge1_sparc.deb oldstable/main/binary-sparc/libpt-plugins-avc_1.8.4-1+sarge1_sparc.deb oldstable/main/binary-sparc/libpt-plugins-dc_1.8.4-1+sarge1_sparc.deb oldstable/main/binary-sparc/libpt-plugins-oss_1.8.4-1+sarge1_sparc.deb oldstable/main/binary-sparc/libpt-plugins-alsa_1.8.4-1+sarge1_sparc.deb pwlib (1.8.4-1+sarge1) oldstable-proposed-updates; urgency=high * Fix remote denial of service vulnerability caused by a call to PString::vsprintf if the used object already contained more than 1000 characters (CVE-2007-4897; Closes: #454133). oldstable/main/binary-hppa/python2.2-biopython_1.30-2_hppa.deb oldstable/main/binary-hppa/python2.3-biopython_1.30-2_hppa.deb python-biopython (1.30-2) unstable; urgency=low * Fixed bugs in debian/rules and debian/control which prevented porting the package. * Using -fPIC to build shared lib KDTree. (closes: #278959) oldstable/main/source/qemu_0.6.1+20050407-1sarge1.dsc oldstable/main/source/qemu_0.6.1+20050407.orig.tar.gz oldstable/main/source/qemu_0.6.1+20050407-1sarge1.diff.gz oldstable/main/binary-i386/qemu_0.6.1+20050407-1sarge1_i386.deb qemu (0.6.1+20050407-1sarge1) oldstable-security; urgency=high [ Guillem Jover ] * Fix several security issues found by Tavis Ormandy : - Cirrus LGD-54XX "bitblt" heap overflow. CVE-2007-1320 - NE2000 "mtu" heap overflow. - QEMU NE2000 "receive" integer signedness error. CVE-2007-1321 - Infinite loop in the emulated SB16 device. - Unprivileged 'aam' instruction does not correctly handle the undocumented divisor operand. CVE-2007-1322 - Unprivileged 'icebp' instruction will halt emulation. CVE-2007-1322 - debian/patches/90_security.patch: New file. oldstable/main/binary-powerpc/qemu_0.6.1+20050407-1sarge1_powerpc.deb qemu (0.6.1+20050407-1sarge1) oldstable-security; urgency=high [ Guillem Jover ] * Fix several security issues found by Tavis Ormandy : - Cirrus LGD-54XX "bitblt" heap overflow. CVE-2007-1320 - NE2000 "mtu" heap overflow. - QEMU NE2000 "receive" integer signedness error. CVE-2007-1321 - Infinite loop in the emulated SB16 device. - Unprivileged 'aam' instruction does not correctly handle the undocumented divisor operand. CVE-2007-1322 - Unprivileged 'icebp' instruction will halt emulation. CVE-2007-1322 - debian/patches/90_security.patch: New file. oldstable/main/binary-alpha/libqt3c102_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/libqt3c102-mt_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/libqt3c102-mysql_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/libqt3c102-mt-mysql_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/libqt3c102-odbc_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/libqt3c102-mt-odbc_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/libqt3c102-psql_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/libqt3c102-mt-psql_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/libqt3c102-sqlite_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/libqt3c102-mt-sqlite_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/libqt3-dev_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/libqt3-mt-dev_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/libqt3-headers_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/libqt3-compat-headers_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/qt3-dev-tools_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/qt3-designer_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/qt3-apps-dev_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/qt3-linguist_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/qt3-assistant_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/qt3-qtconfig_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/qt3-dev-tools-embedded_3.3.4-3sarge3_alpha.deb oldstable/main/binary-alpha/qt3-dev-tools-compat_3.3.4-3sarge3_alpha.deb qt-x11-free (3:3.3.4-3sarge3) oldstable-security; urgency=high * Fix format string vulnerabilities. (CVE-2007-3388) * Fix off-by-one in UTF codec. (CVE-2007-4137) oldstable/main/binary-amd64/libqt3c102_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/libqt3c102-mt_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/libqt3c102-mysql_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/libqt3c102-mt-mysql_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/libqt3c102-odbc_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/libqt3c102-mt-odbc_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/libqt3c102-psql_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/libqt3c102-mt-psql_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/libqt3c102-sqlite_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/libqt3c102-mt-sqlite_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/libqt3-dev_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/libqt3-mt-dev_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/libqt3-headers_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/libqt3-compat-headers_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/qt3-dev-tools_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/qt3-designer_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/qt3-apps-dev_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/qt3-linguist_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/qt3-assistant_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/qt3-qtconfig_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/qt3-dev-tools-embedded_3.3.4-3sarge3_amd64.deb oldstable/main/binary-amd64/qt3-dev-tools-compat_3.3.4-3sarge3_amd64.deb qt-x11-free (3:3.3.4-3sarge3) oldstable-security; urgency=high * Fix format string vulnerabilities. (CVE-2007-3388) * Fix off-by-one in UTF codec. (CVE-2007-4137) oldstable/main/binary-arm/libqt3c102_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/libqt3c102-mt_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/libqt3c102-mysql_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/libqt3c102-mt-mysql_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/libqt3c102-odbc_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/libqt3c102-mt-odbc_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/libqt3c102-psql_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/libqt3c102-mt-psql_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/libqt3c102-sqlite_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/libqt3c102-mt-sqlite_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/libqt3-dev_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/libqt3-mt-dev_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/libqt3-headers_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/libqt3-compat-headers_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/qt3-dev-tools_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/qt3-designer_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/qt3-apps-dev_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/qt3-linguist_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/qt3-assistant_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/qt3-qtconfig_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/qt3-dev-tools-embedded_3.3.4-3sarge3_arm.deb oldstable/main/binary-arm/qt3-dev-tools-compat_3.3.4-3sarge3_arm.deb qt-x11-free (3:3.3.4-3sarge3) oldstable-security; urgency=high * Fix format string vulnerabilities. (CVE-2007-3388) * Fix off-by-one in UTF codec. (CVE-2007-4137) oldstable/main/binary-hppa/libqt3c102_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/libqt3c102-mt_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/libqt3c102-mysql_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/libqt3c102-mt-mysql_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/libqt3c102-odbc_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/libqt3c102-mt-odbc_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/libqt3c102-psql_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/libqt3c102-mt-psql_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/libqt3c102-sqlite_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/libqt3c102-mt-sqlite_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/libqt3-dev_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/libqt3-mt-dev_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/libqt3-headers_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/libqt3-compat-headers_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/qt3-dev-tools_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/qt3-designer_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/qt3-apps-dev_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/qt3-linguist_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/qt3-assistant_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/qt3-qtconfig_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/qt3-dev-tools-embedded_3.3.4-3sarge3_hppa.deb oldstable/main/binary-hppa/qt3-dev-tools-compat_3.3.4-3sarge3_hppa.deb qt-x11-free (3:3.3.4-3sarge3) oldstable-security; urgency=high * Fix format string vulnerabilities. (CVE-2007-3388) * Fix off-by-one in UTF codec. (CVE-2007-4137) oldstable/main/source/qt-x11-free_3.3.4-3sarge3.dsc oldstable/main/source/qt-x11-free_3.3.4-3sarge3.diff.gz oldstable/main/binary-all/libqt3-i18n_3.3.4-3sarge3_all.deb oldstable/main/binary-all/qt3-doc_3.3.4-3sarge3_all.deb oldstable/main/binary-all/qt3-examples_3.3.4-3sarge3_all.deb oldstable/main/binary-i386/libqt3c102_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3c102-mt_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3c102-mysql_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3c102-mt-mysql_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3c102-odbc_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3c102-mt-odbc_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3c102-psql_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3c102-mt-psql_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3c102-ibase_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3c102-mt-ibase_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3c102-sqlite_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3c102-mt-sqlite_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3-dev_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3-mt-dev_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3-headers_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/libqt3-compat-headers_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/qt3-dev-tools_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/qt3-designer_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/qt3-apps-dev_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/qt3-linguist_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/qt3-assistant_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/qt3-qtconfig_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/qt3-dev-tools-embedded_3.3.4-3sarge3_i386.deb oldstable/main/binary-i386/qt3-dev-tools-compat_3.3.4-3sarge3_i386.deb qt-x11-free (3:3.3.4-3sarge3) oldstable-security; urgency=high * Fix format string vulnerabilities. (CVE-2007-3388) * Fix off-by-one in UTF codec. (CVE-2007-4137) oldstable/main/binary-ia64/libqt3c102_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/libqt3c102-mt_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/libqt3c102-mysql_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/libqt3c102-mt-mysql_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/libqt3c102-odbc_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/libqt3c102-mt-odbc_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/libqt3c102-psql_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/libqt3c102-mt-psql_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/libqt3c102-sqlite_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/libqt3c102-mt-sqlite_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/libqt3-dev_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/libqt3-mt-dev_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/libqt3-headers_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/libqt3-compat-headers_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/qt3-dev-tools_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/qt3-designer_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/qt3-apps-dev_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/qt3-linguist_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/qt3-assistant_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/qt3-qtconfig_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/qt3-dev-tools-embedded_3.3.4-3sarge3_ia64.deb oldstable/main/binary-ia64/qt3-dev-tools-compat_3.3.4-3sarge3_ia64.deb qt-x11-free (3:3.3.4-3sarge3) oldstable-security; urgency=high * Fix format string vulnerabilities. (CVE-2007-3388) * Fix off-by-one in UTF codec. (CVE-2007-4137) oldstable/main/binary-m68k/libqt3c102_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/libqt3c102-mt_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/libqt3c102-mysql_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/libqt3c102-mt-mysql_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/libqt3c102-odbc_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/libqt3c102-mt-odbc_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/libqt3c102-psql_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/libqt3c102-mt-psql_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/libqt3c102-sqlite_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/libqt3c102-mt-sqlite_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/libqt3-dev_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/libqt3-mt-dev_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/libqt3-headers_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/libqt3-compat-headers_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/qt3-dev-tools_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/qt3-designer_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/qt3-apps-dev_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/qt3-linguist_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/qt3-assistant_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/qt3-qtconfig_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/qt3-dev-tools-embedded_3.3.4-3sarge3_m68k.deb oldstable/main/binary-m68k/qt3-dev-tools-compat_3.3.4-3sarge3_m68k.deb qt-x11-free (3:3.3.4-3sarge3) oldstable-security; urgency=high * Fix format string vulnerabilities. (CVE-2007-3388) * Fix off-by-one in UTF codec. (CVE-2007-4137) oldstable/main/binary-mips/libqt3c102_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/libqt3c102-mt_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/libqt3c102-mysql_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/libqt3c102-mt-mysql_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/libqt3c102-odbc_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/libqt3c102-mt-odbc_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/libqt3c102-psql_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/libqt3c102-mt-psql_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/libqt3c102-sqlite_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/libqt3c102-mt-sqlite_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/libqt3-dev_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/libqt3-mt-dev_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/libqt3-headers_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/libqt3-compat-headers_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/qt3-dev-tools_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/qt3-designer_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/qt3-apps-dev_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/qt3-linguist_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/qt3-assistant_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/qt3-qtconfig_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/qt3-dev-tools-embedded_3.3.4-3sarge3_mips.deb oldstable/main/binary-mips/qt3-dev-tools-compat_3.3.4-3sarge3_mips.deb qt-x11-free (3:3.3.4-3sarge3) oldstable-security; urgency=high * Fix format string vulnerabilities. (CVE-2007-3388) * Fix off-by-one in UTF codec. (CVE-2007-4137) oldstable/main/binary-mipsel/libqt3c102_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/libqt3c102-mt_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/libqt3c102-mysql_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/libqt3c102-mt-mysql_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/libqt3c102-odbc_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/libqt3c102-mt-odbc_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/libqt3c102-psql_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/libqt3c102-mt-psql_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/libqt3c102-sqlite_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/libqt3c102-mt-sqlite_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/libqt3-dev_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/libqt3-mt-dev_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/libqt3-headers_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/libqt3-compat-headers_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/qt3-dev-tools_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/qt3-designer_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/qt3-apps-dev_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/qt3-linguist_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/qt3-assistant_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/qt3-qtconfig_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/qt3-dev-tools-embedded_3.3.4-3sarge3_mipsel.deb oldstable/main/binary-mipsel/qt3-dev-tools-compat_3.3.4-3sarge3_mipsel.deb qt-x11-free (3:3.3.4-3sarge3) oldstable-security; urgency=high * Fix format string vulnerabilities. (CVE-2007-3388) * Fix off-by-one in UTF codec. (CVE-2007-4137) oldstable/main/binary-powerpc/libqt3c102_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libqt3c102-mt_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libqt3c102-mysql_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libqt3c102-mt-mysql_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libqt3c102-odbc_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libqt3c102-mt-odbc_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libqt3c102-psql_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libqt3c102-mt-psql_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libqt3c102-sqlite_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libqt3c102-mt-sqlite_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libqt3-dev_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libqt3-mt-dev_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libqt3-headers_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libqt3-compat-headers_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/qt3-dev-tools_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/qt3-designer_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/qt3-apps-dev_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/qt3-linguist_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/qt3-assistant_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/qt3-qtconfig_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/qt3-dev-tools-embedded_3.3.4-3sarge3_powerpc.deb oldstable/main/binary-powerpc/qt3-dev-tools-compat_3.3.4-3sarge3_powerpc.deb qt-x11-free (3:3.3.4-3sarge3) oldstable-security; urgency=high * Fix format string vulnerabilities. (CVE-2007-3388) * Fix off-by-one in UTF codec. (CVE-2007-4137) oldstable/main/binary-s390/libqt3c102_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/libqt3c102-mt_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/libqt3c102-mysql_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/libqt3c102-mt-mysql_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/libqt3c102-odbc_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/libqt3c102-mt-odbc_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/libqt3c102-psql_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/libqt3c102-mt-psql_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/libqt3c102-sqlite_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/libqt3c102-mt-sqlite_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/libqt3-dev_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/libqt3-mt-dev_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/libqt3-headers_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/libqt3-compat-headers_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/qt3-dev-tools_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/qt3-designer_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/qt3-apps-dev_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/qt3-linguist_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/qt3-assistant_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/qt3-qtconfig_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/qt3-dev-tools-embedded_3.3.4-3sarge3_s390.deb oldstable/main/binary-s390/qt3-dev-tools-compat_3.3.4-3sarge3_s390.deb qt-x11-free (3:3.3.4-3sarge3) oldstable-security; urgency=high * Fix format string vulnerabilities. (CVE-2007-3388) * Fix off-by-one in UTF codec. (CVE-2007-4137) oldstable/main/binary-sparc/libqt3c102_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/libqt3c102-mt_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/libqt3c102-mysql_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/libqt3c102-mt-mysql_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/libqt3c102-odbc_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/libqt3c102-mt-odbc_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/libqt3c102-psql_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/libqt3c102-mt-psql_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/libqt3c102-sqlite_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/libqt3c102-mt-sqlite_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/libqt3-dev_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/libqt3-mt-dev_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/libqt3-headers_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/libqt3-compat-headers_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/qt3-dev-tools_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/qt3-designer_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/qt3-apps-dev_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/qt3-linguist_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/qt3-assistant_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/qt3-qtconfig_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/qt3-dev-tools-embedded_3.3.4-3sarge3_sparc.deb oldstable/main/binary-sparc/qt3-dev-tools-compat_3.3.4-3sarge3_sparc.deb qt-x11-free (3:3.3.4-3sarge3) oldstable-security; urgency=high * Fix format string vulnerabilities. (CVE-2007-3388) * Fix off-by-one in UTF codec. (CVE-2007-4137) oldstable/main/binary-alpha/quagga_0.98.3-7.4_alpha.deb quagga (0.98.3-7.4) oldstable-security; urgency=high * Backport fix for Debian bug #335695, to allow building on Linux 2.6/ARM. oldstable/main/binary-arm/quagga_0.98.3-7.4_arm.deb quagga (0.98.3-7.4) oldstable-security; urgency=high * Backport fix for Debian bug #335695, to allow building on Linux 2.6/ARM. oldstable/main/binary-hppa/quagga_0.98.3-7.4_hppa.deb quagga (0.98.3-7.4) oldstable-security; urgency=high * Backport fix for Debian bug #335695, to allow building on Linux 2.6/ARM. oldstable/main/source/quagga_0.98.3-7.4.dsc oldstable/main/source/quagga_0.98.3-7.4.diff.gz oldstable/main/binary-all/quagga-doc_0.98.3-7.4_all.deb oldstable/main/binary-i386/quagga_0.98.3-7.4_i386.deb quagga (0.98.3-7.4) oldstable-security; urgency=high * Backport fix for Debian bug #335695, to allow building on Linux 2.6/ARM. oldstable/main/binary-ia64/quagga_0.98.3-7.4_ia64.deb quagga (0.98.3-7.4) oldstable-security; urgency=high * Backport fix for Debian bug #335695, to allow building on Linux 2.6/ARM. oldstable/main/binary-m68k/quagga_0.98.3-7.4_m68k.deb quagga (0.98.3-7.4) oldstable-security; urgency=high * Backport fix for Debian bug #335695, to allow building on Linux 2.6/ARM. oldstable/main/binary-mips/quagga_0.98.3-7.4_mips.deb quagga (0.98.3-7.4) oldstable-security; urgency=high * Backport fix for Debian bug #335695, to allow building on Linux 2.6/ARM. oldstable/main/binary-mipsel/quagga_0.98.3-7.4_mipsel.deb quagga (0.98.3-7.4) oldstable-security; urgency=high * Backport fix for Debian bug #335695, to allow building on Linux 2.6/ARM. oldstable/main/binary-powerpc/quagga_0.98.3-7.4_powerpc.deb quagga (0.98.3-7.4) oldstable-security; urgency=high * Backport fix for Debian bug #335695, to allow building on Linux 2.6/ARM. oldstable/main/binary-s390/quagga_0.98.3-7.4_s390.deb quagga (0.98.3-7.4) oldstable-security; urgency=high * Backport fix for Debian bug #335695, to allow building on Linux 2.6/ARM. oldstable/main/binary-sparc/quagga_0.98.3-7.4_sparc.deb quagga (0.98.3-7.4) oldstable-security; urgency=high * Backport fix for Debian bug #335695, to allow building on Linux 2.6/ARM. oldstable/main/binary-alpha/quagga_0.98.3-7.5_alpha.deb quagga (0.98.3-7.5) oldstable-security; urgency=high * SECURITY: A bgpd could be crashed if a peer sent a malformed OPEN message or a malformed COMMUNITY attribute. Only configured peers can do this. The bug is fixed by 96_SECURITY_ubuntu_fix_dos_malformed_community.dpatch. CVE-2007-4826. Closes: 442133 oldstable/main/binary-amd64/quagga_0.98.3-7.5_amd64.deb quagga (0.98.3-7.5) oldstable-security; urgency=high * SECURITY: A bgpd could be crashed if a peer sent a malformed OPEN message or a malformed COMMUNITY attribute. Only configured peers can do this. The bug is fixed by 96_SECURITY_ubuntu_fix_dos_malformed_community.dpatch. CVE-2007-4826. Closes: 442133 oldstable/main/binary-arm/quagga_0.98.3-7.5_arm.deb quagga (0.98.3-7.5) oldstable-security; urgency=high * SECURITY: A bgpd could be crashed if a peer sent a malformed OPEN message or a malformed COMMUNITY attribute. Only configured peers can do this. The bug is fixed by 96_SECURITY_ubuntu_fix_dos_malformed_community.dpatch. CVE-2007-4826. Closes: 442133 oldstable/main/binary-hppa/quagga_0.98.3-7.5_hppa.deb quagga (0.98.3-7.5) oldstable-security; urgency=high * SECURITY: A bgpd could be crashed if a peer sent a malformed OPEN message or a malformed COMMUNITY attribute. Only configured peers can do this. The bug is fixed by 96_SECURITY_ubuntu_fix_dos_malformed_community.dpatch. CVE-2007-4826. Closes: 442133 oldstable/main/source/quagga_0.98.3-7.5.dsc oldstable/main/source/quagga_0.98.3-7.5.diff.gz oldstable/main/binary-all/quagga-doc_0.98.3-7.5_all.deb oldstable/main/binary-i386/quagga_0.98.3-7.5_i386.deb quagga (0.98.3-7.5) oldstable-security; urgency=high * SECURITY: A bgpd could be crashed if a peer sent a malformed OPEN message or a malformed COMMUNITY attribute. Only configured peers can do this. The bug is fixed by 96_SECURITY_ubuntu_fix_dos_malformed_community.dpatch. CVE-2007-4826. Closes: 442133 oldstable/main/binary-ia64/quagga_0.98.3-7.5_ia64.deb quagga (0.98.3-7.5) oldstable-security; urgency=high * SECURITY: A bgpd could be crashed if a peer sent a malformed OPEN message or a malformed COMMUNITY attribute. Only configured peers can do this. The bug is fixed by 96_SECURITY_ubuntu_fix_dos_malformed_community.dpatch. CVE-2007-4826. Closes: 442133 oldstable/main/binary-m68k/quagga_0.98.3-7.5_m68k.deb quagga (0.98.3-7.5) oldstable-security; urgency=high * SECURITY: A bgpd could be crashed if a peer sent a malformed OPEN message or a malformed COMMUNITY attribute. Only configured peers can do this. The bug is fixed by 96_SECURITY_ubuntu_fix_dos_malformed_community.dpatch. CVE-2007-4826. Closes: 442133 oldstable/main/binary-mips/quagga_0.98.3-7.5_mips.deb quagga (0.98.3-7.5) oldstable-security; urgency=high * SECURITY: A bgpd could be crashed if a peer sent a malformed OPEN message or a malformed COMMUNITY attribute. Only configured peers can do this. The bug is fixed by 96_SECURITY_ubuntu_fix_dos_malformed_community.dpatch. CVE-2007-4826. Closes: 442133 oldstable/main/binary-mipsel/quagga_0.98.3-7.5_mipsel.deb quagga (0.98.3-7.5) oldstable-security; urgency=high * SECURITY: A bgpd could be crashed if a peer sent a malformed OPEN message or a malformed COMMUNITY attribute. Only configured peers can do this. The bug is fixed by 96_SECURITY_ubuntu_fix_dos_malformed_community.dpatch. CVE-2007-4826. Closes: 442133 oldstable/main/binary-powerpc/quagga_0.98.3-7.5_powerpc.deb quagga (0.98.3-7.5) oldstable-security; urgency=high * SECURITY: A bgpd could be crashed if a peer sent a malformed OPEN message or a malformed COMMUNITY attribute. Only configured peers can do this. The bug is fixed by 96_SECURITY_ubuntu_fix_dos_malformed_community.dpatch. CVE-2007-4826. Closes: 442133 oldstable/main/binary-s390/quagga_0.98.3-7.5_s390.deb quagga (0.98.3-7.5) oldstable-security; urgency=high * SECURITY: A bgpd could be crashed if a peer sent a malformed OPEN message or a malformed COMMUNITY attribute. Only configured peers can do this. The bug is fixed by 96_SECURITY_ubuntu_fix_dos_malformed_community.dpatch. CVE-2007-4826. Closes: 442133 oldstable/main/binary-sparc/quagga_0.98.3-7.5_sparc.deb quagga (0.98.3-7.5) oldstable-security; urgency=high * SECURITY: A bgpd could be crashed if a peer sent a malformed OPEN message or a malformed COMMUNITY attribute. Only configured peers can do this. The bug is fixed by 96_SECURITY_ubuntu_fix_dos_malformed_community.dpatch. CVE-2007-4826. Closes: 442133 oldstable/main/binary-alpha/rdesktop_1.4.0-2sarge1_alpha.deb rdesktop (1.4.0-2sarge1) oldstable-security; urgency=low * Fix segfault regression caused by libx11-6 security fix. oldstable/main/binary-arm/rdesktop_1.4.0-2sarge1_arm.deb rdesktop (1.4.0-2sarge1) oldstable-security; urgency=low * Fix segfault regression caused by libx11-6 security fix. oldstable/main/binary-hppa/rdesktop_1.4.0-2sarge1_hppa.deb rdesktop (1.4.0-2sarge1) oldstable-security; urgency=low * Fix segfault regression caused by libx11-6 security fix. oldstable/main/source/rdesktop_1.4.0-2sarge1.dsc oldstable/main/source/rdesktop_1.4.0.orig.tar.gz oldstable/main/source/rdesktop_1.4.0-2sarge1.diff.gz oldstable/main/binary-i386/rdesktop_1.4.0-2sarge1_i386.deb rdesktop (1.4.0-2sarge1) oldstable-security; urgency=low * Fix segfault regression caused by libx11-6 security fix. oldstable/main/binary-ia64/rdesktop_1.4.0-2sarge1_ia64.deb rdesktop (1.4.0-2sarge1) oldstable-security; urgency=low * Fix segfault regression caused by libx11-6 security fix. oldstable/main/binary-m68k/rdesktop_1.4.0-2sarge1_m68k.deb rdesktop (1.4.0-2sarge1) oldstable-security; urgency=low * Fix segfault regression caused by libx11-6 security fix. oldstable/main/binary-mips/rdesktop_1.4.0-2sarge1_mips.deb rdesktop (1.4.0-2sarge1) oldstable-security; urgency=low * Fix segfault regression caused by libx11-6 security fix. oldstable/main/binary-mipsel/rdesktop_1.4.0-2sarge1_mipsel.deb rdesktop (1.4.0-2sarge1) oldstable-security; urgency=low * Fix segfault regression caused by libx11-6 security fix. oldstable/main/binary-powerpc/rdesktop_1.4.0-2sarge1_powerpc.deb rdesktop (1.4.0-2sarge1) oldstable-security; urgency=low * Fix segfault regression caused by libx11-6 security fix. oldstable/main/binary-s390/rdesktop_1.4.0-2sarge1_s390.deb rdesktop (1.4.0-2sarge1) oldstable-security; urgency=low * Fix segfault regression caused by libx11-6 security fix. oldstable/main/binary-sparc/rdesktop_1.4.0-2sarge1_sparc.deb rdesktop (1.4.0-2sarge1) oldstable-security; urgency=low * Fix segfault regression caused by libx11-6 security fix. oldstable/main/binary-mips/realtimebattle_1.0.7-5_mips.deb realtimebattle (1.0.7-5) unstable; urgency=low * Move image out of /usr/lib * Make RTB use the icon * Correction of the menu entry * use jikes and not gcj to compile the java files oldstable/main/binary-mipsel/realtimebattle_1.0.7-5_mipsel.deb realtimebattle (1.0.7-5) unstable; urgency=low * Move image out of /usr/lib * Make RTB use the icon * Correction of the menu entry * use jikes and not gcj to compile the java files oldstable/main/rootskel_1.10.3sarge1_alpha.udeb oldstable/main/rootskel-bootfloppy_1.10.3sarge1_alpha.udeb oldstable/main/rootskel-locale_1.10.3sarge1_alpha.udeb rootskel (1.10.3sarge1) oldstable; urgency=low * Update kernel defaults to 2.4.27-3 and 2.6.8-4. oldstable/main/rootskel_1.10.3sarge1_arm.udeb oldstable/main/rootskel-bootfloppy_1.10.3sarge1_arm.udeb oldstable/main/rootskel-locale_1.10.3sarge1_arm.udeb rootskel (1.10.3sarge1) oldstable; urgency=low * Update kernel defaults to 2.4.27-3 and 2.6.8-4. oldstable/main/rootskel_1.10.3sarge1_hppa.udeb oldstable/main/rootskel-bootfloppy_1.10.3sarge1_hppa.udeb oldstable/main/rootskel-locale_1.10.3sarge1_hppa.udeb rootskel (1.10.3sarge1) oldstable; urgency=low * Update kernel defaults to 2.4.27-3 and 2.6.8-4. oldstable/main/source/rootskel_1.10.3sarge1.dsc oldstable/main/source/rootskel_1.10.3sarge1.tar.gz oldstable/main/rootskel_1.10.3sarge1_i386.udeb oldstable/main/rootskel-bootfloppy_1.10.3sarge1_i386.udeb oldstable/main/rootskel-locale_1.10.3sarge1_i386.udeb rootskel (1.10.3sarge1) oldstable; urgency=low * Update kernel defaults to 2.4.27-3 and 2.6.8-4. oldstable/main/rootskel_1.10.3sarge1_ia64.udeb oldstable/main/rootskel-bootfloppy_1.10.3sarge1_ia64.udeb oldstable/main/rootskel-locale_1.10.3sarge1_ia64.udeb rootskel (1.10.3sarge1) oldstable; urgency=low * Update kernel defaults to 2.4.27-3 and 2.6.8-4. oldstable/main/rootskel_1.10.3sarge1_m68k.udeb oldstable/main/rootskel-bootfloppy_1.10.3sarge1_m68k.udeb oldstable/main/rootskel-locale_1.10.3sarge1_m68k.udeb rootskel (1.10.3sarge1) oldstable; urgency=low * Update kernel defaults to 2.4.27-3 and 2.6.8-4. oldstable/main/rootskel_1.10.3sarge1_mips.udeb oldstable/main/rootskel-bootfloppy_1.10.3sarge1_mips.udeb oldstable/main/rootskel-locale_1.10.3sarge1_mips.udeb rootskel (1.10.3sarge1) oldstable; urgency=low * Update kernel defaults to 2.4.27-3 and 2.6.8-4. oldstable/main/rootskel_1.10.3sarge1_mipsel.udeb oldstable/main/rootskel-bootfloppy_1.10.3sarge1_mipsel.udeb oldstable/main/rootskel-locale_1.10.3sarge1_mipsel.udeb rootskel (1.10.3sarge1) oldstable; urgency=low * Update kernel defaults to 2.4.27-3 and 2.6.8-4. oldstable/main/rootskel_1.10.3sarge1_powerpc.udeb oldstable/main/rootskel-bootfloppy_1.10.3sarge1_powerpc.udeb oldstable/main/rootskel-locale_1.10.3sarge1_powerpc.udeb rootskel (1.10.3sarge1) oldstable; urgency=low * Update kernel defaults to 2.4.27-3 and 2.6.8-4. oldstable/main/rootskel_1.10.3sarge1_s390.udeb oldstable/main/rootskel-bootfloppy_1.10.3sarge1_s390.udeb oldstable/main/rootskel-locale_1.10.3sarge1_s390.udeb rootskel (1.10.3sarge1) oldstable; urgency=low * Update kernel defaults to 2.4.27-3 and 2.6.8-4. oldstable/main/rootskel_1.10.3sarge1_sparc.udeb oldstable/main/rootskel-bootfloppy_1.10.3sarge1_sparc.udeb oldstable/main/rootskel-locale_1.10.3sarge1_sparc.udeb rootskel (1.10.3sarge1) oldstable; urgency=low * Update kernel defaults to 2.4.27-3 and 2.6.8-4. oldstable/main/binary-alpha/ruby1.8_1.8.2-7sarge6_alpha.deb oldstable/main/binary-alpha/libruby1.8_1.8.2-7sarge6_alpha.deb oldstable/main/binary-alpha/libruby1.8-dbg_1.8.2-7sarge6_alpha.deb oldstable/main/binary-alpha/ruby1.8-dev_1.8.2-7sarge6_alpha.deb oldstable/main/binary-alpha/libdbm-ruby1.8_1.8.2-7sarge6_alpha.deb oldstable/main/binary-alpha/libgdbm-ruby1.8_1.8.2-7sarge6_alpha.deb oldstable/main/binary-alpha/libreadline-ruby1.8_1.8.2-7sarge6_alpha.deb oldstable/main/binary-alpha/libtcltk-ruby1.8_1.8.2-7sarge6_alpha.deb oldstable/main/binary-alpha/libopenssl-ruby1.8_1.8.2-7sarge6_alpha.deb ruby1.8 (1.8.2-7sarge6) oldstable-security; urgency=low * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-amd64/ruby1.8_1.8.2-7sarge6_amd64.deb oldstable/main/binary-amd64/libruby1.8_1.8.2-7sarge6_amd64.deb oldstable/main/binary-amd64/libruby1.8-dbg_1.8.2-7sarge6_amd64.deb oldstable/main/binary-amd64/ruby1.8-dev_1.8.2-7sarge6_amd64.deb oldstable/main/binary-amd64/libdbm-ruby1.8_1.8.2-7sarge6_amd64.deb oldstable/main/binary-amd64/libgdbm-ruby1.8_1.8.2-7sarge6_amd64.deb oldstable/main/binary-amd64/libreadline-ruby1.8_1.8.2-7sarge6_amd64.deb oldstable/main/binary-amd64/libtcltk-ruby1.8_1.8.2-7sarge6_amd64.deb oldstable/main/binary-amd64/libopenssl-ruby1.8_1.8.2-7sarge6_amd64.deb ruby1.8 (1.8.2-7sarge6) oldstable-security; urgency=low * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-arm/ruby1.8_1.8.2-7sarge6_arm.deb oldstable/main/binary-arm/libruby1.8_1.8.2-7sarge6_arm.deb oldstable/main/binary-arm/libruby1.8-dbg_1.8.2-7sarge6_arm.deb oldstable/main/binary-arm/ruby1.8-dev_1.8.2-7sarge6_arm.deb oldstable/main/binary-arm/libdbm-ruby1.8_1.8.2-7sarge6_arm.deb oldstable/main/binary-arm/libgdbm-ruby1.8_1.8.2-7sarge6_arm.deb oldstable/main/binary-arm/libreadline-ruby1.8_1.8.2-7sarge6_arm.deb oldstable/main/binary-arm/libtcltk-ruby1.8_1.8.2-7sarge6_arm.deb oldstable/main/binary-arm/libopenssl-ruby1.8_1.8.2-7sarge6_arm.deb ruby1.8 (1.8.2-7sarge6) oldstable-security; urgency=low * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-hppa/ruby1.8_1.8.2-7sarge6_hppa.deb oldstable/main/binary-hppa/libruby1.8_1.8.2-7sarge6_hppa.deb oldstable/main/binary-hppa/libruby1.8-dbg_1.8.2-7sarge6_hppa.deb oldstable/main/binary-hppa/ruby1.8-dev_1.8.2-7sarge6_hppa.deb oldstable/main/binary-hppa/libdbm-ruby1.8_1.8.2-7sarge6_hppa.deb oldstable/main/binary-hppa/libgdbm-ruby1.8_1.8.2-7sarge6_hppa.deb oldstable/main/binary-hppa/libreadline-ruby1.8_1.8.2-7sarge6_hppa.deb oldstable/main/binary-hppa/libtcltk-ruby1.8_1.8.2-7sarge6_hppa.deb oldstable/main/binary-hppa/libopenssl-ruby1.8_1.8.2-7sarge6_hppa.deb ruby1.8 (1.8.2-7sarge6) oldstable-security; urgency=low * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/source/ruby1.8_1.8.2-7sarge6.dsc oldstable/main/source/ruby1.8_1.8.2-7sarge6.diff.gz oldstable/main/binary-i386/ruby1.8_1.8.2-7sarge6_i386.deb oldstable/main/binary-i386/libruby1.8_1.8.2-7sarge6_i386.deb oldstable/main/binary-i386/libruby1.8-dbg_1.8.2-7sarge6_i386.deb oldstable/main/binary-i386/ruby1.8-dev_1.8.2-7sarge6_i386.deb oldstable/main/binary-i386/libdbm-ruby1.8_1.8.2-7sarge6_i386.deb oldstable/main/binary-i386/libgdbm-ruby1.8_1.8.2-7sarge6_i386.deb oldstable/main/binary-i386/libreadline-ruby1.8_1.8.2-7sarge6_i386.deb oldstable/main/binary-i386/libtcltk-ruby1.8_1.8.2-7sarge6_i386.deb oldstable/main/binary-i386/libopenssl-ruby1.8_1.8.2-7sarge6_i386.deb oldstable/main/binary-all/ruby1.8-examples_1.8.2-7sarge6_all.deb oldstable/main/binary-all/ruby1.8-elisp_1.8.2-7sarge6_all.deb oldstable/main/binary-all/ri1.8_1.8.2-7sarge6_all.deb oldstable/main/binary-all/rdoc1.8_1.8.2-7sarge6_all.deb oldstable/main/binary-all/irb1.8_1.8.2-7sarge6_all.deb ruby1.8 (1.8.2-7sarge6) oldstable-security; urgency=low * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-ia64/ruby1.8_1.8.2-7sarge6_ia64.deb oldstable/main/binary-ia64/libruby1.8_1.8.2-7sarge6_ia64.deb oldstable/main/binary-ia64/libruby1.8-dbg_1.8.2-7sarge6_ia64.deb oldstable/main/binary-ia64/ruby1.8-dev_1.8.2-7sarge6_ia64.deb oldstable/main/binary-ia64/libdbm-ruby1.8_1.8.2-7sarge6_ia64.deb oldstable/main/binary-ia64/libgdbm-ruby1.8_1.8.2-7sarge6_ia64.deb oldstable/main/binary-ia64/libreadline-ruby1.8_1.8.2-7sarge6_ia64.deb oldstable/main/binary-ia64/libtcltk-ruby1.8_1.8.2-7sarge6_ia64.deb oldstable/main/binary-ia64/libopenssl-ruby1.8_1.8.2-7sarge6_ia64.deb ruby1.8 (1.8.2-7sarge6) oldstable-security; urgency=low * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-m68k/ruby1.8_1.8.2-7sarge6_m68k.deb oldstable/main/binary-m68k/libruby1.8_1.8.2-7sarge6_m68k.deb oldstable/main/binary-m68k/libruby1.8-dbg_1.8.2-7sarge6_m68k.deb oldstable/main/binary-m68k/ruby1.8-dev_1.8.2-7sarge6_m68k.deb oldstable/main/binary-m68k/libdbm-ruby1.8_1.8.2-7sarge6_m68k.deb oldstable/main/binary-m68k/libgdbm-ruby1.8_1.8.2-7sarge6_m68k.deb oldstable/main/binary-m68k/libreadline-ruby1.8_1.8.2-7sarge6_m68k.deb oldstable/main/binary-m68k/libtcltk-ruby1.8_1.8.2-7sarge6_m68k.deb oldstable/main/binary-m68k/libopenssl-ruby1.8_1.8.2-7sarge6_m68k.deb ruby1.8 (1.8.2-7sarge6) oldstable-security; urgency=low * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-mips/ruby1.8_1.8.2-7sarge6_mips.deb oldstable/main/binary-mips/libruby1.8_1.8.2-7sarge6_mips.deb oldstable/main/binary-mips/libruby1.8-dbg_1.8.2-7sarge6_mips.deb oldstable/main/binary-mips/ruby1.8-dev_1.8.2-7sarge6_mips.deb oldstable/main/binary-mips/libdbm-ruby1.8_1.8.2-7sarge6_mips.deb oldstable/main/binary-mips/libgdbm-ruby1.8_1.8.2-7sarge6_mips.deb oldstable/main/binary-mips/libreadline-ruby1.8_1.8.2-7sarge6_mips.deb oldstable/main/binary-mips/libtcltk-ruby1.8_1.8.2-7sarge6_mips.deb oldstable/main/binary-mips/libopenssl-ruby1.8_1.8.2-7sarge6_mips.deb ruby1.8 (1.8.2-7sarge6) oldstable-security; urgency=low * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-mipsel/ruby1.8_1.8.2-7sarge6_mipsel.deb oldstable/main/binary-mipsel/libruby1.8_1.8.2-7sarge6_mipsel.deb oldstable/main/binary-mipsel/libruby1.8-dbg_1.8.2-7sarge6_mipsel.deb oldstable/main/binary-mipsel/ruby1.8-dev_1.8.2-7sarge6_mipsel.deb oldstable/main/binary-mipsel/libdbm-ruby1.8_1.8.2-7sarge6_mipsel.deb oldstable/main/binary-mipsel/libgdbm-ruby1.8_1.8.2-7sarge6_mipsel.deb oldstable/main/binary-mipsel/libreadline-ruby1.8_1.8.2-7sarge6_mipsel.deb oldstable/main/binary-mipsel/libtcltk-ruby1.8_1.8.2-7sarge6_mipsel.deb oldstable/main/binary-mipsel/libopenssl-ruby1.8_1.8.2-7sarge6_mipsel.deb ruby1.8 (1.8.2-7sarge6) oldstable-security; urgency=low * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-powerpc/ruby1.8_1.8.2-7sarge6_powerpc.deb oldstable/main/binary-powerpc/libruby1.8_1.8.2-7sarge6_powerpc.deb oldstable/main/binary-powerpc/libruby1.8-dbg_1.8.2-7sarge6_powerpc.deb oldstable/main/binary-powerpc/ruby1.8-dev_1.8.2-7sarge6_powerpc.deb oldstable/main/binary-powerpc/libdbm-ruby1.8_1.8.2-7sarge6_powerpc.deb oldstable/main/binary-powerpc/libgdbm-ruby1.8_1.8.2-7sarge6_powerpc.deb oldstable/main/binary-powerpc/libreadline-ruby1.8_1.8.2-7sarge6_powerpc.deb oldstable/main/binary-powerpc/libtcltk-ruby1.8_1.8.2-7sarge6_powerpc.deb oldstable/main/binary-powerpc/libopenssl-ruby1.8_1.8.2-7sarge6_powerpc.deb ruby1.8 (1.8.2-7sarge6) oldstable-security; urgency=low * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-s390/ruby1.8_1.8.2-7sarge6_s390.deb oldstable/main/binary-s390/libruby1.8_1.8.2-7sarge6_s390.deb oldstable/main/binary-s390/libruby1.8-dbg_1.8.2-7sarge6_s390.deb oldstable/main/binary-s390/ruby1.8-dev_1.8.2-7sarge6_s390.deb oldstable/main/binary-s390/libdbm-ruby1.8_1.8.2-7sarge6_s390.deb oldstable/main/binary-s390/libgdbm-ruby1.8_1.8.2-7sarge6_s390.deb oldstable/main/binary-s390/libreadline-ruby1.8_1.8.2-7sarge6_s390.deb oldstable/main/binary-s390/libtcltk-ruby1.8_1.8.2-7sarge6_s390.deb oldstable/main/binary-s390/libopenssl-ruby1.8_1.8.2-7sarge6_s390.deb ruby1.8 (1.8.2-7sarge6) oldstable-security; urgency=low * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-sparc/ruby1.8_1.8.2-7sarge6_sparc.deb oldstable/main/binary-sparc/libruby1.8_1.8.2-7sarge6_sparc.deb oldstable/main/binary-sparc/libruby1.8-dbg_1.8.2-7sarge6_sparc.deb oldstable/main/binary-sparc/ruby1.8-dev_1.8.2-7sarge6_sparc.deb oldstable/main/binary-sparc/libdbm-ruby1.8_1.8.2-7sarge6_sparc.deb oldstable/main/binary-sparc/libgdbm-ruby1.8_1.8.2-7sarge6_sparc.deb oldstable/main/binary-sparc/libreadline-ruby1.8_1.8.2-7sarge6_sparc.deb oldstable/main/binary-sparc/libtcltk-ruby1.8_1.8.2-7sarge6_sparc.deb oldstable/main/binary-sparc/libopenssl-ruby1.8_1.8.2-7sarge6_sparc.deb ruby1.8 (1.8.2-7sarge6) oldstable-security; urgency=low * security fixes for CVE-2007-5162. It is backported r13500, r13501 and r13657 from ruby_1_8 branch. oldstable/main/binary-alpha/libglib2-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libatk1-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libpango1-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libgdk-pixbuf2-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libgtk2-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libart2-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libgnomecanvas2-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libgnome2-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libgconf2-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libglade2-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libgtkhtml2-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libgda2-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libgtkglext1-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libgnomevfs2-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libgstreamer0.8-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libgtksourceview1-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libpanel-applet2-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libgnomeprint2-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/libgnomeprintui2-ruby_0.12.0-2sarge1_alpha.deb oldstable/main/binary-alpha/librsvg2-ruby_0.12.0-2sarge1_alpha.deb ruby-gnome2 (0.12.0-2sarge1) oldstable-security; urgency=low * Non-maintainer upload by the security team * Included patch to fix format string vulnerability in rbgtkmessagedialog.c which might lead to arbitrary code execution Fixes: CVE-2007-6183 oldstable/main/binary-amd64/libglib2-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libatk1-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libpango1-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libgdk-pixbuf2-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libgtk2-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libart2-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libgnomecanvas2-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libgnome2-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libgconf2-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libglade2-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libgtkhtml2-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libgda2-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libgtkglext1-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libgnomevfs2-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libgstreamer0.8-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libgtksourceview1-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libpanel-applet2-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libgnomeprint2-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/libgnomeprintui2-ruby_0.12.0-2sarge1_amd64.deb oldstable/main/binary-amd64/librsvg2-ruby_0.12.0-2sarge1_amd64.deb ruby-gnome2 (0.12.0-2sarge1) oldstable-security; urgency=low * Non-maintainer upload by the security team * Included patch to fix format string vulnerability in rbgtkmessagedialog.c which might lead to arbitrary code execution Fixes: CVE-2007-6183 oldstable/main/binary-arm/libglib2-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libatk1-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libpango1-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libgdk-pixbuf2-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libgtk2-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libart2-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libgnomecanvas2-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libgnome2-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libgconf2-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libglade2-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libgtkhtml2-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libgda2-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libgtkglext1-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libgnomevfs2-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libgstreamer0.8-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libgtksourceview1-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libpanel-applet2-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libgnomeprint2-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/libgnomeprintui2-ruby_0.12.0-2sarge1_arm.deb oldstable/main/binary-arm/librsvg2-ruby_0.12.0-2sarge1_arm.deb ruby-gnome2 (0.12.0-2sarge1) oldstable-security; urgency=low * Non-maintainer upload by the security team * Included patch to fix format string vulnerability in rbgtkmessagedialog.c which might lead to arbitrary code execution Fixes: CVE-2007-6183 oldstable/main/binary-hppa/libglib2-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libatk1-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libpango1-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libgdk-pixbuf2-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libgtk2-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libart2-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libgnomecanvas2-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libgnome2-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libgconf2-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libglade2-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libgtkhtml2-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libgda2-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libgtkglext1-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libgnomevfs2-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libgstreamer0.8-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libgtksourceview1-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libpanel-applet2-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libgnomeprint2-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/libgnomeprintui2-ruby_0.12.0-2sarge1_hppa.deb oldstable/main/binary-hppa/librsvg2-ruby_0.12.0-2sarge1_hppa.deb ruby-gnome2 (0.12.0-2sarge1) oldstable-security; urgency=low * Non-maintainer upload by the security team * Included patch to fix format string vulnerability in rbgtkmessagedialog.c which might lead to arbitrary code execution Fixes: CVE-2007-6183 oldstable/main/source/ruby-gnome2_0.12.0-2sarge1.dsc oldstable/main/source/ruby-gnome2_0.12.0.orig.tar.gz oldstable/main/source/ruby-gnome2_0.12.0-2sarge1.diff.gz oldstable/main/binary-all/ruby-gnome2_0.12.0-2sarge1_all.deb oldstable/main/binary-i386/libglib2-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libatk1-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libpango1-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libgdk-pixbuf2-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libgtk2-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libart2-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libgnomecanvas2-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libgnome2-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libgconf2-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libglade2-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libgtkhtml2-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libgda2-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libgtkglext1-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libgnomevfs2-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libgstreamer0.8-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libgtksourceview1-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libpanel-applet2-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libgnomeprint2-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/libgnomeprintui2-ruby_0.12.0-2sarge1_i386.deb oldstable/main/binary-i386/librsvg2-ruby_0.12.0-2sarge1_i386.deb ruby-gnome2 (0.12.0-2sarge1) oldstable-security; urgency=low * Non-maintainer upload by the security team * Included patch to fix format string vulnerability in rbgtkmessagedialog.c which might lead to arbitrary code execution Fixes: CVE-2007-6183 oldstable/main/binary-ia64/libglib2-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libatk1-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libpango1-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libgdk-pixbuf2-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libgtk2-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libart2-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libgnomecanvas2-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libgnome2-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libgconf2-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libglade2-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libgtkhtml2-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libgda2-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libgtkglext1-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libgnomevfs2-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libgstreamer0.8-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libgtksourceview1-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libpanel-applet2-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libgnomeprint2-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/libgnomeprintui2-ruby_0.12.0-2sarge1_ia64.deb oldstable/main/binary-ia64/librsvg2-ruby_0.12.0-2sarge1_ia64.deb ruby-gnome2 (0.12.0-2sarge1) oldstable-security; urgency=low * Non-maintainer upload by the security team * Included patch to fix format string vulnerability in rbgtkmessagedialog.c which might lead to arbitrary code execution Fixes: CVE-2007-6183 oldstable/main/binary-m68k/libglib2-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libatk1-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libpango1-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libgdk-pixbuf2-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libgtk2-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libart2-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libgnomecanvas2-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libgnome2-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libgconf2-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libglade2-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libgtkhtml2-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libgda2-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libgtkglext1-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libgnomevfs2-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libgstreamer0.8-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libgtksourceview1-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libpanel-applet2-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libgnomeprint2-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/libgnomeprintui2-ruby_0.12.0-2sarge1_m68k.deb oldstable/main/binary-m68k/librsvg2-ruby_0.12.0-2sarge1_m68k.deb ruby-gnome2 (0.12.0-2sarge1) oldstable-security; urgency=low * Non-maintainer upload by the security team * Included patch to fix format string vulnerability in rbgtkmessagedialog.c which might lead to arbitrary code execution Fixes: CVE-2007-6183 oldstable/main/binary-mips/libglib2-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libatk1-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libpango1-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libgdk-pixbuf2-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libgtk2-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libart2-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libgnomecanvas2-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libgnome2-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libgconf2-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libglade2-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libgtkhtml2-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libgda2-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libgtkglext1-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libgnomevfs2-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libgstreamer0.8-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libgtksourceview1-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libpanel-applet2-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libgnomeprint2-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/libgnomeprintui2-ruby_0.12.0-2sarge1_mips.deb oldstable/main/binary-mips/librsvg2-ruby_0.12.0-2sarge1_mips.deb ruby-gnome2 (0.12.0-2sarge1) oldstable-security; urgency=low * Non-maintainer upload by the security team * Included patch to fix format string vulnerability in rbgtkmessagedialog.c which might lead to arbitrary code execution Fixes: CVE-2007-6183 oldstable/main/binary-mipsel/libglib2-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libatk1-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libpango1-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libgdk-pixbuf2-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libgtk2-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libart2-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libgnomecanvas2-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libgnome2-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libgconf2-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libglade2-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libgtkhtml2-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libgda2-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libgtkglext1-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libgnomevfs2-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libgstreamer0.8-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libgtksourceview1-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libpanel-applet2-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libgnomeprint2-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/libgnomeprintui2-ruby_0.12.0-2sarge1_mipsel.deb oldstable/main/binary-mipsel/librsvg2-ruby_0.12.0-2sarge1_mipsel.deb ruby-gnome2 (0.12.0-2sarge1) oldstable-security; urgency=low * Non-maintainer upload by the security team * Included patch to fix format string vulnerability in rbgtkmessagedialog.c which might lead to arbitrary code execution Fixes: CVE-2007-6183 oldstable/main/binary-powerpc/libglib2-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libatk1-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libpango1-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libgdk-pixbuf2-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libgtk2-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libart2-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libgnomecanvas2-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libgnome2-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libgconf2-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libglade2-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libgtkhtml2-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libgda2-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libgtkglext1-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libgnomevfs2-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libgstreamer0.8-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libgtksourceview1-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libpanel-applet2-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libgnomeprint2-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/libgnomeprintui2-ruby_0.12.0-2sarge1_powerpc.deb oldstable/main/binary-powerpc/librsvg2-ruby_0.12.0-2sarge1_powerpc.deb ruby-gnome2 (0.12.0-2sarge1) oldstable-security; urgency=low * Non-maintainer upload by the security team * Included patch to fix format string vulnerability in rbgtkmessagedialog.c which might lead to arbitrary code execution Fixes: CVE-2007-6183 oldstable/main/binary-s390/libglib2-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libatk1-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libpango1-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libgdk-pixbuf2-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libgtk2-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libart2-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libgnomecanvas2-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libgnome2-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libgconf2-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libglade2-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libgtkhtml2-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libgda2-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libgtkglext1-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libgnomevfs2-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libgstreamer0.8-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libgtksourceview1-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libpanel-applet2-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libgnomeprint2-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/libgnomeprintui2-ruby_0.12.0-2sarge1_s390.deb oldstable/main/binary-s390/librsvg2-ruby_0.12.0-2sarge1_s390.deb ruby-gnome2 (0.12.0-2sarge1) oldstable-security; urgency=low * Non-maintainer upload by the security team * Included patch to fix format string vulnerability in rbgtkmessagedialog.c which might lead to arbitrary code execution Fixes: CVE-2007-6183 oldstable/main/binary-sparc/libglib2-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libatk1-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libpango1-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libgdk-pixbuf2-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libgtk2-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libart2-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libgnomecanvas2-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libgnome2-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libgconf2-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libglade2-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libgtkhtml2-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libgda2-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libgtkglext1-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libgnomevfs2-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libgstreamer0.8-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libgtksourceview1-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libpanel-applet2-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libgnomeprint2-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/libgnomeprintui2-ruby_0.12.0-2sarge1_sparc.deb oldstable/main/binary-sparc/librsvg2-ruby_0.12.0-2sarge1_sparc.deb ruby-gnome2 (0.12.0-2sarge1) oldstable-security; urgency=low * Non-maintainer upload by the security team * Included patch to fix format string vulnerability in rbgtkmessagedialog.c which might lead to arbitrary code execution Fixes: CVE-2007-6183 oldstable/main/binary-alpha/samba_3.0.14a-3sarge10_alpha.deb oldstable/main/binary-alpha/samba-common_3.0.14a-3sarge10_alpha.deb oldstable/main/binary-alpha/smbclient_3.0.14a-3sarge10_alpha.deb oldstable/main/binary-alpha/swat_3.0.14a-3sarge10_alpha.deb oldstable/main/binary-alpha/smbfs_3.0.14a-3sarge10_alpha.deb oldstable/main/binary-alpha/libpam-smbpass_3.0.14a-3sarge10_alpha.deb oldstable/main/binary-alpha/libsmbclient_3.0.14a-3sarge10_alpha.deb oldstable/main/binary-alpha/libsmbclient-dev_3.0.14a-3sarge10_alpha.deb oldstable/main/binary-alpha/winbind_3.0.14a-3sarge10_alpha.deb oldstable/main/binary-alpha/python2.3-samba_3.0.14a-3sarge10_alpha.deb oldstable/main/binary-alpha/samba-dbg_3.0.14a-3sarge10_alpha.deb samba (3.0.14a-3sarge10) oldstable-security; urgency=low * Fix for yet another regression in the fix for CVE-2007-4572 due to one other missed patch in the 3.0.27a diff. Closes: #453050. oldstable/main/binary-amd64/samba_3.0.14a-3sarge10_amd64.deb oldstable/main/binary-amd64/samba-common_3.0.14a-3sarge10_amd64.deb oldstable/main/binary-amd64/smbclient_3.0.14a-3sarge10_amd64.deb oldstable/main/binary-amd64/swat_3.0.14a-3sarge10_amd64.deb oldstable/main/binary-amd64/smbfs_3.0.14a-3sarge10_amd64.deb oldstable/main/binary-amd64/libpam-smbpass_3.0.14a-3sarge10_amd64.deb oldstable/main/binary-amd64/libsmbclient_3.0.14a-3sarge10_amd64.deb oldstable/main/binary-amd64/libsmbclient-dev_3.0.14a-3sarge10_amd64.deb oldstable/main/binary-amd64/winbind_3.0.14a-3sarge10_amd64.deb oldstable/main/binary-amd64/python2.3-samba_3.0.14a-3sarge10_amd64.deb oldstable/main/binary-amd64/samba-dbg_3.0.14a-3sarge10_amd64.deb samba (3.0.14a-3sarge10) oldstable-security; urgency=low * Fix for yet another regression in the fix for CVE-2007-4572 due to one other missed patch in the 3.0.27a diff. Closes: #453050. oldstable/main/binary-arm/samba_3.0.14a-3sarge10_arm.deb oldstable/main/binary-arm/samba-common_3.0.14a-3sarge10_arm.deb oldstable/main/binary-arm/smbclient_3.0.14a-3sarge10_arm.deb oldstable/main/binary-arm/swat_3.0.14a-3sarge10_arm.deb oldstable/main/binary-arm/smbfs_3.0.14a-3sarge10_arm.deb oldstable/main/binary-arm/libpam-smbpass_3.0.14a-3sarge10_arm.deb oldstable/main/binary-arm/libsmbclient_3.0.14a-3sarge10_arm.deb oldstable/main/binary-arm/libsmbclient-dev_3.0.14a-3sarge10_arm.deb oldstable/main/binary-arm/winbind_3.0.14a-3sarge10_arm.deb oldstable/main/binary-arm/python2.3-samba_3.0.14a-3sarge10_arm.deb oldstable/main/binary-arm/samba-dbg_3.0.14a-3sarge10_arm.deb samba (3.0.14a-3sarge10) oldstable-security; urgency=low * Fix for yet another regression in the fix for CVE-2007-4572 due to one other missed patch in the 3.0.27a diff. Closes: #453050. oldstable/main/binary-hppa/samba_3.0.14a-3sarge10_hppa.deb oldstable/main/binary-hppa/samba-common_3.0.14a-3sarge10_hppa.deb oldstable/main/binary-hppa/smbclient_3.0.14a-3sarge10_hppa.deb oldstable/main/binary-hppa/swat_3.0.14a-3sarge10_hppa.deb oldstable/main/binary-hppa/smbfs_3.0.14a-3sarge10_hppa.deb oldstable/main/binary-hppa/libpam-smbpass_3.0.14a-3sarge10_hppa.deb oldstable/main/binary-hppa/libsmbclient_3.0.14a-3sarge10_hppa.deb oldstable/main/binary-hppa/libsmbclient-dev_3.0.14a-3sarge10_hppa.deb oldstable/main/binary-hppa/winbind_3.0.14a-3sarge10_hppa.deb oldstable/main/binary-hppa/python2.3-samba_3.0.14a-3sarge10_hppa.deb oldstable/main/binary-hppa/samba-dbg_3.0.14a-3sarge10_hppa.deb samba (3.0.14a-3sarge10) oldstable-security; urgency=low * Fix for yet another regression in the fix for CVE-2007-4572 due to one other missed patch in the 3.0.27a diff. Closes: #453050. oldstable/main/source/samba_3.0.14a-3sarge10.dsc oldstable/main/source/samba_3.0.14a-3sarge10.diff.gz oldstable/main/binary-all/samba-doc_3.0.14a-3sarge10_all.deb oldstable/main/binary-i386/samba_3.0.14a-3sarge10_i386.deb oldstable/main/binary-i386/samba-common_3.0.14a-3sarge10_i386.deb oldstable/main/binary-i386/smbclient_3.0.14a-3sarge10_i386.deb oldstable/main/binary-i386/swat_3.0.14a-3sarge10_i386.deb oldstable/main/binary-i386/smbfs_3.0.14a-3sarge10_i386.deb oldstable/main/binary-i386/libpam-smbpass_3.0.14a-3sarge10_i386.deb oldstable/main/binary-i386/libsmbclient_3.0.14a-3sarge10_i386.deb oldstable/main/binary-i386/libsmbclient-dev_3.0.14a-3sarge10_i386.deb oldstable/main/binary-i386/winbind_3.0.14a-3sarge10_i386.deb oldstable/main/binary-i386/python2.3-samba_3.0.14a-3sarge10_i386.deb oldstable/main/binary-i386/samba-dbg_3.0.14a-3sarge10_i386.deb samba (3.0.14a-3sarge10) oldstable-security; urgency=low * Fix for yet another regression in the fix for CVE-2007-4572 due to one other missed patch in the 3.0.27a diff. Closes: #453050. oldstable/main/binary-ia64/samba_3.0.14a-3sarge10_ia64.deb oldstable/main/binary-ia64/samba-common_3.0.14a-3sarge10_ia64.deb oldstable/main/binary-ia64/smbclient_3.0.14a-3sarge10_ia64.deb oldstable/main/binary-ia64/swat_3.0.14a-3sarge10_ia64.deb oldstable/main/binary-ia64/smbfs_3.0.14a-3sarge10_ia64.deb oldstable/main/binary-ia64/libpam-smbpass_3.0.14a-3sarge10_ia64.deb oldstable/main/binary-ia64/libsmbclient_3.0.14a-3sarge10_ia64.deb oldstable/main/binary-ia64/libsmbclient-dev_3.0.14a-3sarge10_ia64.deb oldstable/main/binary-ia64/winbind_3.0.14a-3sarge10_ia64.deb oldstable/main/binary-ia64/python2.3-samba_3.0.14a-3sarge10_ia64.deb oldstable/main/binary-ia64/samba-dbg_3.0.14a-3sarge10_ia64.deb samba (3.0.14a-3sarge10) oldstable-security; urgency=low * Fix for yet another regression in the fix for CVE-2007-4572 due to one other missed patch in the 3.0.27a diff. Closes: #453050. oldstable/main/binary-m68k/samba_3.0.14a-3sarge10_m68k.deb oldstable/main/binary-m68k/samba-common_3.0.14a-3sarge10_m68k.deb oldstable/main/binary-m68k/smbclient_3.0.14a-3sarge10_m68k.deb oldstable/main/binary-m68k/swat_3.0.14a-3sarge10_m68k.deb oldstable/main/binary-m68k/smbfs_3.0.14a-3sarge10_m68k.deb oldstable/main/binary-m68k/libpam-smbpass_3.0.14a-3sarge10_m68k.deb oldstable/main/binary-m68k/libsmbclient_3.0.14a-3sarge10_m68k.deb oldstable/main/binary-m68k/libsmbclient-dev_3.0.14a-3sarge10_m68k.deb oldstable/main/binary-m68k/winbind_3.0.14a-3sarge10_m68k.deb oldstable/main/binary-m68k/python2.3-samba_3.0.14a-3sarge10_m68k.deb oldstable/main/binary-m68k/samba-dbg_3.0.14a-3sarge10_m68k.deb samba (3.0.14a-3sarge10) oldstable-security; urgency=low * Fix for yet another regression in the fix for CVE-2007-4572 due to one other missed patch in the 3.0.27a diff. Closes: #453050. oldstable/main/binary-mips/samba_3.0.14a-3sarge10_mips.deb oldstable/main/binary-mips/samba-common_3.0.14a-3sarge10_mips.deb oldstable/main/binary-mips/smbclient_3.0.14a-3sarge10_mips.deb oldstable/main/binary-mips/swat_3.0.14a-3sarge10_mips.deb oldstable/main/binary-mips/smbfs_3.0.14a-3sarge10_mips.deb oldstable/main/binary-mips/libpam-smbpass_3.0.14a-3sarge10_mips.deb oldstable/main/binary-mips/libsmbclient_3.0.14a-3sarge10_mips.deb oldstable/main/binary-mips/libsmbclient-dev_3.0.14a-3sarge10_mips.deb oldstable/main/binary-mips/winbind_3.0.14a-3sarge10_mips.deb oldstable/main/binary-mips/python2.3-samba_3.0.14a-3sarge10_mips.deb oldstable/main/binary-mips/samba-dbg_3.0.14a-3sarge10_mips.deb samba (3.0.14a-3sarge10) oldstable-security; urgency=low * Fix for yet another regression in the fix for CVE-2007-4572 due to one other missed patch in the 3.0.27a diff. Closes: #453050. oldstable/main/binary-mipsel/samba_3.0.14a-3sarge10_mipsel.deb oldstable/main/binary-mipsel/samba-common_3.0.14a-3sarge10_mipsel.deb oldstable/main/binary-mipsel/smbclient_3.0.14a-3sarge10_mipsel.deb oldstable/main/binary-mipsel/swat_3.0.14a-3sarge10_mipsel.deb oldstable/main/binary-mipsel/smbfs_3.0.14a-3sarge10_mipsel.deb oldstable/main/binary-mipsel/libpam-smbpass_3.0.14a-3sarge10_mipsel.deb oldstable/main/binary-mipsel/libsmbclient_3.0.14a-3sarge10_mipsel.deb oldstable/main/binary-mipsel/libsmbclient-dev_3.0.14a-3sarge10_mipsel.deb oldstable/main/binary-mipsel/winbind_3.0.14a-3sarge10_mipsel.deb oldstable/main/binary-mipsel/python2.3-samba_3.0.14a-3sarge10_mipsel.deb oldstable/main/binary-mipsel/samba-dbg_3.0.14a-3sarge10_mipsel.deb samba (3.0.14a-3sarge10) oldstable-security; urgency=low * Fix for yet another regression in the fix for CVE-2007-4572 due to one other missed patch in the 3.0.27a diff. Closes: #453050. oldstable/main/binary-powerpc/samba_3.0.14a-3sarge10_powerpc.deb oldstable/main/binary-powerpc/samba-common_3.0.14a-3sarge10_powerpc.deb oldstable/main/binary-powerpc/smbclient_3.0.14a-3sarge10_powerpc.deb oldstable/main/binary-powerpc/swat_3.0.14a-3sarge10_powerpc.deb oldstable/main/binary-powerpc/smbfs_3.0.14a-3sarge10_powerpc.deb oldstable/main/binary-powerpc/libpam-smbpass_3.0.14a-3sarge10_powerpc.deb oldstable/main/binary-powerpc/libsmbclient_3.0.14a-3sarge10_powerpc.deb oldstable/main/binary-powerpc/libsmbclient-dev_3.0.14a-3sarge10_powerpc.deb oldstable/main/binary-powerpc/winbind_3.0.14a-3sarge10_powerpc.deb oldstable/main/binary-powerpc/python2.3-samba_3.0.14a-3sarge10_powerpc.deb oldstable/main/binary-powerpc/samba-dbg_3.0.14a-3sarge10_powerpc.deb samba (3.0.14a-3sarge10) oldstable-security; urgency=low * Fix for yet another regression in the fix for CVE-2007-4572 due to one other missed patch in the 3.0.27a diff. Closes: #453050. oldstable/main/binary-s390/samba_3.0.14a-3sarge10_s390.deb oldstable/main/binary-s390/samba-common_3.0.14a-3sarge10_s390.deb oldstable/main/binary-s390/smbclient_3.0.14a-3sarge10_s390.deb oldstable/main/binary-s390/swat_3.0.14a-3sarge10_s390.deb oldstable/main/binary-s390/smbfs_3.0.14a-3sarge10_s390.deb oldstable/main/binary-s390/libpam-smbpass_3.0.14a-3sarge10_s390.deb oldstable/main/binary-s390/libsmbclient_3.0.14a-3sarge10_s390.deb oldstable/main/binary-s390/libsmbclient-dev_3.0.14a-3sarge10_s390.deb oldstable/main/binary-s390/winbind_3.0.14a-3sarge10_s390.deb oldstable/main/binary-s390/python2.3-samba_3.0.14a-3sarge10_s390.deb oldstable/main/binary-s390/samba-dbg_3.0.14a-3sarge10_s390.deb samba (3.0.14a-3sarge10) oldstable-security; urgency=low * Fix for yet another regression in the fix for CVE-2007-4572 due to one other missed patch in the 3.0.27a diff. Closes: #453050. oldstable/main/binary-sparc/samba_3.0.14a-3sarge10_sparc.deb oldstable/main/binary-sparc/samba-common_3.0.14a-3sarge10_sparc.deb oldstable/main/binary-sparc/smbclient_3.0.14a-3sarge10_sparc.deb oldstable/main/binary-sparc/swat_3.0.14a-3sarge10_sparc.deb oldstable/main/binary-sparc/smbfs_3.0.14a-3sarge10_sparc.deb oldstable/main/binary-sparc/libpam-smbpass_3.0.14a-3sarge10_sparc.deb oldstable/main/binary-sparc/libsmbclient_3.0.14a-3sarge10_sparc.deb oldstable/main/binary-sparc/libsmbclient-dev_3.0.14a-3sarge10_sparc.deb oldstable/main/binary-sparc/winbind_3.0.14a-3sarge10_sparc.deb oldstable/main/binary-sparc/python2.3-samba_3.0.14a-3sarge10_sparc.deb oldstable/main/binary-sparc/samba-dbg_3.0.14a-3sarge10_sparc.deb samba (3.0.14a-3sarge10) oldstable-security; urgency=low * Fix for yet another regression in the fix for CVE-2007-4572 due to one other missed patch in the 3.0.27a diff. Closes: #453050. oldstable/main/binary-alpha/samba_3.0.14a-3sarge11_alpha.deb oldstable/main/binary-alpha/samba-common_3.0.14a-3sarge11_alpha.deb oldstable/main/binary-alpha/smbclient_3.0.14a-3sarge11_alpha.deb oldstable/main/binary-alpha/swat_3.0.14a-3sarge11_alpha.deb oldstable/main/binary-alpha/smbfs_3.0.14a-3sarge11_alpha.deb oldstable/main/binary-alpha/libpam-smbpass_3.0.14a-3sarge11_alpha.deb oldstable/main/binary-alpha/libsmbclient_3.0.14a-3sarge11_alpha.deb oldstable/main/binary-alpha/libsmbclient-dev_3.0.14a-3sarge11_alpha.deb oldstable/main/binary-alpha/winbind_3.0.14a-3sarge11_alpha.deb oldstable/main/binary-alpha/python2.3-samba_3.0.14a-3sarge11_alpha.deb oldstable/main/binary-alpha/samba-dbg_3.0.14a-3sarge11_alpha.deb samba (3.0.14a-3sarge11) oldstable-security; urgency=high * debian/patches/security-CVE-2007-6015.patch: fix a remote code execution vulnerability when running as a domain logon server (PDC or BDC). (CVE-2007-6015) oldstable/main/binary-amd64/samba_3.0.14a-3sarge11_amd64.deb oldstable/main/binary-amd64/samba-common_3.0.14a-3sarge11_amd64.deb oldstable/main/binary-amd64/smbclient_3.0.14a-3sarge11_amd64.deb oldstable/main/binary-amd64/swat_3.0.14a-3sarge11_amd64.deb oldstable/main/binary-amd64/smbfs_3.0.14a-3sarge11_amd64.deb oldstable/main/binary-amd64/libpam-smbpass_3.0.14a-3sarge11_amd64.deb oldstable/main/binary-amd64/libsmbclient_3.0.14a-3sarge11_amd64.deb oldstable/main/binary-amd64/libsmbclient-dev_3.0.14a-3sarge11_amd64.deb oldstable/main/binary-amd64/winbind_3.0.14a-3sarge11_amd64.deb oldstable/main/binary-amd64/python2.3-samba_3.0.14a-3sarge11_amd64.deb oldstable/main/binary-amd64/samba-dbg_3.0.14a-3sarge11_amd64.deb samba (3.0.14a-3sarge11) oldstable-security; urgency=high * debian/patches/security-CVE-2007-6015.patch: fix a remote code execution vulnerability when running as a domain logon server (PDC or BDC). (CVE-2007-6015) oldstable/main/binary-arm/samba_3.0.14a-3sarge11_arm.deb oldstable/main/binary-arm/samba-common_3.0.14a-3sarge11_arm.deb oldstable/main/binary-arm/smbclient_3.0.14a-3sarge11_arm.deb oldstable/main/binary-arm/swat_3.0.14a-3sarge11_arm.deb oldstable/main/binary-arm/smbfs_3.0.14a-3sarge11_arm.deb oldstable/main/binary-arm/libpam-smbpass_3.0.14a-3sarge11_arm.deb oldstable/main/binary-arm/libsmbclient_3.0.14a-3sarge11_arm.deb oldstable/main/binary-arm/libsmbclient-dev_3.0.14a-3sarge11_arm.deb oldstable/main/binary-arm/winbind_3.0.14a-3sarge11_arm.deb oldstable/main/binary-arm/python2.3-samba_3.0.14a-3sarge11_arm.deb oldstable/main/binary-arm/samba-dbg_3.0.14a-3sarge11_arm.deb samba (3.0.14a-3sarge11) oldstable-security; urgency=high * debian/patches/security-CVE-2007-6015.patch: fix a remote code execution vulnerability when running as a domain logon server (PDC or BDC). (CVE-2007-6015) oldstable/main/binary-hppa/samba_3.0.14a-3sarge11_hppa.deb oldstable/main/binary-hppa/samba-common_3.0.14a-3sarge11_hppa.deb oldstable/main/binary-hppa/smbclient_3.0.14a-3sarge11_hppa.deb oldstable/main/binary-hppa/swat_3.0.14a-3sarge11_hppa.deb oldstable/main/binary-hppa/smbfs_3.0.14a-3sarge11_hppa.deb oldstable/main/binary-hppa/libpam-smbpass_3.0.14a-3sarge11_hppa.deb oldstable/main/binary-hppa/libsmbclient_3.0.14a-3sarge11_hppa.deb oldstable/main/binary-hppa/libsmbclient-dev_3.0.14a-3sarge11_hppa.deb oldstable/main/binary-hppa/winbind_3.0.14a-3sarge11_hppa.deb oldstable/main/binary-hppa/python2.3-samba_3.0.14a-3sarge11_hppa.deb oldstable/main/binary-hppa/samba-dbg_3.0.14a-3sarge11_hppa.deb samba (3.0.14a-3sarge11) oldstable-security; urgency=high * debian/patches/security-CVE-2007-6015.patch: fix a remote code execution vulnerability when running as a domain logon server (PDC or BDC). (CVE-2007-6015) oldstable/main/source/samba_3.0.14a-3sarge11.dsc oldstable/main/source/samba_3.0.14a-3sarge11.diff.gz oldstable/main/binary-all/samba-doc_3.0.14a-3sarge11_all.deb oldstable/main/binary-i386/samba_3.0.14a-3sarge11_i386.deb oldstable/main/binary-i386/samba-common_3.0.14a-3sarge11_i386.deb oldstable/main/binary-i386/smbclient_3.0.14a-3sarge11_i386.deb oldstable/main/binary-i386/swat_3.0.14a-3sarge11_i386.deb oldstable/main/binary-i386/smbfs_3.0.14a-3sarge11_i386.deb oldstable/main/binary-i386/libpam-smbpass_3.0.14a-3sarge11_i386.deb oldstable/main/binary-i386/libsmbclient_3.0.14a-3sarge11_i386.deb oldstable/main/binary-i386/libsmbclient-dev_3.0.14a-3sarge11_i386.deb oldstable/main/binary-i386/winbind_3.0.14a-3sarge11_i386.deb oldstable/main/binary-i386/python2.3-samba_3.0.14a-3sarge11_i386.deb oldstable/main/binary-i386/samba-dbg_3.0.14a-3sarge11_i386.deb samba (3.0.14a-3sarge11) oldstable-security; urgency=high * debian/patches/security-CVE-2007-6015.patch: fix a remote code execution vulnerability when running as a domain logon server (PDC or BDC). (CVE-2007-6015) oldstable/main/binary-ia64/samba_3.0.14a-3sarge11_ia64.deb oldstable/main/binary-ia64/samba-common_3.0.14a-3sarge11_ia64.deb oldstable/main/binary-ia64/smbclient_3.0.14a-3sarge11_ia64.deb oldstable/main/binary-ia64/swat_3.0.14a-3sarge11_ia64.deb oldstable/main/binary-ia64/smbfs_3.0.14a-3sarge11_ia64.deb oldstable/main/binary-ia64/libpam-smbpass_3.0.14a-3sarge11_ia64.deb oldstable/main/binary-ia64/libsmbclient_3.0.14a-3sarge11_ia64.deb oldstable/main/binary-ia64/libsmbclient-dev_3.0.14a-3sarge11_ia64.deb oldstable/main/binary-ia64/winbind_3.0.14a-3sarge11_ia64.deb oldstable/main/binary-ia64/python2.3-samba_3.0.14a-3sarge11_ia64.deb oldstable/main/binary-ia64/samba-dbg_3.0.14a-3sarge11_ia64.deb samba (3.0.14a-3sarge11) oldstable-security; urgency=high * debian/patches/security-CVE-2007-6015.patch: fix a remote code execution vulnerability when running as a domain logon server (PDC or BDC). (CVE-2007-6015) oldstable/main/binary-m68k/samba_3.0.14a-3sarge11_m68k.deb oldstable/main/binary-m68k/samba-common_3.0.14a-3sarge11_m68k.deb oldstable/main/binary-m68k/smbclient_3.0.14a-3sarge11_m68k.deb oldstable/main/binary-m68k/swat_3.0.14a-3sarge11_m68k.deb oldstable/main/binary-m68k/smbfs_3.0.14a-3sarge11_m68k.deb oldstable/main/binary-m68k/libpam-smbpass_3.0.14a-3sarge11_m68k.deb oldstable/main/binary-m68k/libsmbclient_3.0.14a-3sarge11_m68k.deb oldstable/main/binary-m68k/libsmbclient-dev_3.0.14a-3sarge11_m68k.deb oldstable/main/binary-m68k/winbind_3.0.14a-3sarge11_m68k.deb oldstable/main/binary-m68k/python2.3-samba_3.0.14a-3sarge11_m68k.deb oldstable/main/binary-m68k/samba-dbg_3.0.14a-3sarge11_m68k.deb samba (3.0.14a-3sarge11) oldstable-security; urgency=high * debian/patches/security-CVE-2007-6015.patch: fix a remote code execution vulnerability when running as a domain logon server (PDC or BDC). (CVE-2007-6015) oldstable/main/binary-mips/samba_3.0.14a-3sarge11_mips.deb oldstable/main/binary-mips/samba-common_3.0.14a-3sarge11_mips.deb oldstable/main/binary-mips/smbclient_3.0.14a-3sarge11_mips.deb oldstable/main/binary-mips/swat_3.0.14a-3sarge11_mips.deb oldstable/main/binary-mips/smbfs_3.0.14a-3sarge11_mips.deb oldstable/main/binary-mips/libpam-smbpass_3.0.14a-3sarge11_mips.deb oldstable/main/binary-mips/libsmbclient_3.0.14a-3sarge11_mips.deb oldstable/main/binary-mips/libsmbclient-dev_3.0.14a-3sarge11_mips.deb oldstable/main/binary-mips/winbind_3.0.14a-3sarge11_mips.deb oldstable/main/binary-mips/python2.3-samba_3.0.14a-3sarge11_mips.deb oldstable/main/binary-mips/samba-dbg_3.0.14a-3sarge11_mips.deb samba (3.0.14a-3sarge11) oldstable-security; urgency=high * debian/patches/security-CVE-2007-6015.patch: fix a remote code execution vulnerability when running as a domain logon server (PDC or BDC). (CVE-2007-6015) oldstable/main/binary-mipsel/samba_3.0.14a-3sarge11_mipsel.deb oldstable/main/binary-mipsel/samba-common_3.0.14a-3sarge11_mipsel.deb oldstable/main/binary-mipsel/smbclient_3.0.14a-3sarge11_mipsel.deb oldstable/main/binary-mipsel/swat_3.0.14a-3sarge11_mipsel.deb oldstable/main/binary-mipsel/smbfs_3.0.14a-3sarge11_mipsel.deb oldstable/main/binary-mipsel/libpam-smbpass_3.0.14a-3sarge11_mipsel.deb oldstable/main/binary-mipsel/libsmbclient_3.0.14a-3sarge11_mipsel.deb oldstable/main/binary-mipsel/libsmbclient-dev_3.0.14a-3sarge11_mipsel.deb oldstable/main/binary-mipsel/winbind_3.0.14a-3sarge11_mipsel.deb oldstable/main/binary-mipsel/python2.3-samba_3.0.14a-3sarge11_mipsel.deb oldstable/main/binary-mipsel/samba-dbg_3.0.14a-3sarge11_mipsel.deb samba (3.0.14a-3sarge11) oldstable-security; urgency=high * debian/patches/security-CVE-2007-6015.patch: fix a remote code execution vulnerability when running as a domain logon server (PDC or BDC). (CVE-2007-6015) oldstable/main/binary-powerpc/samba_3.0.14a-3sarge11_powerpc.deb oldstable/main/binary-powerpc/samba-common_3.0.14a-3sarge11_powerpc.deb oldstable/main/binary-powerpc/smbclient_3.0.14a-3sarge11_powerpc.deb oldstable/main/binary-powerpc/swat_3.0.14a-3sarge11_powerpc.deb oldstable/main/binary-powerpc/smbfs_3.0.14a-3sarge11_powerpc.deb oldstable/main/binary-powerpc/libpam-smbpass_3.0.14a-3sarge11_powerpc.deb oldstable/main/binary-powerpc/libsmbclient_3.0.14a-3sarge11_powerpc.deb oldstable/main/binary-powerpc/libsmbclient-dev_3.0.14a-3sarge11_powerpc.deb oldstable/main/binary-powerpc/winbind_3.0.14a-3sarge11_powerpc.deb oldstable/main/binary-powerpc/python2.3-samba_3.0.14a-3sarge11_powerpc.deb oldstable/main/binary-powerpc/samba-dbg_3.0.14a-3sarge11_powerpc.deb samba (3.0.14a-3sarge11) oldstable-security; urgency=high * debian/patches/security-CVE-2007-6015.patch: fix a remote code execution vulnerability when running as a domain logon server (PDC or BDC). (CVE-2007-6015) oldstable/main/binary-s390/samba_3.0.14a-3sarge11_s390.deb oldstable/main/binary-s390/samba-common_3.0.14a-3sarge11_s390.deb oldstable/main/binary-s390/smbclient_3.0.14a-3sarge11_s390.deb oldstable/main/binary-s390/swat_3.0.14a-3sarge11_s390.deb oldstable/main/binary-s390/smbfs_3.0.14a-3sarge11_s390.deb oldstable/main/binary-s390/libpam-smbpass_3.0.14a-3sarge11_s390.deb oldstable/main/binary-s390/libsmbclient_3.0.14a-3sarge11_s390.deb oldstable/main/binary-s390/libsmbclient-dev_3.0.14a-3sarge11_s390.deb oldstable/main/binary-s390/winbind_3.0.14a-3sarge11_s390.deb oldstable/main/binary-s390/python2.3-samba_3.0.14a-3sarge11_s390.deb oldstable/main/binary-s390/samba-dbg_3.0.14a-3sarge11_s390.deb samba (3.0.14a-3sarge11) oldstable-security; urgency=high * debian/patches/security-CVE-2007-6015.patch: fix a remote code execution vulnerability when running as a domain logon server (PDC or BDC). (CVE-2007-6015) oldstable/main/binary-sparc/samba_3.0.14a-3sarge11_sparc.deb oldstable/main/binary-sparc/samba-common_3.0.14a-3sarge11_sparc.deb oldstable/main/binary-sparc/smbclient_3.0.14a-3sarge11_sparc.deb oldstable/main/binary-sparc/swat_3.0.14a-3sarge11_sparc.deb oldstable/main/binary-sparc/smbfs_3.0.14a-3sarge11_sparc.deb oldstable/main/binary-sparc/libpam-smbpass_3.0.14a-3sarge11_sparc.deb oldstable/main/binary-sparc/libsmbclient_3.0.14a-3sarge11_sparc.deb oldstable/main/binary-sparc/libsmbclient-dev_3.0.14a-3sarge11_sparc.deb oldstable/main/binary-sparc/winbind_3.0.14a-3sarge11_sparc.deb oldstable/main/binary-sparc/python2.3-samba_3.0.14a-3sarge11_sparc.deb oldstable/main/binary-sparc/samba-dbg_3.0.14a-3sarge11_sparc.deb samba (3.0.14a-3sarge11) oldstable-security; urgency=high * debian/patches/security-CVE-2007-6015.patch: fix a remote code execution vulnerability when running as a domain logon server (PDC or BDC). (CVE-2007-6015) oldstable/main/binary-alpha/samba_3.0.14a-3sarge6_alpha.deb oldstable/main/binary-alpha/samba-common_3.0.14a-3sarge6_alpha.deb oldstable/main/binary-alpha/smbclient_3.0.14a-3sarge6_alpha.deb oldstable/main/binary-alpha/swat_3.0.14a-3sarge6_alpha.deb oldstable/main/binary-alpha/smbfs_3.0.14a-3sarge6_alpha.deb oldstable/main/binary-alpha/libpam-smbpass_3.0.14a-3sarge6_alpha.deb oldstable/main/binary-alpha/libsmbclient_3.0.14a-3sarge6_alpha.deb oldstable/main/binary-alpha/libsmbclient-dev_3.0.14a-3sarge6_alpha.deb oldstable/main/binary-alpha/winbind_3.0.14a-3sarge6_alpha.deb oldstable/main/binary-alpha/python2.3-samba_3.0.14a-3sarge6_alpha.deb oldstable/main/binary-alpha/samba-dbg_3.0.14a-3sarge6_alpha.deb samba (3.0.14a-3sarge6) oldstable-security; urgency=high * Fix typo in patch for CVE-2007-2447 that would cause segfaults when performing string comparisons. oldstable/main/binary-arm/samba_3.0.14a-3sarge6_arm.deb oldstable/main/binary-arm/samba-common_3.0.14a-3sarge6_arm.deb oldstable/main/binary-arm/smbclient_3.0.14a-3sarge6_arm.deb oldstable/main/binary-arm/swat_3.0.14a-3sarge6_arm.deb oldstable/main/binary-arm/smbfs_3.0.14a-3sarge6_arm.deb oldstable/main/binary-arm/libpam-smbpass_3.0.14a-3sarge6_arm.deb oldstable/main/binary-arm/libsmbclient_3.0.14a-3sarge6_arm.deb oldstable/main/binary-arm/libsmbclient-dev_3.0.14a-3sarge6_arm.deb oldstable/main/binary-arm/winbind_3.0.14a-3sarge6_arm.deb oldstable/main/binary-arm/python2.3-samba_3.0.14a-3sarge6_arm.deb oldstable/main/binary-arm/samba-dbg_3.0.14a-3sarge6_arm.deb samba (3.0.14a-3sarge6) oldstable-security; urgency=high * Fix typo in patch for CVE-2007-2447 that would cause segfaults when performing string comparisons. oldstable/main/binary-hppa/samba_3.0.14a-3sarge6_hppa.deb oldstable/main/binary-hppa/samba-common_3.0.14a-3sarge6_hppa.deb oldstable/main/binary-hppa/smbclient_3.0.14a-3sarge6_hppa.deb oldstable/main/binary-hppa/swat_3.0.14a-3sarge6_hppa.deb oldstable/main/binary-hppa/smbfs_3.0.14a-3sarge6_hppa.deb oldstable/main/binary-hppa/libpam-smbpass_3.0.14a-3sarge6_hppa.deb oldstable/main/binary-hppa/libsmbclient_3.0.14a-3sarge6_hppa.deb oldstable/main/binary-hppa/libsmbclient-dev_3.0.14a-3sarge6_hppa.deb oldstable/main/binary-hppa/winbind_3.0.14a-3sarge6_hppa.deb oldstable/main/binary-hppa/python2.3-samba_3.0.14a-3sarge6_hppa.deb oldstable/main/binary-hppa/samba-dbg_3.0.14a-3sarge6_hppa.deb samba (3.0.14a-3sarge6) oldstable-security; urgency=high * Fix typo in patch for CVE-2007-2447 that would cause segfaults when performing string comparisons. oldstable/main/source/samba_3.0.14a-3sarge6.dsc oldstable/main/source/samba_3.0.14a-3sarge6.diff.gz oldstable/main/binary-all/samba-doc_3.0.14a-3sarge6_all.deb oldstable/main/binary-i386/samba_3.0.14a-3sarge6_i386.deb oldstable/main/binary-i386/samba-common_3.0.14a-3sarge6_i386.deb oldstable/main/binary-i386/smbclient_3.0.14a-3sarge6_i386.deb oldstable/main/binary-i386/swat_3.0.14a-3sarge6_i386.deb oldstable/main/binary-i386/smbfs_3.0.14a-3sarge6_i386.deb oldstable/main/binary-i386/libpam-smbpass_3.0.14a-3sarge6_i386.deb oldstable/main/binary-i386/libsmbclient_3.0.14a-3sarge6_i386.deb oldstable/main/binary-i386/libsmbclient-dev_3.0.14a-3sarge6_i386.deb oldstable/main/binary-i386/winbind_3.0.14a-3sarge6_i386.deb oldstable/main/binary-i386/python2.3-samba_3.0.14a-3sarge6_i386.deb oldstable/main/binary-i386/samba-dbg_3.0.14a-3sarge6_i386.deb samba (3.0.14a-3sarge6) oldstable-security; urgency=high * Fix typo in patch for CVE-2007-2447 that would cause segfaults when performing string comparisons. oldstable/main/binary-ia64/samba_3.0.14a-3sarge6_ia64.deb oldstable/main/binary-ia64/samba-common_3.0.14a-3sarge6_ia64.deb oldstable/main/binary-ia64/smbclient_3.0.14a-3sarge6_ia64.deb oldstable/main/binary-ia64/swat_3.0.14a-3sarge6_ia64.deb oldstable/main/binary-ia64/smbfs_3.0.14a-3sarge6_ia64.deb oldstable/main/binary-ia64/libpam-smbpass_3.0.14a-3sarge6_ia64.deb oldstable/main/binary-ia64/libsmbclient_3.0.14a-3sarge6_ia64.deb oldstable/main/binary-ia64/libsmbclient-dev_3.0.14a-3sarge6_ia64.deb oldstable/main/binary-ia64/winbind_3.0.14a-3sarge6_ia64.deb oldstable/main/binary-ia64/python2.3-samba_3.0.14a-3sarge6_ia64.deb oldstable/main/binary-ia64/samba-dbg_3.0.14a-3sarge6_ia64.deb samba (3.0.14a-3sarge6) oldstable-security; urgency=high * Fix typo in patch for CVE-2007-2447 that would cause segfaults when performing string comparisons. oldstable/main/binary-m68k/samba_3.0.14a-3sarge6_m68k.deb oldstable/main/binary-m68k/samba-common_3.0.14a-3sarge6_m68k.deb oldstable/main/binary-m68k/smbclient_3.0.14a-3sarge6_m68k.deb oldstable/main/binary-m68k/swat_3.0.14a-3sarge6_m68k.deb oldstable/main/binary-m68k/smbfs_3.0.14a-3sarge6_m68k.deb oldstable/main/binary-m68k/libpam-smbpass_3.0.14a-3sarge6_m68k.deb oldstable/main/binary-m68k/libsmbclient_3.0.14a-3sarge6_m68k.deb oldstable/main/binary-m68k/libsmbclient-dev_3.0.14a-3sarge6_m68k.deb oldstable/main/binary-m68k/winbind_3.0.14a-3sarge6_m68k.deb oldstable/main/binary-m68k/python2.3-samba_3.0.14a-3sarge6_m68k.deb oldstable/main/binary-m68k/samba-dbg_3.0.14a-3sarge6_m68k.deb samba (3.0.14a-3sarge6) oldstable-security; urgency=high * Fix typo in patch for CVE-2007-2447 that would cause segfaults when performing string comparisons. oldstable/main/binary-mips/samba_3.0.14a-3sarge6_mips.deb oldstable/main/binary-mips/samba-common_3.0.14a-3sarge6_mips.deb oldstable/main/binary-mips/smbclient_3.0.14a-3sarge6_mips.deb oldstable/main/binary-mips/swat_3.0.14a-3sarge6_mips.deb oldstable/main/binary-mips/smbfs_3.0.14a-3sarge6_mips.deb oldstable/main/binary-mips/libpam-smbpass_3.0.14a-3sarge6_mips.deb oldstable/main/binary-mips/libsmbclient_3.0.14a-3sarge6_mips.deb oldstable/main/binary-mips/libsmbclient-dev_3.0.14a-3sarge6_mips.deb oldstable/main/binary-mips/winbind_3.0.14a-3sarge6_mips.deb oldstable/main/binary-mips/python2.3-samba_3.0.14a-3sarge6_mips.deb oldstable/main/binary-mips/samba-dbg_3.0.14a-3sarge6_mips.deb samba (3.0.14a-3sarge6) oldstable-security; urgency=high * Fix typo in patch for CVE-2007-2447 that would cause segfaults when performing string comparisons. oldstable/main/binary-mipsel/samba_3.0.14a-3sarge6_mipsel.deb oldstable/main/binary-mipsel/samba-common_3.0.14a-3sarge6_mipsel.deb oldstable/main/binary-mipsel/smbclient_3.0.14a-3sarge6_mipsel.deb oldstable/main/binary-mipsel/swat_3.0.14a-3sarge6_mipsel.deb oldstable/main/binary-mipsel/smbfs_3.0.14a-3sarge6_mipsel.deb oldstable/main/binary-mipsel/libpam-smbpass_3.0.14a-3sarge6_mipsel.deb oldstable/main/binary-mipsel/libsmbclient_3.0.14a-3sarge6_mipsel.deb oldstable/main/binary-mipsel/libsmbclient-dev_3.0.14a-3sarge6_mipsel.deb oldstable/main/binary-mipsel/winbind_3.0.14a-3sarge6_mipsel.deb oldstable/main/binary-mipsel/python2.3-samba_3.0.14a-3sarge6_mipsel.deb oldstable/main/binary-mipsel/samba-dbg_3.0.14a-3sarge6_mipsel.deb samba (3.0.14a-3sarge6) oldstable-security; urgency=high * Fix typo in patch for CVE-2007-2447 that would cause segfaults when performing string comparisons. oldstable/main/binary-powerpc/samba_3.0.14a-3sarge6_powerpc.deb oldstable/main/binary-powerpc/samba-common_3.0.14a-3sarge6_powerpc.deb oldstable/main/binary-powerpc/smbclient_3.0.14a-3sarge6_powerpc.deb oldstable/main/binary-powerpc/swat_3.0.14a-3sarge6_powerpc.deb oldstable/main/binary-powerpc/smbfs_3.0.14a-3sarge6_powerpc.deb oldstable/main/binary-powerpc/libpam-smbpass_3.0.14a-3sarge6_powerpc.deb oldstable/main/binary-powerpc/libsmbclient_3.0.14a-3sarge6_powerpc.deb oldstable/main/binary-powerpc/libsmbclient-dev_3.0.14a-3sarge6_powerpc.deb oldstable/main/binary-powerpc/winbind_3.0.14a-3sarge6_powerpc.deb oldstable/main/binary-powerpc/python2.3-samba_3.0.14a-3sarge6_powerpc.deb oldstable/main/binary-powerpc/samba-dbg_3.0.14a-3sarge6_powerpc.deb samba (3.0.14a-3sarge6) oldstable-security; urgency=high * Fix typo in patch for CVE-2007-2447 that would cause segfaults when performing string comparisons. oldstable/main/binary-s390/samba_3.0.14a-3sarge6_s390.deb oldstable/main/binary-s390/samba-common_3.0.14a-3sarge6_s390.deb oldstable/main/binary-s390/smbclient_3.0.14a-3sarge6_s390.deb oldstable/main/binary-s390/swat_3.0.14a-3sarge6_s390.deb oldstable/main/binary-s390/smbfs_3.0.14a-3sarge6_s390.deb oldstable/main/binary-s390/libpam-smbpass_3.0.14a-3sarge6_s390.deb oldstable/main/binary-s390/libsmbclient_3.0.14a-3sarge6_s390.deb oldstable/main/binary-s390/libsmbclient-dev_3.0.14a-3sarge6_s390.deb oldstable/main/binary-s390/winbind_3.0.14a-3sarge6_s390.deb oldstable/main/binary-s390/python2.3-samba_3.0.14a-3sarge6_s390.deb oldstable/main/binary-s390/samba-dbg_3.0.14a-3sarge6_s390.deb samba (3.0.14a-3sarge6) oldstable-security; urgency=high * Fix typo in patch for CVE-2007-2447 that would cause segfaults when performing string comparisons. oldstable/main/binary-sparc/samba_3.0.14a-3sarge6_sparc.deb oldstable/main/binary-sparc/samba-common_3.0.14a-3sarge6_sparc.deb oldstable/main/binary-sparc/smbclient_3.0.14a-3sarge6_sparc.deb oldstable/main/binary-sparc/swat_3.0.14a-3sarge6_sparc.deb oldstable/main/binary-sparc/smbfs_3.0.14a-3sarge6_sparc.deb oldstable/main/binary-sparc/libpam-smbpass_3.0.14a-3sarge6_sparc.deb oldstable/main/binary-sparc/libsmbclient_3.0.14a-3sarge6_sparc.deb oldstable/main/binary-sparc/libsmbclient-dev_3.0.14a-3sarge6_sparc.deb oldstable/main/binary-sparc/winbind_3.0.14a-3sarge6_sparc.deb oldstable/main/binary-sparc/python2.3-samba_3.0.14a-3sarge6_sparc.deb oldstable/main/binary-sparc/samba-dbg_3.0.14a-3sarge6_sparc.deb samba (3.0.14a-3sarge6) oldstable-security; urgency=high * Fix typo in patch for CVE-2007-2447 that would cause segfaults when performing string comparisons. oldstable/main/binary-alpha/samba_3.0.14a-3sarge7_alpha.deb oldstable/main/binary-alpha/samba-common_3.0.14a-3sarge7_alpha.deb oldstable/main/binary-alpha/smbclient_3.0.14a-3sarge7_alpha.deb oldstable/main/binary-alpha/swat_3.0.14a-3sarge7_alpha.deb oldstable/main/binary-alpha/smbfs_3.0.14a-3sarge7_alpha.deb oldstable/main/binary-alpha/libpam-smbpass_3.0.14a-3sarge7_alpha.deb oldstable/main/binary-alpha/libsmbclient_3.0.14a-3sarge7_alpha.deb oldstable/main/binary-alpha/libsmbclient-dev_3.0.14a-3sarge7_alpha.deb oldstable/main/binary-alpha/winbind_3.0.14a-3sarge7_alpha.deb oldstable/main/binary-alpha/python2.3-samba_3.0.14a-3sarge7_alpha.deb oldstable/main/binary-alpha/samba-dbg_3.0.14a-3sarge7_alpha.deb samba (3.0.14a-3sarge7) oldstable-security; urgency=low * Fix a remote code execution vulnerability when running nmbd as a WINS server. (CVE-2007-5398) * Fix a buffer overflow in nmbd when running as a domain controller during the processing GETDC logon server requests. (CVE-2007-4572) oldstable/main/binary-amd64/samba_3.0.14a-3sarge7_amd64.deb oldstable/main/binary-amd64/samba-common_3.0.14a-3sarge7_amd64.deb oldstable/main/binary-amd64/smbclient_3.0.14a-3sarge7_amd64.deb oldstable/main/binary-amd64/swat_3.0.14a-3sarge7_amd64.deb oldstable/main/binary-amd64/smbfs_3.0.14a-3sarge7_amd64.deb oldstable/main/binary-amd64/libpam-smbpass_3.0.14a-3sarge7_amd64.deb oldstable/main/binary-amd64/libsmbclient_3.0.14a-3sarge7_amd64.deb oldstable/main/binary-amd64/libsmbclient-dev_3.0.14a-3sarge7_amd64.deb oldstable/main/binary-amd64/winbind_3.0.14a-3sarge7_amd64.deb oldstable/main/binary-amd64/python2.3-samba_3.0.14a-3sarge7_amd64.deb oldstable/main/binary-amd64/samba-dbg_3.0.14a-3sarge7_amd64.deb samba (3.0.14a-3sarge7) oldstable-security; urgency=low * Fix a remote code execution vulnerability when running nmbd as a WINS server. (CVE-2007-5398) * Fix a buffer overflow in nmbd when running as a domain controller during the processing GETDC logon server requests. (CVE-2007-4572) oldstable/main/binary-arm/samba_3.0.14a-3sarge7_arm.deb oldstable/main/binary-arm/samba-common_3.0.14a-3sarge7_arm.deb oldstable/main/binary-arm/smbclient_3.0.14a-3sarge7_arm.deb oldstable/main/binary-arm/swat_3.0.14a-3sarge7_arm.deb oldstable/main/binary-arm/smbfs_3.0.14a-3sarge7_arm.deb oldstable/main/binary-arm/libpam-smbpass_3.0.14a-3sarge7_arm.deb oldstable/main/binary-arm/libsmbclient_3.0.14a-3sarge7_arm.deb oldstable/main/binary-arm/libsmbclient-dev_3.0.14a-3sarge7_arm.deb oldstable/main/binary-arm/winbind_3.0.14a-3sarge7_arm.deb oldstable/main/binary-arm/python2.3-samba_3.0.14a-3sarge7_arm.deb oldstable/main/binary-arm/samba-dbg_3.0.14a-3sarge7_arm.deb samba (3.0.14a-3sarge7) oldstable-security; urgency=low * Fix a remote code execution vulnerability when running nmbd as a WINS server. (CVE-2007-5398) * Fix a buffer overflow in nmbd when running as a domain controller during the processing GETDC logon server requests. (CVE-2007-4572) oldstable/main/binary-hppa/samba_3.0.14a-3sarge7_hppa.deb oldstable/main/binary-hppa/samba-common_3.0.14a-3sarge7_hppa.deb oldstable/main/binary-hppa/smbclient_3.0.14a-3sarge7_hppa.deb oldstable/main/binary-hppa/swat_3.0.14a-3sarge7_hppa.deb oldstable/main/binary-hppa/smbfs_3.0.14a-3sarge7_hppa.deb oldstable/main/binary-hppa/libpam-smbpass_3.0.14a-3sarge7_hppa.deb oldstable/main/binary-hppa/libsmbclient_3.0.14a-3sarge7_hppa.deb oldstable/main/binary-hppa/libsmbclient-dev_3.0.14a-3sarge7_hppa.deb oldstable/main/binary-hppa/winbind_3.0.14a-3sarge7_hppa.deb oldstable/main/binary-hppa/python2.3-samba_3.0.14a-3sarge7_hppa.deb oldstable/main/binary-hppa/samba-dbg_3.0.14a-3sarge7_hppa.deb samba (3.0.14a-3sarge7) oldstable-security; urgency=low * Fix a remote code execution vulnerability when running nmbd as a WINS server. (CVE-2007-5398) * Fix a buffer overflow in nmbd when running as a domain controller during the processing GETDC logon server requests. (CVE-2007-4572) oldstable/main/source/samba_3.0.14a-3sarge7.dsc oldstable/main/source/samba_3.0.14a-3sarge7.diff.gz oldstable/main/binary-all/samba-doc_3.0.14a-3sarge7_all.deb oldstable/main/binary-i386/samba_3.0.14a-3sarge7_i386.deb oldstable/main/binary-i386/samba-common_3.0.14a-3sarge7_i386.deb oldstable/main/binary-i386/smbclient_3.0.14a-3sarge7_i386.deb oldstable/main/binary-i386/swat_3.0.14a-3sarge7_i386.deb oldstable/main/binary-i386/smbfs_3.0.14a-3sarge7_i386.deb oldstable/main/binary-i386/libpam-smbpass_3.0.14a-3sarge7_i386.deb oldstable/main/binary-i386/libsmbclient_3.0.14a-3sarge7_i386.deb oldstable/main/binary-i386/libsmbclient-dev_3.0.14a-3sarge7_i386.deb oldstable/main/binary-i386/winbind_3.0.14a-3sarge7_i386.deb oldstable/main/binary-i386/python2.3-samba_3.0.14a-3sarge7_i386.deb oldstable/main/binary-i386/samba-dbg_3.0.14a-3sarge7_i386.deb samba (3.0.14a-3sarge7) oldstable-security; urgency=low * Fix a remote code execution vulnerability when running nmbd as a WINS server. (CVE-2007-5398) * Fix a buffer overflow in nmbd when running as a domain controller during the processing GETDC logon server requests. (CVE-2007-4572) oldstable/main/binary-ia64/samba_3.0.14a-3sarge7_ia64.deb oldstable/main/binary-ia64/samba-common_3.0.14a-3sarge7_ia64.deb oldstable/main/binary-ia64/smbclient_3.0.14a-3sarge7_ia64.deb oldstable/main/binary-ia64/swat_3.0.14a-3sarge7_ia64.deb oldstable/main/binary-ia64/smbfs_3.0.14a-3sarge7_ia64.deb oldstable/main/binary-ia64/libpam-smbpass_3.0.14a-3sarge7_ia64.deb oldstable/main/binary-ia64/libsmbclient_3.0.14a-3sarge7_ia64.deb oldstable/main/binary-ia64/libsmbclient-dev_3.0.14a-3sarge7_ia64.deb oldstable/main/binary-ia64/winbind_3.0.14a-3sarge7_ia64.deb oldstable/main/binary-ia64/python2.3-samba_3.0.14a-3sarge7_ia64.deb oldstable/main/binary-ia64/samba-dbg_3.0.14a-3sarge7_ia64.deb samba (3.0.14a-3sarge7) oldstable-security; urgency=low * Fix a remote code execution vulnerability when running nmbd as a WINS server. (CVE-2007-5398) * Fix a buffer overflow in nmbd when running as a domain controller during the processing GETDC logon server requests. (CVE-2007-4572) oldstable/main/binary-m68k/samba_3.0.14a-3sarge7_m68k.deb oldstable/main/binary-m68k/samba-common_3.0.14a-3sarge7_m68k.deb oldstable/main/binary-m68k/smbclient_3.0.14a-3sarge7_m68k.deb oldstable/main/binary-m68k/swat_3.0.14a-3sarge7_m68k.deb oldstable/main/binary-m68k/smbfs_3.0.14a-3sarge7_m68k.deb oldstable/main/binary-m68k/libpam-smbpass_3.0.14a-3sarge7_m68k.deb oldstable/main/binary-m68k/libsmbclient_3.0.14a-3sarge7_m68k.deb oldstable/main/binary-m68k/libsmbclient-dev_3.0.14a-3sarge7_m68k.deb oldstable/main/binary-m68k/winbind_3.0.14a-3sarge7_m68k.deb oldstable/main/binary-m68k/python2.3-samba_3.0.14a-3sarge7_m68k.deb oldstable/main/binary-m68k/samba-dbg_3.0.14a-3sarge7_m68k.deb samba (3.0.14a-3sarge7) oldstable-security; urgency=low * Fix a remote code execution vulnerability when running nmbd as a WINS server. (CVE-2007-5398) * Fix a buffer overflow in nmbd when running as a domain controller during the processing GETDC logon server requests. (CVE-2007-4572) oldstable/main/binary-mips/samba_3.0.14a-3sarge7_mips.deb oldstable/main/binary-mips/samba-common_3.0.14a-3sarge7_mips.deb oldstable/main/binary-mips/smbclient_3.0.14a-3sarge7_mips.deb oldstable/main/binary-mips/swat_3.0.14a-3sarge7_mips.deb oldstable/main/binary-mips/smbfs_3.0.14a-3sarge7_mips.deb oldstable/main/binary-mips/libpam-smbpass_3.0.14a-3sarge7_mips.deb oldstable/main/binary-mips/libsmbclient_3.0.14a-3sarge7_mips.deb oldstable/main/binary-mips/libsmbclient-dev_3.0.14a-3sarge7_mips.deb oldstable/main/binary-mips/winbind_3.0.14a-3sarge7_mips.deb oldstable/main/binary-mips/python2.3-samba_3.0.14a-3sarge7_mips.deb oldstable/main/binary-mips/samba-dbg_3.0.14a-3sarge7_mips.deb samba (3.0.14a-3sarge7) oldstable-security; urgency=low * Fix a remote code execution vulnerability when running nmbd as a WINS server. (CVE-2007-5398) * Fix a buffer overflow in nmbd when running as a domain controller during the processing GETDC logon server requests. (CVE-2007-4572) oldstable/main/binary-mipsel/samba_3.0.14a-3sarge7_mipsel.deb oldstable/main/binary-mipsel/samba-common_3.0.14a-3sarge7_mipsel.deb oldstable/main/binary-mipsel/smbclient_3.0.14a-3sarge7_mipsel.deb oldstable/main/binary-mipsel/swat_3.0.14a-3sarge7_mipsel.deb oldstable/main/binary-mipsel/smbfs_3.0.14a-3sarge7_mipsel.deb oldstable/main/binary-mipsel/libpam-smbpass_3.0.14a-3sarge7_mipsel.deb oldstable/main/binary-mipsel/libsmbclient_3.0.14a-3sarge7_mipsel.deb oldstable/main/binary-mipsel/libsmbclient-dev_3.0.14a-3sarge7_mipsel.deb oldstable/main/binary-mipsel/winbind_3.0.14a-3sarge7_mipsel.deb oldstable/main/binary-mipsel/python2.3-samba_3.0.14a-3sarge7_mipsel.deb oldstable/main/binary-mipsel/samba-dbg_3.0.14a-3sarge7_mipsel.deb samba (3.0.14a-3sarge7) oldstable-security; urgency=low * Fix a remote code execution vulnerability when running nmbd as a WINS server. (CVE-2007-5398) * Fix a buffer overflow in nmbd when running as a domain controller during the processing GETDC logon server requests. (CVE-2007-4572) oldstable/main/binary-powerpc/samba_3.0.14a-3sarge7_powerpc.deb oldstable/main/binary-powerpc/samba-common_3.0.14a-3sarge7_powerpc.deb oldstable/main/binary-powerpc/smbclient_3.0.14a-3sarge7_powerpc.deb oldstable/main/binary-powerpc/swat_3.0.14a-3sarge7_powerpc.deb oldstable/main/binary-powerpc/smbfs_3.0.14a-3sarge7_powerpc.deb oldstable/main/binary-powerpc/libpam-smbpass_3.0.14a-3sarge7_powerpc.deb oldstable/main/binary-powerpc/libsmbclient_3.0.14a-3sarge7_powerpc.deb oldstable/main/binary-powerpc/libsmbclient-dev_3.0.14a-3sarge7_powerpc.deb oldstable/main/binary-powerpc/winbind_3.0.14a-3sarge7_powerpc.deb oldstable/main/binary-powerpc/python2.3-samba_3.0.14a-3sarge7_powerpc.deb oldstable/main/binary-powerpc/samba-dbg_3.0.14a-3sarge7_powerpc.deb samba (3.0.14a-3sarge7) oldstable-security; urgency=low * Fix a remote code execution vulnerability when running nmbd as a WINS server. (CVE-2007-5398) * Fix a buffer overflow in nmbd when running as a domain controller during the processing GETDC logon server requests. (CVE-2007-4572) oldstable/main/binary-s390/samba_3.0.14a-3sarge7_s390.deb oldstable/main/binary-s390/samba-common_3.0.14a-3sarge7_s390.deb oldstable/main/binary-s390/smbclient_3.0.14a-3sarge7_s390.deb oldstable/main/binary-s390/swat_3.0.14a-3sarge7_s390.deb oldstable/main/binary-s390/smbfs_3.0.14a-3sarge7_s390.deb oldstable/main/binary-s390/libpam-smbpass_3.0.14a-3sarge7_s390.deb oldstable/main/binary-s390/libsmbclient_3.0.14a-3sarge7_s390.deb oldstable/main/binary-s390/libsmbclient-dev_3.0.14a-3sarge7_s390.deb oldstable/main/binary-s390/winbind_3.0.14a-3sarge7_s390.deb oldstable/main/binary-s390/python2.3-samba_3.0.14a-3sarge7_s390.deb oldstable/main/binary-s390/samba-dbg_3.0.14a-3sarge7_s390.deb samba (3.0.14a-3sarge7) oldstable-security; urgency=low * Fix a remote code execution vulnerability when running nmbd as a WINS server. (CVE-2007-5398) * Fix a buffer overflow in nmbd when running as a domain controller during the processing GETDC logon server requests. (CVE-2007-4572) oldstable/main/binary-sparc/samba_3.0.14a-3sarge7_sparc.deb oldstable/main/binary-sparc/samba-common_3.0.14a-3sarge7_sparc.deb oldstable/main/binary-sparc/smbclient_3.0.14a-3sarge7_sparc.deb oldstable/main/binary-sparc/swat_3.0.14a-3sarge7_sparc.deb oldstable/main/binary-sparc/smbfs_3.0.14a-3sarge7_sparc.deb oldstable/main/binary-sparc/libpam-smbpass_3.0.14a-3sarge7_sparc.deb oldstable/main/binary-sparc/libsmbclient_3.0.14a-3sarge7_sparc.deb oldstable/main/binary-sparc/libsmbclient-dev_3.0.14a-3sarge7_sparc.deb oldstable/main/binary-sparc/winbind_3.0.14a-3sarge7_sparc.deb oldstable/main/binary-sparc/python2.3-samba_3.0.14a-3sarge7_sparc.deb oldstable/main/binary-sparc/samba-dbg_3.0.14a-3sarge7_sparc.deb samba (3.0.14a-3sarge7) oldstable-security; urgency=low * Fix a remote code execution vulnerability when running nmbd as a WINS server. (CVE-2007-5398) * Fix a buffer overflow in nmbd when running as a domain controller during the processing GETDC logon server requests. (CVE-2007-4572) oldstable/main/source/samba_3.0.14a-3sarge8.dsc oldstable/main/source/samba_3.0.14a-3sarge8.diff.gz oldstable/main/binary-all/samba-doc_3.0.14a-3sarge8_all.deb oldstable/main/binary-i386/samba_3.0.14a-3sarge8_i386.deb oldstable/main/binary-i386/samba-common_3.0.14a-3sarge8_i386.deb oldstable/main/binary-i386/smbclient_3.0.14a-3sarge8_i386.deb oldstable/main/binary-i386/swat_3.0.14a-3sarge8_i386.deb oldstable/main/binary-i386/smbfs_3.0.14a-3sarge8_i386.deb oldstable/main/binary-i386/libpam-smbpass_3.0.14a-3sarge8_i386.deb oldstable/main/binary-i386/libsmbclient_3.0.14a-3sarge8_i386.deb oldstable/main/binary-i386/libsmbclient-dev_3.0.14a-3sarge8_i386.deb oldstable/main/binary-i386/winbind_3.0.14a-3sarge8_i386.deb oldstable/main/binary-i386/python2.3-samba_3.0.14a-3sarge8_i386.deb oldstable/main/binary-i386/samba-dbg_3.0.14a-3sarge8_i386.deb samba (3.0.14a-3sarge8) oldstable-security; urgency=high * debian/patches/security-CVE-2007-4572_part2.patch: fix a regression introduced by the previous build that broke smbfs clients. oldstable/main/binary-alpha/samba_3.0.14a-3sarge9_alpha.deb oldstable/main/binary-alpha/samba-common_3.0.14a-3sarge9_alpha.deb oldstable/main/binary-alpha/smbclient_3.0.14a-3sarge9_alpha.deb oldstable/main/binary-alpha/swat_3.0.14a-3sarge9_alpha.deb oldstable/main/binary-alpha/smbfs_3.0.14a-3sarge9_alpha.deb oldstable/main/binary-alpha/libpam-smbpass_3.0.14a-3sarge9_alpha.deb oldstable/main/binary-alpha/libsmbclient_3.0.14a-3sarge9_alpha.deb oldstable/main/binary-alpha/libsmbclient-dev_3.0.14a-3sarge9_alpha.deb oldstable/main/binary-alpha/winbind_3.0.14a-3sarge9_alpha.deb oldstable/main/binary-alpha/python2.3-samba_3.0.14a-3sarge9_alpha.deb oldstable/main/binary-alpha/samba-dbg_3.0.14a-3sarge9_alpha.deb samba (3.0.14a-3sarge9) oldstable-security; urgency=low * Fix for one final regression related to the fix for CVE-2007-4572, pulled from upstream. Thanks to Santiago Garcia Mantinan for catching this. oldstable/main/binary-amd64/samba_3.0.14a-3sarge9_amd64.deb oldstable/main/binary-amd64/samba-common_3.0.14a-3sarge9_amd64.deb oldstable/main/binary-amd64/smbclient_3.0.14a-3sarge9_amd64.deb oldstable/main/binary-amd64/swat_3.0.14a-3sarge9_amd64.deb oldstable/main/binary-amd64/smbfs_3.0.14a-3sarge9_amd64.deb oldstable/main/binary-amd64/libpam-smbpass_3.0.14a-3sarge9_amd64.deb oldstable/main/binary-amd64/libsmbclient_3.0.14a-3sarge9_amd64.deb oldstable/main/binary-amd64/libsmbclient-dev_3.0.14a-3sarge9_amd64.deb oldstable/main/binary-amd64/winbind_3.0.14a-3sarge9_amd64.deb oldstable/main/binary-amd64/python2.3-samba_3.0.14a-3sarge9_amd64.deb oldstable/main/binary-amd64/samba-dbg_3.0.14a-3sarge9_amd64.deb samba (3.0.14a-3sarge9) oldstable-security; urgency=low * Fix for one final regression related to the fix for CVE-2007-4572, pulled from upstream. Thanks to Santiago Garcia Mantinan for catching this. oldstable/main/binary-arm/samba_3.0.14a-3sarge9_arm.deb oldstable/main/binary-arm/samba-common_3.0.14a-3sarge9_arm.deb oldstable/main/binary-arm/smbclient_3.0.14a-3sarge9_arm.deb oldstable/main/binary-arm/swat_3.0.14a-3sarge9_arm.deb oldstable/main/binary-arm/smbfs_3.0.14a-3sarge9_arm.deb oldstable/main/binary-arm/libpam-smbpass_3.0.14a-3sarge9_arm.deb oldstable/main/binary-arm/libsmbclient_3.0.14a-3sarge9_arm.deb oldstable/main/binary-arm/libsmbclient-dev_3.0.14a-3sarge9_arm.deb oldstable/main/binary-arm/winbind_3.0.14a-3sarge9_arm.deb oldstable/main/binary-arm/python2.3-samba_3.0.14a-3sarge9_arm.deb oldstable/main/binary-arm/samba-dbg_3.0.14a-3sarge9_arm.deb samba (3.0.14a-3sarge9) oldstable-security; urgency=low * Fix for one final regression related to the fix for CVE-2007-4572, pulled from upstream. Thanks to Santiago Garcia Mantinan for catching this. oldstable/main/binary-hppa/samba_3.0.14a-3sarge9_hppa.deb oldstable/main/binary-hppa/samba-common_3.0.14a-3sarge9_hppa.deb oldstable/main/binary-hppa/smbclient_3.0.14a-3sarge9_hppa.deb oldstable/main/binary-hppa/swat_3.0.14a-3sarge9_hppa.deb oldstable/main/binary-hppa/smbfs_3.0.14a-3sarge9_hppa.deb oldstable/main/binary-hppa/libpam-smbpass_3.0.14a-3sarge9_hppa.deb oldstable/main/binary-hppa/libsmbclient_3.0.14a-3sarge9_hppa.deb oldstable/main/binary-hppa/libsmbclient-dev_3.0.14a-3sarge9_hppa.deb oldstable/main/binary-hppa/winbind_3.0.14a-3sarge9_hppa.deb oldstable/main/binary-hppa/python2.3-samba_3.0.14a-3sarge9_hppa.deb oldstable/main/binary-hppa/samba-dbg_3.0.14a-3sarge9_hppa.deb samba (3.0.14a-3sarge9) oldstable-security; urgency=low * Fix for one final regression related to the fix for CVE-2007-4572, pulled from upstream. Thanks to Santiago Garcia Mantinan for catching this. oldstable/main/source/samba_3.0.14a-3sarge9.dsc oldstable/main/source/samba_3.0.14a-3sarge9.diff.gz oldstable/main/binary-all/samba-doc_3.0.14a-3sarge9_all.deb oldstable/main/binary-i386/samba_3.0.14a-3sarge9_i386.deb oldstable/main/binary-i386/samba-common_3.0.14a-3sarge9_i386.deb oldstable/main/binary-i386/smbclient_3.0.14a-3sarge9_i386.deb oldstable/main/binary-i386/swat_3.0.14a-3sarge9_i386.deb oldstable/main/binary-i386/smbfs_3.0.14a-3sarge9_i386.deb oldstable/main/binary-i386/libpam-smbpass_3.0.14a-3sarge9_i386.deb oldstable/main/binary-i386/libsmbclient_3.0.14a-3sarge9_i386.deb oldstable/main/binary-i386/libsmbclient-dev_3.0.14a-3sarge9_i386.deb oldstable/main/binary-i386/winbind_3.0.14a-3sarge9_i386.deb oldstable/main/binary-i386/python2.3-samba_3.0.14a-3sarge9_i386.deb oldstable/main/binary-i386/samba-dbg_3.0.14a-3sarge9_i386.deb samba (3.0.14a-3sarge9) oldstable-security; urgency=low * Fix for one final regression related to the fix for CVE-2007-4572, pulled from upstream. Thanks to Santiago Garcia Mantinan for catching this. oldstable/main/binary-ia64/samba_3.0.14a-3sarge9_ia64.deb oldstable/main/binary-ia64/samba-common_3.0.14a-3sarge9_ia64.deb oldstable/main/binary-ia64/smbclient_3.0.14a-3sarge9_ia64.deb oldstable/main/binary-ia64/swat_3.0.14a-3sarge9_ia64.deb oldstable/main/binary-ia64/smbfs_3.0.14a-3sarge9_ia64.deb oldstable/main/binary-ia64/libpam-smbpass_3.0.14a-3sarge9_ia64.deb oldstable/main/binary-ia64/libsmbclient_3.0.14a-3sarge9_ia64.deb oldstable/main/binary-ia64/libsmbclient-dev_3.0.14a-3sarge9_ia64.deb oldstable/main/binary-ia64/winbind_3.0.14a-3sarge9_ia64.deb oldstable/main/binary-ia64/python2.3-samba_3.0.14a-3sarge9_ia64.deb oldstable/main/binary-ia64/samba-dbg_3.0.14a-3sarge9_ia64.deb samba (3.0.14a-3sarge9) oldstable-security; urgency=low * Fix for one final regression related to the fix for CVE-2007-4572, pulled from upstream. Thanks to Santiago Garcia Mantinan for catching this. oldstable/main/binary-m68k/samba_3.0.14a-3sarge9_m68k.deb oldstable/main/binary-m68k/samba-common_3.0.14a-3sarge9_m68k.deb oldstable/main/binary-m68k/smbclient_3.0.14a-3sarge9_m68k.deb oldstable/main/binary-m68k/swat_3.0.14a-3sarge9_m68k.deb oldstable/main/binary-m68k/smbfs_3.0.14a-3sarge9_m68k.deb oldstable/main/binary-m68k/libpam-smbpass_3.0.14a-3sarge9_m68k.deb oldstable/main/binary-m68k/libsmbclient_3.0.14a-3sarge9_m68k.deb oldstable/main/binary-m68k/libsmbclient-dev_3.0.14a-3sarge9_m68k.deb oldstable/main/binary-m68k/winbind_3.0.14a-3sarge9_m68k.deb oldstable/main/binary-m68k/python2.3-samba_3.0.14a-3sarge9_m68k.deb oldstable/main/binary-m68k/samba-dbg_3.0.14a-3sarge9_m68k.deb samba (3.0.14a-3sarge9) oldstable-security; urgency=low * Fix for one final regression related to the fix for CVE-2007-4572, pulled from upstream. Thanks to Santiago Garcia Mantinan for catching this. oldstable/main/binary-mips/samba_3.0.14a-3sarge9_mips.deb oldstable/main/binary-mips/samba-common_3.0.14a-3sarge9_mips.deb oldstable/main/binary-mips/smbclient_3.0.14a-3sarge9_mips.deb oldstable/main/binary-mips/swat_3.0.14a-3sarge9_mips.deb oldstable/main/binary-mips/smbfs_3.0.14a-3sarge9_mips.deb oldstable/main/binary-mips/libpam-smbpass_3.0.14a-3sarge9_mips.deb oldstable/main/binary-mips/libsmbclient_3.0.14a-3sarge9_mips.deb oldstable/main/binary-mips/libsmbclient-dev_3.0.14a-3sarge9_mips.deb oldstable/main/binary-mips/winbind_3.0.14a-3sarge9_mips.deb oldstable/main/binary-mips/python2.3-samba_3.0.14a-3sarge9_mips.deb oldstable/main/binary-mips/samba-dbg_3.0.14a-3sarge9_mips.deb samba (3.0.14a-3sarge9) oldstable-security; urgency=low * Fix for one final regression related to the fix for CVE-2007-4572, pulled from upstream. Thanks to Santiago Garcia Mantinan for catching this. oldstable/main/binary-mipsel/samba_3.0.14a-3sarge9_mipsel.deb oldstable/main/binary-mipsel/samba-common_3.0.14a-3sarge9_mipsel.deb oldstable/main/binary-mipsel/smbclient_3.0.14a-3sarge9_mipsel.deb oldstable/main/binary-mipsel/swat_3.0.14a-3sarge9_mipsel.deb oldstable/main/binary-mipsel/smbfs_3.0.14a-3sarge9_mipsel.deb oldstable/main/binary-mipsel/libpam-smbpass_3.0.14a-3sarge9_mipsel.deb oldstable/main/binary-mipsel/libsmbclient_3.0.14a-3sarge9_mipsel.deb oldstable/main/binary-mipsel/libsmbclient-dev_3.0.14a-3sarge9_mipsel.deb oldstable/main/binary-mipsel/winbind_3.0.14a-3sarge9_mipsel.deb oldstable/main/binary-mipsel/python2.3-samba_3.0.14a-3sarge9_mipsel.deb oldstable/main/binary-mipsel/samba-dbg_3.0.14a-3sarge9_mipsel.deb samba (3.0.14a-3sarge9) oldstable-security; urgency=low * Fix for one final regression related to the fix for CVE-2007-4572, pulled from upstream. Thanks to Santiago Garcia Mantinan for catching this. oldstable/main/binary-powerpc/samba_3.0.14a-3sarge9_powerpc.deb oldstable/main/binary-powerpc/samba-common_3.0.14a-3sarge9_powerpc.deb oldstable/main/binary-powerpc/smbclient_3.0.14a-3sarge9_powerpc.deb oldstable/main/binary-powerpc/swat_3.0.14a-3sarge9_powerpc.deb oldstable/main/binary-powerpc/smbfs_3.0.14a-3sarge9_powerpc.deb oldstable/main/binary-powerpc/libpam-smbpass_3.0.14a-3sarge9_powerpc.deb oldstable/main/binary-powerpc/libsmbclient_3.0.14a-3sarge9_powerpc.deb oldstable/main/binary-powerpc/libsmbclient-dev_3.0.14a-3sarge9_powerpc.deb oldstable/main/binary-powerpc/winbind_3.0.14a-3sarge9_powerpc.deb oldstable/main/binary-powerpc/python2.3-samba_3.0.14a-3sarge9_powerpc.deb oldstable/main/binary-powerpc/samba-dbg_3.0.14a-3sarge9_powerpc.deb samba (3.0.14a-3sarge9) oldstable-security; urgency=low * Fix for one final regression related to the fix for CVE-2007-4572, pulled from upstream. Thanks to Santiago Garcia Mantinan for catching this. oldstable/main/binary-s390/samba_3.0.14a-3sarge9_s390.deb oldstable/main/binary-s390/samba-common_3.0.14a-3sarge9_s390.deb oldstable/main/binary-s390/smbclient_3.0.14a-3sarge9_s390.deb oldstable/main/binary-s390/swat_3.0.14a-3sarge9_s390.deb oldstable/main/binary-s390/smbfs_3.0.14a-3sarge9_s390.deb oldstable/main/binary-s390/libpam-smbpass_3.0.14a-3sarge9_s390.deb oldstable/main/binary-s390/libsmbclient_3.0.14a-3sarge9_s390.deb oldstable/main/binary-s390/libsmbclient-dev_3.0.14a-3sarge9_s390.deb oldstable/main/binary-s390/winbind_3.0.14a-3sarge9_s390.deb oldstable/main/binary-s390/python2.3-samba_3.0.14a-3sarge9_s390.deb oldstable/main/binary-s390/samba-dbg_3.0.14a-3sarge9_s390.deb samba (3.0.14a-3sarge9) oldstable-security; urgency=low * Fix for one final regression related to the fix for CVE-2007-4572, pulled from upstream. Thanks to Santiago Garcia Mantinan for catching this. oldstable/main/binary-sparc/scalapack1-mpich_1.7-7_sparc.deb oldstable/main/binary-sparc/scalapack-mpich-dev_1.7-7_sparc.deb oldstable/main/binary-sparc/scalapack-mpich-test_1.7-7_sparc.deb oldstable/main/binary-sparc/scalapack1-lam_1.7-7_sparc.deb oldstable/main/binary-sparc/scalapack-lam-dev_1.7-7_sparc.deb oldstable/main/binary-sparc/scalapack-lam-test_1.7-7_sparc.deb oldstable/main/binary-sparc/scalapack1-pvm_1.7-7_sparc.deb oldstable/main/binary-sparc/scalapack-pvm-dev_1.7-7_sparc.deb oldstable/main/binary-sparc/scalapack-pvm-test_1.7-7_sparc.deb scalapack (1.7-7) unstable; urgency=low * Adjust manual dependencies. Closes: #229831 oldstable/main/source/sitebar_3.2.6-7.1sarge1.dsc oldstable/main/source/sitebar_3.2.6-7.1sarge1.diff.gz oldstable/main/binary-all/sitebar_3.2.6-7.1sarge1_all.deb sitebar (3.2.6-7.1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix multiple cross-site scripting vulnerabilities in command.php and translator.php Fixes: CVE-2007-5692 * Fix possible redirect via the forward parameter Fixes: CVE-2007-5695 oldstable/main/binary-arm/skippy_0.5.1rc1-1_arm.deb skippy (0.5.1rc1-1) unstable; urgency=low * The "All Bugs Free Release". * New Upstream Release. . ported debian/patches/10_config_file_overflow_fix.patch to the new code. * Fixed the watch file. * Bug fix: "skippy's postinst should not echo", thanks to Michael Urman (Closes: #302091). . removed the skippy.postinst notification, ... let's hope the user will find the doc. * Bug fix: "~/.skippyrc not loaded", thanks to Nick Hastings (Closes: #302131). . my patch was broken, this bug in fact was a missplaced printf. oldstable/main/source/squirrelmail_1.4.4-11.dsc oldstable/main/source/squirrelmail_1.4.4-11.diff.gz oldstable/main/binary-all/squirrelmail_1.4.4-11_all.deb squirrelmail (2:1.4.4-11) oldstable-security; urgency=high * Security upload for stable. * Fixes cross site scripting in the HTML filter [CVE-2007-1262] oldstable/main/binary-alpha/libswt-gtk3_3.0-6_alpha.deb oldstable/main/binary-alpha/libswt-gtk3-jni_3.0-6_alpha.deb oldstable/main/binary-alpha/libswt-mozilla3-jni_3.0-6_alpha.deb swt-gtk (3.0-6) unstable; urgency=low * Use libgcj4-dev as long as gcj provides gcj-3.3 (closes: #276052). * Change section to libdevel. oldstable/main/binary-powerpc/libswt-gtk3_3.0-6_powerpc.deb oldstable/main/binary-powerpc/libswt-gtk3-jni_3.0-6_powerpc.deb oldstable/main/binary-powerpc/libswt-mozilla3-jni_3.0-6_powerpc.deb swt-gtk (3.0-6) unstable; urgency=low * Use libgcj4-dev as long as gcj provides gcj-3.3 (closes: #276052). * Change section to libdevel. oldstable/main/binary-alpha/libt1-5_5.0.2-3sarge1_alpha.deb oldstable/main/binary-alpha/libt1-dev_5.0.2-3sarge1_alpha.deb oldstable/main/binary-alpha/t1lib-bin_5.0.2-3sarge1_alpha.deb t1lib (5.0.2-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Artur R. Czechowski to fix CVE-2007-4033. (Closes: #439927) oldstable/main/binary-amd64/libt1-5_5.0.2-3sarge1_amd64.deb oldstable/main/binary-amd64/libt1-dev_5.0.2-3sarge1_amd64.deb oldstable/main/binary-amd64/t1lib-bin_5.0.2-3sarge1_amd64.deb t1lib (5.0.2-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Artur R. Czechowski to fix CVE-2007-4033. (Closes: #439927) oldstable/main/binary-arm/libt1-5_5.0.2-3sarge1_arm.deb oldstable/main/binary-arm/libt1-dev_5.0.2-3sarge1_arm.deb oldstable/main/binary-arm/t1lib-bin_5.0.2-3sarge1_arm.deb t1lib (5.0.2-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Artur R. Czechowski to fix CVE-2007-4033. (Closes: #439927) oldstable/main/binary-hppa/libt1-5_5.0.2-3sarge1_hppa.deb oldstable/main/binary-hppa/libt1-dev_5.0.2-3sarge1_hppa.deb oldstable/main/binary-hppa/t1lib-bin_5.0.2-3sarge1_hppa.deb t1lib (5.0.2-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Artur R. Czechowski to fix CVE-2007-4033. (Closes: #439927) oldstable/main/source/t1lib_5.0.2-3sarge1.dsc oldstable/main/source/t1lib_5.0.2.orig.tar.gz oldstable/main/source/t1lib_5.0.2-3sarge1.diff.gz oldstable/main/binary-all/libt1-doc_5.0.2-3sarge1_all.deb oldstable/main/binary-i386/libt1-5_5.0.2-3sarge1_i386.deb oldstable/main/binary-i386/libt1-dev_5.0.2-3sarge1_i386.deb oldstable/main/binary-i386/t1lib-bin_5.0.2-3sarge1_i386.deb t1lib (5.0.2-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Artur R. Czechowski to fix CVE-2007-4033. (Closes: #439927) oldstable/main/binary-ia64/libt1-5_5.0.2-3sarge1_ia64.deb oldstable/main/binary-ia64/libt1-dev_5.0.2-3sarge1_ia64.deb oldstable/main/binary-ia64/t1lib-bin_5.0.2-3sarge1_ia64.deb t1lib (5.0.2-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Artur R. Czechowski to fix CVE-2007-4033. (Closes: #439927) oldstable/main/binary-m68k/libt1-5_5.0.2-3sarge1_m68k.deb oldstable/main/binary-m68k/libt1-dev_5.0.2-3sarge1_m68k.deb oldstable/main/binary-m68k/t1lib-bin_5.0.2-3sarge1_m68k.deb t1lib (5.0.2-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Artur R. Czechowski to fix CVE-2007-4033. (Closes: #439927) oldstable/main/binary-mips/libt1-5_5.0.2-3sarge1_mips.deb oldstable/main/binary-mips/libt1-dev_5.0.2-3sarge1_mips.deb oldstable/main/binary-mips/t1lib-bin_5.0.2-3sarge1_mips.deb t1lib (5.0.2-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Artur R. Czechowski to fix CVE-2007-4033. (Closes: #439927) oldstable/main/binary-mipsel/libt1-5_5.0.2-3sarge1_mipsel.deb oldstable/main/binary-mipsel/libt1-dev_5.0.2-3sarge1_mipsel.deb oldstable/main/binary-mipsel/t1lib-bin_5.0.2-3sarge1_mipsel.deb t1lib (5.0.2-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Artur R. Czechowski to fix CVE-2007-4033. (Closes: #439927) oldstable/main/binary-powerpc/libt1-5_5.0.2-3sarge1_powerpc.deb oldstable/main/binary-powerpc/libt1-dev_5.0.2-3sarge1_powerpc.deb oldstable/main/binary-powerpc/t1lib-bin_5.0.2-3sarge1_powerpc.deb t1lib (5.0.2-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Artur R. Czechowski to fix CVE-2007-4033. (Closes: #439927) oldstable/main/binary-s390/libt1-5_5.0.2-3sarge1_s390.deb oldstable/main/binary-s390/libt1-dev_5.0.2-3sarge1_s390.deb oldstable/main/binary-s390/t1lib-bin_5.0.2-3sarge1_s390.deb t1lib (5.0.2-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Artur R. Czechowski to fix CVE-2007-4033. (Closes: #439927) oldstable/main/binary-sparc/libt1-5_5.0.2-3sarge1_sparc.deb oldstable/main/binary-sparc/libt1-dev_5.0.2-3sarge1_sparc.deb oldstable/main/binary-sparc/t1lib-bin_5.0.2-3sarge1_sparc.deb t1lib (5.0.2-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Artur R. Czechowski to fix CVE-2007-4033. (Closes: #439927) oldstable/main/binary-alpha/tcpdump_3.8.3-5sarge3_alpha.deb tcpdump (3.8.3-5sarge3) oldstable-security; urgency=high * Fix buffer overflow in BGP dissector (CVE-2007-3798). oldstable/main/binary-arm/tcpdump_3.8.3-5sarge3_arm.deb tcpdump (3.8.3-5sarge3) oldstable-security; urgency=high * Fix buffer overflow in BGP dissector (CVE-2007-3798). oldstable/main/binary-hppa/tcpdump_3.8.3-5sarge3_hppa.deb tcpdump (3.8.3-5sarge3) oldstable-security; urgency=high * Fix buffer overflow in BGP dissector (CVE-2007-3798). oldstable/main/source/tcpdump_3.8.3-5sarge3.dsc oldstable/main/source/tcpdump_3.8.3-5sarge3.diff.gz oldstable/main/binary-i386/tcpdump_3.8.3-5sarge3_i386.deb tcpdump (3.8.3-5sarge3) oldstable-security; urgency=high * Fix buffer overflow in BGP dissector (CVE-2007-3798). oldstable/main/binary-ia64/tcpdump_3.8.3-5sarge3_ia64.deb tcpdump (3.8.3-5sarge3) oldstable-security; urgency=high * Fix buffer overflow in BGP dissector (CVE-2007-3798). oldstable/main/binary-m68k/tcpdump_3.8.3-5sarge3_m68k.deb tcpdump (3.8.3-5sarge3) oldstable-security; urgency=high * Fix buffer overflow in BGP dissector (CVE-2007-3798). oldstable/main/binary-mips/tcpdump_3.8.3-5sarge3_mips.deb tcpdump (3.8.3-5sarge3) oldstable-security; urgency=high * Fix buffer overflow in BGP dissector (CVE-2007-3798). oldstable/main/binary-mipsel/tcpdump_3.8.3-5sarge3_mipsel.deb tcpdump (3.8.3-5sarge3) oldstable-security; urgency=high * Fix buffer overflow in BGP dissector (CVE-2007-3798). oldstable/main/binary-powerpc/tcpdump_3.8.3-5sarge3_powerpc.deb tcpdump (3.8.3-5sarge3) oldstable-security; urgency=high * Fix buffer overflow in BGP dissector (CVE-2007-3798). oldstable/main/binary-s390/tcpdump_3.8.3-5sarge3_s390.deb tcpdump (3.8.3-5sarge3) oldstable-security; urgency=high * Fix buffer overflow in BGP dissector (CVE-2007-3798). oldstable/main/binary-sparc/tcpdump_3.8.3-5sarge3_sparc.deb tcpdump (3.8.3-5sarge3) oldstable-security; urgency=high * Fix buffer overflow in BGP dissector (CVE-2007-3798). oldstable/main/binary-alpha/tetex-bin_2.0.2-30sarge5_alpha.deb oldstable/main/binary-alpha/libkpathsea3_2.0.2-30sarge5_alpha.deb oldstable/main/binary-alpha/libkpathsea-dev_2.0.2-30sarge5_alpha.deb tetex-bin (2.0.2-30sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-arm/tetex-bin_2.0.2-30sarge5_arm.deb oldstable/main/binary-arm/libkpathsea3_2.0.2-30sarge5_arm.deb oldstable/main/binary-arm/libkpathsea-dev_2.0.2-30sarge5_arm.deb tetex-bin (2.0.2-30sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-hppa/tetex-bin_2.0.2-30sarge5_hppa.deb oldstable/main/binary-hppa/libkpathsea3_2.0.2-30sarge5_hppa.deb oldstable/main/binary-hppa/libkpathsea-dev_2.0.2-30sarge5_hppa.deb tetex-bin (2.0.2-30sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/source/tetex-bin_2.0.2-30sarge5.dsc oldstable/main/source/tetex-bin_2.0.2-30sarge5.diff.gz oldstable/main/binary-i386/tetex-bin_2.0.2-30sarge5_i386.deb oldstable/main/binary-i386/libkpathsea3_2.0.2-30sarge5_i386.deb oldstable/main/binary-i386/libkpathsea-dev_2.0.2-30sarge5_i386.deb tetex-bin (2.0.2-30sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-ia64/tetex-bin_2.0.2-30sarge5_ia64.deb oldstable/main/binary-ia64/libkpathsea3_2.0.2-30sarge5_ia64.deb oldstable/main/binary-ia64/libkpathsea-dev_2.0.2-30sarge5_ia64.deb tetex-bin (2.0.2-30sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-m68k/tetex-bin_2.0.2-30sarge5_m68k.deb oldstable/main/binary-m68k/libkpathsea3_2.0.2-30sarge5_m68k.deb oldstable/main/binary-m68k/libkpathsea-dev_2.0.2-30sarge5_m68k.deb tetex-bin (2.0.2-30sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-mips/tetex-bin_2.0.2-30sarge5_mips.deb oldstable/main/binary-mips/libkpathsea3_2.0.2-30sarge5_mips.deb oldstable/main/binary-mips/libkpathsea-dev_2.0.2-30sarge5_mips.deb tetex-bin (2.0.2-30sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-mipsel/tetex-bin_2.0.2-30sarge5_mipsel.deb oldstable/main/binary-mipsel/libkpathsea3_2.0.2-30sarge5_mipsel.deb oldstable/main/binary-mipsel/libkpathsea-dev_2.0.2-30sarge5_mipsel.deb tetex-bin (2.0.2-30sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-powerpc/tetex-bin_2.0.2-30sarge5_powerpc.deb oldstable/main/binary-powerpc/libkpathsea3_2.0.2-30sarge5_powerpc.deb oldstable/main/binary-powerpc/libkpathsea-dev_2.0.2-30sarge5_powerpc.deb tetex-bin (2.0.2-30sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-s390/tetex-bin_2.0.2-30sarge5_s390.deb oldstable/main/binary-s390/libkpathsea3_2.0.2-30sarge5_s390.deb oldstable/main/binary-s390/libkpathsea-dev_2.0.2-30sarge5_s390.deb tetex-bin (2.0.2-30sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-sparc/tetex-bin_2.0.2-30sarge5_sparc.deb oldstable/main/binary-sparc/libkpathsea3_2.0.2-30sarge5_sparc.deb oldstable/main/binary-sparc/libkpathsea-dev_2.0.2-30sarge5_sparc.deb tetex-bin (2.0.2-30sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor. (CVE-2007-3387) oldstable/main/binary-alpha/tk8.4_8.4.9-1sarge1_alpha.deb oldstable/main/binary-alpha/tk8.4-dev_8.4.9-1sarge1_alpha.deb tk8.4 (8.4.9-1sarge1) oldstable-security; urgency=high * Applied patches by Nico Golde which correctly fix security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF not introducing CVE-2007-5378. oldstable/main/binary-amd64/tk8.4_8.4.9-1sarge1_amd64.deb oldstable/main/binary-amd64/tk8.4-dev_8.4.9-1sarge1_amd64.deb tk8.4 (8.4.9-1sarge1) oldstable-security; urgency=high * Applied patches by Nico Golde which correctly fix security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF not introducing CVE-2007-5378. oldstable/main/binary-arm/tk8.4_8.4.9-1sarge1_arm.deb oldstable/main/binary-arm/tk8.4-dev_8.4.9-1sarge1_arm.deb tk8.4 (8.4.9-1sarge1) oldstable-security; urgency=high * Applied patches by Nico Golde which correctly fix security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF not introducing CVE-2007-5378. oldstable/main/binary-hppa/tk8.4_8.4.9-1sarge1_hppa.deb oldstable/main/binary-hppa/tk8.4-dev_8.4.9-1sarge1_hppa.deb tk8.4 (8.4.9-1sarge1) oldstable-security; urgency=high * Applied patches by Nico Golde which correctly fix security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF not introducing CVE-2007-5378. oldstable/main/source/tk8.4_8.4.9-1sarge1.dsc oldstable/main/source/tk8.4_8.4.9.orig.tar.gz oldstable/main/source/tk8.4_8.4.9-1sarge1.diff.gz oldstable/main/binary-all/tk8.4-doc_8.4.9-1sarge1_all.deb oldstable/main/binary-i386/tk8.4_8.4.9-1sarge1_i386.deb oldstable/main/binary-i386/tk8.4-dev_8.4.9-1sarge1_i386.deb tk8.4 (8.4.9-1sarge1) oldstable-security; urgency=high * Applied patches by Nico Golde which correctly fix security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF not introducing CVE-2007-5378. oldstable/main/binary-ia64/tk8.4_8.4.9-1sarge1_ia64.deb oldstable/main/binary-ia64/tk8.4-dev_8.4.9-1sarge1_ia64.deb tk8.4 (8.4.9-1sarge1) oldstable-security; urgency=high * Applied patches by Nico Golde which correctly fix security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF not introducing CVE-2007-5378. oldstable/main/binary-m68k/tk8.4_8.4.9-1sarge1_m68k.deb oldstable/main/binary-m68k/tk8.4-dev_8.4.9-1sarge1_m68k.deb tk8.4 (8.4.9-1sarge1) oldstable-security; urgency=high * Applied patches by Nico Golde which correctly fix security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF not introducing CVE-2007-5378. oldstable/main/binary-mips/tk8.4_8.4.9-1sarge1_mips.deb oldstable/main/binary-mips/tk8.4-dev_8.4.9-1sarge1_mips.deb tk8.4 (8.4.9-1sarge1) oldstable-security; urgency=high * Applied patches by Nico Golde which correctly fix security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF not introducing CVE-2007-5378. oldstable/main/binary-mipsel/tk8.4_8.4.9-1sarge1_mipsel.deb oldstable/main/binary-mipsel/tk8.4-dev_8.4.9-1sarge1_mipsel.deb tk8.4 (8.4.9-1sarge1) oldstable-security; urgency=high * Applied patches by Nico Golde which correctly fix security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF not introducing CVE-2007-5378. oldstable/main/binary-powerpc/tk8.4_8.4.9-1sarge1_powerpc.deb oldstable/main/binary-powerpc/tk8.4-dev_8.4.9-1sarge1_powerpc.deb tk8.4 (8.4.9-1sarge1) oldstable-security; urgency=high * Applied patches by Nico Golde which correctly fix security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF not introducing CVE-2007-5378. oldstable/main/binary-s390/tk8.4_8.4.9-1sarge1_s390.deb oldstable/main/binary-s390/tk8.4-dev_8.4.9-1sarge1_s390.deb tk8.4 (8.4.9-1sarge1) oldstable-security; urgency=high * Applied patches by Nico Golde which correctly fix security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF not introducing CVE-2007-5378. oldstable/main/binary-sparc/tk8.4_8.4.9-1sarge1_sparc.deb oldstable/main/binary-sparc/tk8.4-dev_8.4.9-1sarge1_sparc.deb tk8.4 (8.4.9-1sarge1) oldstable-security; urgency=high * Applied patches by Nico Golde which correctly fix security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF not introducing CVE-2007-5378. oldstable/main/binary-alpha/vgrabbj_0.9.3-1_alpha.deb vgrabbj (0.9.3-1) unstable; urgency=low * New upstream release - boolean command line option fix (Closes: #157236) * Use libpng3 instead of libpng2 oldstable/main/binary-arm/vgrabbj_0.9.3-1_arm.deb vgrabbj (0.9.3-1) unstable; urgency=low * New upstream release - boolean command line option fix (Closes: #157236) * Use libpng3 instead of libpng2 oldstable/main/binary-hppa/vgrabbj_0.9.3-1_hppa.deb vgrabbj (0.9.3-1) unstable; urgency=low * New upstream release - boolean command line option fix (Closes: #157236) * Use libpng3 instead of libpng2 oldstable/main/binary-ia64/vgrabbj_0.9.3-1_ia64.deb vgrabbj (0.9.3-1) unstable; urgency=low * New upstream release - boolean command line option fix (Closes: #157236) * Use libpng3 instead of libpng2 oldstable/main/binary-m68k/vgrabbj_0.9.3-1_m68k.deb vgrabbj (0.9.3-1) unstable; urgency=low * New upstream release - boolean command line option fix (Closes: #157236) * Use libpng3 instead of libpng2 oldstable/main/binary-mipsel/vgrabbj_0.9.3-1_mipsel.deb vgrabbj (0.9.3-1) unstable; urgency=low * New upstream release - boolean command line option fix (Closes: #157236) * Use libpng3 instead of libpng2 oldstable/main/binary-powerpc/vgrabbj_0.9.3-1_powerpc.deb vgrabbj (0.9.3-1) unstable; urgency=low * New upstream release - boolean command line option fix (Closes: #157236) * Use libpng3 instead of libpng2 oldstable/main/binary-s390/vgrabbj_0.9.3-1_s390.deb vgrabbj (0.9.3-1) unstable; urgency=low * New upstream release - boolean command line option fix (Closes: #157236) * Use libpng3 instead of libpng2 oldstable/main/binary-sparc/vgrabbj_0.9.3-1_sparc.deb vgrabbj (0.9.3-1) unstable; urgency=low * New upstream release - boolean command line option fix (Closes: #157236) * Use libpng3 instead of libpng2 oldstable/main/binary-alpha/vim_6.3-071+1sarge2_alpha.deb oldstable/main/binary-alpha/vim-perl_6.3-071+1sarge2_alpha.deb oldstable/main/binary-alpha/vim-python_6.3-071+1sarge2_alpha.deb oldstable/main/binary-alpha/vim-ruby_6.3-071+1sarge2_alpha.deb oldstable/main/binary-alpha/vim-tcl_6.3-071+1sarge2_alpha.deb oldstable/main/binary-alpha/vim-gtk_6.3-071+1sarge2_alpha.deb oldstable/main/binary-alpha/vim-lesstif_6.3-071+1sarge2_alpha.deb oldstable/main/binary-alpha/vim-gnome_6.3-071+1sarge2_alpha.deb oldstable/main/binary-alpha/vim-full_6.3-071+1sarge2_alpha.deb vim (1:6.3-071+1sarge2) oldstable-security; urgency=high * Fix format string vulnerability in helptags handling (CVE-2007-2953). oldstable/main/binary-amd64/vim_6.3-071+1sarge2_amd64.deb oldstable/main/binary-amd64/vim-perl_6.3-071+1sarge2_amd64.deb oldstable/main/binary-amd64/vim-python_6.3-071+1sarge2_amd64.deb oldstable/main/binary-amd64/vim-ruby_6.3-071+1sarge2_amd64.deb oldstable/main/binary-amd64/vim-tcl_6.3-071+1sarge2_amd64.deb oldstable/main/binary-amd64/vim-gtk_6.3-071+1sarge2_amd64.deb oldstable/main/binary-amd64/vim-lesstif_6.3-071+1sarge2_amd64.deb oldstable/main/binary-amd64/vim-gnome_6.3-071+1sarge2_amd64.deb oldstable/main/binary-amd64/vim-full_6.3-071+1sarge2_amd64.deb vim (1:6.3-071+1sarge2) oldstable-security; urgency=high * Fix format string vulnerability in helptags handling (CVE-2007-2953). oldstable/main/binary-arm/vim_6.3-071+1sarge2_arm.deb oldstable/main/binary-arm/vim-perl_6.3-071+1sarge2_arm.deb oldstable/main/binary-arm/vim-python_6.3-071+1sarge2_arm.deb oldstable/main/binary-arm/vim-ruby_6.3-071+1sarge2_arm.deb oldstable/main/binary-arm/vim-tcl_6.3-071+1sarge2_arm.deb oldstable/main/binary-arm/vim-gtk_6.3-071+1sarge2_arm.deb oldstable/main/binary-arm/vim-lesstif_6.3-071+1sarge2_arm.deb oldstable/main/binary-arm/vim-gnome_6.3-071+1sarge2_arm.deb oldstable/main/binary-arm/vim-full_6.3-071+1sarge2_arm.deb vim (1:6.3-071+1sarge2) oldstable-security; urgency=high * Fix format string vulnerability in helptags handling (CVE-2007-2953). oldstable/main/binary-alpha/vim_6.3-071+1sarge2+b1_alpha.deb oldstable/main/binary-alpha/vim-perl_6.3-071+1sarge2+b1_alpha.deb oldstable/main/binary-alpha/vim-python_6.3-071+1sarge2+b1_alpha.deb oldstable/main/binary-alpha/vim-ruby_6.3-071+1sarge2+b1_alpha.deb oldstable/main/binary-alpha/vim-tcl_6.3-071+1sarge2+b1_alpha.deb oldstable/main/binary-alpha/vim-gtk_6.3-071+1sarge2+b1_alpha.deb oldstable/main/binary-alpha/vim-lesstif_6.3-071+1sarge2+b1_alpha.deb oldstable/main/binary-alpha/vim-gnome_6.3-071+1sarge2+b1_alpha.deb oldstable/main/binary-alpha/vim-full_6.3-071+1sarge2+b1_alpha.deb vim (1:6.3-071+1sarge2+b1) oldstable-security; urgency=high * Binary-only non-maintainer upload for alpha; no source changes. * Rebuild to get CURDIR working. oldstable/main/binary-mips/vim_6.3-071+1sarge2+b1_mips.deb oldstable/main/binary-mips/vim-perl_6.3-071+1sarge2+b1_mips.deb oldstable/main/binary-mips/vim-python_6.3-071+1sarge2+b1_mips.deb oldstable/main/binary-mips/vim-ruby_6.3-071+1sarge2+b1_mips.deb oldstable/main/binary-mips/vim-tcl_6.3-071+1sarge2+b1_mips.deb oldstable/main/binary-mips/vim-gtk_6.3-071+1sarge2+b1_mips.deb oldstable/main/binary-mips/vim-lesstif_6.3-071+1sarge2+b1_mips.deb oldstable/main/binary-mips/vim-gnome_6.3-071+1sarge2+b1_mips.deb oldstable/main/binary-mips/vim-full_6.3-071+1sarge2+b1_mips.deb vim (1:6.3-071+1sarge2+b1) oldstable-security; urgency=high * Binary-only non-maintainer upload for mips; no source changes. * Rebuild to get CURDIR working. oldstable/main/binary-mipsel/vim_6.3-071+1sarge2+b1_mipsel.deb oldstable/main/binary-mipsel/vim-perl_6.3-071+1sarge2+b1_mipsel.deb oldstable/main/binary-mipsel/vim-python_6.3-071+1sarge2+b1_mipsel.deb oldstable/main/binary-mipsel/vim-ruby_6.3-071+1sarge2+b1_mipsel.deb oldstable/main/binary-mipsel/vim-tcl_6.3-071+1sarge2+b1_mipsel.deb oldstable/main/binary-mipsel/vim-gtk_6.3-071+1sarge2+b1_mipsel.deb oldstable/main/binary-mipsel/vim-lesstif_6.3-071+1sarge2+b1_mipsel.deb oldstable/main/binary-mipsel/vim-gnome_6.3-071+1sarge2+b1_mipsel.deb oldstable/main/binary-mipsel/vim-full_6.3-071+1sarge2+b1_mipsel.deb vim (1:6.3-071+1sarge2+b1) oldstable-security; urgency=high * Binary-only non-maintainer upload for mipsel; no source changes. * Rebuild to get CURDIR working. oldstable/main/binary-hppa/vim_6.3-071+1sarge2_hppa.deb oldstable/main/binary-hppa/vim-perl_6.3-071+1sarge2_hppa.deb oldstable/main/binary-hppa/vim-python_6.3-071+1sarge2_hppa.deb oldstable/main/binary-hppa/vim-ruby_6.3-071+1sarge2_hppa.deb oldstable/main/binary-hppa/vim-tcl_6.3-071+1sarge2_hppa.deb oldstable/main/binary-hppa/vim-gtk_6.3-071+1sarge2_hppa.deb oldstable/main/binary-hppa/vim-lesstif_6.3-071+1sarge2_hppa.deb oldstable/main/binary-hppa/vim-gnome_6.3-071+1sarge2_hppa.deb oldstable/main/binary-hppa/vim-full_6.3-071+1sarge2_hppa.deb vim (1:6.3-071+1sarge2) oldstable-security; urgency=high * Fix format string vulnerability in helptags handling (CVE-2007-2953). oldstable/main/source/vim_6.3-071+1sarge2.dsc oldstable/main/source/vim_6.3.orig.tar.gz oldstable/main/source/vim_6.3-071+1sarge2.diff.gz oldstable/main/binary-all/vim-doc_6.3-071+1sarge2_all.deb oldstable/main/binary-all/vim-common_6.3-071+1sarge2_all.deb oldstable/main/binary-i386/vim_6.3-071+1sarge2_i386.deb oldstable/main/binary-i386/vim-perl_6.3-071+1sarge2_i386.deb oldstable/main/binary-i386/vim-python_6.3-071+1sarge2_i386.deb oldstable/main/binary-i386/vim-ruby_6.3-071+1sarge2_i386.deb oldstable/main/binary-i386/vim-tcl_6.3-071+1sarge2_i386.deb oldstable/main/binary-i386/vim-gtk_6.3-071+1sarge2_i386.deb oldstable/main/binary-i386/vim-lesstif_6.3-071+1sarge2_i386.deb oldstable/main/binary-i386/vim-gnome_6.3-071+1sarge2_i386.deb oldstable/main/binary-i386/vim-full_6.3-071+1sarge2_i386.deb vim (1:6.3-071+1sarge2) oldstable-security; urgency=high * Fix format string vulnerability in helptags handling (CVE-2007-2953). oldstable/main/binary-ia64/vim_6.3-071+1sarge2_ia64.deb oldstable/main/binary-ia64/vim-perl_6.3-071+1sarge2_ia64.deb oldstable/main/binary-ia64/vim-python_6.3-071+1sarge2_ia64.deb oldstable/main/binary-ia64/vim-ruby_6.3-071+1sarge2_ia64.deb oldstable/main/binary-ia64/vim-tcl_6.3-071+1sarge2_ia64.deb oldstable/main/binary-ia64/vim-gtk_6.3-071+1sarge2_ia64.deb oldstable/main/binary-ia64/vim-lesstif_6.3-071+1sarge2_ia64.deb oldstable/main/binary-ia64/vim-gnome_6.3-071+1sarge2_ia64.deb oldstable/main/binary-ia64/vim-full_6.3-071+1sarge2_ia64.deb vim (1:6.3-071+1sarge2) oldstable-security; urgency=high * Fix format string vulnerability in helptags handling (CVE-2007-2953). oldstable/main/binary-m68k/vim_6.3-071+1sarge2_m68k.deb oldstable/main/binary-m68k/vim-perl_6.3-071+1sarge2_m68k.deb oldstable/main/binary-m68k/vim-python_6.3-071+1sarge2_m68k.deb oldstable/main/binary-m68k/vim-ruby_6.3-071+1sarge2_m68k.deb oldstable/main/binary-m68k/vim-tcl_6.3-071+1sarge2_m68k.deb oldstable/main/binary-m68k/vim-gtk_6.3-071+1sarge2_m68k.deb oldstable/main/binary-m68k/vim-lesstif_6.3-071+1sarge2_m68k.deb oldstable/main/binary-m68k/vim-gnome_6.3-071+1sarge2_m68k.deb oldstable/main/binary-m68k/vim-full_6.3-071+1sarge2_m68k.deb vim (1:6.3-071+1sarge2) oldstable-security; urgency=high * Fix format string vulnerability in helptags handling (CVE-2007-2953). oldstable/main/binary-mips/vim_6.3-071+1sarge2_mips.deb oldstable/main/binary-mips/vim-perl_6.3-071+1sarge2_mips.deb oldstable/main/binary-mips/vim-python_6.3-071+1sarge2_mips.deb oldstable/main/binary-mips/vim-ruby_6.3-071+1sarge2_mips.deb oldstable/main/binary-mips/vim-tcl_6.3-071+1sarge2_mips.deb oldstable/main/binary-mips/vim-gtk_6.3-071+1sarge2_mips.deb oldstable/main/binary-mips/vim-lesstif_6.3-071+1sarge2_mips.deb oldstable/main/binary-mips/vim-gnome_6.3-071+1sarge2_mips.deb oldstable/main/binary-mips/vim-full_6.3-071+1sarge2_mips.deb vim (1:6.3-071+1sarge2) oldstable-security; urgency=high * Fix format string vulnerability in helptags handling (CVE-2007-2953). oldstable/main/binary-mipsel/vim_6.3-071+1sarge2_mipsel.deb oldstable/main/binary-mipsel/vim-perl_6.3-071+1sarge2_mipsel.deb oldstable/main/binary-mipsel/vim-python_6.3-071+1sarge2_mipsel.deb oldstable/main/binary-mipsel/vim-ruby_6.3-071+1sarge2_mipsel.deb oldstable/main/binary-mipsel/vim-tcl_6.3-071+1sarge2_mipsel.deb oldstable/main/binary-mipsel/vim-gtk_6.3-071+1sarge2_mipsel.deb oldstable/main/binary-mipsel/vim-lesstif_6.3-071+1sarge2_mipsel.deb oldstable/main/binary-mipsel/vim-gnome_6.3-071+1sarge2_mipsel.deb oldstable/main/binary-mipsel/vim-full_6.3-071+1sarge2_mipsel.deb vim (1:6.3-071+1sarge2) oldstable-security; urgency=high * Fix format string vulnerability in helptags handling (CVE-2007-2953). oldstable/main/binary-powerpc/vim_6.3-071+1sarge2_powerpc.deb oldstable/main/binary-powerpc/vim-perl_6.3-071+1sarge2_powerpc.deb oldstable/main/binary-powerpc/vim-python_6.3-071+1sarge2_powerpc.deb oldstable/main/binary-powerpc/vim-ruby_6.3-071+1sarge2_powerpc.deb oldstable/main/binary-powerpc/vim-tcl_6.3-071+1sarge2_powerpc.deb oldstable/main/binary-powerpc/vim-gtk_6.3-071+1sarge2_powerpc.deb oldstable/main/binary-powerpc/vim-lesstif_6.3-071+1sarge2_powerpc.deb oldstable/main/binary-powerpc/vim-gnome_6.3-071+1sarge2_powerpc.deb oldstable/main/binary-powerpc/vim-full_6.3-071+1sarge2_powerpc.deb vim (1:6.3-071+1sarge2) oldstable-security; urgency=high * Fix format string vulnerability in helptags handling (CVE-2007-2953). oldstable/main/binary-s390/vim_6.3-071+1sarge2_s390.deb oldstable/main/binary-s390/vim-perl_6.3-071+1sarge2_s390.deb oldstable/main/binary-s390/vim-python_6.3-071+1sarge2_s390.deb oldstable/main/binary-s390/vim-ruby_6.3-071+1sarge2_s390.deb oldstable/main/binary-s390/vim-tcl_6.3-071+1sarge2_s390.deb oldstable/main/binary-s390/vim-gtk_6.3-071+1sarge2_s390.deb oldstable/main/binary-s390/vim-lesstif_6.3-071+1sarge2_s390.deb oldstable/main/binary-s390/vim-gnome_6.3-071+1sarge2_s390.deb oldstable/main/binary-s390/vim-full_6.3-071+1sarge2_s390.deb vim (1:6.3-071+1sarge2) oldstable-security; urgency=high * Fix format string vulnerability in helptags handling (CVE-2007-2953). oldstable/main/binary-sparc/vim_6.3-071+1sarge2_sparc.deb oldstable/main/binary-sparc/vim-perl_6.3-071+1sarge2_sparc.deb oldstable/main/binary-sparc/vim-python_6.3-071+1sarge2_sparc.deb oldstable/main/binary-sparc/vim-ruby_6.3-071+1sarge2_sparc.deb oldstable/main/binary-sparc/vim-tcl_6.3-071+1sarge2_sparc.deb oldstable/main/binary-sparc/vim-gtk_6.3-071+1sarge2_sparc.deb oldstable/main/binary-sparc/vim-lesstif_6.3-071+1sarge2_sparc.deb oldstable/main/binary-sparc/vim-gnome_6.3-071+1sarge2_sparc.deb oldstable/main/binary-sparc/vim-full_6.3-071+1sarge2_sparc.deb vim (1:6.3-071+1sarge2) oldstable-security; urgency=high * Fix format string vulnerability in helptags handling (CVE-2007-2953). oldstable/main/binary-alpha/vim_6.3-071+1sarge3_alpha.deb oldstable/main/binary-alpha/vim-perl_6.3-071+1sarge3_alpha.deb oldstable/main/binary-alpha/vim-python_6.3-071+1sarge3_alpha.deb oldstable/main/binary-alpha/vim-ruby_6.3-071+1sarge3_alpha.deb oldstable/main/binary-alpha/vim-tcl_6.3-071+1sarge3_alpha.deb oldstable/main/binary-alpha/vim-gtk_6.3-071+1sarge3_alpha.deb oldstable/main/binary-alpha/vim-lesstif_6.3-071+1sarge3_alpha.deb oldstable/main/binary-alpha/vim-gnome_6.3-071+1sarge3_alpha.deb oldstable/main/binary-alpha/vim-full_6.3-071+1sarge3_alpha.deb vim (1:6.3-071+1sarge3) oldstable-proposed-updates; urgency=low * debian/control: - vim now Depends on vim-common >= ${Source-Version} so it's binNMU safe. * debian/rules: - Change use of $(PWD) to $(CURDIR) so the package can be built properly with sudo. oldstable/main/binary-arm/vim_6.3-071+1sarge3_arm.deb oldstable/main/binary-arm/vim-perl_6.3-071+1sarge3_arm.deb oldstable/main/binary-arm/vim-python_6.3-071+1sarge3_arm.deb oldstable/main/binary-arm/vim-ruby_6.3-071+1sarge3_arm.deb oldstable/main/binary-arm/vim-tcl_6.3-071+1sarge3_arm.deb oldstable/main/binary-arm/vim-gtk_6.3-071+1sarge3_arm.deb oldstable/main/binary-arm/vim-lesstif_6.3-071+1sarge3_arm.deb oldstable/main/binary-arm/vim-gnome_6.3-071+1sarge3_arm.deb oldstable/main/binary-arm/vim-full_6.3-071+1sarge3_arm.deb vim (1:6.3-071+1sarge3) oldstable-proposed-updates; urgency=low * debian/control: - vim now Depends on vim-common >= ${Source-Version} so it's binNMU safe. * debian/rules: - Change use of $(PWD) to $(CURDIR) so the package can be built properly with sudo. oldstable/main/binary-hppa/vim_6.3-071+1sarge3_hppa.deb oldstable/main/binary-hppa/vim-perl_6.3-071+1sarge3_hppa.deb oldstable/main/binary-hppa/vim-python_6.3-071+1sarge3_hppa.deb oldstable/main/binary-hppa/vim-ruby_6.3-071+1sarge3_hppa.deb oldstable/main/binary-hppa/vim-tcl_6.3-071+1sarge3_hppa.deb oldstable/main/binary-hppa/vim-gtk_6.3-071+1sarge3_hppa.deb oldstable/main/binary-hppa/vim-lesstif_6.3-071+1sarge3_hppa.deb oldstable/main/binary-hppa/vim-gnome_6.3-071+1sarge3_hppa.deb oldstable/main/binary-hppa/vim-full_6.3-071+1sarge3_hppa.deb vim (1:6.3-071+1sarge3) oldstable-proposed-updates; urgency=low * debian/control: - vim now Depends on vim-common >= ${Source-Version} so it's binNMU safe. * debian/rules: - Change use of $(PWD) to $(CURDIR) so the package can be built properly with sudo. oldstable/main/source/vim_6.3-071+1sarge3.dsc oldstable/main/source/vim_6.3-071+1sarge3.diff.gz oldstable/main/binary-all/vim-doc_6.3-071+1sarge3_all.deb oldstable/main/binary-all/vim-common_6.3-071+1sarge3_all.deb oldstable/main/binary-i386/vim_6.3-071+1sarge3_i386.deb oldstable/main/binary-i386/vim-perl_6.3-071+1sarge3_i386.deb oldstable/main/binary-i386/vim-python_6.3-071+1sarge3_i386.deb oldstable/main/binary-i386/vim-ruby_6.3-071+1sarge3_i386.deb oldstable/main/binary-i386/vim-tcl_6.3-071+1sarge3_i386.deb oldstable/main/binary-i386/vim-gtk_6.3-071+1sarge3_i386.deb oldstable/main/binary-i386/vim-lesstif_6.3-071+1sarge3_i386.deb oldstable/main/binary-i386/vim-gnome_6.3-071+1sarge3_i386.deb oldstable/main/binary-i386/vim-full_6.3-071+1sarge3_i386.deb vim (1:6.3-071+1sarge3) oldstable-proposed-updates; urgency=low * debian/control: - vim now Depends on vim-common >= ${Source-Version} so it's binNMU safe. * debian/rules: - Change use of $(PWD) to $(CURDIR) so the package can be built properly with sudo. oldstable/main/binary-ia64/vim_6.3-071+1sarge3_ia64.deb oldstable/main/binary-ia64/vim-perl_6.3-071+1sarge3_ia64.deb oldstable/main/binary-ia64/vim-python_6.3-071+1sarge3_ia64.deb oldstable/main/binary-ia64/vim-ruby_6.3-071+1sarge3_ia64.deb oldstable/main/binary-ia64/vim-tcl_6.3-071+1sarge3_ia64.deb oldstable/main/binary-ia64/vim-gtk_6.3-071+1sarge3_ia64.deb oldstable/main/binary-ia64/vim-lesstif_6.3-071+1sarge3_ia64.deb oldstable/main/binary-ia64/vim-gnome_6.3-071+1sarge3_ia64.deb oldstable/main/binary-ia64/vim-full_6.3-071+1sarge3_ia64.deb vim (1:6.3-071+1sarge3) oldstable-proposed-updates; urgency=low * debian/control: - vim now Depends on vim-common >= ${Source-Version} so it's binNMU safe. * debian/rules: - Change use of $(PWD) to $(CURDIR) so the package can be built properly with sudo. oldstable/main/binary-m68k/vim_6.3-071+1sarge3_m68k.deb oldstable/main/binary-m68k/vim-perl_6.3-071+1sarge3_m68k.deb oldstable/main/binary-m68k/vim-python_6.3-071+1sarge3_m68k.deb oldstable/main/binary-m68k/vim-ruby_6.3-071+1sarge3_m68k.deb oldstable/main/binary-m68k/vim-tcl_6.3-071+1sarge3_m68k.deb oldstable/main/binary-m68k/vim-gtk_6.3-071+1sarge3_m68k.deb oldstable/main/binary-m68k/vim-lesstif_6.3-071+1sarge3_m68k.deb oldstable/main/binary-m68k/vim-gnome_6.3-071+1sarge3_m68k.deb oldstable/main/binary-m68k/vim-full_6.3-071+1sarge3_m68k.deb vim (1:6.3-071+1sarge3) oldstable-proposed-updates; urgency=low * debian/control: - vim now Depends on vim-common >= ${Source-Version} so it's binNMU safe. * debian/rules: - Change use of $(PWD) to $(CURDIR) so the package can be built properly with sudo. oldstable/main/binary-mips/vim_6.3-071+1sarge3_mips.deb oldstable/main/binary-mips/vim-perl_6.3-071+1sarge3_mips.deb oldstable/main/binary-mips/vim-python_6.3-071+1sarge3_mips.deb oldstable/main/binary-mips/vim-ruby_6.3-071+1sarge3_mips.deb oldstable/main/binary-mips/vim-tcl_6.3-071+1sarge3_mips.deb oldstable/main/binary-mips/vim-gtk_6.3-071+1sarge3_mips.deb oldstable/main/binary-mips/vim-lesstif_6.3-071+1sarge3_mips.deb oldstable/main/binary-mips/vim-gnome_6.3-071+1sarge3_mips.deb oldstable/main/binary-mips/vim-full_6.3-071+1sarge3_mips.deb vim (1:6.3-071+1sarge3) oldstable-proposed-updates; urgency=low * debian/control: - vim now Depends on vim-common >= ${Source-Version} so it's binNMU safe. * debian/rules: - Change use of $(PWD) to $(CURDIR) so the package can be built properly with sudo. oldstable/main/binary-mipsel/vim_6.3-071+1sarge3_mipsel.deb oldstable/main/binary-mipsel/vim-perl_6.3-071+1sarge3_mipsel.deb oldstable/main/binary-mipsel/vim-python_6.3-071+1sarge3_mipsel.deb oldstable/main/binary-mipsel/vim-ruby_6.3-071+1sarge3_mipsel.deb oldstable/main/binary-mipsel/vim-tcl_6.3-071+1sarge3_mipsel.deb oldstable/main/binary-mipsel/vim-gtk_6.3-071+1sarge3_mipsel.deb oldstable/main/binary-mipsel/vim-lesstif_6.3-071+1sarge3_mipsel.deb oldstable/main/binary-mipsel/vim-gnome_6.3-071+1sarge3_mipsel.deb oldstable/main/binary-mipsel/vim-full_6.3-071+1sarge3_mipsel.deb vim (1:6.3-071+1sarge3) oldstable-proposed-updates; urgency=low * debian/control: - vim now Depends on vim-common >= ${Source-Version} so it's binNMU safe. * debian/rules: - Change use of $(PWD) to $(CURDIR) so the package can be built properly with sudo. oldstable/main/binary-powerpc/vim_6.3-071+1sarge3_powerpc.deb oldstable/main/binary-powerpc/vim-perl_6.3-071+1sarge3_powerpc.deb oldstable/main/binary-powerpc/vim-python_6.3-071+1sarge3_powerpc.deb oldstable/main/binary-powerpc/vim-ruby_6.3-071+1sarge3_powerpc.deb oldstable/main/binary-powerpc/vim-tcl_6.3-071+1sarge3_powerpc.deb oldstable/main/binary-powerpc/vim-gtk_6.3-071+1sarge3_powerpc.deb oldstable/main/binary-powerpc/vim-lesstif_6.3-071+1sarge3_powerpc.deb oldstable/main/binary-powerpc/vim-gnome_6.3-071+1sarge3_powerpc.deb oldstable/main/binary-powerpc/vim-full_6.3-071+1sarge3_powerpc.deb vim (1:6.3-071+1sarge3) oldstable-proposed-updates; urgency=low * debian/control: - vim now Depends on vim-common >= ${Source-Version} so it's binNMU safe. * debian/rules: - Change use of $(PWD) to $(CURDIR) so the package can be built properly with sudo. oldstable/main/binary-s390/vim_6.3-071+1sarge3_s390.deb oldstable/main/binary-s390/vim-perl_6.3-071+1sarge3_s390.deb oldstable/main/binary-s390/vim-python_6.3-071+1sarge3_s390.deb oldstable/main/binary-s390/vim-ruby_6.3-071+1sarge3_s390.deb oldstable/main/binary-s390/vim-tcl_6.3-071+1sarge3_s390.deb oldstable/main/binary-s390/vim-gtk_6.3-071+1sarge3_s390.deb oldstable/main/binary-s390/vim-lesstif_6.3-071+1sarge3_s390.deb oldstable/main/binary-s390/vim-gnome_6.3-071+1sarge3_s390.deb oldstable/main/binary-s390/vim-full_6.3-071+1sarge3_s390.deb vim (1:6.3-071+1sarge3) oldstable-proposed-updates; urgency=low * debian/control: - vim now Depends on vim-common >= ${Source-Version} so it's binNMU safe. * debian/rules: - Change use of $(PWD) to $(CURDIR) so the package can be built properly with sudo. oldstable/main/binary-sparc/vim_6.3-071+1sarge3_sparc.deb oldstable/main/binary-sparc/vim-perl_6.3-071+1sarge3_sparc.deb oldstable/main/binary-sparc/vim-python_6.3-071+1sarge3_sparc.deb oldstable/main/binary-sparc/vim-ruby_6.3-071+1sarge3_sparc.deb oldstable/main/binary-sparc/vim-tcl_6.3-071+1sarge3_sparc.deb oldstable/main/binary-sparc/vim-gtk_6.3-071+1sarge3_sparc.deb oldstable/main/binary-sparc/vim-lesstif_6.3-071+1sarge3_sparc.deb oldstable/main/binary-sparc/vim-gnome_6.3-071+1sarge3_sparc.deb oldstable/main/binary-sparc/vim-full_6.3-071+1sarge3_sparc.deb vim (1:6.3-071+1sarge3) oldstable-proposed-updates; urgency=low * debian/control: - vim now Depends on vim-common >= ${Source-Version} so it's binNMU safe. * debian/rules: - Change use of $(PWD) to $(CURDIR) so the package can be built properly with sudo. oldstable/main/binary-arm/visitors_0.4a-1_arm.deb visitors (0.4a-1) unstable; urgency=low * Initial release (closes: #303924). oldstable/main/binary-alpha/vlc_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/libvlc0-dev_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/gnome-vlc_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/gvlc_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/vlc-plugin-esd_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/vlc-plugin-alsa_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/vlc-plugin-sdl_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/vlc-plugin-ggi_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/qvlc_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/vlc-plugin-arts_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/kvlc_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/wxvlc_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/vlc-alsa_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/vlc-esd_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/vlc-ggi_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/vlc-gnome_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/vlc-gtk_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/vlc-qt_0.8.1.svn20050314-1sarge3_alpha.deb oldstable/main/binary-alpha/vlc-sdl_0.8.1.svn20050314-1sarge3_alpha.deb vlc (0.8.1.svn20050314-1sarge3) oldstable-security; urgency=high * modules/codec/theora.c modules/codec/vorbis.c modules/services_discovery/sap.c: + Fix format string vulnerabilities (VideoLAN-SA-0702) (Closes: #429726). * modules/misc/svg.c: + Fix memory leaks that could cause denials of service. * modules/demux/avi/libavi.c: + Fix a buffer overflow. * modules/codec/flac.c modules/demux/wav.c modules/misc/freetype.c src/video_output/vout_subpictures.c src/audio_output/dec.c: + Fix missing checks that could cause denials of service. oldstable/main/binary-arm/vlc_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/libvlc0-dev_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/gnome-vlc_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/gvlc_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/vlc-plugin-esd_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/vlc-plugin-alsa_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/vlc-plugin-sdl_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/vlc-plugin-ggi_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/qvlc_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/vlc-plugin-arts_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/kvlc_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/wxvlc_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/vlc-alsa_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/vlc-esd_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/vlc-ggi_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/vlc-gnome_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/vlc-gtk_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/vlc-qt_0.8.1.svn20050314-1sarge3_arm.deb oldstable/main/binary-arm/vlc-sdl_0.8.1.svn20050314-1sarge3_arm.deb vlc (0.8.1.svn20050314-1sarge3) oldstable-security; urgency=high * modules/codec/theora.c modules/codec/vorbis.c modules/services_discovery/sap.c: + Fix format string vulnerabilities (VideoLAN-SA-0702) (Closes: #429726). * modules/misc/svg.c: + Fix memory leaks that could cause denials of service. * modules/demux/avi/libavi.c: + Fix a buffer overflow. * modules/codec/flac.c modules/demux/wav.c modules/misc/freetype.c src/video_output/vout_subpictures.c src/audio_output/dec.c: + Fix missing checks that could cause denials of service. oldstable/main/binary-hppa/vlc_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/libvlc0-dev_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/gnome-vlc_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/gvlc_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/vlc-plugin-esd_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/vlc-plugin-alsa_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/vlc-plugin-sdl_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/vlc-plugin-ggi_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/qvlc_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/vlc-plugin-arts_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/kvlc_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/wxvlc_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/vlc-alsa_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/vlc-esd_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/vlc-ggi_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/vlc-gnome_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/vlc-gtk_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/vlc-qt_0.8.1.svn20050314-1sarge3_hppa.deb oldstable/main/binary-hppa/vlc-sdl_0.8.1.svn20050314-1sarge3_hppa.deb vlc (0.8.1.svn20050314-1sarge3) oldstable-security; urgency=high * modules/codec/theora.c modules/codec/vorbis.c modules/services_discovery/sap.c: + Fix format string vulnerabilities (VideoLAN-SA-0702) (Closes: #429726). * modules/misc/svg.c: + Fix memory leaks that could cause denials of service. * modules/demux/avi/libavi.c: + Fix a buffer overflow. * modules/codec/flac.c modules/demux/wav.c modules/misc/freetype.c src/video_output/vout_subpictures.c src/audio_output/dec.c: + Fix missing checks that could cause denials of service. oldstable/main/source/vlc_0.8.1.svn20050314-1sarge3.dsc oldstable/main/source/vlc_0.8.1.svn20050314-1sarge3.diff.gz oldstable/main/binary-i386/vlc_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/libvlc0-dev_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/gnome-vlc_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/gvlc_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-plugin-esd_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-plugin-alsa_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-plugin-sdl_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-plugin-ggi_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-plugin-glide_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/qvlc_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-plugin-arts_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/kvlc_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-plugin-svgalib_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/wxvlc_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-alsa_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-esd_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-ggi_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-glide_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-gnome_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-gtk_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-qt_0.8.1.svn20050314-1sarge3_i386.deb oldstable/main/binary-i386/vlc-sdl_0.8.1.svn20050314-1sarge3_i386.deb vlc (0.8.1.svn20050314-1sarge3) oldstable-security; urgency=high * modules/codec/theora.c modules/codec/vorbis.c modules/services_discovery/sap.c: + Fix format string vulnerabilities (VideoLAN-SA-0702) (Closes: #429726). * modules/misc/svg.c: + Fix memory leaks that could cause denials of service. * modules/demux/avi/libavi.c: + Fix a buffer overflow. * modules/codec/flac.c modules/demux/wav.c modules/misc/freetype.c src/video_output/vout_subpictures.c src/audio_output/dec.c: + Fix missing checks that could cause denials of service. oldstable/main/binary-ia64/vlc_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/libvlc0-dev_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/gnome-vlc_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/gvlc_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/vlc-plugin-esd_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/vlc-plugin-alsa_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/vlc-plugin-sdl_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/vlc-plugin-ggi_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/qvlc_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/vlc-plugin-arts_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/kvlc_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/wxvlc_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/vlc-alsa_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/vlc-esd_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/vlc-ggi_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/vlc-gnome_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/vlc-gtk_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/vlc-qt_0.8.1.svn20050314-1sarge3_ia64.deb oldstable/main/binary-ia64/vlc-sdl_0.8.1.svn20050314-1sarge3_ia64.deb vlc (0.8.1.svn20050314-1sarge3) oldstable-security; urgency=high * modules/codec/theora.c modules/codec/vorbis.c modules/services_discovery/sap.c: + Fix format string vulnerabilities (VideoLAN-SA-0702) (Closes: #429726). * modules/misc/svg.c: + Fix memory leaks that could cause denials of service. * modules/demux/avi/libavi.c: + Fix a buffer overflow. * modules/codec/flac.c modules/demux/wav.c modules/misc/freetype.c src/video_output/vout_subpictures.c src/audio_output/dec.c: + Fix missing checks that could cause denials of service. oldstable/main/binary-m68k/vlc_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/libvlc0-dev_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/gnome-vlc_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/gvlc_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/vlc-plugin-esd_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/vlc-plugin-alsa_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/vlc-plugin-sdl_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/vlc-plugin-ggi_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/qvlc_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/vlc-plugin-arts_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/kvlc_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/wxvlc_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/vlc-alsa_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/vlc-esd_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/vlc-ggi_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/vlc-gnome_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/vlc-gtk_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/vlc-qt_0.8.1.svn20050314-1sarge3_m68k.deb oldstable/main/binary-m68k/vlc-sdl_0.8.1.svn20050314-1sarge3_m68k.deb vlc (0.8.1.svn20050314-1sarge3) oldstable-security; urgency=high * modules/codec/theora.c modules/codec/vorbis.c modules/services_discovery/sap.c: + Fix format string vulnerabilities (VideoLAN-SA-0702) (Closes: #429726). * modules/misc/svg.c: + Fix memory leaks that could cause denials of service. * modules/demux/avi/libavi.c: + Fix a buffer overflow. * modules/codec/flac.c modules/demux/wav.c modules/misc/freetype.c src/video_output/vout_subpictures.c src/audio_output/dec.c: + Fix missing checks that could cause denials of service. oldstable/main/binary-mips/vlc_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/libvlc0-dev_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/gnome-vlc_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/gvlc_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/vlc-plugin-esd_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/vlc-plugin-alsa_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/vlc-plugin-sdl_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/vlc-plugin-ggi_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/qvlc_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/vlc-plugin-arts_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/kvlc_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/wxvlc_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/vlc-alsa_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/vlc-esd_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/vlc-ggi_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/vlc-gnome_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/vlc-gtk_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/vlc-qt_0.8.1.svn20050314-1sarge3_mips.deb oldstable/main/binary-mips/vlc-sdl_0.8.1.svn20050314-1sarge3_mips.deb vlc (0.8.1.svn20050314-1sarge3) oldstable-security; urgency=high * modules/codec/theora.c modules/codec/vorbis.c modules/services_discovery/sap.c: + Fix format string vulnerabilities (VideoLAN-SA-0702) (Closes: #429726). * modules/misc/svg.c: + Fix memory leaks that could cause denials of service. * modules/demux/avi/libavi.c: + Fix a buffer overflow. * modules/codec/flac.c modules/demux/wav.c modules/misc/freetype.c src/video_output/vout_subpictures.c src/audio_output/dec.c: + Fix missing checks that could cause denials of service. oldstable/main/binary-mipsel/vlc_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/libvlc0-dev_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/gnome-vlc_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/gvlc_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/vlc-plugin-esd_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/vlc-plugin-alsa_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/vlc-plugin-sdl_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/vlc-plugin-ggi_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/qvlc_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/vlc-plugin-arts_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/kvlc_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/wxvlc_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/vlc-alsa_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/vlc-esd_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/vlc-ggi_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/vlc-gnome_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/vlc-gtk_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/vlc-qt_0.8.1.svn20050314-1sarge3_mipsel.deb oldstable/main/binary-mipsel/vlc-sdl_0.8.1.svn20050314-1sarge3_mipsel.deb vlc (0.8.1.svn20050314-1sarge3) oldstable-security; urgency=high * modules/codec/theora.c modules/codec/vorbis.c modules/services_discovery/sap.c: + Fix format string vulnerabilities (VideoLAN-SA-0702) (Closes: #429726). * modules/misc/svg.c: + Fix memory leaks that could cause denials of service. * modules/demux/avi/libavi.c: + Fix a buffer overflow. * modules/codec/flac.c modules/demux/wav.c modules/misc/freetype.c src/video_output/vout_subpictures.c src/audio_output/dec.c: + Fix missing checks that could cause denials of service. oldstable/main/binary-powerpc/vlc_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/libvlc0-dev_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/gnome-vlc_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/gvlc_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/vlc-plugin-esd_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/vlc-plugin-alsa_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/vlc-plugin-sdl_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/vlc-plugin-ggi_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/qvlc_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/vlc-plugin-arts_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/kvlc_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/wxvlc_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/vlc-alsa_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/vlc-esd_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/vlc-ggi_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/vlc-gnome_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/vlc-gtk_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/vlc-qt_0.8.1.svn20050314-1sarge3_powerpc.deb oldstable/main/binary-powerpc/vlc-sdl_0.8.1.svn20050314-1sarge3_powerpc.deb vlc (0.8.1.svn20050314-1sarge3) oldstable-security; urgency=high * modules/codec/theora.c modules/codec/vorbis.c modules/services_discovery/sap.c: + Fix format string vulnerabilities (VideoLAN-SA-0702) (Closes: #429726). * modules/misc/svg.c: + Fix memory leaks that could cause denials of service. * modules/demux/avi/libavi.c: + Fix a buffer overflow. * modules/codec/flac.c modules/demux/wav.c modules/misc/freetype.c src/video_output/vout_subpictures.c src/audio_output/dec.c: + Fix missing checks that could cause denials of service. oldstable/main/binary-s390/vlc_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/libvlc0-dev_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/gnome-vlc_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/gvlc_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/vlc-plugin-esd_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/vlc-plugin-alsa_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/vlc-plugin-sdl_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/vlc-plugin-ggi_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/qvlc_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/vlc-plugin-arts_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/kvlc_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/wxvlc_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/vlc-alsa_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/vlc-esd_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/vlc-ggi_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/vlc-gnome_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/vlc-gtk_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/vlc-qt_0.8.1.svn20050314-1sarge3_s390.deb oldstable/main/binary-s390/vlc-sdl_0.8.1.svn20050314-1sarge3_s390.deb vlc (0.8.1.svn20050314-1sarge3) oldstable-security; urgency=high * modules/codec/theora.c modules/codec/vorbis.c modules/services_discovery/sap.c: + Fix format string vulnerabilities (VideoLAN-SA-0702) (Closes: #429726). * modules/misc/svg.c: + Fix memory leaks that could cause denials of service. * modules/demux/avi/libavi.c: + Fix a buffer overflow. * modules/codec/flac.c modules/demux/wav.c modules/misc/freetype.c src/video_output/vout_subpictures.c src/audio_output/dec.c: + Fix missing checks that could cause denials of service. oldstable/main/binary-sparc/vlc_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/libvlc0-dev_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/gnome-vlc_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/gvlc_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/vlc-plugin-esd_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/vlc-plugin-alsa_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/vlc-plugin-sdl_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/vlc-plugin-ggi_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/qvlc_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/vlc-plugin-arts_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/kvlc_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/wxvlc_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/vlc-alsa_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/vlc-esd_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/vlc-ggi_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/vlc-gnome_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/vlc-gtk_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/vlc-qt_0.8.1.svn20050314-1sarge3_sparc.deb oldstable/main/binary-sparc/vlc-sdl_0.8.1.svn20050314-1sarge3_sparc.deb vlc (0.8.1.svn20050314-1sarge3) oldstable-security; urgency=high * modules/codec/theora.c modules/codec/vorbis.c modules/services_discovery/sap.c: + Fix format string vulnerabilities (VideoLAN-SA-0702) (Closes: #429726). * modules/misc/svg.c: + Fix memory leaks that could cause denials of service. * modules/demux/avi/libavi.c: + Fix a buffer overflow. * modules/codec/flac.c modules/demux/wav.c modules/misc/freetype.c src/video_output/vout_subpictures.c src/audio_output/dec.c: + Fix missing checks that could cause denials of service. oldstable/main/source/webcalendar_0.9.45-4sarge7.dsc oldstable/main/source/webcalendar_0.9.45-4sarge7.diff.gz oldstable/main/binary-all/webcalendar_0.9.45-4sarge7_all.deb webcalendar (0.9.45-4sarge7) oldstable-security; urgency=high * Security upload by the current co-maintainer team (Elizabeth Bevilacqua and Rafael Laboissiere) * Fixes cross-site scripting (XSS) vulnerability in export_handler.php that allows remote attackers to inject arbitrary web script or HTML via the format parameter [CVE-2006-6669]. Thanks to Thijs Kinkhorst. * The previous security releases included fixes for CVE-2005-2320 (assistant_edit.php unauthorized access vulnerability) and CVE-2007-1483 (execute arbitrary PHP code via a URL in the includedir parameter, file includes/config.php) oldstable/main/binary-alpha/wesnoth_0.9.0-6_alpha.deb oldstable/main/binary-alpha/wesnoth-server_0.9.0-6_alpha.deb oldstable/main/binary-alpha/wesnoth-editor_0.9.0-6_alpha.deb wesnoth (0.9.0-6) oldstable-security; urgency=high * Fix insecure truncate of a multibyte chat message that can lead to invalid utf-8 and throw an uncaught exception. Both wesnoth client and server are affected [CVE-2007-3917]. Patch 03_CVE-2007-3917 was pulled from upstream svn (revisions 20786, 20802, 20809, 20862). oldstable/main/binary-amd64/wesnoth_0.9.0-6_amd64.deb oldstable/main/binary-amd64/wesnoth-server_0.9.0-6_amd64.deb oldstable/main/binary-amd64/wesnoth-editor_0.9.0-6_amd64.deb wesnoth (0.9.0-6) oldstable-security; urgency=high * Fix insecure truncate of a multibyte chat message that can lead to invalid utf-8 and throw an uncaught exception. Both wesnoth client and server are affected [CVE-2007-3917]. Patch 03_CVE-2007-3917 was pulled from upstream svn (revisions 20786, 20802, 20809, 20862). oldstable/main/binary-arm/wesnoth_0.9.0-6_arm.deb oldstable/main/binary-arm/wesnoth-server_0.9.0-6_arm.deb oldstable/main/binary-arm/wesnoth-editor_0.9.0-6_arm.deb wesnoth (0.9.0-6) oldstable-security; urgency=high * Fix insecure truncate of a multibyte chat message that can lead to invalid utf-8 and throw an uncaught exception. Both wesnoth client and server are affected [CVE-2007-3917]. Patch 03_CVE-2007-3917 was pulled from upstream svn (revisions 20786, 20802, 20809, 20862). oldstable/main/binary-hppa/wesnoth_0.9.0-6_hppa.deb oldstable/main/binary-hppa/wesnoth-server_0.9.0-6_hppa.deb oldstable/main/binary-hppa/wesnoth-editor_0.9.0-6_hppa.deb wesnoth (0.9.0-6) oldstable-security; urgency=high * Fix insecure truncate of a multibyte chat message that can lead to invalid utf-8 and throw an uncaught exception. Both wesnoth client and server are affected [CVE-2007-3917]. Patch 03_CVE-2007-3917 was pulled from upstream svn (revisions 20786, 20802, 20809, 20862). oldstable/main/binary-i386/wesnoth_0.9.0-6_i386.deb oldstable/main/binary-i386/wesnoth-server_0.9.0-6_i386.deb oldstable/main/binary-i386/wesnoth-editor_0.9.0-6_i386.deb wesnoth (0.9.0-6) oldstable-security; urgency=high * Fix insecure truncate of a multibyte chat message that can lead to invalid utf-8 and throw an uncaught exception. Both wesnoth client and server are affected [CVE-2007-3917]. Patch 03_CVE-2007-3917 was pulled from upstream svn (revisions 20786, 20802, 20809, 20862). oldstable/main/binary-ia64/wesnoth_0.9.0-6_ia64.deb oldstable/main/binary-ia64/wesnoth-server_0.9.0-6_ia64.deb oldstable/main/binary-ia64/wesnoth-editor_0.9.0-6_ia64.deb wesnoth (0.9.0-6) oldstable-security; urgency=high * Fix insecure truncate of a multibyte chat message that can lead to invalid utf-8 and throw an uncaught exception. Both wesnoth client and server are affected [CVE-2007-3917]. Patch 03_CVE-2007-3917 was pulled from upstream svn (revisions 20786, 20802, 20809, 20862). oldstable/main/binary-m68k/wesnoth_0.9.0-6_m68k.deb oldstable/main/binary-m68k/wesnoth-server_0.9.0-6_m68k.deb oldstable/main/binary-m68k/wesnoth-editor_0.9.0-6_m68k.deb wesnoth (0.9.0-6) oldstable-security; urgency=high * Fix insecure truncate of a multibyte chat message that can lead to invalid utf-8 and throw an uncaught exception. Both wesnoth client and server are affected [CVE-2007-3917]. Patch 03_CVE-2007-3917 was pulled from upstream svn (revisions 20786, 20802, 20809, 20862). oldstable/main/binary-mips/wesnoth_0.9.0-6_mips.deb oldstable/main/binary-mips/wesnoth-server_0.9.0-6_mips.deb oldstable/main/binary-mips/wesnoth-editor_0.9.0-6_mips.deb wesnoth (0.9.0-6) oldstable-security; urgency=high * Fix insecure truncate of a multibyte chat message that can lead to invalid utf-8 and throw an uncaught exception. Both wesnoth client and server are affected [CVE-2007-3917]. Patch 03_CVE-2007-3917 was pulled from upstream svn (revisions 20786, 20802, 20809, 20862). oldstable/main/binary-mipsel/wesnoth_0.9.0-6_mipsel.deb oldstable/main/binary-mipsel/wesnoth-server_0.9.0-6_mipsel.deb oldstable/main/binary-mipsel/wesnoth-editor_0.9.0-6_mipsel.deb wesnoth (0.9.0-6) oldstable-security; urgency=high * Fix insecure truncate of a multibyte chat message that can lead to invalid utf-8 and throw an uncaught exception. Both wesnoth client and server are affected [CVE-2007-3917]. Patch 03_CVE-2007-3917 was pulled from upstream svn (revisions 20786, 20802, 20809, 20862). oldstable/main/source/wesnoth_0.9.0-6.dsc oldstable/main/source/wesnoth_0.9.0-6.diff.gz oldstable/main/source/wesnoth_0.9.0.orig.tar.gz oldstable/main/binary-all/wesnoth-data_0.9.0-6_all.deb oldstable/main/binary-all/wesnoth-music_0.9.0-6_all.deb oldstable/main/binary-all/wesnoth-httt_0.9.0-6_all.deb oldstable/main/binary-all/wesnoth-trow_0.9.0-6_all.deb oldstable/main/binary-all/wesnoth-tdh_0.9.0-6_all.deb oldstable/main/binary-all/wesnoth-ei_0.9.0-6_all.deb oldstable/main/binary-all/wesnoth-sotbe_0.9.0-6_all.deb oldstable/main/binary-powerpc/wesnoth_0.9.0-6_powerpc.deb oldstable/main/binary-powerpc/wesnoth-server_0.9.0-6_powerpc.deb oldstable/main/binary-powerpc/wesnoth-editor_0.9.0-6_powerpc.deb wesnoth (0.9.0-6) oldstable-security; urgency=high * Fix insecure truncate of a multibyte chat message that can lead to invalid utf-8 and throw an uncaught exception. Both wesnoth client and server are affected [CVE-2007-3917]. Patch 03_CVE-2007-3917 was pulled from upstream svn (revisions 20786, 20802, 20809, 20862). oldstable/main/binary-s390/wesnoth_0.9.0-6_s390.deb oldstable/main/binary-s390/wesnoth-server_0.9.0-6_s390.deb oldstable/main/binary-s390/wesnoth-editor_0.9.0-6_s390.deb wesnoth (0.9.0-6) oldstable-security; urgency=high * Fix insecure truncate of a multibyte chat message that can lead to invalid utf-8 and throw an uncaught exception. Both wesnoth client and server are affected [CVE-2007-3917]. Patch 03_CVE-2007-3917 was pulled from upstream svn (revisions 20786, 20802, 20809, 20862). oldstable/main/binary-sparc/wesnoth_0.9.0-6_sparc.deb oldstable/main/binary-sparc/wesnoth-server_0.9.0-6_sparc.deb oldstable/main/binary-sparc/wesnoth-editor_0.9.0-6_sparc.deb wesnoth (0.9.0-6) oldstable-security; urgency=high * Fix insecure truncate of a multibyte chat message that can lead to invalid utf-8 and throw an uncaught exception. Both wesnoth client and server are affected [CVE-2007-3917]. Patch 03_CVE-2007-3917 was pulled from upstream svn (revisions 20786, 20802, 20809, 20862). oldstable/main/binary-alpha/wesnoth_0.9.0-7_alpha.deb oldstable/main/binary-alpha/wesnoth-server_0.9.0-7_alpha.deb oldstable/main/binary-alpha/wesnoth-editor_0.9.0-7_alpha.deb wesnoth (0.9.0-7) oldstable-security; urgency=medium * Ignore filenames that contain .. to not send arbitrary files around in multiplayer missions [CVE-2007-5742]. Patch 04_CVE-2007-5742 was pulled from upstream svn (revision 21904). oldstable/main/binary-amd64/wesnoth_0.9.0-7_amd64.deb oldstable/main/binary-amd64/wesnoth-server_0.9.0-7_amd64.deb oldstable/main/binary-amd64/wesnoth-editor_0.9.0-7_amd64.deb wesnoth (0.9.0-7) oldstable-security; urgency=medium * Ignore filenames that contain .. to not send arbitrary files around in multiplayer missions [CVE-2007-5742]. Patch 04_CVE-2007-5742 was pulled from upstream svn (revision 21904). oldstable/main/binary-arm/wesnoth_0.9.0-7_arm.deb oldstable/main/binary-arm/wesnoth-server_0.9.0-7_arm.deb oldstable/main/binary-arm/wesnoth-editor_0.9.0-7_arm.deb wesnoth (0.9.0-7) oldstable-security; urgency=medium * Ignore filenames that contain .. to not send arbitrary files around in multiplayer missions [CVE-2007-5742]. Patch 04_CVE-2007-5742 was pulled from upstream svn (revision 21904). oldstable/main/binary-hppa/wesnoth_0.9.0-7_hppa.deb oldstable/main/binary-hppa/wesnoth-server_0.9.0-7_hppa.deb oldstable/main/binary-hppa/wesnoth-editor_0.9.0-7_hppa.deb wesnoth (0.9.0-7) oldstable-security; urgency=medium * Ignore filenames that contain .. to not send arbitrary files around in multiplayer missions [CVE-2007-5742]. Patch 04_CVE-2007-5742 was pulled from upstream svn (revision 21904). oldstable/main/binary-i386/wesnoth_0.9.0-7_i386.deb oldstable/main/binary-i386/wesnoth-server_0.9.0-7_i386.deb oldstable/main/binary-i386/wesnoth-editor_0.9.0-7_i386.deb wesnoth (0.9.0-7) oldstable-security; urgency=medium * Ignore filenames that contain .. to not send arbitrary files around in multiplayer missions [CVE-2007-5742]. Patch 04_CVE-2007-5742 was pulled from upstream svn (revision 21904). oldstable/main/binary-ia64/wesnoth_0.9.0-7_ia64.deb oldstable/main/binary-ia64/wesnoth-server_0.9.0-7_ia64.deb oldstable/main/binary-ia64/wesnoth-editor_0.9.0-7_ia64.deb wesnoth (0.9.0-7) oldstable-security; urgency=medium * Ignore filenames that contain .. to not send arbitrary files around in multiplayer missions [CVE-2007-5742]. Patch 04_CVE-2007-5742 was pulled from upstream svn (revision 21904). oldstable/main/binary-m68k/wesnoth_0.9.0-7_m68k.deb oldstable/main/binary-m68k/wesnoth-server_0.9.0-7_m68k.deb oldstable/main/binary-m68k/wesnoth-editor_0.9.0-7_m68k.deb wesnoth (0.9.0-7) oldstable-security; urgency=medium * Ignore filenames that contain .. to not send arbitrary files around in multiplayer missions [CVE-2007-5742]. Patch 04_CVE-2007-5742 was pulled from upstream svn (revision 21904). oldstable/main/binary-mips/wesnoth_0.9.0-7_mips.deb oldstable/main/binary-mips/wesnoth-server_0.9.0-7_mips.deb oldstable/main/binary-mips/wesnoth-editor_0.9.0-7_mips.deb wesnoth (0.9.0-7) oldstable-security; urgency=medium * Ignore filenames that contain .. to not send arbitrary files around in multiplayer missions [CVE-2007-5742]. Patch 04_CVE-2007-5742 was pulled from upstream svn (revision 21904). oldstable/main/binary-mipsel/wesnoth_0.9.0-7_mipsel.deb oldstable/main/binary-mipsel/wesnoth-server_0.9.0-7_mipsel.deb oldstable/main/binary-mipsel/wesnoth-editor_0.9.0-7_mipsel.deb wesnoth (0.9.0-7) oldstable-security; urgency=medium * Ignore filenames that contain .. to not send arbitrary files around in multiplayer missions [CVE-2007-5742]. Patch 04_CVE-2007-5742 was pulled from upstream svn (revision 21904). oldstable/main/source/wesnoth_0.9.0-7.dsc oldstable/main/source/wesnoth_0.9.0-7.diff.gz oldstable/main/binary-all/wesnoth-data_0.9.0-7_all.deb oldstable/main/binary-all/wesnoth-music_0.9.0-7_all.deb oldstable/main/binary-all/wesnoth-httt_0.9.0-7_all.deb oldstable/main/binary-all/wesnoth-trow_0.9.0-7_all.deb oldstable/main/binary-all/wesnoth-tdh_0.9.0-7_all.deb oldstable/main/binary-all/wesnoth-ei_0.9.0-7_all.deb oldstable/main/binary-all/wesnoth-sotbe_0.9.0-7_all.deb oldstable/main/binary-powerpc/wesnoth_0.9.0-7_powerpc.deb oldstable/main/binary-powerpc/wesnoth-server_0.9.0-7_powerpc.deb oldstable/main/binary-powerpc/wesnoth-editor_0.9.0-7_powerpc.deb wesnoth (0.9.0-7) oldstable-security; urgency=medium * Ignore filenames that contain .. to not send arbitrary files around in multiplayer missions [CVE-2007-5742]. Patch 04_CVE-2007-5742 was pulled from upstream svn (revision 21904). oldstable/main/binary-s390/wesnoth_0.9.0-7_s390.deb oldstable/main/binary-s390/wesnoth-server_0.9.0-7_s390.deb oldstable/main/binary-s390/wesnoth-editor_0.9.0-7_s390.deb wesnoth (0.9.0-7) oldstable-security; urgency=medium * Ignore filenames that contain .. to not send arbitrary files around in multiplayer missions [CVE-2007-5742]. Patch 04_CVE-2007-5742 was pulled from upstream svn (revision 21904). oldstable/main/binary-sparc/wesnoth_0.9.0-7_sparc.deb oldstable/main/binary-sparc/wesnoth-server_0.9.0-7_sparc.deb oldstable/main/binary-sparc/wesnoth-editor_0.9.0-7_sparc.deb wesnoth (0.9.0-7) oldstable-security; urgency=medium * Ignore filenames that contain .. to not send arbitrary files around in multiplayer missions [CVE-2007-5742]. Patch 04_CVE-2007-5742 was pulled from upstream svn (revision 21904). oldstable/main/binary-alpha/wesnoth_0.9.0-8_alpha.deb oldstable/main/binary-alpha/wesnoth-server_0.9.0-8_alpha.deb oldstable/main/binary-alpha/wesnoth-editor_0.9.0-8_alpha.deb wesnoth (0.9.0-8) oldstable; urgency=low * Remove WML turn_cmd which can lead to forking yes and through that 100% CPU usage and stdout filling [CVE-2007-6201]. Patch 05_CVE-2007-6201 was pulled from upstream svn (revision 21907). oldstable/main/binary-hppa/wesnoth_0.9.0-8_hppa.deb oldstable/main/binary-hppa/wesnoth-server_0.9.0-8_hppa.deb oldstable/main/binary-hppa/wesnoth-editor_0.9.0-8_hppa.deb wesnoth (0.9.0-8) oldstable; urgency=low * Remove WML turn_cmd which can lead to forking yes and through that 100% CPU usage and stdout filling [CVE-2007-6201]. Patch 05_CVE-2007-6201 was pulled from upstream svn (revision 21907). oldstable/main/binary-i386/wesnoth_0.9.0-8_i386.deb oldstable/main/binary-i386/wesnoth-server_0.9.0-8_i386.deb oldstable/main/binary-i386/wesnoth-editor_0.9.0-8_i386.deb wesnoth (0.9.0-8) oldstable; urgency=low * Remove WML turn_cmd which can lead to forking yes and through that 100% CPU usage and stdout filling [CVE-2007-6201]. Patch 05_CVE-2007-6201 was pulled from upstream svn (revision 21907). oldstable/main/binary-ia64/wesnoth_0.9.0-8_ia64.deb oldstable/main/binary-ia64/wesnoth-server_0.9.0-8_ia64.deb oldstable/main/binary-ia64/wesnoth-editor_0.9.0-8_ia64.deb wesnoth (0.9.0-8) oldstable; urgency=low * Remove WML turn_cmd which can lead to forking yes and through that 100% CPU usage and stdout filling [CVE-2007-6201]. Patch 05_CVE-2007-6201 was pulled from upstream svn (revision 21907). oldstable/main/binary-mips/wesnoth_0.9.0-8_mips.deb oldstable/main/binary-mips/wesnoth-server_0.9.0-8_mips.deb oldstable/main/binary-mips/wesnoth-editor_0.9.0-8_mips.deb wesnoth (0.9.0-8) oldstable; urgency=low * Remove WML turn_cmd which can lead to forking yes and through that 100% CPU usage and stdout filling [CVE-2007-6201]. Patch 05_CVE-2007-6201 was pulled from upstream svn (revision 21907). oldstable/main/binary-mipsel/wesnoth_0.9.0-8_mipsel.deb oldstable/main/binary-mipsel/wesnoth-server_0.9.0-8_mipsel.deb oldstable/main/binary-mipsel/wesnoth-editor_0.9.0-8_mipsel.deb wesnoth (0.9.0-8) oldstable; urgency=low * Remove WML turn_cmd which can lead to forking yes and through that 100% CPU usage and stdout filling [CVE-2007-6201]. Patch 05_CVE-2007-6201 was pulled from upstream svn (revision 21907). oldstable/main/source/wesnoth_0.9.0-8.dsc oldstable/main/source/wesnoth_0.9.0-8.diff.gz oldstable/main/binary-all/wesnoth-data_0.9.0-8_all.deb oldstable/main/binary-all/wesnoth-music_0.9.0-8_all.deb oldstable/main/binary-all/wesnoth-httt_0.9.0-8_all.deb oldstable/main/binary-all/wesnoth-trow_0.9.0-8_all.deb oldstable/main/binary-all/wesnoth-tdh_0.9.0-8_all.deb oldstable/main/binary-all/wesnoth-ei_0.9.0-8_all.deb oldstable/main/binary-all/wesnoth-sotbe_0.9.0-8_all.deb oldstable/main/binary-powerpc/wesnoth_0.9.0-8_powerpc.deb oldstable/main/binary-powerpc/wesnoth-server_0.9.0-8_powerpc.deb oldstable/main/binary-powerpc/wesnoth-editor_0.9.0-8_powerpc.deb wesnoth (0.9.0-8) oldstable; urgency=low * Remove WML turn_cmd which can lead to forking yes and through that 100% CPU usage and stdout filling [CVE-2007-6201]. Patch 05_CVE-2007-6201 was pulled from upstream svn (revision 21907). oldstable/main/binary-s390/wesnoth_0.9.0-8_s390.deb oldstable/main/binary-s390/wesnoth-server_0.9.0-8_s390.deb oldstable/main/binary-s390/wesnoth-editor_0.9.0-8_s390.deb wesnoth (0.9.0-8) oldstable; urgency=low * Remove WML turn_cmd which can lead to forking yes and through that 100% CPU usage and stdout filling [CVE-2007-6201]. Patch 05_CVE-2007-6201 was pulled from upstream svn (revision 21907). oldstable/main/binary-sparc/wesnoth_0.9.0-8_sparc.deb oldstable/main/binary-sparc/wesnoth-server_0.9.0-8_sparc.deb oldstable/main/binary-sparc/wesnoth-editor_0.9.0-8_sparc.deb wesnoth (0.9.0-8) oldstable; urgency=low * Remove WML turn_cmd which can lead to forking yes and through that 100% CPU usage and stdout filling [CVE-2007-6201]. Patch 05_CVE-2007-6201 was pulled from upstream svn (revision 21907). oldstable/main/binary-alpha/lbxproxy_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libdps1_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libdps1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libdps-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libice6_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libice6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libice-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libsm6_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libsm6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libsm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libx11-6_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libx11-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxaw6_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxaw6-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxaw7_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxaw7-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxext6_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxext6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxext-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxft1_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxft1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxi6_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxi6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxi-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxmu6_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxmu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxmuu1_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxmuu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxp6_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxp6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxp-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxpm4_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxpm-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxrandr2_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxrandr-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxt6_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxt6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxt-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxtrap6_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxtrap-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxtst6_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxtst-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxv1_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxv1-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/libxv-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/proxymngr_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/twm_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xbase-clients_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xdm_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xfs_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xfwp_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xlibosmesa4_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xmh_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xnest_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xserver-common_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xserver-xfree86_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xterm_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xutils_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xvfb_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/x-window-system-core_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/x-window-system-dev_4.3.0.dfsg.1-14sarge4_alpha.deb oldstable/main/binary-alpha/xlibmesa3_4.3.0.dfsg.1-14sarge4_alpha.deb xfree86 (4.3.0.dfsg.1-14sarge4) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities: + CVE-2007-1351, CVE-2007-1352: integer overflows in the BDF font and fonts.dir parsing components of libXfont; + CVE-2007-1667: integer overflows in the XGetPixel() and XInitImage() functions in libX11 (closes: #414046); + CVE-2007-1003: integer overflow in the ProcXCMiscGetXIDList() function in the XC-MISC extension in the X server. oldstable/main/binary-arm/lbxproxy_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libdps1_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libdps1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libdps-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libice6_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libice6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libice-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libsm6_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libsm6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libsm-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libx11-6_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libx11-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxaw6_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxaw6-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxaw7_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxaw7-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxext6_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxext6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxext-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxft1_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxft1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxi6_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxi6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxi-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxmu6_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxmu-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxmuu1_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxmuu-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxp6_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxp6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxp-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxpm4_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxpm-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxrandr2_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxrandr-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxt6_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxt6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxt-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxtrap6_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxtrap-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxtst6_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxtst-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxv1_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxv1-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/libxv-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/proxymngr_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/twm_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xbase-clients_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xdm_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xfs_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xfwp_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xmh_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xnest_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xserver-common_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xserver-xfree86_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xterm_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xutils_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xvfb_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/x-window-system-core_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/x-window-system-dev_4.3.0.dfsg.1-14sarge4_arm.deb oldstable/main/binary-arm/xlibmesa3_4.3.0.dfsg.1-14sarge4_arm.deb xfree86 (4.3.0.dfsg.1-14sarge4) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities: + CVE-2007-1351, CVE-2007-1352: integer overflows in the BDF font and fonts.dir parsing components of libXfont; + CVE-2007-1667: integer overflows in the XGetPixel() and XInitImage() functions in libX11 (closes: #414046); + CVE-2007-1003: integer overflow in the ProcXCMiscGetXIDList() function in the XC-MISC extension in the X server. oldstable/main/binary-hppa/lbxproxy_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libdps1_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libdps1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libdps-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libice6_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libice6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libice-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libsm6_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libsm6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libsm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libx11-6_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libx11-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxaw6_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxaw6-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxaw7_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxaw7-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxext6_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxext6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxext-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxft1_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxft1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxi6_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxi6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxi-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxmu6_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxmu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxmuu1_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxmuu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxp6_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxp6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxp-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxpm4_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxpm-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxrandr2_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxrandr-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxt6_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxt6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxt-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxtrap6_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxtrap-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxtst6_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxtst-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxv1_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxv1-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/libxv-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/proxymngr_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/twm_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xbase-clients_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xdm_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xfs_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xfwp_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xmh_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xnest_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xserver-common_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xserver-xfree86_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xterm_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xutils_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xvfb_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/x-window-system-core_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/x-window-system-dev_4.3.0.dfsg.1-14sarge4_hppa.deb oldstable/main/binary-hppa/xlibmesa3_4.3.0.dfsg.1-14sarge4_hppa.deb xfree86 (4.3.0.dfsg.1-14sarge4) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities: + CVE-2007-1351, CVE-2007-1352: integer overflows in the BDF font and fonts.dir parsing components of libXfont; + CVE-2007-1667: integer overflows in the XGetPixel() and XInitImage() functions in libX11 (closes: #414046); + CVE-2007-1003: integer overflow in the ProcXCMiscGetXIDList() function in the XC-MISC extension in the X server. oldstable/main/source/xfree86_4.3.0.dfsg.1-14sarge4.dsc oldstable/main/source/xfree86_4.3.0.dfsg.1-14sarge4.diff.gz oldstable/main/binary-all/pm-dev_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/x-dev_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xfonts-100dpi_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xfonts-75dpi_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xfonts-base_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xfonts-cyrillic_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xfonts-scalable_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xfree86-common_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xlibs_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xlibs-data_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xspecs_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/x-window-system_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xlibmesa-dev_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xlibs-dbg_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xlibs-dev_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-all/xlibs-pic_4.3.0.dfsg.1-14sarge4_all.deb oldstable/main/binary-i386/lbxproxy_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libdps1_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libdps1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libdps-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libice6_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libice6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libice-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libsm6_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libsm6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libsm-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libx11-6_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libx11-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxaw6_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxaw6-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxaw7_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxaw7-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxext6_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxext6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxext-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxft1_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxft1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxi6_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxi6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxi-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxmu6_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxmu-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxmuu1_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxmuu-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxp6_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxp6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxp-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxpm4_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxpm-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxrandr2_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxrandr-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxt6_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxt6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxt-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxtrap6_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxtrap-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxtst6_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxtst-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxv1_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxv1-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/libxv-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/proxymngr_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/twm_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xbase-clients_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xdm_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xfs_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xfwp_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xlibosmesa4_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xmh_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xnest_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xserver-common_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xserver-xfree86_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xterm_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xutils_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xvfb_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/x-window-system-core_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/x-window-system-dev_4.3.0.dfsg.1-14sarge4_i386.deb oldstable/main/binary-i386/xlibmesa3_4.3.0.dfsg.1-14sarge4_i386.deb xfree86 (4.3.0.dfsg.1-14sarge4) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities: + CVE-2007-1351, CVE-2007-1352: integer overflows in the BDF font and fonts.dir parsing components of libXfont; + CVE-2007-1667: integer overflows in the XGetPixel() and XInitImage() functions in libX11 (closes: #414046); + CVE-2007-1003: integer overflow in the ProcXCMiscGetXIDList() function in the XC-MISC extension in the X server. oldstable/main/binary-ia64/lbxproxy_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libdps1_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libdps1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libdps-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libice6_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libice6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libice-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libsm6_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libsm6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libsm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libx11-6_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libx11-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxaw6_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxaw6-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxaw7_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxaw7-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxext6_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxext6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxext-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxft1_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxft1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxi6_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxi6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxi-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxmu6_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxmu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxmuu1_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxmuu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxp6_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxp6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxp-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxpm4_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxpm-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxrandr2_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxrandr-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxt6_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxt6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxt-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxtrap6_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxtrap-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxtst6_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxtst-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxv1_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxv1-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/libxv-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/proxymngr_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/twm_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xbase-clients_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xdm_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xfs_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xfwp_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xlibosmesa4_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xmh_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xnest_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xserver-common_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xserver-xfree86_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xterm_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xutils_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xvfb_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/x-window-system-core_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/x-window-system-dev_4.3.0.dfsg.1-14sarge4_ia64.deb oldstable/main/binary-ia64/xlibmesa3_4.3.0.dfsg.1-14sarge4_ia64.deb xfree86 (4.3.0.dfsg.1-14sarge4) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities: + CVE-2007-1351, CVE-2007-1352: integer overflows in the BDF font and fonts.dir parsing components of libXfont; + CVE-2007-1667: integer overflows in the XGetPixel() and XInitImage() functions in libX11 (closes: #414046); + CVE-2007-1003: integer overflow in the ProcXCMiscGetXIDList() function in the XC-MISC extension in the X server. oldstable/main/binary-m68k/lbxproxy_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libdps1_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libdps1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libdps-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libice6_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libice6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libice-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libsm6_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libsm6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libsm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libx11-6_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libx11-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxaw6_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxaw6-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxaw7_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxaw7-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxext6_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxext6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxext-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxft1_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxft1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxi6_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxi6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxi-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxmu6_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxmu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxmuu1_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxmuu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxp6_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxp6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxp-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxpm4_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxpm-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxrandr2_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxrandr-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxt6_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxt6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxt-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxtrap6_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxtrap-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxtst6_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxtst-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxv1_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxv1-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/libxv-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/proxymngr_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/twm_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xbase-clients_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xdm_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xfs_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xfwp_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xmh_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xnest_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xserver-common_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xserver-xfree86_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xterm_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xutils_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xvfb_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/x-window-system-core_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/x-window-system-dev_4.3.0.dfsg.1-14sarge4_m68k.deb oldstable/main/binary-m68k/xlibmesa3_4.3.0.dfsg.1-14sarge4_m68k.deb xfree86 (4.3.0.dfsg.1-14sarge4) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities: + CVE-2007-1351, CVE-2007-1352: integer overflows in the BDF font and fonts.dir parsing components of libXfont; + CVE-2007-1667: integer overflows in the XGetPixel() and XInitImage() functions in libX11 (closes: #414046); + CVE-2007-1003: integer overflow in the ProcXCMiscGetXIDList() function in the XC-MISC extension in the X server. oldstable/main/binary-mips/lbxproxy_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libdps1_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libdps-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libice6_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libice6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libice-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libsm6_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libsm-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libx11-6_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libx11-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxaw6_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxaw7_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxext6_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxext-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxft1_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxi6_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxi-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxmu6_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxmu-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxmuu1_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxp6_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxp-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxpm4_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxpm-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxrandr2_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxt6_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxt-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxtrap6_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxtst6_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxtst-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxv1_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/libxv-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/proxymngr_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/twm_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xbase-clients_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xdm_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xfs_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xfwp_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xmh_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xnest_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xserver-common_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xterm_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xutils_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xvfb_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/x-window-system-core_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mips.deb oldstable/main/binary-mips/xlibmesa3_4.3.0.dfsg.1-14sarge4_mips.deb xfree86 (4.3.0.dfsg.1-14sarge4) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities: + CVE-2007-1351, CVE-2007-1352: integer overflows in the BDF font and fonts.dir parsing components of libXfont; + CVE-2007-1667: integer overflows in the XGetPixel() and XInitImage() functions in libX11 (closes: #414046); + CVE-2007-1003: integer overflow in the ProcXCMiscGetXIDList() function in the XC-MISC extension in the X server. oldstable/main/binary-mipsel/lbxproxy_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libdps1_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libdps1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libdps-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libice6_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libice6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libice-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libsm6_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libsm6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libsm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libx11-6_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libx11-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxaw6_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxaw6-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxaw7_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxaw7-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxext6_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxext6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxext-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxft1_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxft1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxi6_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxi6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxi-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxmu6_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxmu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxmuu1_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxmuu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxp6_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxp6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxp-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxpm4_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxpm-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxrandr2_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxrandr-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxt6_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxt6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxt-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxtrap6_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxtrap-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxtst6_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxtst-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxv1_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxv1-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/libxv-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/proxymngr_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/twm_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xbase-clients_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xdm_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xfs_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xfwp_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xmh_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xnest_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xserver-common_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xserver-xfree86_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xterm_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xutils_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xvfb_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/x-window-system-core_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/x-window-system-dev_4.3.0.dfsg.1-14sarge4_mipsel.deb oldstable/main/binary-mipsel/xlibmesa3_4.3.0.dfsg.1-14sarge4_mipsel.deb xfree86 (4.3.0.dfsg.1-14sarge4) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities: + CVE-2007-1351, CVE-2007-1352: integer overflows in the BDF font and fonts.dir parsing components of libXfont; + CVE-2007-1667: integer overflows in the XGetPixel() and XInitImage() functions in libX11 (closes: #414046); + CVE-2007-1003: integer overflow in the ProcXCMiscGetXIDList() function in the XC-MISC extension in the X server. oldstable/main/binary-powerpc/lbxproxy_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libdps1_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libdps1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libdps-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libice6_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libice6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libice-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libsm6_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libsm6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libsm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libx11-6_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libx11-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxaw6_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxaw6-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxaw7_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxaw7-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxext6_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxext6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxext-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxft1_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxft1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxi6_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxi6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxi-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxmu6_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxmu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxmuu1_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxmuu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxp6_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxp6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxp-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxpm4_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxpm-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxrandr2_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxrandr-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxt6_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxt6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxt-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxtrap6_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxtrap-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxtst6_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxtst-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxv1_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxv1-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/libxv-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/proxymngr_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/twm_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xbase-clients_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xdm_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xfs_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xfwp_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xlibosmesa4_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xmh_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xnest_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xserver-common_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xserver-xfree86_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xterm_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xutils_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xvfb_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/x-window-system-core_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/x-window-system-dev_4.3.0.dfsg.1-14sarge4_powerpc.deb oldstable/main/binary-powerpc/xlibmesa3_4.3.0.dfsg.1-14sarge4_powerpc.deb xfree86 (4.3.0.dfsg.1-14sarge4) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities: + CVE-2007-1351, CVE-2007-1352: integer overflows in the BDF font and fonts.dir parsing components of libXfont; + CVE-2007-1667: integer overflows in the XGetPixel() and XInitImage() functions in libX11 (closes: #414046); + CVE-2007-1003: integer overflow in the ProcXCMiscGetXIDList() function in the XC-MISC extension in the X server. oldstable/main/binary-s390/lbxproxy_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libdps1_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libdps1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libdps-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libice6_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libice6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libice-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libsm6_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libsm6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libsm-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libx11-6_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libx11-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxaw6_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxaw6-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxaw7_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxaw7-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxext6_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxext6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxext-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxft1_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxft1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxi6_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxi6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxi-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxmu6_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxmu-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxmuu1_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxmuu-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxp6_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxp6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxp-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxpm4_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxpm-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxrandr2_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxrandr-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxt6_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxt6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxt-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxtrap6_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxtrap-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxtst6_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxtst-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxv1_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxv1-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/libxv-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/proxymngr_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/twm_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xbase-clients_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xdm_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xfs_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xfwp_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xmh_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xnest_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xserver-common_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xterm_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xutils_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xvfb_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/x-window-system-core_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/x-window-system-dev_4.3.0.dfsg.1-14sarge4_s390.deb oldstable/main/binary-s390/xlibmesa3_4.3.0.dfsg.1-14sarge4_s390.deb xfree86 (4.3.0.dfsg.1-14sarge4) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities: + CVE-2007-1351, CVE-2007-1352: integer overflows in the BDF font and fonts.dir parsing components of libXfont; + CVE-2007-1667: integer overflows in the XGetPixel() and XInitImage() functions in libX11 (closes: #414046); + CVE-2007-1003: integer overflow in the ProcXCMiscGetXIDList() function in the XC-MISC extension in the X server. oldstable/main/binary-sparc/lbxproxy_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libdps1_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libdps1-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libdps-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libice6_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libice6-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libice-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libsm6_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libsm6-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libsm-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libx11-6_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libx11-6-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libx11-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxaw6_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxaw6-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxaw6-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxaw7_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxaw7-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxaw7-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxext6_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxext6-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxext-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxft1_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxft1-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxi6_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxi6-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxi-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxmu6_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxmu6-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxmu-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxmuu1_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxmuu1-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxmuu-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxp6_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxp6-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxp-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxpm4_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxpm4-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxpm-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxrandr2_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxrandr2-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxrandr-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxt6_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxt6-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxt-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxtrap6_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxtrap6-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxtrap-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxtst6_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxtst6-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxtst-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxv1_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxv1-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/libxv-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/proxymngr_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/twm_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xbase-clients_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xdm_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xfs_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xfwp_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xlibmesa-dri_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xlibmesa-gl_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xlibmesa-glu_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xlibosmesa4_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xlibosmesa-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xlibs-static-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xlibs-static-pic_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xmh_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xnest_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xserver-common_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xserver-xfree86_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xterm_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xutils_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xvfb_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/x-window-system-core_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/x-window-system-dev_4.3.0.dfsg.1-14sarge4_sparc.deb oldstable/main/binary-sparc/xlibmesa3_4.3.0.dfsg.1-14sarge4_sparc.deb xfree86 (4.3.0.dfsg.1-14sarge4) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities: + CVE-2007-1351, CVE-2007-1352: integer overflows in the BDF font and fonts.dir parsing components of libXfont; + CVE-2007-1667: integer overflows in the XGetPixel() and XInitImage() functions in libX11 (closes: #414046); + CVE-2007-1003: integer overflow in the ProcXCMiscGetXIDList() function in the XC-MISC extension in the X server. oldstable/main/binary-alpha/lbxproxy_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libdps1_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libdps1-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libdps-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libice6_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libice6-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libice-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libsm6_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libsm6-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libsm-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libx11-6_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libx11-6-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libx11-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxaw6_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxaw6-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxaw6-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxaw7_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxaw7-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxaw7-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxext6_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxext6-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxext-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxft1_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxft1-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxi6_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxi6-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxi-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxmu6_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxmu6-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxmu-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxmuu1_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxmuu1-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxmuu-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxp6_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxp6-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxp-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxpm4_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxpm4-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxpm-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxrandr2_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxrandr2-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxrandr-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxt6_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxt6-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxt-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxtrap6_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxtrap6-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxtrap-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxtst6_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxtst6-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxtst-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxv1_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxv1-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/libxv-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/proxymngr_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/twm_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xbase-clients_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xdm_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xfs_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xfwp_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xlibmesa-dri_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xlibmesa-gl_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xlibmesa-glu_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xlibosmesa4_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xlibosmesa-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xlibs-static-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xlibs-static-pic_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xmh_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xnest_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xserver-common_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xserver-xfree86_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xterm_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xutils_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xvfb_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/x-window-system-core_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/x-window-system-dev_4.3.0.dfsg.1-14sarge5_alpha.deb oldstable/main/binary-alpha/xlibmesa3_4.3.0.dfsg.1-14sarge5_alpha.deb xfree86 (4.3.0.dfsg.1-14sarge5) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities + CVE-2007-4568: integer overflow in the computation of the size of a dynamic buffer can lead to a heap overflow in the build_range() function. Also, an arbitrary number of bytes on the heap can be swapped by the swap_char2b() function. + CVE-2007-3103: race condition in xfs init script oldstable/main/binary-amd64/lbxproxy_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libdps1_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libdps1-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libdps-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libice6_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libice6-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libice-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libsm6_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libsm6-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libsm-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libx11-6_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libx11-6-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libx11-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxaw6_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxaw6-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxaw6-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxaw7_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxaw7-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxaw7-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxext6_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxext6-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxext-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxft1_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxft1-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxi6_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxi6-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxi-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxmu6_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxmu6-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxmu-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxmuu1_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxmuu1-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxmuu-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxp6_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxp6-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxp-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxpm4_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxpm4-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxpm-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxrandr2_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxrandr2-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxrandr-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxt6_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxt6-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxt-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxtrap6_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxtrap6-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxtrap-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxtst6_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxtst6-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxtst-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxv1_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxv1-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/libxv-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/proxymngr_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/twm_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xbase-clients_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xdm_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xfs_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xfwp_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xlibmesa-dri_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xlibmesa-gl_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xlibmesa-glu_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xlibosmesa4_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xlibosmesa-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xlibs-static-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xlibs-static-pic_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xmh_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xnest_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xserver-common_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xserver-xfree86_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xterm_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xutils_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xvfb_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/x-window-system-core_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/x-window-system-dev_4.3.0.dfsg.1-14sarge5_amd64.deb oldstable/main/binary-amd64/xlibmesa3_4.3.0.dfsg.1-14sarge5_amd64.deb xfree86 (4.3.0.dfsg.1-14sarge5) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities + CVE-2007-4568: integer overflow in the computation of the size of a dynamic buffer can lead to a heap overflow in the build_range() function. Also, an arbitrary number of bytes on the heap can be swapped by the swap_char2b() function. + CVE-2007-3103: race condition in xfs init script oldstable/main/binary-arm/lbxproxy_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libdps1_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libdps1-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libdps-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libice6_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libice6-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libice-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libsm6_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libsm6-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libsm-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libx11-6_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libx11-6-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libx11-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxaw6_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxaw6-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxaw6-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxaw7_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxaw7-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxaw7-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxext6_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxext6-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxext-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxft1_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxft1-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxi6_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxi6-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxi-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxmu6_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxmu6-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxmu-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxmuu1_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxmuu1-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxmuu-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxp6_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxp6-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxp-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxpm4_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxpm4-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxpm-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxrandr2_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxrandr2-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxrandr-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxt6_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxt6-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxt-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxtrap6_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxtrap6-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxtrap-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxtst6_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxtst6-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxtst-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxv1_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxv1-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/libxv-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/proxymngr_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/twm_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xbase-clients_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xdm_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xfs_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xfwp_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xlibmesa-gl_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xlibmesa-glu_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xlibs-static-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xlibs-static-pic_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xmh_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xnest_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xserver-common_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xserver-xfree86_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xterm_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xutils_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xvfb_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/x-window-system-core_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/x-window-system-dev_4.3.0.dfsg.1-14sarge5_arm.deb oldstable/main/binary-arm/xlibmesa3_4.3.0.dfsg.1-14sarge5_arm.deb xfree86 (4.3.0.dfsg.1-14sarge5) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities + CVE-2007-4568: integer overflow in the computation of the size of a dynamic buffer can lead to a heap overflow in the build_range() function. Also, an arbitrary number of bytes on the heap can be swapped by the swap_char2b() function. + CVE-2007-3103: race condition in xfs init script oldstable/main/binary-hppa/lbxproxy_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libdps1_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libdps1-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libdps-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libice6_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libice6-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libice-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libsm6_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libsm6-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libsm-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libx11-6_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libx11-6-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libx11-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxaw6_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxaw6-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxaw6-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxaw7_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxaw7-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxaw7-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxext6_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxext6-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxext-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxft1_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxft1-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxi6_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxi6-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxi-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxmu6_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxmu6-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxmu-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxmuu1_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxmuu1-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxmuu-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxp6_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxp6-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxp-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxpm4_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxpm4-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxpm-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxrandr2_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxrandr2-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxrandr-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxt6_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxt6-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxt-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxtrap6_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxtrap6-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxtrap-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxtst6_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxtst6-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxtst-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxv1_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxv1-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/libxv-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/proxymngr_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/twm_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xbase-clients_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xdm_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xfs_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xfwp_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xlibmesa-gl_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xlibmesa-glu_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xlibs-static-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xlibs-static-pic_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xmh_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xnest_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xserver-common_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xserver-xfree86_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xterm_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xutils_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xvfb_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/x-window-system-core_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/x-window-system-dev_4.3.0.dfsg.1-14sarge5_hppa.deb oldstable/main/binary-hppa/xlibmesa3_4.3.0.dfsg.1-14sarge5_hppa.deb xfree86 (4.3.0.dfsg.1-14sarge5) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities + CVE-2007-4568: integer overflow in the computation of the size of a dynamic buffer can lead to a heap overflow in the build_range() function. Also, an arbitrary number of bytes on the heap can be swapped by the swap_char2b() function. + CVE-2007-3103: race condition in xfs init script oldstable/main/source/xfree86_4.3.0.dfsg.1-14sarge5.dsc oldstable/main/source/xfree86_4.3.0.dfsg.1-14sarge5.diff.gz oldstable/main/binary-all/pm-dev_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/x-dev_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xfonts-100dpi_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xfonts-75dpi_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xfonts-base_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xfonts-cyrillic_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xfonts-scalable_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xfree86-common_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xlibs_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xlibs-data_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xspecs_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/x-window-system_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xlibmesa-dev_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xlibs-dbg_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xlibs-dev_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-all/xlibs-pic_4.3.0.dfsg.1-14sarge5_all.deb oldstable/main/binary-i386/lbxproxy_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libdps1_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libdps1-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libdps-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libice6_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libice6-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libice-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libsm6_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libsm6-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libsm-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libx11-6_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libx11-6-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libx11-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxaw6_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxaw6-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxaw6-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxaw7_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxaw7-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxaw7-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxext6_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxext6-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxext-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxft1_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxft1-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxi6_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxi6-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxi-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxmu6_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxmu6-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxmu-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxmuu1_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxmuu1-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxmuu-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxp6_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxp6-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxp-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxpm4_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxpm4-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxpm-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxrandr2_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxrandr2-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxrandr-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxt6_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxt6-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxt-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxtrap6_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxtrap6-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxtrap-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxtst6_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxtst6-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxtst-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxv1_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxv1-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/libxv-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/proxymngr_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/twm_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xbase-clients_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xdm_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xfs_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xfwp_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xlibmesa-dri_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xlibmesa-gl_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xlibmesa-glu_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xlibosmesa4_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xlibosmesa-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xlibs-static-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xlibs-static-pic_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xmh_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xnest_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xserver-common_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xserver-xfree86_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xterm_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xutils_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xvfb_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/x-window-system-core_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/x-window-system-dev_4.3.0.dfsg.1-14sarge5_i386.deb oldstable/main/binary-i386/xlibmesa3_4.3.0.dfsg.1-14sarge5_i386.deb xfree86 (4.3.0.dfsg.1-14sarge5) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities + CVE-2007-4568: integer overflow in the computation of the size of a dynamic buffer can lead to a heap overflow in the build_range() function. Also, an arbitrary number of bytes on the heap can be swapped by the swap_char2b() function. + CVE-2007-3103: race condition in xfs init script oldstable/main/binary-ia64/lbxproxy_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libdps1_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libdps1-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libdps-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libice6_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libice6-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libice-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libsm6_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libsm6-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libsm-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libx11-6_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libx11-6-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libx11-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxaw6_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxaw6-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxaw6-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxaw7_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxaw7-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxaw7-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxext6_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxext6-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxext-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxft1_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxft1-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxi6_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxi6-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxi-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxmu6_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxmu6-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxmu-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxmuu1_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxmuu1-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxmuu-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxp6_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxp6-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxp-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxpm4_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxpm4-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxpm-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxrandr2_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxrandr2-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxrandr-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxt6_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxt6-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxt-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxtrap6_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxtrap6-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxtrap-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxtst6_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxtst6-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxtst-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxv1_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxv1-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/libxv-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/proxymngr_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/twm_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xbase-clients_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xdm_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xfs_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xfwp_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xlibmesa-dri_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xlibmesa-gl_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xlibmesa-glu_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xlibosmesa4_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xlibosmesa-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xlibs-static-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xlibs-static-pic_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xmh_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xnest_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xserver-common_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xserver-xfree86_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xterm_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xutils_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xvfb_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/x-window-system-core_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/x-window-system-dev_4.3.0.dfsg.1-14sarge5_ia64.deb oldstable/main/binary-ia64/xlibmesa3_4.3.0.dfsg.1-14sarge5_ia64.deb xfree86 (4.3.0.dfsg.1-14sarge5) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities + CVE-2007-4568: integer overflow in the computation of the size of a dynamic buffer can lead to a heap overflow in the build_range() function. Also, an arbitrary number of bytes on the heap can be swapped by the swap_char2b() function. + CVE-2007-3103: race condition in xfs init script oldstable/main/binary-m68k/lbxproxy_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libdps1_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libdps1-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libdps-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libice6_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libice6-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libice-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libsm6_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libsm6-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libsm-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libx11-6_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libx11-6-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libx11-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxaw6_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxaw6-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxaw6-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxaw7_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxaw7-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxaw7-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxext6_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxext6-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxext-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxft1_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxft1-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxi6_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxi6-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxi-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxmu6_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxmu6-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxmu-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxmuu1_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxmuu1-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxmuu-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxp6_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxp6-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxp-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxpm4_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxpm4-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxpm-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxrandr2_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxrandr2-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxrandr-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxt6_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxt6-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxt-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxtrap6_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxtrap6-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxtrap-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxtst6_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxtst6-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxtst-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxv1_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxv1-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/libxv-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/proxymngr_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/twm_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xbase-clients_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xdm_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xfs_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xfwp_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xlibmesa-gl_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xlibmesa-glu_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xlibs-static-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xlibs-static-pic_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xmh_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xnest_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xserver-common_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xserver-xfree86_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xterm_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xutils_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xvfb_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/x-window-system-core_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/x-window-system-dev_4.3.0.dfsg.1-14sarge5_m68k.deb oldstable/main/binary-m68k/xlibmesa3_4.3.0.dfsg.1-14sarge5_m68k.deb xfree86 (4.3.0.dfsg.1-14sarge5) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities + CVE-2007-4568: integer overflow in the computation of the size of a dynamic buffer can lead to a heap overflow in the build_range() function. Also, an arbitrary number of bytes on the heap can be swapped by the swap_char2b() function. + CVE-2007-3103: race condition in xfs init script oldstable/main/binary-mips/lbxproxy_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libdps1_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libdps1-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libdps-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libice6_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libice6-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libice-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libsm6_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libsm6-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libsm-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libx11-6_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libx11-6-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libx11-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxaw6_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxaw6-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxaw6-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxaw7_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxaw7-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxaw7-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxext6_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxext6-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxext-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxft1_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxft1-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxi6_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxi6-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxi-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxmu6_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxmu6-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxmu-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxmuu1_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxmuu1-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxmuu-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxp6_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxp6-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxp-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxpm4_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxpm4-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxpm-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxrandr2_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxrandr2-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxrandr-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxt6_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxt6-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxt-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxtrap6_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxtrap6-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxtrap-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxtst6_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxtst6-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxtst-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxv1_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxv1-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/libxv-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/proxymngr_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/twm_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xbase-clients_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xdm_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xfs_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xfwp_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xlibmesa-gl_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xlibmesa-glu_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xlibs-static-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xlibs-static-pic_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xmh_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xnest_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xserver-common_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xserver-xfree86_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xterm_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xutils_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xvfb_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/x-window-system-core_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/x-window-system-dev_4.3.0.dfsg.1-14sarge5_mips.deb oldstable/main/binary-mips/xlibmesa3_4.3.0.dfsg.1-14sarge5_mips.deb xfree86 (4.3.0.dfsg.1-14sarge5) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities + CVE-2007-4568: integer overflow in the computation of the size of a dynamic buffer can lead to a heap overflow in the build_range() function. Also, an arbitrary number of bytes on the heap can be swapped by the swap_char2b() function. + CVE-2007-3103: race condition in xfs init script oldstable/main/binary-mipsel/lbxproxy_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libdps1_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libdps1-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libdps-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libice6_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libice6-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libice-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libsm6_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libsm6-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libsm-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libx11-6_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libx11-6-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libx11-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxaw6_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxaw6-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxaw6-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxaw7_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxaw7-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxaw7-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxext6_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxext6-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxext-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxft1_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxft1-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxi6_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxi6-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxi-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxmu6_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxmu6-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxmu-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxmuu1_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxmuu1-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxmuu-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxp6_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxp6-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxp-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxpm4_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxpm4-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxpm-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxrandr2_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxrandr2-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxrandr-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxt6_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxt6-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxt-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxtrap6_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxtrap6-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxtrap-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxtst6_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxtst6-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxtst-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxv1_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxv1-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/libxv-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/proxymngr_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/twm_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xbase-clients_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xdm_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xfs_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xfwp_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-gl_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-glu_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xlibs-static-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xlibs-static-pic_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xmh_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xnest_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xserver-common_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xserver-xfree86_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xterm_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xutils_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xvfb_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/x-window-system-core_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/x-window-system-dev_4.3.0.dfsg.1-14sarge5_mipsel.deb oldstable/main/binary-mipsel/xlibmesa3_4.3.0.dfsg.1-14sarge5_mipsel.deb xfree86 (4.3.0.dfsg.1-14sarge5) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities + CVE-2007-4568: integer overflow in the computation of the size of a dynamic buffer can lead to a heap overflow in the build_range() function. Also, an arbitrary number of bytes on the heap can be swapped by the swap_char2b() function. + CVE-2007-3103: race condition in xfs init script oldstable/main/binary-powerpc/lbxproxy_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libdps1_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libdps1-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libdps-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libice6_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libice6-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libice-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libsm6_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libsm6-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libsm-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libx11-6_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libx11-6-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libx11-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxaw6_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxaw6-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxaw6-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxaw7_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxaw7-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxaw7-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxext6_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxext6-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxext-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxft1_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxft1-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxi6_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxi6-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxi-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxmu6_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxmu6-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxmu-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxmuu1_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxmuu1-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxmuu-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxp6_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxp6-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxp-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxpm4_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxpm4-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxpm-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxrandr2_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxrandr2-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxrandr-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxt6_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxt6-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxt-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxtrap6_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxtrap6-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxtrap-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxtst6_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxtst6-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxtst-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxv1_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxv1-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/libxv-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/proxymngr_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/twm_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xbase-clients_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xdm_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xfs_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xfwp_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-dri_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-gl_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-glu_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xlibosmesa4_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xlibosmesa-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xlibs-static-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xlibs-static-pic_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xmh_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xnest_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xserver-common_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xserver-xfree86_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xterm_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xutils_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xvfb_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/x-window-system-core_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/x-window-system-dev_4.3.0.dfsg.1-14sarge5_powerpc.deb oldstable/main/binary-powerpc/xlibmesa3_4.3.0.dfsg.1-14sarge5_powerpc.deb xfree86 (4.3.0.dfsg.1-14sarge5) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities + CVE-2007-4568: integer overflow in the computation of the size of a dynamic buffer can lead to a heap overflow in the build_range() function. Also, an arbitrary number of bytes on the heap can be swapped by the swap_char2b() function. + CVE-2007-3103: race condition in xfs init script oldstable/main/binary-s390/lbxproxy_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libdps1_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libdps1-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libdps-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libice6_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libice6-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libice-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libsm6_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libsm6-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libsm-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libx11-6_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libx11-6-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libx11-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxaw6_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxaw6-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxaw6-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxaw7_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxaw7-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxaw7-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxext6_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxext6-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxext-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxft1_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxft1-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxi6_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxi6-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxi-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxmu6_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxmu6-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxmu-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxmuu1_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxmuu1-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxmuu-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxp6_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxp6-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxp-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxpm4_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxpm4-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxpm-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxrandr2_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxrandr2-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxrandr-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxt6_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxt6-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxt-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxtrap6_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxtrap6-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxtrap-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxtst6_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxtst6-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxtst-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxv1_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxv1-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/libxv-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/proxymngr_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/twm_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xbase-clients_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xdm_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xfs_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xfwp_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xlibmesa-gl_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xlibmesa-glu_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xlibs-static-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xlibs-static-pic_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xmh_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xnest_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xserver-common_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xterm_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xutils_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xvfb_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/x-window-system-core_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/x-window-system-dev_4.3.0.dfsg.1-14sarge5_s390.deb oldstable/main/binary-s390/xlibmesa3_4.3.0.dfsg.1-14sarge5_s390.deb xfree86 (4.3.0.dfsg.1-14sarge5) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities + CVE-2007-4568: integer overflow in the computation of the size of a dynamic buffer can lead to a heap overflow in the build_range() function. Also, an arbitrary number of bytes on the heap can be swapped by the swap_char2b() function. + CVE-2007-3103: race condition in xfs init script oldstable/main/binary-sparc/lbxproxy_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libdps1_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libdps1-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libdps-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libice6_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libice6-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libice-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libsm6_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libsm6-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libsm-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libx11-6_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libx11-6-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libx11-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxaw6_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxaw6-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxaw6-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxaw7_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxaw7-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxaw7-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxext6_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxext6-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxext-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxft1_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxft1-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxi6_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxi6-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxi-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxmu6_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxmu6-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxmu-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxmuu1_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxmuu1-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxmuu-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxp6_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxp6-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxp-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxpm4_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxpm4-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxpm-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxrandr2_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxrandr2-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxrandr-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxt6_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxt6-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxt-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxtrap6_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxtrap6-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxtrap-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxtst6_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxtst6-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxtst-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxv1_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxv1-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/libxv-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/proxymngr_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/twm_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xbase-clients_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xdm_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xfs_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xfwp_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xlibmesa-dri_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xlibmesa-gl_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xlibmesa-glu_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xlibosmesa4_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xlibosmesa-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xlibs-static-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xlibs-static-pic_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xmh_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xnest_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xserver-common_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xserver-xfree86_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xterm_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xutils_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xvfb_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/x-window-system-core_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/x-window-system-dev_4.3.0.dfsg.1-14sarge5_sparc.deb oldstable/main/binary-sparc/xlibmesa3_4.3.0.dfsg.1-14sarge5_sparc.deb xfree86 (4.3.0.dfsg.1-14sarge5) oldstable-security; urgency=high * Security upload, fixes several vulnerabilities + CVE-2007-4568: integer overflow in the computation of the size of a dynamic buffer can lead to a heap overflow in the build_range() function. Also, an arbitrary number of bytes on the heap can be swapped by the swap_char2b() function. + CVE-2007-3103: race condition in xfs init script oldstable/main/binary-hppa/evolution-exchange_2.0.4-1_hppa.deb ximian-connector (2.0.4-1) testing-proposed-updates; urgency=medium * New upstream release This package is necessary to sync up with evolution 2.0.4, Evolution and evolution-exchange should match up, and the 2.0.4 package fixes many bugs. Closes #299504 Closes #306439 Closes #283605 - Remove CVS the spam loop patch, It's no longer needed. * Added manpage for ximian-connector-setup * Changed build depends from libdb4.2-dev to libdb4.1-dev oldstable/main/binary-alpha/xpdf-reader_3.00-13.7_alpha.deb oldstable/main/binary-alpha/xpdf-utils_3.00-13.7_alpha.deb xpdf (3.00-13.7) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-arm/xpdf-reader_3.00-13.7_arm.deb oldstable/main/binary-arm/xpdf-utils_3.00-13.7_arm.deb xpdf (3.00-13.7) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-hppa/xpdf-reader_3.00-13.7_hppa.deb oldstable/main/binary-hppa/xpdf-utils_3.00-13.7_hppa.deb xpdf (3.00-13.7) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/source/xpdf_3.00-13.7.dsc oldstable/main/source/xpdf_3.00-13.7.diff.gz oldstable/main/binary-all/xpdf_3.00-13.7_all.deb oldstable/main/binary-all/xpdf-common_3.00-13.7_all.deb oldstable/main/binary-i386/xpdf-reader_3.00-13.7_i386.deb oldstable/main/binary-i386/xpdf-utils_3.00-13.7_i386.deb xpdf (3.00-13.7) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-ia64/xpdf-reader_3.00-13.7_ia64.deb oldstable/main/binary-ia64/xpdf-utils_3.00-13.7_ia64.deb xpdf (3.00-13.7) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-m68k/xpdf-reader_3.00-13.7_m68k.deb oldstable/main/binary-m68k/xpdf-utils_3.00-13.7_m68k.deb xpdf (3.00-13.7) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-mips/xpdf-reader_3.00-13.7_mips.deb oldstable/main/binary-mips/xpdf-utils_3.00-13.7_mips.deb xpdf (3.00-13.7) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-mipsel/xpdf-reader_3.00-13.7_mipsel.deb oldstable/main/binary-mipsel/xpdf-utils_3.00-13.7_mipsel.deb xpdf (3.00-13.7) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-powerpc/xpdf-reader_3.00-13.7_powerpc.deb oldstable/main/binary-powerpc/xpdf-utils_3.00-13.7_powerpc.deb xpdf (3.00-13.7) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-s390/xpdf-reader_3.00-13.7_s390.deb oldstable/main/binary-s390/xpdf-utils_3.00-13.7_s390.deb xpdf (3.00-13.7) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-sparc/xpdf-reader_3.00-13.7_sparc.deb oldstable/main/binary-sparc/xpdf-utils_3.00-13.7_sparc.deb xpdf (3.00-13.7) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-arm/xwine_1.0-1_arm.deb xwine (1.0-1) unstable; urgency=low * Initial Release. * Closes ITPs. Closes: #290593, #290595 oldstable/main/source/zoph_0.3.3-12sarge3.dsc oldstable/main/source/zoph_0.3.3-12sarge3.diff.gz oldstable/main/binary-all/zoph_0.3.3-12sarge3_all.deb zoph (0.3.3-12sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix SQL injection vulnerability in photos.php (CVE-2007-3905, closes: 435711) Removed the following packages from oldstable: kernel-headers-2.6.8-12 | 2.6.8-16sarge6 | i386 kernel-headers-2.6.8-12-amd64-generic | 2.6.8-16sarge6 | i386 kernel-headers-2.6.8-12-amd64-k8 | 2.6.8-16sarge6 | i386 kernel-headers-2.6.8-12-amd64-k8-smp | 2.6.8-16sarge6 | i386 kernel-headers-2.6.8-12-em64t-p4 | 2.6.8-16sarge6 | i386 kernel-headers-2.6.8-12-em64t-p4-smp | 2.6.8-16sarge6 | i386 kernel-image-2.6.8-12-amd64-generic | 2.6.8-16sarge6 | i386 kernel-image-2.6.8-12-amd64-k8 | 2.6.8-16sarge6 | i386 kernel-image-2.6.8-12-amd64-k8-smp | 2.6.8-16sarge6 | i386 kernel-image-2.6.8-12-em64t-p4 | 2.6.8-16sarge6 | i386 kernel-image-2.6.8-12-em64t-p4-smp | 2.6.8-16sarge6 | i386 acpi-modules-2.6.8-3-386-di | 1.02sarge4 | i386 affs-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc affs-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc affs-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc cdrom-core-modules-2.6.8-3-32-di | 1.1sarge2 | hppa cdrom-core-modules-2.6.8-3-386-di | 1.02sarge4 | i386 cdrom-core-modules-2.6.8-3-64-di | 1.1sarge2 | hppa cdrom-core-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 cdrom-core-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc cdrom-core-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc cdrom-core-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc cdrom-core-modules-2.6.8-3-sparc32-di | 0.05sarge2 | sparc cdrom-core-modules-2.6.8-3-sparc64-di | 0.05sarge2 | sparc cdrom-modules-2.6.8-3-32-di | 1.1sarge2 | hppa cdrom-modules-2.6.8-3-386-di | 1.02sarge4 | i386 cdrom-modules-2.6.8-3-64-di | 1.1sarge2 | hppa ext2-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc ext2-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc ext2-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc ext3-modules-2.6.8-3-32-di | 1.1sarge2 | hppa ext3-modules-2.6.8-3-386-di | 1.02sarge4 | i386 ext3-modules-2.6.8-3-64-di | 1.1sarge2 | hppa ext3-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 ext3-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc ext3-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc ext3-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc ext3-modules-2.6.8-3-sparc32-di | 0.05sarge2 | sparc ext3-modules-2.6.8-3-sparc64-di | 0.05sarge2 | sparc fat-modules-2.6.8-3-386-di | 1.02sarge4 | i386 fat-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 fat-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc fat-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc fat-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc fat-modules-2.6.8-3-sparc32-di | 0.05sarge2 | sparc fat-modules-2.6.8-3-sparc64-di | 0.05sarge2 | sparc fb-modules-2.6.8-3-386-di | 1.02sarge4 | i386 fb-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 fb-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc fb-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc fb-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc firewire-core-modules-2.6.8-3-32-di | 1.1sarge2 | hppa firewire-core-modules-2.6.8-3-386-di | 1.02sarge4 | i386 firewire-core-modules-2.6.8-3-64-di | 1.1sarge2 | hppa firewire-core-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 firewire-core-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc firewire-core-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc firewire-core-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc firmware-modules-2.6.8-3-386-di | 1.02sarge4 | i386 firmware-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 firmware-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc firmware-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc firmware-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc floppy-modules-2.6.8-3-386-di | 1.02sarge4 | i386 floppy-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc floppy-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc floppy-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc fs-common-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc fs-common-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc fs-common-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc hfs-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc hfs-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc hfs-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc hostap-modules-2.6.8-3-386 | 1:0.3.7-1sarge1 | i386 hostap-modules-2.6.8-3-686 | 1:0.3.7-1sarge1 | i386 hostap-modules-2.6.8-3-686-smp | 1:0.3.7-1sarge1 | i386 hostap-modules-2.6.8-3-k7 | 1:0.3.7-1sarge1 | i386 hostap-modules-2.6.8-3-k7-smp | 1:0.3.7-1sarge1 | i386 ide-core-modules-2.6.8-3-386-di | 1.02sarge4 | i386 ide-core-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 ide-modules-2.6.8-3-32-di | 1.1sarge2 | hppa ide-modules-2.6.8-3-386-di | 1.02sarge4 | i386 ide-modules-2.6.8-3-64-di | 1.1sarge2 | hppa ide-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 ide-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc ide-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc ide-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc ide-modules-2.6.8-3-sparc64-di | 0.05sarge2 | sparc input-modules-2.6.8-3-32-di | 1.1sarge2 | hppa input-modules-2.6.8-3-386-di | 1.02sarge4 | i386 input-modules-2.6.8-3-64-di | 1.1sarge2 | hppa input-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 input-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc input-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc input-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc ipv6-modules-2.6.8-3-32-di | 1.1sarge2 | hppa ipv6-modules-2.6.8-3-386-di | 1.02sarge4 | i386 ipv6-modules-2.6.8-3-64-di | 1.1sarge2 | hppa ipv6-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 ipv6-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc ipv6-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc ipv6-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc ipv6-modules-2.6.8-3-sparc32-di | 0.05sarge2 | sparc ipv6-modules-2.6.8-3-sparc64-di | 0.05sarge2 | sparc irda-modules-2.6.8-3-386-di | 1.02sarge4 | i386 irda-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 irda-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc irda-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc irda-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc jfs-modules-2.6.8-3-386-di | 1.02sarge4 | i386 jfs-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc jfs-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc jfs-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc kernel-build-2.6.8-3 | 2.6.8-15sarge6 | sparc kernel-build-2.6.8-3-power3 | 2.6.8-12sarge6 | powerpc kernel-build-2.6.8-3-power3-smp | 2.6.8-12sarge6 | powerpc kernel-build-2.6.8-3-power4 | 2.6.8-12sarge6 | powerpc kernel-build-2.6.8-3-power4-smp | 2.6.8-12sarge6 | powerpc kernel-build-2.6.8-3-powerpc | 2.6.8-12sarge6 | powerpc kernel-build-2.6.8-3-powerpc-smp | 2.6.8-12sarge6 | powerpc kernel-headers-2.6.8-3 | 2.6.8-5sarge6 | s390 kernel-headers-2.6.8-3 | 2.6.8-6sarge6 | hppa kernel-headers-2.6.8-3 | 2.6.8-12sarge6 | powerpc kernel-headers-2.6.8-3 | 2.6.8-14sarge6 | ia64 kernel-headers-2.6.8-3 | 2.6.8-15sarge6 | sparc kernel-headers-2.6.8-3 | 2.6.8-16sarge6 | alpha, i386 kernel-headers-2.6.8-3-32 | 2.6.8-6sarge6 | hppa kernel-headers-2.6.8-3-32-smp | 2.6.8-6sarge6 | hppa kernel-headers-2.6.8-3-386 | 2.6.8-16sarge6 | i386 kernel-headers-2.6.8-3-64 | 2.6.8-6sarge6 | hppa kernel-headers-2.6.8-3-64-smp | 2.6.8-6sarge6 | hppa kernel-headers-2.6.8-3-686 | 2.6.8-16sarge6 | i386 kernel-headers-2.6.8-3-686-smp | 2.6.8-16sarge6 | i386 kernel-headers-2.6.8-3-generic | 2.6.8-16sarge6 | alpha kernel-headers-2.6.8-3-itanium | 2.6.8-14sarge6 | ia64 kernel-headers-2.6.8-3-itanium-smp | 2.6.8-14sarge6 | ia64 kernel-headers-2.6.8-3-k7 | 2.6.8-16sarge6 | i386 kernel-headers-2.6.8-3-k7-smp | 2.6.8-16sarge6 | i386 kernel-headers-2.6.8-3-mckinley | 2.6.8-14sarge6 | ia64 kernel-headers-2.6.8-3-mckinley-smp | 2.6.8-14sarge6 | ia64 kernel-headers-2.6.8-3-smp | 2.6.8-16sarge6 | alpha kernel-headers-2.6.8-3-sparc32 | 2.6.8-15sarge6 | sparc kernel-headers-2.6.8-3-sparc64 | 2.6.8-15sarge6 | sparc kernel-headers-2.6.8-3-sparc64-smp | 2.6.8-15sarge6 | sparc kernel-image-2.6.8-3-32 | 2.6.8-6sarge6 | hppa kernel-image-2.6.8-3-32-di | 1.1sarge2 | hppa kernel-image-2.6.8-3-32-smp | 2.6.8-6sarge6 | hppa kernel-image-2.6.8-3-386 | 2.6.8-16sarge6 | i386 kernel-image-2.6.8-3-386-di | 1.02sarge4 | i386 kernel-image-2.6.8-3-64 | 2.6.8-6sarge6 | hppa kernel-image-2.6.8-3-64-di | 1.1sarge2 | hppa kernel-image-2.6.8-3-64-smp | 2.6.8-6sarge6 | hppa kernel-image-2.6.8-3-686 | 2.6.8-16sarge6 | i386 kernel-image-2.6.8-3-686-smp | 2.6.8-16sarge6 | i386 kernel-image-2.6.8-3-generic | 2.6.8-16sarge6 | alpha kernel-image-2.6.8-3-itanium | 2.6.8-14sarge6 | ia64 kernel-image-2.6.8-3-itanium-smp | 2.6.8-14sarge6 | ia64 kernel-image-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 kernel-image-2.6.8-3-k7 | 2.6.8-16sarge6 | i386 kernel-image-2.6.8-3-k7-smp | 2.6.8-16sarge6 | i386 kernel-image-2.6.8-3-mckinley | 2.6.8-14sarge6 | ia64 kernel-image-2.6.8-3-mckinley-smp | 2.6.8-14sarge6 | ia64 kernel-image-2.6.8-3-power3 | 2.6.8-12sarge6 | powerpc kernel-image-2.6.8-3-power3-di | 0.78sarge2 | powerpc kernel-image-2.6.8-3-power3-smp | 2.6.8-12sarge6 | powerpc kernel-image-2.6.8-3-power4 | 2.6.8-12sarge6 | powerpc kernel-image-2.6.8-3-power4-di | 0.78sarge2 | powerpc kernel-image-2.6.8-3-power4-smp | 2.6.8-12sarge6 | powerpc kernel-image-2.6.8-3-powerpc | 2.6.8-12sarge6 | powerpc kernel-image-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc kernel-image-2.6.8-3-powerpc-smp | 2.6.8-12sarge6 | powerpc kernel-image-2.6.8-3-s390 | 2.6.8-5sarge6 | s390 kernel-image-2.6.8-3-s390-tape | 2.6.8-5sarge6 | s390 kernel-image-2.6.8-3-s390x | 2.6.8-5sarge6 | s390 kernel-image-2.6.8-3-smp | 2.6.8-16sarge6 | alpha kernel-image-2.6.8-3-sparc32 | 2.6.8-15sarge6 | sparc kernel-image-2.6.8-3-sparc32-di | 0.05sarge2 | sparc kernel-image-2.6.8-3-sparc64 | 2.6.8-15sarge6 | sparc kernel-image-2.6.8-3-sparc64-di | 0.05sarge2 | sparc kernel-image-2.6.8-3-sparc64-smp | 2.6.8-15sarge6 | sparc loop-modules-2.6.8-3-32-di | 1.1sarge2 | hppa loop-modules-2.6.8-3-386-di | 1.02sarge4 | i386 loop-modules-2.6.8-3-64-di | 1.1sarge2 | hppa loop-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 loop-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc loop-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc loop-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc md-modules-2.6.8-3-32-di | 1.1sarge2 | hppa md-modules-2.6.8-3-386-di | 1.02sarge4 | i386 md-modules-2.6.8-3-64-di | 1.1sarge2 | hppa md-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 md-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc md-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc md-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc md-modules-2.6.8-3-sparc32-di | 0.05sarge2 | sparc md-modules-2.6.8-3-sparc64-di | 0.05sarge2 | sparc mol-modules-2.6.8-3-powerpc | 1:0.9.70+2.6.8+12sarge1 | powerpc mol-modules-2.6.8-3-powerpc-smp | 1:0.9.70+2.6.8+12sarge1 | powerpc ndiswrapper-modules-2.6.8-3-386 | 1.1-2sarge1 | i386 ndiswrapper-modules-2.6.8-3-686 | 1.1-2sarge1 | i386 ndiswrapper-modules-2.6.8-3-686-smp | 1.1-2sarge1 | i386 ndiswrapper-modules-2.6.8-3-k7 | 1.1-2sarge1 | i386 ndiswrapper-modules-2.6.8-3-k7-smp | 1.1-2sarge1 | i386 nic-extra-modules-2.6.8-3-386-di | 1.02sarge4 | i386 nic-extra-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc nic-extra-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc nic-extra-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc nic-modules-2.6.8-3-32-di | 1.1sarge2 | hppa nic-modules-2.6.8-3-386-di | 1.02sarge4 | i386 nic-modules-2.6.8-3-64-di | 1.1sarge2 | hppa nic-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 nic-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc nic-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc nic-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc nic-modules-2.6.8-3-sparc32-di | 0.05sarge2 | sparc nic-modules-2.6.8-3-sparc64-di | 0.05sarge2 | sparc nic-pcmcia-modules-2.6.8-3-386-di | 1.02sarge4 | i386 nic-pcmcia-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc nic-pcmcia-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc nic-pcmcia-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc nic-shared-modules-2.6.8-3-386-di | 1.02sarge4 | i386 nic-shared-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 nic-shared-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc nic-shared-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc nic-shared-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc nic-usb-modules-2.6.8-3-386-di | 1.02sarge4 | i386 nic-usb-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 ntfs-modules-2.6.8-3-386-di | 1.02sarge4 | i386 ntfs-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 parport-modules-2.6.8-3-386-di | 1.02sarge4 | i386 parport-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 pcmcia-modules-2.6.8-3-386-di | 1.02sarge4 | i386 pcmcia-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 pcmcia-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc pcmcia-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc pcmcia-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc pcmcia-storage-modules-2.6.8-3-386-di | 1.02sarge4 | i386 pcmcia-storage-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc pcmcia-storage-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc pcmcia-storage-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc plip-modules-2.6.8-3-386-di | 1.02sarge4 | i386 plip-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 plip-modules-2.6.8-3-sparc32-di | 0.05sarge2 | sparc plip-modules-2.6.8-3-sparc64-di | 0.05sarge2 | sparc ppp-modules-2.6.8-3-32-di | 1.1sarge2 | hppa ppp-modules-2.6.8-3-386-di | 1.02sarge4 | i386 ppp-modules-2.6.8-3-64-di | 1.1sarge2 | hppa ppp-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 ppp-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc ppp-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc ppp-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc ppp-modules-2.6.8-3-sparc32-di | 0.05sarge2 | sparc ppp-modules-2.6.8-3-sparc64-di | 0.05sarge2 | sparc reiserfs-modules-2.6.8-3-386-di | 1.02sarge4 | i386 reiserfs-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 reiserfs-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc reiserfs-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc reiserfs-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc reiserfs-modules-2.6.8-3-sparc32-di | 0.05sarge2 | sparc reiserfs-modules-2.6.8-3-sparc64-di | 0.05sarge2 | sparc sata-modules-2.6.8-3-32-di | 1.1sarge2 | hppa sata-modules-2.6.8-3-386-di | 1.02sarge4 | i386 sata-modules-2.6.8-3-64-di | 1.1sarge2 | hppa sata-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 sata-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc sata-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc sata-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc scsi-common-modules-2.6.8-3-386-di | 1.02sarge4 | i386 scsi-common-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc scsi-common-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc scsi-common-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc scsi-common-modules-2.6.8-3-sparc32-di | 0.05sarge2 | sparc scsi-common-modules-2.6.8-3-sparc64-di | 0.05sarge2 | sparc scsi-core-modules-2.6.8-3-386-di | 1.02sarge4 | i386 scsi-core-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 scsi-core-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc scsi-core-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc scsi-core-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc scsi-core-modules-2.6.8-3-sparc32-di | 0.05sarge2 | sparc scsi-core-modules-2.6.8-3-sparc64-di | 0.05sarge2 | sparc scsi-extra-modules-2.6.8-3-386-di | 1.02sarge4 | i386 scsi-extra-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc scsi-extra-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc scsi-extra-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc scsi-modules-2.6.8-3-32-di | 1.1sarge2 | hppa scsi-modules-2.6.8-3-386-di | 1.02sarge4 | i386 scsi-modules-2.6.8-3-64-di | 1.1sarge2 | hppa scsi-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 scsi-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc scsi-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc scsi-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc serial-modules-2.6.8-3-386-di | 1.02sarge4 | i386 serial-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 serial-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc serial-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc serial-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc socket-modules-2.6.8-3-32-di | 1.1sarge2 | hppa socket-modules-2.6.8-3-386-di | 1.02sarge4 | i386 socket-modules-2.6.8-3-64-di | 1.1sarge2 | hppa socket-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc socket-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc socket-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc ufs-modules-2.6.8-3-386-di | 1.02sarge4 | i386 ufs-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 ufs-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc ufs-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc ufs-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc usb-modules-2.6.8-3-32-di | 1.1sarge2 | hppa usb-modules-2.6.8-3-386-di | 1.02sarge4 | i386 usb-modules-2.6.8-3-64-di | 1.1sarge2 | hppa usb-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 usb-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc usb-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc usb-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc usb-modules-2.6.8-3-sparc64-di | 0.05sarge2 | sparc usb-storage-modules-2.6.8-3-32-di | 1.1sarge2 | hppa usb-storage-modules-2.6.8-3-386-di | 1.02sarge4 | i386 usb-storage-modules-2.6.8-3-64-di | 1.1sarge2 | hppa usb-storage-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 usb-storage-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc usb-storage-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc usb-storage-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc xfs-modules-2.6.8-3-32-di | 1.1sarge2 | hppa xfs-modules-2.6.8-3-386-di | 1.02sarge4 | i386 xfs-modules-2.6.8-3-64-di | 1.1sarge2 | hppa xfs-modules-2.6.8-3-itanium-smp-di | 1.1sarge2 | ia64 xfs-modules-2.6.8-3-power3-di | 0.78sarge2 | powerpc xfs-modules-2.6.8-3-power4-di | 0.78sarge2 | powerpc xfs-modules-2.6.8-3-powerpc-di | 0.78sarge2 | powerpc xfs-modules-2.6.8-3-sparc32-di | 0.05sarge2 | sparc xfs-modules-2.6.8-3-sparc64-di | 0.05sarge2 | sparc ------------------- Reason ------------------- [auto-cruft] NBS ---------------------------------------------- ========================================= Sat, 7 Apr 2007 - Debian 3.1r6 released ========================================= stable/main/binary-sparc/zope2.7_2.7.5-2sarge4_sparc.deb zope2.7 (2.7.5-2sarge4) stable-security; urgency=high * SECURITY UPDATE: Prevent privileges elevation through misuse of HTTP GET. Refs: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view CVE-2007-0240 (Closes: #416500) stable/main/binary-s390/zope2.7_2.7.5-2sarge4_s390.deb zope2.7 (2.7.5-2sarge4) stable-security; urgency=high * SECURITY UPDATE: Prevent privileges elevation through misuse of HTTP GET. Refs: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view CVE-2007-0240 (Closes: #416500) stable/main/binary-powerpc/zope2.7_2.7.5-2sarge4_powerpc.deb zope2.7 (2.7.5-2sarge4) stable-security; urgency=high * SECURITY UPDATE: Prevent privileges elevation through misuse of HTTP GET. Refs: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view CVE-2007-0240 (Closes: #416500) stable/main/binary-mipsel/zope2.7_2.7.5-2sarge4_mipsel.deb zope2.7 (2.7.5-2sarge4) stable-security; urgency=high * SECURITY UPDATE: Prevent privileges elevation through misuse of HTTP GET. Refs: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view CVE-2007-0240 (Closes: #416500) stable/main/binary-mips/zope2.7_2.7.5-2sarge4_mips.deb zope2.7 (2.7.5-2sarge4) stable-security; urgency=high * SECURITY UPDATE: Prevent privileges elevation through misuse of HTTP GET. Refs: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view CVE-2007-0240 (Closes: #416500) stable/main/binary-m68k/zope2.7_2.7.5-2sarge4_m68k.deb zope2.7 (2.7.5-2sarge4) stable-security; urgency=high * SECURITY UPDATE: Prevent privileges elevation through misuse of HTTP GET. Refs: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view CVE-2007-0240 (Closes: #416500) stable/main/binary-ia64/zope2.7_2.7.5-2sarge4_ia64.deb zope2.7 (2.7.5-2sarge4) stable-security; urgency=high * SECURITY UPDATE: Prevent privileges elevation through misuse of HTTP GET. Refs: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view CVE-2007-0240 (Closes: #416500) stable/main/binary-hppa/zope2.7_2.7.5-2sarge4_hppa.deb zope2.7 (2.7.5-2sarge4) stable-security; urgency=high * SECURITY UPDATE: Prevent privileges elevation through misuse of HTTP GET. Refs: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view CVE-2007-0240 (Closes: #416500) stable/main/binary-arm/zope2.7_2.7.5-2sarge4_arm.deb zope2.7 (2.7.5-2sarge4) stable-security; urgency=high * SECURITY UPDATE: Prevent privileges elevation through misuse of HTTP GET. Refs: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view CVE-2007-0240 (Closes: #416500) stable/main/binary-alpha/zope2.7_2.7.5-2sarge4_alpha.deb zope2.7 (2.7.5-2sarge4) stable-security; urgency=high * SECURITY UPDATE: Prevent privileges elevation through misuse of HTTP GET. Refs: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view CVE-2007-0240 (Closes: #416500) stable/main/source/zope2.7_2.7.5-2sarge4.diff.gz stable/main/source/zope2.7_2.7.5-2sarge4.dsc stable/main/binary-i386/zope2.7_2.7.5-2sarge4_i386.deb zope2.7 (2.7.5-2sarge4) stable-security; urgency=high * SECURITY UPDATE: Prevent privileges elevation through misuse of HTTP GET. Refs: http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement/view CVE-2007-0240 (Closes: #416500) stable/main/binary-sparc/xmms-dev_1.2.10+cvs20050209-2sarge1_sparc.deb stable/main/binary-sparc/xmms_1.2.10+cvs20050209-2sarge1_sparc.deb xmms (1.2.10+cvs20050209-2sarge1) stable-security; urgency=high * Backported patch from Kees Cook to address integer underflow CVE-2007-0654 and overflow CVE-2007-0653 in BMP loader xmms/bmp.c (see #416423). stable/main/binary-s390/xmms_1.2.10+cvs20050209-2sarge1_s390.deb stable/main/binary-s390/xmms-dev_1.2.10+cvs20050209-2sarge1_s390.deb xmms (1.2.10+cvs20050209-2sarge1) stable-security; urgency=high * Backported patch from Kees Cook to address integer underflow CVE-2007-0654 and overflow CVE-2007-0653 in BMP loader xmms/bmp.c (see #416423). stable/main/binary-powerpc/xmms-dev_1.2.10+cvs20050209-2sarge1_powerpc.deb stable/main/binary-powerpc/xmms_1.2.10+cvs20050209-2sarge1_powerpc.deb xmms (1.2.10+cvs20050209-2sarge1) stable-security; urgency=high * Backported patch from Kees Cook to address integer underflow CVE-2007-0654 and overflow CVE-2007-0653 in BMP loader xmms/bmp.c (see #416423). stable/main/binary-mipsel/xmms_1.2.10+cvs20050209-2sarge1_mipsel.deb stable/main/binary-mipsel/xmms-dev_1.2.10+cvs20050209-2sarge1_mipsel.deb xmms (1.2.10+cvs20050209-2sarge1) stable-security; urgency=high * Backported patch from Kees Cook to address integer underflow CVE-2007-0654 and overflow CVE-2007-0653 in BMP loader xmms/bmp.c (see #416423). stable/main/binary-mips/xmms_1.2.10+cvs20050209-2sarge1_mips.deb stable/main/binary-mips/xmms-dev_1.2.10+cvs20050209-2sarge1_mips.deb xmms (1.2.10+cvs20050209-2sarge1) stable-security; urgency=high * Backported patch from Kees Cook to address integer underflow CVE-2007-0654 and overflow CVE-2007-0653 in BMP loader xmms/bmp.c (see #416423). stable/main/binary-m68k/xmms_1.2.10+cvs20050209-2sarge1_m68k.deb stable/main/binary-m68k/xmms-dev_1.2.10+cvs20050209-2sarge1_m68k.deb xmms (1.2.10+cvs20050209-2sarge1) stable-security; urgency=high * Backported patch from Kees Cook to address integer underflow CVE-2007-0654 and overflow CVE-2007-0653 in BMP loader xmms/bmp.c (see #416423). stable/main/binary-ia64/xmms_1.2.10+cvs20050209-2sarge1_ia64.deb stable/main/binary-ia64/xmms-dev_1.2.10+cvs20050209-2sarge1_ia64.deb xmms (1.2.10+cvs20050209-2sarge1) stable-security; urgency=high * Backported patch from Kees Cook to address integer underflow CVE-2007-0654 and overflow CVE-2007-0653 in BMP loader xmms/bmp.c (see #416423). stable/main/binary-hppa/xmms_1.2.10+cvs20050209-2sarge1_hppa.deb stable/main/binary-hppa/xmms-dev_1.2.10+cvs20050209-2sarge1_hppa.deb xmms (1.2.10+cvs20050209-2sarge1) stable-security; urgency=high * Backported patch from Kees Cook to address integer underflow CVE-2007-0654 and overflow CVE-2007-0653 in BMP loader xmms/bmp.c (see #416423). stable/main/binary-arm/xmms_1.2.10+cvs20050209-2sarge1_arm.deb stable/main/binary-arm/xmms-dev_1.2.10+cvs20050209-2sarge1_arm.deb xmms (1.2.10+cvs20050209-2sarge1) stable-security; urgency=high * Backported patch from Kees Cook to address integer underflow CVE-2007-0654 and overflow CVE-2007-0653 in BMP loader xmms/bmp.c (see #416423). stable/main/binary-alpha/xmms_1.2.10+cvs20050209-2sarge1_alpha.deb stable/main/binary-alpha/xmms-dev_1.2.10+cvs20050209-2sarge1_alpha.deb xmms (1.2.10+cvs20050209-2sarge1) stable-security; urgency=high * Backported patch from Kees Cook to address integer underflow CVE-2007-0654 and overflow CVE-2007-0653 in BMP loader xmms/bmp.c (see #416423). stable/main/source/xmms_1.2.10+cvs20050209-2sarge1.diff.gz stable/main/binary-i386/xmms-dev_1.2.10+cvs20050209-2sarge1_i386.deb stable/main/source/xmms_1.2.10+cvs20050209-2sarge1.dsc stable/main/binary-i386/xmms_1.2.10+cvs20050209-2sarge1_i386.deb xmms (1.2.10+cvs20050209-2sarge1) stable-security; urgency=high * Backported patch from Kees Cook to address integer underflow CVE-2007-0654 and overflow CVE-2007-0653 in BMP loader xmms/bmp.c (see #416423). stable/main/source/webcalendar_0.9.45-4sarge6.dsc stable/main/binary-all/webcalendar_0.9.45-4sarge6_all.deb stable/main/source/webcalendar_0.9.45-4sarge6.diff.gz webcalendar (0.9.45-4sarge6) stable-security; urgency=high * Non-maintainer upload by the Security Team * Protect noSet variable against external modification [CVE-2007-1343] stable/main/binary-sparc/tcpdump_3.8.3-5sarge2_sparc.deb tcpdump (3.8.3-5sarge2) stable-security; urgency=high * debian/patches/60_CVE-2007-1218.dpatch: New patch, fixes a potential buffer overflow in the 802.11 printer. References: + CVE-2007-1218 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413430 * debian/patches/00list: Update. stable/main/binary-s390/tcpdump_3.8.3-5sarge2_s390.deb tcpdump (3.8.3-5sarge2) stable-security; urgency=high * debian/patches/60_CVE-2007-1218.dpatch: New patch, fixes a potential buffer overflow in the 802.11 printer. References: + CVE-2007-1218 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413430 * debian/patches/00list: Update. stable/main/binary-powerpc/tcpdump_3.8.3-5sarge2_powerpc.deb tcpdump (3.8.3-5sarge2) stable-security; urgency=high * debian/patches/60_CVE-2007-1218.dpatch: New patch, fixes a potential buffer overflow in the 802.11 printer. References: + CVE-2007-1218 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413430 * debian/patches/00list: Update. stable/main/binary-mipsel/tcpdump_3.8.3-5sarge2_mipsel.deb tcpdump (3.8.3-5sarge2) stable-security; urgency=high * debian/patches/60_CVE-2007-1218.dpatch: New patch, fixes a potential buffer overflow in the 802.11 printer. References: + CVE-2007-1218 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413430 * debian/patches/00list: Update. stable/main/binary-mips/tcpdump_3.8.3-5sarge2_mips.deb tcpdump (3.8.3-5sarge2) stable-security; urgency=high * debian/patches/60_CVE-2007-1218.dpatch: New patch, fixes a potential buffer overflow in the 802.11 printer. References: + CVE-2007-1218 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413430 * debian/patches/00list: Update. stable/main/binary-m68k/tcpdump_3.8.3-5sarge2_m68k.deb tcpdump (3.8.3-5sarge2) stable-security; urgency=high * debian/patches/60_CVE-2007-1218.dpatch: New patch, fixes a potential buffer overflow in the 802.11 printer. References: + CVE-2007-1218 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413430 * debian/patches/00list: Update. stable/main/binary-ia64/tcpdump_3.8.3-5sarge2_ia64.deb tcpdump (3.8.3-5sarge2) stable-security; urgency=high * debian/patches/60_CVE-2007-1218.dpatch: New patch, fixes a potential buffer overflow in the 802.11 printer. References: + CVE-2007-1218 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413430 * debian/patches/00list: Update. stable/main/binary-hppa/tcpdump_3.8.3-5sarge2_hppa.deb tcpdump (3.8.3-5sarge2) stable-security; urgency=high * debian/patches/60_CVE-2007-1218.dpatch: New patch, fixes a potential buffer overflow in the 802.11 printer. References: + CVE-2007-1218 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413430 * debian/patches/00list: Update. stable/main/binary-arm/tcpdump_3.8.3-5sarge2_arm.deb tcpdump (3.8.3-5sarge2) stable-security; urgency=high * debian/patches/60_CVE-2007-1218.dpatch: New patch, fixes a potential buffer overflow in the 802.11 printer. References: + CVE-2007-1218 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413430 * debian/patches/00list: Update. stable/main/binary-alpha/tcpdump_3.8.3-5sarge2_alpha.deb tcpdump (3.8.3-5sarge2) stable-security; urgency=high * debian/patches/60_CVE-2007-1218.dpatch: New patch, fixes a potential buffer overflow in the 802.11 printer. References: + CVE-2007-1218 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413430 * debian/patches/00list: Update. stable/main/binary-i386/tcpdump_3.8.3-5sarge2_i386.deb stable/main/source/tcpdump_3.8.3-5sarge2.dsc stable/main/source/tcpdump_3.8.3-5sarge2.diff.gz tcpdump (3.8.3-5sarge2) stable-security; urgency=high * debian/patches/60_CVE-2007-1218.dpatch: New patch, fixes a potential buffer overflow in the 802.11 printer. References: + CVE-2007-1218 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413430 * debian/patches/00list: Update. stable/main/binary-sparc/php4-gd_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-cgi_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-dev_4.3.10-19_sparc.deb stable/main/binary-sparc/libapache-mod-php4_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-domxml_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-imap_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-common_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-ldap_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-mcal_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-snmp_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-cli_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-xslt_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-odbc_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-recode_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-sybase_4.3.10-19_sparc.deb stable/main/binary-sparc/libapache2-mod-php4_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-mhash_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-mysql_4.3.10-19_sparc.deb stable/main/binary-sparc/php4-curl_4.3.10-19_sparc.deb php4 (4:4.3.10-19) stable-security; urgency=high * NMU prepared for the security team by the package maintainer * The following security issues are addressed with this update: - CVE-2007-0906: Multiple buffer overflows in various code: * session (addressed in patch for CVE-2007-0910 below) * imap (CVE-2007-0906-imap.patch) * str_replace: (CVE-2007-0906-strreplace.patch) * the zip, sqlite, stream filters, mail, and interbase related vulnerabilities in this CVE do not affect the debian sarge php4 source package. - CVE-2007-0907: Buffer underflow in sapi_header_op (CVE-2007-0907.patch) - CVE-2007-0908: wddx module information disclosure (CVE-2007-0908.patch) - CVE-2007-0909: More buffer overflows: * the odbc_result_all function (CVE-2007-0909-odbc.patch) * various formatted print functions (CVE-2007-0909-printf.patch) - CVE-2007-0910: Clobbering of super-global variables (CVE-2007-0910.patch) - CVE-2007-0988: DoS in unserialize on 64bit platforms (CVE-2007-0988.patch) * The package maintainers would like to thank Joe Orton from redhat and Martin Pitt from ubuntu for their help in the preparation of this update. stable/main/binary-s390/php4-cli_4.3.10-19_s390.deb stable/main/binary-s390/php4-mysql_4.3.10-19_s390.deb stable/main/binary-s390/php4-imap_4.3.10-19_s390.deb stable/main/binary-s390/php4-common_4.3.10-19_s390.deb stable/main/binary-s390/php4-sybase_4.3.10-19_s390.deb stable/main/binary-s390/php4-ldap_4.3.10-19_s390.deb stable/main/binary-s390/php4-cgi_4.3.10-19_s390.deb stable/main/binary-s390/php4-recode_4.3.10-19_s390.deb stable/main/binary-s390/php4-snmp_4.3.10-19_s390.deb stable/main/binary-s390/libapache-mod-php4_4.3.10-19_s390.deb stable/main/binary-s390/php4-xslt_4.3.10-19_s390.deb stable/main/binary-s390/libapache2-mod-php4_4.3.10-19_s390.deb stable/main/binary-s390/php4-curl_4.3.10-19_s390.deb stable/main/binary-s390/php4-gd_4.3.10-19_s390.deb stable/main/binary-s390/php4-odbc_4.3.10-19_s390.deb stable/main/binary-s390/php4-mhash_4.3.10-19_s390.deb stable/main/binary-s390/php4-domxml_4.3.10-19_s390.deb stable/main/binary-s390/php4-dev_4.3.10-19_s390.deb stable/main/binary-s390/php4-mcal_4.3.10-19_s390.deb php4 (4:4.3.10-19) stable-security; urgency=high * NMU prepared for the security team by the package maintainer * The following security issues are addressed with this update: - CVE-2007-0906: Multiple buffer overflows in various code: * session (addressed in patch for CVE-2007-0910 below) * imap (CVE-2007-0906-imap.patch) * str_replace: (CVE-2007-0906-strreplace.patch) * the zip, sqlite, stream filters, mail, and interbase related vulnerabilities in this CVE do not affect the debian sarge php4 source package. - CVE-2007-0907: Buffer underflow in sapi_header_op (CVE-2007-0907.patch) - CVE-2007-0908: wddx module information disclosure (CVE-2007-0908.patch) - CVE-2007-0909: More buffer overflows: * the odbc_result_all function (CVE-2007-0909-odbc.patch) * various formatted print functions (CVE-2007-0909-printf.patch) - CVE-2007-0910: Clobbering of super-global variables (CVE-2007-0910.patch) - CVE-2007-0988: DoS in unserialize on 64bit platforms (CVE-2007-0988.patch) * The package maintainers would like to thank Joe Orton from redhat and Martin Pitt from ubuntu for their help in the preparation of this update. stable/main/binary-powerpc/php4-mhash_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-cli_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-gd_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-odbc_4.3.10-19_powerpc.deb stable/main/binary-powerpc/libapache2-mod-php4_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-curl_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-xslt_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-dev_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-mcal_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-ldap_4.3.10-19_powerpc.deb stable/main/binary-powerpc/libapache-mod-php4_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-domxml_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-cgi_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-snmp_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-mysql_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-imap_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-recode_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-sybase_4.3.10-19_powerpc.deb stable/main/binary-powerpc/php4-common_4.3.10-19_powerpc.deb php4 (4:4.3.10-19) stable-security; urgency=high * NMU prepared for the security team by the package maintainer * The following security issues are addressed with this update: - CVE-2007-0906: Multiple buffer overflows in various code: * session (addressed in patch for CVE-2007-0910 below) * imap (CVE-2007-0906-imap.patch) * str_replace: (CVE-2007-0906-strreplace.patch) * the zip, sqlite, stream filters, mail, and interbase related vulnerabilities in this CVE do not affect the debian sarge php4 source package. - CVE-2007-0907: Buffer underflow in sapi_header_op (CVE-2007-0907.patch) - CVE-2007-0908: wddx module information disclosure (CVE-2007-0908.patch) - CVE-2007-0909: More buffer overflows: * the odbc_result_all function (CVE-2007-0909-odbc.patch) * various formatted print functions (CVE-2007-0909-printf.patch) - CVE-2007-0910: Clobbering of super-global variables (CVE-2007-0910.patch) - CVE-2007-0988: DoS in unserialize on 64bit platforms (CVE-2007-0988.patch) * The package maintainers would like to thank Joe Orton from redhat and Martin Pitt from ubuntu for their help in the preparation of this update. stable/main/binary-mipsel/php4-common_4.3.10-19_mipsel.deb stable/main/binary-mipsel/libapache-mod-php4_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-recode_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-snmp_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-mysql_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-dev_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-mhash_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-sybase_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-mcal_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-cli_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-curl_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-domxml_4.3.10-19_mipsel.deb stable/main/binary-mipsel/libapache2-mod-php4_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-ldap_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-gd_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-xslt_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-odbc_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-imap_4.3.10-19_mipsel.deb stable/main/binary-mipsel/php4-cgi_4.3.10-19_mipsel.deb php4 (4:4.3.10-19) stable-security; urgency=high * NMU prepared for the security team by the package maintainer * The following security issues are addressed with this update: - CVE-2007-0906: Multiple buffer overflows in various code: * session (addressed in patch for CVE-2007-0910 below) * imap (CVE-2007-0906-imap.patch) * str_replace: (CVE-2007-0906-strreplace.patch) * the zip, sqlite, stream filters, mail, and interbase related vulnerabilities in this CVE do not affect the debian sarge php4 source package. - CVE-2007-0907: Buffer underflow in sapi_header_op (CVE-2007-0907.patch) - CVE-2007-0908: wddx module information disclosure (CVE-2007-0908.patch) - CVE-2007-0909: More buffer overflows: * the odbc_result_all function (CVE-2007-0909-odbc.patch) * various formatted print functions (CVE-2007-0909-printf.patch) - CVE-2007-0910: Clobbering of super-global variables (CVE-2007-0910.patch) - CVE-2007-0988: DoS in unserialize on 64bit platforms (CVE-2007-0988.patch) * The package maintainers would like to thank Joe Orton from redhat and Martin Pitt from ubuntu for their help in the preparation of this update. stable/main/binary-mips/libapache-mod-php4_4.3.10-19_mips.deb stable/main/binary-mips/php4-dev_4.3.10-19_mips.deb stable/main/binary-mips/php4-snmp_4.3.10-19_mips.deb stable/main/binary-mips/php4-mhash_4.3.10-19_mips.deb stable/main/binary-mips/php4-imap_4.3.10-19_mips.deb stable/main/binary-mips/php4-ldap_4.3.10-19_mips.deb stable/main/binary-mips/php4-sybase_4.3.10-19_mips.deb stable/main/binary-mips/php4-common_4.3.10-19_mips.deb stable/main/binary-mips/php4-mysql_4.3.10-19_mips.deb stable/main/binary-mips/libapache2-mod-php4_4.3.10-19_mips.deb stable/main/binary-mips/php4-cgi_4.3.10-19_mips.deb stable/main/binary-mips/php4-curl_4.3.10-19_mips.deb stable/main/binary-mips/php4-domxml_4.3.10-19_mips.deb stable/main/binary-mips/php4-cli_4.3.10-19_mips.deb stable/main/binary-mips/php4-recode_4.3.10-19_mips.deb stable/main/binary-mips/php4-odbc_4.3.10-19_mips.deb stable/main/binary-mips/php4-xslt_4.3.10-19_mips.deb stable/main/binary-mips/php4-mcal_4.3.10-19_mips.deb stable/main/binary-mips/php4-gd_4.3.10-19_mips.deb php4 (4:4.3.10-19) stable-security; urgency=high * NMU prepared for the security team by the package maintainer * The following security issues are addressed with this update: - CVE-2007-0906: Multiple buffer overflows in various code: * session (addressed in patch for CVE-2007-0910 below) * imap (CVE-2007-0906-imap.patch) * str_replace: (CVE-2007-0906-strreplace.patch) * the zip, sqlite, stream filters, mail, and interbase related vulnerabilities in this CVE do not affect the debian sarge php4 source package. - CVE-2007-0907: Buffer underflow in sapi_header_op (CVE-2007-0907.patch) - CVE-2007-0908: wddx module information disclosure (CVE-2007-0908.patch) - CVE-2007-0909: More buffer overflows: * the odbc_result_all function (CVE-2007-0909-odbc.patch) * various formatted print functions (CVE-2007-0909-printf.patch) - CVE-2007-0910: Clobbering of super-global variables (CVE-2007-0910.patch) - CVE-2007-0988: DoS in unserialize on 64bit platforms (CVE-2007-0988.patch) * The package maintainers would like to thank Joe Orton from redhat and Martin Pitt from ubuntu for their help in the preparation of this update. stable/main/binary-m68k/php4-mcal_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-odbc_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-recode_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-cgi_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-cli_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-xslt_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-mysql_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-gd_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-sybase_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-mhash_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-snmp_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-imap_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-dev_4.3.10-19_m68k.deb stable/main/binary-m68k/libapache-mod-php4_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-domxml_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-common_4.3.10-19_m68k.deb stable/main/binary-m68k/libapache2-mod-php4_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-ldap_4.3.10-19_m68k.deb stable/main/binary-m68k/php4-curl_4.3.10-19_m68k.deb php4 (4:4.3.10-19) stable-security; urgency=high * NMU prepared for the security team by the package maintainer * The following security issues are addressed with this update: - CVE-2007-0906: Multiple buffer overflows in various code: * session (addressed in patch for CVE-2007-0910 below) * imap (CVE-2007-0906-imap.patch) * str_replace: (CVE-2007-0906-strreplace.patch) * the zip, sqlite, stream filters, mail, and interbase related vulnerabilities in this CVE do not affect the debian sarge php4 source package. - CVE-2007-0907: Buffer underflow in sapi_header_op (CVE-2007-0907.patch) - CVE-2007-0908: wddx module information disclosure (CVE-2007-0908.patch) - CVE-2007-0909: More buffer overflows: * the odbc_result_all function (CVE-2007-0909-odbc.patch) * various formatted print functions (CVE-2007-0909-printf.patch) - CVE-2007-0910: Clobbering of super-global variables (CVE-2007-0910.patch) - CVE-2007-0988: DoS in unserialize on 64bit platforms (CVE-2007-0988.patch) * The package maintainers would like to thank Joe Orton from redhat and Martin Pitt from ubuntu for their help in the preparation of this update. stable/main/binary-ia64/php4-cli_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-dev_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-mhash_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-imap_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-curl_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-mcal_4.3.10-19_ia64.deb stable/main/binary-ia64/libapache-mod-php4_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-common_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-cgi_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-sybase_4.3.10-19_ia64.deb stable/main/binary-ia64/libapache2-mod-php4_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-recode_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-ldap_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-snmp_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-gd_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-xslt_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-domxml_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-odbc_4.3.10-19_ia64.deb stable/main/binary-ia64/php4-mysql_4.3.10-19_ia64.deb php4 (4:4.3.10-19) stable-security; urgency=high * NMU prepared for the security team by the package maintainer * The following security issues are addressed with this update: - CVE-2007-0906: Multiple buffer overflows in various code: * session (addressed in patch for CVE-2007-0910 below) * imap (CVE-2007-0906-imap.patch) * str_replace: (CVE-2007-0906-strreplace.patch) * the zip, sqlite, stream filters, mail, and interbase related vulnerabilities in this CVE do not affect the debian sarge php4 source package. - CVE-2007-0907: Buffer underflow in sapi_header_op (CVE-2007-0907.patch) - CVE-2007-0908: wddx module information disclosure (CVE-2007-0908.patch) - CVE-2007-0909: More buffer overflows: * the odbc_result_all function (CVE-2007-0909-odbc.patch) * various formatted print functions (CVE-2007-0909-printf.patch) - CVE-2007-0910: Clobbering of super-global variables (CVE-2007-0910.patch) - CVE-2007-0988: DoS in unserialize on 64bit platforms (CVE-2007-0988.patch) * The package maintainers would like to thank Joe Orton from redhat and Martin Pitt from ubuntu for their help in the preparation of this update. stable/main/binary-hppa/php4-recode_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-odbc_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-dev_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-imap_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-cgi_4.3.10-19_hppa.deb stable/main/binary-hppa/libapache-mod-php4_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-cli_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-xslt_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-curl_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-common_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-mhash_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-mcal_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-domxml_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-snmp_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-gd_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-sybase_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-mysql_4.3.10-19_hppa.deb stable/main/binary-hppa/php4-ldap_4.3.10-19_hppa.deb stable/main/binary-hppa/libapache2-mod-php4_4.3.10-19_hppa.deb php4 (4:4.3.10-19) stable-security; urgency=high * NMU prepared for the security team by the package maintainer * The following security issues are addressed with this update: - CVE-2007-0906: Multiple buffer overflows in various code: * session (addressed in patch for CVE-2007-0910 below) * imap (CVE-2007-0906-imap.patch) * str_replace: (CVE-2007-0906-strreplace.patch) * the zip, sqlite, stream filters, mail, and interbase related vulnerabilities in this CVE do not affect the debian sarge php4 source package. - CVE-2007-0907: Buffer underflow in sapi_header_op (CVE-2007-0907.patch) - CVE-2007-0908: wddx module information disclosure (CVE-2007-0908.patch) - CVE-2007-0909: More buffer overflows: * the odbc_result_all function (CVE-2007-0909-odbc.patch) * various formatted print functions (CVE-2007-0909-printf.patch) - CVE-2007-0910: Clobbering of super-global variables (CVE-2007-0910.patch) - CVE-2007-0988: DoS in unserialize on 64bit platforms (CVE-2007-0988.patch) * The package maintainers would like to thank Joe Orton from redhat and Martin Pitt from ubuntu for their help in the preparation of this update. stable/main/binary-arm/php4-mcal_4.3.10-19_arm.deb stable/main/binary-arm/php4-odbc_4.3.10-19_arm.deb stable/main/binary-arm/php4-common_4.3.10-19_arm.deb stable/main/binary-arm/php4-gd_4.3.10-19_arm.deb stable/main/binary-arm/libapache-mod-php4_4.3.10-19_arm.deb stable/main/binary-arm/php4-dev_4.3.10-19_arm.deb stable/main/binary-arm/php4-sybase_4.3.10-19_arm.deb stable/main/binary-arm/php4-recode_4.3.10-19_arm.deb stable/main/binary-arm/php4-xslt_4.3.10-19_arm.deb stable/main/binary-arm/php4-imap_4.3.10-19_arm.deb stable/main/binary-arm/php4-ldap_4.3.10-19_arm.deb stable/main/binary-arm/php4-snmp_4.3.10-19_arm.deb stable/main/binary-arm/php4-curl_4.3.10-19_arm.deb stable/main/binary-arm/php4-cli_4.3.10-19_arm.deb stable/main/binary-arm/php4-domxml_4.3.10-19_arm.deb stable/main/binary-arm/libapache2-mod-php4_4.3.10-19_arm.deb stable/main/binary-arm/php4-mhash_4.3.10-19_arm.deb stable/main/binary-arm/php4-mysql_4.3.10-19_arm.deb stable/main/binary-arm/php4-cgi_4.3.10-19_arm.deb php4 (4:4.3.10-19) stable-security; urgency=high * NMU prepared for the security team by the package maintainer * The following security issues are addressed with this update: - CVE-2007-0906: Multiple buffer overflows in various code: * session (addressed in patch for CVE-2007-0910 below) * imap (CVE-2007-0906-imap.patch) * str_replace: (CVE-2007-0906-strreplace.patch) * the zip, sqlite, stream filters, mail, and interbase related vulnerabilities in this CVE do not affect the debian sarge php4 source package. - CVE-2007-0907: Buffer underflow in sapi_header_op (CVE-2007-0907.patch) - CVE-2007-0908: wddx module information disclosure (CVE-2007-0908.patch) - CVE-2007-0909: More buffer overflows: * the odbc_result_all function (CVE-2007-0909-odbc.patch) * various formatted print functions (CVE-2007-0909-printf.patch) - CVE-2007-0910: Clobbering of super-global variables (CVE-2007-0910.patch) - CVE-2007-0988: DoS in unserialize on 64bit platforms (CVE-2007-0988.patch) * The package maintainers would like to thank Joe Orton from redhat and Martin Pitt from ubuntu for their help in the preparation of this update. stable/main/binary-alpha/libapache-mod-php4_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-domxml_4.3.10-19_alpha.deb stable/main/binary-alpha/libapache2-mod-php4_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-cgi_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-common_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-imap_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-curl_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-ldap_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-recode_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-mcal_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-snmp_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-mysql_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-xslt_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-cli_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-sybase_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-odbc_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-mhash_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-dev_4.3.10-19_alpha.deb stable/main/binary-alpha/php4-gd_4.3.10-19_alpha.deb php4 (4:4.3.10-19) stable-security; urgency=high * NMU prepared for the security team by the package maintainer * The following security issues are addressed with this update: - CVE-2007-0906: Multiple buffer overflows in various code: * session (addressed in patch for CVE-2007-0910 below) * imap (CVE-2007-0906-imap.patch) * str_replace: (CVE-2007-0906-strreplace.patch) * the zip, sqlite, stream filters, mail, and interbase related vulnerabilities in this CVE do not affect the debian sarge php4 source package. - CVE-2007-0907: Buffer underflow in sapi_header_op (CVE-2007-0907.patch) - CVE-2007-0908: wddx module information disclosure (CVE-2007-0908.patch) - CVE-2007-0909: More buffer overflows: * the odbc_result_all function (CVE-2007-0909-odbc.patch) * various formatted print functions (CVE-2007-0909-printf.patch) - CVE-2007-0910: Clobbering of super-global variables (CVE-2007-0910.patch) - CVE-2007-0988: DoS in unserialize on 64bit platforms (CVE-2007-0988.patch) * The package maintainers would like to thank Joe Orton from redhat and Martin Pitt from ubuntu for their help in the preparation of this update. stable/main/binary-i386/php4-ldap_4.3.10-19_i386.deb stable/main/binary-all/php4-pear_4.3.10-19_all.deb stable/main/binary-i386/php4-mhash_4.3.10-19_i386.deb stable/main/binary-i386/php4-sybase_4.3.10-19_i386.deb stable/main/binary-i386/libapache-mod-php4_4.3.10-19_i386.deb stable/main/binary-i386/php4-cgi_4.3.10-19_i386.deb stable/main/binary-i386/libapache2-mod-php4_4.3.10-19_i386.deb stable/main/binary-i386/php4-mcal_4.3.10-19_i386.deb stable/main/source/php4_4.3.10-19.diff.gz stable/main/binary-i386/php4-imap_4.3.10-19_i386.deb stable/main/binary-all/php4_4.3.10-19_all.deb stable/main/binary-i386/php4-odbc_4.3.10-19_i386.deb stable/main/binary-i386/php4-recode_4.3.10-19_i386.deb stable/main/binary-i386/php4-domxml_4.3.10-19_i386.deb stable/main/binary-i386/php4-gd_4.3.10-19_i386.deb stable/main/binary-i386/php4-snmp_4.3.10-19_i386.deb stable/main/binary-i386/php4-common_4.3.10-19_i386.deb stable/main/binary-i386/php4-xslt_4.3.10-19_i386.deb stable/main/source/php4_4.3.10-19.dsc stable/main/binary-i386/php4-curl_4.3.10-19_i386.deb stable/main/binary-i386/php4-dev_4.3.10-19_i386.deb stable/main/binary-i386/php4-mysql_4.3.10-19_i386.deb stable/main/binary-i386/php4-cli_4.3.10-19_i386.deb php4 (4:4.3.10-19) stable-security; urgency=high * NMU prepared for the security team by the package maintainer * The following security issues are addressed with this update: - CVE-2007-0906: Multiple buffer overflows in various code: * session (addressed in patch for CVE-2007-0910 below) * imap (CVE-2007-0906-imap.patch) * str_replace: (CVE-2007-0906-strreplace.patch) * the zip, sqlite, stream filters, mail, and interbase related vulnerabilities in this CVE do not affect the debian sarge php4 source package. - CVE-2007-0907: Buffer underflow in sapi_header_op (CVE-2007-0907.patch) - CVE-2007-0908: wddx module information disclosure (CVE-2007-0908.patch) - CVE-2007-0909: More buffer overflows: * the odbc_result_all function (CVE-2007-0909-odbc.patch) * various formatted print functions (CVE-2007-0909-printf.patch) - CVE-2007-0910: Clobbering of super-global variables (CVE-2007-0910.patch) - CVE-2007-0988: DoS in unserialize on 64bit platforms (CVE-2007-0988.patch) * The package maintainers would like to thank Joe Orton from redhat and Martin Pitt from ubuntu for their help in the preparation of this update. stable/main/binary-s390/openoffice.org-dev_1.1.3-9sarge6_s390.deb stable/main/binary-s390/openoffice.org-kde_1.1.3-9sarge6_s390.deb stable/main/binary-s390/openoffice.org-bin_1.1.3-9sarge6_s390.deb stable/main/binary-s390/openoffice.org-evolution_1.1.3-9sarge6_s390.deb stable/main/binary-s390/openoffice.org-gtk-gnome_1.1.3-9sarge6_s390.deb openoffice.org (1.1.3-9sarge6) stable-security; urgency=high * ooo-build/patches/wpd/libwpd-CVE-2007-0002.diff: add, fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) for the internal libwpd copy here - thanks Steve Langasek stable/main/binary-powerpc/openoffice.org-gtk-gnome_1.1.3-9sarge6_powerpc.deb stable/main/binary-powerpc/openoffice.org-evolution_1.1.3-9sarge6_powerpc.deb stable/main/binary-powerpc/openoffice.org-bin_1.1.3-9sarge6_powerpc.deb stable/main/binary-powerpc/openoffice.org-kde_1.1.3-9sarge6_powerpc.deb stable/main/binary-powerpc/openoffice.org-dev_1.1.3-9sarge6_powerpc.deb openoffice.org (1.1.3-9sarge6) stable-security; urgency=high * ooo-build/patches/wpd/libwpd-CVE-2007-0002.diff: add, fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) for the internal libwpd copy here - thanks Steve Langasek stable/main/binary-i386/openoffice.org-evolution_1.1.3-9sarge6_i386.deb stable/main/binary-i386/openoffice.org-dev_1.1.3-9sarge6_i386.deb stable/main/binary-i386/openoffice.org-kde_1.1.3-9sarge6_i386.deb stable/main/binary-i386/openoffice.org-gtk-gnome_1.1.3-9sarge6_i386.deb stable/main/binary-i386/openoffice.org-bin_1.1.3-9sarge6_i386.deb openoffice.org (1.1.3-9sarge6) stable-security; urgency=high * ooo-build/patches/wpd/libwpd-CVE-2007-0002.diff: add, fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) for the internal libwpd copy here - thanks Steve Langasek stable/main/binary-all/openoffice.org-l10n-pt-br_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-hu_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-it_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-pt_1.1.3-9sarge6_all.deb stable/main/binary-sparc/openoffice.org-evolution_1.1.3-9sarge6_sparc.deb stable/main/binary-all/openoffice.org-l10n-tr_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-nb_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-ja_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-af_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-nl_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-ru_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-fr_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-zh-tw_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-kn_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-th_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-eu_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-sk_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-ar_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-gl_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-sl_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-cs_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-sv_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-lt_1.1.3-9sarge6_all.deb stable/main/source/openoffice.org_1.1.3-9sarge6.diff.gz stable/main/binary-sparc/openoffice.org-gtk-gnome_1.1.3-9sarge6_sparc.deb stable/main/binary-all/openoffice.org-l10n-nn_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-zu_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-zh-cn_1.1.3-9sarge6_all.deb stable/main/binary-sparc/openoffice.org-kde_1.1.3-9sarge6_sparc.deb stable/main/binary-all/ttf-opensymbol_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-es_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-ko_1.1.3-9sarge6_all.deb stable/main/binary-sparc/openoffice.org-bin_1.1.3-9sarge6_sparc.deb stable/main/source/openoffice.org_1.1.3-9sarge6.dsc stable/main/binary-all/openoffice.org-l10n-el_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-tn_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-cy_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-en_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-et_1.1.3-9sarge6_all.deb stable/main/binary-sparc/openoffice.org-dev_1.1.3-9sarge6_sparc.deb stable/main/binary-all/openoffice.org-l10n-ca_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-de_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-mimelnk_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-fi_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-hi_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-ns_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-he_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-pl_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-thesaurus-en-us_1.1.3-9sarge6_all.deb stable/main/binary-all/openoffice.org-l10n-da_1.1.3-9sarge6_all.deb openoffice.org (1.1.3-9sarge6) stable-security; urgency=high * ooo-build/patches/wpd/libwpd-CVE-2007-0002.diff: add, fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) for the internal libwpd copy here - thanks Steve Langasek stable/main/binary-sparc/libpam-openafs-kaserver_1.3.81-3sarge2_sparc.deb stable/main/binary-sparc/openafs-fileserver_1.3.81-3sarge2_sparc.deb stable/main/binary-sparc/libopenafs-dev_1.3.81-3sarge2_sparc.deb stable/main/binary-sparc/openafs-client_1.3.81-3sarge2_sparc.deb stable/main/binary-sparc/openafs-dbserver_1.3.81-3sarge2_sparc.deb stable/main/binary-sparc/openafs-kpasswd_1.3.81-3sarge2_sparc.deb openafs (1.3.81-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Apply upstream patch to disable setuid status on all cells by default. Prior versions of AFS defaulted to honoring setuid bits in the local cell, but since unauthenticated file access in AFS is unencrypted, an attacker could forge packets from an AFS file server to synthesize a setuid binary in AFS. (CVE-2007-1507, OPENAFS-SA-2007-001) stable/main/binary-s390/openafs-kpasswd_1.3.81-3sarge2_s390.deb stable/main/binary-s390/openafs-client_1.3.81-3sarge2_s390.deb stable/main/binary-s390/libpam-openafs-kaserver_1.3.81-3sarge2_s390.deb stable/main/binary-s390/openafs-fileserver_1.3.81-3sarge2_s390.deb stable/main/binary-s390/libopenafs-dev_1.3.81-3sarge2_s390.deb stable/main/binary-s390/openafs-dbserver_1.3.81-3sarge2_s390.deb openafs (1.3.81-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Apply upstream patch to disable setuid status on all cells by default. Prior versions of AFS defaulted to honoring setuid bits in the local cell, but since unauthenticated file access in AFS is unencrypted, an attacker could forge packets from an AFS file server to synthesize a setuid binary in AFS. (CVE-2007-1507, OPENAFS-SA-2007-001) stable/main/binary-powerpc/libpam-openafs-kaserver_1.3.81-3sarge2_powerpc.deb stable/main/binary-powerpc/openafs-kpasswd_1.3.81-3sarge2_powerpc.deb stable/main/binary-powerpc/openafs-dbserver_1.3.81-3sarge2_powerpc.deb stable/main/binary-powerpc/libopenafs-dev_1.3.81-3sarge2_powerpc.deb stable/main/binary-powerpc/openafs-fileserver_1.3.81-3sarge2_powerpc.deb stable/main/binary-powerpc/openafs-client_1.3.81-3sarge2_powerpc.deb openafs (1.3.81-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Apply upstream patch to disable setuid status on all cells by default. Prior versions of AFS defaulted to honoring setuid bits in the local cell, but since unauthenticated file access in AFS is unencrypted, an attacker could forge packets from an AFS file server to synthesize a setuid binary in AFS. (CVE-2007-1507, OPENAFS-SA-2007-001) stable/main/binary-ia64/libpam-openafs-kaserver_1.3.81-3sarge2_ia64.deb stable/main/binary-ia64/openafs-client_1.3.81-3sarge2_ia64.deb stable/main/binary-ia64/libopenafs-dev_1.3.81-3sarge2_ia64.deb stable/main/binary-ia64/openafs-fileserver_1.3.81-3sarge2_ia64.deb stable/main/binary-ia64/openafs-dbserver_1.3.81-3sarge2_ia64.deb stable/main/binary-ia64/openafs-kpasswd_1.3.81-3sarge2_ia64.deb openafs (1.3.81-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Apply upstream patch to disable setuid status on all cells by default. Prior versions of AFS defaulted to honoring setuid bits in the local cell, but since unauthenticated file access in AFS is unencrypted, an attacker could forge packets from an AFS file server to synthesize a setuid binary in AFS. (CVE-2007-1507, OPENAFS-SA-2007-001) stable/main/binary-hppa/openafs-client_1.3.81-3sarge2_hppa.deb stable/main/binary-hppa/openafs-dbserver_1.3.81-3sarge2_hppa.deb stable/main/binary-hppa/openafs-kpasswd_1.3.81-3sarge2_hppa.deb stable/main/binary-hppa/libopenafs-dev_1.3.81-3sarge2_hppa.deb stable/main/binary-hppa/libpam-openafs-kaserver_1.3.81-3sarge2_hppa.deb stable/main/binary-hppa/openafs-fileserver_1.3.81-3sarge2_hppa.deb openafs (1.3.81-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Apply upstream patch to disable setuid status on all cells by default. Prior versions of AFS defaulted to honoring setuid bits in the local cell, but since unauthenticated file access in AFS is unencrypted, an attacker could forge packets from an AFS file server to synthesize a setuid binary in AFS. (CVE-2007-1507, OPENAFS-SA-2007-001) stable/main/binary-alpha/openafs-fileserver_1.3.81-3sarge2_alpha.deb stable/main/binary-alpha/libpam-openafs-kaserver_1.3.81-3sarge2_alpha.deb stable/main/binary-alpha/openafs-client_1.3.81-3sarge2_alpha.deb stable/main/binary-alpha/libopenafs-dev_1.3.81-3sarge2_alpha.deb stable/main/binary-alpha/openafs-kpasswd_1.3.81-3sarge2_alpha.deb stable/main/binary-alpha/openafs-dbserver_1.3.81-3sarge2_alpha.deb openafs (1.3.81-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Apply upstream patch to disable setuid status on all cells by default. Prior versions of AFS defaulted to honoring setuid bits in the local cell, but since unauthenticated file access in AFS is unencrypted, an attacker could forge packets from an AFS file server to synthesize a setuid binary in AFS. (CVE-2007-1507, OPENAFS-SA-2007-001) stable/main/binary-i386/openafs-kpasswd_1.3.81-3sarge2_i386.deb stable/main/binary-all/openafs-modules-source_1.3.81-3sarge2_all.deb stable/main/source/openafs_1.3.81-3sarge2.dsc stable/main/binary-i386/openafs-client_1.3.81-3sarge2_i386.deb stable/main/binary-i386/openafs-dbserver_1.3.81-3sarge2_i386.deb stable/main/binary-i386/openafs-fileserver_1.3.81-3sarge2_i386.deb stable/main/binary-i386/libpam-openafs-kaserver_1.3.81-3sarge2_i386.deb stable/main/source/openafs_1.3.81-3sarge2.diff.gz stable/main/binary-i386/libopenafs-dev_1.3.81-3sarge2_i386.deb openafs (1.3.81-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Apply upstream patch to disable setuid status on all cells by default. Prior versions of AFS defaulted to honoring setuid bits in the local cell, but since unauthenticated file access in AFS is unencrypted, an attacker could forge packets from an AFS file server to synthesize a setuid binary in AFS. (CVE-2007-1507, OPENAFS-SA-2007-001) stable/main/binary-sparc/libaudio2_1.7-2sarge1_sparc.deb stable/main/binary-sparc/nas_1.7-2sarge1_sparc.deb stable/main/binary-sparc/libaudio-dev_1.7-2sarge1_sparc.deb stable/main/binary-sparc/nas-bin_1.7-2sarge1_sparc.deb nas (1.7-2sarge1) stable-security; urgency=high * High-urgency upload to fix multiple security holes (CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546 and CVE-2007-1547): + accept_att_local buffer overflow through USL connection + server termination through unexistent ID in AddResource + bcopy crash caused by integer overflow in ProcAuWriteElement + invalid memory pointer caused by big num_actions in ProcAuSetElements + another invalid memory pointer caused by big num_actions in ProcAuSetElements + invalid memory pointer in compileInputs + exploits bug 3 in read mode (requires something playing on the server) + NULL pointer caused by too much connections stable/main/binary-s390/libaudio2_1.7-2sarge1_s390.deb stable/main/binary-s390/libaudio-dev_1.7-2sarge1_s390.deb stable/main/binary-s390/nas-bin_1.7-2sarge1_s390.deb stable/main/binary-s390/nas_1.7-2sarge1_s390.deb nas (1.7-2sarge1) stable-security; urgency=high * High-urgency upload to fix multiple security holes (CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546 and CVE-2007-1547): + accept_att_local buffer overflow through USL connection + server termination through unexistent ID in AddResource + bcopy crash caused by integer overflow in ProcAuWriteElement + invalid memory pointer caused by big num_actions in ProcAuSetElements + another invalid memory pointer caused by big num_actions in ProcAuSetElements + invalid memory pointer in compileInputs + exploits bug 3 in read mode (requires something playing on the server) + NULL pointer caused by too much connections stable/main/binary-powerpc/nas_1.7-2sarge1_powerpc.deb stable/main/binary-powerpc/nas-bin_1.7-2sarge1_powerpc.deb stable/main/binary-powerpc/libaudio-dev_1.7-2sarge1_powerpc.deb stable/main/binary-powerpc/libaudio2_1.7-2sarge1_powerpc.deb nas (1.7-2sarge1) stable-security; urgency=high * High-urgency upload to fix multiple security holes (CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546 and CVE-2007-1547): + accept_att_local buffer overflow through USL connection + server termination through unexistent ID in AddResource + bcopy crash caused by integer overflow in ProcAuWriteElement + invalid memory pointer caused by big num_actions in ProcAuSetElements + another invalid memory pointer caused by big num_actions in ProcAuSetElements + invalid memory pointer in compileInputs + exploits bug 3 in read mode (requires something playing on the server) + NULL pointer caused by too much connections stable/main/binary-mipsel/libaudio2_1.7-2sarge1_mipsel.deb stable/main/binary-mipsel/libaudio-dev_1.7-2sarge1_mipsel.deb stable/main/binary-mipsel/nas-bin_1.7-2sarge1_mipsel.deb stable/main/binary-mipsel/nas_1.7-2sarge1_mipsel.deb nas (1.7-2sarge1) stable-security; urgency=high * High-urgency upload to fix multiple security holes (CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546 and CVE-2007-1547): + accept_att_local buffer overflow through USL connection + server termination through unexistent ID in AddResource + bcopy crash caused by integer overflow in ProcAuWriteElement + invalid memory pointer caused by big num_actions in ProcAuSetElements + another invalid memory pointer caused by big num_actions in ProcAuSetElements + invalid memory pointer in compileInputs + exploits bug 3 in read mode (requires something playing on the server) + NULL pointer caused by too much connections stable/main/binary-mips/libaudio-dev_1.7-2sarge1_mips.deb stable/main/binary-mips/libaudio2_1.7-2sarge1_mips.deb stable/main/binary-mips/nas-bin_1.7-2sarge1_mips.deb stable/main/binary-mips/nas_1.7-2sarge1_mips.deb nas (1.7-2sarge1) stable-security; urgency=high * High-urgency upload to fix multiple security holes (CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546 and CVE-2007-1547): + accept_att_local buffer overflow through USL connection + server termination through unexistent ID in AddResource + bcopy crash caused by integer overflow in ProcAuWriteElement + invalid memory pointer caused by big num_actions in ProcAuSetElements + another invalid memory pointer caused by big num_actions in ProcAuSetElements + invalid memory pointer in compileInputs + exploits bug 3 in read mode (requires something playing on the server) + NULL pointer caused by too much connections stable/main/binary-m68k/libaudio2_1.7-2sarge1_m68k.deb stable/main/binary-m68k/libaudio-dev_1.7-2sarge1_m68k.deb stable/main/binary-m68k/nas_1.7-2sarge1_m68k.deb stable/main/binary-m68k/nas-bin_1.7-2sarge1_m68k.deb nas (1.7-2sarge1) stable-security; urgency=high * High-urgency upload to fix multiple security holes (CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546 and CVE-2007-1547): + accept_att_local buffer overflow through USL connection + server termination through unexistent ID in AddResource + bcopy crash caused by integer overflow in ProcAuWriteElement + invalid memory pointer caused by big num_actions in ProcAuSetElements + another invalid memory pointer caused by big num_actions in ProcAuSetElements + invalid memory pointer in compileInputs + exploits bug 3 in read mode (requires something playing on the server) + NULL pointer caused by too much connections stable/main/binary-ia64/nas-bin_1.7-2sarge1_ia64.deb stable/main/binary-ia64/libaudio2_1.7-2sarge1_ia64.deb stable/main/binary-ia64/libaudio-dev_1.7-2sarge1_ia64.deb stable/main/binary-ia64/nas_1.7-2sarge1_ia64.deb nas (1.7-2sarge1) stable-security; urgency=high * High-urgency upload to fix multiple security holes (CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546 and CVE-2007-1547): + accept_att_local buffer overflow through USL connection + server termination through unexistent ID in AddResource + bcopy crash caused by integer overflow in ProcAuWriteElement + invalid memory pointer caused by big num_actions in ProcAuSetElements + another invalid memory pointer caused by big num_actions in ProcAuSetElements + invalid memory pointer in compileInputs + exploits bug 3 in read mode (requires something playing on the server) + NULL pointer caused by too much connections stable/main/binary-hppa/libaudio2_1.7-2sarge1_hppa.deb stable/main/binary-hppa/nas_1.7-2sarge1_hppa.deb stable/main/binary-hppa/libaudio-dev_1.7-2sarge1_hppa.deb stable/main/binary-hppa/nas-bin_1.7-2sarge1_hppa.deb nas (1.7-2sarge1) stable-security; urgency=high * High-urgency upload to fix multiple security holes (CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546 and CVE-2007-1547): + accept_att_local buffer overflow through USL connection + server termination through unexistent ID in AddResource + bcopy crash caused by integer overflow in ProcAuWriteElement + invalid memory pointer caused by big num_actions in ProcAuSetElements + another invalid memory pointer caused by big num_actions in ProcAuSetElements + invalid memory pointer in compileInputs + exploits bug 3 in read mode (requires something playing on the server) + NULL pointer caused by too much connections stable/main/binary-arm/libaudio2_1.7-2sarge1_arm.deb stable/main/binary-arm/libaudio-dev_1.7-2sarge1_arm.deb stable/main/binary-arm/nas-bin_1.7-2sarge1_arm.deb stable/main/binary-arm/nas_1.7-2sarge1_arm.deb nas (1.7-2sarge1) stable-security; urgency=high * High-urgency upload to fix multiple security holes (CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546 and CVE-2007-1547): + accept_att_local buffer overflow through USL connection + server termination through unexistent ID in AddResource + bcopy crash caused by integer overflow in ProcAuWriteElement + invalid memory pointer caused by big num_actions in ProcAuSetElements + another invalid memory pointer caused by big num_actions in ProcAuSetElements + invalid memory pointer in compileInputs + exploits bug 3 in read mode (requires something playing on the server) + NULL pointer caused by too much connections stable/main/binary-alpha/libaudio2_1.7-2sarge1_alpha.deb stable/main/binary-alpha/libaudio-dev_1.7-2sarge1_alpha.deb stable/main/binary-alpha/nas-bin_1.7-2sarge1_alpha.deb stable/main/binary-alpha/nas_1.7-2sarge1_alpha.deb nas (1.7-2sarge1) stable-security; urgency=high * High-urgency upload to fix multiple security holes (CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546 and CVE-2007-1547): + accept_att_local buffer overflow through USL connection + server termination through unexistent ID in AddResource + bcopy crash caused by integer overflow in ProcAuWriteElement + invalid memory pointer caused by big num_actions in ProcAuSetElements + another invalid memory pointer caused by big num_actions in ProcAuSetElements + invalid memory pointer in compileInputs + exploits bug 3 in read mode (requires something playing on the server) + NULL pointer caused by too much connections stable/main/binary-all/nas-doc_1.7-2sarge1_all.deb stable/main/binary-i386/nas_1.7-2sarge1_i386.deb stable/main/binary-i386/libaudio2_1.7-2sarge1_i386.deb stable/main/source/nas_1.7-2sarge1.dsc stable/main/binary-i386/nas-bin_1.7-2sarge1_i386.deb stable/main/source/nas_1.7-2sarge1.diff.gz stable/main/binary-i386/libaudio-dev_1.7-2sarge1_i386.deb nas (1.7-2sarge1) stable-security; urgency=high * High-urgency upload to fix multiple security holes (CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546 and CVE-2007-1547): + accept_att_local buffer overflow through USL connection + server termination through unexistent ID in AddResource + bcopy crash caused by integer overflow in ProcAuWriteElement + invalid memory pointer caused by big num_actions in ProcAuSetElements + another invalid memory pointer caused by big num_actions in ProcAuSetElements + invalid memory pointer in compileInputs + exploits bug 3 in read mode (requires something playing on the server) + NULL pointer caused by too much connections stable/main/binary-sparc/mozilla-chatzilla_1.7.8-1sarge10_sparc.deb stable/main/binary-sparc/libnspr4_1.7.8-1sarge10_sparc.deb stable/main/binary-sparc/mozilla-dev_1.7.8-1sarge10_sparc.deb stable/main/binary-sparc/mozilla-calendar_1.7.8-1sarge10_sparc.deb stable/main/binary-sparc/mozilla_1.7.8-1sarge10_sparc.deb stable/main/binary-sparc/libnspr-dev_1.7.8-1sarge10_sparc.deb stable/main/binary-sparc/mozilla-dom-inspector_1.7.8-1sarge10_sparc.deb stable/main/binary-sparc/libnss3_1.7.8-1sarge10_sparc.deb stable/main/binary-sparc/mozilla-psm_1.7.8-1sarge10_sparc.deb stable/main/binary-sparc/libnss-dev_1.7.8-1sarge10_sparc.deb stable/main/binary-sparc/mozilla-js-debugger_1.7.8-1sarge10_sparc.deb stable/main/binary-sparc/mozilla-mailnews_1.7.8-1sarge10_sparc.deb stable/main/binary-sparc/mozilla-browser_1.7.8-1sarge10_sparc.deb mozilla (2:1.7.8-1sarge10) stable-security; urgency=critical * fix crash regression in mailnews. updated 5_0013-MFSA-2006-74-CVE-2006-6505-Part-2-2-362512.txt to include that fix stable/main/binary-s390/mozilla-mailnews_1.7.8-1sarge10_s390.deb stable/main/binary-s390/mozilla-js-debugger_1.7.8-1sarge10_s390.deb stable/main/binary-s390/libnss3_1.7.8-1sarge10_s390.deb stable/main/binary-s390/mozilla-chatzilla_1.7.8-1sarge10_s390.deb stable/main/binary-s390/libnspr-dev_1.7.8-1sarge10_s390.deb stable/main/binary-s390/mozilla-dev_1.7.8-1sarge10_s390.deb stable/main/binary-s390/libnss-dev_1.7.8-1sarge10_s390.deb stable/main/binary-s390/mozilla-dom-inspector_1.7.8-1sarge10_s390.deb stable/main/binary-s390/mozilla_1.7.8-1sarge10_s390.deb stable/main/binary-s390/mozilla-browser_1.7.8-1sarge10_s390.deb stable/main/binary-s390/mozilla-calendar_1.7.8-1sarge10_s390.deb stable/main/binary-s390/libnspr4_1.7.8-1sarge10_s390.deb stable/main/binary-s390/mozilla-psm_1.7.8-1sarge10_s390.deb mozilla (2:1.7.8-1sarge10) stable-security; urgency=critical * fix crash regression in mailnews. updated 5_0013-MFSA-2006-74-CVE-2006-6505-Part-2-2-362512.txt to include that fix stable/main/binary-powerpc/mozilla-dom-inspector_1.7.8-1sarge10_powerpc.deb stable/main/binary-powerpc/mozilla-mailnews_1.7.8-1sarge10_powerpc.deb stable/main/binary-powerpc/libnspr-dev_1.7.8-1sarge10_powerpc.deb stable/main/binary-powerpc/mozilla-js-debugger_1.7.8-1sarge10_powerpc.deb stable/main/binary-powerpc/mozilla-chatzilla_1.7.8-1sarge10_powerpc.deb stable/main/binary-powerpc/libnss-dev_1.7.8-1sarge10_powerpc.deb stable/main/binary-powerpc/mozilla-psm_1.7.8-1sarge10_powerpc.deb stable/main/binary-powerpc/mozilla_1.7.8-1sarge10_powerpc.deb stable/main/binary-powerpc/mozilla-dev_1.7.8-1sarge10_powerpc.deb stable/main/binary-powerpc/mozilla-calendar_1.7.8-1sarge10_powerpc.deb stable/main/binary-powerpc/libnss3_1.7.8-1sarge10_powerpc.deb stable/main/binary-powerpc/libnspr4_1.7.8-1sarge10_powerpc.deb stable/main/binary-powerpc/mozilla-browser_1.7.8-1sarge10_powerpc.deb mozilla (2:1.7.8-1sarge10) stable-security; urgency=critical * fix crash regression in mailnews. updated 5_0013-MFSA-2006-74-CVE-2006-6505-Part-2-2-362512.txt to include that fix stable/main/binary-mipsel/mozilla-mailnews_1.7.8-1sarge10_mipsel.deb stable/main/binary-mipsel/mozilla-js-debugger_1.7.8-1sarge10_mipsel.deb stable/main/binary-mipsel/libnss3_1.7.8-1sarge10_mipsel.deb stable/main/binary-mipsel/mozilla-chatzilla_1.7.8-1sarge10_mipsel.deb stable/main/binary-mipsel/libnspr4_1.7.8-1sarge10_mipsel.deb stable/main/binary-mipsel/mozilla_1.7.8-1sarge10_mipsel.deb stable/main/binary-mipsel/mozilla-dom-inspector_1.7.8-1sarge10_mipsel.deb stable/main/binary-mipsel/libnss-dev_1.7.8-1sarge10_mipsel.deb stable/main/binary-mipsel/mozilla-browser_1.7.8-1sarge10_mipsel.deb stable/main/binary-mipsel/libnspr-dev_1.7.8-1sarge10_mipsel.deb stable/main/binary-mipsel/mozilla-psm_1.7.8-1sarge10_mipsel.deb stable/main/binary-mipsel/mozilla-dev_1.7.8-1sarge10_mipsel.deb stable/main/binary-mipsel/mozilla-calendar_1.7.8-1sarge10_mipsel.deb mozilla (2:1.7.8-1sarge10) stable-security; urgency=critical * fix crash regression in mailnews. updated 5_0013-MFSA-2006-74-CVE-2006-6505-Part-2-2-362512.txt to include that fix stable/main/binary-mips/mozilla_1.7.8-1sarge10_mips.deb stable/main/binary-mips/libnss-dev_1.7.8-1sarge10_mips.deb stable/main/binary-mips/libnss3_1.7.8-1sarge10_mips.deb stable/main/binary-mips/mozilla-js-debugger_1.7.8-1sarge10_mips.deb stable/main/binary-mips/mozilla-dom-inspector_1.7.8-1sarge10_mips.deb stable/main/binary-mips/mozilla-mailnews_1.7.8-1sarge10_mips.deb stable/main/binary-mips/mozilla-psm_1.7.8-1sarge10_mips.deb stable/main/binary-mips/mozilla-chatzilla_1.7.8-1sarge10_mips.deb stable/main/binary-mips/libnspr4_1.7.8-1sarge10_mips.deb stable/main/binary-mips/mozilla-calendar_1.7.8-1sarge10_mips.deb stable/main/binary-mips/mozilla-browser_1.7.8-1sarge10_mips.deb stable/main/binary-mips/libnspr-dev_1.7.8-1sarge10_mips.deb stable/main/binary-mips/mozilla-dev_1.7.8-1sarge10_mips.deb mozilla (2:1.7.8-1sarge10) stable-security; urgency=critical * fix crash regression in mailnews. updated 5_0013-MFSA-2006-74-CVE-2006-6505-Part-2-2-362512.txt to include that fix stable/main/binary-m68k/mozilla-psm_1.7.8-1sarge10_m68k.deb stable/main/binary-m68k/libnspr4_1.7.8-1sarge10_m68k.deb stable/main/binary-m68k/mozilla_1.7.8-1sarge10_m68k.deb stable/main/binary-m68k/mozilla-browser_1.7.8-1sarge10_m68k.deb stable/main/binary-m68k/libnss3_1.7.8-1sarge10_m68k.deb stable/main/binary-m68k/mozilla-mailnews_1.7.8-1sarge10_m68k.deb stable/main/binary-m68k/mozilla-dom-inspector_1.7.8-1sarge10_m68k.deb stable/main/binary-m68k/mozilla-calendar_1.7.8-1sarge10_m68k.deb stable/main/binary-m68k/libnspr-dev_1.7.8-1sarge10_m68k.deb stable/main/binary-m68k/libnss-dev_1.7.8-1sarge10_m68k.deb stable/main/binary-m68k/mozilla-dev_1.7.8-1sarge10_m68k.deb stable/main/binary-m68k/mozilla-chatzilla_1.7.8-1sarge10_m68k.deb stable/main/binary-m68k/mozilla-js-debugger_1.7.8-1sarge10_m68k.deb mozilla (2:1.7.8-1sarge10) stable-security; urgency=critical * fix crash regression in mailnews. updated 5_0013-MFSA-2006-74-CVE-2006-6505-Part-2-2-362512.txt to include that fix stable/main/binary-ia64/mozilla-psm_1.7.8-1sarge10_ia64.deb stable/main/binary-ia64/mozilla-mailnews_1.7.8-1sarge10_ia64.deb stable/main/binary-ia64/mozilla_1.7.8-1sarge10_ia64.deb stable/main/binary-ia64/mozilla-browser_1.7.8-1sarge10_ia64.deb stable/main/binary-ia64/libnss-dev_1.7.8-1sarge10_ia64.deb stable/main/binary-ia64/libnss3_1.7.8-1sarge10_ia64.deb stable/main/binary-ia64/libnspr-dev_1.7.8-1sarge10_ia64.deb stable/main/binary-ia64/mozilla-calendar_1.7.8-1sarge10_ia64.deb stable/main/binary-ia64/mozilla-dev_1.7.8-1sarge10_ia64.deb stable/main/binary-ia64/mozilla-dom-inspector_1.7.8-1sarge10_ia64.deb stable/main/binary-ia64/libnspr4_1.7.8-1sarge10_ia64.deb stable/main/binary-ia64/mozilla-js-debugger_1.7.8-1sarge10_ia64.deb stable/main/binary-ia64/mozilla-chatzilla_1.7.8-1sarge10_ia64.deb mozilla (2:1.7.8-1sarge10) stable-security; urgency=critical * fix crash regression in mailnews. updated 5_0013-MFSA-2006-74-CVE-2006-6505-Part-2-2-362512.txt to include that fix stable/main/binary-hppa/mozilla_1.7.8-1sarge10_hppa.deb stable/main/binary-hppa/mozilla-dom-inspector_1.7.8-1sarge10_hppa.deb stable/main/binary-hppa/mozilla-psm_1.7.8-1sarge10_hppa.deb stable/main/binary-hppa/libnss-dev_1.7.8-1sarge10_hppa.deb stable/main/binary-hppa/libnspr4_1.7.8-1sarge10_hppa.deb stable/main/binary-hppa/mozilla-mailnews_1.7.8-1sarge10_hppa.deb stable/main/binary-hppa/mozilla-js-debugger_1.7.8-1sarge10_hppa.deb stable/main/binary-hppa/mozilla-dev_1.7.8-1sarge10_hppa.deb stable/main/binary-hppa/libnspr-dev_1.7.8-1sarge10_hppa.deb stable/main/binary-hppa/mozilla-calendar_1.7.8-1sarge10_hppa.deb stable/main/binary-hppa/libnss3_1.7.8-1sarge10_hppa.deb stable/main/binary-hppa/mozilla-chatzilla_1.7.8-1sarge10_hppa.deb stable/main/binary-hppa/mozilla-browser_1.7.8-1sarge10_hppa.deb mozilla (2:1.7.8-1sarge10) stable-security; urgency=critical * fix crash regression in mailnews. updated 5_0013-MFSA-2006-74-CVE-2006-6505-Part-2-2-362512.txt to include that fix stable/main/binary-arm/mozilla_1.7.8-1sarge10_arm.deb stable/main/binary-arm/mozilla-browser_1.7.8-1sarge10_arm.deb stable/main/binary-arm/libnss3_1.7.8-1sarge10_arm.deb stable/main/binary-arm/mozilla-psm_1.7.8-1sarge10_arm.deb stable/main/binary-arm/mozilla-dom-inspector_1.7.8-1sarge10_arm.deb stable/main/binary-arm/mozilla-calendar_1.7.8-1sarge10_arm.deb stable/main/binary-arm/mozilla-mailnews_1.7.8-1sarge10_arm.deb stable/main/binary-arm/libnspr4_1.7.8-1sarge10_arm.deb stable/main/binary-arm/libnss-dev_1.7.8-1sarge10_arm.deb stable/main/binary-arm/mozilla-chatzilla_1.7.8-1sarge10_arm.deb stable/main/binary-arm/mozilla-js-debugger_1.7.8-1sarge10_arm.deb stable/main/binary-arm/libnspr-dev_1.7.8-1sarge10_arm.deb stable/main/binary-arm/mozilla-dev_1.7.8-1sarge10_arm.deb mozilla (2:1.7.8-1sarge10) stable-security; urgency=critical * fix crash regression in mailnews. updated 5_0013-MFSA-2006-74-CVE-2006-6505-Part-2-2-362512.txt to include that fix stable/main/binary-alpha/mozilla-mailnews_1.7.8-1sarge10_alpha.deb stable/main/binary-alpha/mozilla-dom-inspector_1.7.8-1sarge10_alpha.deb stable/main/binary-alpha/mozilla_1.7.8-1sarge10_alpha.deb stable/main/binary-alpha/libnspr4_1.7.8-1sarge10_alpha.deb stable/main/binary-alpha/libnss-dev_1.7.8-1sarge10_alpha.deb stable/main/binary-alpha/libnspr-dev_1.7.8-1sarge10_alpha.deb stable/main/binary-alpha/mozilla-js-debugger_1.7.8-1sarge10_alpha.deb stable/main/binary-alpha/mozilla-chatzilla_1.7.8-1sarge10_alpha.deb stable/main/binary-alpha/mozilla-dev_1.7.8-1sarge10_alpha.deb stable/main/binary-alpha/mozilla-browser_1.7.8-1sarge10_alpha.deb stable/main/binary-alpha/mozilla-calendar_1.7.8-1sarge10_alpha.deb stable/main/binary-alpha/mozilla-psm_1.7.8-1sarge10_alpha.deb stable/main/binary-alpha/libnss3_1.7.8-1sarge10_alpha.deb mozilla (2:1.7.8-1sarge10) stable-security; urgency=critical * fix crash regression in mailnews. updated 5_0013-MFSA-2006-74-CVE-2006-6505-Part-2-2-362512.txt to include that fix stable/main/binary-i386/mozilla-dom-inspector_1.7.8-1sarge10_i386.deb stable/main/binary-i386/mozilla-browser_1.7.8-1sarge10_i386.deb stable/main/binary-i386/mozilla-dev_1.7.8-1sarge10_i386.deb stable/main/binary-i386/libnspr-dev_1.7.8-1sarge10_i386.deb stable/main/source/mozilla_1.7.8-1sarge10.dsc stable/main/binary-i386/mozilla-js-debugger_1.7.8-1sarge10_i386.deb stable/main/binary-i386/mozilla-chatzilla_1.7.8-1sarge10_i386.deb stable/main/binary-i386/mozilla-psm_1.7.8-1sarge10_i386.deb stable/main/binary-i386/libnss-dev_1.7.8-1sarge10_i386.deb stable/main/source/mozilla_1.7.8-1sarge10.diff.gz stable/main/binary-i386/libnss3_1.7.8-1sarge10_i386.deb stable/main/binary-i386/mozilla-calendar_1.7.8-1sarge10_i386.deb stable/main/binary-i386/mozilla-mailnews_1.7.8-1sarge10_i386.deb stable/main/binary-i386/libnspr4_1.7.8-1sarge10_i386.deb stable/main/binary-i386/mozilla_1.7.8-1sarge10_i386.deb mozilla (2:1.7.8-1sarge10) stable-security; urgency=critical * fix crash regression in mailnews. updated 5_0013-MFSA-2006-74-CVE-2006-6505-Part-2-2-362512.txt to include that fix mozilla (2:1.7.8-1sarge9) stable-security; urgency=critical * fixes various security issues. Patches are: 5_0001-MFSA-2006-68-CVE-2006-6497-Part-1-335047.txt 5_0002-MFSA-2006-68-CVE-2006-6497-Part-2-339494.txt 5_0003-MFSA-2006-68-CVE-2006-6497-Part-4-354766.txt 5_0004-INFRASTRUCTURE-BACKPORT-backport-nsWeakFrame-infrastructure-to-1.7-branch.txt 5_0005-MFSA-2006-68-CVE-2006-6497-Part-5-359203.txt 5_0006-MFSA-2006-68-CVE-2006-6497-Part-6-360642.txt 5_0007-MFSA-2006-68-CVE-2006-6498-Part-1-352846.txt 5_0008-MFSA-2006-68-CVE-2006-6498-Part-2-361346.txt 5_0009-MFSA-2006-70-CVE-2006-6501-354978-r361964.txt 5_0010-MFSA-2006-71-CVE-2006-6502-352064.txt 5_0011-MFSA-2006-72-CVE-2006-6503-351370.txt 5_0012-MFSA-2006-74-CVE-2006-6505-Part-1-2-362213.txt 5_0013-MFSA-2006-74-CVE-2006-6505-Part-2-2-362512.txt 5_0014-MFSA-2006-68-CVE-2006-6499-358569.txt 5_0015-MFSA-2006-68-CVE-2006-6497-Part-3-348304.txt stable/main/binary-sparc/man-db_2.4.2-21sarge1_sparc.deb man-db (2.4.2-21sarge1) stable-security; urgency=low * CVE-2006-4250: Fix a buffer overrun if using -H and the designated web browser (argument to -H or $BROWSER) contains multiple %s expansions. Thanks to Jochen Voß for the report. stable/main/binary-s390/man-db_2.4.2-21sarge1_s390.deb man-db (2.4.2-21sarge1) stable-security; urgency=low * CVE-2006-4250: Fix a buffer overrun if using -H and the designated web browser (argument to -H or $BROWSER) contains multiple %s expansions. Thanks to Jochen Voß for the report. stable/main/binary-powerpc/man-db_2.4.2-21sarge1_powerpc.deb man-db (2.4.2-21sarge1) stable-security; urgency=low * CVE-2006-4250: Fix a buffer overrun if using -H and the designated web browser (argument to -H or $BROWSER) contains multiple %s expansions. Thanks to Jochen Voß for the report. stable/main/binary-mipsel/man-db_2.4.2-21sarge1_mipsel.deb man-db (2.4.2-21sarge1) stable-security; urgency=low * CVE-2006-4250: Fix a buffer overrun if using -H and the designated web browser (argument to -H or $BROWSER) contains multiple %s expansions. Thanks to Jochen Voß for the report. stable/main/binary-mips/man-db_2.4.2-21sarge1_mips.deb man-db (2.4.2-21sarge1) stable-security; urgency=low * CVE-2006-4250: Fix a buffer overrun if using -H and the designated web browser (argument to -H or $BROWSER) contains multiple %s expansions. Thanks to Jochen Voß for the report. stable/main/binary-m68k/man-db_2.4.2-21sarge1_m68k.deb man-db (2.4.2-21sarge1) stable-security; urgency=low * CVE-2006-4250: Fix a buffer overrun if using -H and the designated web browser (argument to -H or $BROWSER) contains multiple %s expansions. Thanks to Jochen Voß for the report. stable/main/binary-ia64/man-db_2.4.2-21sarge1_ia64.deb man-db (2.4.2-21sarge1) stable-security; urgency=low * CVE-2006-4250: Fix a buffer overrun if using -H and the designated web browser (argument to -H or $BROWSER) contains multiple %s expansions. Thanks to Jochen Voß for the report. stable/main/binary-hppa/man-db_2.4.2-21sarge1_hppa.deb man-db (2.4.2-21sarge1) stable-security; urgency=low * CVE-2006-4250: Fix a buffer overrun if using -H and the designated web browser (argument to -H or $BROWSER) contains multiple %s expansions. Thanks to Jochen Voß for the report. stable/main/binary-arm/man-db_2.4.2-21sarge1_arm.deb man-db (2.4.2-21sarge1) stable-security; urgency=low * CVE-2006-4250: Fix a buffer overrun if using -H and the designated web browser (argument to -H or $BROWSER) contains multiple %s expansions. Thanks to Jochen Voß for the report. stable/main/binary-alpha/man-db_2.4.2-21sarge1_alpha.deb man-db (2.4.2-21sarge1) stable-security; urgency=low * CVE-2006-4250: Fix a buffer overrun if using -H and the designated web browser (argument to -H or $BROWSER) contains multiple %s expansions. Thanks to Jochen Voß for the report. stable/main/source/man-db_2.4.2-21sarge1.dsc stable/main/binary-i386/man-db_2.4.2-21sarge1_i386.deb stable/main/source/man-db_2.4.2-21sarge1.diff.gz man-db (2.4.2-21sarge1) stable-security; urgency=low * CVE-2006-4250: Fix a buffer overrun if using -H and the designated web browser (argument to -H or $BROWSER) contains multiple %s expansions. Thanks to Jochen Voß for the report. stable/main/source/lookup-el_1.4-3sarge1.diff.gz stable/main/source/lookup-el_1.4-3sarge1.dsc stable/main/binary-all/lookup-el_1.4-3sarge1_all.deb lookup-el (1.4-3sarge1) stable-security; urgency=high * lisp/ndeb-binary.el: Make a temporary subdirectory securely. [CVE-2007-0237] stable/main/binary-sparc/links2_2.1pre16-1sarge1_sparc.deb links2 (2.1pre16-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Build without smb:// support to avoid potential command execution [CVE-2006-5925]. stable/main/binary-s390/links2_2.1pre16-1sarge1_s390.deb links2 (2.1pre16-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Build without smb:// support to avoid potential command execution [CVE-2006-5925]. stable/main/binary-powerpc/links2_2.1pre16-1sarge1_powerpc.deb links2 (2.1pre16-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Build without smb:// support to avoid potential command execution [CVE-2006-5925]. stable/main/binary-mipsel/links2_2.1pre16-1sarge1_mipsel.deb links2 (2.1pre16-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Build without smb:// support to avoid potential command execution [CVE-2006-5925]. stable/main/binary-mips/links2_2.1pre16-1sarge1_mips.deb links2 (2.1pre16-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Build without smb:// support to avoid potential command execution [CVE-2006-5925]. stable/main/binary-m68k/links2_2.1pre16-1sarge1_m68k.deb links2 (2.1pre16-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Build without smb:// support to avoid potential command execution [CVE-2006-5925]. stable/main/binary-ia64/links2_2.1pre16-1sarge1_ia64.deb links2 (2.1pre16-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Build without smb:// support to avoid potential command execution [CVE-2006-5925]. stable/main/binary-hppa/links2_2.1pre16-1sarge1_hppa.deb links2 (2.1pre16-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Build without smb:// support to avoid potential command execution [CVE-2006-5925]. stable/main/binary-arm/links2_2.1pre16-1sarge1_arm.deb links2 (2.1pre16-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Build without smb:// support to avoid potential command execution [CVE-2006-5925]. stable/main/binary-alpha/links2_2.1pre16-1sarge1_alpha.deb links2 (2.1pre16-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Build without smb:// support to avoid potential command execution [CVE-2006-5925]. stable/main/binary-i386/links2_2.1pre16-1sarge1_i386.deb stable/main/source/links2_2.1pre16-1sarge1.diff.gz stable/main/source/links2_2.1pre16-1sarge1.dsc links2 (2.1pre16-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Build without smb:// support to avoid potential command execution [CVE-2006-5925]. stable/main/binary-sparc/libwpd-tools_0.8.1-1sarge1_sparc.deb stable/main/binary-sparc/libwpd8_0.8.1-1sarge1_sparc.deb stable/main/binary-sparc/libwpd8-dev_0.8.1-1sarge1_sparc.deb stable/main/binary-sparc/libwpd-stream8_0.8.1-1sarge1_sparc.deb libwpd (0.8.1-1sarge1) stable-security; urgency=high * fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) - thanks Steve Langasek stable/main/binary-s390/libwpd8_0.8.1-1sarge1_s390.deb stable/main/binary-s390/libwpd-stream8_0.8.1-1sarge1_s390.deb stable/main/binary-s390/libwpd8-dev_0.8.1-1sarge1_s390.deb stable/main/binary-s390/libwpd-tools_0.8.1-1sarge1_s390.deb libwpd (0.8.1-1sarge1) stable-security; urgency=high * fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) - thanks Steve Langasek stable/main/binary-mipsel/libwpd8_0.8.1-1sarge1_mipsel.deb stable/main/binary-mipsel/libwpd-tools_0.8.1-1sarge1_mipsel.deb stable/main/binary-mipsel/libwpd8-dev_0.8.1-1sarge1_mipsel.deb stable/main/binary-mipsel/libwpd-stream8_0.8.1-1sarge1_mipsel.deb libwpd (0.8.1-1sarge1) stable-security; urgency=high * fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) - thanks Steve Langasek stable/main/binary-mips/libwpd8-dev_0.8.1-1sarge1_mips.deb stable/main/binary-mips/libwpd-tools_0.8.1-1sarge1_mips.deb stable/main/binary-mips/libwpd8_0.8.1-1sarge1_mips.deb stable/main/binary-mips/libwpd-stream8_0.8.1-1sarge1_mips.deb libwpd (0.8.1-1sarge1) stable-security; urgency=high * fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) - thanks Steve Langasek stable/main/binary-m68k/libwpd-tools_0.8.1-1sarge1_m68k.deb stable/main/binary-m68k/libwpd8-dev_0.8.1-1sarge1_m68k.deb stable/main/binary-m68k/libwpd-stream8_0.8.1-1sarge1_m68k.deb stable/main/binary-m68k/libwpd8_0.8.1-1sarge1_m68k.deb libwpd (0.8.1-1sarge1) stable-security; urgency=high * fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) - thanks Steve Langasek stable/main/binary-ia64/libwpd-tools_0.8.1-1sarge1_ia64.deb stable/main/binary-ia64/libwpd-stream8_0.8.1-1sarge1_ia64.deb stable/main/binary-ia64/libwpd8_0.8.1-1sarge1_ia64.deb stable/main/binary-ia64/libwpd8-dev_0.8.1-1sarge1_ia64.deb libwpd (0.8.1-1sarge1) stable-security; urgency=high * fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) - thanks Steve Langasek stable/main/binary-i386/libwpd-stream8_0.8.1-1sarge1_i386.deb stable/main/binary-i386/libwpd8_0.8.1-1sarge1_i386.deb stable/main/binary-i386/libwpd-tools_0.8.1-1sarge1_i386.deb stable/main/binary-i386/libwpd8-dev_0.8.1-1sarge1_i386.deb libwpd (0.8.1-1sarge1) stable-security; urgency=high * fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) - thanks Steve Langasek stable/main/binary-hppa/libwpd8_0.8.1-1sarge1_hppa.deb stable/main/binary-hppa/libwpd8-dev_0.8.1-1sarge1_hppa.deb stable/main/binary-hppa/libwpd-tools_0.8.1-1sarge1_hppa.deb stable/main/binary-hppa/libwpd-stream8_0.8.1-1sarge1_hppa.deb libwpd (0.8.1-1sarge1) stable-security; urgency=high * fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) - thanks Steve Langasek stable/main/binary-arm/libwpd8_0.8.1-1sarge1_arm.deb stable/main/binary-arm/libwpd-stream8_0.8.1-1sarge1_arm.deb stable/main/binary-arm/libwpd8-dev_0.8.1-1sarge1_arm.deb stable/main/binary-arm/libwpd-tools_0.8.1-1sarge1_arm.deb libwpd (0.8.1-1sarge1) stable-security; urgency=high * fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) - thanks Steve Langasek stable/main/binary-alpha/libwpd8-dev_0.8.1-1sarge1_alpha.deb stable/main/binary-alpha/libwpd8_0.8.1-1sarge1_alpha.deb stable/main/binary-alpha/libwpd-tools_0.8.1-1sarge1_alpha.deb stable/main/binary-alpha/libwpd-stream8_0.8.1-1sarge1_alpha.deb libwpd (0.8.1-1sarge1) stable-security; urgency=high * fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) - thanks Steve Langasek stable/main/binary-powerpc/libwpd-stream8_0.8.1-1sarge1_powerpc.deb stable/main/source/libwpd_0.8.1-1sarge1.diff.gz stable/main/binary-powerpc/libwpd8-dev_0.8.1-1sarge1_powerpc.deb stable/main/binary-powerpc/libwpd8_0.8.1-1sarge1_powerpc.deb stable/main/source/libwpd_0.8.1-1sarge1.dsc stable/main/binary-all/libwpd8-doc_0.8.1-1sarge1_all.deb stable/main/binary-powerpc/libwpd-tools_0.8.1-1sarge1_powerpc.deb libwpd (0.8.1-1sarge1) stable-security; urgency=high * fix CVE-2007-0002 (various problems which could be used by remote attackers to execute arbitrary code or crash OOo) - thanks Steve Langasek stable/main/binary-sparc/krb5-telnetd_1.3.6-2sarge4_sparc.deb stable/main/binary-sparc/krb5-ftpd_1.3.6-2sarge4_sparc.deb stable/main/binary-sparc/libkrb5-dev_1.3.6-2sarge4_sparc.deb stable/main/binary-sparc/krb5-rsh-server_1.3.6-2sarge4_sparc.deb stable/main/binary-sparc/krb5-user_1.3.6-2sarge4_sparc.deb stable/main/binary-sparc/krb5-admin-server_1.3.6-2sarge4_sparc.deb stable/main/binary-sparc/libkadm55_1.3.6-2sarge4_sparc.deb stable/main/binary-sparc/krb5-kdc_1.3.6-2sarge4_sparc.deb stable/main/binary-sparc/krb5-clients_1.3.6-2sarge4_sparc.deb stable/main/binary-sparc/libkrb53_1.3.6-2sarge4_sparc.deb krb5 (1.3.6-2sarge4) stable-security; urgency=emergency * MIT-SA-2007-1: telnet allows login as an arbitrary user when presented with a specially crafted username; CVE-2007-0956 * krb5_klog_syslog has a trivial buffer overflow that can be exploited by network data; CVE-2007-0957. The upstream patch is very intrusive because it fixes each call to syslog to have proper length checking as well as the actual krb5_klog_syslog internals to use vsnprintf rather than vsprintf. I have chosen to only include the change to krb5_klog_syslog for sarge. This is sufficient to fix the problem but is much smaller and less intrusive. (MIT-SA-2007-2) * MIT-SA-2007-3: The GSS-API library can cause a double free if applications treat certain errors decoding a message as errors that require freeing the output buffer. At least the gssapi rpc library does this, so kadmind is vulnerable. Fix the gssapi library because the spec allows applications to treat errors this way. CVE-2007-1216 stable/main/binary-s390/libkadm55_1.3.6-2sarge4_s390.deb stable/main/binary-s390/libkrb5-dev_1.3.6-2sarge4_s390.deb stable/main/binary-s390/krb5-telnetd_1.3.6-2sarge4_s390.deb stable/main/binary-s390/krb5-clients_1.3.6-2sarge4_s390.deb stable/main/binary-s390/krb5-rsh-server_1.3.6-2sarge4_s390.deb stable/main/binary-s390/krb5-kdc_1.3.6-2sarge4_s390.deb stable/main/binary-s390/krb5-user_1.3.6-2sarge4_s390.deb stable/main/binary-s390/krb5-admin-server_1.3.6-2sarge4_s390.deb stable/main/binary-s390/libkrb53_1.3.6-2sarge4_s390.deb stable/main/binary-s390/krb5-ftpd_1.3.6-2sarge4_s390.deb krb5 (1.3.6-2sarge4) stable-security; urgency=emergency * MIT-SA-2007-1: telnet allows login as an arbitrary user when presented with a specially crafted username; CVE-2007-0956 * krb5_klog_syslog has a trivial buffer overflow that can be exploited by network data; CVE-2007-0957. The upstream patch is very intrusive because it fixes each call to syslog to have proper length checking as well as the actual krb5_klog_syslog internals to use vsnprintf rather than vsprintf. I have chosen to only include the change to krb5_klog_syslog for sarge. This is sufficient to fix the problem but is much smaller and less intrusive. (MIT-SA-2007-2) * MIT-SA-2007-3: The GSS-API library can cause a double free if applications treat certain errors decoding a message as errors that require freeing the output buffer. At least the gssapi rpc library does this, so kadmind is vulnerable. Fix the gssapi library because the spec allows applications to treat errors this way. CVE-2007-1216 stable/main/binary-powerpc/libkadm55_1.3.6-2sarge4_powerpc.deb stable/main/binary-powerpc/krb5-clients_1.3.6-2sarge4_powerpc.deb stable/main/binary-powerpc/krb5-kdc_1.3.6-2sarge4_powerpc.deb stable/main/binary-powerpc/krb5-rsh-server_1.3.6-2sarge4_powerpc.deb stable/main/binary-powerpc/libkrb53_1.3.6-2sarge4_powerpc.deb stable/main/binary-powerpc/krb5-ftpd_1.3.6-2sarge4_powerpc.deb stable/main/binary-powerpc/libkrb5-dev_1.3.6-2sarge4_powerpc.deb stable/main/binary-powerpc/krb5-admin-server_1.3.6-2sarge4_powerpc.deb stable/main/binary-powerpc/krb5-telnetd_1.3.6-2sarge4_powerpc.deb stable/main/binary-powerpc/krb5-user_1.3.6-2sarge4_powerpc.deb krb5 (1.3.6-2sarge4) stable-security; urgency=emergency * MIT-SA-2007-1: telnet allows login as an arbitrary user when presented with a specially crafted username; CVE-2007-0956 * krb5_klog_syslog has a trivial buffer overflow that can be exploited by network data; CVE-2007-0957. The upstream patch is very intrusive because it fixes each call to syslog to have proper length checking as well as the actual krb5_klog_syslog internals to use vsnprintf rather than vsprintf. I have chosen to only include the change to krb5_klog_syslog for sarge. This is sufficient to fix the problem but is much smaller and less intrusive. (MIT-SA-2007-2) * MIT-SA-2007-3: The GSS-API library can cause a double free if applications treat certain errors decoding a message as errors that require freeing the output buffer. At least the gssapi rpc library does this, so kadmind is vulnerable. Fix the gssapi library because the spec allows applications to treat errors this way. CVE-2007-1216 stable/main/binary-mipsel/krb5-user_1.3.6-2sarge4_mipsel.deb stable/main/binary-mipsel/krb5-rsh-server_1.3.6-2sarge4_mipsel.deb stable/main/binary-mipsel/libkrb53_1.3.6-2sarge4_mipsel.deb stable/main/binary-mipsel/krb5-clients_1.3.6-2sarge4_mipsel.deb stable/main/binary-mipsel/krb5-kdc_1.3.6-2sarge4_mipsel.deb stable/main/binary-mipsel/libkadm55_1.3.6-2sarge4_mipsel.deb stable/main/binary-mipsel/krb5-admin-server_1.3.6-2sarge4_mipsel.deb stable/main/binary-mipsel/libkrb5-dev_1.3.6-2sarge4_mipsel.deb stable/main/binary-mipsel/krb5-telnetd_1.3.6-2sarge4_mipsel.deb stable/main/binary-mipsel/krb5-ftpd_1.3.6-2sarge4_mipsel.deb krb5 (1.3.6-2sarge4) stable-security; urgency=emergency * MIT-SA-2007-1: telnet allows login as an arbitrary user when presented with a specially crafted username; CVE-2007-0956 * krb5_klog_syslog has a trivial buffer overflow that can be exploited by network data; CVE-2007-0957. The upstream patch is very intrusive because it fixes each call to syslog to have proper length checking as well as the actual krb5_klog_syslog internals to use vsnprintf rather than vsprintf. I have chosen to only include the change to krb5_klog_syslog for sarge. This is sufficient to fix the problem but is much smaller and less intrusive. (MIT-SA-2007-2) * MIT-SA-2007-3: The GSS-API library can cause a double free if applications treat certain errors decoding a message as errors that require freeing the output buffer. At least the gssapi rpc library does this, so kadmind is vulnerable. Fix the gssapi library because the spec allows applications to treat errors this way. CVE-2007-1216 stable/main/binary-mips/krb5-kdc_1.3.6-2sarge4_mips.deb stable/main/binary-mips/libkrb5-dev_1.3.6-2sarge4_mips.deb stable/main/binary-mips/libkadm55_1.3.6-2sarge4_mips.deb stable/main/binary-mips/krb5-ftpd_1.3.6-2sarge4_mips.deb stable/main/binary-mips/krb5-user_1.3.6-2sarge4_mips.deb stable/main/binary-mips/krb5-rsh-server_1.3.6-2sarge4_mips.deb stable/main/binary-mips/krb5-telnetd_1.3.6-2sarge4_mips.deb stable/main/binary-mips/krb5-admin-server_1.3.6-2sarge4_mips.deb stable/main/binary-mips/libkrb53_1.3.6-2sarge4_mips.deb stable/main/binary-mips/krb5-clients_1.3.6-2sarge4_mips.deb krb5 (1.3.6-2sarge4) stable-security; urgency=emergency * MIT-SA-2007-1: telnet allows login as an arbitrary user when presented with a specially crafted username; CVE-2007-0956 * krb5_klog_syslog has a trivial buffer overflow that can be exploited by network data; CVE-2007-0957. The upstream patch is very intrusive because it fixes each call to syslog to have proper length checking as well as the actual krb5_klog_syslog internals to use vsnprintf rather than vsprintf. I have chosen to only include the change to krb5_klog_syslog for sarge. This is sufficient to fix the problem but is much smaller and less intrusive. (MIT-SA-2007-2) * MIT-SA-2007-3: The GSS-API library can cause a double free if applications treat certain errors decoding a message as errors that require freeing the output buffer. At least the gssapi rpc library does this, so kadmind is vulnerable. Fix the gssapi library because the spec allows applications to treat errors this way. CVE-2007-1216 stable/main/binary-m68k/krb5-ftpd_1.3.6-2sarge4_m68k.deb stable/main/binary-m68k/krb5-rsh-server_1.3.6-2sarge4_m68k.deb stable/main/binary-m68k/libkrb53_1.3.6-2sarge4_m68k.deb stable/main/binary-m68k/krb5-kdc_1.3.6-2sarge4_m68k.deb stable/main/binary-m68k/libkrb5-dev_1.3.6-2sarge4_m68k.deb stable/main/binary-m68k/krb5-user_1.3.6-2sarge4_m68k.deb stable/main/binary-m68k/krb5-telnetd_1.3.6-2sarge4_m68k.deb stable/main/binary-m68k/krb5-clients_1.3.6-2sarge4_m68k.deb stable/main/binary-m68k/libkadm55_1.3.6-2sarge4_m68k.deb stable/main/binary-m68k/krb5-admin-server_1.3.6-2sarge4_m68k.deb krb5 (1.3.6-2sarge4) stable-security; urgency=emergency * MIT-SA-2007-1: telnet allows login as an arbitrary user when presented with a specially crafted username; CVE-2007-0956 * krb5_klog_syslog has a trivial buffer overflow that can be exploited by network data; CVE-2007-0957. The upstream patch is very intrusive because it fixes each call to syslog to have proper length checking as well as the actual krb5_klog_syslog internals to use vsnprintf rather than vsprintf. I have chosen to only include the change to krb5_klog_syslog for sarge. This is sufficient to fix the problem but is much smaller and less intrusive. (MIT-SA-2007-2) * MIT-SA-2007-3: The GSS-API library can cause a double free if applications treat certain errors decoding a message as errors that require freeing the output buffer. At least the gssapi rpc library does this, so kadmind is vulnerable. Fix the gssapi library because the spec allows applications to treat errors this way. CVE-2007-1216 stable/main/binary-ia64/libkadm55_1.3.6-2sarge4_ia64.deb stable/main/binary-ia64/krb5-kdc_1.3.6-2sarge4_ia64.deb stable/main/binary-ia64/libkrb53_1.3.6-2sarge4_ia64.deb stable/main/binary-ia64/krb5-user_1.3.6-2sarge4_ia64.deb stable/main/binary-ia64/libkrb5-dev_1.3.6-2sarge4_ia64.deb stable/main/binary-ia64/krb5-ftpd_1.3.6-2sarge4_ia64.deb stable/main/binary-ia64/krb5-telnetd_1.3.6-2sarge4_ia64.deb stable/main/binary-ia64/krb5-rsh-server_1.3.6-2sarge4_ia64.deb stable/main/binary-ia64/krb5-clients_1.3.6-2sarge4_ia64.deb stable/main/binary-ia64/krb5-admin-server_1.3.6-2sarge4_ia64.deb krb5 (1.3.6-2sarge4) stable-security; urgency=emergency * MIT-SA-2007-1: telnet allows login as an arbitrary user when presented with a specially crafted username; CVE-2007-0956 * krb5_klog_syslog has a trivial buffer overflow that can be exploited by network data; CVE-2007-0957. The upstream patch is very intrusive because it fixes each call to syslog to have proper length checking as well as the actual krb5_klog_syslog internals to use vsnprintf rather than vsprintf. I have chosen to only include the change to krb5_klog_syslog for sarge. This is sufficient to fix the problem but is much smaller and less intrusive. (MIT-SA-2007-2) * MIT-SA-2007-3: The GSS-API library can cause a double free if applications treat certain errors decoding a message as errors that require freeing the output buffer. At least the gssapi rpc library does this, so kadmind is vulnerable. Fix the gssapi library because the spec allows applications to treat errors this way. CVE-2007-1216 stable/main/binary-hppa/libkadm55_1.3.6-2sarge4_hppa.deb stable/main/binary-hppa/libkrb53_1.3.6-2sarge4_hppa.deb stable/main/binary-hppa/krb5-rsh-server_1.3.6-2sarge4_hppa.deb stable/main/binary-hppa/libkrb5-dev_1.3.6-2sarge4_hppa.deb stable/main/binary-hppa/krb5-ftpd_1.3.6-2sarge4_hppa.deb stable/main/binary-hppa/krb5-user_1.3.6-2sarge4_hppa.deb stable/main/binary-hppa/krb5-telnetd_1.3.6-2sarge4_hppa.deb stable/main/binary-hppa/krb5-admin-server_1.3.6-2sarge4_hppa.deb stable/main/binary-hppa/krb5-clients_1.3.6-2sarge4_hppa.deb stable/main/binary-hppa/krb5-kdc_1.3.6-2sarge4_hppa.deb krb5 (1.3.6-2sarge4) stable-security; urgency=emergency * MIT-SA-2007-1: telnet allows login as an arbitrary user when presented with a specially crafted username; CVE-2007-0956 * krb5_klog_syslog has a trivial buffer overflow that can be exploited by network data; CVE-2007-0957. The upstream patch is very intrusive because it fixes each call to syslog to have proper length checking as well as the actual krb5_klog_syslog internals to use vsnprintf rather than vsprintf. I have chosen to only include the change to krb5_klog_syslog for sarge. This is sufficient to fix the problem but is much smaller and less intrusive. (MIT-SA-2007-2) * MIT-SA-2007-3: The GSS-API library can cause a double free if applications treat certain errors decoding a message as errors that require freeing the output buffer. At least the gssapi rpc library does this, so kadmind is vulnerable. Fix the gssapi library because the spec allows applications to treat errors this way. CVE-2007-1216 stable/main/binary-arm/libkrb5-dev_1.3.6-2sarge4_arm.deb stable/main/binary-arm/krb5-rsh-server_1.3.6-2sarge4_arm.deb stable/main/binary-arm/krb5-kdc_1.3.6-2sarge4_arm.deb stable/main/binary-arm/krb5-user_1.3.6-2sarge4_arm.deb stable/main/binary-arm/krb5-clients_1.3.6-2sarge4_arm.deb stable/main/binary-arm/libkrb53_1.3.6-2sarge4_arm.deb stable/main/binary-arm/libkadm55_1.3.6-2sarge4_arm.deb stable/main/binary-arm/krb5-admin-server_1.3.6-2sarge4_arm.deb stable/main/binary-arm/krb5-ftpd_1.3.6-2sarge4_arm.deb stable/main/binary-arm/krb5-telnetd_1.3.6-2sarge4_arm.deb krb5 (1.3.6-2sarge4) stable-security; urgency=emergency * MIT-SA-2007-1: telnet allows login as an arbitrary user when presented with a specially crafted username; CVE-2007-0956 * krb5_klog_syslog has a trivial buffer overflow that can be exploited by network data; CVE-2007-0957. The upstream patch is very intrusive because it fixes each call to syslog to have proper length checking as well as the actual krb5_klog_syslog internals to use vsnprintf rather than vsprintf. I have chosen to only include the change to krb5_klog_syslog for sarge. This is sufficient to fix the problem but is much smaller and less intrusive. (MIT-SA-2007-2) * MIT-SA-2007-3: The GSS-API library can cause a double free if applications treat certain errors decoding a message as errors that require freeing the output buffer. At least the gssapi rpc library does this, so kadmind is vulnerable. Fix the gssapi library because the spec allows applications to treat errors this way. CVE-2007-1216 stable/main/binary-alpha/libkrb53_1.3.6-2sarge4_alpha.deb stable/main/binary-alpha/krb5-admin-server_1.3.6-2sarge4_alpha.deb stable/main/binary-alpha/krb5-rsh-server_1.3.6-2sarge4_alpha.deb stable/main/binary-alpha/krb5-clients_1.3.6-2sarge4_alpha.deb stable/main/binary-alpha/krb5-kdc_1.3.6-2sarge4_alpha.deb stable/main/binary-alpha/krb5-user_1.3.6-2sarge4_alpha.deb stable/main/binary-alpha/libkadm55_1.3.6-2sarge4_alpha.deb stable/main/binary-alpha/libkrb5-dev_1.3.6-2sarge4_alpha.deb stable/main/binary-alpha/krb5-ftpd_1.3.6-2sarge4_alpha.deb stable/main/binary-alpha/krb5-telnetd_1.3.6-2sarge4_alpha.deb krb5 (1.3.6-2sarge4) stable-security; urgency=emergency * MIT-SA-2007-1: telnet allows login as an arbitrary user when presented with a specially crafted username; CVE-2007-0956 * krb5_klog_syslog has a trivial buffer overflow that can be exploited by network data; CVE-2007-0957. The upstream patch is very intrusive because it fixes each call to syslog to have proper length checking as well as the actual krb5_klog_syslog internals to use vsnprintf rather than vsprintf. I have chosen to only include the change to krb5_klog_syslog for sarge. This is sufficient to fix the problem but is much smaller and less intrusive. (MIT-SA-2007-2) * MIT-SA-2007-3: The GSS-API library can cause a double free if applications treat certain errors decoding a message as errors that require freeing the output buffer. At least the gssapi rpc library does this, so kadmind is vulnerable. Fix the gssapi library because the spec allows applications to treat errors this way. CVE-2007-1216 stable/main/source/krb5_1.3.6-2sarge4.diff.gz stable/main/binary-i386/krb5-ftpd_1.3.6-2sarge4_i386.deb stable/main/binary-i386/krb5-admin-server_1.3.6-2sarge4_i386.deb stable/main/binary-i386/libkrb5-dev_1.3.6-2sarge4_i386.deb stable/main/binary-i386/krb5-telnetd_1.3.6-2sarge4_i386.deb stable/main/binary-all/krb5-doc_1.3.6-2sarge4_all.deb stable/main/binary-i386/krb5-user_1.3.6-2sarge4_i386.deb stable/main/binary-i386/krb5-clients_1.3.6-2sarge4_i386.deb stable/main/binary-i386/krb5-kdc_1.3.6-2sarge4_i386.deb stable/main/binary-i386/libkadm55_1.3.6-2sarge4_i386.deb stable/main/binary-i386/libkrb53_1.3.6-2sarge4_i386.deb stable/main/source/krb5_1.3.6-2sarge4.dsc stable/main/binary-i386/krb5-rsh-server_1.3.6-2sarge4_i386.deb krb5 (1.3.6-2sarge4) stable-security; urgency=emergency * MIT-SA-2007-1: telnet allows login as an arbitrary user when presented with a specially crafted username; CVE-2007-0956 * krb5_klog_syslog has a trivial buffer overflow that can be exploited by network data; CVE-2007-0957. The upstream patch is very intrusive because it fixes each call to syslog to have proper length checking as well as the actual krb5_klog_syslog internals to use vsnprintf rather than vsprintf. I have chosen to only include the change to krb5_klog_syslog for sarge. This is sufficient to fix the problem but is much smaller and less intrusive. (MIT-SA-2007-2) * MIT-SA-2007-3: The GSS-API library can cause a double free if applications treat certain errors decoding a message as errors that require freeing the output buffer. At least the gssapi rpc library does this, so kadmind is vulnerable. Fix the gssapi library because the spec allows applications to treat errors this way. CVE-2007-1216 stable/main/binary-sparc/gnupg_1.4.1-1.sarge7_sparc.deb stable/main/binary-sparc/gpgv-udeb_1.4.1-1.sarge7_sparc.udeb gnupg (1.4.1-1.sarge7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch from upstream 1.4.7 for CVE-2007-1263. stable/main/binary-s390/gnupg_1.4.1-1.sarge7_s390.deb stable/main/binary-s390/gpgv-udeb_1.4.1-1.sarge7_s390.udeb gnupg (1.4.1-1.sarge7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch from upstream 1.4.7 for CVE-2007-1263. stable/main/binary-powerpc/gpgv-udeb_1.4.1-1.sarge7_powerpc.udeb stable/main/binary-powerpc/gnupg_1.4.1-1.sarge7_powerpc.deb gnupg (1.4.1-1.sarge7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch from upstream 1.4.7 for CVE-2007-1263. stable/main/binary-mipsel/gnupg_1.4.1-1.sarge7_mipsel.deb stable/main/binary-mipsel/gpgv-udeb_1.4.1-1.sarge7_mipsel.udeb gnupg (1.4.1-1.sarge7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch from upstream 1.4.7 for CVE-2007-1263. stable/main/binary-mips/gpgv-udeb_1.4.1-1.sarge7_mips.udeb stable/main/binary-mips/gnupg_1.4.1-1.sarge7_mips.deb gnupg (1.4.1-1.sarge7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch from upstream 1.4.7 for CVE-2007-1263. stable/main/binary-m68k/gpgv-udeb_1.4.1-1.sarge7_m68k.udeb stable/main/binary-m68k/gnupg_1.4.1-1.sarge7_m68k.deb gnupg (1.4.1-1.sarge7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch from upstream 1.4.7 for CVE-2007-1263. stable/main/binary-ia64/gpgv-udeb_1.4.1-1.sarge7_ia64.udeb stable/main/binary-ia64/gnupg_1.4.1-1.sarge7_ia64.deb gnupg (1.4.1-1.sarge7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch from upstream 1.4.7 for CVE-2007-1263. stable/main/binary-hppa/gnupg_1.4.1-1.sarge7_hppa.deb stable/main/binary-hppa/gpgv-udeb_1.4.1-1.sarge7_hppa.udeb gnupg (1.4.1-1.sarge7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch from upstream 1.4.7 for CVE-2007-1263. stable/main/binary-arm/gnupg_1.4.1-1.sarge7_arm.deb stable/main/binary-arm/gpgv-udeb_1.4.1-1.sarge7_arm.udeb gnupg (1.4.1-1.sarge7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch from upstream 1.4.7 for CVE-2007-1263. stable/main/binary-alpha/gpgv-udeb_1.4.1-1.sarge7_alpha.udeb stable/main/binary-alpha/gnupg_1.4.1-1.sarge7_alpha.deb gnupg (1.4.1-1.sarge7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch from upstream 1.4.7 for CVE-2007-1263. stable/main/binary-i386/gnupg_1.4.1-1.sarge7_i386.deb stable/main/source/gnupg_1.4.1-1.sarge7.diff.gz stable/main/binary-i386/gpgv-udeb_1.4.1-1.sarge7_i386.udeb stable/main/source/gnupg_1.4.1-1.sarge7.dsc gnupg (1.4.1-1.sarge7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch from upstream 1.4.7 for CVE-2007-1263. stable/main/binary-sparc/gnomemeeting_1.2.1-1sarge1_sparc.deb gnomemeeting (1.2.1-1sarge1) stable-security; urgency=high * Backported fixes for Ekiga/GnomeMeeting CVE-2007-1006/CVE-2007-1007 stable/main/binary-s390/gnomemeeting_1.2.1-1sarge1_s390.deb gnomemeeting (1.2.1-1sarge1) stable-security; urgency=high * Backported fixes for Ekiga/GnomeMeeting CVE-2007-1006/CVE-2007-1007 stable/main/binary-powerpc/gnomemeeting_1.2.1-1sarge1_powerpc.deb gnomemeeting (1.2.1-1sarge1) stable-security; urgency=high * Backported fixes for Ekiga/GnomeMeeting CVE-2007-1006/CVE-2007-1007 stable/main/binary-mipsel/gnomemeeting_1.2.1-1sarge1_mipsel.deb gnomemeeting (1.2.1-1sarge1) stable-security; urgency=high * Backported fixes for Ekiga/GnomeMeeting CVE-2007-1006/CVE-2007-1007 stable/main/binary-mips/gnomemeeting_1.2.1-1sarge1_mips.deb gnomemeeting (1.2.1-1sarge1) stable-security; urgency=high * Backported fixes for Ekiga/GnomeMeeting CVE-2007-1006/CVE-2007-1007 stable/main/binary-m68k/gnomemeeting_1.2.1-1sarge1_m68k.deb gnomemeeting (1.2.1-1sarge1) stable-security; urgency=high * Backported fixes for Ekiga/GnomeMeeting CVE-2007-1006/CVE-2007-1007 stable/main/binary-ia64/gnomemeeting_1.2.1-1sarge1_ia64.deb gnomemeeting (1.2.1-1sarge1) stable-security; urgency=high * Backported fixes for Ekiga/GnomeMeeting CVE-2007-1006/CVE-2007-1007 stable/main/binary-hppa/gnomemeeting_1.2.1-1sarge1_hppa.deb gnomemeeting (1.2.1-1sarge1) stable-security; urgency=high * Backported fixes for Ekiga/GnomeMeeting CVE-2007-1006/CVE-2007-1007 stable/main/binary-arm/gnomemeeting_1.2.1-1sarge1_arm.deb gnomemeeting (1.2.1-1sarge1) stable-security; urgency=high * Backported fixes for Ekiga/GnomeMeeting CVE-2007-1006/CVE-2007-1007 stable/main/binary-alpha/gnomemeeting_1.2.1-1sarge1_alpha.deb gnomemeeting (1.2.1-1sarge1) stable-security; urgency=high * Backported fixes for Ekiga/GnomeMeeting CVE-2007-1006/CVE-2007-1007 stable/main/source/gnomemeeting_1.2.1-1sarge1.diff.gz stable/main/binary-i386/gnomemeeting_1.2.1-1sarge1_i386.deb stable/main/source/gnomemeeting_1.2.1-1sarge1.dsc gnomemeeting (1.2.1-1sarge1) stable-security; urgency=high * Backported fixes for Ekiga/GnomeMeeting CVE-2007-1006/CVE-2007-1007 stable/main/binary-s390/libnss-files-udeb_2.3.2.ds1-22sarge6_s390.udeb stable/main/binary-s390/libc6-pic_2.3.2.ds1-22sarge6_s390.deb stable/main/binary-s390/libc6-s390x_2.3.2.ds1-22sarge6_s390.deb stable/main/binary-s390/libnss-dns-udeb_2.3.2.ds1-22sarge6_s390.udeb stable/main/binary-s390/libc6-dev-s390x_2.3.2.ds1-22sarge6_s390.deb stable/main/binary-s390/libc6-dbg_2.3.2.ds1-22sarge6_s390.deb stable/main/binary-s390/libc6_2.3.2.ds1-22sarge6_s390.deb stable/main/binary-s390/libc6-prof_2.3.2.ds1-22sarge6_s390.deb stable/main/binary-s390/libc6-dev_2.3.2.ds1-22sarge6_s390.deb stable/main/binary-s390/nscd_2.3.2.ds1-22sarge6_s390.deb stable/main/binary-s390/libc6-udeb_2.3.2.ds1-22sarge6_s390.udeb glibc (2.3.2.ds1-22sarge6) stable; urgency=low * control.in/main, rules.d/debhelper.mk: use dh_shlibdeps to set the dependencies of nscd. stable/main/binary-powerpc/libc6-pic_2.3.2.ds1-22sarge6_powerpc.deb stable/main/binary-powerpc/libc6-dbg_2.3.2.ds1-22sarge6_powerpc.deb stable/main/binary-powerpc/libc6-udeb_2.3.2.ds1-22sarge6_powerpc.udeb stable/main/binary-powerpc/libc6-dev_2.3.2.ds1-22sarge6_powerpc.deb stable/main/binary-powerpc/nscd_2.3.2.ds1-22sarge6_powerpc.deb stable/main/binary-powerpc/libc6_2.3.2.ds1-22sarge6_powerpc.deb stable/main/binary-powerpc/libc6-prof_2.3.2.ds1-22sarge6_powerpc.deb stable/main/binary-powerpc/libnss-files-udeb_2.3.2.ds1-22sarge6_powerpc.udeb stable/main/binary-powerpc/libnss-dns-udeb_2.3.2.ds1-22sarge6_powerpc.udeb glibc (2.3.2.ds1-22sarge6) stable; urgency=low * control.in/main, rules.d/debhelper.mk: use dh_shlibdeps to set the dependencies of nscd. stable/main/binary-mipsel/libnss-files-udeb_2.3.2.ds1-22sarge6_mipsel.udeb stable/main/binary-mipsel/libnss-dns-udeb_2.3.2.ds1-22sarge6_mipsel.udeb stable/main/binary-mipsel/libc6-udeb_2.3.2.ds1-22sarge6_mipsel.udeb stable/main/binary-mipsel/libc6-prof_2.3.2.ds1-22sarge6_mipsel.deb stable/main/binary-mipsel/libc6-dbg_2.3.2.ds1-22sarge6_mipsel.deb stable/main/binary-mipsel/libc6-pic_2.3.2.ds1-22sarge6_mipsel.deb stable/main/binary-mipsel/libc6_2.3.2.ds1-22sarge6_mipsel.deb stable/main/binary-mipsel/libc6-dev_2.3.2.ds1-22sarge6_mipsel.deb stable/main/binary-mipsel/nscd_2.3.2.ds1-22sarge6_mipsel.deb glibc (2.3.2.ds1-22sarge6) stable; urgency=low * control.in/main, rules.d/debhelper.mk: use dh_shlibdeps to set the dependencies of nscd. stable/main/binary-mips/libc6-prof_2.3.2.ds1-22sarge6_mips.deb stable/main/binary-mips/libc6_2.3.2.ds1-22sarge6_mips.deb stable/main/binary-mips/libc6-dbg_2.3.2.ds1-22sarge6_mips.deb stable/main/binary-mips/nscd_2.3.2.ds1-22sarge6_mips.deb stable/main/binary-mips/libnss-dns-udeb_2.3.2.ds1-22sarge6_mips.udeb stable/main/binary-mips/libc6-udeb_2.3.2.ds1-22sarge6_mips.udeb stable/main/binary-mips/libnss-files-udeb_2.3.2.ds1-22sarge6_mips.udeb stable/main/binary-mips/libc6-pic_2.3.2.ds1-22sarge6_mips.deb stable/main/binary-mips/libc6-dev_2.3.2.ds1-22sarge6_mips.deb glibc (2.3.2.ds1-22sarge6) stable; urgency=low * control.in/main, rules.d/debhelper.mk: use dh_shlibdeps to set the dependencies of nscd. stable/main/binary-m68k/libc6-prof_2.3.2.ds1-22sarge6_m68k.deb stable/main/binary-m68k/libnss-dns-udeb_2.3.2.ds1-22sarge6_m68k.udeb stable/main/binary-m68k/libc6-dbg_2.3.2.ds1-22sarge6_m68k.deb stable/main/binary-m68k/nscd_2.3.2.ds1-22sarge6_m68k.deb stable/main/binary-m68k/libc6_2.3.2.ds1-22sarge6_m68k.deb stable/main/binary-m68k/libc6-udeb_2.3.2.ds1-22sarge6_m68k.udeb stable/main/binary-m68k/libc6-dev_2.3.2.ds1-22sarge6_m68k.deb stable/main/binary-m68k/libnss-files-udeb_2.3.2.ds1-22sarge6_m68k.udeb stable/main/binary-m68k/libc6-pic_2.3.2.ds1-22sarge6_m68k.deb glibc (2.3.2.ds1-22sarge6) stable; urgency=low * control.in/main, rules.d/debhelper.mk: use dh_shlibdeps to set the dependencies of nscd. stable/main/binary-ia64/libnss-dns-udeb_2.3.2.ds1-22sarge6_ia64.udeb stable/main/binary-ia64/libc6.1-dbg_2.3.2.ds1-22sarge6_ia64.deb stable/main/binary-ia64/libc6.1_2.3.2.ds1-22sarge6_ia64.deb stable/main/binary-ia64/libc6.1-udeb_2.3.2.ds1-22sarge6_ia64.udeb stable/main/binary-ia64/libc6.1-dev_2.3.2.ds1-22sarge6_ia64.deb stable/main/binary-ia64/libnss-files-udeb_2.3.2.ds1-22sarge6_ia64.udeb stable/main/binary-ia64/nscd_2.3.2.ds1-22sarge6_ia64.deb stable/main/binary-ia64/libc6.1-prof_2.3.2.ds1-22sarge6_ia64.deb stable/main/binary-ia64/libc6.1-pic_2.3.2.ds1-22sarge6_ia64.deb glibc (2.3.2.ds1-22sarge6) stable; urgency=low * control.in/main, rules.d/debhelper.mk: use dh_shlibdeps to set the dependencies of nscd. stable/main/binary-i386/nscd_2.3.2.ds1-22sarge6_i386.deb stable/main/binary-i386/libc6-pic_2.3.2.ds1-22sarge6_i386.deb stable/main/binary-i386/libc6-dev_2.3.2.ds1-22sarge6_i386.deb stable/main/binary-i386/libc6_2.3.2.ds1-22sarge6_i386.deb stable/main/binary-i386/libc6-prof_2.3.2.ds1-22sarge6_i386.deb stable/main/binary-i386/libnss-dns-udeb_2.3.2.ds1-22sarge6_i386.udeb stable/main/binary-i386/libc6-dbg_2.3.2.ds1-22sarge6_i386.deb stable/main/binary-i386/libc6-i686_2.3.2.ds1-22sarge6_i386.deb stable/main/binary-i386/libnss-files-udeb_2.3.2.ds1-22sarge6_i386.udeb stable/main/binary-i386/libc6-udeb_2.3.2.ds1-22sarge6_i386.udeb glibc (2.3.2.ds1-22sarge6) stable; urgency=low * control.in/main, rules.d/debhelper.mk: use dh_shlibdeps to set the dependencies of nscd. stable/main/binary-hppa/libc6-dbg_2.3.2.ds1-22sarge6_hppa.deb stable/main/binary-hppa/libc6-udeb_2.3.2.ds1-22sarge6_hppa.udeb stable/main/binary-hppa/libc6-prof_2.3.2.ds1-22sarge6_hppa.deb stable/main/binary-hppa/libc6-dev_2.3.2.ds1-22sarge6_hppa.deb stable/main/binary-hppa/libc6_2.3.2.ds1-22sarge6_hppa.deb stable/main/binary-hppa/libnss-files-udeb_2.3.2.ds1-22sarge6_hppa.udeb stable/main/binary-hppa/libc6-pic_2.3.2.ds1-22sarge6_hppa.deb stable/main/binary-hppa/nscd_2.3.2.ds1-22sarge6_hppa.deb stable/main/binary-hppa/libnss-dns-udeb_2.3.2.ds1-22sarge6_hppa.udeb glibc (2.3.2.ds1-22sarge6) stable; urgency=low * control.in/main, rules.d/debhelper.mk: use dh_shlibdeps to set the dependencies of nscd. stable/main/binary-arm/libc6-dev_2.3.2.ds1-22sarge6_arm.deb stable/main/binary-arm/libnss-dns-udeb_2.3.2.ds1-22sarge6_arm.udeb stable/main/binary-arm/libc6-dbg_2.3.2.ds1-22sarge6_arm.deb stable/main/binary-arm/libc6_2.3.2.ds1-22sarge6_arm.deb stable/main/binary-arm/libc6-prof_2.3.2.ds1-22sarge6_arm.deb stable/main/binary-arm/libnss-files-udeb_2.3.2.ds1-22sarge6_arm.udeb stable/main/binary-arm/libc6-pic_2.3.2.ds1-22sarge6_arm.deb stable/main/binary-arm/libc6-udeb_2.3.2.ds1-22sarge6_arm.udeb stable/main/binary-arm/nscd_2.3.2.ds1-22sarge6_arm.deb glibc (2.3.2.ds1-22sarge6) stable; urgency=low * control.in/main, rules.d/debhelper.mk: use dh_shlibdeps to set the dependencies of nscd. stable/main/binary-alpha/libnss-dns-udeb_2.3.2.ds1-22sarge6_alpha.udeb stable/main/binary-alpha/libc6.1-dev_2.3.2.ds1-22sarge6_alpha.deb stable/main/binary-alpha/libc6.1-dbg_2.3.2.ds1-22sarge6_alpha.deb stable/main/binary-alpha/libc6.1-udeb_2.3.2.ds1-22sarge6_alpha.udeb stable/main/binary-alpha/libc6.1-prof_2.3.2.ds1-22sarge6_alpha.deb stable/main/binary-alpha/libc6.1-pic_2.3.2.ds1-22sarge6_alpha.deb stable/main/binary-alpha/libnss-files-udeb_2.3.2.ds1-22sarge6_alpha.udeb stable/main/binary-alpha/libc6.1_2.3.2.ds1-22sarge6_alpha.deb stable/main/binary-alpha/nscd_2.3.2.ds1-22sarge6_alpha.deb glibc (2.3.2.ds1-22sarge6) stable; urgency=low * control.in/main, rules.d/debhelper.mk: use dh_shlibdeps to set the dependencies of nscd. stable/main/binary-sparc/libc6-udeb_2.3.2.ds1-22sarge6_sparc.udeb stable/main/binary-sparc/nscd_2.3.2.ds1-22sarge6_sparc.deb stable/main/binary-sparc/libnss-files-udeb_2.3.2.ds1-22sarge6_sparc.udeb stable/main/binary-sparc/libc6-prof_2.3.2.ds1-22sarge6_sparc.deb stable/main/binary-all/locales_2.3.2.ds1-22sarge6_all.deb stable/main/binary-sparc/libc6-sparcv9b_2.3.2.ds1-22sarge6_sparc.deb stable/main/source/glibc_2.3.2.ds1-22sarge6.diff.gz stable/main/binary-sparc/libc6-sparc64_2.3.2.ds1-22sarge6_sparc.deb stable/main/source/glibc_2.3.2.ds1-22sarge6.dsc stable/main/binary-sparc/libc6_2.3.2.ds1-22sarge6_sparc.deb stable/main/binary-all/glibc-doc_2.3.2.ds1-22sarge6_all.deb stable/main/binary-sparc/libc6-pic_2.3.2.ds1-22sarge6_sparc.deb stable/main/binary-sparc/libc6-dev-sparc64_2.3.2.ds1-22sarge6_sparc.deb stable/main/binary-sparc/libnss-dns-udeb_2.3.2.ds1-22sarge6_sparc.udeb stable/main/binary-sparc/libc6-dbg_2.3.2.ds1-22sarge6_sparc.deb stable/main/binary-sparc/libc6-sparcv9_2.3.2.ds1-22sarge6_sparc.deb stable/main/binary-sparc/libc6-dev_2.3.2.ds1-22sarge6_sparc.deb glibc (2.3.2.ds1-22sarge6) stable; urgency=low * control.in/main, rules.d/debhelper.mk: use dh_shlibdeps to set the dependencies of nscd. stable/main/binary-sparc/file_4.12-1sarge1_sparc.deb stable/main/binary-sparc/libmagic-dev_4.12-1sarge1_sparc.deb stable/main/binary-sparc/libmagic1_4.12-1sarge1_sparc.deb file (4.12-1sarge1) stable-security; urgency=high * Applied patch from upstream to src/file.h, src/funcs.c and src/magic.c to fix integer underflow in file_printf which can lead to to exploitable heap overflow CVE-2007-1536 (Closes: #415362, #416678). stable/main/binary-s390/file_4.12-1sarge1_s390.deb stable/main/binary-s390/libmagic-dev_4.12-1sarge1_s390.deb stable/main/binary-s390/libmagic1_4.12-1sarge1_s390.deb file (4.12-1sarge1) stable-security; urgency=high * Applied patch from upstream to src/file.h, src/funcs.c and src/magic.c to fix integer underflow in file_printf which can lead to to exploitable heap overflow CVE-2007-1536 (Closes: #415362, #416678). stable/main/binary-powerpc/libmagic1_4.12-1sarge1_powerpc.deb stable/main/binary-powerpc/file_4.12-1sarge1_powerpc.deb stable/main/binary-powerpc/libmagic-dev_4.12-1sarge1_powerpc.deb file (4.12-1sarge1) stable-security; urgency=high * Applied patch from upstream to src/file.h, src/funcs.c and src/magic.c to fix integer underflow in file_printf which can lead to to exploitable heap overflow CVE-2007-1536 (Closes: #415362, #416678). stable/main/binary-mipsel/libmagic-dev_4.12-1sarge1_mipsel.deb stable/main/binary-mipsel/libmagic1_4.12-1sarge1_mipsel.deb stable/main/binary-mipsel/file_4.12-1sarge1_mipsel.deb file (4.12-1sarge1) stable-security; urgency=high * Applied patch from upstream to src/file.h, src/funcs.c and src/magic.c to fix integer underflow in file_printf which can lead to to exploitable heap overflow CVE-2007-1536 (Closes: #415362, #416678). stable/main/binary-mips/libmagic1_4.12-1sarge1_mips.deb stable/main/binary-mips/libmagic-dev_4.12-1sarge1_mips.deb stable/main/binary-mips/file_4.12-1sarge1_mips.deb file (4.12-1sarge1) stable-security; urgency=high * Applied patch from upstream to src/file.h, src/funcs.c and src/magic.c to fix integer underflow in file_printf which can lead to to exploitable heap overflow CVE-2007-1536 (Closes: #415362, #416678). stable/main/binary-m68k/libmagic1_4.12-1sarge1_m68k.deb stable/main/binary-m68k/file_4.12-1sarge1_m68k.deb stable/main/binary-m68k/libmagic-dev_4.12-1sarge1_m68k.deb file (4.12-1sarge1) stable-security; urgency=high * Applied patch from upstream to src/file.h, src/funcs.c and src/magic.c to fix integer underflow in file_printf which can lead to to exploitable heap overflow CVE-2007-1536 (Closes: #415362, #416678). stable/main/binary-ia64/libmagic1_4.12-1sarge1_ia64.deb stable/main/binary-ia64/libmagic-dev_4.12-1sarge1_ia64.deb stable/main/binary-ia64/file_4.12-1sarge1_ia64.deb file (4.12-1sarge1) stable-security; urgency=high * Applied patch from upstream to src/file.h, src/funcs.c and src/magic.c to fix integer underflow in file_printf which can lead to to exploitable heap overflow CVE-2007-1536 (Closes: #415362, #416678). stable/main/binary-hppa/libmagic-dev_4.12-1sarge1_hppa.deb stable/main/binary-hppa/libmagic1_4.12-1sarge1_hppa.deb stable/main/binary-hppa/file_4.12-1sarge1_hppa.deb file (4.12-1sarge1) stable-security; urgency=high * Applied patch from upstream to src/file.h, src/funcs.c and src/magic.c to fix integer underflow in file_printf which can lead to to exploitable heap overflow CVE-2007-1536 (Closes: #415362, #416678). stable/main/binary-arm/libmagic-dev_4.12-1sarge1_arm.deb stable/main/binary-arm/file_4.12-1sarge1_arm.deb stable/main/binary-arm/libmagic1_4.12-1sarge1_arm.deb file (4.12-1sarge1) stable-security; urgency=high * Applied patch from upstream to src/file.h, src/funcs.c and src/magic.c to fix integer underflow in file_printf which can lead to to exploitable heap overflow CVE-2007-1536 (Closes: #415362, #416678). stable/main/binary-alpha/libmagic1_4.12-1sarge1_alpha.deb stable/main/binary-alpha/libmagic-dev_4.12-1sarge1_alpha.deb stable/main/binary-alpha/file_4.12-1sarge1_alpha.deb file (4.12-1sarge1) stable-security; urgency=high * Applied patch from upstream to src/file.h, src/funcs.c and src/magic.c to fix integer underflow in file_printf which can lead to to exploitable heap overflow CVE-2007-1536 (Closes: #415362, #416678). stable/main/binary-i386/file_4.12-1sarge1_i386.deb stable/main/source/file_4.12-1sarge1.diff.gz stable/main/binary-i386/libmagic-dev_4.12-1sarge1_i386.deb stable/main/binary-i386/libmagic1_4.12-1sarge1_i386.deb stable/main/source/file_4.12-1sarge1.dsc file (4.12-1sarge1) stable-security; urgency=high * Applied patch from upstream to src/file.h, src/funcs.c and src/magic.c to fix integer underflow in file_printf which can lead to to exploitable heap overflow CVE-2007-1536 (Closes: #415362, #416678). stable/main/binary-sparc/clamav-freshclam_0.84-2.sarge.15_sparc.deb stable/main/binary-sparc/clamav-milter_0.84-2.sarge.15_sparc.deb stable/main/binary-sparc/libclamav-dev_0.84-2.sarge.15_sparc.deb stable/main/binary-sparc/libclamav1_0.84-2.sarge.15_sparc.deb stable/main/binary-sparc/clamav_0.84-2.sarge.15_sparc.deb stable/main/binary-sparc/clamav-daemon_0.84-2.sarge.15_sparc.deb clamav (0.84-2.sarge.15) stable-security; urgency=high * Trigger rebuild to cope with expired builds, no code changes. stable/main/binary-s390/libclamav1_0.84-2.sarge.15_s390.deb stable/main/binary-s390/libclamav-dev_0.84-2.sarge.15_s390.deb stable/main/binary-s390/clamav-freshclam_0.84-2.sarge.15_s390.deb stable/main/binary-s390/clamav-milter_0.84-2.sarge.15_s390.deb stable/main/binary-s390/clamav_0.84-2.sarge.15_s390.deb stable/main/binary-s390/clamav-daemon_0.84-2.sarge.15_s390.deb clamav (0.84-2.sarge.15) stable-security; urgency=high * Trigger rebuild to cope with expired builds, no code changes. stable/main/binary-powerpc/libclamav1_0.84-2.sarge.15_powerpc.deb stable/main/binary-powerpc/clamav-daemon_0.84-2.sarge.15_powerpc.deb stable/main/binary-powerpc/clamav-freshclam_0.84-2.sarge.15_powerpc.deb stable/main/binary-powerpc/libclamav-dev_0.84-2.sarge.15_powerpc.deb stable/main/binary-powerpc/clamav-milter_0.84-2.sarge.15_powerpc.deb stable/main/binary-powerpc/clamav_0.84-2.sarge.15_powerpc.deb clamav (0.84-2.sarge.15) stable-security; urgency=high * Trigger rebuild to cope with expired builds, no code changes. stable/main/binary-mipsel/clamav-freshclam_0.84-2.sarge.15_mipsel.deb stable/main/binary-mipsel/clamav_0.84-2.sarge.15_mipsel.deb stable/main/binary-mipsel/libclamav-dev_0.84-2.sarge.15_mipsel.deb stable/main/binary-mipsel/clamav-milter_0.84-2.sarge.15_mipsel.deb stable/main/binary-mipsel/clamav-daemon_0.84-2.sarge.15_mipsel.deb stable/main/binary-mipsel/libclamav1_0.84-2.sarge.15_mipsel.deb clamav (0.84-2.sarge.15) stable-security; urgency=high * Trigger rebuild to cope with expired builds, no code changes. stable/main/binary-mips/libclamav-dev_0.84-2.sarge.15_mips.deb stable/main/binary-mips/clamav-milter_0.84-2.sarge.15_mips.deb stable/main/binary-mips/clamav-daemon_0.84-2.sarge.15_mips.deb stable/main/binary-mips/libclamav1_0.84-2.sarge.15_mips.deb stable/main/binary-mips/clamav_0.84-2.sarge.15_mips.deb stable/main/binary-mips/clamav-freshclam_0.84-2.sarge.15_mips.deb clamav (0.84-2.sarge.15) stable-security; urgency=high * Trigger rebuild to cope with expired builds, no code changes. stable/main/binary-m68k/clamav-freshclam_0.84-2.sarge.15_m68k.deb stable/main/binary-m68k/clamav-milter_0.84-2.sarge.15_m68k.deb stable/main/binary-m68k/libclamav-dev_0.84-2.sarge.15_m68k.deb stable/main/binary-m68k/clamav-daemon_0.84-2.sarge.15_m68k.deb stable/main/binary-m68k/clamav_0.84-2.sarge.15_m68k.deb stable/main/binary-m68k/libclamav1_0.84-2.sarge.15_m68k.deb clamav (0.84-2.sarge.15) stable-security; urgency=high * Trigger rebuild to cope with expired builds, no code changes. stable/main/binary-ia64/libclamav1_0.84-2.sarge.15_ia64.deb stable/main/binary-ia64/clamav_0.84-2.sarge.15_ia64.deb stable/main/binary-ia64/clamav-milter_0.84-2.sarge.15_ia64.deb stable/main/binary-ia64/clamav-daemon_0.84-2.sarge.15_ia64.deb stable/main/binary-ia64/libclamav-dev_0.84-2.sarge.15_ia64.deb stable/main/binary-ia64/clamav-freshclam_0.84-2.sarge.15_ia64.deb clamav (0.84-2.sarge.15) stable-security; urgency=high * Trigger rebuild to cope with expired builds, no code changes. stable/main/binary-hppa/libclamav-dev_0.84-2.sarge.15_hppa.deb stable/main/binary-hppa/clamav-daemon_0.84-2.sarge.15_hppa.deb stable/main/binary-hppa/clamav_0.84-2.sarge.15_hppa.deb stable/main/binary-hppa/libclamav1_0.84-2.sarge.15_hppa.deb stable/main/binary-hppa/clamav-milter_0.84-2.sarge.15_hppa.deb stable/main/binary-hppa/clamav-freshclam_0.84-2.sarge.15_hppa.deb clamav (0.84-2.sarge.15) stable-security; urgency=high * Trigger rebuild to cope with expired builds, no code changes. stable/main/binary-arm/clamav-milter_0.84-2.sarge.15_arm.deb stable/main/binary-arm/clamav-freshclam_0.84-2.sarge.15_arm.deb stable/main/binary-arm/clamav_0.84-2.sarge.15_arm.deb stable/main/binary-arm/clamav-daemon_0.84-2.sarge.15_arm.deb stable/main/binary-arm/libclamav-dev_0.84-2.sarge.15_arm.deb stable/main/binary-arm/libclamav1_0.84-2.sarge.15_arm.deb clamav (0.84-2.sarge.15) stable-security; urgency=high * Trigger rebuild to cope with expired builds, no code changes. stable/main/binary-alpha/clamav_0.84-2.sarge.15_alpha.deb stable/main/binary-alpha/clamav-milter_0.84-2.sarge.15_alpha.deb stable/main/binary-alpha/clamav-daemon_0.84-2.sarge.15_alpha.deb stable/main/binary-alpha/libclamav1_0.84-2.sarge.15_alpha.deb stable/main/binary-alpha/libclamav-dev_0.84-2.sarge.15_alpha.deb stable/main/binary-alpha/clamav-freshclam_0.84-2.sarge.15_alpha.deb clamav (0.84-2.sarge.15) stable-security; urgency=high * Trigger rebuild to cope with expired builds, no code changes. stable/main/source/clamav_0.84-2.sarge.15.dsc stable/main/binary-i386/libclamav-dev_0.84-2.sarge.15_i386.deb stable/main/binary-i386/libclamav1_0.84-2.sarge.15_i386.deb stable/main/binary-all/clamav-docs_0.84-2.sarge.15_all.deb stable/main/binary-i386/clamav-milter_0.84-2.sarge.15_i386.deb stable/main/binary-i386/clamav_0.84-2.sarge.15_i386.deb stable/main/binary-all/clamav-base_0.84-2.sarge.15_all.deb stable/main/binary-all/clamav-testfiles_0.84-2.sarge.15_all.deb stable/main/source/clamav_0.84-2.sarge.15.diff.gz stable/main/binary-i386/clamav-daemon_0.84-2.sarge.15_i386.deb stable/main/binary-i386/clamav-freshclam_0.84-2.sarge.15_i386.deb clamav (0.84-2.sarge.15) stable-security; urgency=high * Trigger rebuild to cope with expired builds, no code changes. stable/main/binary-sparc/base-installer_1.13.4sarge2_sparc.udeb base-installer (1.13.4sarge2) stable; urgency=high * For the kernel ABI change in Sarge 3.1r3 we should also have updated the default values for debian-installer/kernel/image* in rootskel. Because this was missed, incorrect kernels are now being selected on some architectures. Correcting this in rootskel would mean rebuilding D-I, which we'd like to avoid. As an alternative solution we correct the default in base-installer after reading it. Closes: #412909. * Add myself to uploaders. stable/main/binary-s390/base-installer_1.13.4sarge2_s390.udeb base-installer (1.13.4sarge2) stable; urgency=high * For the kernel ABI change in Sarge 3.1r3 we should also have updated the default values for debian-installer/kernel/image* in rootskel. Because this was missed, incorrect kernels are now being selected on some architectures. Correcting this in rootskel would mean rebuilding D-I, which we'd like to avoid. As an alternative solution we correct the default in base-installer after reading it. Closes: #412909. * Add myself to uploaders. stable/main/binary-powerpc/base-installer_1.13.4sarge2_powerpc.udeb base-installer (1.13.4sarge2) stable; urgency=high * For the kernel ABI change in Sarge 3.1r3 we should also have updated the default values for debian-installer/kernel/image* in rootskel. Because this was missed, incorrect kernels are now being selected on some architectures. Correcting this in rootskel would mean rebuilding D-I, which we'd like to avoid. As an alternative solution we correct the default in base-installer after reading it. Closes: #412909. * Add myself to uploaders. stable/main/binary-mipsel/base-installer_1.13.4sarge2_mipsel.udeb base-installer (1.13.4sarge2) stable; urgency=high * For the kernel ABI change in Sarge 3.1r3 we should also have updated the default values for debian-installer/kernel/image* in rootskel. Because this was missed, incorrect kernels are now being selected on some architectures. Correcting this in rootskel would mean rebuilding D-I, which we'd like to avoid. As an alternative solution we correct the default in base-installer after reading it. Closes: #412909. * Add myself to uploaders. stable/main/binary-mips/base-installer_1.13.4sarge2_mips.udeb base-installer (1.13.4sarge2) stable; urgency=high * For the kernel ABI change in Sarge 3.1r3 we should also have updated the default values for debian-installer/kernel/image* in rootskel. Because this was missed, incorrect kernels are now being selected on some architectures. Correcting this in rootskel would mean rebuilding D-I, which we'd like to avoid. As an alternative solution we correct the default in base-installer after reading it. Closes: #412909. * Add myself to uploaders. stable/main/binary-m68k/base-installer_1.13.4sarge2_m68k.udeb base-installer (1.13.4sarge2) stable; urgency=high * For the kernel ABI change in Sarge 3.1r3 we should also have updated the default values for debian-installer/kernel/image* in rootskel. Because this was missed, incorrect kernels are now being selected on some architectures. Correcting this in rootskel would mean rebuilding D-I, which we'd like to avoid. As an alternative solution we correct the default in base-installer after reading it. Closes: #412909. * Add myself to uploaders. stable/main/binary-ia64/base-installer_1.13.4sarge2_ia64.udeb base-installer (1.13.4sarge2) stable; urgency=high * For the kernel ABI change in Sarge 3.1r3 we should also have updated the default values for debian-installer/kernel/image* in rootskel. Because this was missed, incorrect kernels are now being selected on some architectures. Correcting this in rootskel would mean rebuilding D-I, which we'd like to avoid. As an alternative solution we correct the default in base-installer after reading it. Closes: #412909. * Add myself to uploaders. stable/main/binary-hppa/base-installer_1.13.4sarge2_hppa.udeb base-installer (1.13.4sarge2) stable; urgency=high * For the kernel ABI change in Sarge 3.1r3 we should also have updated the default values for debian-installer/kernel/image* in rootskel. Because this was missed, incorrect kernels are now being selected on some architectures. Correcting this in rootskel would mean rebuilding D-I, which we'd like to avoid. As an alternative solution we correct the default in base-installer after reading it. Closes: #412909. * Add myself to uploaders. stable/main/binary-arm/base-installer_1.13.4sarge2_arm.udeb base-installer (1.13.4sarge2) stable; urgency=high * For the kernel ABI change in Sarge 3.1r3 we should also have updated the default values for debian-installer/kernel/image* in rootskel. Because this was missed, incorrect kernels are now being selected on some architectures. Correcting this in rootskel would mean rebuilding D-I, which we'd like to avoid. As an alternative solution we correct the default in base-installer after reading it. Closes: #412909. * Add myself to uploaders. stable/main/binary-alpha/base-installer_1.13.4sarge2_alpha.udeb base-installer (1.13.4sarge2) stable; urgency=high * For the kernel ABI change in Sarge 3.1r3 we should also have updated the default values for debian-installer/kernel/image* in rootskel. Because this was missed, incorrect kernels are now being selected on some architectures. Correcting this in rootskel would mean rebuilding D-I, which we'd like to avoid. As an alternative solution we correct the default in base-installer after reading it. Closes: #412909. * Add myself to uploaders. stable/main/binary-i386/base-installer_1.13.4sarge2_i386.udeb stable/main/source/base-installer_1.13.4sarge2.tar.gz stable/main/source/base-installer_1.13.4sarge2.dsc base-installer (1.13.4sarge2) stable; urgency=high * For the kernel ABI change in Sarge 3.1r3 we should also have updated the default values for debian-installer/kernel/image* in rootskel. Because this was missed, incorrect kernels are now being selected on some architectures. Correcting this in rootskel would mean rebuilding D-I, which we'd like to avoid. As an alternative solution we correct the default in base-installer after reading it. Closes: #412909. * Add myself to uploaders. ========================================= Sat, 17 Feb 2007 - Debian 3.1r5 released ========================================= stable/main/binary-sparc/libxine1_1.0.1-1sarge5_sparc.deb stable/main/binary-sparc/libxine-dev_1.0.1-1sarge5_sparc.deb xine-lib (1.0.1-1sarge5) stable-security; urgency=high * Fix buffer overflow in Real Media handler. (CVE-2006-6172) stable/main/binary-s390/libxine-dev_1.0.1-1sarge5_s390.deb stable/main/binary-s390/libxine1_1.0.1-1sarge5_s390.deb xine-lib (1.0.1-1sarge5) stable-security; urgency=high * Fix buffer overflow in Real Media handler. (CVE-2006-6172) stable/main/binary-powerpc/libxine-dev_1.0.1-1sarge5_powerpc.deb stable/main/binary-powerpc/libxine1_1.0.1-1sarge5_powerpc.deb xine-lib (1.0.1-1sarge5) stable-security; urgency=high * Fix buffer overflow in Real Media handler. (CVE-2006-6172) stable/main/binary-mipsel/libxine1_1.0.1-1sarge5_mipsel.deb stable/main/binary-mipsel/libxine-dev_1.0.1-1sarge5_mipsel.deb xine-lib (1.0.1-1sarge5) stable-security; urgency=high * Fix buffer overflow in Real Media handler. (CVE-2006-6172) stable/main/binary-mips/libxine-dev_1.0.1-1sarge5_mips.deb stable/main/binary-mips/libxine1_1.0.1-1sarge5_mips.deb xine-lib (1.0.1-1sarge5) stable-security; urgency=high * Fix buffer overflow in Real Media handler. (CVE-2006-6172) stable/main/binary-m68k/libxine-dev_1.0.1-1sarge5_m68k.deb stable/main/binary-m68k/libxine1_1.0.1-1sarge5_m68k.deb xine-lib (1.0.1-1sarge5) stable-security; urgency=high * Fix buffer overflow in Real Media handler. (CVE-2006-6172) stable/main/binary-ia64/libxine-dev_1.0.1-1sarge5_ia64.deb stable/main/binary-ia64/libxine1_1.0.1-1sarge5_ia64.deb xine-lib (1.0.1-1sarge5) stable-security; urgency=high * Fix buffer overflow in Real Media handler. (CVE-2006-6172) stable/main/binary-hppa/libxine1_1.0.1-1sarge5_hppa.deb stable/main/binary-hppa/libxine-dev_1.0.1-1sarge5_hppa.deb xine-lib (1.0.1-1sarge5) stable-security; urgency=high * Fix buffer overflow in Real Media handler. (CVE-2006-6172) stable/main/binary-arm/libxine1_1.0.1-1sarge5_arm.deb stable/main/binary-arm/libxine-dev_1.0.1-1sarge5_arm.deb xine-lib (1.0.1-1sarge5) stable-security; urgency=high * Fix buffer overflow in Real Media handler. (CVE-2006-6172) stable/main/binary-alpha/libxine-dev_1.0.1-1sarge5_alpha.deb stable/main/binary-alpha/libxine1_1.0.1-1sarge5_alpha.deb xine-lib (1.0.1-1sarge5) stable-security; urgency=high * Fix buffer overflow in Real Media handler. (CVE-2006-6172) stable/main/binary-i386/libxine1_1.0.1-1sarge5_i386.deb stable/main/source/xine-lib_1.0.1-1sarge5.dsc stable/main/source/xine-lib_1.0.1-1sarge5.diff.gz stable/main/binary-i386/libxine-dev_1.0.1-1sarge5_i386.deb xine-lib (1.0.1-1sarge5) stable-security; urgency=high * Fix buffer overflow in Real Media handler. (CVE-2006-6172) stable/main/binary-sparc/xvfb_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xbase-clients_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxv1_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxp6_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/twm_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxtst-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxaw6_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxaw7-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxext6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxmuu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxmuu1_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libdps-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libdps1_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xdm_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libx11-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxtrap6_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xlibmesa-dri_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxp-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xutils_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/x-window-system-core_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxi-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xserver-xfree86_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xfwp_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxi6_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxp6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xlibosmesa4_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xterm_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xlibosmesa-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxv-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xnest_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libice6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxrandr-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/x-window-system-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libsm6_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xserver-common_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxtst6_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xmh_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxmu-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libsm6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libdps1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xlibmesa3_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xfs_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxpm4_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libsm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/lbxproxy_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libx11-6_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxext6_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxft1_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxaw6-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxt6_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxt-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/proxymngr_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libice6_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxmu6_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxext-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxt6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxi6-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxtrap-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libice-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxv1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxaw7_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxft1-dbg_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxrandr2_4.3.0.dfsg.1-14sarge3_sparc.deb stable/main/binary-sparc/libxpm-dev_4.3.0.dfsg.1-14sarge3_sparc.deb xfree86 (4.3.0.dfsg.1-14sarge3) stable-security; urgency=high * Non-maintainer update by the Security Team: Fixes several vulnerabilities reported by iDefense (CVE-2006-6101, CVE-2006-6102, CVE-2006-6103) stable/main/binary-s390/x-window-system-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxv1-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxv1_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxaw6-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxi6-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxaw6_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libice6_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xfwp_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libx11-6_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxtrap6_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxtrap-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libice-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxrandr2_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxmu-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxmuu1_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxt-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libdps1-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxft1-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxi-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xbase-clients_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xdm_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libdps1_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxi6_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/twm_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libx11-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxaw7-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxmuu-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libsm-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxaw7_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxpm-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libice6-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxv-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxtst-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/x-window-system-core_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xvfb_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxp6-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xlibmesa3_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xserver-common_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/lbxproxy_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xmh_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxft1_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxpm4_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libdps-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxp6_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/proxymngr_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxext-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxt6_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xfs_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxext6-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxrandr-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxext6_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xnest_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxt6-dbg_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxp-dev_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libsm6_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xterm_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/xutils_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxtst6_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libxmu6_4.3.0.dfsg.1-14sarge3_s390.deb stable/main/binary-s390/libsm6-dbg_4.3.0.dfsg.1-14sarge3_s390.deb xfree86 (4.3.0.dfsg.1-14sarge3) stable-security; urgency=high * Non-maintainer update by the Security Team: Fixes several vulnerabilities reported by iDefense (CVE-2006-6101, CVE-2006-6102, CVE-2006-6103) stable/main/binary-powerpc/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libice6-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxext-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libdps1-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libsm6_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxaw6_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxt-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xlibmesa3_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxrandr2_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxaw7_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xfwp_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/twm_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxtst-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xvfb_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xbase-clients_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/lbxproxy_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxv1_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxft1-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxpm4_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxi6-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/x-window-system-core_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xserver-common_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xlibosmesa-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xfs_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xserver-xfree86_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xutils_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libx11-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxtst6_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xterm_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libdps1_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libice6_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xlibosmesa4_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxtrap6_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxt6_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xdm_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxrandr-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxft1_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxp6-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libice-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xnest_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxtrap-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xlibmesa-dri_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxmu6_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxext6-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libsm6-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/x-window-system-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxv1-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libsm-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxmuu1_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxt6-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libdps-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xmh_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxp-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxmu-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxpm-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxi-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxi6_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxv-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxaw7-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libx11-6_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxp6_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxext6_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/proxymngr_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxaw6-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxmuu-dev_4.3.0.dfsg.1-14sarge3_powerpc.deb stable/main/binary-powerpc/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_powerpc.deb xfree86 (4.3.0.dfsg.1-14sarge3) stable-security; urgency=high * Non-maintainer update by the Security Team: Fixes several vulnerabilities reported by iDefense (CVE-2006-6101, CVE-2006-6102, CVE-2006-6103) stable/main/binary-mipsel/xmh_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/x-window-system-core_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxt6_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libdps-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libice6_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxtrap6_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxmu-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxext6_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libice-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxtrap-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxaw7_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xvfb_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxtst-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/x-window-system-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libice6-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxmu6_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libsm6-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxaw6-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xfs_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxv1_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xterm_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/lbxproxy_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxft1-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxaw7-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxi6-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xfwp_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxrandr2_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libsm-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libsm6_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libx11-6_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xserver-xfree86_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libdps1-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libdps1_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxaw6_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxi-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xnest_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxt6-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxrandr-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxi6_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxv1-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxext6-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxmuu1_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xutils_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxv-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxtst6_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libx11-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xbase-clients_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xlibmesa3_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/twm_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxp6_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxpm-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxp6-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xserver-common_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxt-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxext-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxp-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxft1_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxmuu-dev_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/xdm_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/proxymngr_4.3.0.dfsg.1-14sarge3_mipsel.deb stable/main/binary-mipsel/libxpm4_4.3.0.dfsg.1-14sarge3_mipsel.deb xfree86 (4.3.0.dfsg.1-14sarge3) stable-security; urgency=high * Non-maintainer update by the Security Team: Fixes several vulnerabilities reported by iDefense (CVE-2006-6101, CVE-2006-6102, CVE-2006-6103) stable/main/binary-mips/libxaw6_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxv1-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xfwp_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xserver-xfree86_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libsm-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxi6_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxmu-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxi-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xfs_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libdps1_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxrandr-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xutils_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libdps1-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxaw7-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libx11-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxv-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxext6-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxrandr2_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libice-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxp-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxi6-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/x-window-system-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxaw7_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxaw6-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xterm_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libdps-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxv1_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxmuu-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxext6_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xmh_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xlibmesa3_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxtrap-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/lbxproxy_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/proxymngr_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libx11-6_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxft1-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/twm_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxft1_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxt-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xbase-clients_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xvfb_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxext-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libsm6_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libice6-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxmuu1_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxt6-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxmu6_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxt6_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libsm6-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxp6_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxtrap6_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libice6_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxtst6_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxp6-dbg_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxpm-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxpm4_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xserver-common_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/x-window-system-core_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xdm_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/libxtst-dev_4.3.0.dfsg.1-14sarge3_mips.deb stable/main/binary-mips/xnest_4.3.0.dfsg.1-14sarge3_mips.deb xfree86 (4.3.0.dfsg.1-14sarge3) stable-security; urgency=high * Non-maintainer update by the Security Team: Fixes several vulnerabilities reported by iDefense (CVE-2006-6101, CVE-2006-6102, CVE-2006-6103) stable/main/binary-m68k/libsm6-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xvfb_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxmu6_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxtst-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxt-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxaw7-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libice6-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xutils_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxpm-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xlibmesa3_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxp6-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxext-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libsm-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/x-window-system-core_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xdm_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxi6-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxv1-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libx11-6_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxpm4_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/x-window-system-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxrandr2_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libice6_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libdps1-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xserver-xfree86_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxft1-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xmh_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxext6-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxext6_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libx11-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxmuu1_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxv-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxaw6-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xfwp_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libice-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxp6_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxtrap-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxv1_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxt6-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xserver-common_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxtst6_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxtrap6_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/twm_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xbase-clients_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxaw7_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxmuu-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/proxymngr_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xterm_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libsm6_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/lbxproxy_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libdps-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxft1_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxi-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libdps1_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xnest_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xfs_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxaw6_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxrandr-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxt6_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxmu-dev_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxi6_4.3.0.dfsg.1-14sarge3_m68k.deb stable/main/binary-m68k/libxp-dev_4.3.0.dfsg.1-14sarge3_m68k.deb xfree86 (4.3.0.dfsg.1-14sarge3) stable-security; urgency=high * Non-maintainer update by the Security Team: Fixes several vulnerabilities reported by iDefense (CVE-2006-6101, CVE-2006-6102, CVE-2006-6103) stable/main/binary-ia64/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xutils_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xserver-xfree86_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libdps1_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libx11-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxi6-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libx11-6_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxt6_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxmu6_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxaw7_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libsm-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxp6-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libsm6_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xlibosmesa4_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxaw6-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxt-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xfs_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxv1-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxtrap6_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xmh_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libice6_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxrandr-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xlibosmesa-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxrandr2_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxi-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxmu-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxmuu1_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libdps-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/proxymngr_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libdps1-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/x-window-system-core_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxtrap-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libice-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxft1-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxext6_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/twm_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxp-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xnest_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxmuu-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xdm_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxpm-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxaw7-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxv-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxi6_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libice6-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xbase-clients_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxtst-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxext6-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xvfb_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xlibmesa-dri_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/lbxproxy_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xlibmesa3_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xserver-common_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxaw6_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xfwp_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxt6-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxtst6_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxft1_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxpm4_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/xterm_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxext-dev_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libsm6-dbg_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxv1_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/libxp6_4.3.0.dfsg.1-14sarge3_ia64.deb stable/main/binary-ia64/x-window-system-dev_4.3.0.dfsg.1-14sarge3_ia64.deb xfree86 (4.3.0.dfsg.1-14sarge3) stable-security; urgency=high * Non-maintainer update by the Security Team: Fixes several vulnerabilities reported by iDefense (CVE-2006-6101, CVE-2006-6102, CVE-2006-6103) stable/main/binary-hppa/xfs_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xserver-xfree86_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xvfb_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxext6-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/lbxproxy_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxmuu1_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxt6_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxi6-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/x-window-system-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxaw6-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxtst-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxft1-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libice6-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libdps1_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxp6_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xterm_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxp6-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxt-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxv-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libsm6_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xdm_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxtrap6_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libice6_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxrandr-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xnest_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxrandr2_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xfwp_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxp-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxaw6_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libsm-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxmuu-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xlibmesa3_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxmu6_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxmu-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxext6_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxtst6_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxt6-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxi6_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xmh_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xserver-common_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxv1_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xutils_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxv1-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libx11-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxft1_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxi-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/x-window-system-core_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libx11-6_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/proxymngr_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libsm6-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxaw7-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxext-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libdps1-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxpm-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxtrap-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libice-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xbase-clients_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxpm4_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libdps-dev_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/twm_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/libxaw7_4.3.0.dfsg.1-14sarge3_hppa.deb stable/main/binary-hppa/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_hppa.deb xfree86 (4.3.0.dfsg.1-14sarge3) stable-security; urgency=high * Non-maintainer update by the Security Team: Fixes several vulnerabilities reported by iDefense (CVE-2006-6101, CVE-2006-6102, CVE-2006-6103) stable/main/binary-arm/libxaw6-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxp6_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xserver-xfree86_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libsm-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/x-window-system-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xfs_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libdps1_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libx11-6_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxext6_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xdm_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xnest_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxrandr-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxv-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxi-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxt6-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxp6-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libdps1-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xfwp_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxaw6_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xterm_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/lbxproxy_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxrandr2_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxp-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxtst6_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxft1_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxpm4_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxv1_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/twm_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xbase-clients_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/proxymngr_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libdps-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxmuu-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxaw7-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxmu-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libsm6_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxt-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libsm6-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxi6-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxi6_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxtrap6_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libice6_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxt6_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxaw7_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxmu6_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libx11-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xutils_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxext-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xvfb_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xmh_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libice6-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxtst-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/x-window-system-core_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxext6-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xlibmesa3_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxv1-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xserver-common_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxtrap-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libice-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxpm-dev_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxmuu1_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_arm.deb stable/main/binary-arm/libxft1-dbg_4.3.0.dfsg.1-14sarge3_arm.deb xfree86 (4.3.0.dfsg.1-14sarge3) stable-security; urgency=high * Non-maintainer update by the Security Team: Fixes several vulnerabilities reported by iDefense (CVE-2006-6101, CVE-2006-6102, CVE-2006-6103) stable/main/binary-alpha/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxft1-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xserver-common_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xbase-clients_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxmuu-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxi6_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libdps1_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/twm_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxt-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xterm_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxpm4_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxaw6-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxi-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xlibosmesa4_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxv-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxft1_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxt6-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xmh_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xserver-xfree86_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxv1_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/proxymngr_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxt6_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxp6-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libice6_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libdps1-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/lbxproxy_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libsm-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxext6-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxtrap6_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxmuu1_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxaw7_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxpm-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libdps-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxi6-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxtst6_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/x-window-system-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxp-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxtst-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xvfb_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxmu-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xlibmesa3_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xlibmesa-dri_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xutils_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libice6-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libx11-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxmu6_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxaw6_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xfwp_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xlibosmesa-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxext6_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libsm6-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxext-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxp6_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/x-window-system-core_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libx11-6_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xfs_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xnest_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxv1-dbg_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxrandr-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxtrap-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/xdm_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libsm6_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxrandr2_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libice-dev_4.3.0.dfsg.1-14sarge3_alpha.deb stable/main/binary-alpha/libxaw7-dev_4.3.0.dfsg.1-14sarge3_alpha.deb xfree86 (4.3.0.dfsg.1-14sarge3) stable-security; urgency=high * Non-maintainer update by the Security Team: Fixes several vulnerabilities reported by iDefense (CVE-2006-6101, CVE-2006-6102, CVE-2006-6103) stable/main/binary-i386/libx11-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libdps-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xutils_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxrandr2-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/lbxproxy_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxtst-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xlibmesa-glu_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/xserver-xfree86_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xvfb_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxt6_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xfonts-100dpi_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/libxmu6-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libdps1_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/x-window-system_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-all/xfonts-scalable_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/libxmu-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxp6_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libx11-6_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libx11-6-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/source/xfree86_4.3.0.dfsg.1-14sarge3.dsc stable/main/binary-i386/libxaw6-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxmuu-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxv-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xspecs_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/libxtst6_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xfonts-base_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/libxft1-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xdm_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/proxymngr_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxp-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xfree86-common_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/libxmuu1-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libice-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xserver-common_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxtrap-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/x-dev_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/libice6-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/libxaw7-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxtrap6-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxtrap6_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxaw7-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xlibs_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/xmh_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xlibs-data_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/libxt-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xlibmesa-gl_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxaw6-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/xbase-clients_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/x-window-system-core_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/twm_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxrandr2_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxtst6-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxext6_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xlibosmesa-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxv1_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxext6-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxi6-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxmuu1_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxv1-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxp6-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xlibmesa-dev_4.3.0.dfsg.1-14sarge3_all.deb stable/main/source/xfree86_4.3.0.dfsg.1-14sarge3.diff.gz stable/main/binary-i386/libxpm-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxaw7_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxt6-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxi6_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxrandr-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xlibs-static-pic_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xlibs-static-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libsm6_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libdps1-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxi-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xterm_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libsm6-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xlibmesa3_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxmu6_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xlibs-dev_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/libxpm4-dbg_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xlibs-pic_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/xlibosmesa4_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xfonts-cyrillic_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/x-window-system-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xnest_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-all/xfonts-75dpi_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/xfs_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libice6_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxft1_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxext-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxpm4_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libsm-dev_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-all/xlibs-dbg_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-all/pm-dev_4.3.0.dfsg.1-14sarge3_all.deb stable/main/binary-i386/xfwp_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/xlibmesa-dri_4.3.0.dfsg.1-14sarge3_i386.deb stable/main/binary-i386/libxaw6_4.3.0.dfsg.1-14sarge3_i386.deb xfree86 (4.3.0.dfsg.1-14sarge3) stable-security; urgency=high * Non-maintainer update by the Security Team: Fixes several vulnerabilities reported by iDefense (CVE-2006-6101, CVE-2006-6102, CVE-2006-6103) stable/main/binary-all/webmin-core_1.180-3sarge1_all.deb stable/main/binary-all/webmin_1.180-3sarge1_all.deb stable/main/source/webmin_1.180-3sarge1.dsc stable/main/source/webmin_1.180-3sarge1.diff.gz webmin (1.180-3sarge1) stable-security; urgency=high * Non-maintainer upload by the security team. * CVE-2005-3912 Fix syslog format string vulnerability in miniserv.pl (Closes: #341394) This string vulnerability could be used to gain access to the account running miniserv.pl by creating a specialy crafted username. * CVE-2006-3392 Fix input sanitization bug that could be exploited to allow an attacker to read arbitrary files. * CVE-2006-4542 Fix cross-site scripting vulnerability caused by the failure to properly cope with null characters in a URL. stable/main/binary-sparc/gvlc_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/vlc-plugin-esd_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/vlc-qt_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/vlc-gnome_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/vlc-sdl_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/vlc-plugin-sdl_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/libvlc0-dev_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/vlc-alsa_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/gnome-vlc_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/vlc_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/kvlc_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/vlc-gtk_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/vlc-esd_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/vlc-plugin-alsa_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/vlc-plugin-arts_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/wxvlc_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/vlc-ggi_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/qvlc_0.8.1.svn20050314-1sarge2_sparc.deb stable/main/binary-sparc/vlc-plugin-ggi_0.8.1.svn20050314-1sarge2_sparc.deb vlc (0.8.1.svn20050314-1sarge2) stable-security; urgency=high * modules/access/cdda/access.c modules/access/vcdx/access.c: + Fix format string vulnerabilities (CVE-2007-0017) (Closes: #405425). * debian/control: + Build-conflict against libsmbclient-dev to avoid accidentally depending on Samba libraries (Closes: #358026). stable/main/binary-s390/vlc-plugin-sdl_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/vlc-plugin-ggi_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/wxvlc_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/kvlc_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/vlc-esd_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/vlc-sdl_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/vlc-ggi_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/vlc-plugin-esd_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/vlc-gnome_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/gvlc_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/vlc-gtk_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/vlc-plugin-alsa_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/vlc-plugin-arts_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/vlc_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/libvlc0-dev_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/gnome-vlc_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/vlc-qt_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/qvlc_0.8.1.svn20050314-1sarge2_s390.deb stable/main/binary-s390/vlc-alsa_0.8.1.svn20050314-1sarge2_s390.deb vlc (0.8.1.svn20050314-1sarge2) stable-security; urgency=high * modules/access/cdda/access.c modules/access/vcdx/access.c: + Fix format string vulnerabilities (CVE-2007-0017) (Closes: #405425). * debian/control: + Build-conflict against libsmbclient-dev to avoid accidentally depending on Samba libraries (Closes: #358026). stable/main/binary-powerpc/vlc-plugin-ggi_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/vlc-plugin-alsa_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/vlc-ggi_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/wxvlc_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/vlc-sdl_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/vlc-alsa_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/qvlc_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/vlc-gnome_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/gvlc_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/vlc-esd_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/gnome-vlc_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/vlc-plugin-sdl_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/libvlc0-dev_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/vlc-plugin-arts_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/vlc-gtk_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/vlc_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/vlc-plugin-esd_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/kvlc_0.8.1.svn20050314-1sarge2_powerpc.deb stable/main/binary-powerpc/vlc-qt_0.8.1.svn20050314-1sarge2_powerpc.deb vlc (0.8.1.svn20050314-1sarge2) stable-security; urgency=high * modules/access/cdda/access.c modules/access/vcdx/access.c: + Fix format string vulnerabilities (CVE-2007-0017) (Closes: #405425). * debian/control: + Build-conflict against libsmbclient-dev to avoid accidentally depending on Samba libraries (Closes: #358026). stable/main/binary-mipsel/vlc-gtk_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/vlc-plugin-sdl_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/vlc-sdl_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/vlc-plugin-esd_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/qvlc_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/vlc-alsa_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/vlc-plugin-alsa_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/vlc-plugin-ggi_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/gnome-vlc_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/vlc-gnome_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/vlc_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/libvlc0-dev_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/gvlc_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/wxvlc_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/kvlc_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/vlc-plugin-arts_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/vlc-ggi_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/vlc-qt_0.8.1.svn20050314-1sarge2_mipsel.deb stable/main/binary-mipsel/vlc-esd_0.8.1.svn20050314-1sarge2_mipsel.deb vlc (0.8.1.svn20050314-1sarge2) stable-security; urgency=high * modules/access/cdda/access.c modules/access/vcdx/access.c: + Fix format string vulnerabilities (CVE-2007-0017) (Closes: #405425). * debian/control: + Build-conflict against libsmbclient-dev to avoid accidentally depending on Samba libraries (Closes: #358026). stable/main/binary-mips/gnome-vlc_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/libvlc0-dev_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/vlc-gnome_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/kvlc_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/vlc-plugin-esd_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/vlc-gtk_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/gvlc_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/vlc_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/vlc-plugin-alsa_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/vlc-alsa_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/wxvlc_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/vlc-plugin-ggi_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/vlc-qt_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/qvlc_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/vlc-ggi_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/vlc-plugin-sdl_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/vlc-sdl_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/vlc-plugin-arts_0.8.1.svn20050314-1sarge2_mips.deb stable/main/binary-mips/vlc-esd_0.8.1.svn20050314-1sarge2_mips.deb vlc (0.8.1.svn20050314-1sarge2) stable-security; urgency=high * modules/access/cdda/access.c modules/access/vcdx/access.c: + Fix format string vulnerabilities (CVE-2007-0017) (Closes: #405425). * debian/control: + Build-conflict against libsmbclient-dev to avoid accidentally depending on Samba libraries (Closes: #358026). stable/main/binary-m68k/vlc-plugin-esd_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/libvlc0-dev_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/vlc-esd_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/vlc-gtk_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/vlc-qt_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/kvlc_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/vlc-gnome_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/vlc-plugin-sdl_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/qvlc_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/gnome-vlc_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/vlc-sdl_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/vlc-plugin-arts_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/vlc-ggi_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/vlc-plugin-ggi_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/wxvlc_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/vlc-plugin-alsa_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/vlc-alsa_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/vlc_0.8.1.svn20050314-1sarge2_m68k.deb stable/main/binary-m68k/gvlc_0.8.1.svn20050314-1sarge2_m68k.deb vlc (0.8.1.svn20050314-1sarge2) stable-security; urgency=high * modules/access/cdda/access.c modules/access/vcdx/access.c: + Fix format string vulnerabilities (CVE-2007-0017) (Closes: #405425). * debian/control: + Build-conflict against libsmbclient-dev to avoid accidentally depending on Samba libraries (Closes: #358026). stable/main/binary-ia64/kvlc_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/vlc-plugin-alsa_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/vlc-plugin-ggi_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/libvlc0-dev_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/vlc-sdl_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/wxvlc_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/vlc-gtk_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/vlc-ggi_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/vlc-plugin-esd_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/gvlc_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/vlc-plugin-sdl_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/vlc-qt_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/qvlc_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/vlc-alsa_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/vlc-esd_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/vlc-gnome_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/vlc-plugin-arts_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/vlc_0.8.1.svn20050314-1sarge2_ia64.deb stable/main/binary-ia64/gnome-vlc_0.8.1.svn20050314-1sarge2_ia64.deb vlc (0.8.1.svn20050314-1sarge2) stable-security; urgency=high * modules/access/cdda/access.c modules/access/vcdx/access.c: + Fix format string vulnerabilities (CVE-2007-0017) (Closes: #405425). * debian/control: + Build-conflict against libsmbclient-dev to avoid accidentally depending on Samba libraries (Closes: #358026). stable/main/binary-hppa/vlc-plugin-ggi_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/vlc-qt_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/vlc-alsa_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/vlc-plugin-esd_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/kvlc_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/qvlc_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/vlc-plugin-alsa_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/libvlc0-dev_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/vlc-sdl_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/gvlc_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/vlc-plugin-sdl_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/gnome-vlc_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/vlc-ggi_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/vlc-gnome_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/wxvlc_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/vlc_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/vlc-esd_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/vlc-gtk_0.8.1.svn20050314-1sarge2_hppa.deb stable/main/binary-hppa/vlc-plugin-arts_0.8.1.svn20050314-1sarge2_hppa.deb vlc (0.8.1.svn20050314-1sarge2) stable-security; urgency=high * modules/access/cdda/access.c modules/access/vcdx/access.c: + Fix format string vulnerabilities (CVE-2007-0017) (Closes: #405425). * debian/control: + Build-conflict against libsmbclient-dev to avoid accidentally depending on Samba libraries (Closes: #358026). stable/main/binary-arm/vlc-qt_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/vlc-ggi_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/gnome-vlc_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/vlc-plugin-esd_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/vlc-esd_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/vlc_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/vlc-plugin-sdl_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/vlc-plugin-arts_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/libvlc0-dev_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/vlc-alsa_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/kvlc_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/vlc-gtk_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/vlc-gnome_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/wxvlc_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/vlc-sdl_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/gvlc_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/qvlc_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/vlc-plugin-alsa_0.8.1.svn20050314-1sarge2_arm.deb stable/main/binary-arm/vlc-plugin-ggi_0.8.1.svn20050314-1sarge2_arm.deb vlc (0.8.1.svn20050314-1sarge2) stable-security; urgency=high * modules/access/cdda/access.c modules/access/vcdx/access.c: + Fix format string vulnerabilities (CVE-2007-0017) (Closes: #405425). * debian/control: + Build-conflict against libsmbclient-dev to avoid accidentally depending on Samba libraries (Closes: #358026). stable/main/binary-alpha/gnome-vlc_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/vlc-plugin-esd_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/wxvlc_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/vlc-esd_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/vlc-plugin-ggi_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/vlc-qt_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/vlc-ggi_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/gvlc_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/vlc-alsa_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/vlc_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/vlc-plugin-alsa_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/libvlc0-dev_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/vlc-gtk_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/kvlc_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/vlc-plugin-arts_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/qvlc_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/vlc-gnome_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/vlc-sdl_0.8.1.svn20050314-1sarge2_alpha.deb stable/main/binary-alpha/vlc-plugin-sdl_0.8.1.svn20050314-1sarge2_alpha.deb vlc (0.8.1.svn20050314-1sarge2) stable-security; urgency=high * modules/access/cdda/access.c modules/access/vcdx/access.c: + Fix format string vulnerabilities (CVE-2007-0017) (Closes: #405425). * debian/control: + Build-conflict against libsmbclient-dev to avoid accidentally depending on Samba libraries (Closes: #358026). stable/main/binary-i386/vlc-plugin-glide_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/vlc-plugin-arts_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/vlc_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/gvlc_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/vlc-plugin-ggi_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/vlc-qt_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/vlc-glide_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/vlc-esd_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/wxvlc_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/kvlc_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/libvlc0-dev_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/vlc-gnome_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/vlc-plugin-sdl_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/mozilla-plugin-vlc_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/vlc-plugin-esd_0.8.1.svn20050314-1sarge2_i386.deb stable/main/source/vlc_0.8.1.svn20050314-1sarge2.diff.gz stable/main/binary-i386/vlc-alsa_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/gnome-vlc_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/vlc-ggi_0.8.1.svn20050314-1sarge2_i386.deb stable/main/source/vlc_0.8.1.svn20050314-1sarge2.dsc stable/main/binary-i386/qvlc_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/vlc-sdl_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/vlc-gtk_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/vlc-plugin-svgalib_0.8.1.svn20050314-1sarge2_i386.deb stable/main/binary-i386/vlc-plugin-alsa_0.8.1.svn20050314-1sarge2_i386.deb vlc (0.8.1.svn20050314-1sarge2) stable-security; urgency=high * modules/access/cdda/access.c modules/access/vcdx/access.c: + Fix format string vulnerabilities (CVE-2007-0017) (Closes: #405425). * debian/control: + Build-conflict against libsmbclient-dev to avoid accidentally depending on Samba libraries (Closes: #358026). stable/main/source/trac_0.8.1-3sarge7.dsc stable/main/source/trac_0.8.1-3sarge7.diff.gz stable/main/binary-all/trac_0.8.1-3sarge7_all.deb trac (0.8.1-3sarge7) stable-security; urgency=high * debian/patches/13_CSRF.patch: add a missing hook to fix a regression. Thanks to Simone Piccardi for the patch. Closes: #398317. stable/main/binary-sparc/thttpd-util_2.23beta1-3sarge2_sparc.deb stable/main/binary-sparc/thttpd_2.23beta1-3sarge2_sparc.deb thttpd (2.23beta1-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix the insecure use of temporary files when invoked by logrotate. [CVE-2006-4248] stable/main/binary-s390/thttpd_2.23beta1-3sarge2_s390.deb stable/main/binary-s390/thttpd-util_2.23beta1-3sarge2_s390.deb thttpd (2.23beta1-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix the insecure use of temporary files when invoked by logrotate. [CVE-2006-4248] stable/main/binary-powerpc/thttpd_2.23beta1-3sarge2_powerpc.deb stable/main/binary-powerpc/thttpd-util_2.23beta1-3sarge2_powerpc.deb thttpd (2.23beta1-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix the insecure use of temporary files when invoked by logrotate. [CVE-2006-4248] stable/main/binary-mipsel/thttpd_2.23beta1-3sarge2_mipsel.deb stable/main/binary-mipsel/thttpd-util_2.23beta1-3sarge2_mipsel.deb thttpd (2.23beta1-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix the insecure use of temporary files when invoked by logrotate. [CVE-2006-4248] stable/main/binary-mips/thttpd-util_2.23beta1-3sarge2_mips.deb stable/main/binary-mips/thttpd_2.23beta1-3sarge2_mips.deb thttpd (2.23beta1-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix the insecure use of temporary files when invoked by logrotate. [CVE-2006-4248] stable/main/binary-m68k/thttpd_2.23beta1-3sarge2_m68k.deb stable/main/binary-m68k/thttpd-util_2.23beta1-3sarge2_m68k.deb thttpd (2.23beta1-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix the insecure use of temporary files when invoked by logrotate. [CVE-2006-4248] stable/main/binary-ia64/thttpd_2.23beta1-3sarge2_ia64.deb stable/main/binary-ia64/thttpd-util_2.23beta1-3sarge2_ia64.deb thttpd (2.23beta1-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix the insecure use of temporary files when invoked by logrotate. [CVE-2006-4248] stable/main/binary-hppa/thttpd-util_2.23beta1-3sarge2_hppa.deb stable/main/binary-hppa/thttpd_2.23beta1-3sarge2_hppa.deb thttpd (2.23beta1-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix the insecure use of temporary files when invoked by logrotate. [CVE-2006-4248] stable/main/binary-arm/thttpd_2.23beta1-3sarge2_arm.deb stable/main/binary-arm/thttpd-util_2.23beta1-3sarge2_arm.deb thttpd (2.23beta1-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix the insecure use of temporary files when invoked by logrotate. [CVE-2006-4248] stable/main/binary-alpha/thttpd_2.23beta1-3sarge2_alpha.deb stable/main/binary-alpha/thttpd-util_2.23beta1-3sarge2_alpha.deb thttpd (2.23beta1-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix the insecure use of temporary files when invoked by logrotate. [CVE-2006-4248] stable/main/binary-i386/thttpd-util_2.23beta1-3sarge2_i386.deb stable/main/binary-i386/thttpd_2.23beta1-3sarge2_i386.deb stable/main/source/thttpd_2.23beta1-3sarge2.dsc stable/main/source/thttpd_2.23beta1-3sarge2.diff.gz thttpd (2.23beta1-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix the insecure use of temporary files when invoked by logrotate. [CVE-2006-4248] stable/main/binary-sparc/info_4.7-2.2sarge2_sparc.deb stable/main/binary-sparc/texinfo_4.7-2.2sarge2_sparc.deb texinfo (4.7-2.2sarge2) stable-security; urgency=high * Non-maintainer upload by the Security team. * Incorporate Ubuntu's patch for CAN-2005-3011 (insecure temporary file handling.) stable/main/binary-s390/info_4.7-2.2sarge2_s390.deb stable/main/binary-s390/texinfo_4.7-2.2sarge2_s390.deb texinfo (4.7-2.2sarge2) stable-security; urgency=high * Non-maintainer upload by the Security team. * Incorporate Ubuntu's patch for CAN-2005-3011 (insecure temporary file handling.) stable/main/binary-powerpc/texinfo_4.7-2.2sarge2_powerpc.deb stable/main/binary-powerpc/info_4.7-2.2sarge2_powerpc.deb texinfo (4.7-2.2sarge2) stable-security; urgency=high * Non-maintainer upload by the Security team. * Incorporate Ubuntu's patch for CAN-2005-3011 (insecure temporary file handling.) stable/main/binary-mipsel/info_4.7-2.2sarge2_mipsel.deb stable/main/binary-mipsel/texinfo_4.7-2.2sarge2_mipsel.deb texinfo (4.7-2.2sarge2) stable-security; urgency=high * Non-maintainer upload by the Security team. * Incorporate Ubuntu's patch for CAN-2005-3011 (insecure temporary file handling.) stable/main/binary-mips/info_4.7-2.2sarge2_mips.deb stable/main/binary-mips/texinfo_4.7-2.2sarge2_mips.deb texinfo (4.7-2.2sarge2) stable-security; urgency=high * Non-maintainer upload by the Security team. * Incorporate Ubuntu's patch for CAN-2005-3011 (insecure temporary file handling.) stable/main/binary-m68k/info_4.7-2.2sarge2_m68k.deb stable/main/binary-m68k/texinfo_4.7-2.2sarge2_m68k.deb texinfo (4.7-2.2sarge2) stable-security; urgency=high * Non-maintainer upload by the Security team. * Incorporate Ubuntu's patch for CAN-2005-3011 (insecure temporary file handling.) stable/main/binary-ia64/texinfo_4.7-2.2sarge2_ia64.deb stable/main/binary-ia64/info_4.7-2.2sarge2_ia64.deb texinfo (4.7-2.2sarge2) stable-security; urgency=high * Non-maintainer upload by the Security team. * Incorporate Ubuntu's patch for CAN-2005-3011 (insecure temporary file handling.) stable/main/binary-hppa/texinfo_4.7-2.2sarge2_hppa.deb stable/main/binary-hppa/info_4.7-2.2sarge2_hppa.deb texinfo (4.7-2.2sarge2) stable-security; urgency=high * Non-maintainer upload by the Security team. * Incorporate Ubuntu's patch for CAN-2005-3011 (insecure temporary file handling.) stable/main/binary-arm/info_4.7-2.2sarge2_arm.deb stable/main/binary-arm/texinfo_4.7-2.2sarge2_arm.deb texinfo (4.7-2.2sarge2) stable-security; urgency=high * Non-maintainer upload by the Security team. * Incorporate Ubuntu's patch for CAN-2005-3011 (insecure temporary file handling.) stable/main/binary-alpha/info_4.7-2.2sarge2_alpha.deb stable/main/binary-alpha/texinfo_4.7-2.2sarge2_alpha.deb texinfo (4.7-2.2sarge2) stable-security; urgency=high * Non-maintainer upload by the Security team. * Incorporate Ubuntu's patch for CAN-2005-3011 (insecure temporary file handling.) stable/main/binary-i386/texinfo_4.7-2.2sarge2_i386.deb stable/main/source/texinfo_4.7-2.2sarge2.dsc stable/main/binary-i386/info_4.7-2.2sarge2_i386.deb stable/main/source/texinfo_4.7-2.2sarge2.diff.gz texinfo (4.7-2.2sarge2) stable-security; urgency=high * Non-maintainer upload by the Security team. * Incorporate Ubuntu's patch for CAN-2005-3011 (insecure temporary file handling.) stable/main/binary-sparc/tar_1.14-2.3_sparc.deb tar (1.14-2.3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix arbitrary file overwrite vulnerability in the handling of GNUTYPE_NAMES records in tar files. CVE-2006-6097 stable/main/binary-s390/tar_1.14-2.3_s390.deb tar (1.14-2.3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix arbitrary file overwrite vulnerability in the handling of GNUTYPE_NAMES records in tar files. CVE-2006-6097 stable/main/binary-powerpc/tar_1.14-2.3_powerpc.deb tar (1.14-2.3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix arbitrary file overwrite vulnerability in the handling of GNUTYPE_NAMES records in tar files. CVE-2006-6097 stable/main/binary-mipsel/tar_1.14-2.3_mipsel.deb tar (1.14-2.3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix arbitrary file overwrite vulnerability in the handling of GNUTYPE_NAMES records in tar files. CVE-2006-6097 stable/main/binary-mips/tar_1.14-2.3_mips.deb tar (1.14-2.3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix arbitrary file overwrite vulnerability in the handling of GNUTYPE_NAMES records in tar files. CVE-2006-6097 stable/main/binary-m68k/tar_1.14-2.3_m68k.deb tar (1.14-2.3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix arbitrary file overwrite vulnerability in the handling of GNUTYPE_NAMES records in tar files. CVE-2006-6097 stable/main/binary-ia64/tar_1.14-2.3_ia64.deb tar (1.14-2.3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix arbitrary file overwrite vulnerability in the handling of GNUTYPE_NAMES records in tar files. CVE-2006-6097 stable/main/binary-hppa/tar_1.14-2.3_hppa.deb tar (1.14-2.3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix arbitrary file overwrite vulnerability in the handling of GNUTYPE_NAMES records in tar files. CVE-2006-6097 stable/main/binary-arm/tar_1.14-2.3_arm.deb tar (1.14-2.3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix arbitrary file overwrite vulnerability in the handling of GNUTYPE_NAMES records in tar files. CVE-2006-6097 stable/main/binary-alpha/tar_1.14-2.3_alpha.deb tar (1.14-2.3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix arbitrary file overwrite vulnerability in the handling of GNUTYPE_NAMES records in tar files. CVE-2006-6097 stable/main/source/tar_1.14-2.3.diff.gz stable/main/binary-i386/tar_1.14-2.3_i386.deb stable/main/source/tar_1.14-2.3.dsc tar (1.14-2.3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix arbitrary file overwrite vulnerability in the handling of GNUTYPE_NAMES records in tar files. CVE-2006-6097 stable/main/binary-all/systemimager-server-flamethrowerd_3.2.3-6sarge4_all.deb stable/main/binary-all/systemimager-doc_3.2.3-6sarge4_all.deb stable/main/source/systemimager_3.2.3-6sarge4.dsc stable/main/binary-all/systemimager-common_3.2.3-6sarge4_all.deb stable/main/source/systemimager_3.2.3-6sarge4.tar.gz stable/main/binary-all/systemimager-boot-i386-standard_3.2.3-6sarge4_all.deb stable/main/binary-all/systemimager-client_3.2.3-6sarge4_all.deb stable/main/binary-all/systemimager-server_3.2.3-6sarge4_all.deb stable/main/binary-all/systemimager-boot-ia64-standard_3.2.3-6sarge4_all.deb systemimager (3.2.3-6sarge4) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-all/squirrelmail_1.4.4-10_all.deb stable/main/source/squirrelmail_1.4.4-10.dsc stable/main/source/squirrelmail_1.4.4-10.diff.gz squirrelmail (2:1.4.4-10) stable-security; urgency=high * Fix cross site scripting in malicious input the mailto parameter of webmail.php, the session and delete_draft parameters of compose.php, and via a shortcoming in the magicHTML filter. [CVE-2006-6142] * Work around dangerous Internet Explorer MIME type guessing. http://www.squirrelmail.org/security/issue/2006-12-03 * Patches from upstream. stable/main/source/sql-ledger_2.4.7-2sarge1.dsc stable/main/source/sql-ledger_2.4.7-2sarge1.diff.gz stable/main/binary-all/sql-ledger_2.4.7-2sarge1_all.deb sql-ledger (2.4.7-2sarge1) stable-security; urgency=high * Security upload. * Fix bad handling of sessionid: CVE-2006-4244 Closes: #386519 (backported from 2.6.18) * Fix directory traversal security issues (backported from 2.6.19) * Fix a remote execution vulnerability too (backported from 2.6.21). stable/main/binary-sparc/screen_4.0.2-4.1sarge1_sparc.deb screen (4.0.2-4.1sarge1) stable-security; urgency=high * Fix out-of-bands write when processing character codes in UTF-8 sequences. (CVE-2006-4573) stable/main/binary-s390/screen_4.0.2-4.1sarge1_s390.deb screen (4.0.2-4.1sarge1) stable-security; urgency=high * Fix out-of-bands write when processing character codes in UTF-8 sequences. (CVE-2006-4573) stable/main/binary-powerpc/screen_4.0.2-4.1sarge1_powerpc.deb screen (4.0.2-4.1sarge1) stable-security; urgency=high * Fix out-of-bands write when processing character codes in UTF-8 sequences. (CVE-2006-4573) stable/main/binary-mipsel/screen_4.0.2-4.1sarge1_mipsel.deb screen (4.0.2-4.1sarge1) stable-security; urgency=high * Fix out-of-bands write when processing character codes in UTF-8 sequences. (CVE-2006-4573) stable/main/binary-mips/screen_4.0.2-4.1sarge1_mips.deb screen (4.0.2-4.1sarge1) stable-security; urgency=high * Fix out-of-bands write when processing character codes in UTF-8 sequences. (CVE-2006-4573) stable/main/binary-m68k/screen_4.0.2-4.1sarge1_m68k.deb screen (4.0.2-4.1sarge1) stable-security; urgency=high * Fix out-of-bands write when processing character codes in UTF-8 sequences. (CVE-2006-4573) stable/main/binary-ia64/screen_4.0.2-4.1sarge1_ia64.deb screen (4.0.2-4.1sarge1) stable-security; urgency=high * Fix out-of-bands write when processing character codes in UTF-8 sequences. (CVE-2006-4573) stable/main/binary-hppa/screen_4.0.2-4.1sarge1_hppa.deb screen (4.0.2-4.1sarge1) stable-security; urgency=high * Fix out-of-bands write when processing character codes in UTF-8 sequences. (CVE-2006-4573) stable/main/binary-arm/screen_4.0.2-4.1sarge1_arm.deb screen (4.0.2-4.1sarge1) stable-security; urgency=high * Fix out-of-bands write when processing character codes in UTF-8 sequences. (CVE-2006-4573) stable/main/binary-alpha/screen_4.0.2-4.1sarge1_alpha.deb screen (4.0.2-4.1sarge1) stable-security; urgency=high * Fix out-of-bands write when processing character codes in UTF-8 sequences. (CVE-2006-4573) stable/main/source/screen_4.0.2-4.1sarge1.diff.gz stable/main/source/screen_4.0.2-4.1sarge1.dsc stable/main/binary-i386/screen_4.0.2-4.1sarge1_i386.deb screen (4.0.2-4.1sarge1) stable-security; urgency=high * Fix out-of-bands write when processing character codes in UTF-8 sequences. (CVE-2006-4573) stable/main/binary-sparc/python2.3-samba_3.0.14a-3sarge4_sparc.deb stable/main/binary-sparc/libsmbclient-dev_3.0.14a-3sarge4_sparc.deb stable/main/binary-sparc/samba-dbg_3.0.14a-3sarge4_sparc.deb stable/main/binary-sparc/smbclient_3.0.14a-3sarge4_sparc.deb stable/main/binary-sparc/libpam-smbpass_3.0.14a-3sarge4_sparc.deb stable/main/binary-sparc/libsmbclient_3.0.14a-3sarge4_sparc.deb stable/main/binary-sparc/samba_3.0.14a-3sarge4_sparc.deb stable/main/binary-sparc/smbfs_3.0.14a-3sarge4_sparc.deb stable/main/binary-sparc/winbind_3.0.14a-3sarge4_sparc.deb stable/main/binary-sparc/swat_3.0.14a-3sarge4_sparc.deb stable/main/binary-sparc/samba-common_3.0.14a-3sarge4_sparc.deb samba (3.0.14a-3sarge4) stable-security; urgency=high * Update endless-loop DoS fix to cover another attack vector. stable/main/binary-s390/libsmbclient_3.0.14a-3sarge4_s390.deb stable/main/binary-s390/samba_3.0.14a-3sarge4_s390.deb stable/main/binary-s390/python2.3-samba_3.0.14a-3sarge4_s390.deb stable/main/binary-s390/smbfs_3.0.14a-3sarge4_s390.deb stable/main/binary-s390/swat_3.0.14a-3sarge4_s390.deb stable/main/binary-s390/samba-common_3.0.14a-3sarge4_s390.deb stable/main/binary-s390/libsmbclient-dev_3.0.14a-3sarge4_s390.deb stable/main/binary-s390/libpam-smbpass_3.0.14a-3sarge4_s390.deb stable/main/binary-s390/smbclient_3.0.14a-3sarge4_s390.deb stable/main/binary-s390/winbind_3.0.14a-3sarge4_s390.deb stable/main/binary-s390/samba-dbg_3.0.14a-3sarge4_s390.deb samba (3.0.14a-3sarge4) stable-security; urgency=high * Update endless-loop DoS fix to cover another attack vector. stable/main/binary-powerpc/samba-dbg_3.0.14a-3sarge4_powerpc.deb stable/main/binary-powerpc/swat_3.0.14a-3sarge4_powerpc.deb stable/main/binary-powerpc/smbclient_3.0.14a-3sarge4_powerpc.deb stable/main/binary-powerpc/samba-common_3.0.14a-3sarge4_powerpc.deb stable/main/binary-powerpc/python2.3-samba_3.0.14a-3sarge4_powerpc.deb stable/main/binary-powerpc/smbfs_3.0.14a-3sarge4_powerpc.deb stable/main/binary-powerpc/winbind_3.0.14a-3sarge4_powerpc.deb stable/main/binary-powerpc/libsmbclient-dev_3.0.14a-3sarge4_powerpc.deb stable/main/binary-powerpc/libpam-smbpass_3.0.14a-3sarge4_powerpc.deb stable/main/binary-powerpc/libsmbclient_3.0.14a-3sarge4_powerpc.deb stable/main/binary-powerpc/samba_3.0.14a-3sarge4_powerpc.deb samba (3.0.14a-3sarge4) stable-security; urgency=high * Update endless-loop DoS fix to cover another attack vector. stable/main/binary-mipsel/libsmbclient-dev_3.0.14a-3sarge4_mipsel.deb stable/main/binary-mipsel/smbclient_3.0.14a-3sarge4_mipsel.deb stable/main/binary-mipsel/samba_3.0.14a-3sarge4_mipsel.deb stable/main/binary-mipsel/samba-common_3.0.14a-3sarge4_mipsel.deb stable/main/binary-mipsel/winbind_3.0.14a-3sarge4_mipsel.deb stable/main/binary-mipsel/libpam-smbpass_3.0.14a-3sarge4_mipsel.deb stable/main/binary-mipsel/samba-dbg_3.0.14a-3sarge4_mipsel.deb stable/main/binary-mipsel/smbfs_3.0.14a-3sarge4_mipsel.deb stable/main/binary-mipsel/python2.3-samba_3.0.14a-3sarge4_mipsel.deb stable/main/binary-mipsel/libsmbclient_3.0.14a-3sarge4_mipsel.deb stable/main/binary-mipsel/swat_3.0.14a-3sarge4_mipsel.deb samba (3.0.14a-3sarge4) stable-security; urgency=high * Update endless-loop DoS fix to cover another attack vector. stable/main/binary-mips/libpam-smbpass_3.0.14a-3sarge4_mips.deb stable/main/binary-mips/winbind_3.0.14a-3sarge4_mips.deb stable/main/binary-mips/libsmbclient_3.0.14a-3sarge4_mips.deb stable/main/binary-mips/python2.3-samba_3.0.14a-3sarge4_mips.deb stable/main/binary-mips/smbfs_3.0.14a-3sarge4_mips.deb stable/main/binary-mips/swat_3.0.14a-3sarge4_mips.deb stable/main/binary-mips/samba-dbg_3.0.14a-3sarge4_mips.deb stable/main/binary-mips/libsmbclient-dev_3.0.14a-3sarge4_mips.deb stable/main/binary-mips/samba_3.0.14a-3sarge4_mips.deb stable/main/binary-mips/samba-common_3.0.14a-3sarge4_mips.deb stable/main/binary-mips/smbclient_3.0.14a-3sarge4_mips.deb samba (3.0.14a-3sarge4) stable-security; urgency=high * Update endless-loop DoS fix to cover another attack vector. stable/main/binary-m68k/libpam-smbpass_3.0.14a-3sarge4_m68k.deb stable/main/binary-m68k/samba-dbg_3.0.14a-3sarge4_m68k.deb stable/main/binary-m68k/winbind_3.0.14a-3sarge4_m68k.deb stable/main/binary-m68k/smbfs_3.0.14a-3sarge4_m68k.deb stable/main/binary-m68k/python2.3-samba_3.0.14a-3sarge4_m68k.deb stable/main/binary-m68k/samba_3.0.14a-3sarge4_m68k.deb stable/main/binary-m68k/swat_3.0.14a-3sarge4_m68k.deb stable/main/binary-m68k/smbclient_3.0.14a-3sarge4_m68k.deb stable/main/binary-m68k/libsmbclient_3.0.14a-3sarge4_m68k.deb stable/main/binary-m68k/libsmbclient-dev_3.0.14a-3sarge4_m68k.deb stable/main/binary-m68k/samba-common_3.0.14a-3sarge4_m68k.deb samba (3.0.14a-3sarge4) stable-security; urgency=high * Update endless-loop DoS fix to cover another attack vector. stable/main/binary-ia64/python2.3-samba_3.0.14a-3sarge4_ia64.deb stable/main/binary-ia64/libsmbclient_3.0.14a-3sarge4_ia64.deb stable/main/binary-ia64/swat_3.0.14a-3sarge4_ia64.deb stable/main/binary-ia64/smbfs_3.0.14a-3sarge4_ia64.deb stable/main/binary-ia64/samba_3.0.14a-3sarge4_ia64.deb stable/main/binary-ia64/samba-common_3.0.14a-3sarge4_ia64.deb stable/main/binary-ia64/libpam-smbpass_3.0.14a-3sarge4_ia64.deb stable/main/binary-ia64/samba-dbg_3.0.14a-3sarge4_ia64.deb stable/main/binary-ia64/libsmbclient-dev_3.0.14a-3sarge4_ia64.deb stable/main/binary-ia64/winbind_3.0.14a-3sarge4_ia64.deb stable/main/binary-ia64/smbclient_3.0.14a-3sarge4_ia64.deb samba (3.0.14a-3sarge4) stable-security; urgency=high * Update endless-loop DoS fix to cover another attack vector. stable/main/binary-hppa/samba-common_3.0.14a-3sarge4_hppa.deb stable/main/binary-hppa/python2.3-samba_3.0.14a-3sarge4_hppa.deb stable/main/binary-hppa/libpam-smbpass_3.0.14a-3sarge4_hppa.deb stable/main/binary-hppa/samba_3.0.14a-3sarge4_hppa.deb stable/main/binary-hppa/swat_3.0.14a-3sarge4_hppa.deb stable/main/binary-hppa/smbfs_3.0.14a-3sarge4_hppa.deb stable/main/binary-hppa/samba-dbg_3.0.14a-3sarge4_hppa.deb stable/main/binary-hppa/libsmbclient_3.0.14a-3sarge4_hppa.deb stable/main/binary-hppa/smbclient_3.0.14a-3sarge4_hppa.deb stable/main/binary-hppa/winbind_3.0.14a-3sarge4_hppa.deb stable/main/binary-hppa/libsmbclient-dev_3.0.14a-3sarge4_hppa.deb samba (3.0.14a-3sarge4) stable-security; urgency=high * Update endless-loop DoS fix to cover another attack vector. stable/main/binary-arm/swat_3.0.14a-3sarge4_arm.deb stable/main/binary-arm/smbclient_3.0.14a-3sarge4_arm.deb stable/main/binary-arm/python2.3-samba_3.0.14a-3sarge4_arm.deb stable/main/binary-arm/libsmbclient_3.0.14a-3sarge4_arm.deb stable/main/binary-arm/libpam-smbpass_3.0.14a-3sarge4_arm.deb stable/main/binary-arm/libsmbclient-dev_3.0.14a-3sarge4_arm.deb stable/main/binary-arm/winbind_3.0.14a-3sarge4_arm.deb stable/main/binary-arm/smbfs_3.0.14a-3sarge4_arm.deb stable/main/binary-arm/samba-dbg_3.0.14a-3sarge4_arm.deb stable/main/binary-arm/samba-common_3.0.14a-3sarge4_arm.deb stable/main/binary-arm/samba_3.0.14a-3sarge4_arm.deb samba (3.0.14a-3sarge4) stable-security; urgency=high * Update endless-loop DoS fix to cover another attack vector. stable/main/binary-alpha/samba_3.0.14a-3sarge4_alpha.deb stable/main/binary-alpha/libpam-smbpass_3.0.14a-3sarge4_alpha.deb stable/main/binary-alpha/libsmbclient_3.0.14a-3sarge4_alpha.deb stable/main/binary-alpha/python2.3-samba_3.0.14a-3sarge4_alpha.deb stable/main/binary-alpha/smbfs_3.0.14a-3sarge4_alpha.deb stable/main/binary-alpha/winbind_3.0.14a-3sarge4_alpha.deb stable/main/binary-alpha/smbclient_3.0.14a-3sarge4_alpha.deb stable/main/binary-alpha/samba-common_3.0.14a-3sarge4_alpha.deb stable/main/binary-alpha/libsmbclient-dev_3.0.14a-3sarge4_alpha.deb stable/main/binary-alpha/samba-dbg_3.0.14a-3sarge4_alpha.deb stable/main/binary-alpha/swat_3.0.14a-3sarge4_alpha.deb samba (3.0.14a-3sarge4) stable-security; urgency=high * Update endless-loop DoS fix to cover another attack vector. stable/main/binary-i386/smbclient_3.0.14a-3sarge4_i386.deb stable/main/binary-i386/samba-common_3.0.14a-3sarge4_i386.deb stable/main/source/samba_3.0.14a-3sarge4.dsc stable/main/binary-i386/samba-dbg_3.0.14a-3sarge4_i386.deb stable/main/binary-i386/smbfs_3.0.14a-3sarge4_i386.deb stable/main/binary-i386/libpam-smbpass_3.0.14a-3sarge4_i386.deb stable/main/binary-i386/winbind_3.0.14a-3sarge4_i386.deb stable/main/binary-i386/libsmbclient_3.0.14a-3sarge4_i386.deb stable/main/binary-i386/libsmbclient-dev_3.0.14a-3sarge4_i386.deb stable/main/binary-i386/samba_3.0.14a-3sarge4_i386.deb stable/main/binary-i386/swat_3.0.14a-3sarge4_i386.deb stable/main/binary-i386/python2.3-samba_3.0.14a-3sarge4_i386.deb stable/main/source/samba_3.0.14a-3sarge4.diff.gz stable/main/binary-all/samba-doc_3.0.14a-3sarge4_all.deb samba (3.0.14a-3sarge4) stable-security; urgency=high * Update endless-loop DoS fix to cover another attack vector. stable/main/binary-sparc/libdbm-ruby1.8_1.8.2-7sarge5_sparc.deb stable/main/binary-sparc/libgdbm-ruby1.8_1.8.2-7sarge5_sparc.deb stable/main/binary-sparc/libopenssl-ruby1.8_1.8.2-7sarge5_sparc.deb stable/main/binary-sparc/libruby1.8-dbg_1.8.2-7sarge5_sparc.deb stable/main/binary-sparc/libruby1.8_1.8.2-7sarge5_sparc.deb stable/main/binary-sparc/libtcltk-ruby1.8_1.8.2-7sarge5_sparc.deb stable/main/binary-sparc/libreadline-ruby1.8_1.8.2-7sarge5_sparc.deb stable/main/binary-sparc/ruby1.8-dev_1.8.2-7sarge5_sparc.deb stable/main/binary-sparc/ruby1.8_1.8.2-7sarge5_sparc.deb ruby1.8 (1.8.2-7sarge5) stable-security; urgency=high * Non-matainer upload by the Security Team. * Fix a denial of service attack in CGI handling (CVE-2006-6303). - Added 905_CVE-2006-6303.patch stable/main/binary-s390/ruby1.8-dev_1.8.2-7sarge5_s390.deb stable/main/binary-s390/libopenssl-ruby1.8_1.8.2-7sarge5_s390.deb stable/main/binary-s390/libgdbm-ruby1.8_1.8.2-7sarge5_s390.deb stable/main/binary-s390/libruby1.8_1.8.2-7sarge5_s390.deb stable/main/binary-s390/libtcltk-ruby1.8_1.8.2-7sarge5_s390.deb stable/main/binary-s390/ruby1.8_1.8.2-7sarge5_s390.deb stable/main/binary-s390/libruby1.8-dbg_1.8.2-7sarge5_s390.deb stable/main/binary-s390/libreadline-ruby1.8_1.8.2-7sarge5_s390.deb stable/main/binary-s390/libdbm-ruby1.8_1.8.2-7sarge5_s390.deb ruby1.8 (1.8.2-7sarge5) stable-security; urgency=high * Non-matainer upload by the Security Team. * Fix a denial of service attack in CGI handling (CVE-2006-6303). - Added 905_CVE-2006-6303.patch stable/main/binary-powerpc/ruby1.8_1.8.2-7sarge5_powerpc.deb stable/main/binary-powerpc/libruby1.8-dbg_1.8.2-7sarge5_powerpc.deb stable/main/binary-powerpc/libruby1.8_1.8.2-7sarge5_powerpc.deb stable/main/binary-powerpc/libgdbm-ruby1.8_1.8.2-7sarge5_powerpc.deb stable/main/binary-powerpc/libtcltk-ruby1.8_1.8.2-7sarge5_powerpc.deb stable/main/binary-powerpc/libdbm-ruby1.8_1.8.2-7sarge5_powerpc.deb stable/main/binary-powerpc/libreadline-ruby1.8_1.8.2-7sarge5_powerpc.deb stable/main/binary-powerpc/libopenssl-ruby1.8_1.8.2-7sarge5_powerpc.deb stable/main/binary-powerpc/ruby1.8-dev_1.8.2-7sarge5_powerpc.deb ruby1.8 (1.8.2-7sarge5) stable-security; urgency=high * Non-matainer upload by the Security Team. * Fix a denial of service attack in CGI handling (CVE-2006-6303). - Added 905_CVE-2006-6303.patch stable/main/binary-mipsel/libtcltk-ruby1.8_1.8.2-7sarge5_mipsel.deb stable/main/binary-mipsel/libgdbm-ruby1.8_1.8.2-7sarge5_mipsel.deb stable/main/binary-mipsel/libdbm-ruby1.8_1.8.2-7sarge5_mipsel.deb stable/main/binary-mipsel/ruby1.8_1.8.2-7sarge5_mipsel.deb stable/main/binary-mipsel/libruby1.8_1.8.2-7sarge5_mipsel.deb stable/main/binary-mipsel/libopenssl-ruby1.8_1.8.2-7sarge5_mipsel.deb stable/main/binary-mipsel/ruby1.8-dev_1.8.2-7sarge5_mipsel.deb stable/main/binary-mipsel/libruby1.8-dbg_1.8.2-7sarge5_mipsel.deb stable/main/binary-mipsel/libreadline-ruby1.8_1.8.2-7sarge5_mipsel.deb ruby1.8 (1.8.2-7sarge5) stable-security; urgency=high * Non-matainer upload by the Security Team. * Fix a denial of service attack in CGI handling (CVE-2006-6303). - Added 905_CVE-2006-6303.patch stable/main/binary-mips/libopenssl-ruby1.8_1.8.2-7sarge5_mips.deb stable/main/binary-mips/ruby1.8_1.8.2-7sarge5_mips.deb stable/main/binary-mips/ruby1.8-dev_1.8.2-7sarge5_mips.deb stable/main/binary-mips/libruby1.8-dbg_1.8.2-7sarge5_mips.deb stable/main/binary-mips/libreadline-ruby1.8_1.8.2-7sarge5_mips.deb stable/main/binary-mips/libdbm-ruby1.8_1.8.2-7sarge5_mips.deb stable/main/binary-mips/libgdbm-ruby1.8_1.8.2-7sarge5_mips.deb stable/main/binary-mips/libtcltk-ruby1.8_1.8.2-7sarge5_mips.deb stable/main/binary-mips/libruby1.8_1.8.2-7sarge5_mips.deb ruby1.8 (1.8.2-7sarge5) stable-security; urgency=high * Non-matainer upload by the Security Team. * Fix a denial of service attack in CGI handling (CVE-2006-6303). - Added 905_CVE-2006-6303.patch stable/main/binary-m68k/libopenssl-ruby1.8_1.8.2-7sarge5_m68k.deb stable/main/binary-m68k/libruby1.8-dbg_1.8.2-7sarge5_m68k.deb stable/main/binary-m68k/libgdbm-ruby1.8_1.8.2-7sarge5_m68k.deb stable/main/binary-m68k/ruby1.8-dev_1.8.2-7sarge5_m68k.deb stable/main/binary-m68k/libruby1.8_1.8.2-7sarge5_m68k.deb stable/main/binary-m68k/libreadline-ruby1.8_1.8.2-7sarge5_m68k.deb stable/main/binary-m68k/libdbm-ruby1.8_1.8.2-7sarge5_m68k.deb stable/main/binary-m68k/libtcltk-ruby1.8_1.8.2-7sarge5_m68k.deb stable/main/binary-m68k/ruby1.8_1.8.2-7sarge5_m68k.deb ruby1.8 (1.8.2-7sarge5) stable-security; urgency=high * Non-matainer upload by the Security Team. * Fix a denial of service attack in CGI handling (CVE-2006-6303). - Added 905_CVE-2006-6303.patch stable/main/binary-ia64/ruby1.8_1.8.2-7sarge5_ia64.deb stable/main/binary-ia64/libruby1.8-dbg_1.8.2-7sarge5_ia64.deb stable/main/binary-ia64/ruby1.8-dev_1.8.2-7sarge5_ia64.deb stable/main/binary-ia64/libopenssl-ruby1.8_1.8.2-7sarge5_ia64.deb stable/main/binary-ia64/libreadline-ruby1.8_1.8.2-7sarge5_ia64.deb stable/main/binary-ia64/libtcltk-ruby1.8_1.8.2-7sarge5_ia64.deb stable/main/binary-ia64/libruby1.8_1.8.2-7sarge5_ia64.deb stable/main/binary-ia64/libgdbm-ruby1.8_1.8.2-7sarge5_ia64.deb stable/main/binary-ia64/libdbm-ruby1.8_1.8.2-7sarge5_ia64.deb ruby1.8 (1.8.2-7sarge5) stable-security; urgency=high * Non-matainer upload by the Security Team. * Fix a denial of service attack in CGI handling (CVE-2006-6303). - Added 905_CVE-2006-6303.patch stable/main/binary-hppa/libtcltk-ruby1.8_1.8.2-7sarge5_hppa.deb stable/main/binary-hppa/libruby1.8-dbg_1.8.2-7sarge5_hppa.deb stable/main/binary-hppa/libgdbm-ruby1.8_1.8.2-7sarge5_hppa.deb stable/main/binary-hppa/ruby1.8-dev_1.8.2-7sarge5_hppa.deb stable/main/binary-hppa/ruby1.8_1.8.2-7sarge5_hppa.deb stable/main/binary-hppa/libdbm-ruby1.8_1.8.2-7sarge5_hppa.deb stable/main/binary-hppa/libruby1.8_1.8.2-7sarge5_hppa.deb stable/main/binary-hppa/libopenssl-ruby1.8_1.8.2-7sarge5_hppa.deb stable/main/binary-hppa/libreadline-ruby1.8_1.8.2-7sarge5_hppa.deb ruby1.8 (1.8.2-7sarge5) stable-security; urgency=high * Non-matainer upload by the Security Team. * Fix a denial of service attack in CGI handling (CVE-2006-6303). - Added 905_CVE-2006-6303.patch stable/main/binary-arm/ruby1.8-dev_1.8.2-7sarge5_arm.deb stable/main/binary-arm/libruby1.8-dbg_1.8.2-7sarge5_arm.deb stable/main/binary-arm/libopenssl-ruby1.8_1.8.2-7sarge5_arm.deb stable/main/binary-arm/libgdbm-ruby1.8_1.8.2-7sarge5_arm.deb stable/main/binary-arm/libreadline-ruby1.8_1.8.2-7sarge5_arm.deb stable/main/binary-arm/libruby1.8_1.8.2-7sarge5_arm.deb stable/main/binary-arm/libdbm-ruby1.8_1.8.2-7sarge5_arm.deb stable/main/binary-arm/libtcltk-ruby1.8_1.8.2-7sarge5_arm.deb stable/main/binary-arm/ruby1.8_1.8.2-7sarge5_arm.deb ruby1.8 (1.8.2-7sarge5) stable-security; urgency=high * Non-matainer upload by the Security Team. * Fix a denial of service attack in CGI handling (CVE-2006-6303). - Added 905_CVE-2006-6303.patch stable/main/binary-alpha/ruby1.8-dev_1.8.2-7sarge5_alpha.deb stable/main/binary-alpha/libopenssl-ruby1.8_1.8.2-7sarge5_alpha.deb stable/main/binary-alpha/libreadline-ruby1.8_1.8.2-7sarge5_alpha.deb stable/main/binary-alpha/libruby1.8_1.8.2-7sarge5_alpha.deb stable/main/binary-alpha/libgdbm-ruby1.8_1.8.2-7sarge5_alpha.deb stable/main/binary-alpha/libtcltk-ruby1.8_1.8.2-7sarge5_alpha.deb stable/main/binary-alpha/ruby1.8_1.8.2-7sarge5_alpha.deb stable/main/binary-alpha/libdbm-ruby1.8_1.8.2-7sarge5_alpha.deb stable/main/binary-alpha/libruby1.8-dbg_1.8.2-7sarge5_alpha.deb ruby1.8 (1.8.2-7sarge5) stable-security; urgency=high * Non-matainer upload by the Security Team. * Fix a denial of service attack in CGI handling (CVE-2006-6303). - Added 905_CVE-2006-6303.patch stable/main/binary-i386/libdbm-ruby1.8_1.8.2-7sarge5_i386.deb stable/main/binary-i386/libtcltk-ruby1.8_1.8.2-7sarge5_i386.deb stable/main/binary-all/ri1.8_1.8.2-7sarge5_all.deb stable/main/binary-all/irb1.8_1.8.2-7sarge5_all.deb stable/main/binary-i386/libruby1.8_1.8.2-7sarge5_i386.deb stable/main/binary-all/rdoc1.8_1.8.2-7sarge5_all.deb stable/main/source/ruby1.8_1.8.2-7sarge5.dsc stable/main/binary-i386/libreadline-ruby1.8_1.8.2-7sarge5_i386.deb stable/main/binary-all/ruby1.8-elisp_1.8.2-7sarge5_all.deb stable/main/binary-i386/libruby1.8-dbg_1.8.2-7sarge5_i386.deb stable/main/binary-i386/ruby1.8-dev_1.8.2-7sarge5_i386.deb stable/main/binary-i386/ruby1.8_1.8.2-7sarge5_i386.deb stable/main/binary-all/ruby1.8-examples_1.8.2-7sarge5_all.deb stable/main/binary-i386/libgdbm-ruby1.8_1.8.2-7sarge5_i386.deb stable/main/binary-i386/libopenssl-ruby1.8_1.8.2-7sarge5_i386.deb stable/main/source/ruby1.8_1.8.2-7sarge5.diff.gz ruby1.8 (1.8.2-7sarge5) stable-security; urgency=high * Non-matainer upload by the Security Team. * Fix a denial of service attack in CGI handling (CVE-2006-6303). - Added 905_CVE-2006-6303.patch stable/main/binary-sparc/libdbm-ruby1.6_1.6.8-12sarge3_sparc.deb stable/main/binary-sparc/libruby1.6_1.6.8-12sarge3_sparc.deb stable/main/binary-sparc/libtcltk-ruby1.6_1.6.8-12sarge3_sparc.deb stable/main/binary-sparc/ruby1.6_1.6.8-12sarge3_sparc.deb stable/main/binary-sparc/libcurses-ruby1.6_1.6.8-12sarge3_sparc.deb stable/main/binary-sparc/libsyslog-ruby1.6_1.6.8-12sarge3_sparc.deb stable/main/binary-sparc/libruby1.6-dbg_1.6.8-12sarge3_sparc.deb stable/main/binary-sparc/ruby1.6-dev_1.6.8-12sarge3_sparc.deb stable/main/binary-sparc/libtk-ruby1.6_1.6.8-12sarge3_sparc.deb stable/main/binary-sparc/libgdbm-ruby1.6_1.6.8-12sarge3_sparc.deb stable/main/binary-sparc/libreadline-ruby1.6_1.6.8-12sarge3_sparc.deb stable/main/binary-sparc/libpty-ruby1.6_1.6.8-12sarge3_sparc.deb stable/main/binary-sparc/libsdbm-ruby1.6_1.6.8-12sarge3_sparc.deb ruby1.6 (1.6.8-12sarge3) stable-security; urgency=high * akira yamada - added debian/patches/817_CVE-2006-5467.patch: - invalid multipart data can make cgi.rb infinite loop and CPU consumption. (CVE-2006-5467) - added debian/patches/818_cgi.rb_quote_boundary.patch: - invalid multipart boundary can make cgi.rb infinite loop and CPU consumption. (JVN#84798830) stable/main/binary-s390/libtk-ruby1.6_1.6.8-12sarge3_s390.deb stable/main/binary-s390/libreadline-ruby1.6_1.6.8-12sarge3_s390.deb stable/main/binary-s390/libgdbm-ruby1.6_1.6.8-12sarge3_s390.deb stable/main/binary-s390/libruby1.6_1.6.8-12sarge3_s390.deb stable/main/binary-s390/libsyslog-ruby1.6_1.6.8-12sarge3_s390.deb stable/main/binary-s390/libdbm-ruby1.6_1.6.8-12sarge3_s390.deb stable/main/binary-s390/libsdbm-ruby1.6_1.6.8-12sarge3_s390.deb stable/main/binary-s390/ruby1.6-dev_1.6.8-12sarge3_s390.deb stable/main/binary-s390/libpty-ruby1.6_1.6.8-12sarge3_s390.deb stable/main/binary-s390/libtcltk-ruby1.6_1.6.8-12sarge3_s390.deb stable/main/binary-s390/libruby1.6-dbg_1.6.8-12sarge3_s390.deb stable/main/binary-s390/ruby1.6_1.6.8-12sarge3_s390.deb stable/main/binary-s390/libcurses-ruby1.6_1.6.8-12sarge3_s390.deb ruby1.6 (1.6.8-12sarge3) stable-security; urgency=high * akira yamada - added debian/patches/817_CVE-2006-5467.patch: - invalid multipart data can make cgi.rb infinite loop and CPU consumption. (CVE-2006-5467) - added debian/patches/818_cgi.rb_quote_boundary.patch: - invalid multipart boundary can make cgi.rb infinite loop and CPU consumption. (JVN#84798830) stable/main/binary-powerpc/ruby1.6_1.6.8-12sarge3_powerpc.deb stable/main/binary-powerpc/libreadline-ruby1.6_1.6.8-12sarge3_powerpc.deb stable/main/binary-powerpc/libpty-ruby1.6_1.6.8-12sarge3_powerpc.deb stable/main/binary-powerpc/libruby1.6-dbg_1.6.8-12sarge3_powerpc.deb stable/main/binary-powerpc/libsyslog-ruby1.6_1.6.8-12sarge3_powerpc.deb stable/main/binary-powerpc/libruby1.6_1.6.8-12sarge3_powerpc.deb stable/main/binary-powerpc/libtcltk-ruby1.6_1.6.8-12sarge3_powerpc.deb stable/main/binary-powerpc/libsdbm-ruby1.6_1.6.8-12sarge3_powerpc.deb stable/main/binary-powerpc/libtk-ruby1.6_1.6.8-12sarge3_powerpc.deb stable/main/binary-powerpc/libgdbm-ruby1.6_1.6.8-12sarge3_powerpc.deb stable/main/binary-powerpc/ruby1.6-dev_1.6.8-12sarge3_powerpc.deb stable/main/binary-powerpc/libcurses-ruby1.6_1.6.8-12sarge3_powerpc.deb stable/main/binary-powerpc/libdbm-ruby1.6_1.6.8-12sarge3_powerpc.deb ruby1.6 (1.6.8-12sarge3) stable-security; urgency=high * akira yamada - added debian/patches/817_CVE-2006-5467.patch: - invalid multipart data can make cgi.rb infinite loop and CPU consumption. (CVE-2006-5467) - added debian/patches/818_cgi.rb_quote_boundary.patch: - invalid multipart boundary can make cgi.rb infinite loop and CPU consumption. (JVN#84798830) stable/main/binary-mipsel/libtk-ruby1.6_1.6.8-12sarge3_mipsel.deb stable/main/binary-mipsel/libruby1.6-dbg_1.6.8-12sarge3_mipsel.deb stable/main/binary-mipsel/libgdbm-ruby1.6_1.6.8-12sarge3_mipsel.deb stable/main/binary-mipsel/libtcltk-ruby1.6_1.6.8-12sarge3_mipsel.deb stable/main/binary-mipsel/libsyslog-ruby1.6_1.6.8-12sarge3_mipsel.deb stable/main/binary-mipsel/ruby1.6_1.6.8-12sarge3_mipsel.deb stable/main/binary-mipsel/libsdbm-ruby1.6_1.6.8-12sarge3_mipsel.deb stable/main/binary-mipsel/libdbm-ruby1.6_1.6.8-12sarge3_mipsel.deb stable/main/binary-mipsel/libpty-ruby1.6_1.6.8-12sarge3_mipsel.deb stable/main/binary-mipsel/ruby1.6-dev_1.6.8-12sarge3_mipsel.deb stable/main/binary-mipsel/libreadline-ruby1.6_1.6.8-12sarge3_mipsel.deb stable/main/binary-mipsel/libcurses-ruby1.6_1.6.8-12sarge3_mipsel.deb stable/main/binary-mipsel/libruby1.6_1.6.8-12sarge3_mipsel.deb ruby1.6 (1.6.8-12sarge3) stable-security; urgency=high * akira yamada - added debian/patches/817_CVE-2006-5467.patch: - invalid multipart data can make cgi.rb infinite loop and CPU consumption. (CVE-2006-5467) - added debian/patches/818_cgi.rb_quote_boundary.patch: - invalid multipart boundary can make cgi.rb infinite loop and CPU consumption. (JVN#84798830) stable/main/binary-mips/libruby1.6_1.6.8-12sarge3_mips.deb stable/main/binary-mips/libtk-ruby1.6_1.6.8-12sarge3_mips.deb stable/main/binary-mips/libtcltk-ruby1.6_1.6.8-12sarge3_mips.deb stable/main/binary-mips/ruby1.6-dev_1.6.8-12sarge3_mips.deb stable/main/binary-mips/libsyslog-ruby1.6_1.6.8-12sarge3_mips.deb stable/main/binary-mips/libgdbm-ruby1.6_1.6.8-12sarge3_mips.deb stable/main/binary-mips/libruby1.6-dbg_1.6.8-12sarge3_mips.deb stable/main/binary-mips/libpty-ruby1.6_1.6.8-12sarge3_mips.deb stable/main/binary-mips/libdbm-ruby1.6_1.6.8-12sarge3_mips.deb stable/main/binary-mips/ruby1.6_1.6.8-12sarge3_mips.deb stable/main/binary-mips/libreadline-ruby1.6_1.6.8-12sarge3_mips.deb stable/main/binary-mips/libsdbm-ruby1.6_1.6.8-12sarge3_mips.deb stable/main/binary-mips/libcurses-ruby1.6_1.6.8-12sarge3_mips.deb ruby1.6 (1.6.8-12sarge3) stable-security; urgency=high * akira yamada - added debian/patches/817_CVE-2006-5467.patch: - invalid multipart data can make cgi.rb infinite loop and CPU consumption. (CVE-2006-5467) - added debian/patches/818_cgi.rb_quote_boundary.patch: - invalid multipart boundary can make cgi.rb infinite loop and CPU consumption. (JVN#84798830) stable/main/binary-m68k/libgdbm-ruby1.6_1.6.8-12sarge3_m68k.deb stable/main/binary-m68k/libsyslog-ruby1.6_1.6.8-12sarge3_m68k.deb stable/main/binary-m68k/libruby1.6_1.6.8-12sarge3_m68k.deb stable/main/binary-m68k/libtcltk-ruby1.6_1.6.8-12sarge3_m68k.deb stable/main/binary-m68k/libpty-ruby1.6_1.6.8-12sarge3_m68k.deb stable/main/binary-m68k/ruby1.6-dev_1.6.8-12sarge3_m68k.deb stable/main/binary-m68k/libtk-ruby1.6_1.6.8-12sarge3_m68k.deb stable/main/binary-m68k/libruby1.6-dbg_1.6.8-12sarge3_m68k.deb stable/main/binary-m68k/libdbm-ruby1.6_1.6.8-12sarge3_m68k.deb stable/main/binary-m68k/libcurses-ruby1.6_1.6.8-12sarge3_m68k.deb stable/main/binary-m68k/libreadline-ruby1.6_1.6.8-12sarge3_m68k.deb stable/main/binary-m68k/ruby1.6_1.6.8-12sarge3_m68k.deb stable/main/binary-m68k/libsdbm-ruby1.6_1.6.8-12sarge3_m68k.deb ruby1.6 (1.6.8-12sarge3) stable-security; urgency=high * akira yamada - added debian/patches/817_CVE-2006-5467.patch: - invalid multipart data can make cgi.rb infinite loop and CPU consumption. (CVE-2006-5467) - added debian/patches/818_cgi.rb_quote_boundary.patch: - invalid multipart boundary can make cgi.rb infinite loop and CPU consumption. (JVN#84798830) stable/main/binary-ia64/libsyslog-ruby1.6_1.6.8-12sarge3_ia64.deb stable/main/binary-ia64/libtcltk-ruby1.6_1.6.8-12sarge3_ia64.deb stable/main/binary-ia64/libruby1.6-dbg_1.6.8-12sarge3_ia64.deb stable/main/binary-ia64/libgdbm-ruby1.6_1.6.8-12sarge3_ia64.deb stable/main/binary-ia64/libdbm-ruby1.6_1.6.8-12sarge3_ia64.deb stable/main/binary-ia64/libpty-ruby1.6_1.6.8-12sarge3_ia64.deb stable/main/binary-ia64/libtk-ruby1.6_1.6.8-12sarge3_ia64.deb stable/main/binary-ia64/ruby1.6-dev_1.6.8-12sarge3_ia64.deb stable/main/binary-ia64/libcurses-ruby1.6_1.6.8-12sarge3_ia64.deb stable/main/binary-ia64/libsdbm-ruby1.6_1.6.8-12sarge3_ia64.deb stable/main/binary-ia64/libreadline-ruby1.6_1.6.8-12sarge3_ia64.deb stable/main/binary-ia64/libruby1.6_1.6.8-12sarge3_ia64.deb stable/main/binary-ia64/ruby1.6_1.6.8-12sarge3_ia64.deb ruby1.6 (1.6.8-12sarge3) stable-security; urgency=high * akira yamada - added debian/patches/817_CVE-2006-5467.patch: - invalid multipart data can make cgi.rb infinite loop and CPU consumption. (CVE-2006-5467) - added debian/patches/818_cgi.rb_quote_boundary.patch: - invalid multipart boundary can make cgi.rb infinite loop and CPU consumption. (JVN#84798830) stable/main/binary-hppa/libsdbm-ruby1.6_1.6.8-12sarge3_hppa.deb stable/main/binary-hppa/libruby1.6_1.6.8-12sarge3_hppa.deb stable/main/binary-hppa/libtk-ruby1.6_1.6.8-12sarge3_hppa.deb stable/main/binary-hppa/libgdbm-ruby1.6_1.6.8-12sarge3_hppa.deb stable/main/binary-hppa/libtcltk-ruby1.6_1.6.8-12sarge3_hppa.deb stable/main/binary-hppa/libsyslog-ruby1.6_1.6.8-12sarge3_hppa.deb stable/main/binary-hppa/libcurses-ruby1.6_1.6.8-12sarge3_hppa.deb stable/main/binary-hppa/libdbm-ruby1.6_1.6.8-12sarge3_hppa.deb stable/main/binary-hppa/ruby1.6-dev_1.6.8-12sarge3_hppa.deb stable/main/binary-hppa/libpty-ruby1.6_1.6.8-12sarge3_hppa.deb stable/main/binary-hppa/libreadline-ruby1.6_1.6.8-12sarge3_hppa.deb stable/main/binary-hppa/libruby1.6-dbg_1.6.8-12sarge3_hppa.deb stable/main/binary-hppa/ruby1.6_1.6.8-12sarge3_hppa.deb ruby1.6 (1.6.8-12sarge3) stable-security; urgency=high * akira yamada - added debian/patches/817_CVE-2006-5467.patch: - invalid multipart data can make cgi.rb infinite loop and CPU consumption. (CVE-2006-5467) - added debian/patches/818_cgi.rb_quote_boundary.patch: - invalid multipart boundary can make cgi.rb infinite loop and CPU consumption. (JVN#84798830) stable/main/binary-arm/libcurses-ruby1.6_1.6.8-12sarge3_arm.deb stable/main/binary-arm/libpty-ruby1.6_1.6.8-12sarge3_arm.deb stable/main/binary-arm/libdbm-ruby1.6_1.6.8-12sarge3_arm.deb stable/main/binary-arm/libtcltk-ruby1.6_1.6.8-12sarge3_arm.deb stable/main/binary-arm/libruby1.6_1.6.8-12sarge3_arm.deb stable/main/binary-arm/libgdbm-ruby1.6_1.6.8-12sarge3_arm.deb stable/main/binary-arm/ruby1.6-dev_1.6.8-12sarge3_arm.deb stable/main/binary-arm/libreadline-ruby1.6_1.6.8-12sarge3_arm.deb stable/main/binary-arm/ruby1.6_1.6.8-12sarge3_arm.deb stable/main/binary-arm/libsyslog-ruby1.6_1.6.8-12sarge3_arm.deb stable/main/binary-arm/libsdbm-ruby1.6_1.6.8-12sarge3_arm.deb stable/main/binary-arm/libtk-ruby1.6_1.6.8-12sarge3_arm.deb stable/main/binary-arm/libruby1.6-dbg_1.6.8-12sarge3_arm.deb ruby1.6 (1.6.8-12sarge3) stable-security; urgency=high * akira yamada - added debian/patches/817_CVE-2006-5467.patch: - invalid multipart data can make cgi.rb infinite loop and CPU consumption. (CVE-2006-5467) - added debian/patches/818_cgi.rb_quote_boundary.patch: - invalid multipart boundary can make cgi.rb infinite loop and CPU consumption. (JVN#84798830) stable/main/binary-alpha/libtk-ruby1.6_1.6.8-12sarge3_alpha.deb stable/main/binary-alpha/libruby1.6_1.6.8-12sarge3_alpha.deb stable/main/binary-alpha/libsyslog-ruby1.6_1.6.8-12sarge3_alpha.deb stable/main/binary-alpha/libcurses-ruby1.6_1.6.8-12sarge3_alpha.deb stable/main/binary-alpha/libgdbm-ruby1.6_1.6.8-12sarge3_alpha.deb stable/main/binary-alpha/libsdbm-ruby1.6_1.6.8-12sarge3_alpha.deb stable/main/binary-alpha/libdbm-ruby1.6_1.6.8-12sarge3_alpha.deb stable/main/binary-alpha/libreadline-ruby1.6_1.6.8-12sarge3_alpha.deb stable/main/binary-alpha/libruby1.6-dbg_1.6.8-12sarge3_alpha.deb stable/main/binary-alpha/ruby1.6-dev_1.6.8-12sarge3_alpha.deb stable/main/binary-alpha/libtcltk-ruby1.6_1.6.8-12sarge3_alpha.deb stable/main/binary-alpha/libpty-ruby1.6_1.6.8-12sarge3_alpha.deb stable/main/binary-alpha/ruby1.6_1.6.8-12sarge3_alpha.deb ruby1.6 (1.6.8-12sarge3) stable-security; urgency=high * akira yamada - added debian/patches/817_CVE-2006-5467.patch: - invalid multipart data can make cgi.rb infinite loop and CPU consumption. (CVE-2006-5467) - added debian/patches/818_cgi.rb_quote_boundary.patch: - invalid multipart boundary can make cgi.rb infinite loop and CPU consumption. (JVN#84798830) stable/main/binary-i386/libsdbm-ruby1.6_1.6.8-12sarge3_i386.deb stable/main/binary-all/ruby1.6-elisp_1.6.8-12sarge3_all.deb stable/main/binary-all/irb1.6_1.6.8-12sarge3_all.deb stable/main/binary-i386/libpty-ruby1.6_1.6.8-12sarge3_i386.deb stable/main/source/ruby1.6_1.6.8-12sarge3.diff.gz stable/main/binary-i386/ruby1.6-dev_1.6.8-12sarge3_i386.deb stable/main/binary-i386/libsyslog-ruby1.6_1.6.8-12sarge3_i386.deb stable/main/binary-all/ruby1.6-examples_1.6.8-12sarge3_all.deb stable/main/binary-i386/libtcltk-ruby1.6_1.6.8-12sarge3_i386.deb stable/main/binary-i386/ruby1.6_1.6.8-12sarge3_i386.deb stable/main/binary-i386/libcurses-ruby1.6_1.6.8-12sarge3_i386.deb stable/main/binary-i386/libtk-ruby1.6_1.6.8-12sarge3_i386.deb stable/main/binary-i386/libreadline-ruby1.6_1.6.8-12sarge3_i386.deb stable/main/binary-i386/libdbm-ruby1.6_1.6.8-12sarge3_i386.deb stable/main/binary-i386/libgdbm-ruby1.6_1.6.8-12sarge3_i386.deb stable/main/binary-i386/libruby1.6_1.6.8-12sarge3_i386.deb stable/main/binary-i386/libruby1.6-dbg_1.6.8-12sarge3_i386.deb stable/main/source/ruby1.6_1.6.8-12sarge3.dsc ruby1.6 (1.6.8-12sarge3) stable-security; urgency=high * akira yamada - added debian/patches/817_CVE-2006-5467.patch: - invalid multipart data can make cgi.rb infinite loop and CPU consumption. (CVE-2006-5467) - added debian/patches/818_cgi.rb_quote_boundary.patch: - invalid multipart boundary can make cgi.rb infinite loop and CPU consumption. (JVN#84798830) stable/main/binary-sparc/libqt3-dev_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/libqt3c102-mt-sqlite_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/libqt3c102-mysql_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/qt3-dev-tools-embedded_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/qt3-dev-tools-compat_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/qt3-assistant_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/libqt3c102-mt-psql_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/libqt3-mt-dev_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/libqt3c102-mt-odbc_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/libqt3c102_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/qt3-designer_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/libqt3-headers_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/libqt3c102-odbc_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/libqt3c102-mt_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/libqt3c102-psql_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/libqt3c102-mt-mysql_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/libqt3c102-sqlite_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/qt3-apps-dev_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/libqt3-compat-headers_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/qt3-dev-tools_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/qt3-linguist_3.3.4-3sarge1_sparc.deb stable/main/binary-sparc/qt3-qtconfig_3.3.4-3sarge1_sparc.deb qt-x11-free (3:3.3.4-3sarge1) stable-security; urgency=high * Non-maintainer upload by the security team. * Fix an integer overflow in image handing routines. CVE-2006-4811 stable/main/binary-s390/libqt3-compat-headers_3.3.4-3sarge1_s390.deb stable/main/binary-s390/libqt3c102-mt_3.3.4-3sarge1_s390.deb stable/main/binary-s390/qt3-assistant_3.3.4-3sarge1_s390.deb stable/main/binary-s390/qt3-dev-tools-embedded_3.3.4-3sarge1_s390.deb stable/main/binary-s390/qt3-qtconfig_3.3.4-3sarge1_s390.deb stable/main/binary-s390/qt3-linguist_3.3.4-3sarge1_s390.deb stable/main/binary-s390/qt3-dev-tools-compat_3.3.4-3sarge1_s390.deb stable/main/binary-s390/libqt3c102-mt-sqlite_3.3.4-3sarge1_s390.deb stable/main/binary-s390/libqt3c102-psql_3.3.4-3sarge1_s390.deb stable/main/binary-s390/libqt3-mt-dev_3.3.4-3sarge1_s390.deb stable/main/binary-s390/qt3-apps-dev_3.3.4-3sarge1_s390.deb stable/main/binary-s390/libqt3c102-mt-odbc_3.3.4-3sarge1_s390.deb stable/main/binary-s390/libqt3c102_3.3.4-3sarge1_s390.deb stable/main/binary-s390/libqt3c102-mt-mysql_3.3.4-3sarge1_s390.deb stable/main/binary-s390/libqt3c102-mt-psql_3.3.4-3sarge1_s390.deb stable/main/binary-s390/libqt3c102-sqlite_3.3.4-3sarge1_s390.deb stable/main/binary-s390/libqt3-headers_3.3.4-3sarge1_s390.deb stable/main/binary-s390/libqt3-dev_3.3.4-3sarge1_s390.deb stable/main/binary-s390/qt3-dev-tools_3.3.4-3sarge1_s390.deb stable/main/binary-s390/qt3-designer_3.3.4-3sarge1_s390.deb stable/main/binary-s390/libqt3c102-odbc_3.3.4-3sarge1_s390.deb stable/main/binary-s390/libqt3c102-mysql_3.3.4-3sarge1_s390.deb qt-x11-free (3:3.3.4-3sarge1) stable-security; urgency=high * Non-maintainer upload by the security team. * Fix an integer overflow in image handing routines. CVE-2006-4811 stable/main/binary-powerpc/qt3-linguist_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/libqt3c102-sqlite_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/libqt3-dev_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/libqt3c102-mt-mysql_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/libqt3c102-mt-sqlite_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/libqt3c102-mt_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/libqt3c102-psql_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/libqt3-mt-dev_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/libqt3-compat-headers_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/libqt3c102_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/qt3-assistant_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/qt3-apps-dev_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/libqt3c102-odbc_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/qt3-dev-tools_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/libqt3c102-mt-psql_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/qt3-dev-tools-compat_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/libqt3-headers_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/libqt3c102-mysql_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/qt3-dev-tools-embedded_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/libqt3c102-mt-odbc_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/qt3-designer_3.3.4-3sarge1_powerpc.deb stable/main/binary-powerpc/qt3-qtconfig_3.3.4-3sarge1_powerpc.deb qt-x11-free (3:3.3.4-3sarge1) stable-security; urgency=high * Non-maintainer upload by the security team. * Fix an integer overflow in image handing routines. CVE-2006-4811 stable/main/binary-mipsel/libqt3c102-mt-sqlite_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/qt3-assistant_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/qt3-apps-dev_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/libqt3-headers_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/qt3-dev-tools_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/libqt3c102-sqlite_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/qt3-qtconfig_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/libqt3-mt-dev_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/libqt3-compat-headers_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/libqt3c102_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/libqt3c102-odbc_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/qt3-designer_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/qt3-dev-tools-embedded_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/qt3-dev-tools-compat_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/libqt3-dev_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/libqt3c102-mt_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/libqt3c102-mt-psql_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/libqt3c102-mt-mysql_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/libqt3c102-mysql_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/libqt3c102-psql_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/qt3-linguist_3.3.4-3sarge1_mipsel.deb stable/main/binary-mipsel/libqt3c102-mt-odbc_3.3.4-3sarge1_mipsel.deb qt-x11-free (3:3.3.4-3sarge1) stable-security; urgency=high * Non-maintainer upload by the security team. * Fix an integer overflow in image handing routines. CVE-2006-4811 stable/main/binary-mips/libqt3-compat-headers_3.3.4-3sarge1_mips.deb stable/main/binary-mips/libqt3c102-odbc_3.3.4-3sarge1_mips.deb stable/main/binary-mips/libqt3c102-sqlite_3.3.4-3sarge1_mips.deb stable/main/binary-mips/qt3-qtconfig_3.3.4-3sarge1_mips.deb stable/main/binary-mips/libqt3c102-mt-sqlite_3.3.4-3sarge1_mips.deb stable/main/binary-mips/libqt3-mt-dev_3.3.4-3sarge1_mips.deb stable/main/binary-mips/libqt3c102_3.3.4-3sarge1_mips.deb stable/main/binary-mips/qt3-linguist_3.3.4-3sarge1_mips.deb stable/main/binary-mips/libqt3c102-psql_3.3.4-3sarge1_mips.deb stable/main/binary-mips/libqt3c102-mt-odbc_3.3.4-3sarge1_mips.deb stable/main/binary-mips/qt3-apps-dev_3.3.4-3sarge1_mips.deb stable/main/binary-mips/qt3-assistant_3.3.4-3sarge1_mips.deb stable/main/binary-mips/qt3-dev-tools_3.3.4-3sarge1_mips.deb stable/main/binary-mips/libqt3-headers_3.3.4-3sarge1_mips.deb stable/main/binary-mips/libqt3-dev_3.3.4-3sarge1_mips.deb stable/main/binary-mips/qt3-dev-tools-compat_3.3.4-3sarge1_mips.deb stable/main/binary-mips/qt3-designer_3.3.4-3sarge1_mips.deb stable/main/binary-mips/qt3-dev-tools-embedded_3.3.4-3sarge1_mips.deb stable/main/binary-mips/libqt3c102-mt_3.3.4-3sarge1_mips.deb stable/main/binary-mips/libqt3c102-mt-mysql_3.3.4-3sarge1_mips.deb stable/main/binary-mips/libqt3c102-mysql_3.3.4-3sarge1_mips.deb stable/main/binary-mips/libqt3c102-mt-psql_3.3.4-3sarge1_mips.deb qt-x11-free (3:3.3.4-3sarge1) stable-security; urgency=high * Non-maintainer upload by the security team. * Fix an integer overflow in image handing routines. CVE-2006-4811 stable/main/binary-m68k/libqt3c102-mt-odbc_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/libqt3c102-mt-mysql_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/libqt3c102-mysql_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/libqt3-mt-dev_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/libqt3c102-mt-psql_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/libqt3c102-psql_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/qt3-designer_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/qt3-apps-dev_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/libqt3c102-odbc_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/libqt3-compat-headers_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/qt3-assistant_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/libqt3c102-mt_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/qt3-dev-tools_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/libqt3-headers_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/qt3-dev-tools-compat_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/libqt3c102-sqlite_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/libqt3c102_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/qt3-dev-tools-embedded_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/qt3-linguist_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/qt3-qtconfig_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/libqt3-dev_3.3.4-3sarge1_m68k.deb stable/main/binary-m68k/libqt3c102-mt-sqlite_3.3.4-3sarge1_m68k.deb qt-x11-free (3:3.3.4-3sarge1) stable-security; urgency=high * Non-maintainer upload by the security team. * Fix an integer overflow in image handing routines. CVE-2006-4811 stable/main/binary-ia64/libqt3c102-psql_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/libqt3-compat-headers_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/qt3-dev-tools-compat_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/libqt3-mt-dev_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/qt3-dev-tools-embedded_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/libqt3c102-mt_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/qt3-qtconfig_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/libqt3c102_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/libqt3c102-mt-odbc_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/qt3-dev-tools_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/libqt3c102-mt-sqlite_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/libqt3-headers_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/libqt3c102-sqlite_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/libqt3c102-mt-mysql_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/qt3-designer_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/libqt3c102-mt-psql_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/qt3-linguist_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/qt3-apps-dev_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/libqt3c102-odbc_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/libqt3-dev_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/libqt3c102-mysql_3.3.4-3sarge1_ia64.deb stable/main/binary-ia64/qt3-assistant_3.3.4-3sarge1_ia64.deb qt-x11-free (3:3.3.4-3sarge1) stable-security; urgency=high * Non-maintainer upload by the security team. * Fix an integer overflow in image handing routines. CVE-2006-4811 stable/main/binary-hppa/qt3-apps-dev_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/libqt3-headers_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/qt3-designer_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/libqt3c102-mysql_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/qt3-dev-tools-compat_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/qt3-dev-tools-embedded_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/libqt3c102-mt-psql_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/libqt3c102-odbc_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/libqt3c102-mt_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/qt3-dev-tools_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/libqt3c102-mt-odbc_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/libqt3c102-mt-mysql_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/qt3-linguist_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/libqt3-compat-headers_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/libqt3c102_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/qt3-assistant_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/libqt3c102-psql_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/libqt3-mt-dev_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/libqt3c102-sqlite_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/libqt3-dev_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/libqt3c102-mt-sqlite_3.3.4-3sarge1_hppa.deb stable/main/binary-hppa/qt3-qtconfig_3.3.4-3sarge1_hppa.deb qt-x11-free (3:3.3.4-3sarge1) stable-security; urgency=high * Non-maintainer upload by the security team. * Fix an integer overflow in image handing routines. CVE-2006-4811 stable/main/binary-arm/libqt3c102-mt-mysql_3.3.4-3sarge1_arm.deb stable/main/binary-arm/libqt3c102-mt-sqlite_3.3.4-3sarge1_arm.deb stable/main/binary-arm/libqt3c102-sqlite_3.3.4-3sarge1_arm.deb stable/main/binary-arm/libqt3c102-mysql_3.3.4-3sarge1_arm.deb stable/main/binary-arm/qt3-dev-tools-embedded_3.3.4-3sarge1_arm.deb stable/main/binary-arm/qt3-assistant_3.3.4-3sarge1_arm.deb stable/main/binary-arm/qt3-apps-dev_3.3.4-3sarge1_arm.deb stable/main/binary-arm/qt3-dev-tools-compat_3.3.4-3sarge1_arm.deb stable/main/binary-arm/libqt3c102-mt-psql_3.3.4-3sarge1_arm.deb stable/main/binary-arm/libqt3c102_3.3.4-3sarge1_arm.deb stable/main/binary-arm/qt3-qtconfig_3.3.4-3sarge1_arm.deb stable/main/binary-arm/libqt3c102-odbc_3.3.4-3sarge1_arm.deb stable/main/binary-arm/libqt3-headers_3.3.4-3sarge1_arm.deb stable/main/binary-arm/libqt3-mt-dev_3.3.4-3sarge1_arm.deb stable/main/binary-arm/libqt3-dev_3.3.4-3sarge1_arm.deb stable/main/binary-arm/libqt3c102-mt-odbc_3.3.4-3sarge1_arm.deb stable/main/binary-arm/qt3-designer_3.3.4-3sarge1_arm.deb stable/main/binary-arm/libqt3c102-mt_3.3.4-3sarge1_arm.deb stable/main/binary-arm/libqt3-compat-headers_3.3.4-3sarge1_arm.deb stable/main/binary-arm/qt3-linguist_3.3.4-3sarge1_arm.deb stable/main/binary-arm/libqt3c102-psql_3.3.4-3sarge1_arm.deb stable/main/binary-arm/qt3-dev-tools_3.3.4-3sarge1_arm.deb qt-x11-free (3:3.3.4-3sarge1) stable-security; urgency=high * Non-maintainer upload by the security team. * Fix an integer overflow in image handing routines. CVE-2006-4811 stable/main/binary-alpha/qt3-qtconfig_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/qt3-linguist_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/libqt3c102-sqlite_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/qt3-assistant_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/qt3-apps-dev_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/libqt3c102-mysql_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/libqt3-dev_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/libqt3c102-mt-sqlite_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/libqt3c102-mt-odbc_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/libqt3c102-odbc_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/libqt3c102-mt_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/libqt3c102-mt-psql_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/libqt3c102-mt-mysql_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/qt3-dev-tools-compat_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/libqt3-headers_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/qt3-dev-tools-embedded_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/qt3-designer_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/libqt3-compat-headers_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/libqt3c102-psql_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/libqt3-mt-dev_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/qt3-dev-tools_3.3.4-3sarge1_alpha.deb stable/main/binary-alpha/libqt3c102_3.3.4-3sarge1_alpha.deb qt-x11-free (3:3.3.4-3sarge1) stable-security; urgency=high * Non-maintainer upload by the security team. * Fix an integer overflow in image handing routines. CVE-2006-4811 stable/main/binary-all/libqt3-i18n_3.3.4-3sarge1_all.deb stable/main/binary-i386/libqt3c102-mt-sqlite_3.3.4-3sarge1_i386.deb stable/main/binary-i386/libqt3c102-sqlite_3.3.4-3sarge1_i386.deb stable/main/binary-i386/qt3-dev-tools_3.3.4-3sarge1_i386.deb stable/main/binary-all/qt3-examples_3.3.4-3sarge1_all.deb stable/main/binary-i386/libqt3-dev_3.3.4-3sarge1_i386.deb stable/main/binary-i386/qt3-qtconfig_3.3.4-3sarge1_i386.deb stable/main/binary-i386/libqt3c102-psql_3.3.4-3sarge1_i386.deb stable/main/binary-i386/qt3-designer_3.3.4-3sarge1_i386.deb stable/main/binary-i386/libqt3-headers_3.3.4-3sarge1_i386.deb stable/main/binary-i386/libqt3c102-mysql_3.3.4-3sarge1_i386.deb stable/main/binary-i386/qt3-linguist_3.3.4-3sarge1_i386.deb stable/main/binary-i386/libqt3c102-mt-odbc_3.3.4-3sarge1_i386.deb stable/main/binary-i386/libqt3c102_3.3.4-3sarge1_i386.deb stable/main/source/qt-x11-free_3.3.4-3sarge1.dsc stable/main/binary-all/qt3-doc_3.3.4-3sarge1_all.deb stable/main/binary-i386/libqt3-mt-dev_3.3.4-3sarge1_i386.deb stable/main/source/qt-x11-free_3.3.4-3sarge1.diff.gz stable/main/binary-i386/libqt3c102-ibase_3.3.4-3sarge1_i386.deb stable/main/binary-i386/libqt3c102-mt-ibase_3.3.4-3sarge1_i386.deb stable/main/binary-i386/qt3-dev-tools-embedded_3.3.4-3sarge1_i386.deb stable/main/binary-i386/qt3-dev-tools-compat_3.3.4-3sarge1_i386.deb stable/main/binary-i386/libqt3c102-odbc_3.3.4-3sarge1_i386.deb stable/main/binary-i386/libqt3c102-mt-psql_3.3.4-3sarge1_i386.deb stable/main/binary-i386/libqt3c102-mt-mysql_3.3.4-3sarge1_i386.deb stable/main/binary-i386/libqt3c102-mt_3.3.4-3sarge1_i386.deb stable/main/binary-i386/qt3-assistant_3.3.4-3sarge1_i386.deb stable/main/binary-i386/qt3-apps-dev_3.3.4-3sarge1_i386.deb stable/main/binary-i386/libqt3-compat-headers_3.3.4-3sarge1_i386.deb qt-x11-free (3:3.3.4-3sarge1) stable-security; urgency=high * Non-maintainer upload by the security team. * Fix an integer overflow in image handing routines. CVE-2006-4811 stable/main/binary-sparc/python2.4-tk_2.4.1-2sarge1_sparc.deb stable/main/binary-sparc/python2.4_2.4.1-2sarge1_sparc.deb stable/main/binary-sparc/python2.4-gdbm_2.4.1-2sarge1_sparc.deb stable/main/binary-sparc/python2.4-dbg_2.4.1-2sarge1_sparc.deb stable/main/binary-sparc/python2.4-dev_2.4.1-2sarge1_sparc.deb python2.4 (2.4.1-2sarge1) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/sf1541585.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-s390/python2.4-dbg_2.4.1-2sarge1_s390.deb stable/main/binary-s390/python2.4_2.4.1-2sarge1_s390.deb stable/main/binary-s390/python2.4-dev_2.4.1-2sarge1_s390.deb stable/main/binary-s390/python2.4-tk_2.4.1-2sarge1_s390.deb stable/main/binary-s390/python2.4-gdbm_2.4.1-2sarge1_s390.deb python2.4 (2.4.1-2sarge1) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/sf1541585.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-powerpc/python2.4-tk_2.4.1-2sarge1_powerpc.deb stable/main/binary-powerpc/python2.4_2.4.1-2sarge1_powerpc.deb stable/main/binary-powerpc/python2.4-dbg_2.4.1-2sarge1_powerpc.deb stable/main/binary-powerpc/python2.4-dev_2.4.1-2sarge1_powerpc.deb stable/main/binary-powerpc/python2.4-gdbm_2.4.1-2sarge1_powerpc.deb python2.4 (2.4.1-2sarge1) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/sf1541585.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-mipsel/python2.4-dev_2.4.1-2sarge1_mipsel.deb stable/main/binary-mipsel/python2.4-dbg_2.4.1-2sarge1_mipsel.deb stable/main/binary-mipsel/python2.4-gdbm_2.4.1-2sarge1_mipsel.deb stable/main/binary-mipsel/python2.4_2.4.1-2sarge1_mipsel.deb stable/main/binary-mipsel/python2.4-tk_2.4.1-2sarge1_mipsel.deb python2.4 (2.4.1-2sarge1) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/sf1541585.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-mips/python2.4-dbg_2.4.1-2sarge1_mips.deb stable/main/binary-mips/python2.4-tk_2.4.1-2sarge1_mips.deb stable/main/binary-mips/python2.4_2.4.1-2sarge1_mips.deb stable/main/binary-mips/python2.4-dev_2.4.1-2sarge1_mips.deb stable/main/binary-mips/python2.4-gdbm_2.4.1-2sarge1_mips.deb python2.4 (2.4.1-2sarge1) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/sf1541585.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-m68k/python2.4_2.4.1-2sarge1_m68k.deb stable/main/binary-m68k/python2.4-tk_2.4.1-2sarge1_m68k.deb stable/main/binary-m68k/python2.4-dev_2.4.1-2sarge1_m68k.deb stable/main/binary-m68k/python2.4-gdbm_2.4.1-2sarge1_m68k.deb stable/main/binary-m68k/python2.4-dbg_2.4.1-2sarge1_m68k.deb python2.4 (2.4.1-2sarge1) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/sf1541585.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-ia64/python2.4-dbg_2.4.1-2sarge1_ia64.deb stable/main/binary-ia64/python2.4-dev_2.4.1-2sarge1_ia64.deb stable/main/binary-ia64/python2.4-gdbm_2.4.1-2sarge1_ia64.deb stable/main/binary-ia64/python2.4_2.4.1-2sarge1_ia64.deb stable/main/binary-ia64/python2.4-tk_2.4.1-2sarge1_ia64.deb python2.4 (2.4.1-2sarge1) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/sf1541585.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-hppa/python2.4-dbg_2.4.1-2sarge1_hppa.deb stable/main/binary-hppa/python2.4_2.4.1-2sarge1_hppa.deb stable/main/binary-hppa/python2.4-gdbm_2.4.1-2sarge1_hppa.deb stable/main/binary-hppa/python2.4-tk_2.4.1-2sarge1_hppa.deb stable/main/binary-hppa/python2.4-dev_2.4.1-2sarge1_hppa.deb python2.4 (2.4.1-2sarge1) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/sf1541585.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-arm/python2.4-gdbm_2.4.1-2sarge1_arm.deb stable/main/binary-arm/python2.4-dev_2.4.1-2sarge1_arm.deb stable/main/binary-arm/python2.4-dbg_2.4.1-2sarge1_arm.deb stable/main/binary-arm/python2.4_2.4.1-2sarge1_arm.deb stable/main/binary-arm/python2.4-tk_2.4.1-2sarge1_arm.deb python2.4 (2.4.1-2sarge1) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/sf1541585.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-alpha/python2.4_2.4.1-2sarge1_alpha.deb stable/main/binary-alpha/python2.4-tk_2.4.1-2sarge1_alpha.deb stable/main/binary-alpha/python2.4-dbg_2.4.1-2sarge1_alpha.deb stable/main/binary-alpha/python2.4-gdbm_2.4.1-2sarge1_alpha.deb stable/main/binary-alpha/python2.4-dev_2.4.1-2sarge1_alpha.deb python2.4 (2.4.1-2sarge1) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/sf1541585.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-i386/python2.4-tk_2.4.1-2sarge1_i386.deb stable/main/binary-i386/python2.4_2.4.1-2sarge1_i386.deb stable/main/binary-all/python2.4-doc_2.4.1-2sarge1_all.deb stable/main/binary-i386/python2.4-dbg_2.4.1-2sarge1_i386.deb stable/main/binary-all/python2.4-examples_2.4.1-2sarge1_all.deb stable/main/binary-i386/python2.4-gdbm_2.4.1-2sarge1_i386.deb stable/main/source/python2.4_2.4.1-2sarge1.dsc stable/main/binary-all/idle-python2.4_2.4.1-2sarge1_all.deb stable/main/source/python2.4_2.4.1-2sarge1.diff.gz stable/main/binary-i386/python2.4-dev_2.4.1-2sarge1_i386.deb python2.4 (2.4.1-2sarge1) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/sf1541585.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-sparc/python2.3-tk_2.3.5-3sarge2_sparc.deb stable/main/binary-sparc/python2.3-dev_2.3.5-3sarge2_sparc.deb stable/main/binary-sparc/python2.3-mpz_2.3.5-3sarge2_sparc.deb stable/main/binary-sparc/python2.3_2.3.5-3sarge2_sparc.deb stable/main/binary-sparc/python2.3-gdbm_2.3.5-3sarge2_sparc.deb python2.3 (2.3.5-3sarge2) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/unicode-repr.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-s390/python2.3-gdbm_2.3.5-3sarge2_s390.deb stable/main/binary-s390/python2.3-dev_2.3.5-3sarge2_s390.deb stable/main/binary-s390/python2.3_2.3.5-3sarge2_s390.deb stable/main/binary-s390/python2.3-tk_2.3.5-3sarge2_s390.deb stable/main/binary-s390/python2.3-mpz_2.3.5-3sarge2_s390.deb python2.3 (2.3.5-3sarge2) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/unicode-repr.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-powerpc/python2.3-tk_2.3.5-3sarge2_powerpc.deb stable/main/binary-powerpc/python2.3-gdbm_2.3.5-3sarge2_powerpc.deb stable/main/binary-powerpc/python2.3-dev_2.3.5-3sarge2_powerpc.deb stable/main/binary-powerpc/python2.3_2.3.5-3sarge2_powerpc.deb stable/main/binary-powerpc/python2.3-mpz_2.3.5-3sarge2_powerpc.deb python2.3 (2.3.5-3sarge2) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/unicode-repr.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-mipsel/python2.3_2.3.5-3sarge2_mipsel.deb stable/main/binary-mipsel/python2.3-mpz_2.3.5-3sarge2_mipsel.deb stable/main/binary-mipsel/python2.3-gdbm_2.3.5-3sarge2_mipsel.deb stable/main/binary-mipsel/python2.3-dev_2.3.5-3sarge2_mipsel.deb stable/main/binary-mipsel/python2.3-tk_2.3.5-3sarge2_mipsel.deb python2.3 (2.3.5-3sarge2) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/unicode-repr.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-mips/python2.3_2.3.5-3sarge2_mips.deb stable/main/binary-mips/python2.3-tk_2.3.5-3sarge2_mips.deb stable/main/binary-mips/python2.3-gdbm_2.3.5-3sarge2_mips.deb stable/main/binary-mips/python2.3-dev_2.3.5-3sarge2_mips.deb stable/main/binary-mips/python2.3-mpz_2.3.5-3sarge2_mips.deb python2.3 (2.3.5-3sarge2) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/unicode-repr.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-m68k/python2.3-gdbm_2.3.5-3sarge2_m68k.deb stable/main/binary-m68k/python2.3-tk_2.3.5-3sarge2_m68k.deb stable/main/binary-m68k/python2.3_2.3.5-3sarge2_m68k.deb stable/main/binary-m68k/python2.3-mpz_2.3.5-3sarge2_m68k.deb stable/main/binary-m68k/python2.3-dev_2.3.5-3sarge2_m68k.deb python2.3 (2.3.5-3sarge2) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/unicode-repr.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-ia64/python2.3-mpz_2.3.5-3sarge2_ia64.deb stable/main/binary-ia64/python2.3-gdbm_2.3.5-3sarge2_ia64.deb stable/main/binary-ia64/python2.3_2.3.5-3sarge2_ia64.deb stable/main/binary-ia64/python2.3-dev_2.3.5-3sarge2_ia64.deb stable/main/binary-ia64/python2.3-tk_2.3.5-3sarge2_ia64.deb python2.3 (2.3.5-3sarge2) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/unicode-repr.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-hppa/python2.3-mpz_2.3.5-3sarge2_hppa.deb stable/main/binary-hppa/python2.3-dev_2.3.5-3sarge2_hppa.deb stable/main/binary-hppa/python2.3_2.3.5-3sarge2_hppa.deb stable/main/binary-hppa/python2.3-tk_2.3.5-3sarge2_hppa.deb stable/main/binary-hppa/python2.3-gdbm_2.3.5-3sarge2_hppa.deb python2.3 (2.3.5-3sarge2) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/unicode-repr.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-arm/python2.3-gdbm_2.3.5-3sarge2_arm.deb stable/main/binary-arm/python2.3-mpz_2.3.5-3sarge2_arm.deb stable/main/binary-arm/python2.3-dev_2.3.5-3sarge2_arm.deb stable/main/binary-arm/python2.3-tk_2.3.5-3sarge2_arm.deb stable/main/binary-arm/python2.3_2.3.5-3sarge2_arm.deb python2.3 (2.3.5-3sarge2) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/unicode-repr.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-alpha/python2.3-gdbm_2.3.5-3sarge2_alpha.deb stable/main/binary-alpha/python2.3-tk_2.3.5-3sarge2_alpha.deb stable/main/binary-alpha/python2.3-mpz_2.3.5-3sarge2_alpha.deb stable/main/binary-alpha/python2.3-dev_2.3.5-3sarge2_alpha.deb stable/main/binary-alpha/python2.3_2.3.5-3sarge2_alpha.deb python2.3 (2.3.5-3sarge2) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/unicode-repr.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-all/python2.3-doc_2.3.5-3sarge2_all.deb stable/main/binary-all/idle-python2.3_2.3.5-3sarge2_all.deb stable/main/source/python2.3_2.3.5-3sarge2.diff.gz stable/main/binary-i386/python2.3_2.3.5-3sarge2_i386.deb stable/main/binary-i386/python2.3-dev_2.3.5-3sarge2_i386.deb stable/main/source/python2.3_2.3.5-3sarge2.dsc stable/main/binary-i386/python2.3-gdbm_2.3.5-3sarge2_i386.deb stable/main/binary-i386/python2.3-tk_2.3.5-3sarge2_i386.deb stable/main/binary-i386/python2.3-mpz_2.3.5-3sarge2_i386.deb stable/main/binary-all/python2.3-examples_2.3.5-3sarge2_all.deb python2.3 (2.3.5-3sarge2) stable-security; urgency=high * SECURITY UPDATE: crafted wide unicode strings can overflow heap leading to arbitrary code execution. * Add 'debian/patches/unicode-repr.dpatch' to fix overflow. * References CVE-2006-4980 http://svn.python.org/view?view=rev&rev=51466 stable/main/binary-sparc/pstotext_1.9-1sarge2_sparc.deb pstotext (1.9-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix arbitrary shell commmand execution due to insufficient sanitising of filenames. Patch by J.H.M. Dassen. stable/main/binary-s390/pstotext_1.9-1sarge2_s390.deb pstotext (1.9-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix arbitrary shell commmand execution due to insufficient sanitising of filenames. Patch by J.H.M. Dassen. stable/main/binary-powerpc/pstotext_1.9-1sarge2_powerpc.deb pstotext (1.9-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix arbitrary shell commmand execution due to insufficient sanitising of filenames. Patch by J.H.M. Dassen. stable/main/binary-mipsel/pstotext_1.9-1sarge2_mipsel.deb pstotext (1.9-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix arbitrary shell commmand execution due to insufficient sanitising of filenames. Patch by J.H.M. Dassen. stable/main/binary-mips/pstotext_1.9-1sarge2_mips.deb pstotext (1.9-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix arbitrary shell commmand execution due to insufficient sanitising of filenames. Patch by J.H.M. Dassen. stable/main/binary-m68k/pstotext_1.9-1sarge2_m68k.deb pstotext (1.9-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix arbitrary shell commmand execution due to insufficient sanitising of filenames. Patch by J.H.M. Dassen. stable/main/binary-ia64/pstotext_1.9-1sarge2_ia64.deb pstotext (1.9-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix arbitrary shell commmand execution due to insufficient sanitising of filenames. Patch by J.H.M. Dassen. stable/main/binary-hppa/pstotext_1.9-1sarge2_hppa.deb pstotext (1.9-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix arbitrary shell commmand execution due to insufficient sanitising of filenames. Patch by J.H.M. Dassen. stable/main/binary-arm/pstotext_1.9-1sarge2_arm.deb pstotext (1.9-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix arbitrary shell commmand execution due to insufficient sanitising of filenames. Patch by J.H.M. Dassen. stable/main/binary-alpha/pstotext_1.9-1sarge2_alpha.deb pstotext (1.9-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix arbitrary shell commmand execution due to insufficient sanitising of filenames. Patch by J.H.M. Dassen. stable/main/source/pstotext_1.9-1sarge2.diff.gz stable/main/source/pstotext_1.9-1sarge2.dsc stable/main/binary-i386/pstotext_1.9-1sarge2_i386.deb pstotext (1.9-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix arbitrary shell commmand execution due to insufficient sanitising of filenames. Patch by J.H.M. Dassen. stable/main/binary-sparc/proftpd-common_1.2.10-15sarge4_sparc.deb stable/main/binary-sparc/proftpd-pgsql_1.2.10-15sarge4_sparc.deb stable/main/binary-sparc/proftpd_1.2.10-15sarge4_sparc.deb stable/main/binary-sparc/proftpd-mysql_1.2.10-15sarge4_sparc.deb stable/main/binary-sparc/proftpd-ldap_1.2.10-15sarge4_sparc.deb proftpd (1.2.10-15sarge4) stable-security; urgency=high Fixes a buffer overflow for mod_radius, found in 1.2.10 and missed before releasing. http://www.securityfocus.com/bid/16535 http://bugs.proftpd.org/show_bug.cgi?id=2658 Patch: 35.CVE_2005_4816 stable/main/binary-s390/proftpd-common_1.2.10-15sarge4_s390.deb stable/main/binary-s390/proftpd_1.2.10-15sarge4_s390.deb stable/main/binary-s390/proftpd-ldap_1.2.10-15sarge4_s390.deb stable/main/binary-s390/proftpd-pgsql_1.2.10-15sarge4_s390.deb stable/main/binary-s390/proftpd-mysql_1.2.10-15sarge4_s390.deb proftpd (1.2.10-15sarge4) stable-security; urgency=high Fixes a buffer overflow for mod_radius, found in 1.2.10 and missed before releasing. http://www.securityfocus.com/bid/16535 http://bugs.proftpd.org/show_bug.cgi?id=2658 Patch: 35.CVE_2005_4816 stable/main/binary-powerpc/proftpd-common_1.2.10-15sarge4_powerpc.deb stable/main/binary-powerpc/proftpd-mysql_1.2.10-15sarge4_powerpc.deb stable/main/binary-powerpc/proftpd_1.2.10-15sarge4_powerpc.deb stable/main/binary-powerpc/proftpd-pgsql_1.2.10-15sarge4_powerpc.deb stable/main/binary-powerpc/proftpd-ldap_1.2.10-15sarge4_powerpc.deb proftpd (1.2.10-15sarge4) stable-security; urgency=high Fixes a buffer overflow for mod_radius, found in 1.2.10 and missed before releasing. http://www.securityfocus.com/bid/16535 http://bugs.proftpd.org/show_bug.cgi?id=2658 Patch: 35.CVE_2005_4816 stable/main/binary-mipsel/proftpd-ldap_1.2.10-15sarge4_mipsel.deb stable/main/binary-mipsel/proftpd_1.2.10-15sarge4_mipsel.deb stable/main/binary-mipsel/proftpd-common_1.2.10-15sarge4_mipsel.deb stable/main/binary-mipsel/proftpd-mysql_1.2.10-15sarge4_mipsel.deb stable/main/binary-mipsel/proftpd-pgsql_1.2.10-15sarge4_mipsel.deb proftpd (1.2.10-15sarge4) stable-security; urgency=high Fixes a buffer overflow for mod_radius, found in 1.2.10 and missed before releasing. http://www.securityfocus.com/bid/16535 http://bugs.proftpd.org/show_bug.cgi?id=2658 Patch: 35.CVE_2005_4816 stable/main/binary-mips/proftpd-common_1.2.10-15sarge4_mips.deb stable/main/binary-mips/proftpd_1.2.10-15sarge4_mips.deb stable/main/binary-mips/proftpd-mysql_1.2.10-15sarge4_mips.deb stable/main/binary-mips/proftpd-pgsql_1.2.10-15sarge4_mips.deb stable/main/binary-mips/proftpd-ldap_1.2.10-15sarge4_mips.deb proftpd (1.2.10-15sarge4) stable-security; urgency=high Fixes a buffer overflow for mod_radius, found in 1.2.10 and missed before releasing. http://www.securityfocus.com/bid/16535 http://bugs.proftpd.org/show_bug.cgi?id=2658 Patch: 35.CVE_2005_4816 stable/main/binary-m68k/proftpd-mysql_1.2.10-15sarge4_m68k.deb stable/main/binary-m68k/proftpd_1.2.10-15sarge4_m68k.deb stable/main/binary-m68k/proftpd-common_1.2.10-15sarge4_m68k.deb stable/main/binary-m68k/proftpd-ldap_1.2.10-15sarge4_m68k.deb stable/main/binary-m68k/proftpd-pgsql_1.2.10-15sarge4_m68k.deb proftpd (1.2.10-15sarge4) stable-security; urgency=high Fixes a buffer overflow for mod_radius, found in 1.2.10 and missed before releasing. http://www.securityfocus.com/bid/16535 http://bugs.proftpd.org/show_bug.cgi?id=2658 Patch: 35.CVE_2005_4816 stable/main/binary-ia64/proftpd-common_1.2.10-15sarge4_ia64.deb stable/main/binary-ia64/proftpd-ldap_1.2.10-15sarge4_ia64.deb stable/main/binary-ia64/proftpd_1.2.10-15sarge4_ia64.deb stable/main/binary-ia64/proftpd-mysql_1.2.10-15sarge4_ia64.deb stable/main/binary-ia64/proftpd-pgsql_1.2.10-15sarge4_ia64.deb proftpd (1.2.10-15sarge4) stable-security; urgency=high Fixes a buffer overflow for mod_radius, found in 1.2.10 and missed before releasing. http://www.securityfocus.com/bid/16535 http://bugs.proftpd.org/show_bug.cgi?id=2658 Patch: 35.CVE_2005_4816 stable/main/binary-hppa/proftpd-pgsql_1.2.10-15sarge4_hppa.deb stable/main/binary-hppa/proftpd-ldap_1.2.10-15sarge4_hppa.deb stable/main/binary-hppa/proftpd-common_1.2.10-15sarge4_hppa.deb stable/main/binary-hppa/proftpd_1.2.10-15sarge4_hppa.deb stable/main/binary-hppa/proftpd-mysql_1.2.10-15sarge4_hppa.deb proftpd (1.2.10-15sarge4) stable-security; urgency=high Fixes a buffer overflow for mod_radius, found in 1.2.10 and missed before releasing. http://www.securityfocus.com/bid/16535 http://bugs.proftpd.org/show_bug.cgi?id=2658 Patch: 35.CVE_2005_4816 stable/main/binary-arm/proftpd_1.2.10-15sarge4_arm.deb stable/main/binary-arm/proftpd-ldap_1.2.10-15sarge4_arm.deb stable/main/binary-arm/proftpd-mysql_1.2.10-15sarge4_arm.deb stable/main/binary-arm/proftpd-pgsql_1.2.10-15sarge4_arm.deb stable/main/binary-arm/proftpd-common_1.2.10-15sarge4_arm.deb proftpd (1.2.10-15sarge4) stable-security; urgency=high Fixes a buffer overflow for mod_radius, found in 1.2.10 and missed before releasing. http://www.securityfocus.com/bid/16535 http://bugs.proftpd.org/show_bug.cgi?id=2658 Patch: 35.CVE_2005_4816 stable/main/binary-alpha/proftpd-ldap_1.2.10-15sarge4_alpha.deb stable/main/binary-alpha/proftpd_1.2.10-15sarge4_alpha.deb stable/main/binary-alpha/proftpd-mysql_1.2.10-15sarge4_alpha.deb stable/main/binary-alpha/proftpd-pgsql_1.2.10-15sarge4_alpha.deb stable/main/binary-alpha/proftpd-common_1.2.10-15sarge4_alpha.deb proftpd (1.2.10-15sarge4) stable-security; urgency=high Fixes a buffer overflow for mod_radius, found in 1.2.10 and missed before releasing. http://www.securityfocus.com/bid/16535 http://bugs.proftpd.org/show_bug.cgi?id=2658 Patch: 35.CVE_2005_4816 stable/main/binary-all/proftpd-doc_1.2.10-15sarge4_all.deb stable/main/source/proftpd_1.2.10-15sarge4.diff.gz stable/main/source/proftpd_1.2.10-15sarge4.dsc stable/main/binary-i386/proftpd-mysql_1.2.10-15sarge4_i386.deb stable/main/binary-i386/proftpd_1.2.10-15sarge4_i386.deb stable/main/binary-i386/proftpd-pgsql_1.2.10-15sarge4_i386.deb stable/main/binary-i386/proftpd-ldap_1.2.10-15sarge4_i386.deb stable/main/binary-i386/proftpd-common_1.2.10-15sarge4_i386.deb proftpd (1.2.10-15sarge4) stable-security; urgency=high Fixes a buffer overflow for mod_radius, found in 1.2.10 and missed before releasing. http://www.securityfocus.com/bid/16535 http://bugs.proftpd.org/show_bug.cgi?id=2658 Patch: 35.CVE_2005_4816 stable/main/binary-sparc/postgresql-contrib_7.4.7-6sarge4_sparc.deb stable/main/binary-sparc/postgresql-dev_7.4.7-6sarge4_sparc.deb stable/main/binary-sparc/libpgtcl_7.4.7-6sarge4_sparc.deb stable/main/binary-sparc/libpgtcl-dev_7.4.7-6sarge4_sparc.deb stable/main/binary-sparc/libecpg-dev_7.4.7-6sarge4_sparc.deb stable/main/binary-sparc/libpq3_7.4.7-6sarge4_sparc.deb stable/main/binary-sparc/postgresql-client_7.4.7-6sarge4_sparc.deb stable/main/binary-sparc/libecpg4_7.4.7-6sarge4_sparc.deb stable/main/binary-sparc/postgresql_7.4.7-6sarge4_sparc.deb postgresql (7.4.7-6sarge4) stable-security; urgency=low * SECURITY UPDATE: Read out arbitrary memory locations from the server, local DoS. * Add debian/patches/60sql_fun_typecheck.patch: - Repair insufficiently careful type checking for SQL-language functions. Not only can one trivially crash the backend, but with appropriate misuse of pass-by-reference datatypes it is possible to read out arbitrary locations in the server process's memory, which could allow retrieving database content the user should not be able to see. - Discovered by Jeff Trout. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/functions.c.diff?r1=1.75.2.1;r2=1.75.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/optimizer/util/clauses.c.diff?r1=1.154.2.4;r2=1.154.2.5 - CVE-2007-0555 * Add debian/patches/61max_utf8_wchar_len.patch: - Update various string functions to support the maximum UTF-8 sequence length for 4-byte character set to prevent buffer overflows. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/wchar.c.diff?r1=1.34.2.2;r2=1.34.2.3 stable/main/binary-s390/libecpg-dev_7.4.7-6sarge4_s390.deb stable/main/binary-s390/postgresql_7.4.7-6sarge4_s390.deb stable/main/binary-s390/postgresql-dev_7.4.7-6sarge4_s390.deb stable/main/binary-s390/postgresql-client_7.4.7-6sarge4_s390.deb stable/main/binary-s390/postgresql-contrib_7.4.7-6sarge4_s390.deb stable/main/binary-s390/libecpg4_7.4.7-6sarge4_s390.deb stable/main/binary-s390/libpq3_7.4.7-6sarge4_s390.deb stable/main/binary-s390/libpgtcl-dev_7.4.7-6sarge4_s390.deb stable/main/binary-s390/libpgtcl_7.4.7-6sarge4_s390.deb postgresql (7.4.7-6sarge4) stable-security; urgency=low * SECURITY UPDATE: Read out arbitrary memory locations from the server, local DoS. * Add debian/patches/60sql_fun_typecheck.patch: - Repair insufficiently careful type checking for SQL-language functions. Not only can one trivially crash the backend, but with appropriate misuse of pass-by-reference datatypes it is possible to read out arbitrary locations in the server process's memory, which could allow retrieving database content the user should not be able to see. - Discovered by Jeff Trout. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/functions.c.diff?r1=1.75.2.1;r2=1.75.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/optimizer/util/clauses.c.diff?r1=1.154.2.4;r2=1.154.2.5 - CVE-2007-0555 * Add debian/patches/61max_utf8_wchar_len.patch: - Update various string functions to support the maximum UTF-8 sequence length for 4-byte character set to prevent buffer overflows. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/wchar.c.diff?r1=1.34.2.2;r2=1.34.2.3 stable/main/binary-powerpc/libpq3_7.4.7-6sarge4_powerpc.deb stable/main/binary-powerpc/postgresql-contrib_7.4.7-6sarge4_powerpc.deb stable/main/binary-powerpc/postgresql-dev_7.4.7-6sarge4_powerpc.deb stable/main/binary-powerpc/libecpg4_7.4.7-6sarge4_powerpc.deb stable/main/binary-powerpc/postgresql-client_7.4.7-6sarge4_powerpc.deb stable/main/binary-powerpc/libecpg-dev_7.4.7-6sarge4_powerpc.deb stable/main/binary-powerpc/libpgtcl-dev_7.4.7-6sarge4_powerpc.deb stable/main/binary-powerpc/libpgtcl_7.4.7-6sarge4_powerpc.deb stable/main/binary-powerpc/postgresql_7.4.7-6sarge4_powerpc.deb postgresql (7.4.7-6sarge4) stable-security; urgency=low * SECURITY UPDATE: Read out arbitrary memory locations from the server, local DoS. * Add debian/patches/60sql_fun_typecheck.patch: - Repair insufficiently careful type checking for SQL-language functions. Not only can one trivially crash the backend, but with appropriate misuse of pass-by-reference datatypes it is possible to read out arbitrary locations in the server process's memory, which could allow retrieving database content the user should not be able to see. - Discovered by Jeff Trout. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/functions.c.diff?r1=1.75.2.1;r2=1.75.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/optimizer/util/clauses.c.diff?r1=1.154.2.4;r2=1.154.2.5 - CVE-2007-0555 * Add debian/patches/61max_utf8_wchar_len.patch: - Update various string functions to support the maximum UTF-8 sequence length for 4-byte character set to prevent buffer overflows. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/wchar.c.diff?r1=1.34.2.2;r2=1.34.2.3 stable/main/binary-mipsel/postgresql-client_7.4.7-6sarge4_mipsel.deb stable/main/binary-mipsel/libecpg4_7.4.7-6sarge4_mipsel.deb stable/main/binary-mipsel/libpgtcl_7.4.7-6sarge4_mipsel.deb stable/main/binary-mipsel/postgresql-dev_7.4.7-6sarge4_mipsel.deb stable/main/binary-mipsel/libecpg-dev_7.4.7-6sarge4_mipsel.deb stable/main/binary-mipsel/postgresql-contrib_7.4.7-6sarge4_mipsel.deb stable/main/binary-mipsel/libpgtcl-dev_7.4.7-6sarge4_mipsel.deb stable/main/binary-mipsel/libpq3_7.4.7-6sarge4_mipsel.deb stable/main/binary-mipsel/postgresql_7.4.7-6sarge4_mipsel.deb postgresql (7.4.7-6sarge4) stable-security; urgency=low * SECURITY UPDATE: Read out arbitrary memory locations from the server, local DoS. * Add debian/patches/60sql_fun_typecheck.patch: - Repair insufficiently careful type checking for SQL-language functions. Not only can one trivially crash the backend, but with appropriate misuse of pass-by-reference datatypes it is possible to read out arbitrary locations in the server process's memory, which could allow retrieving database content the user should not be able to see. - Discovered by Jeff Trout. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/functions.c.diff?r1=1.75.2.1;r2=1.75.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/optimizer/util/clauses.c.diff?r1=1.154.2.4;r2=1.154.2.5 - CVE-2007-0555 * Add debian/patches/61max_utf8_wchar_len.patch: - Update various string functions to support the maximum UTF-8 sequence length for 4-byte character set to prevent buffer overflows. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/wchar.c.diff?r1=1.34.2.2;r2=1.34.2.3 stable/main/binary-mips/libpq3_7.4.7-6sarge4_mips.deb stable/main/binary-mips/postgresql_7.4.7-6sarge4_mips.deb stable/main/binary-mips/libecpg-dev_7.4.7-6sarge4_mips.deb stable/main/binary-mips/postgresql-client_7.4.7-6sarge4_mips.deb stable/main/binary-mips/libpgtcl-dev_7.4.7-6sarge4_mips.deb stable/main/binary-mips/postgresql-dev_7.4.7-6sarge4_mips.deb stable/main/binary-mips/postgresql-contrib_7.4.7-6sarge4_mips.deb stable/main/binary-mips/libecpg4_7.4.7-6sarge4_mips.deb stable/main/binary-mips/libpgtcl_7.4.7-6sarge4_mips.deb postgresql (7.4.7-6sarge4) stable-security; urgency=low * SECURITY UPDATE: Read out arbitrary memory locations from the server, local DoS. * Add debian/patches/60sql_fun_typecheck.patch: - Repair insufficiently careful type checking for SQL-language functions. Not only can one trivially crash the backend, but with appropriate misuse of pass-by-reference datatypes it is possible to read out arbitrary locations in the server process's memory, which could allow retrieving database content the user should not be able to see. - Discovered by Jeff Trout. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/functions.c.diff?r1=1.75.2.1;r2=1.75.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/optimizer/util/clauses.c.diff?r1=1.154.2.4;r2=1.154.2.5 - CVE-2007-0555 * Add debian/patches/61max_utf8_wchar_len.patch: - Update various string functions to support the maximum UTF-8 sequence length for 4-byte character set to prevent buffer overflows. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/wchar.c.diff?r1=1.34.2.2;r2=1.34.2.3 stable/main/binary-m68k/postgresql-dev_7.4.7-6sarge4_m68k.deb stable/main/binary-m68k/libpgtcl_7.4.7-6sarge4_m68k.deb stable/main/binary-m68k/libpq3_7.4.7-6sarge4_m68k.deb stable/main/binary-m68k/libecpg4_7.4.7-6sarge4_m68k.deb stable/main/binary-m68k/postgresql_7.4.7-6sarge4_m68k.deb stable/main/binary-m68k/postgresql-client_7.4.7-6sarge4_m68k.deb stable/main/binary-m68k/libecpg-dev_7.4.7-6sarge4_m68k.deb stable/main/binary-m68k/postgresql-contrib_7.4.7-6sarge4_m68k.deb stable/main/binary-m68k/libpgtcl-dev_7.4.7-6sarge4_m68k.deb postgresql (7.4.7-6sarge4) stable-security; urgency=low * SECURITY UPDATE: Read out arbitrary memory locations from the server, local DoS. * Add debian/patches/60sql_fun_typecheck.patch: - Repair insufficiently careful type checking for SQL-language functions. Not only can one trivially crash the backend, but with appropriate misuse of pass-by-reference datatypes it is possible to read out arbitrary locations in the server process's memory, which could allow retrieving database content the user should not be able to see. - Discovered by Jeff Trout. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/functions.c.diff?r1=1.75.2.1;r2=1.75.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/optimizer/util/clauses.c.diff?r1=1.154.2.4;r2=1.154.2.5 - CVE-2007-0555 * Add debian/patches/61max_utf8_wchar_len.patch: - Update various string functions to support the maximum UTF-8 sequence length for 4-byte character set to prevent buffer overflows. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/wchar.c.diff?r1=1.34.2.2;r2=1.34.2.3 stable/main/binary-ia64/libpq3_7.4.7-6sarge4_ia64.deb stable/main/binary-ia64/postgresql_7.4.7-6sarge4_ia64.deb stable/main/binary-ia64/libecpg-dev_7.4.7-6sarge4_ia64.deb stable/main/binary-ia64/postgresql-contrib_7.4.7-6sarge4_ia64.deb stable/main/binary-ia64/libecpg4_7.4.7-6sarge4_ia64.deb stable/main/binary-ia64/libpgtcl_7.4.7-6sarge4_ia64.deb stable/main/binary-ia64/libpgtcl-dev_7.4.7-6sarge4_ia64.deb stable/main/binary-ia64/postgresql-dev_7.4.7-6sarge4_ia64.deb stable/main/binary-ia64/postgresql-client_7.4.7-6sarge4_ia64.deb postgresql (7.4.7-6sarge4) stable-security; urgency=low * SECURITY UPDATE: Read out arbitrary memory locations from the server, local DoS. * Add debian/patches/60sql_fun_typecheck.patch: - Repair insufficiently careful type checking for SQL-language functions. Not only can one trivially crash the backend, but with appropriate misuse of pass-by-reference datatypes it is possible to read out arbitrary locations in the server process's memory, which could allow retrieving database content the user should not be able to see. - Discovered by Jeff Trout. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/functions.c.diff?r1=1.75.2.1;r2=1.75.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/optimizer/util/clauses.c.diff?r1=1.154.2.4;r2=1.154.2.5 - CVE-2007-0555 * Add debian/patches/61max_utf8_wchar_len.patch: - Update various string functions to support the maximum UTF-8 sequence length for 4-byte character set to prevent buffer overflows. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/wchar.c.diff?r1=1.34.2.2;r2=1.34.2.3 stable/main/binary-hppa/libpgtcl_7.4.7-6sarge4_hppa.deb stable/main/binary-hppa/libecpg4_7.4.7-6sarge4_hppa.deb stable/main/binary-hppa/postgresql-dev_7.4.7-6sarge4_hppa.deb stable/main/binary-hppa/libpq3_7.4.7-6sarge4_hppa.deb stable/main/binary-hppa/postgresql_7.4.7-6sarge4_hppa.deb stable/main/binary-hppa/postgresql-client_7.4.7-6sarge4_hppa.deb stable/main/binary-hppa/postgresql-contrib_7.4.7-6sarge4_hppa.deb stable/main/binary-hppa/libpgtcl-dev_7.4.7-6sarge4_hppa.deb stable/main/binary-hppa/libecpg-dev_7.4.7-6sarge4_hppa.deb postgresql (7.4.7-6sarge4) stable-security; urgency=low * SECURITY UPDATE: Read out arbitrary memory locations from the server, local DoS. * Add debian/patches/60sql_fun_typecheck.patch: - Repair insufficiently careful type checking for SQL-language functions. Not only can one trivially crash the backend, but with appropriate misuse of pass-by-reference datatypes it is possible to read out arbitrary locations in the server process's memory, which could allow retrieving database content the user should not be able to see. - Discovered by Jeff Trout. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/functions.c.diff?r1=1.75.2.1;r2=1.75.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/optimizer/util/clauses.c.diff?r1=1.154.2.4;r2=1.154.2.5 - CVE-2007-0555 * Add debian/patches/61max_utf8_wchar_len.patch: - Update various string functions to support the maximum UTF-8 sequence length for 4-byte character set to prevent buffer overflows. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/wchar.c.diff?r1=1.34.2.2;r2=1.34.2.3 stable/main/binary-arm/postgresql_7.4.7-6sarge4_arm.deb stable/main/binary-arm/postgresql-dev_7.4.7-6sarge4_arm.deb stable/main/binary-arm/libecpg-dev_7.4.7-6sarge4_arm.deb stable/main/binary-arm/libpgtcl_7.4.7-6sarge4_arm.deb stable/main/binary-arm/libpq3_7.4.7-6sarge4_arm.deb stable/main/binary-arm/libpgtcl-dev_7.4.7-6sarge4_arm.deb stable/main/binary-arm/postgresql-contrib_7.4.7-6sarge4_arm.deb stable/main/binary-arm/libecpg4_7.4.7-6sarge4_arm.deb stable/main/binary-arm/postgresql-client_7.4.7-6sarge4_arm.deb postgresql (7.4.7-6sarge4) stable-security; urgency=low * SECURITY UPDATE: Read out arbitrary memory locations from the server, local DoS. * Add debian/patches/60sql_fun_typecheck.patch: - Repair insufficiently careful type checking for SQL-language functions. Not only can one trivially crash the backend, but with appropriate misuse of pass-by-reference datatypes it is possible to read out arbitrary locations in the server process's memory, which could allow retrieving database content the user should not be able to see. - Discovered by Jeff Trout. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/functions.c.diff?r1=1.75.2.1;r2=1.75.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/optimizer/util/clauses.c.diff?r1=1.154.2.4;r2=1.154.2.5 - CVE-2007-0555 * Add debian/patches/61max_utf8_wchar_len.patch: - Update various string functions to support the maximum UTF-8 sequence length for 4-byte character set to prevent buffer overflows. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/wchar.c.diff?r1=1.34.2.2;r2=1.34.2.3 stable/main/binary-alpha/postgresql_7.4.7-6sarge4_alpha.deb stable/main/binary-alpha/libpgtcl_7.4.7-6sarge4_alpha.deb stable/main/binary-alpha/postgresql-dev_7.4.7-6sarge4_alpha.deb stable/main/binary-alpha/libpq3_7.4.7-6sarge4_alpha.deb stable/main/binary-alpha/libpgtcl-dev_7.4.7-6sarge4_alpha.deb stable/main/binary-alpha/libecpg4_7.4.7-6sarge4_alpha.deb stable/main/binary-alpha/postgresql-client_7.4.7-6sarge4_alpha.deb stable/main/binary-alpha/postgresql-contrib_7.4.7-6sarge4_alpha.deb stable/main/binary-alpha/libecpg-dev_7.4.7-6sarge4_alpha.deb postgresql (7.4.7-6sarge4) stable-security; urgency=low * SECURITY UPDATE: Read out arbitrary memory locations from the server, local DoS. * Add debian/patches/60sql_fun_typecheck.patch: - Repair insufficiently careful type checking for SQL-language functions. Not only can one trivially crash the backend, but with appropriate misuse of pass-by-reference datatypes it is possible to read out arbitrary locations in the server process's memory, which could allow retrieving database content the user should not be able to see. - Discovered by Jeff Trout. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/functions.c.diff?r1=1.75.2.1;r2=1.75.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/optimizer/util/clauses.c.diff?r1=1.154.2.4;r2=1.154.2.5 - CVE-2007-0555 * Add debian/patches/61max_utf8_wchar_len.patch: - Update various string functions to support the maximum UTF-8 sequence length for 4-byte character set to prevent buffer overflows. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/wchar.c.diff?r1=1.34.2.2;r2=1.34.2.3 stable/main/source/postgresql_7.4.7-6sarge4.dsc stable/main/binary-i386/libpgtcl_7.4.7-6sarge4_i386.deb stable/main/binary-i386/libecpg-dev_7.4.7-6sarge4_i386.deb stable/main/binary-i386/postgresql-contrib_7.4.7-6sarge4_i386.deb stable/main/binary-i386/libpq3_7.4.7-6sarge4_i386.deb stable/main/binary-i386/postgresql-client_7.4.7-6sarge4_i386.deb stable/main/binary-i386/libecpg4_7.4.7-6sarge4_i386.deb stable/main/binary-i386/postgresql_7.4.7-6sarge4_i386.deb stable/main/binary-i386/libpgtcl-dev_7.4.7-6sarge4_i386.deb stable/main/source/postgresql_7.4.7-6sarge4.diff.gz stable/main/binary-i386/postgresql-dev_7.4.7-6sarge4_i386.deb stable/main/binary-all/postgresql-doc_7.4.7-6sarge4_all.deb postgresql (7.4.7-6sarge4) stable-security; urgency=low * SECURITY UPDATE: Read out arbitrary memory locations from the server, local DoS. * Add debian/patches/60sql_fun_typecheck.patch: - Repair insufficiently careful type checking for SQL-language functions. Not only can one trivially crash the backend, but with appropriate misuse of pass-by-reference datatypes it is possible to read out arbitrary locations in the server process's memory, which could allow retrieving database content the user should not be able to see. - Discovered by Jeff Trout. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/executor/functions.c.diff?r1=1.75.2.1;r2=1.75.2.2 http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/optimizer/util/clauses.c.diff?r1=1.154.2.4;r2=1.154.2.5 - CVE-2007-0555 * Add debian/patches/61max_utf8_wchar_len.patch: - Update various string functions to support the maximum UTF-8 sequence length for 4-byte character set to prevent buffer overflows. - Patch backported from 7.4.16 from CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/mb/wchar.c.diff?r1=1.34.2.2;r2=1.34.2.3 stable/main/binary-sparc/pinball_0.3.1-3.sarge1_sparc.deb stable/main/binary-sparc/pinball-dev_0.3.1-3.sarge1_sparc.deb pinball (0.3.1-3.sarge1) stable; urgency=high * Non-maintainer upload by the Stable Release team. * Fix uninstallability on powerpc. stable/main/binary-s390/pinball-dev_0.3.1-3.sarge1_s390.deb stable/main/binary-s390/pinball_0.3.1-3.sarge1_s390.deb pinball (0.3.1-3.sarge1) stable; urgency=high * Non-maintainer upload by the Stable Release team. * Fix uninstallability on powerpc. stable/main/binary-powerpc/pinball_0.3.1-3.sarge1_powerpc.deb stable/main/binary-powerpc/pinball-dev_0.3.1-3.sarge1_powerpc.deb pinball (0.3.1-3.sarge1) stable; urgency=high * Non-maintainer upload by the Stable Release team. * Fix uninstallability on powerpc. stable/main/binary-mipsel/pinball-dev_0.3.1-3.sarge1_mipsel.deb stable/main/binary-mipsel/pinball_0.3.1-3.sarge1_mipsel.deb pinball (0.3.1-3.sarge1) stable; urgency=high * Non-maintainer upload by the Stable Release team. * Fix uninstallability on powerpc. stable/main/binary-mips/pinball_0.3.1-3.sarge1_mips.deb stable/main/binary-mips/pinball-dev_0.3.1-3.sarge1_mips.deb pinball (0.3.1-3.sarge1) stable; urgency=high * Non-maintainer upload by the Stable Release team. * Fix uninstallability on powerpc. stable/main/binary-m68k/pinball-dev_0.3.1-3.sarge1_m68k.deb stable/main/binary-m68k/pinball_0.3.1-3.sarge1_m68k.deb pinball (0.3.1-3.sarge1) stable; urgency=high * Non-maintainer upload by the Stable Release team. * Fix uninstallability on powerpc. stable/main/binary-ia64/pinball_0.3.1-3.sarge1_ia64.deb stable/main/binary-ia64/pinball-dev_0.3.1-3.sarge1_ia64.deb pinball (0.3.1-3.sarge1) stable; urgency=high * Non-maintainer upload by the Stable Release team. * Fix uninstallability on powerpc. stable/main/binary-hppa/pinball-dev_0.3.1-3.sarge1_hppa.deb stable/main/binary-hppa/pinball_0.3.1-3.sarge1_hppa.deb pinball (0.3.1-3.sarge1) stable; urgency=high * Non-maintainer upload by the Stable Release team. * Fix uninstallability on powerpc. stable/main/binary-arm/pinball-dev_0.3.1-3.sarge1_arm.deb stable/main/binary-arm/pinball_0.3.1-3.sarge1_arm.deb pinball (0.3.1-3.sarge1) stable; urgency=high * Non-maintainer upload by the Stable Release team. * Fix uninstallability on powerpc. stable/main/binary-alpha/pinball_0.3.1-3.sarge1_alpha.deb stable/main/binary-alpha/pinball-dev_0.3.1-3.sarge1_alpha.deb pinball (0.3.1-3.sarge1) stable; urgency=high * Non-maintainer upload by the Stable Release team. * Fix uninstallability on powerpc. stable/main/source/pinball_0.3.1-3.sarge1.dsc stable/main/binary-all/pinball-data_0.3.1-3.sarge1_all.deb stable/main/binary-i386/pinball_0.3.1-3.sarge1_i386.deb stable/main/source/pinball_0.3.1-3.sarge1.diff.gz stable/main/binary-i386/pinball-dev_0.3.1-3.sarge1_i386.deb pinball (0.3.1-3.sarge1) stable; urgency=high * Non-maintainer upload by the Stable Release team. * Fix uninstallability on powerpc. stable/main/source/phpmyadmin_2.6.2-3sarge3.dsc stable/main/binary-all/phpmyadmin_2.6.2-3sarge3_all.deb stable/main/source/phpmyadmin_2.6.2-3sarge3.diff.gz phpmyadmin (4:2.6.2-3sarge3) stable-security; urgency=high * Upload targeted at sarge to fix regression in security update. * Fix broken style sheets in PMASA-2006-5.patch (Closes: #397855). * Fix missing _import_blacklist in 104-bug_PMASA-2006-5.patch (Closes: #397992) stable/main/binary-sparc/php4-imap_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-odbc_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-recode_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-cli_4.3.10-18_sparc.deb stable/main/binary-sparc/libapache-mod-php4_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-cgi_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-domxml_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-snmp_4.3.10-18_sparc.deb stable/main/binary-sparc/libapache2-mod-php4_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-xslt_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-mysql_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-sybase_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-curl_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-dev_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-mhash_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-mcal_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-gd_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-ldap_4.3.10-18_sparc.deb stable/main/binary-sparc/php4-common_4.3.10-18_sparc.deb php4 (4:4.3.10-18) stable-security; urgency=high * NMU by the Security Team: * Fix buffer overflows in htmlentities() and htmlspecialchars() (CVE-2006-5465) stable/main/binary-s390/php4-mhash_4.3.10-18_s390.deb stable/main/binary-s390/php4-common_4.3.10-18_s390.deb stable/main/binary-s390/libapache-mod-php4_4.3.10-18_s390.deb stable/main/binary-s390/php4-gd_4.3.10-18_s390.deb stable/main/binary-s390/libapache2-mod-php4_4.3.10-18_s390.deb stable/main/binary-s390/php4-mysql_4.3.10-18_s390.deb stable/main/binary-s390/php4-cli_4.3.10-18_s390.deb stable/main/binary-s390/php4-curl_4.3.10-18_s390.deb stable/main/binary-s390/php4-domxml_4.3.10-18_s390.deb stable/main/binary-s390/php4-mcal_4.3.10-18_s390.deb stable/main/binary-s390/php4-ldap_4.3.10-18_s390.deb stable/main/binary-s390/php4-imap_4.3.10-18_s390.deb stable/main/binary-s390/php4-xslt_4.3.10-18_s390.deb stable/main/binary-s390/php4-dev_4.3.10-18_s390.deb stable/main/binary-s390/php4-odbc_4.3.10-18_s390.deb stable/main/binary-s390/php4-recode_4.3.10-18_s390.deb stable/main/binary-s390/php4-sybase_4.3.10-18_s390.deb stable/main/binary-s390/php4-cgi_4.3.10-18_s390.deb stable/main/binary-s390/php4-snmp_4.3.10-18_s390.deb php4 (4:4.3.10-18) stable-security; urgency=high * NMU by the Security Team: * Fix buffer overflows in htmlentities() and htmlspecialchars() (CVE-2006-5465) stable/main/binary-powerpc/php4-snmp_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-gd_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-ldap_4.3.10-18_powerpc.deb stable/main/binary-powerpc/libapache2-mod-php4_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-curl_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-odbc_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-xslt_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-sybase_4.3.10-18_powerpc.deb stable/main/binary-powerpc/libapache-mod-php4_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-dev_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-common_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-mcal_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-mhash_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-domxml_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-cgi_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-mysql_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-imap_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-recode_4.3.10-18_powerpc.deb stable/main/binary-powerpc/php4-cli_4.3.10-18_powerpc.deb php4 (4:4.3.10-18) stable-security; urgency=high * NMU by the Security Team: * Fix buffer overflows in htmlentities() and htmlspecialchars() (CVE-2006-5465) stable/main/binary-mipsel/php4-mhash_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-common_4.3.10-18_mipsel.deb stable/main/binary-mipsel/libapache-mod-php4_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-imap_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-mcal_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-domxml_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-recode_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-cgi_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-mysql_4.3.10-18_mipsel.deb stable/main/binary-mipsel/libapache2-mod-php4_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-ldap_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-curl_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-sybase_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-odbc_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-dev_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-snmp_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-xslt_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-cli_4.3.10-18_mipsel.deb stable/main/binary-mipsel/php4-gd_4.3.10-18_mipsel.deb php4 (4:4.3.10-18) stable-security; urgency=high * NMU by the Security Team: * Fix buffer overflows in htmlentities() and htmlspecialchars() (CVE-2006-5465) stable/main/binary-mips/php4-common_4.3.10-18_mips.deb stable/main/binary-mips/libapache-mod-php4_4.3.10-18_mips.deb stable/main/binary-mips/php4-imap_4.3.10-18_mips.deb stable/main/binary-mips/php4-curl_4.3.10-18_mips.deb stable/main/binary-mips/php4-mcal_4.3.10-18_mips.deb stable/main/binary-mips/php4-domxml_4.3.10-18_mips.deb stable/main/binary-mips/php4-cli_4.3.10-18_mips.deb stable/main/binary-mips/php4-snmp_4.3.10-18_mips.deb stable/main/binary-mips/php4-ldap_4.3.10-18_mips.deb stable/main/binary-mips/php4-cgi_4.3.10-18_mips.deb stable/main/binary-mips/php4-sybase_4.3.10-18_mips.deb stable/main/binary-mips/php4-xslt_4.3.10-18_mips.deb stable/main/binary-mips/php4-gd_4.3.10-18_mips.deb stable/main/binary-mips/php4-mysql_4.3.10-18_mips.deb stable/main/binary-mips/php4-mhash_4.3.10-18_mips.deb stable/main/binary-mips/php4-dev_4.3.10-18_mips.deb stable/main/binary-mips/php4-odbc_4.3.10-18_mips.deb stable/main/binary-mips/php4-recode_4.3.10-18_mips.deb stable/main/binary-mips/libapache2-mod-php4_4.3.10-18_mips.deb php4 (4:4.3.10-18) stable-security; urgency=high * NMU by the Security Team: * Fix buffer overflows in htmlentities() and htmlspecialchars() (CVE-2006-5465) stable/main/binary-m68k/php4-gd_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-mcal_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-recode_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-snmp_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-sybase_4.3.10-18_m68k.deb stable/main/binary-m68k/libapache-mod-php4_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-cli_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-dev_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-domxml_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-odbc_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-xslt_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-common_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-cgi_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-mysql_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-curl_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-ldap_4.3.10-18_m68k.deb stable/main/binary-m68k/libapache2-mod-php4_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-mhash_4.3.10-18_m68k.deb stable/main/binary-m68k/php4-imap_4.3.10-18_m68k.deb php4 (4:4.3.10-18) stable-security; urgency=high * NMU by the Security Team: * Fix buffer overflows in htmlentities() and htmlspecialchars() (CVE-2006-5465) stable/main/binary-ia64/php4-common_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-dev_4.3.10-18_ia64.deb stable/main/binary-ia64/libapache-mod-php4_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-sybase_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-cgi_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-xslt_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-domxml_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-mysql_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-gd_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-cli_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-mhash_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-curl_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-mcal_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-imap_4.3.10-18_ia64.deb stable/main/binary-ia64/libapache2-mod-php4_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-odbc_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-recode_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-ldap_4.3.10-18_ia64.deb stable/main/binary-ia64/php4-snmp_4.3.10-18_ia64.deb php4 (4:4.3.10-18) stable-security; urgency=high * NMU by the Security Team: * Fix buffer overflows in htmlentities() and htmlspecialchars() (CVE-2006-5465) stable/main/binary-hppa/libapache2-mod-php4_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-gd_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-ldap_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-imap_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-xslt_4.3.10-18_hppa.deb stable/main/binary-hppa/libapache-mod-php4_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-dev_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-mhash_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-mysql_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-cgi_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-common_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-mcal_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-odbc_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-recode_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-cli_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-curl_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-domxml_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-sybase_4.3.10-18_hppa.deb stable/main/binary-hppa/php4-snmp_4.3.10-18_hppa.deb php4 (4:4.3.10-18) stable-security; urgency=high * NMU by the Security Team: * Fix buffer overflows in htmlentities() and htmlspecialchars() (CVE-2006-5465) stable/main/binary-arm/php4-cgi_4.3.10-18_arm.deb stable/main/binary-arm/php4-xslt_4.3.10-18_arm.deb stable/main/binary-arm/php4-mysql_4.3.10-18_arm.deb stable/main/binary-arm/php4-cli_4.3.10-18_arm.deb stable/main/binary-arm/php4-mcal_4.3.10-18_arm.deb stable/main/binary-arm/libapache2-mod-php4_4.3.10-18_arm.deb stable/main/binary-arm/php4-odbc_4.3.10-18_arm.deb stable/main/binary-arm/php4-recode_4.3.10-18_arm.deb stable/main/binary-arm/php4-common_4.3.10-18_arm.deb stable/main/binary-arm/libapache-mod-php4_4.3.10-18_arm.deb stable/main/binary-arm/php4-sybase_4.3.10-18_arm.deb stable/main/binary-arm/php4-snmp_4.3.10-18_arm.deb stable/main/binary-arm/php4-gd_4.3.10-18_arm.deb stable/main/binary-arm/php4-curl_4.3.10-18_arm.deb stable/main/binary-arm/php4-ldap_4.3.10-18_arm.deb stable/main/binary-arm/php4-domxml_4.3.10-18_arm.deb stable/main/binary-arm/php4-dev_4.3.10-18_arm.deb stable/main/binary-arm/php4-mhash_4.3.10-18_arm.deb stable/main/binary-arm/php4-imap_4.3.10-18_arm.deb php4 (4:4.3.10-18) stable-security; urgency=high * NMU by the Security Team: * Fix buffer overflows in htmlentities() and htmlspecialchars() (CVE-2006-5465) stable/main/binary-alpha/php4-cli_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-mhash_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-common_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-mcal_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-ldap_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-curl_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-gd_4.3.10-18_alpha.deb stable/main/binary-alpha/libapache2-mod-php4_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-cgi_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-sybase_4.3.10-18_alpha.deb stable/main/binary-alpha/libapache-mod-php4_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-imap_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-recode_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-mysql_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-xslt_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-dev_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-snmp_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-domxml_4.3.10-18_alpha.deb stable/main/binary-alpha/php4-odbc_4.3.10-18_alpha.deb php4 (4:4.3.10-18) stable-security; urgency=high * NMU by the Security Team: * Fix buffer overflows in htmlentities() and htmlspecialchars() (CVE-2006-5465) stable/main/binary-i386/php4-xslt_4.3.10-18_i386.deb stable/main/binary-i386/php4-curl_4.3.10-18_i386.deb stable/main/source/php4_4.3.10-18.diff.gz stable/main/binary-i386/php4-dev_4.3.10-18_i386.deb stable/main/binary-i386/php4-recode_4.3.10-18_i386.deb stable/main/binary-i386/libapache-mod-php4_4.3.10-18_i386.deb stable/main/binary-i386/php4-imap_4.3.10-18_i386.deb stable/main/binary-i386/php4-mcal_4.3.10-18_i386.deb stable/main/binary-i386/php4-snmp_4.3.10-18_i386.deb stable/main/source/php4_4.3.10-18.dsc stable/main/binary-i386/php4-sybase_4.3.10-18_i386.deb stable/main/binary-i386/libapache2-mod-php4_4.3.10-18_i386.deb stable/main/binary-i386/php4-cli_4.3.10-18_i386.deb stable/main/binary-i386/php4-cgi_4.3.10-18_i386.deb stable/main/binary-i386/php4-gd_4.3.10-18_i386.deb stable/main/binary-i386/php4-mysql_4.3.10-18_i386.deb stable/main/binary-all/php4-pear_4.3.10-18_all.deb stable/main/binary-i386/php4-odbc_4.3.10-18_i386.deb stable/main/binary-i386/php4-domxml_4.3.10-18_i386.deb stable/main/binary-i386/php4-mhash_4.3.10-18_i386.deb stable/main/binary-i386/php4-ldap_4.3.10-18_i386.deb stable/main/binary-all/php4_4.3.10-18_all.deb stable/main/binary-i386/php4-common_4.3.10-18_i386.deb php4 (4:4.3.10-18) stable-security; urgency=high * NMU by the Security Team: * Fix buffer overflows in htmlentities() and htmlspecialchars() (CVE-2006-5465) stable/main/binary-sparc/pdns-server_2.9.17-13sarge3_sparc.deb stable/main/binary-sparc/pdns-backend-geo_2.9.17-13sarge3_sparc.deb stable/main/binary-sparc/pdns-backend-sqlite_2.9.17-13sarge3_sparc.deb stable/main/binary-sparc/pdns-backend-pipe_2.9.17-13sarge3_sparc.deb stable/main/binary-sparc/pdns_2.9.17-13sarge3_sparc.deb stable/main/binary-sparc/pdns-backend-mysql_2.9.17-13sarge3_sparc.deb stable/main/binary-sparc/pdns-recursor_2.9.17-13sarge3_sparc.deb stable/main/binary-sparc/pdns-backend-ldap_2.9.17-13sarge3_sparc.deb stable/main/binary-sparc/pdns-backend-pgsql_2.9.17-13sarge3_sparc.deb pdns (2.9.17-13sarge3) stable-security; urgency=high * NMU by the Security Team: * Fix stack overflow in DNS recursor. stable/main/binary-s390/pdns_2.9.17-13sarge3_s390.deb stable/main/binary-s390/pdns-recursor_2.9.17-13sarge3_s390.deb stable/main/binary-s390/pdns-backend-pipe_2.9.17-13sarge3_s390.deb stable/main/binary-s390/pdns-backend-sqlite_2.9.17-13sarge3_s390.deb stable/main/binary-s390/pdns-backend-mysql_2.9.17-13sarge3_s390.deb stable/main/binary-s390/pdns-backend-geo_2.9.17-13sarge3_s390.deb stable/main/binary-s390/pdns-backend-pgsql_2.9.17-13sarge3_s390.deb stable/main/binary-s390/pdns-backend-ldap_2.9.17-13sarge3_s390.deb stable/main/binary-s390/pdns-server_2.9.17-13sarge3_s390.deb pdns (2.9.17-13sarge3) stable-security; urgency=high * NMU by the Security Team: * Fix stack overflow in DNS recursor. stable/main/binary-powerpc/pdns-backend-sqlite_2.9.17-13sarge3_powerpc.deb stable/main/binary-powerpc/pdns-backend-pgsql_2.9.17-13sarge3_powerpc.deb stable/main/binary-powerpc/pdns_2.9.17-13sarge3_powerpc.deb stable/main/binary-powerpc/pdns-backend-ldap_2.9.17-13sarge3_powerpc.deb stable/main/binary-powerpc/pdns-backend-geo_2.9.17-13sarge3_powerpc.deb stable/main/binary-powerpc/pdns-server_2.9.17-13sarge3_powerpc.deb stable/main/binary-powerpc/pdns-backend-pipe_2.9.17-13sarge3_powerpc.deb stable/main/binary-powerpc/pdns-backend-mysql_2.9.17-13sarge3_powerpc.deb stable/main/binary-powerpc/pdns-recursor_2.9.17-13sarge3_powerpc.deb pdns (2.9.17-13sarge3) stable-security; urgency=high * NMU by the Security Team: * Fix stack overflow in DNS recursor. stable/main/binary-mipsel/pdns_2.9.17-13sarge3_mipsel.deb stable/main/binary-mipsel/pdns-recursor_2.9.17-13sarge3_mipsel.deb stable/main/binary-mipsel/pdns-backend-pipe_2.9.17-13sarge3_mipsel.deb stable/main/binary-mipsel/pdns-server_2.9.17-13sarge3_mipsel.deb stable/main/binary-mipsel/pdns-backend-sqlite_2.9.17-13sarge3_mipsel.deb stable/main/binary-mipsel/pdns-backend-ldap_2.9.17-13sarge3_mipsel.deb stable/main/binary-mipsel/pdns-backend-mysql_2.9.17-13sarge3_mipsel.deb stable/main/binary-mipsel/pdns-backend-geo_2.9.17-13sarge3_mipsel.deb stable/main/binary-mipsel/pdns-backend-pgsql_2.9.17-13sarge3_mipsel.deb pdns (2.9.17-13sarge3) stable-security; urgency=high * NMU by the Security Team: * Fix stack overflow in DNS recursor. stable/main/binary-mips/pdns-backend-pipe_2.9.17-13sarge3_mips.deb stable/main/binary-mips/pdns-backend-ldap_2.9.17-13sarge3_mips.deb stable/main/binary-mips/pdns-backend-sqlite_2.9.17-13sarge3_mips.deb stable/main/binary-mips/pdns-recursor_2.9.17-13sarge3_mips.deb stable/main/binary-mips/pdns-backend-geo_2.9.17-13sarge3_mips.deb stable/main/binary-mips/pdns_2.9.17-13sarge3_mips.deb stable/main/binary-mips/pdns-server_2.9.17-13sarge3_mips.deb stable/main/binary-mips/pdns-backend-pgsql_2.9.17-13sarge3_mips.deb stable/main/binary-mips/pdns-backend-mysql_2.9.17-13sarge3_mips.deb pdns (2.9.17-13sarge3) stable-security; urgency=high * NMU by the Security Team: * Fix stack overflow in DNS recursor. stable/main/binary-m68k/pdns-backend-sqlite_2.9.17-13sarge3_m68k.deb stable/main/binary-m68k/pdns-backend-ldap_2.9.17-13sarge3_m68k.deb stable/main/binary-m68k/pdns-backend-mysql_2.9.17-13sarge3_m68k.deb stable/main/binary-m68k/pdns-backend-pgsql_2.9.17-13sarge3_m68k.deb stable/main/binary-m68k/pdns-backend-pipe_2.9.17-13sarge3_m68k.deb stable/main/binary-m68k/pdns-server_2.9.17-13sarge3_m68k.deb stable/main/binary-m68k/pdns-recursor_2.9.17-13sarge3_m68k.deb stable/main/binary-m68k/pdns_2.9.17-13sarge3_m68k.deb stable/main/binary-m68k/pdns-backend-geo_2.9.17-13sarge3_m68k.deb pdns (2.9.17-13sarge3) stable-security; urgency=high * NMU by the Security Team: * Fix stack overflow in DNS recursor. stable/main/binary-ia64/pdns-backend-ldap_2.9.17-13sarge3_ia64.deb stable/main/binary-ia64/pdns-backend-mysql_2.9.17-13sarge3_ia64.deb stable/main/binary-ia64/pdns-recursor_2.9.17-13sarge3_ia64.deb stable/main/binary-ia64/pdns-backend-pipe_2.9.17-13sarge3_ia64.deb stable/main/binary-ia64/pdns-backend-pgsql_2.9.17-13sarge3_ia64.deb stable/main/binary-ia64/pdns-backend-geo_2.9.17-13sarge3_ia64.deb stable/main/binary-ia64/pdns-backend-sqlite_2.9.17-13sarge3_ia64.deb stable/main/binary-ia64/pdns_2.9.17-13sarge3_ia64.deb stable/main/binary-ia64/pdns-server_2.9.17-13sarge3_ia64.deb pdns (2.9.17-13sarge3) stable-security; urgency=high * NMU by the Security Team: * Fix stack overflow in DNS recursor. stable/main/binary-hppa/pdns-backend-mysql_2.9.17-13sarge3_hppa.deb stable/main/binary-hppa/pdns_2.9.17-13sarge3_hppa.deb stable/main/binary-hppa/pdns-backend-pgsql_2.9.17-13sarge3_hppa.deb stable/main/binary-hppa/pdns-backend-geo_2.9.17-13sarge3_hppa.deb stable/main/binary-hppa/pdns-server_2.9.17-13sarge3_hppa.deb stable/main/binary-hppa/pdns-backend-pipe_2.9.17-13sarge3_hppa.deb stable/main/binary-hppa/pdns-recursor_2.9.17-13sarge3_hppa.deb stable/main/binary-hppa/pdns-backend-sqlite_2.9.17-13sarge3_hppa.deb stable/main/binary-hppa/pdns-backend-ldap_2.9.17-13sarge3_hppa.deb pdns (2.9.17-13sarge3) stable-security; urgency=high * NMU by the Security Team: * Fix stack overflow in DNS recursor. stable/main/binary-arm/pdns-backend-geo_2.9.17-13sarge3_arm.deb stable/main/binary-arm/pdns-backend-ldap_2.9.17-13sarge3_arm.deb stable/main/binary-arm/pdns-backend-pgsql_2.9.17-13sarge3_arm.deb stable/main/binary-arm/pdns-backend-mysql_2.9.17-13sarge3_arm.deb stable/main/binary-arm/pdns-recursor_2.9.17-13sarge3_arm.deb stable/main/binary-arm/pdns-backend-sqlite_2.9.17-13sarge3_arm.deb stable/main/binary-arm/pdns_2.9.17-13sarge3_arm.deb stable/main/binary-arm/pdns-backend-pipe_2.9.17-13sarge3_arm.deb stable/main/binary-arm/pdns-server_2.9.17-13sarge3_arm.deb pdns (2.9.17-13sarge3) stable-security; urgency=high * NMU by the Security Team: * Fix stack overflow in DNS recursor. stable/main/binary-alpha/pdns-backend-geo_2.9.17-13sarge3_alpha.deb stable/main/binary-alpha/pdns-backend-pgsql_2.9.17-13sarge3_alpha.deb stable/main/binary-alpha/pdns-recursor_2.9.17-13sarge3_alpha.deb stable/main/binary-alpha/pdns_2.9.17-13sarge3_alpha.deb stable/main/binary-alpha/pdns-backend-pipe_2.9.17-13sarge3_alpha.deb stable/main/binary-alpha/pdns-backend-sqlite_2.9.17-13sarge3_alpha.deb stable/main/binary-alpha/pdns-backend-mysql_2.9.17-13sarge3_alpha.deb stable/main/binary-alpha/pdns-server_2.9.17-13sarge3_alpha.deb stable/main/binary-alpha/pdns-backend-ldap_2.9.17-13sarge3_alpha.deb pdns (2.9.17-13sarge3) stable-security; urgency=high * NMU by the Security Team: * Fix stack overflow in DNS recursor. stable/main/binary-i386/pdns-server_2.9.17-13sarge3_i386.deb stable/main/binary-i386/pdns-backend-geo_2.9.17-13sarge3_i386.deb stable/main/source/pdns_2.9.17-13sarge3.diff.gz stable/main/binary-all/pdns-doc_2.9.17-13sarge3_all.deb stable/main/source/pdns_2.9.17-13sarge3.dsc stable/main/binary-i386/pdns-backend-mysql_2.9.17-13sarge3_i386.deb stable/main/binary-i386/pdns_2.9.17-13sarge3_i386.deb stable/main/binary-i386/pdns-backend-pgsql_2.9.17-13sarge3_i386.deb stable/main/binary-i386/pdns-backend-sqlite_2.9.17-13sarge3_i386.deb stable/main/binary-i386/pdns-backend-pipe_2.9.17-13sarge3_i386.deb stable/main/binary-i386/pdns-backend-ldap_2.9.17-13sarge3_i386.deb stable/main/binary-i386/pdns-recursor_2.9.17-13sarge3_i386.deb pdns (2.9.17-13sarge3) stable-security; urgency=high * NMU by the Security Team: * Fix stack overflow in DNS recursor. stable/main/binary-sparc/openvpn_2.0-1sarge4_sparc.deb openvpn (2.0-1sarge4) stable; urgency=low * Fixed bug in init.d script that made the restart action to fail, this was specially nasty when remotely upgrading the package through a VPN connection. (Reported in: #337951, #317339, #338162) stable/main/binary-s390/openvpn_2.0-1sarge4_s390.deb openvpn (2.0-1sarge4) stable; urgency=low * Fixed bug in init.d script that made the restart action to fail, this was specially nasty when remotely upgrading the package through a VPN connection. (Reported in: #337951, #317339, #338162) stable/main/binary-powerpc/openvpn_2.0-1sarge4_powerpc.deb openvpn (2.0-1sarge4) stable; urgency=low * Fixed bug in init.d script that made the restart action to fail, this was specially nasty when remotely upgrading the package through a VPN connection. (Reported in: #337951, #317339, #338162) stable/main/binary-mipsel/openvpn_2.0-1sarge4_mipsel.deb openvpn (2.0-1sarge4) stable; urgency=low * Fixed bug in init.d script that made the restart action to fail, this was specially nasty when remotely upgrading the package through a VPN connection. (Reported in: #337951, #317339, #338162) stable/main/binary-mips/openvpn_2.0-1sarge4_mips.deb openvpn (2.0-1sarge4) stable; urgency=low * Fixed bug in init.d script that made the restart action to fail, this was specially nasty when remotely upgrading the package through a VPN connection. (Reported in: #337951, #317339, #338162) stable/main/binary-m68k/openvpn_2.0-1sarge4_m68k.deb openvpn (2.0-1sarge4) stable; urgency=low * Fixed bug in init.d script that made the restart action to fail, this was specially nasty when remotely upgrading the package through a VPN connection. (Reported in: #337951, #317339, #338162) stable/main/binary-ia64/openvpn_2.0-1sarge4_ia64.deb openvpn (2.0-1sarge4) stable; urgency=low * Fixed bug in init.d script that made the restart action to fail, this was specially nasty when remotely upgrading the package through a VPN connection. (Reported in: #337951, #317339, #338162) stable/main/binary-hppa/openvpn_2.0-1sarge4_hppa.deb openvpn (2.0-1sarge4) stable; urgency=low * Fixed bug in init.d script that made the restart action to fail, this was specially nasty when remotely upgrading the package through a VPN connection. (Reported in: #337951, #317339, #338162) stable/main/binary-arm/openvpn_2.0-1sarge4_arm.deb openvpn (2.0-1sarge4) stable; urgency=low * Fixed bug in init.d script that made the restart action to fail, this was specially nasty when remotely upgrading the package through a VPN connection. (Reported in: #337951, #317339, #338162) stable/main/binary-alpha/openvpn_2.0-1sarge4_alpha.deb openvpn (2.0-1sarge4) stable; urgency=low * Fixed bug in init.d script that made the restart action to fail, this was specially nasty when remotely upgrading the package through a VPN connection. (Reported in: #337951, #317339, #338162) stable/main/binary-i386/openvpn_2.0-1sarge4_i386.deb stable/main/source/openvpn_2.0-1sarge4.diff.gz stable/main/source/openvpn_2.0-1sarge4.dsc openvpn (2.0-1sarge4) stable; urgency=low * Fixed bug in init.d script that made the restart action to fail, this was specially nasty when remotely upgrading the package through a VPN connection. (Reported in: #337951, #317339, #338162) stable/main/binary-sparc/ssh_3.8.1p1-8.sarge.6_sparc.deb stable/main/binary-sparc/openssh-server-udeb_3.8.1p1-8.sarge.6_sparc.udeb stable/main/binary-sparc/ssh-askpass-gnome_3.8.1p1-8.sarge.6_sparc.deb stable/main/binary-sparc/openssh-client-udeb_3.8.1p1-8.sarge.6_sparc.udeb openssh (1:3.8.1p1-8.sarge.6) stable-security; urgency=high * Non-maintainer upload by the Security team * Apply patch to correct a possible denial of service vulnerability caused by a signal handler race condition. CVE-2006-5051 stable/main/binary-s390/ssh-askpass-gnome_3.8.1p1-8.sarge.6_s390.deb stable/main/binary-s390/openssh-client-udeb_3.8.1p1-8.sarge.6_s390.udeb stable/main/binary-s390/ssh_3.8.1p1-8.sarge.6_s390.deb stable/main/binary-s390/openssh-server-udeb_3.8.1p1-8.sarge.6_s390.udeb openssh (1:3.8.1p1-8.sarge.6) stable-security; urgency=high * Non-maintainer upload by the Security team * Apply patch to correct a possible denial of service vulnerability caused by a signal handler race condition. CVE-2006-5051 stable/main/binary-powerpc/openssh-server-udeb_3.8.1p1-8.sarge.6_powerpc.udeb stable/main/binary-powerpc/ssh-askpass-gnome_3.8.1p1-8.sarge.6_powerpc.deb stable/main/binary-powerpc/ssh_3.8.1p1-8.sarge.6_powerpc.deb stable/main/binary-powerpc/openssh-client-udeb_3.8.1p1-8.sarge.6_powerpc.udeb openssh (1:3.8.1p1-8.sarge.6) stable-security; urgency=high * Non-maintainer upload by the Security team * Apply patch to correct a possible denial of service vulnerability caused by a signal handler race condition. CVE-2006-5051 stable/main/binary-mipsel/ssh-askpass-gnome_3.8.1p1-8.sarge.6_mipsel.deb stable/main/binary-mipsel/openssh-client-udeb_3.8.1p1-8.sarge.6_mipsel.udeb stable/main/binary-mipsel/openssh-server-udeb_3.8.1p1-8.sarge.6_mipsel.udeb stable/main/binary-mipsel/ssh_3.8.1p1-8.sarge.6_mipsel.deb openssh (1:3.8.1p1-8.sarge.6) stable-security; urgency=high * Non-maintainer upload by the Security team * Apply patch to correct a possible denial of service vulnerability caused by a signal handler race condition. CVE-2006-5051 stable/main/binary-mips/openssh-server-udeb_3.8.1p1-8.sarge.6_mips.udeb stable/main/binary-mips/ssh-askpass-gnome_3.8.1p1-8.sarge.6_mips.deb stable/main/binary-mips/openssh-client-udeb_3.8.1p1-8.sarge.6_mips.udeb stable/main/binary-mips/ssh_3.8.1p1-8.sarge.6_mips.deb openssh (1:3.8.1p1-8.sarge.6) stable-security; urgency=high * Non-maintainer upload by the Security team * Apply patch to correct a possible denial of service vulnerability caused by a signal handler race condition. CVE-2006-5051 stable/main/binary-m68k/openssh-server-udeb_3.8.1p1-8.sarge.6_m68k.udeb stable/main/binary-m68k/openssh-client-udeb_3.8.1p1-8.sarge.6_m68k.udeb stable/main/binary-m68k/ssh_3.8.1p1-8.sarge.6_m68k.deb stable/main/binary-m68k/ssh-askpass-gnome_3.8.1p1-8.sarge.6_m68k.deb openssh (1:3.8.1p1-8.sarge.6) stable-security; urgency=high * Non-maintainer upload by the Security team * Apply patch to correct a possible denial of service vulnerability caused by a signal handler race condition. CVE-2006-5051 stable/main/binary-ia64/openssh-server-udeb_3.8.1p1-8.sarge.6_ia64.udeb stable/main/binary-ia64/ssh-askpass-gnome_3.8.1p1-8.sarge.6_ia64.deb stable/main/binary-ia64/openssh-client-udeb_3.8.1p1-8.sarge.6_ia64.udeb stable/main/binary-ia64/ssh_3.8.1p1-8.sarge.6_ia64.deb openssh (1:3.8.1p1-8.sarge.6) stable-security; urgency=high * Non-maintainer upload by the Security team * Apply patch to correct a possible denial of service vulnerability caused by a signal handler race condition. CVE-2006-5051 stable/main/binary-hppa/openssh-client-udeb_3.8.1p1-8.sarge.6_hppa.udeb stable/main/binary-hppa/ssh-askpass-gnome_3.8.1p1-8.sarge.6_hppa.deb stable/main/binary-hppa/openssh-server-udeb_3.8.1p1-8.sarge.6_hppa.udeb stable/main/binary-hppa/ssh_3.8.1p1-8.sarge.6_hppa.deb openssh (1:3.8.1p1-8.sarge.6) stable-security; urgency=high * Non-maintainer upload by the Security team * Apply patch to correct a possible denial of service vulnerability caused by a signal handler race condition. CVE-2006-5051 stable/main/binary-arm/ssh_3.8.1p1-8.sarge.6_arm.deb stable/main/binary-arm/openssh-server-udeb_3.8.1p1-8.sarge.6_arm.udeb stable/main/binary-arm/ssh-askpass-gnome_3.8.1p1-8.sarge.6_arm.deb stable/main/binary-arm/openssh-client-udeb_3.8.1p1-8.sarge.6_arm.udeb openssh (1:3.8.1p1-8.sarge.6) stable-security; urgency=high * Non-maintainer upload by the Security team * Apply patch to correct a possible denial of service vulnerability caused by a signal handler race condition. CVE-2006-5051 stable/main/binary-alpha/openssh-server-udeb_3.8.1p1-8.sarge.6_alpha.udeb stable/main/binary-alpha/ssh-askpass-gnome_3.8.1p1-8.sarge.6_alpha.deb stable/main/binary-alpha/ssh_3.8.1p1-8.sarge.6_alpha.deb stable/main/binary-alpha/openssh-client-udeb_3.8.1p1-8.sarge.6_alpha.udeb openssh (1:3.8.1p1-8.sarge.6) stable-security; urgency=high * Non-maintainer upload by the Security team * Apply patch to correct a possible denial of service vulnerability caused by a signal handler race condition. CVE-2006-5051 stable/main/binary-i386/ssh_3.8.1p1-8.sarge.6_i386.deb stable/main/binary-i386/openssh-client-udeb_3.8.1p1-8.sarge.6_i386.udeb stable/main/source/openssh_3.8.1p1-8.sarge.6.dsc stable/main/binary-i386/ssh-askpass-gnome_3.8.1p1-8.sarge.6_i386.deb stable/main/binary-i386/openssh-server-udeb_3.8.1p1-8.sarge.6_i386.udeb stable/main/source/openssh_3.8.1p1-8.sarge.6.diff.gz openssh (1:3.8.1p1-8.sarge.6) stable-security; urgency=high * Non-maintainer upload by the Security team * Apply patch to correct a possible denial of service vulnerability caused by a signal handler race condition. CVE-2006-5051 stable/main/binary-s390/openoffice.org-dev_1.1.3-9sarge4_s390.deb stable/main/binary-s390/openoffice.org-evolution_1.1.3-9sarge4_s390.deb stable/main/binary-s390/openoffice.org-gtk-gnome_1.1.3-9sarge4_s390.deb stable/main/binary-s390/openoffice.org-kde_1.1.3-9sarge4_s390.deb stable/main/binary-s390/openoffice.org-bin_1.1.3-9sarge4_s390.deb openoffice.org (1.1.3-9sarge4) stable-security; urgency=high * ooo-build/patches/OOO_1_1/alloc.overflows.wmf.patch: fix WMF heap overflow (CVE-2006-5870) * move dh_fixperms in front of dh_strip to fix stripping problems on XFS stable/main/binary-powerpc/openoffice.org-bin_1.1.3-9sarge4_powerpc.deb stable/main/binary-powerpc/openoffice.org-kde_1.1.3-9sarge4_powerpc.deb stable/main/binary-powerpc/openoffice.org-gtk-gnome_1.1.3-9sarge4_powerpc.deb stable/main/binary-powerpc/openoffice.org-evolution_1.1.3-9sarge4_powerpc.deb stable/main/binary-powerpc/openoffice.org-dev_1.1.3-9sarge4_powerpc.deb openoffice.org (1.1.3-9sarge4) stable-security; urgency=high * ooo-build/patches/OOO_1_1/alloc.overflows.wmf.patch: fix WMF heap overflow (CVE-2006-5870) * move dh_fixperms in front of dh_strip to fix stripping problems on XFS stable/main/binary-all/openoffice.org-l10n-da_1.1.3-9sarge4_all.deb stable/main/binary-i386/openoffice.org-bin_1.1.3-9sarge4_i386.deb stable/main/binary-all/openoffice.org-l10n-pt-br_1.1.3-9sarge4_all.deb stable/main/binary-sparc/openoffice.org-bin_1.1.3-9sarge4_sparc.deb stable/main/binary-all/openoffice.org-l10n-hi_1.1.3-9sarge4_all.deb stable/main/binary-all/ttf-opensymbol_1.1.3-9sarge4_all.deb stable/main/binary-sparc/openoffice.org-dev_1.1.3-9sarge4_sparc.deb stable/main/source/openoffice.org_1.1.3-9sarge4.diff.gz stable/main/binary-all/openoffice.org-l10n-tn_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-ru_1.1.3-9sarge4_all.deb stable/main/binary-i386/openoffice.org-gtk-gnome_1.1.3-9sarge4_i386.deb stable/main/binary-all/openoffice.org-l10n-sv_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-ar_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-zu_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-he_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-it_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-pl_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-kn_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-gl_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-tr_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-zh-cn_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-es_1.1.3-9sarge4_all.deb stable/main/binary-sparc/openoffice.org-gtk-gnome_1.1.3-9sarge4_sparc.deb stable/main/binary-all/openoffice.org-l10n-cy_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-sl_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-lt_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-hu_1.1.3-9sarge4_all.deb stable/main/binary-i386/openoffice.org-dev_1.1.3-9sarge4_i386.deb stable/main/binary-all/openoffice.org-l10n-cs_1.1.3-9sarge4_all.deb stable/main/binary-sparc/openoffice.org-evolution_1.1.3-9sarge4_sparc.deb stable/main/binary-all/openoffice.org-l10n-zh-tw_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-ca_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-mimelnk_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-nl_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-et_1.1.3-9sarge4_all.deb stable/main/binary-sparc/openoffice.org-kde_1.1.3-9sarge4_sparc.deb stable/main/binary-all/openoffice.org-l10n-nn_1.1.3-9sarge4_all.deb stable/main/binary-i386/openoffice.org-kde_1.1.3-9sarge4_i386.deb stable/main/binary-i386/openoffice.org-evolution_1.1.3-9sarge4_i386.deb stable/main/binary-all/openoffice.org-l10n-ns_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-pt_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-th_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-ko_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-nb_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-ja_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-fi_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-af_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-fr_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-en_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-eu_1.1.3-9sarge4_all.deb stable/main/source/openoffice.org_1.1.3-9sarge4.dsc stable/main/binary-all/openoffice.org-l10n-de_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-sk_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-l10n-el_1.1.3-9sarge4_all.deb stable/main/binary-all/openoffice.org-thesaurus-en-us_1.1.3-9sarge4_all.deb openoffice.org (1.1.3-9sarge4) stable-security; urgency=high * ooo-build/patches/OOO_1_1/alloc.overflows.wmf.patch: fix WMF heap overflow (CVE-2006-5870) * move dh_fixperms in front of dh_strip to fix stripping problems on XFS stable/main/binary-sparc/netrik_1.15.3-1sarge1_sparc.deb netrik (1.15.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Properly sanitize filenames used for editing form fields. [CVE-2006-6678] stable/main/binary-s390/netrik_1.15.3-1sarge1_s390.deb netrik (1.15.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Properly sanitize filenames used for editing form fields. [CVE-2006-6678] stable/main/binary-powerpc/netrik_1.15.3-1sarge1_powerpc.deb netrik (1.15.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Properly sanitize filenames used for editing form fields. [CVE-2006-6678] stable/main/binary-mipsel/netrik_1.15.3-1sarge1_mipsel.deb netrik (1.15.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Properly sanitize filenames used for editing form fields. [CVE-2006-6678] stable/main/binary-mips/netrik_1.15.3-1sarge1_mips.deb netrik (1.15.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Properly sanitize filenames used for editing form fields. [CVE-2006-6678] stable/main/binary-m68k/netrik_1.15.3-1sarge1_m68k.deb netrik (1.15.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Properly sanitize filenames used for editing form fields. [CVE-2006-6678] stable/main/binary-ia64/netrik_1.15.3-1sarge1_ia64.deb netrik (1.15.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Properly sanitize filenames used for editing form fields. [CVE-2006-6678] stable/main/binary-hppa/netrik_1.15.3-1sarge1_hppa.deb netrik (1.15.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Properly sanitize filenames used for editing form fields. [CVE-2006-6678] stable/main/binary-arm/netrik_1.15.3-1sarge1_arm.deb netrik (1.15.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Properly sanitize filenames used for editing form fields. [CVE-2006-6678] stable/main/binary-alpha/netrik_1.15.3-1sarge1_alpha.deb netrik (1.15.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Properly sanitize filenames used for editing form fields. [CVE-2006-6678] stable/main/source/netrik_1.15.3-1sarge1.dsc stable/main/binary-i386/netrik_1.15.3-1sarge1_i386.deb stable/main/source/netrik_1.15.3-1sarge1.diff.gz netrik (1.15.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Properly sanitize filenames used for editing form fields. [CVE-2006-6678] stable/main/binary-sparc/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8e.2_sparc.deb stable/main/binary-sparc/mozilla-thunderbird_1.0.2-2.sarge1.0.8e.2_sparc.deb stable/main/binary-sparc/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8e.2_sparc.deb stable/main/binary-sparc/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8e.2_sparc.deb stable/main/binary-sparc/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8e.2_sparc.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8e.2) stable-security; urgency=critical * fix regression in 0015-MFSA-2006-68-CVE-2006-6497-Part-3-348304.txt stable/main/binary-s390/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8e.2_s390.deb stable/main/binary-s390/mozilla-thunderbird_1.0.2-2.sarge1.0.8e.2_s390.deb stable/main/binary-s390/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8e.2_s390.deb stable/main/binary-s390/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8e.2_s390.deb stable/main/binary-s390/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8e.2_s390.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8e.2) stable-security; urgency=critical * fix regression in 0015-MFSA-2006-68-CVE-2006-6497-Part-3-348304.txt stable/main/binary-powerpc/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8e.2_powerpc.deb stable/main/binary-powerpc/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8e.2_powerpc.deb stable/main/binary-powerpc/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8e.2_powerpc.deb stable/main/binary-powerpc/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8e.2_powerpc.deb stable/main/binary-powerpc/mozilla-thunderbird_1.0.2-2.sarge1.0.8e.2_powerpc.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8e.2) stable-security; urgency=critical * fix regression in 0015-MFSA-2006-68-CVE-2006-6497-Part-3-348304.txt stable/main/binary-mipsel/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8e.2_mipsel.deb stable/main/binary-mipsel/mozilla-thunderbird_1.0.2-2.sarge1.0.8e.2_mipsel.deb stable/main/binary-mipsel/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8e.2_mipsel.deb stable/main/binary-mipsel/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8e.2_mipsel.deb stable/main/binary-mipsel/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8e.2_mipsel.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8e.2) stable-security; urgency=critical * fix regression in 0015-MFSA-2006-68-CVE-2006-6497-Part-3-348304.txt stable/main/binary-mips/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8e.2_mips.deb stable/main/binary-mips/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8e.2_mips.deb stable/main/binary-mips/mozilla-thunderbird_1.0.2-2.sarge1.0.8e.2_mips.deb stable/main/binary-mips/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8e.2_mips.deb stable/main/binary-mips/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8e.2_mips.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8e.2) stable-security; urgency=critical * fix regression in 0015-MFSA-2006-68-CVE-2006-6497-Part-3-348304.txt stable/main/binary-m68k/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8e.2_m68k.deb stable/main/binary-m68k/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8e.2_m68k.deb stable/main/binary-m68k/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8e.2_m68k.deb stable/main/binary-m68k/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8e.2_m68k.deb stable/main/binary-m68k/mozilla-thunderbird_1.0.2-2.sarge1.0.8e.2_m68k.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8e.2) stable-security; urgency=critical * fix regression in 0015-MFSA-2006-68-CVE-2006-6497-Part-3-348304.txt stable/main/binary-ia64/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8e.2_ia64.deb stable/main/binary-ia64/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8e.2_ia64.deb stable/main/binary-ia64/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8e.2_ia64.deb stable/main/binary-ia64/mozilla-thunderbird_1.0.2-2.sarge1.0.8e.2_ia64.deb stable/main/binary-ia64/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8e.2_ia64.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8e.2) stable-security; urgency=critical * fix regression in 0015-MFSA-2006-68-CVE-2006-6497-Part-3-348304.txt stable/main/binary-hppa/mozilla-thunderbird_1.0.2-2.sarge1.0.8e.2_hppa.deb stable/main/binary-hppa/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8e.2_hppa.deb stable/main/binary-hppa/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8e.2_hppa.deb stable/main/binary-hppa/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8e.2_hppa.deb stable/main/binary-hppa/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8e.2_hppa.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8e.2) stable-security; urgency=critical * fix regression in 0015-MFSA-2006-68-CVE-2006-6497-Part-3-348304.txt stable/main/binary-arm/mozilla-thunderbird_1.0.2-2.sarge1.0.8e.2_arm.deb stable/main/binary-arm/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8e.2_arm.deb stable/main/binary-arm/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8e.2_arm.deb stable/main/binary-arm/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8e.2_arm.deb stable/main/binary-arm/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8e.2_arm.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8e.2) stable-security; urgency=critical * fix regression in 0015-MFSA-2006-68-CVE-2006-6497-Part-3-348304.txt stable/main/binary-alpha/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8e.2_alpha.deb stable/main/binary-alpha/mozilla-thunderbird_1.0.2-2.sarge1.0.8e.2_alpha.deb stable/main/binary-alpha/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8e.2_alpha.deb stable/main/binary-alpha/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8e.2_alpha.deb stable/main/binary-alpha/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8e.2_alpha.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8e.2) stable-security; urgency=critical * fix regression in 0015-MFSA-2006-68-CVE-2006-6497-Part-3-348304.txt stable/main/source/mozilla-thunderbird_1.0.2-2.sarge1.0.8e.2.diff.gz stable/main/binary-i386/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8e.2_i386.deb stable/main/binary-i386/mozilla-thunderbird_1.0.2-2.sarge1.0.8e.2_i386.deb stable/main/binary-i386/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8e.2_i386.deb stable/main/binary-i386/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8e.2_i386.deb stable/main/source/mozilla-thunderbird_1.0.2-2.sarge1.0.8e.2.dsc stable/main/binary-i386/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8e.2_i386.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8e.2) stable-security; urgency=critical * fix regression in 0015-MFSA-2006-68-CVE-2006-6497-Part-3-348304.txt mozilla-thunderbird (1.0.2-2.sarge1.0.8e.1) stable-security; urgency=critical * Security update fixing issued announced together with release of tbird 1.5.0.9 * 0001-MFSA-2006-68-CVE-2006-6497-Part-1-335047.txt, 0002-MFSA-2006-68-CVE-2006-6497-Part-2-339494.txt, 0003-MFSA-2006-68-CVE-2006-6497-Part-4-354766.txt, 0005-MFSA-2006-68-CVE-2006-6497-Part-5-359203.txt, 0006-MFSA-2006-68-CVE-2006-6497-Part-6-360642.txt, 0015-MFSA-2006-68-CVE-2006-6497-Part-3-348304.txt: Fixes for CVE-2006-6497 aka first part of mfsa2006-68 (Crashes with evidence of memory corruption in layout engine) * 0007-MFSA-2006-68-CVE-2006-6498-Part-1-352846.txt, 0008-MFSA-2006-68-CVE-2006-6498-Part-2-361346.txt: Fixes for CVE-2006-6498 aka second part of mfsa2006-68 (Crashes with evidence of memory corruption in java script engine) * 0014-MFSA-2006-68-CVE-2006-6499-358569.txt: Fix for CVE-2006-6499 aka thirs part of mfsa 2006-69 (Crashes with evidence of memory corruption on floating point reduction. * 0009-MFSA-2006-70-CVE-2006-6501-354978-r361964.txt: Fix for "Privilege escallation using watch point", CVE-2006-6501 aka mfsa-2006-70. * 0010-MFSA-2006-71-CVE-2006-6502-352064.txt: Fix for "LiveConnect crash finalizing JS objects", CVE-2006-6502 aka mfsa-2006-71. * 0011-MFSA-2006-72-CVE-2006-6503-351370.txt: Fix for "XSS by setting img.src to javascript: URI", CVE-2006-6503 aka mfsa-2006-72. * 0012-MFSA-2006-74-CVE-2006-6505-Part-1-2-362213.txt, 0013-MFSA-2006-74-CVE-2006-6505-Part-2-2-362512.txt: Fix for "Mail header processing heap overflows", CVE-2006-6505 aka mfsa2006-74. stable/main/binary-sparc/mozilla-firefox-dom-inspector_1.0.4-2sarge15_sparc.deb stable/main/binary-sparc/mozilla-firefox_1.0.4-2sarge15_sparc.deb stable/main/binary-sparc/mozilla-firefox-gnome-support_1.0.4-2sarge15_sparc.deb mozilla-firefox (1.0.4-2sarge15) stable-security; urgency=critical * layout/xul/base/src/nsMenuFrame.cpp: Fix for regression from Alexander Sack. stable/main/binary-s390/mozilla-firefox-gnome-support_1.0.4-2sarge15_s390.deb stable/main/binary-s390/mozilla-firefox-dom-inspector_1.0.4-2sarge15_s390.deb stable/main/binary-s390/mozilla-firefox_1.0.4-2sarge15_s390.deb mozilla-firefox (1.0.4-2sarge15) stable-security; urgency=critical * layout/xul/base/src/nsMenuFrame.cpp: Fix for regression from Alexander Sack. stable/main/binary-powerpc/mozilla-firefox_1.0.4-2sarge15_powerpc.deb stable/main/binary-powerpc/mozilla-firefox-dom-inspector_1.0.4-2sarge15_powerpc.deb stable/main/binary-powerpc/mozilla-firefox-gnome-support_1.0.4-2sarge15_powerpc.deb mozilla-firefox (1.0.4-2sarge15) stable-security; urgency=critical * layout/xul/base/src/nsMenuFrame.cpp: Fix for regression from Alexander Sack. stable/main/binary-mipsel/mozilla-firefox_1.0.4-2sarge15_mipsel.deb stable/main/binary-mipsel/mozilla-firefox-gnome-support_1.0.4-2sarge15_mipsel.deb stable/main/binary-mipsel/mozilla-firefox-dom-inspector_1.0.4-2sarge15_mipsel.deb mozilla-firefox (1.0.4-2sarge15) stable-security; urgency=critical * layout/xul/base/src/nsMenuFrame.cpp: Fix for regression from Alexander Sack. stable/main/binary-mips/mozilla-firefox-dom-inspector_1.0.4-2sarge15_mips.deb stable/main/binary-mips/mozilla-firefox_1.0.4-2sarge15_mips.deb stable/main/binary-mips/mozilla-firefox-gnome-support_1.0.4-2sarge15_mips.deb mozilla-firefox (1.0.4-2sarge15) stable-security; urgency=critical * layout/xul/base/src/nsMenuFrame.cpp: Fix for regression from Alexander Sack. stable/main/binary-m68k/mozilla-firefox_1.0.4-2sarge15_m68k.deb stable/main/binary-m68k/mozilla-firefox-dom-inspector_1.0.4-2sarge15_m68k.deb stable/main/binary-m68k/mozilla-firefox-gnome-support_1.0.4-2sarge15_m68k.deb mozilla-firefox (1.0.4-2sarge15) stable-security; urgency=critical * layout/xul/base/src/nsMenuFrame.cpp: Fix for regression from Alexander Sack. stable/main/binary-ia64/mozilla-firefox-gnome-support_1.0.4-2sarge15_ia64.deb stable/main/binary-ia64/mozilla-firefox_1.0.4-2sarge15_ia64.deb stable/main/binary-ia64/mozilla-firefox-dom-inspector_1.0.4-2sarge15_ia64.deb mozilla-firefox (1.0.4-2sarge15) stable-security; urgency=critical * layout/xul/base/src/nsMenuFrame.cpp: Fix for regression from Alexander Sack. stable/main/binary-hppa/mozilla-firefox-gnome-support_1.0.4-2sarge15_hppa.deb stable/main/binary-hppa/mozilla-firefox-dom-inspector_1.0.4-2sarge15_hppa.deb stable/main/binary-hppa/mozilla-firefox_1.0.4-2sarge15_hppa.deb mozilla-firefox (1.0.4-2sarge15) stable-security; urgency=critical * layout/xul/base/src/nsMenuFrame.cpp: Fix for regression from Alexander Sack. stable/main/binary-arm/mozilla-firefox-gnome-support_1.0.4-2sarge15_arm.deb stable/main/binary-arm/mozilla-firefox-dom-inspector_1.0.4-2sarge15_arm.deb stable/main/binary-arm/mozilla-firefox_1.0.4-2sarge15_arm.deb mozilla-firefox (1.0.4-2sarge15) stable-security; urgency=critical * layout/xul/base/src/nsMenuFrame.cpp: Fix for regression from Alexander Sack. stable/main/binary-alpha/mozilla-firefox-gnome-support_1.0.4-2sarge15_alpha.deb stable/main/binary-alpha/mozilla-firefox-dom-inspector_1.0.4-2sarge15_alpha.deb stable/main/binary-alpha/mozilla-firefox_1.0.4-2sarge15_alpha.deb mozilla-firefox (1.0.4-2sarge15) stable-security; urgency=critical * layout/xul/base/src/nsMenuFrame.cpp: Fix for regression from Alexander Sack. stable/main/source/mozilla-firefox_1.0.4-2sarge15.dsc stable/main/binary-i386/mozilla-firefox-gnome-support_1.0.4-2sarge15_i386.deb stable/main/binary-i386/mozilla-firefox_1.0.4-2sarge15_i386.deb stable/main/source/mozilla-firefox_1.0.4-2sarge15.diff.gz stable/main/binary-i386/mozilla-firefox-dom-inspector_1.0.4-2sarge15_i386.deb mozilla-firefox (1.0.4-2sarge15) stable-security; urgency=critical * layout/xul/base/src/nsMenuFrame.cpp: Fix for regression from Alexander Sack. stable/main/binary-sparc/mozilla-calendar_1.7.8-1sarge8_sparc.deb stable/main/binary-sparc/mozilla-mailnews_1.7.8-1sarge8_sparc.deb stable/main/binary-sparc/mozilla-dev_1.7.8-1sarge8_sparc.deb stable/main/binary-sparc/mozilla-dom-inspector_1.7.8-1sarge8_sparc.deb stable/main/binary-sparc/libnss-dev_1.7.8-1sarge8_sparc.deb stable/main/binary-sparc/libnspr4_1.7.8-1sarge8_sparc.deb stable/main/binary-sparc/mozilla-psm_1.7.8-1sarge8_sparc.deb stable/main/binary-sparc/mozilla-browser_1.7.8-1sarge8_sparc.deb stable/main/binary-sparc/libnss3_1.7.8-1sarge8_sparc.deb stable/main/binary-sparc/mozilla_1.7.8-1sarge8_sparc.deb stable/main/binary-sparc/mozilla-js-debugger_1.7.8-1sarge8_sparc.deb stable/main/binary-sparc/libnspr-dev_1.7.8-1sarge8_sparc.deb stable/main/binary-sparc/mozilla-chatzilla_1.7.8-1sarge8_sparc.deb mozilla (2:1.7.8-1sarge8) stable-security; urgency=critical * Security update to backport the fixes from Mozilla branch 1.8.0.8. * 4_0014-MFSA2006-65-CVE-2006-5464-Part-1-310267.patch, 4_0015-MFSA2006-65-CVE-2006-5464-Part-2-350370.patch, 4_0016-MFSA2006-65-CVE-2006-5464-Part-3-307809.patch, 4_0018-MFSA2006-65-CVE-2006-5464-Part-4-351328.patch: Fixes for CVE-2006-5464 aka first part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0001-MFSA2006-65-CVE-2006-5748-Part-1-350238.patch, 4_0002-MFSA2006-65-CVE-2006-5748-Part-2-351973.patch, 4_0005-MFSA2006-65-CVE-2006-5748-Part-3-352606.patch, 4_0008-MFSA2006-65-CVE-2006-5748-Part-4-349527.patch, 4_0010-MFSA2006-65-CVE-2006-5748-Part-5-354924.patch: Fixes for CVE-2006-5748 aka last part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0019-MFSA2006-66-CVE-2006-5462-356215.patch: Fix for "RSA Signature Forgery (variant)", CVE-2006-5462 aka mfsa2006-66. * 4_0020-MFSA2006-67-CVE-2006-5463-355655.patch: Fix for "Running Script can be recompiled", CVE-2006-5463 aka mfsa2006-67. * 4_0006-noMFSA-CVE-2006-4310-351255.patch: Fix for CVE-2006-4310 (Remote DOS in FTP error handling), from bz#351255. * 4_0003-noMFSA-353264.patch, 4_0011-noMFSA-313400.patch, 4_0012-noMFSA-353704.patch, 4_0013-noMFSA-352264.patch, 4_0017-noMFSA-350524.patch: Many patches to fix crashes that can be triggered by malicious pages, no mfsa. bz#313400, bz#350524, bz#352264, bz#353264, bz#353704. * 4_0004-noMFSA-regression-fix-352873.patch: Fixes a regression introduced by a previous security update. bz#352873. * 4_0007-noMFSA-337744.patch: Protocol parsing tightening to avoid reading from the filesystem by unexpected resource or chrome urls. bz#337744. * 4_0009-noMFSA-334110.patch: A fix that goes along fixing a buffer overflow in libpng. bz#334110. stable/main/binary-s390/mozilla_1.7.8-1sarge8_s390.deb stable/main/binary-s390/mozilla-psm_1.7.8-1sarge8_s390.deb stable/main/binary-s390/libnspr4_1.7.8-1sarge8_s390.deb stable/main/binary-s390/mozilla-browser_1.7.8-1sarge8_s390.deb stable/main/binary-s390/mozilla-js-debugger_1.7.8-1sarge8_s390.deb stable/main/binary-s390/mozilla-chatzilla_1.7.8-1sarge8_s390.deb stable/main/binary-s390/libnss3_1.7.8-1sarge8_s390.deb stable/main/binary-s390/mozilla-dom-inspector_1.7.8-1sarge8_s390.deb stable/main/binary-s390/libnss-dev_1.7.8-1sarge8_s390.deb stable/main/binary-s390/mozilla-mailnews_1.7.8-1sarge8_s390.deb stable/main/binary-s390/mozilla-dev_1.7.8-1sarge8_s390.deb stable/main/binary-s390/libnspr-dev_1.7.8-1sarge8_s390.deb stable/main/binary-s390/mozilla-calendar_1.7.8-1sarge8_s390.deb mozilla (2:1.7.8-1sarge8) stable-security; urgency=critical * Security update to backport the fixes from Mozilla branch 1.8.0.8. * 4_0014-MFSA2006-65-CVE-2006-5464-Part-1-310267.patch, 4_0015-MFSA2006-65-CVE-2006-5464-Part-2-350370.patch, 4_0016-MFSA2006-65-CVE-2006-5464-Part-3-307809.patch, 4_0018-MFSA2006-65-CVE-2006-5464-Part-4-351328.patch: Fixes for CVE-2006-5464 aka first part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0001-MFSA2006-65-CVE-2006-5748-Part-1-350238.patch, 4_0002-MFSA2006-65-CVE-2006-5748-Part-2-351973.patch, 4_0005-MFSA2006-65-CVE-2006-5748-Part-3-352606.patch, 4_0008-MFSA2006-65-CVE-2006-5748-Part-4-349527.patch, 4_0010-MFSA2006-65-CVE-2006-5748-Part-5-354924.patch: Fixes for CVE-2006-5748 aka last part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0019-MFSA2006-66-CVE-2006-5462-356215.patch: Fix for "RSA Signature Forgery (variant)", CVE-2006-5462 aka mfsa2006-66. * 4_0020-MFSA2006-67-CVE-2006-5463-355655.patch: Fix for "Running Script can be recompiled", CVE-2006-5463 aka mfsa2006-67. * 4_0006-noMFSA-CVE-2006-4310-351255.patch: Fix for CVE-2006-4310 (Remote DOS in FTP error handling), from bz#351255. * 4_0003-noMFSA-353264.patch, 4_0011-noMFSA-313400.patch, 4_0012-noMFSA-353704.patch, 4_0013-noMFSA-352264.patch, 4_0017-noMFSA-350524.patch: Many patches to fix crashes that can be triggered by malicious pages, no mfsa. bz#313400, bz#350524, bz#352264, bz#353264, bz#353704. * 4_0004-noMFSA-regression-fix-352873.patch: Fixes a regression introduced by a previous security update. bz#352873. * 4_0007-noMFSA-337744.patch: Protocol parsing tightening to avoid reading from the filesystem by unexpected resource or chrome urls. bz#337744. * 4_0009-noMFSA-334110.patch: A fix that goes along fixing a buffer overflow in libpng. bz#334110. stable/main/binary-powerpc/mozilla-calendar_1.7.8-1sarge8_powerpc.deb stable/main/binary-powerpc/libnspr4_1.7.8-1sarge8_powerpc.deb stable/main/binary-powerpc/libnss-dev_1.7.8-1sarge8_powerpc.deb stable/main/binary-powerpc/mozilla-psm_1.7.8-1sarge8_powerpc.deb stable/main/binary-powerpc/mozilla-js-debugger_1.7.8-1sarge8_powerpc.deb stable/main/binary-powerpc/libnss3_1.7.8-1sarge8_powerpc.deb stable/main/binary-powerpc/mozilla-browser_1.7.8-1sarge8_powerpc.deb stable/main/binary-powerpc/mozilla_1.7.8-1sarge8_powerpc.deb stable/main/binary-powerpc/mozilla-dom-inspector_1.7.8-1sarge8_powerpc.deb stable/main/binary-powerpc/mozilla-mailnews_1.7.8-1sarge8_powerpc.deb stable/main/binary-powerpc/mozilla-dev_1.7.8-1sarge8_powerpc.deb stable/main/binary-powerpc/mozilla-chatzilla_1.7.8-1sarge8_powerpc.deb stable/main/binary-powerpc/libnspr-dev_1.7.8-1sarge8_powerpc.deb mozilla (2:1.7.8-1sarge8) stable-security; urgency=critical * Security update to backport the fixes from Mozilla branch 1.8.0.8. * 4_0014-MFSA2006-65-CVE-2006-5464-Part-1-310267.patch, 4_0015-MFSA2006-65-CVE-2006-5464-Part-2-350370.patch, 4_0016-MFSA2006-65-CVE-2006-5464-Part-3-307809.patch, 4_0018-MFSA2006-65-CVE-2006-5464-Part-4-351328.patch: Fixes for CVE-2006-5464 aka first part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0001-MFSA2006-65-CVE-2006-5748-Part-1-350238.patch, 4_0002-MFSA2006-65-CVE-2006-5748-Part-2-351973.patch, 4_0005-MFSA2006-65-CVE-2006-5748-Part-3-352606.patch, 4_0008-MFSA2006-65-CVE-2006-5748-Part-4-349527.patch, 4_0010-MFSA2006-65-CVE-2006-5748-Part-5-354924.patch: Fixes for CVE-2006-5748 aka last part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0019-MFSA2006-66-CVE-2006-5462-356215.patch: Fix for "RSA Signature Forgery (variant)", CVE-2006-5462 aka mfsa2006-66. * 4_0020-MFSA2006-67-CVE-2006-5463-355655.patch: Fix for "Running Script can be recompiled", CVE-2006-5463 aka mfsa2006-67. * 4_0006-noMFSA-CVE-2006-4310-351255.patch: Fix for CVE-2006-4310 (Remote DOS in FTP error handling), from bz#351255. * 4_0003-noMFSA-353264.patch, 4_0011-noMFSA-313400.patch, 4_0012-noMFSA-353704.patch, 4_0013-noMFSA-352264.patch, 4_0017-noMFSA-350524.patch: Many patches to fix crashes that can be triggered by malicious pages, no mfsa. bz#313400, bz#350524, bz#352264, bz#353264, bz#353704. * 4_0004-noMFSA-regression-fix-352873.patch: Fixes a regression introduced by a previous security update. bz#352873. * 4_0007-noMFSA-337744.patch: Protocol parsing tightening to avoid reading from the filesystem by unexpected resource or chrome urls. bz#337744. * 4_0009-noMFSA-334110.patch: A fix that goes along fixing a buffer overflow in libpng. bz#334110. stable/main/binary-mipsel/mozilla-dev_1.7.8-1sarge8_mipsel.deb stable/main/binary-mipsel/mozilla-browser_1.7.8-1sarge8_mipsel.deb stable/main/binary-mipsel/mozilla-js-debugger_1.7.8-1sarge8_mipsel.deb stable/main/binary-mipsel/mozilla-psm_1.7.8-1sarge8_mipsel.deb stable/main/binary-mipsel/libnss-dev_1.7.8-1sarge8_mipsel.deb stable/main/binary-mipsel/libnspr4_1.7.8-1sarge8_mipsel.deb stable/main/binary-mipsel/mozilla-calendar_1.7.8-1sarge8_mipsel.deb stable/main/binary-mipsel/libnspr-dev_1.7.8-1sarge8_mipsel.deb stable/main/binary-mipsel/mozilla-chatzilla_1.7.8-1sarge8_mipsel.deb stable/main/binary-mipsel/mozilla-dom-inspector_1.7.8-1sarge8_mipsel.deb stable/main/binary-mipsel/mozilla-mailnews_1.7.8-1sarge8_mipsel.deb stable/main/binary-mipsel/libnss3_1.7.8-1sarge8_mipsel.deb stable/main/binary-mipsel/mozilla_1.7.8-1sarge8_mipsel.deb mozilla (2:1.7.8-1sarge8) stable-security; urgency=critical * Security update to backport the fixes from Mozilla branch 1.8.0.8. * 4_0014-MFSA2006-65-CVE-2006-5464-Part-1-310267.patch, 4_0015-MFSA2006-65-CVE-2006-5464-Part-2-350370.patch, 4_0016-MFSA2006-65-CVE-2006-5464-Part-3-307809.patch, 4_0018-MFSA2006-65-CVE-2006-5464-Part-4-351328.patch: Fixes for CVE-2006-5464 aka first part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0001-MFSA2006-65-CVE-2006-5748-Part-1-350238.patch, 4_0002-MFSA2006-65-CVE-2006-5748-Part-2-351973.patch, 4_0005-MFSA2006-65-CVE-2006-5748-Part-3-352606.patch, 4_0008-MFSA2006-65-CVE-2006-5748-Part-4-349527.patch, 4_0010-MFSA2006-65-CVE-2006-5748-Part-5-354924.patch: Fixes for CVE-2006-5748 aka last part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0019-MFSA2006-66-CVE-2006-5462-356215.patch: Fix for "RSA Signature Forgery (variant)", CVE-2006-5462 aka mfsa2006-66. * 4_0020-MFSA2006-67-CVE-2006-5463-355655.patch: Fix for "Running Script can be recompiled", CVE-2006-5463 aka mfsa2006-67. * 4_0006-noMFSA-CVE-2006-4310-351255.patch: Fix for CVE-2006-4310 (Remote DOS in FTP error handling), from bz#351255. * 4_0003-noMFSA-353264.patch, 4_0011-noMFSA-313400.patch, 4_0012-noMFSA-353704.patch, 4_0013-noMFSA-352264.patch, 4_0017-noMFSA-350524.patch: Many patches to fix crashes that can be triggered by malicious pages, no mfsa. bz#313400, bz#350524, bz#352264, bz#353264, bz#353704. * 4_0004-noMFSA-regression-fix-352873.patch: Fixes a regression introduced by a previous security update. bz#352873. * 4_0007-noMFSA-337744.patch: Protocol parsing tightening to avoid reading from the filesystem by unexpected resource or chrome urls. bz#337744. * 4_0009-noMFSA-334110.patch: A fix that goes along fixing a buffer overflow in libpng. bz#334110. stable/main/binary-mips/libnspr4_1.7.8-1sarge8_mips.deb stable/main/binary-mips/mozilla-browser_1.7.8-1sarge8_mips.deb stable/main/binary-mips/libnss-dev_1.7.8-1sarge8_mips.deb stable/main/binary-mips/libnspr-dev_1.7.8-1sarge8_mips.deb stable/main/binary-mips/mozilla-psm_1.7.8-1sarge8_mips.deb stable/main/binary-mips/mozilla-dev_1.7.8-1sarge8_mips.deb stable/main/binary-mips/mozilla-calendar_1.7.8-1sarge8_mips.deb stable/main/binary-mips/mozilla-mailnews_1.7.8-1sarge8_mips.deb stable/main/binary-mips/mozilla_1.7.8-1sarge8_mips.deb stable/main/binary-mips/mozilla-chatzilla_1.7.8-1sarge8_mips.deb stable/main/binary-mips/libnss3_1.7.8-1sarge8_mips.deb stable/main/binary-mips/mozilla-dom-inspector_1.7.8-1sarge8_mips.deb stable/main/binary-mips/mozilla-js-debugger_1.7.8-1sarge8_mips.deb mozilla (2:1.7.8-1sarge8) stable-security; urgency=critical * Security update to backport the fixes from Mozilla branch 1.8.0.8. * 4_0014-MFSA2006-65-CVE-2006-5464-Part-1-310267.patch, 4_0015-MFSA2006-65-CVE-2006-5464-Part-2-350370.patch, 4_0016-MFSA2006-65-CVE-2006-5464-Part-3-307809.patch, 4_0018-MFSA2006-65-CVE-2006-5464-Part-4-351328.patch: Fixes for CVE-2006-5464 aka first part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0001-MFSA2006-65-CVE-2006-5748-Part-1-350238.patch, 4_0002-MFSA2006-65-CVE-2006-5748-Part-2-351973.patch, 4_0005-MFSA2006-65-CVE-2006-5748-Part-3-352606.patch, 4_0008-MFSA2006-65-CVE-2006-5748-Part-4-349527.patch, 4_0010-MFSA2006-65-CVE-2006-5748-Part-5-354924.patch: Fixes for CVE-2006-5748 aka last part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0019-MFSA2006-66-CVE-2006-5462-356215.patch: Fix for "RSA Signature Forgery (variant)", CVE-2006-5462 aka mfsa2006-66. * 4_0020-MFSA2006-67-CVE-2006-5463-355655.patch: Fix for "Running Script can be recompiled", CVE-2006-5463 aka mfsa2006-67. * 4_0006-noMFSA-CVE-2006-4310-351255.patch: Fix for CVE-2006-4310 (Remote DOS in FTP error handling), from bz#351255. * 4_0003-noMFSA-353264.patch, 4_0011-noMFSA-313400.patch, 4_0012-noMFSA-353704.patch, 4_0013-noMFSA-352264.patch, 4_0017-noMFSA-350524.patch: Many patches to fix crashes that can be triggered by malicious pages, no mfsa. bz#313400, bz#350524, bz#352264, bz#353264, bz#353704. * 4_0004-noMFSA-regression-fix-352873.patch: Fixes a regression introduced by a previous security update. bz#352873. * 4_0007-noMFSA-337744.patch: Protocol parsing tightening to avoid reading from the filesystem by unexpected resource or chrome urls. bz#337744. * 4_0009-noMFSA-334110.patch: A fix that goes along fixing a buffer overflow in libpng. bz#334110. stable/main/binary-m68k/mozilla-browser_1.7.8-1sarge8_m68k.deb stable/main/binary-m68k/mozilla-psm_1.7.8-1sarge8_m68k.deb stable/main/binary-m68k/libnspr-dev_1.7.8-1sarge8_m68k.deb stable/main/binary-m68k/libnss-dev_1.7.8-1sarge8_m68k.deb stable/main/binary-m68k/libnspr4_1.7.8-1sarge8_m68k.deb stable/main/binary-m68k/mozilla-dom-inspector_1.7.8-1sarge8_m68k.deb stable/main/binary-m68k/mozilla-mailnews_1.7.8-1sarge8_m68k.deb stable/main/binary-m68k/libnss3_1.7.8-1sarge8_m68k.deb stable/main/binary-m68k/mozilla-chatzilla_1.7.8-1sarge8_m68k.deb stable/main/binary-m68k/mozilla-js-debugger_1.7.8-1sarge8_m68k.deb stable/main/binary-m68k/mozilla-calendar_1.7.8-1sarge8_m68k.deb stable/main/binary-m68k/mozilla-dev_1.7.8-1sarge8_m68k.deb stable/main/binary-m68k/mozilla_1.7.8-1sarge8_m68k.deb mozilla (2:1.7.8-1sarge8) stable-security; urgency=critical * Security update to backport the fixes from Mozilla branch 1.8.0.8. * 4_0014-MFSA2006-65-CVE-2006-5464-Part-1-310267.patch, 4_0015-MFSA2006-65-CVE-2006-5464-Part-2-350370.patch, 4_0016-MFSA2006-65-CVE-2006-5464-Part-3-307809.patch, 4_0018-MFSA2006-65-CVE-2006-5464-Part-4-351328.patch: Fixes for CVE-2006-5464 aka first part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0001-MFSA2006-65-CVE-2006-5748-Part-1-350238.patch, 4_0002-MFSA2006-65-CVE-2006-5748-Part-2-351973.patch, 4_0005-MFSA2006-65-CVE-2006-5748-Part-3-352606.patch, 4_0008-MFSA2006-65-CVE-2006-5748-Part-4-349527.patch, 4_0010-MFSA2006-65-CVE-2006-5748-Part-5-354924.patch: Fixes for CVE-2006-5748 aka last part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0019-MFSA2006-66-CVE-2006-5462-356215.patch: Fix for "RSA Signature Forgery (variant)", CVE-2006-5462 aka mfsa2006-66. * 4_0020-MFSA2006-67-CVE-2006-5463-355655.patch: Fix for "Running Script can be recompiled", CVE-2006-5463 aka mfsa2006-67. * 4_0006-noMFSA-CVE-2006-4310-351255.patch: Fix for CVE-2006-4310 (Remote DOS in FTP error handling), from bz#351255. * 4_0003-noMFSA-353264.patch, 4_0011-noMFSA-313400.patch, 4_0012-noMFSA-353704.patch, 4_0013-noMFSA-352264.patch, 4_0017-noMFSA-350524.patch: Many patches to fix crashes that can be triggered by malicious pages, no mfsa. bz#313400, bz#350524, bz#352264, bz#353264, bz#353704. * 4_0004-noMFSA-regression-fix-352873.patch: Fixes a regression introduced by a previous security update. bz#352873. * 4_0007-noMFSA-337744.patch: Protocol parsing tightening to avoid reading from the filesystem by unexpected resource or chrome urls. bz#337744. * 4_0009-noMFSA-334110.patch: A fix that goes along fixing a buffer overflow in libpng. bz#334110. stable/main/binary-ia64/libnspr4_1.7.8-1sarge8_ia64.deb stable/main/binary-ia64/mozilla-mailnews_1.7.8-1sarge8_ia64.deb stable/main/binary-ia64/mozilla-psm_1.7.8-1sarge8_ia64.deb stable/main/binary-ia64/mozilla-browser_1.7.8-1sarge8_ia64.deb stable/main/binary-ia64/libnss-dev_1.7.8-1sarge8_ia64.deb stable/main/binary-ia64/libnss3_1.7.8-1sarge8_ia64.deb stable/main/binary-ia64/mozilla-calendar_1.7.8-1sarge8_ia64.deb stable/main/binary-ia64/libnspr-dev_1.7.8-1sarge8_ia64.deb stable/main/binary-ia64/mozilla-dom-inspector_1.7.8-1sarge8_ia64.deb stable/main/binary-ia64/mozilla-chatzilla_1.7.8-1sarge8_ia64.deb stable/main/binary-ia64/mozilla-dev_1.7.8-1sarge8_ia64.deb stable/main/binary-ia64/mozilla-js-debugger_1.7.8-1sarge8_ia64.deb stable/main/binary-ia64/mozilla_1.7.8-1sarge8_ia64.deb mozilla (2:1.7.8-1sarge8) stable-security; urgency=critical * Security update to backport the fixes from Mozilla branch 1.8.0.8. * 4_0014-MFSA2006-65-CVE-2006-5464-Part-1-310267.patch, 4_0015-MFSA2006-65-CVE-2006-5464-Part-2-350370.patch, 4_0016-MFSA2006-65-CVE-2006-5464-Part-3-307809.patch, 4_0018-MFSA2006-65-CVE-2006-5464-Part-4-351328.patch: Fixes for CVE-2006-5464 aka first part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0001-MFSA2006-65-CVE-2006-5748-Part-1-350238.patch, 4_0002-MFSA2006-65-CVE-2006-5748-Part-2-351973.patch, 4_0005-MFSA2006-65-CVE-2006-5748-Part-3-352606.patch, 4_0008-MFSA2006-65-CVE-2006-5748-Part-4-349527.patch, 4_0010-MFSA2006-65-CVE-2006-5748-Part-5-354924.patch: Fixes for CVE-2006-5748 aka last part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0019-MFSA2006-66-CVE-2006-5462-356215.patch: Fix for "RSA Signature Forgery (variant)", CVE-2006-5462 aka mfsa2006-66. * 4_0020-MFSA2006-67-CVE-2006-5463-355655.patch: Fix for "Running Script can be recompiled", CVE-2006-5463 aka mfsa2006-67. * 4_0006-noMFSA-CVE-2006-4310-351255.patch: Fix for CVE-2006-4310 (Remote DOS in FTP error handling), from bz#351255. * 4_0003-noMFSA-353264.patch, 4_0011-noMFSA-313400.patch, 4_0012-noMFSA-353704.patch, 4_0013-noMFSA-352264.patch, 4_0017-noMFSA-350524.patch: Many patches to fix crashes that can be triggered by malicious pages, no mfsa. bz#313400, bz#350524, bz#352264, bz#353264, bz#353704. * 4_0004-noMFSA-regression-fix-352873.patch: Fixes a regression introduced by a previous security update. bz#352873. * 4_0007-noMFSA-337744.patch: Protocol parsing tightening to avoid reading from the filesystem by unexpected resource or chrome urls. bz#337744. * 4_0009-noMFSA-334110.patch: A fix that goes along fixing a buffer overflow in libpng. bz#334110. stable/main/binary-hppa/mozilla-dom-inspector_1.7.8-1sarge8_hppa.deb stable/main/binary-hppa/mozilla-psm_1.7.8-1sarge8_hppa.deb stable/main/binary-hppa/libnspr4_1.7.8-1sarge8_hppa.deb stable/main/binary-hppa/mozilla_1.7.8-1sarge8_hppa.deb stable/main/binary-hppa/mozilla-browser_1.7.8-1sarge8_hppa.deb stable/main/binary-hppa/libnss3_1.7.8-1sarge8_hppa.deb stable/main/binary-hppa/libnss-dev_1.7.8-1sarge8_hppa.deb stable/main/binary-hppa/mozilla-mailnews_1.7.8-1sarge8_hppa.deb stable/main/binary-hppa/mozilla-dev_1.7.8-1sarge8_hppa.deb stable/main/binary-hppa/mozilla-js-debugger_1.7.8-1sarge8_hppa.deb stable/main/binary-hppa/mozilla-chatzilla_1.7.8-1sarge8_hppa.deb stable/main/binary-hppa/mozilla-calendar_1.7.8-1sarge8_hppa.deb stable/main/binary-hppa/libnspr-dev_1.7.8-1sarge8_hppa.deb mozilla (2:1.7.8-1sarge8) stable-security; urgency=critical * Security update to backport the fixes from Mozilla branch 1.8.0.8. * 4_0014-MFSA2006-65-CVE-2006-5464-Part-1-310267.patch, 4_0015-MFSA2006-65-CVE-2006-5464-Part-2-350370.patch, 4_0016-MFSA2006-65-CVE-2006-5464-Part-3-307809.patch, 4_0018-MFSA2006-65-CVE-2006-5464-Part-4-351328.patch: Fixes for CVE-2006-5464 aka first part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0001-MFSA2006-65-CVE-2006-5748-Part-1-350238.patch, 4_0002-MFSA2006-65-CVE-2006-5748-Part-2-351973.patch, 4_0005-MFSA2006-65-CVE-2006-5748-Part-3-352606.patch, 4_0008-MFSA2006-65-CVE-2006-5748-Part-4-349527.patch, 4_0010-MFSA2006-65-CVE-2006-5748-Part-5-354924.patch: Fixes for CVE-2006-5748 aka last part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0019-MFSA2006-66-CVE-2006-5462-356215.patch: Fix for "RSA Signature Forgery (variant)", CVE-2006-5462 aka mfsa2006-66. * 4_0020-MFSA2006-67-CVE-2006-5463-355655.patch: Fix for "Running Script can be recompiled", CVE-2006-5463 aka mfsa2006-67. * 4_0006-noMFSA-CVE-2006-4310-351255.patch: Fix for CVE-2006-4310 (Remote DOS in FTP error handling), from bz#351255. * 4_0003-noMFSA-353264.patch, 4_0011-noMFSA-313400.patch, 4_0012-noMFSA-353704.patch, 4_0013-noMFSA-352264.patch, 4_0017-noMFSA-350524.patch: Many patches to fix crashes that can be triggered by malicious pages, no mfsa. bz#313400, bz#350524, bz#352264, bz#353264, bz#353704. * 4_0004-noMFSA-regression-fix-352873.patch: Fixes a regression introduced by a previous security update. bz#352873. * 4_0007-noMFSA-337744.patch: Protocol parsing tightening to avoid reading from the filesystem by unexpected resource or chrome urls. bz#337744. * 4_0009-noMFSA-334110.patch: A fix that goes along fixing a buffer overflow in libpng. bz#334110. stable/main/binary-arm/mozilla-dev_1.7.8-1sarge8_arm.deb stable/main/binary-arm/libnss3_1.7.8-1sarge8_arm.deb stable/main/binary-arm/mozilla-psm_1.7.8-1sarge8_arm.deb stable/main/binary-arm/mozilla-browser_1.7.8-1sarge8_arm.deb stable/main/binary-arm/libnspr4_1.7.8-1sarge8_arm.deb stable/main/binary-arm/mozilla-js-debugger_1.7.8-1sarge8_arm.deb stable/main/binary-arm/libnspr-dev_1.7.8-1sarge8_arm.deb stable/main/binary-arm/mozilla-calendar_1.7.8-1sarge8_arm.deb stable/main/binary-arm/mozilla-chatzilla_1.7.8-1sarge8_arm.deb stable/main/binary-arm/mozilla_1.7.8-1sarge8_arm.deb stable/main/binary-arm/mozilla-mailnews_1.7.8-1sarge8_arm.deb stable/main/binary-arm/libnss-dev_1.7.8-1sarge8_arm.deb stable/main/binary-arm/mozilla-dom-inspector_1.7.8-1sarge8_arm.deb mozilla (2:1.7.8-1sarge8) stable-security; urgency=critical * Security update to backport the fixes from Mozilla branch 1.8.0.8. * 4_0014-MFSA2006-65-CVE-2006-5464-Part-1-310267.patch, 4_0015-MFSA2006-65-CVE-2006-5464-Part-2-350370.patch, 4_0016-MFSA2006-65-CVE-2006-5464-Part-3-307809.patch, 4_0018-MFSA2006-65-CVE-2006-5464-Part-4-351328.patch: Fixes for CVE-2006-5464 aka first part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0001-MFSA2006-65-CVE-2006-5748-Part-1-350238.patch, 4_0002-MFSA2006-65-CVE-2006-5748-Part-2-351973.patch, 4_0005-MFSA2006-65-CVE-2006-5748-Part-3-352606.patch, 4_0008-MFSA2006-65-CVE-2006-5748-Part-4-349527.patch, 4_0010-MFSA2006-65-CVE-2006-5748-Part-5-354924.patch: Fixes for CVE-2006-5748 aka last part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0019-MFSA2006-66-CVE-2006-5462-356215.patch: Fix for "RSA Signature Forgery (variant)", CVE-2006-5462 aka mfsa2006-66. * 4_0020-MFSA2006-67-CVE-2006-5463-355655.patch: Fix for "Running Script can be recompiled", CVE-2006-5463 aka mfsa2006-67. * 4_0006-noMFSA-CVE-2006-4310-351255.patch: Fix for CVE-2006-4310 (Remote DOS in FTP error handling), from bz#351255. * 4_0003-noMFSA-353264.patch, 4_0011-noMFSA-313400.patch, 4_0012-noMFSA-353704.patch, 4_0013-noMFSA-352264.patch, 4_0017-noMFSA-350524.patch: Many patches to fix crashes that can be triggered by malicious pages, no mfsa. bz#313400, bz#350524, bz#352264, bz#353264, bz#353704. * 4_0004-noMFSA-regression-fix-352873.patch: Fixes a regression introduced by a previous security update. bz#352873. * 4_0007-noMFSA-337744.patch: Protocol parsing tightening to avoid reading from the filesystem by unexpected resource or chrome urls. bz#337744. * 4_0009-noMFSA-334110.patch: A fix that goes along fixing a buffer overflow in libpng. bz#334110. stable/main/binary-alpha/libnspr-dev_1.7.8-1sarge8_alpha.deb stable/main/binary-alpha/mozilla_1.7.8-1sarge8_alpha.deb stable/main/binary-alpha/mozilla-dom-inspector_1.7.8-1sarge8_alpha.deb stable/main/binary-alpha/mozilla-chatzilla_1.7.8-1sarge8_alpha.deb stable/main/binary-alpha/libnspr4_1.7.8-1sarge8_alpha.deb stable/main/binary-alpha/libnss3_1.7.8-1sarge8_alpha.deb stable/main/binary-alpha/libnss-dev_1.7.8-1sarge8_alpha.deb stable/main/binary-alpha/mozilla-js-debugger_1.7.8-1sarge8_alpha.deb stable/main/binary-alpha/mozilla-dev_1.7.8-1sarge8_alpha.deb stable/main/binary-alpha/mozilla-psm_1.7.8-1sarge8_alpha.deb stable/main/binary-alpha/mozilla-calendar_1.7.8-1sarge8_alpha.deb stable/main/binary-alpha/mozilla-mailnews_1.7.8-1sarge8_alpha.deb stable/main/binary-alpha/mozilla-browser_1.7.8-1sarge8_alpha.deb mozilla (2:1.7.8-1sarge8) stable-security; urgency=critical * Security update to backport the fixes from Mozilla branch 1.8.0.8. * 4_0014-MFSA2006-65-CVE-2006-5464-Part-1-310267.patch, 4_0015-MFSA2006-65-CVE-2006-5464-Part-2-350370.patch, 4_0016-MFSA2006-65-CVE-2006-5464-Part-3-307809.patch, 4_0018-MFSA2006-65-CVE-2006-5464-Part-4-351328.patch: Fixes for CVE-2006-5464 aka first part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0001-MFSA2006-65-CVE-2006-5748-Part-1-350238.patch, 4_0002-MFSA2006-65-CVE-2006-5748-Part-2-351973.patch, 4_0005-MFSA2006-65-CVE-2006-5748-Part-3-352606.patch, 4_0008-MFSA2006-65-CVE-2006-5748-Part-4-349527.patch, 4_0010-MFSA2006-65-CVE-2006-5748-Part-5-354924.patch: Fixes for CVE-2006-5748 aka last part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0019-MFSA2006-66-CVE-2006-5462-356215.patch: Fix for "RSA Signature Forgery (variant)", CVE-2006-5462 aka mfsa2006-66. * 4_0020-MFSA2006-67-CVE-2006-5463-355655.patch: Fix for "Running Script can be recompiled", CVE-2006-5463 aka mfsa2006-67. * 4_0006-noMFSA-CVE-2006-4310-351255.patch: Fix for CVE-2006-4310 (Remote DOS in FTP error handling), from bz#351255. * 4_0003-noMFSA-353264.patch, 4_0011-noMFSA-313400.patch, 4_0012-noMFSA-353704.patch, 4_0013-noMFSA-352264.patch, 4_0017-noMFSA-350524.patch: Many patches to fix crashes that can be triggered by malicious pages, no mfsa. bz#313400, bz#350524, bz#352264, bz#353264, bz#353704. * 4_0004-noMFSA-regression-fix-352873.patch: Fixes a regression introduced by a previous security update. bz#352873. * 4_0007-noMFSA-337744.patch: Protocol parsing tightening to avoid reading from the filesystem by unexpected resource or chrome urls. bz#337744. * 4_0009-noMFSA-334110.patch: A fix that goes along fixing a buffer overflow in libpng. bz#334110. stable/main/binary-i386/mozilla-calendar_1.7.8-1sarge8_i386.deb stable/main/source/mozilla_1.7.8-1sarge8.dsc stable/main/binary-i386/mozilla-dev_1.7.8-1sarge8_i386.deb stable/main/binary-i386/mozilla-chatzilla_1.7.8-1sarge8_i386.deb stable/main/binary-i386/libnss3_1.7.8-1sarge8_i386.deb stable/main/binary-i386/libnspr4_1.7.8-1sarge8_i386.deb stable/main/binary-i386/libnspr-dev_1.7.8-1sarge8_i386.deb stable/main/binary-i386/mozilla-dom-inspector_1.7.8-1sarge8_i386.deb stable/main/binary-i386/mozilla-mailnews_1.7.8-1sarge8_i386.deb stable/main/binary-i386/libnss-dev_1.7.8-1sarge8_i386.deb stable/main/binary-i386/mozilla-psm_1.7.8-1sarge8_i386.deb stable/main/binary-i386/mozilla-js-debugger_1.7.8-1sarge8_i386.deb stable/main/binary-i386/mozilla-browser_1.7.8-1sarge8_i386.deb stable/main/source/mozilla_1.7.8-1sarge8.diff.gz stable/main/binary-i386/mozilla_1.7.8-1sarge8_i386.deb mozilla (2:1.7.8-1sarge8) stable-security; urgency=critical * Security update to backport the fixes from Mozilla branch 1.8.0.8. * 4_0014-MFSA2006-65-CVE-2006-5464-Part-1-310267.patch, 4_0015-MFSA2006-65-CVE-2006-5464-Part-2-350370.patch, 4_0016-MFSA2006-65-CVE-2006-5464-Part-3-307809.patch, 4_0018-MFSA2006-65-CVE-2006-5464-Part-4-351328.patch: Fixes for CVE-2006-5464 aka first part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0001-MFSA2006-65-CVE-2006-5748-Part-1-350238.patch, 4_0002-MFSA2006-65-CVE-2006-5748-Part-2-351973.patch, 4_0005-MFSA2006-65-CVE-2006-5748-Part-3-352606.patch, 4_0008-MFSA2006-65-CVE-2006-5748-Part-4-349527.patch, 4_0010-MFSA2006-65-CVE-2006-5748-Part-5-354924.patch: Fixes for CVE-2006-5748 aka last part of mfsa2006-65 (Crashes with evidence of memory corruption (rv:1.8.0.8)). * 4_0019-MFSA2006-66-CVE-2006-5462-356215.patch: Fix for "RSA Signature Forgery (variant)", CVE-2006-5462 aka mfsa2006-66. * 4_0020-MFSA2006-67-CVE-2006-5463-355655.patch: Fix for "Running Script can be recompiled", CVE-2006-5463 aka mfsa2006-67. * 4_0006-noMFSA-CVE-2006-4310-351255.patch: Fix for CVE-2006-4310 (Remote DOS in FTP error handling), from bz#351255. * 4_0003-noMFSA-353264.patch, 4_0011-noMFSA-313400.patch, 4_0012-noMFSA-353704.patch, 4_0013-noMFSA-352264.patch, 4_0017-noMFSA-350524.patch: Many patches to fix crashes that can be triggered by malicious pages, no mfsa. bz#313400, bz#350524, bz#352264, bz#353264, bz#353704. * 4_0004-noMFSA-regression-fix-352873.patch: Fixes a regression introduced by a previous security update. bz#352873. * 4_0007-noMFSA-337744.patch: Protocol parsing tightening to avoid reading from the filesystem by unexpected resource or chrome urls. bz#337744. * 4_0009-noMFSA-334110.patch: A fix that goes along fixing a buffer overflow in libpng. bz#334110. stable/main/source/mindi-kernel_2.4.27-2sarge4.dsc stable/main/source/mindi-kernel_2.4.27-2sarge4.diff.gz stable/main/binary-i386/mindi-kernel_2.4.27-2sarge4_i386.deb mindi-kernel (2.4.27-2sarge4) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-sparc/ftpd_0.17-20sarge2_sparc.deb linux-ftpd (0.17-20sarge2) stable-security; urgency=high * Sarge security release. * Fixed ftpd from doing chdir while runing as root. (Closes: #384454) Thanks a lot to Paul Szabo for finding out and the patch. (CVE-2006-5778) stable/main/binary-s390/ftpd_0.17-20sarge2_s390.deb linux-ftpd (0.17-20sarge2) stable-security; urgency=high * Sarge security release. * Fixed ftpd from doing chdir while runing as root. (Closes: #384454) Thanks a lot to Paul Szabo for finding out and the patch. (CVE-2006-5778) stable/main/binary-powerpc/ftpd_0.17-20sarge2_powerpc.deb linux-ftpd (0.17-20sarge2) stable-security; urgency=high * Sarge security release. * Fixed ftpd from doing chdir while runing as root. (Closes: #384454) Thanks a lot to Paul Szabo for finding out and the patch. (CVE-2006-5778) stable/main/binary-mipsel/ftpd_0.17-20sarge2_mipsel.deb linux-ftpd (0.17-20sarge2) stable-security; urgency=high * Sarge security release. * Fixed ftpd from doing chdir while runing as root. (Closes: #384454) Thanks a lot to Paul Szabo for finding out and the patch. (CVE-2006-5778) stable/main/binary-mips/ftpd_0.17-20sarge2_mips.deb linux-ftpd (0.17-20sarge2) stable-security; urgency=high * Sarge security release. * Fixed ftpd from doing chdir while runing as root. (Closes: #384454) Thanks a lot to Paul Szabo for finding out and the patch. (CVE-2006-5778) stable/main/binary-m68k/ftpd_0.17-20sarge2_m68k.deb linux-ftpd (0.17-20sarge2) stable-security; urgency=high * Sarge security release. * Fixed ftpd from doing chdir while runing as root. (Closes: #384454) Thanks a lot to Paul Szabo for finding out and the patch. (CVE-2006-5778) stable/main/binary-ia64/ftpd_0.17-20sarge2_ia64.deb linux-ftpd (0.17-20sarge2) stable-security; urgency=high * Sarge security release. * Fixed ftpd from doing chdir while runing as root. (Closes: #384454) Thanks a lot to Paul Szabo for finding out and the patch. (CVE-2006-5778) stable/main/binary-hppa/ftpd_0.17-20sarge2_hppa.deb linux-ftpd (0.17-20sarge2) stable-security; urgency=high * Sarge security release. * Fixed ftpd from doing chdir while runing as root. (Closes: #384454) Thanks a lot to Paul Szabo for finding out and the patch. (CVE-2006-5778) stable/main/binary-arm/ftpd_0.17-20sarge2_arm.deb linux-ftpd (0.17-20sarge2) stable-security; urgency=high * Sarge security release. * Fixed ftpd from doing chdir while runing as root. (Closes: #384454) Thanks a lot to Paul Szabo for finding out and the patch. (CVE-2006-5778) stable/main/binary-alpha/ftpd_0.17-20sarge2_alpha.deb linux-ftpd (0.17-20sarge2) stable-security; urgency=high * Sarge security release. * Fixed ftpd from doing chdir while runing as root. (Closes: #384454) Thanks a lot to Paul Szabo for finding out and the patch. (CVE-2006-5778) stable/main/binary-i386/ftpd_0.17-20sarge2_i386.deb stable/main/source/linux-ftpd_0.17-20sarge2.dsc stable/main/source/linux-ftpd_0.17-20sarge2.diff.gz linux-ftpd (0.17-20sarge2) stable-security; urgency=high * Sarge security release. * Fixed ftpd from doing chdir while runing as root. (Closes: #384454) Thanks a lot to Paul Szabo for finding out and the patch. (CVE-2006-5778) stable/main/binary-sparc/links_0.99+1.00pre12-1sarge1_sparc.deb links (0.99+1.00pre12-1sarge1) stable-security; urgency=high * Security non-maintainer upload. * Fix vulnerability in smb:// URI handling by rejecting '"' and ';' characters which could be used for remote command execution; patch backported from upstream 1.00pre19. (CVE-2006-5925) stable/main/binary-s390/links_0.99+1.00pre12-1sarge1_s390.deb links (0.99+1.00pre12-1sarge1) stable-security; urgency=high * Security non-maintainer upload. * Fix vulnerability in smb:// URI handling by rejecting '"' and ';' characters which could be used for remote command execution; patch backported from upstream 1.00pre19. (CVE-2006-5925) stable/main/binary-powerpc/links_0.99+1.00pre12-1sarge1_powerpc.deb links (0.99+1.00pre12-1sarge1) stable-security; urgency=high * Security non-maintainer upload. * Fix vulnerability in smb:// URI handling by rejecting '"' and ';' characters which could be used for remote command execution; patch backported from upstream 1.00pre19. (CVE-2006-5925) stable/main/binary-mipsel/links_0.99+1.00pre12-1sarge1_mipsel.deb links (0.99+1.00pre12-1sarge1) stable-security; urgency=high * Security non-maintainer upload. * Fix vulnerability in smb:// URI handling by rejecting '"' and ';' characters which could be used for remote command execution; patch backported from upstream 1.00pre19. (CVE-2006-5925) stable/main/binary-mips/links_0.99+1.00pre12-1sarge1_mips.deb links (0.99+1.00pre12-1sarge1) stable-security; urgency=high * Security non-maintainer upload. * Fix vulnerability in smb:// URI handling by rejecting '"' and ';' characters which could be used for remote command execution; patch backported from upstream 1.00pre19. (CVE-2006-5925) stable/main/binary-m68k/links_0.99+1.00pre12-1sarge1_m68k.deb links (0.99+1.00pre12-1sarge1) stable-security; urgency=high * Security non-maintainer upload. * Fix vulnerability in smb:// URI handling by rejecting '"' and ';' characters which could be used for remote command execution; patch backported from upstream 1.00pre19. (CVE-2006-5925) stable/main/binary-ia64/links_0.99+1.00pre12-1sarge1_ia64.deb links (0.99+1.00pre12-1sarge1) stable-security; urgency=high * Security non-maintainer upload. * Fix vulnerability in smb:// URI handling by rejecting '"' and ';' characters which could be used for remote command execution; patch backported from upstream 1.00pre19. (CVE-2006-5925) stable/main/binary-hppa/links_0.99+1.00pre12-1sarge1_hppa.deb links (0.99+1.00pre12-1sarge1) stable-security; urgency=high * Security non-maintainer upload. * Fix vulnerability in smb:// URI handling by rejecting '"' and ';' characters which could be used for remote command execution; patch backported from upstream 1.00pre19. (CVE-2006-5925) stable/main/binary-arm/links_0.99+1.00pre12-1sarge1_arm.deb links (0.99+1.00pre12-1sarge1) stable-security; urgency=high * Security non-maintainer upload. * Fix vulnerability in smb:// URI handling by rejecting '"' and ';' characters which could be used for remote command execution; patch backported from upstream 1.00pre19. (CVE-2006-5925) stable/main/binary-alpha/links_0.99+1.00pre12-1sarge1_alpha.deb links (0.99+1.00pre12-1sarge1) stable-security; urgency=high * Security non-maintainer upload. * Fix vulnerability in smb:// URI handling by rejecting '"' and ';' characters which could be used for remote command execution; patch backported from upstream 1.00pre19. (CVE-2006-5925) stable/main/binary-i386/links_0.99+1.00pre12-1sarge1_i386.deb stable/main/source/links_0.99+1.00pre12-1sarge1.diff.gz stable/main/binary-all/links-ssl_0.99+1.00pre12-1sarge1_all.deb stable/main/source/links_0.99+1.00pre12-1sarge1.dsc links (0.99+1.00pre12-1sarge1) stable-security; urgency=high * Security non-maintainer upload. * Fix vulnerability in smb:// URI handling by rejecting '"' and ';' characters which could be used for remote command execution; patch backported from upstream 1.00pre19. (CVE-2006-5925) stable/main/binary-sparc/libsoup2.2-dev_2.2.3-2sarge1_sparc.deb stable/main/binary-sparc/libsoup2.2-7_2.2.3-2sarge1_sparc.deb libsoup (2.2.3-2sarge1) stable-security; urgency=high * Fix remotely exploitable DoS vulnerability stable/main/binary-s390/libsoup2.2-dev_2.2.3-2sarge1_s390.deb stable/main/binary-s390/libsoup2.2-7_2.2.3-2sarge1_s390.deb libsoup (2.2.3-2sarge1) stable-security; urgency=high * Fix remotely exploitable DoS vulnerability stable/main/binary-powerpc/libsoup2.2-7_2.2.3-2sarge1_powerpc.deb stable/main/binary-powerpc/libsoup2.2-dev_2.2.3-2sarge1_powerpc.deb libsoup (2.2.3-2sarge1) stable-security; urgency=high * Fix remotely exploitable DoS vulnerability stable/main/binary-mipsel/libsoup2.2-7_2.2.3-2sarge1_mipsel.deb stable/main/binary-mipsel/libsoup2.2-dev_2.2.3-2sarge1_mipsel.deb libsoup (2.2.3-2sarge1) stable-security; urgency=high * Fix remotely exploitable DoS vulnerability stable/main/binary-mips/libsoup2.2-7_2.2.3-2sarge1_mips.deb stable/main/binary-mips/libsoup2.2-dev_2.2.3-2sarge1_mips.deb libsoup (2.2.3-2sarge1) stable-security; urgency=high * Fix remotely exploitable DoS vulnerability stable/main/binary-m68k/libsoup2.2-7_2.2.3-2sarge1_m68k.deb stable/main/binary-m68k/libsoup2.2-dev_2.2.3-2sarge1_m68k.deb libsoup (2.2.3-2sarge1) stable-security; urgency=high * Fix remotely exploitable DoS vulnerability stable/main/binary-ia64/libsoup2.2-dev_2.2.3-2sarge1_ia64.deb stable/main/binary-ia64/libsoup2.2-7_2.2.3-2sarge1_ia64.deb libsoup (2.2.3-2sarge1) stable-security; urgency=high * Fix remotely exploitable DoS vulnerability stable/main/binary-hppa/libsoup2.2-dev_2.2.3-2sarge1_hppa.deb stable/main/binary-hppa/libsoup2.2-7_2.2.3-2sarge1_hppa.deb libsoup (2.2.3-2sarge1) stable-security; urgency=high * Fix remotely exploitable DoS vulnerability stable/main/binary-arm/libsoup2.2-dev_2.2.3-2sarge1_arm.deb stable/main/binary-arm/libsoup2.2-7_2.2.3-2sarge1_arm.deb libsoup (2.2.3-2sarge1) stable-security; urgency=high * Fix remotely exploitable DoS vulnerability stable/main/binary-alpha/libsoup2.2-dev_2.2.3-2sarge1_alpha.deb stable/main/binary-alpha/libsoup2.2-7_2.2.3-2sarge1_alpha.deb libsoup (2.2.3-2sarge1) stable-security; urgency=high * Fix remotely exploitable DoS vulnerability stable/main/binary-all/libsoup2.2-doc_2.2.3-2sarge1_all.deb stable/main/source/libsoup_2.2.3-2sarge1.dsc stable/main/binary-i386/libsoup2.2-7_2.2.3-2sarge1_i386.deb stable/main/binary-i386/libsoup2.2-dev_2.2.3-2sarge1_i386.deb stable/main/source/libsoup_2.2.3-2sarge1.diff.gz libsoup (2.2.3-2sarge1) stable-security; urgency=high * Fix remotely exploitable DoS vulnerability stable/main/binary-sparc/libpam-ldap_178-1sarge3_sparc.deb libpam-ldap (178-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied Red Hat patch to fix authentication bypass [CVE-2006-5170] stable/main/binary-s390/libpam-ldap_178-1sarge3_s390.deb libpam-ldap (178-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied Red Hat patch to fix authentication bypass [CVE-2006-5170] stable/main/binary-powerpc/libpam-ldap_178-1sarge3_powerpc.deb libpam-ldap (178-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied Red Hat patch to fix authentication bypass [CVE-2006-5170] stable/main/binary-mipsel/libpam-ldap_178-1sarge3_mipsel.deb libpam-ldap (178-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied Red Hat patch to fix authentication bypass [CVE-2006-5170] stable/main/binary-mips/libpam-ldap_178-1sarge3_mips.deb libpam-ldap (178-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied Red Hat patch to fix authentication bypass [CVE-2006-5170] stable/main/binary-m68k/libpam-ldap_178-1sarge3_m68k.deb libpam-ldap (178-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied Red Hat patch to fix authentication bypass [CVE-2006-5170] stable/main/binary-ia64/libpam-ldap_178-1sarge3_ia64.deb libpam-ldap (178-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied Red Hat patch to fix authentication bypass [CVE-2006-5170] stable/main/binary-hppa/libpam-ldap_178-1sarge3_hppa.deb libpam-ldap (178-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied Red Hat patch to fix authentication bypass [CVE-2006-5170] stable/main/binary-arm/libpam-ldap_178-1sarge3_arm.deb libpam-ldap (178-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied Red Hat patch to fix authentication bypass [CVE-2006-5170] stable/main/binary-alpha/libpam-ldap_178-1sarge3_alpha.deb libpam-ldap (178-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied Red Hat patch to fix authentication bypass [CVE-2006-5170] stable/main/source/libpam-ldap_178-1sarge3.diff.gz stable/main/source/libpam-ldap_178-1sarge3.dsc stable/main/binary-i386/libpam-ldap_178-1sarge3_i386.deb libpam-ldap (178-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied Red Hat patch to fix authentication bypass [CVE-2006-5170] stable/main/binary-sparc/libgtop2-daemon_2.6.0-4sarge1_sparc.deb stable/main/binary-sparc/libgtop2-dev_2.6.0-4sarge1_sparc.deb stable/main/binary-sparc/libgtop2-2_2.6.0-4sarge1_sparc.deb libgtop2 (2.6.0-4sarge1) stable-security; urgency=high * SECURITY: New patch, 20_proc_map-overflow.patch, fixes overflow in /proc/maps parsing code; (CVE-2006-0235) stable/main/binary-s390/libgtop2-daemon_2.6.0-4sarge1_s390.deb stable/main/binary-s390/libgtop2-2_2.6.0-4sarge1_s390.deb stable/main/binary-s390/libgtop2-dev_2.6.0-4sarge1_s390.deb libgtop2 (2.6.0-4sarge1) stable-security; urgency=high * SECURITY: New patch, 20_proc_map-overflow.patch, fixes overflow in /proc/maps parsing code; (CVE-2006-0235) stable/main/binary-powerpc/libgtop2-dev_2.6.0-4sarge1_powerpc.deb stable/main/binary-powerpc/libgtop2-2_2.6.0-4sarge1_powerpc.deb stable/main/binary-powerpc/libgtop2-daemon_2.6.0-4sarge1_powerpc.deb libgtop2 (2.6.0-4sarge1) stable-security; urgency=high * SECURITY: New patch, 20_proc_map-overflow.patch, fixes overflow in /proc/maps parsing code; (CVE-2006-0235) stable/main/binary-mipsel/libgtop2-2_2.6.0-4sarge1_mipsel.deb stable/main/binary-mipsel/libgtop2-dev_2.6.0-4sarge1_mipsel.deb stable/main/binary-mipsel/libgtop2-daemon_2.6.0-4sarge1_mipsel.deb libgtop2 (2.6.0-4sarge1) stable-security; urgency=high * SECURITY: New patch, 20_proc_map-overflow.patch, fixes overflow in /proc/maps parsing code; (CVE-2006-0235) stable/main/binary-mips/libgtop2-2_2.6.0-4sarge1_mips.deb stable/main/binary-mips/libgtop2-dev_2.6.0-4sarge1_mips.deb stable/main/binary-mips/libgtop2-daemon_2.6.0-4sarge1_mips.deb libgtop2 (2.6.0-4sarge1) stable-security; urgency=high * SECURITY: New patch, 20_proc_map-overflow.patch, fixes overflow in /proc/maps parsing code; (CVE-2006-0235) stable/main/binary-m68k/libgtop2-2_2.6.0-4sarge1_m68k.deb stable/main/binary-m68k/libgtop2-daemon_2.6.0-4sarge1_m68k.deb stable/main/binary-m68k/libgtop2-dev_2.6.0-4sarge1_m68k.deb libgtop2 (2.6.0-4sarge1) stable-security; urgency=high * SECURITY: New patch, 20_proc_map-overflow.patch, fixes overflow in /proc/maps parsing code; (CVE-2006-0235) stable/main/binary-ia64/libgtop2-dev_2.6.0-4sarge1_ia64.deb stable/main/binary-ia64/libgtop2-2_2.6.0-4sarge1_ia64.deb stable/main/binary-ia64/libgtop2-daemon_2.6.0-4sarge1_ia64.deb libgtop2 (2.6.0-4sarge1) stable-security; urgency=high * SECURITY: New patch, 20_proc_map-overflow.patch, fixes overflow in /proc/maps parsing code; (CVE-2006-0235) stable/main/binary-hppa/libgtop2-dev_2.6.0-4sarge1_hppa.deb stable/main/binary-hppa/libgtop2-daemon_2.6.0-4sarge1_hppa.deb stable/main/binary-hppa/libgtop2-2_2.6.0-4sarge1_hppa.deb libgtop2 (2.6.0-4sarge1) stable-security; urgency=high * SECURITY: New patch, 20_proc_map-overflow.patch, fixes overflow in /proc/maps parsing code; (CVE-2006-0235) stable/main/binary-arm/libgtop2-daemon_2.6.0-4sarge1_arm.deb stable/main/binary-arm/libgtop2-dev_2.6.0-4sarge1_arm.deb stable/main/binary-arm/libgtop2-2_2.6.0-4sarge1_arm.deb libgtop2 (2.6.0-4sarge1) stable-security; urgency=high * SECURITY: New patch, 20_proc_map-overflow.patch, fixes overflow in /proc/maps parsing code; (CVE-2006-0235) stable/main/binary-alpha/libgtop2-dev_2.6.0-4sarge1_alpha.deb stable/main/binary-alpha/libgtop2-2_2.6.0-4sarge1_alpha.deb stable/main/binary-alpha/libgtop2-daemon_2.6.0-4sarge1_alpha.deb libgtop2 (2.6.0-4sarge1) stable-security; urgency=high * SECURITY: New patch, 20_proc_map-overflow.patch, fixes overflow in /proc/maps parsing code; (CVE-2006-0235) stable/main/binary-i386/libgtop2-daemon_2.6.0-4sarge1_i386.deb stable/main/source/libgtop2_2.6.0-4sarge1.diff.gz stable/main/binary-i386/libgtop2-dev_2.6.0-4sarge1_i386.deb stable/main/binary-i386/libgtop2-2_2.6.0-4sarge1_i386.deb stable/main/source/libgtop2_2.6.0-4sarge1.dsc libgtop2 (2.6.0-4sarge1) stable-security; urgency=high * SECURITY: New patch, 20_proc_map-overflow.patch, fixes overflow in /proc/maps parsing code; (CVE-2006-0235) stable/main/binary-sparc/libgsf-gnome-1-dbg_1.11.1-1sarge1_sparc.deb stable/main/binary-sparc/libgsf-gnome-1-dev_1.11.1-1sarge1_sparc.deb stable/main/binary-sparc/libgsf-1-dbg_1.11.1-1sarge1_sparc.deb stable/main/binary-sparc/libgsf-1_1.11.1-1sarge1_sparc.deb stable/main/binary-sparc/libgsf-gnome-1_1.11.1-1sarge1_sparc.deb stable/main/binary-sparc/libgsf-1-dev_1.11.1-1sarge1_sparc.deb libgsf (1.11.1-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch forwarded by Ray Dassen to fix a heap overflow problem stable/main/binary-s390/libgsf-1_1.11.1-1sarge1_s390.deb stable/main/binary-s390/libgsf-gnome-1-dev_1.11.1-1sarge1_s390.deb stable/main/binary-s390/libgsf-1-dbg_1.11.1-1sarge1_s390.deb stable/main/binary-s390/libgsf-gnome-1-dbg_1.11.1-1sarge1_s390.deb stable/main/binary-s390/libgsf-1-dev_1.11.1-1sarge1_s390.deb stable/main/binary-s390/libgsf-gnome-1_1.11.1-1sarge1_s390.deb libgsf (1.11.1-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch forwarded by Ray Dassen to fix a heap overflow problem stable/main/binary-mipsel/libgsf-gnome-1-dev_1.11.1-1sarge1_mipsel.deb stable/main/binary-mipsel/libgsf-1-dev_1.11.1-1sarge1_mipsel.deb stable/main/binary-mipsel/libgsf-gnome-1-dbg_1.11.1-1sarge1_mipsel.deb stable/main/binary-mipsel/libgsf-1-dbg_1.11.1-1sarge1_mipsel.deb stable/main/binary-mipsel/libgsf-1_1.11.1-1sarge1_mipsel.deb stable/main/binary-mipsel/libgsf-gnome-1_1.11.1-1sarge1_mipsel.deb libgsf (1.11.1-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch forwarded by Ray Dassen to fix a heap overflow problem stable/main/binary-mips/libgsf-gnome-1_1.11.1-1sarge1_mips.deb stable/main/binary-mips/libgsf-gnome-1-dev_1.11.1-1sarge1_mips.deb stable/main/binary-mips/libgsf-1-dev_1.11.1-1sarge1_mips.deb stable/main/binary-mips/libgsf-gnome-1-dbg_1.11.1-1sarge1_mips.deb stable/main/binary-mips/libgsf-1_1.11.1-1sarge1_mips.deb stable/main/binary-mips/libgsf-1-dbg_1.11.1-1sarge1_mips.deb libgsf (1.11.1-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch forwarded by Ray Dassen to fix a heap overflow problem stable/main/binary-m68k/libgsf-gnome-1-dbg_1.11.1-1sarge1_m68k.deb stable/main/binary-m68k/libgsf-1-dbg_1.11.1-1sarge1_m68k.deb stable/main/binary-m68k/libgsf-gnome-1_1.11.1-1sarge1_m68k.deb stable/main/binary-m68k/libgsf-1_1.11.1-1sarge1_m68k.deb stable/main/binary-m68k/libgsf-1-dev_1.11.1-1sarge1_m68k.deb stable/main/binary-m68k/libgsf-gnome-1-dev_1.11.1-1sarge1_m68k.deb libgsf (1.11.1-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch forwarded by Ray Dassen to fix a heap overflow problem stable/main/binary-ia64/libgsf-gnome-1-dev_1.11.1-1sarge1_ia64.deb stable/main/binary-ia64/libgsf-1_1.11.1-1sarge1_ia64.deb stable/main/binary-ia64/libgsf-1-dbg_1.11.1-1sarge1_ia64.deb stable/main/binary-ia64/libgsf-1-dev_1.11.1-1sarge1_ia64.deb stable/main/binary-ia64/libgsf-gnome-1-dbg_1.11.1-1sarge1_ia64.deb stable/main/binary-ia64/libgsf-gnome-1_1.11.1-1sarge1_ia64.deb libgsf (1.11.1-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch forwarded by Ray Dassen to fix a heap overflow problem stable/main/binary-i386/libgsf-gnome-1_1.11.1-1sarge1_i386.deb stable/main/binary-i386/libgsf-gnome-1-dbg_1.11.1-1sarge1_i386.deb stable/main/binary-i386/libgsf-1-dev_1.11.1-1sarge1_i386.deb stable/main/binary-i386/libgsf-1-dbg_1.11.1-1sarge1_i386.deb stable/main/binary-i386/libgsf-1_1.11.1-1sarge1_i386.deb stable/main/binary-i386/libgsf-gnome-1-dev_1.11.1-1sarge1_i386.deb libgsf (1.11.1-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch forwarded by Ray Dassen to fix a heap overflow problem stable/main/binary-hppa/libgsf-1-dev_1.11.1-1sarge1_hppa.deb stable/main/binary-hppa/libgsf-gnome-1-dbg_1.11.1-1sarge1_hppa.deb stable/main/binary-hppa/libgsf-gnome-1-dev_1.11.1-1sarge1_hppa.deb stable/main/binary-hppa/libgsf-1-dbg_1.11.1-1sarge1_hppa.deb stable/main/binary-hppa/libgsf-1_1.11.1-1sarge1_hppa.deb stable/main/binary-hppa/libgsf-gnome-1_1.11.1-1sarge1_hppa.deb libgsf (1.11.1-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch forwarded by Ray Dassen to fix a heap overflow problem stable/main/binary-arm/libgsf-1-dev_1.11.1-1sarge1_arm.deb stable/main/binary-arm/libgsf-gnome-1-dbg_1.11.1-1sarge1_arm.deb stable/main/binary-arm/libgsf-1-dbg_1.11.1-1sarge1_arm.deb stable/main/binary-arm/libgsf-gnome-1-dev_1.11.1-1sarge1_arm.deb stable/main/binary-arm/libgsf-1_1.11.1-1sarge1_arm.deb stable/main/binary-arm/libgsf-gnome-1_1.11.1-1sarge1_arm.deb libgsf (1.11.1-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch forwarded by Ray Dassen to fix a heap overflow problem stable/main/binary-alpha/libgsf-1-dev_1.11.1-1sarge1_alpha.deb stable/main/binary-alpha/libgsf-1_1.11.1-1sarge1_alpha.deb stable/main/binary-alpha/libgsf-gnome-1-dev_1.11.1-1sarge1_alpha.deb stable/main/binary-alpha/libgsf-gnome-1_1.11.1-1sarge1_alpha.deb stable/main/binary-alpha/libgsf-gnome-1-dbg_1.11.1-1sarge1_alpha.deb stable/main/binary-alpha/libgsf-1-dbg_1.11.1-1sarge1_alpha.deb libgsf (1.11.1-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch forwarded by Ray Dassen to fix a heap overflow problem stable/main/binary-powerpc/libgsf-gnome-1_1.11.1-1sarge1_powerpc.deb stable/main/binary-powerpc/libgsf-gnome-1-dev_1.11.1-1sarge1_powerpc.deb stable/main/source/libgsf_1.11.1-1sarge1.dsc stable/main/binary-powerpc/libgsf-1-dbg_1.11.1-1sarge1_powerpc.deb stable/main/binary-powerpc/libgsf-1-dev_1.11.1-1sarge1_powerpc.deb stable/main/binary-powerpc/libgsf-1_1.11.1-1sarge1_powerpc.deb stable/main/source/libgsf_1.11.1-1sarge1.diff.gz stable/main/binary-powerpc/libgsf-gnome-1-dbg_1.11.1-1sarge1_powerpc.deb libgsf (1.11.1-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch forwarded by Ray Dassen to fix a heap overflow problem stable/main/binary-all/libcrypt-cbc-perl_2.12-1sarge2_all.deb stable/main/source/libcrypt-cbc-perl_2.12-1sarge2.diff.gz stable/main/source/libcrypt-cbc-perl_2.12-1sarge2.dsc libcrypt-cbc-perl (2.12-1sarge2) stable-security; urgency=high * SECURITY FIX: Solves weakness when using certain block algorithms (CVE-2006-0898) + This release fixes the vulnerability in a different way, introducing backward compatibility in more scenarios. stable/main/binary-sparc/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_sparc.deb stable/main/binary-sparc/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_sparc.deb libapache-mod-auth-kerb (4.996-5.0-rc6-1sarge1) stable-security; urgency=high * Non-Maintainer upload by the Security Team. * Apply patch to fix off-by-one error in der_get_oid function CVE-2006-5989 stable/main/binary-s390/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_s390.deb stable/main/binary-s390/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_s390.deb libapache-mod-auth-kerb (4.996-5.0-rc6-1sarge1) stable-security; urgency=high * Non-Maintainer upload by the Security Team. * Apply patch to fix off-by-one error in der_get_oid function CVE-2006-5989 stable/main/binary-powerpc/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_powerpc.deb stable/main/binary-powerpc/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_powerpc.deb libapache-mod-auth-kerb (4.996-5.0-rc6-1sarge1) stable-security; urgency=high * Non-Maintainer upload by the Security Team. * Apply patch to fix off-by-one error in der_get_oid function CVE-2006-5989 stable/main/binary-mipsel/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_mipsel.deb stable/main/binary-mipsel/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_mipsel.deb libapache-mod-auth-kerb (4.996-5.0-rc6-1sarge1) stable-security; urgency=high * Non-Maintainer upload by the Security Team. * Apply patch to fix off-by-one error in der_get_oid function CVE-2006-5989 stable/main/binary-mips/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_mips.deb stable/main/binary-mips/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_mips.deb libapache-mod-auth-kerb (4.996-5.0-rc6-1sarge1) stable-security; urgency=high * Non-Maintainer upload by the Security Team. * Apply patch to fix off-by-one error in der_get_oid function CVE-2006-5989 stable/main/binary-m68k/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_m68k.deb stable/main/binary-m68k/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_m68k.deb libapache-mod-auth-kerb (4.996-5.0-rc6-1sarge1) stable-security; urgency=high * Non-Maintainer upload by the Security Team. * Apply patch to fix off-by-one error in der_get_oid function CVE-2006-5989 stable/main/binary-ia64/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_ia64.deb stable/main/binary-ia64/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_ia64.deb libapache-mod-auth-kerb (4.996-5.0-rc6-1sarge1) stable-security; urgency=high * Non-Maintainer upload by the Security Team. * Apply patch to fix off-by-one error in der_get_oid function CVE-2006-5989 stable/main/binary-hppa/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_hppa.deb stable/main/binary-hppa/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_hppa.deb libapache-mod-auth-kerb (4.996-5.0-rc6-1sarge1) stable-security; urgency=high * Non-Maintainer upload by the Security Team. * Apply patch to fix off-by-one error in der_get_oid function CVE-2006-5989 stable/main/binary-arm/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_arm.deb stable/main/binary-arm/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_arm.deb libapache-mod-auth-kerb (4.996-5.0-rc6-1sarge1) stable-security; urgency=high * Non-Maintainer upload by the Security Team. * Apply patch to fix off-by-one error in der_get_oid function CVE-2006-5989 stable/main/binary-alpha/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_alpha.deb stable/main/binary-alpha/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_alpha.deb libapache-mod-auth-kerb (4.996-5.0-rc6-1sarge1) stable-security; urgency=high * Non-Maintainer upload by the Security Team. * Apply patch to fix off-by-one error in der_get_oid function CVE-2006-5989 stable/main/binary-i386/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1_i386.deb stable/main/source/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1.dsc stable/main/binary-i386/libapache2-mod-auth-kerb_4.996-5.0-rc6-1sarge1_i386.deb stable/main/source/libapache-mod-auth-kerb_4.996-5.0-rc6-1sarge1.diff.gz libapache-mod-auth-kerb (4.996-5.0-rc6-1sarge1) stable-security; urgency=high * Non-Maintainer upload by the Security Team. * Apply patch to fix off-by-one error in der_get_oid function CVE-2006-5989 stable/main/binary-sparc/l2tpns_2.0.14-1sarge1_sparc.deb l2tpns (2.0.14-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Secrutiy Team * Fix potential remote code execution in cluster code. [CVE-2006-5873] stable/main/binary-s390/l2tpns_2.0.14-1sarge1_s390.deb l2tpns (2.0.14-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Secrutiy Team * Fix potential remote code execution in cluster code. [CVE-2006-5873] stable/main/binary-powerpc/l2tpns_2.0.14-1sarge1_powerpc.deb l2tpns (2.0.14-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Secrutiy Team * Fix potential remote code execution in cluster code. [CVE-2006-5873] stable/main/binary-mipsel/l2tpns_2.0.14-1sarge1_mipsel.deb l2tpns (2.0.14-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Secrutiy Team * Fix potential remote code execution in cluster code. [CVE-2006-5873] stable/main/binary-mips/l2tpns_2.0.14-1sarge1_mips.deb l2tpns (2.0.14-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Secrutiy Team * Fix potential remote code execution in cluster code. [CVE-2006-5873] stable/main/binary-m68k/l2tpns_2.0.14-1sarge1_m68k.deb l2tpns (2.0.14-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Secrutiy Team * Fix potential remote code execution in cluster code. [CVE-2006-5873] stable/main/binary-ia64/l2tpns_2.0.14-1sarge1_ia64.deb l2tpns (2.0.14-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Secrutiy Team * Fix potential remote code execution in cluster code. [CVE-2006-5873] stable/main/binary-hppa/l2tpns_2.0.14-1sarge1_hppa.deb l2tpns (2.0.14-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Secrutiy Team * Fix potential remote code execution in cluster code. [CVE-2006-5873] stable/main/binary-arm/l2tpns_2.0.14-1sarge1_arm.deb l2tpns (2.0.14-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Secrutiy Team * Fix potential remote code execution in cluster code. [CVE-2006-5873] stable/main/binary-alpha/l2tpns_2.0.14-1sarge1_alpha.deb l2tpns (2.0.14-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Secrutiy Team * Fix potential remote code execution in cluster code. [CVE-2006-5873] stable/main/source/l2tpns_2.0.14-1sarge1.diff.gz stable/main/binary-i386/l2tpns_2.0.14-1sarge1_i386.deb stable/main/source/l2tpns_2.0.14-1sarge1.dsc l2tpns (2.0.14-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Secrutiy Team * Fix potential remote code execution in cluster code. [CVE-2006-5873] stable/main/source/kernel-source-2.6.8_2.6.8-16sarge6.dsc stable/main/binary-all/kernel-tree-2.6.8_2.6.8-16sarge6_all.deb stable/main/binary-all/kernel-doc-2.6.8_2.6.8-16sarge6_all.deb stable/main/binary-all/kernel-patch-debian-2.6.8_2.6.8-16sarge6_all.deb stable/main/binary-all/kernel-source-2.6.8_2.6.8-16sarge6_all.deb stable/main/source/kernel-source-2.6.8_2.6.8-16sarge6.diff.gz kernel-source-2.6.8 (2.6.8-16sarge6) stable-security; urgency=high * perfmon-fd-refcnt.dpatch [SECURITY][ia64] Fix file descriptor leak in perfmonctl system call which could be used as a local denial of service attack by depleting the system of file descriptors See CVE-2006-3741 * ia64-sparc-cross-region-mappings.dpatch [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * __block_prepare_write-recovery.dpatch [SECURITY] Fix an information leak in __block_prepare_write() See CVE-2006-4813 * atm-clip-freed-skb-deref.dpatch [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * ip6_flowlabel-lockup.dpatch [SECURITY] Fix local DoS attack vector (lockups, oopses) in the sequence handling for /proc/net/ip6_flowlabel See CVE-2006-5619 * ppc-alignment-exception-table-check.dpatch [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * s390-uaccess-memleak.dpatch [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * smbfs-honor-mount-opts.dpatch Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled See CVE-2006-5871 * bridge-get_fdb_entries-overflow.dpatch Protect against possible overflow in get_fdb_entries See CVE-2006-5751 stable/main/binary-all/kernel-tree-2.4.27_2.4.27-10sarge5_all.deb stable/main/binary-all/kernel-doc-2.4.27_2.4.27-10sarge5_all.deb stable/main/source/kernel-source-2.4.27_2.4.27-10sarge5.dsc stable/main/binary-all/kernel-source-2.4.27_2.4.27-10sarge5_all.deb stable/main/source/kernel-source-2.4.27_2.4.27-10sarge5.diff.gz stable/main/binary-all/kernel-patch-debian-2.4.27_2.4.27-10sarge5_all.deb kernel-source-2.4.27 (2.4.27-10sarge5) stable-security; urgency=high * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-powerpc/kernel-image-2.6.8-3-power3_2.6.8-12sarge6_powerpc.deb stable/main/binary-powerpc/kernel-headers-2.6.8-3_2.6.8-12sarge6_powerpc.deb stable/main/binary-powerpc/kernel-build-2.6.8-3-power4_2.6.8-12sarge6_powerpc.deb stable/main/binary-powerpc/kernel-build-2.6.8-3-power4-smp_2.6.8-12sarge6_powerpc.deb stable/main/binary-powerpc/kernel-build-2.6.8-3-powerpc_2.6.8-12sarge6_powerpc.deb stable/main/source/kernel-patch-powerpc-2.6.8_2.6.8-12sarge6.tar.gz stable/main/source/kernel-patch-powerpc-2.6.8_2.6.8-12sarge6.dsc stable/main/binary-powerpc/kernel-image-2.6.8-3-power4-smp_2.6.8-12sarge6_powerpc.deb stable/main/binary-powerpc/kernel-image-2.6.8-3-power4_2.6.8-12sarge6_powerpc.deb stable/main/binary-powerpc/kernel-build-2.6.8-3-power3-smp_2.6.8-12sarge6_powerpc.deb stable/main/binary-powerpc/kernel-image-2.6.8-3-powerpc_2.6.8-12sarge6_powerpc.deb stable/main/binary-powerpc/kernel-build-2.6.8-3-powerpc-smp_2.6.8-12sarge6_powerpc.deb stable/main/binary-powerpc/kernel-build-2.6.8-3-power3_2.6.8-12sarge6_powerpc.deb stable/main/binary-powerpc/kernel-image-2.6.8-3-powerpc-smp_2.6.8-12sarge6_powerpc.deb stable/main/binary-powerpc/kernel-image-2.6.8-3-power3-smp_2.6.8-12sarge6_powerpc.deb kernel-patch-powerpc-2.6.8 (2.6.8-12sarge6) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge6: * perfmon-fd-refcnt.dpatch [SECURITY][ia64] Fix file descriptor leak in perfmonctl system call which could be used as a local denial of service attack by depleting the system of file descriptors See CVE-2006-3741 * ia64-sparc-cross-region-mappings.dpatch [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * __block_prepare_write-recovery.dpatch [SECURITY] Fix an information leak in __block_prepare_write() See CVE-2006-4813 * atm-clip-freed-skb-deref.dpatch [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * ip6_flowlabel-lockup.dpatch [SECURITY] Fix local DoS attack vector (lockups, oopses) in the sequence handling for /proc/net/ip6_flowlabel See CVE-2006-5619 * ppc-alignment-exception-table-check.dpatch [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * s390-uaccess-memleak.dpatch [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * smbfs-honor-mount-opts.dpatch Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled See CVE-2006-5871 * bridge-get_fdb_entries-overflow.dpatch Protect against possible overflow in get_fdb_entries See CVE-2006-5751 stable/main/binary-powerpc/kernel-image-2.4.27-apus_2.4.27-10sarge5_powerpc.deb stable/main/binary-powerpc/kernel-patch-2.4.27-apus_2.4.27-10sarge5_powerpc.deb stable/main/binary-powerpc/kernel-image-2.4.27-powerpc-small_2.4.27-10sarge5_powerpc.deb stable/main/binary-powerpc/kernel-build-2.4.27-powerpc-smp_2.4.27-10sarge5_powerpc.deb stable/main/binary-powerpc/kernel-image-2.4.27-powerpc-smp_2.4.27-10sarge5_powerpc.deb stable/main/binary-powerpc/kernel-patch-2.4.27-nubus_2.4.27-10sarge5_powerpc.deb stable/main/binary-powerpc/kernel-image-2.4.27-powerpc_2.4.27-10sarge5_powerpc.deb stable/main/binary-powerpc/kernel-build-2.4.27-nubus_2.4.27-10sarge5_powerpc.deb stable/main/binary-powerpc/kernel-headers-2.4.27-nubus_2.4.27-10sarge5_powerpc.deb stable/main/binary-powerpc/kernel-image-2.4.27-nubus_2.4.27-10sarge5_powerpc.deb stable/main/binary-powerpc/kernel-build-2.4.27-apus_2.4.27-10sarge5_powerpc.deb stable/main/binary-powerpc/kernel-build-2.4.27-powerpc-small_2.4.27-10sarge5_powerpc.deb stable/main/source/kernel-patch-powerpc-2.4.27_2.4.27-10sarge5.dsc stable/main/binary-powerpc/kernel-headers-2.4.27-powerpc_2.4.27-10sarge5_powerpc.deb stable/main/source/kernel-patch-powerpc-2.4.27_2.4.27-10sarge5.tar.gz stable/main/binary-powerpc/kernel-build-2.4.27-powerpc_2.4.27-10sarge5_powerpc.deb stable/main/binary-powerpc/kernel-patch-2.4.27-powerpc_2.4.27-10sarge5_powerpc.deb stable/main/binary-powerpc/kernel-headers-2.4.27-apus_2.4.27-10sarge5_powerpc.deb kernel-patch-powerpc-2.4.27 (2.4.27-10sarge5) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/source/kernel-patch-2.6.8-hppa_2.6.8-5sarge1.dsc stable/main/source/kernel-patch-2.6.8-hppa_2.6.8-5sarge1.tar.gz stable/main/binary-all/kernel-patch-2.6.8-hppa_2.6.8-5sarge1_all.deb kernel-patch-2.6.8-hppa (2.6.8-5sarge1) stable-security; urgency=high * Update patch to apply to kernel-tree-2.6.8-16sarge6 stable/main/binary-sparc/mips-tools_2.4.27-10.sarge4.040815-2_sparc.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-2) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-s390/mips-tools_2.4.27-10.sarge4.040815-2_s390.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-2) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-powerpc/mips-tools_2.4.27-10.sarge4.040815-2_powerpc.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-2) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-mipsel/kernel-image-2.4.27-r4k-kn04_2.4.27-10.sarge4.040815-2_mipsel.deb stable/main/binary-mipsel/kernel-image-2.4.27-r5k-cobalt_2.4.27-10.sarge4.040815-2_mipsel.deb stable/main/binary-mipsel/kernel-image-2.4.27-r5k-lasat_2.4.27-10.sarge4.040815-2_mipsel.deb stable/main/binary-mipsel/mips-tools_2.4.27-10.sarge4.040815-2_mipsel.deb stable/main/binary-mipsel/kernel-image-2.4.27-r3k-kn02_2.4.27-10.sarge4.040815-2_mipsel.deb stable/main/binary-mipsel/kernel-image-2.4.27-xxs1500_2.4.27-10.sarge4.040815-2_mipsel.deb stable/main/binary-mipsel/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge4.040815-2_mipsel.deb stable/main/binary-mipsel/kernel-headers-2.4.27_2.4.27-10.sarge4.040815-2_mipsel.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-2) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-mips/kernel-headers-2.4.27_2.4.27-10.sarge4.040815-2_mips.deb stable/main/binary-mips/kernel-image-2.4.27-r4k-ip22_2.4.27-10.sarge4.040815-2_mips.deb stable/main/binary-mips/kernel-image-2.4.27-r5k-ip22_2.4.27-10.sarge4.040815-2_mips.deb stable/main/binary-mips/mips-tools_2.4.27-10.sarge4.040815-2_mips.deb stable/main/binary-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge4.040815-2_mips.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-2) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-m68k/mips-tools_2.4.27-10.sarge4.040815-2_m68k.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-2) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-ia64/mips-tools_2.4.27-10.sarge4.040815-2_ia64.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-2) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-hppa/mips-tools_2.4.27-10.sarge4.040815-2_hppa.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-2) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-arm/mips-tools_2.4.27-10.sarge4.040815-2_arm.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-2) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-alpha/mips-tools_2.4.27-10.sarge4.040815-2_alpha.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-2) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/source/kernel-patch-2.4.27-mips_2.4.27-10.sarge4.040815-2.dsc stable/main/binary-i386/mips-tools_2.4.27-10.sarge4.040815-2_i386.deb stable/main/source/kernel-patch-2.4.27-mips_2.4.27-10.sarge4.040815-2.tar.gz kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-2) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-all/kernel-doc-2.4.27-speakup_2.4.27-1.1sarge4_all.deb stable/main/source/kernel-image-speakup-i386_2.4.27-1.1sarge4.tar.gz stable/main/binary-i386/kernel-headers-2.4.27-speakup_2.4.27-1.1sarge4_i386.deb stable/main/source/kernel-image-speakup-i386_2.4.27-1.1sarge4.dsc stable/main/binary-i386/kernel-image-2.4.27-speakup_2.4.27-1.1sarge4_i386.deb kernel-image-speakup-i386 (2.4.27-1.1sarge4) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-sparc/kernel-headers-2.6.8-3-sparc64-smp_2.6.8-15sarge6_sparc.deb stable/main/binary-sparc/kernel-image-2.6.8-3-sparc64-smp_2.6.8-15sarge6_sparc.deb stable/main/binary-sparc/kernel-headers-2.6.8-3_2.6.8-15sarge6_sparc.deb stable/main/binary-sparc/kernel-headers-2.6.8-3-sparc64_2.6.8-15sarge6_sparc.deb stable/main/binary-sparc/kernel-headers-2.6.8-3-sparc32_2.6.8-15sarge6_sparc.deb stable/main/binary-sparc/kernel-image-2.6.8-3-sparc32_2.6.8-15sarge6_sparc.deb stable/main/binary-sparc/kernel-image-2.6.8-3-sparc64_2.6.8-15sarge6_sparc.deb stable/main/source/kernel-image-2.6.8-sparc_2.6.8-15sarge6.dsc stable/main/binary-sparc/kernel-build-2.6.8-3_2.6.8-15sarge6_sparc.deb stable/main/source/kernel-image-2.6.8-sparc_2.6.8-15sarge6.tar.gz kernel-image-2.6.8-sparc (2.6.8-15sarge6) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge6: * perfmon-fd-refcnt.dpatch [SECURITY][ia64] Fix file descriptor leak in perfmonctl system call which could be used as a local denial of service attack by depleting the system of file descriptors See CVE-2006-3741 * ia64-sparc-cross-region-mappings.dpatch [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * __block_prepare_write-recovery.dpatch [SECURITY] Fix an information leak in __block_prepare_write() See CVE-2006-4813 * atm-clip-freed-skb-deref.dpatch [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * ip6_flowlabel-lockup.dpatch [SECURITY] Fix local DoS attack vector (lockups, oopses) in the sequence handling for /proc/net/ip6_flowlabel See CVE-2006-5619 * ppc-alignment-exception-table-check.dpatch [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * s390-uaccess-memleak.dpatch [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * smbfs-honor-mount-opts.dpatch Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled See CVE-2006-5871 * bridge-get_fdb_entries-overflow.dpatch Protect against possible overflow in get_fdb_entries See CVE-2006-5751 stable/main/binary-s390/kernel-image-2.6.8-3-s390_2.6.8-5sarge6_s390.deb stable/main/binary-s390/kernel-image-2.6.8-3-s390x_2.6.8-5sarge6_s390.deb stable/main/binary-s390/kernel-headers-2.6.8-3_2.6.8-5sarge6_s390.deb stable/main/source/kernel-image-2.6.8-s390_2.6.8-5sarge6.dsc stable/main/binary-all/kernel-patch-2.6.8-s390_2.6.8-5sarge6_all.deb stable/main/binary-s390/kernel-image-2.6.8-3-s390-tape_2.6.8-5sarge6_s390.deb stable/main/source/kernel-image-2.6.8-s390_2.6.8-5sarge6.tar.gz kernel-image-2.6.8-s390 (2.6.8-5sarge6) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge6: * perfmon-fd-refcnt.dpatch [SECURITY][ia64] Fix file descriptor leak in perfmonctl system call which could be used as a local denial of service attack by depleting the system of file descriptors See CVE-2006-3741 * ia64-sparc-cross-region-mappings.dpatch [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * __block_prepare_write-recovery.dpatch [SECURITY] Fix an information leak in __block_prepare_write() See CVE-2006-4813 * atm-clip-freed-skb-deref.dpatch [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * ip6_flowlabel-lockup.dpatch [SECURITY] Fix local DoS attack vector (lockups, oopses) in the sequence handling for /proc/net/ip6_flowlabel See CVE-2006-5619 * ppc-alignment-exception-table-check.dpatch [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * s390-uaccess-memleak.dpatch [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * smbfs-honor-mount-opts.dpatch Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled See CVE-2006-5871 * bridge-get_fdb_entries-overflow.dpatch Protect against possible overflow in get_fdb_entries See CVE-2006-5751 stable/main/binary-m68k/kernel-image-2.6.8-hp_2.6.8-4sarge6_m68k.deb stable/main/binary-m68k/kernel-image-2.6.8-q40_2.6.8-4sarge6_m68k.deb stable/main/binary-m68k/kernel-image-2.6.8-bvme6000_2.6.8-4sarge6_m68k.deb stable/main/binary-m68k/kernel-image-2.6.8-mvme16x_2.6.8-4sarge6_m68k.deb stable/main/source/kernel-image-2.6.8-m68k_2.6.8-4sarge6.tar.gz stable/main/source/kernel-image-2.6.8-m68k_2.6.8-4sarge6.dsc stable/main/binary-m68k/kernel-image-2.6.8-mac_2.6.8-4sarge6_m68k.deb stable/main/binary-m68k/kernel-image-2.6.8-sun3_2.6.8-4sarge6_m68k.deb stable/main/binary-m68k/kernel-image-2.6.8-atari_2.6.8-4sarge6_m68k.deb stable/main/binary-m68k/kernel-image-2.6.8-mvme147_2.6.8-4sarge6_m68k.deb stable/main/binary-m68k/kernel-image-2.6.8-amiga_2.6.8-4sarge6_m68k.deb kernel-image-2.6.8-m68k (2.6.8-4sarge6) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge6: * perfmon-fd-refcnt.dpatch [SECURITY][ia64] Fix file descriptor leak in perfmonctl system call which could be used as a local denial of service attack by depleting the system of file descriptors See CVE-2006-3741 * ia64-sparc-cross-region-mappings.dpatch [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * __block_prepare_write-recovery.dpatch [SECURITY] Fix an information leak in __block_prepare_write() See CVE-2006-4813 * atm-clip-freed-skb-deref.dpatch [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * ip6_flowlabel-lockup.dpatch [SECURITY] Fix local DoS attack vector (lockups, oopses) in the sequence handling for /proc/net/ip6_flowlabel See CVE-2006-5619 * ppc-alignment-exception-table-check.dpatch [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * s390-uaccess-memleak.dpatch [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * smbfs-honor-mount-opts.dpatch Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled See CVE-2006-5871 * bridge-get_fdb_entries-overflow.dpatch Protect against possible overflow in get_fdb_entries See CVE-2006-5751 stable/main/binary-ia64/kernel-headers-2.6-itanium_2.6.8-14sarge6_ia64.deb stable/main/binary-ia64/kernel-image-2.6.8-3-mckinley_2.6.8-14sarge6_ia64.deb stable/main/binary-ia64/kernel-image-2.6-itanium-smp_2.6.8-14sarge6_ia64.deb stable/main/binary-ia64/kernel-headers-2.6-mckinley_2.6.8-14sarge6_ia64.deb stable/main/binary-ia64/kernel-image-2.6.8-3-mckinley-smp_2.6.8-14sarge6_ia64.deb stable/main/source/kernel-image-2.6.8-ia64_2.6.8-14sarge6.tar.gz stable/main/binary-ia64/kernel-headers-2.6.8-3-mckinley-smp_2.6.8-14sarge6_ia64.deb stable/main/binary-ia64/kernel-headers-2.6.8-3-itanium-smp_2.6.8-14sarge6_ia64.deb stable/main/binary-ia64/kernel-image-2.6.8-3-itanium-smp_2.6.8-14sarge6_ia64.deb stable/main/binary-ia64/kernel-headers-2.6.8-3-mckinley_2.6.8-14sarge6_ia64.deb stable/main/binary-ia64/kernel-image-2.6-itanium_2.6.8-14sarge6_ia64.deb stable/main/binary-ia64/kernel-headers-2.6.8-3_2.6.8-14sarge6_ia64.deb stable/main/binary-ia64/kernel-image-2.6-mckinley_2.6.8-14sarge6_ia64.deb stable/main/source/kernel-image-2.6.8-ia64_2.6.8-14sarge6.dsc stable/main/binary-ia64/kernel-headers-2.6.8-3-itanium_2.6.8-14sarge6_ia64.deb stable/main/binary-ia64/kernel-headers-2.6-itanium-smp_2.6.8-14sarge6_ia64.deb stable/main/binary-ia64/kernel-image-2.6.8-3-itanium_2.6.8-14sarge6_ia64.deb stable/main/binary-ia64/kernel-image-2.6-mckinley-smp_2.6.8-14sarge6_ia64.deb stable/main/binary-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-14sarge6_ia64.deb kernel-image-2.6.8-ia64 (2.6.8-14sarge6) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge6: * perfmon-fd-refcnt.dpatch [SECURITY][ia64] Fix file descriptor leak in perfmonctl system call which could be used as a local denial of service attack by depleting the system of file descriptors See CVE-2006-3741 * ia64-sparc-cross-region-mappings.dpatch [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * __block_prepare_write-recovery.dpatch [SECURITY] Fix an information leak in __block_prepare_write() See CVE-2006-4813 * atm-clip-freed-skb-deref.dpatch [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * ip6_flowlabel-lockup.dpatch [SECURITY] Fix local DoS attack vector (lockups, oopses) in the sequence handling for /proc/net/ip6_flowlabel See CVE-2006-5619 * ppc-alignment-exception-table-check.dpatch [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * s390-uaccess-memleak.dpatch [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * smbfs-honor-mount-opts.dpatch Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled See CVE-2006-5871 * bridge-get_fdb_entries-overflow.dpatch Protect against possible overflow in get_fdb_entries See CVE-2006-5751 stable/main/binary-i386/kernel-headers-2.6.8-3-686-smp_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-image-2.6.8-3-k7_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-3-k7_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-image-2.6.8-3-k7-smp_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-image-2.6.8-3-686-smp_2.6.8-16sarge6_i386.deb stable/main/source/kernel-image-2.6.8-i386_2.6.8-16sarge6.tar.gz stable/main/binary-i386/kernel-image-2.6.8-3-686_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-3-k7-smp_2.6.8-16sarge6_i386.deb stable/main/source/kernel-image-2.6.8-i386_2.6.8-16sarge6.dsc stable/main/binary-i386/kernel-image-2.6.8-3-386_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-3-386_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-3-686_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-3_2.6.8-16sarge6_i386.deb kernel-image-2.6.8-i386 (2.6.8-16sarge6) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge6: * perfmon-fd-refcnt.dpatch [SECURITY][ia64] Fix file descriptor leak in perfmonctl system call which could be used as a local denial of service attack by depleting the system of file descriptors See CVE-2006-3741 * ia64-sparc-cross-region-mappings.dpatch [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * __block_prepare_write-recovery.dpatch [SECURITY] Fix an information leak in __block_prepare_write() See CVE-2006-4813 * atm-clip-freed-skb-deref.dpatch [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * ip6_flowlabel-lockup.dpatch [SECURITY] Fix local DoS attack vector (lockups, oopses) in the sequence handling for /proc/net/ip6_flowlabel See CVE-2006-5619 * ppc-alignment-exception-table-check.dpatch [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * s390-uaccess-memleak.dpatch [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * smbfs-honor-mount-opts.dpatch Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled See CVE-2006-5871 * bridge-get_fdb_entries-overflow.dpatch Protect against possible overflow in get_fdb_entries See CVE-2006-5751 stable/main/binary-hppa/kernel-headers-2.6.8-3_2.6.8-6sarge6_hppa.deb stable/main/binary-hppa/kernel-image-2.6.8-3-64_2.6.8-6sarge6_hppa.deb stable/main/binary-hppa/kernel-image-2.6.8-3-64-smp_2.6.8-6sarge6_hppa.deb stable/main/binary-hppa/kernel-headers-2.6.8-3-64-smp_2.6.8-6sarge6_hppa.deb stable/main/binary-hppa/kernel-image-2.6.8-3-32_2.6.8-6sarge6_hppa.deb stable/main/source/kernel-image-2.6.8-hppa_2.6.8-6sarge6.tar.gz stable/main/source/kernel-image-2.6.8-hppa_2.6.8-6sarge6.dsc stable/main/binary-hppa/kernel-headers-2.6.8-3-32-smp_2.6.8-6sarge6_hppa.deb stable/main/binary-hppa/kernel-image-2.6.8-3-32-smp_2.6.8-6sarge6_hppa.deb stable/main/binary-hppa/kernel-headers-2.6.8-3-64_2.6.8-6sarge6_hppa.deb stable/main/binary-hppa/kernel-headers-2.6.8-3-32_2.6.8-6sarge6_hppa.deb kernel-image-2.6.8-hppa (2.6.8-6sarge6) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge6: * perfmon-fd-refcnt.dpatch [SECURITY][ia64] Fix file descriptor leak in perfmonctl system call which could be used as a local denial of service attack by depleting the system of file descriptors See CVE-2006-3741 * ia64-sparc-cross-region-mappings.dpatch [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * __block_prepare_write-recovery.dpatch [SECURITY] Fix an information leak in __block_prepare_write() See CVE-2006-4813 * atm-clip-freed-skb-deref.dpatch [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * ip6_flowlabel-lockup.dpatch [SECURITY] Fix local DoS attack vector (lockups, oopses) in the sequence handling for /proc/net/ip6_flowlabel See CVE-2006-5619 * ppc-alignment-exception-table-check.dpatch [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * s390-uaccess-memleak.dpatch [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * smbfs-honor-mount-opts.dpatch Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled See CVE-2006-5871 * bridge-get_fdb_entries-overflow.dpatch Protect against possible overflow in get_fdb_entries See CVE-2006-5751 * Build against kernel-patch-2.6.8-hppa (2.6.8-5sarge1) * Update patch to apply to kernel-tree-2.6.8-16sarge6 stable/main/binary-i386/kernel-headers-2.6.8-12-amd64-k8-smp_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-image-2.6.8-12-amd64-k8_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-image-2.6.8-12-amd64-k8-smp_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-image-2.6.8-12-em64t-p4_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-image-2.6.8-12-amd64-generic_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-12_2.6.8-16sarge6_i386.deb stable/main/source/kernel-image-2.6.8-amd64_2.6.8-16sarge6.dsc stable/main/source/kernel-image-2.6.8-amd64_2.6.8-16sarge6.tar.gz stable/main/binary-i386/kernel-image-2.6.8-12-em64t-p4-smp_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-12-em64t-p4-smp_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-12-amd64-generic_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-12-amd64-k8_2.6.8-16sarge6_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-12-em64t-p4_2.6.8-16sarge6_i386.deb kernel-image-2.6.8-amd64 (2.6.8-16sarge6) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge6: * perfmon-fd-refcnt.dpatch [SECURITY][ia64] Fix file descriptor leak in perfmonctl system call which could be used as a local denial of service attack by depleting the system of file descriptors See CVE-2006-3741 * ia64-sparc-cross-region-mappings.dpatch [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * __block_prepare_write-recovery.dpatch [SECURITY] Fix an information leak in __block_prepare_write() See CVE-2006-4813 * atm-clip-freed-skb-deref.dpatch [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * ip6_flowlabel-lockup.dpatch [SECURITY] Fix local DoS attack vector (lockups, oopses) in the sequence handling for /proc/net/ip6_flowlabel See CVE-2006-5619 * ppc-alignment-exception-table-check.dpatch [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * s390-uaccess-memleak.dpatch [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * smbfs-honor-mount-opts.dpatch Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled See CVE-2006-5871 * bridge-get_fdb_entries-overflow.dpatch Protect against possible overflow in get_fdb_entries See CVE-2006-5751 stable/main/binary-alpha/kernel-image-2.6.8-3-generic_2.6.8-16sarge6_alpha.deb stable/main/binary-alpha/kernel-image-2.6.8-3-smp_2.6.8-16sarge6_alpha.deb stable/main/binary-alpha/kernel-headers-2.6.8-3-smp_2.6.8-16sarge6_alpha.deb stable/main/source/kernel-image-2.6.8-alpha_2.6.8-16sarge6.dsc stable/main/binary-alpha/kernel-headers-2.6.8-3_2.6.8-16sarge6_alpha.deb stable/main/source/kernel-image-2.6.8-alpha_2.6.8-16sarge6.tar.gz stable/main/binary-alpha/kernel-headers-2.6.8-3-generic_2.6.8-16sarge6_alpha.deb kernel-image-2.6.8-alpha (2.6.8-16sarge6) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge6: * perfmon-fd-refcnt.dpatch [SECURITY][ia64] Fix file descriptor leak in perfmonctl system call which could be used as a local denial of service attack by depleting the system of file descriptors See CVE-2006-3741 * ia64-sparc-cross-region-mappings.dpatch [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * __block_prepare_write-recovery.dpatch [SECURITY] Fix an information leak in __block_prepare_write() See CVE-2006-4813 * atm-clip-freed-skb-deref.dpatch [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * ip6_flowlabel-lockup.dpatch [SECURITY] Fix local DoS attack vector (lockups, oopses) in the sequence handling for /proc/net/ip6_flowlabel See CVE-2006-5619 * ppc-alignment-exception-table-check.dpatch [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * s390-uaccess-memleak.dpatch [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * smbfs-honor-mount-opts.dpatch Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled See CVE-2006-5871 * bridge-get_fdb_entries-overflow.dpatch Protect against possible overflow in get_fdb_entries See CVE-2006-5751 stable/main/binary-sparc/kernel-build-2.4.27-3_2.4.27-9sarge5_sparc.deb stable/main/binary-sparc/kernel-headers-2.4.27-3-sparc64_2.4.27-9sarge5_sparc.deb stable/main/binary-sparc/kernel-image-2.4.27-3-sparc32-smp_2.4.27-9sarge5_sparc.deb stable/main/binary-sparc/kernel-headers-2.4.27-3-sparc32_2.4.27-9sarge5_sparc.deb stable/main/binary-sparc/kernel-image-2.4.27-3-sparc32_2.4.27-9sarge5_sparc.deb stable/main/source/kernel-image-2.4.27-sparc_2.4.27-9sarge5.dsc stable/main/binary-sparc/kernel-image-2.4.27-3-sparc64-smp_2.4.27-9sarge5_sparc.deb stable/main/binary-sparc/kernel-headers-2.4.27-3_2.4.27-9sarge5_sparc.deb stable/main/binary-sparc/kernel-image-2.4.27-3-sparc64_2.4.27-9sarge5_sparc.deb stable/main/source/kernel-image-2.4.27-sparc_2.4.27-9sarge5.tar.gz stable/main/binary-sparc/kernel-headers-2.4.27-3-sparc32-smp_2.4.27-9sarge5_sparc.deb stable/main/binary-sparc/kernel-headers-2.4.27-3-sparc64-smp_2.4.27-9sarge5_sparc.deb kernel-image-2.4.27-sparc (2.4.27-9sarge5) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/source/kernel-image-2.4.27-s390_2.4.27-2sarge5.dsc stable/main/binary-s390/kernel-image-2.4.27-3-s390-tape_2.4.27-2sarge5_s390.deb stable/main/binary-s390/kernel-image-2.4.27-3-s390_2.4.27-2sarge5_s390.deb stable/main/binary-s390/kernel-headers-2.4.27-3_2.4.27-2sarge5_s390.deb stable/main/source/kernel-image-2.4.27-s390_2.4.27-2sarge5.tar.gz stable/main/binary-s390/kernel-image-2.4.27-3-s390x_2.4.27-2sarge5_s390.deb kernel-image-2.4.27-s390 (2.4.27-2sarge5) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-m68k/kernel-image-2.4.27-amiga_2.4.27-3sarge5_m68k.deb stable/main/binary-m68k/kernel-image-2.4.27-mvme16x_2.4.27-3sarge5_m68k.deb stable/main/binary-m68k/kernel-image-2.4.27-mvme147_2.4.27-3sarge5_m68k.deb stable/main/source/kernel-image-2.4.27-m68k_2.4.27-3sarge5.dsc stable/main/binary-m68k/kernel-image-2.4.27-atari_2.4.27-3sarge5_m68k.deb stable/main/source/kernel-image-2.4.27-m68k_2.4.27-3sarge5.tar.gz stable/main/binary-m68k/kernel-image-2.4.27-bvme6000_2.4.27-3sarge5_m68k.deb stable/main/binary-m68k/kernel-image-2.4.27-q40_2.4.27-3sarge5_m68k.deb stable/main/binary-m68k/kernel-image-2.4.27-mac_2.4.27-3sarge5_m68k.deb kernel-image-2.4.27-m68k (2.4.27-3sarge5) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-ia64/kernel-image-2.4-mckinley_2.4.27-10sarge5_ia64.deb stable/main/binary-ia64/kernel-image-2.4.27-3-itanium-smp_2.4.27-10sarge5_ia64.deb stable/main/binary-ia64/kernel-image-2.4.27-3-mckinley_2.4.27-10sarge5_ia64.deb stable/main/binary-ia64/kernel-build-2.4.27-3_2.4.27-10sarge5_ia64.deb stable/main/binary-ia64/kernel-headers-2.4.27-3-mckinley-smp_2.4.27-10sarge5_ia64.deb stable/main/binary-ia64/kernel-headers-2.4.27-3-itanium_2.4.27-10sarge5_ia64.deb stable/main/source/kernel-image-2.4.27-ia64_2.4.27-10sarge5.dsc stable/main/binary-ia64/kernel-image-2.4.27-3-mckinley-smp_2.4.27-10sarge5_ia64.deb stable/main/binary-ia64/kernel-headers-2.4.27-3-itanium-smp_2.4.27-10sarge5_ia64.deb stable/main/binary-ia64/kernel-headers-2.4.27-3_2.4.27-10sarge5_ia64.deb stable/main/source/kernel-image-2.4.27-ia64_2.4.27-10sarge5.tar.gz stable/main/binary-ia64/kernel-image-2.4-itanium_2.4.27-10sarge5_ia64.deb stable/main/binary-ia64/kernel-image-2.4-mckinley-smp_2.4.27-10sarge5_ia64.deb stable/main/binary-ia64/kernel-headers-2.4.27-3-mckinley_2.4.27-10sarge5_ia64.deb stable/main/binary-ia64/kernel-image-2.4.27-3-itanium_2.4.27-10sarge5_ia64.deb stable/main/binary-ia64/kernel-image-2.4-itanium-smp_2.4.27-10sarge5_ia64.deb kernel-image-2.4.27-ia64 (2.4.27-10sarge5) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-i386/kernel-pcmcia-modules-2.4.27-3-586tsc_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3-k7_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3-k6_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-image-2.4.27-3-686-smp_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-pcmcia-modules-2.4.27-3-k7-smp_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3-686_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-pcmcia-modules-2.4.27-3-k7_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-image-2.4.27-3-k6_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-image-2.4.27-3-586tsc_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-pcmcia-modules-2.4.27-3-686-smp_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-image-2.4.27-3-686_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3-k7-smp_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-pcmcia-modules-2.4.27-3-686_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-pcmcia-modules-2.4.27-3-386_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-image-2.4.27-3-k7-smp_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-pcmcia-modules-2.4.27-3-k6_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3-686-smp_2.4.27-10sarge5_i386.deb stable/main/source/kernel-image-2.4.27-i386_2.4.27-10sarge5.tar.gz stable/main/binary-i386/kernel-image-2.4.27-3-386_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-build-2.4.27-3_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3-586tsc_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-image-2.4.27-3-k7_2.4.27-10sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3-386_2.4.27-10sarge5_i386.deb stable/main/source/kernel-image-2.4.27-i386_2.4.27-10sarge5.dsc kernel-image-2.4.27-i386 (2.4.27-10sarge5) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-arm/kernel-image-2.4.27-riscstation_2.4.27-2sarge5_arm.deb stable/main/source/kernel-image-2.4.27-arm_2.4.27-2sarge5.dsc stable/main/binary-arm/kernel-image-2.4.27-riscpc_2.4.27-2sarge5_arm.deb stable/main/binary-arm/kernel-build-2.4.27_2.4.27-2sarge5_arm.deb stable/main/binary-arm/kernel-image-2.4.27-bast_2.4.27-2sarge5_arm.deb stable/main/binary-arm/kernel-image-2.4.27-netwinder_2.4.27-2sarge5_arm.deb stable/main/source/kernel-image-2.4.27-arm_2.4.27-2sarge5.tar.gz stable/main/binary-arm/kernel-image-2.4.27-lart_2.4.27-2sarge5_arm.deb stable/main/binary-arm/kernel-headers-2.4.27_2.4.27-2sarge5_arm.deb kernel-image-2.4.27-arm (2.4.27-2sarge5) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-alpha/kernel-headers-2.4.27-3-generic_2.4.27-10sarge5_alpha.deb stable/main/source/kernel-image-2.4.27-alpha_2.4.27-10sarge5.tar.gz stable/main/source/kernel-image-2.4.27-alpha_2.4.27-10sarge5.dsc stable/main/binary-alpha/kernel-image-2.4.27-3-generic_2.4.27-10sarge5_alpha.deb stable/main/binary-alpha/kernel-headers-2.4.27-3-smp_2.4.27-10sarge5_alpha.deb stable/main/binary-alpha/kernel-build-2.4.27-3_2.4.27-10sarge5_alpha.deb stable/main/binary-alpha/kernel-headers-2.4.27-3_2.4.27-10sarge5_alpha.deb stable/main/binary-alpha/kernel-image-2.4.27-3-smp_2.4.27-10sarge5_alpha.deb kernel-image-2.4.27-alpha (2.4.27-10sarge5) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 stable/main/binary-all/ingo1_1.0.1-1sarge1_all.deb stable/main/source/ingo1_1.0.1-1sarge1.diff.gz stable/main/source/ingo1_1.0.1-1sarge1.dsc ingo1 (1.0.1-1sarge1) stable-security; urgency=high * Security update: - Fix remote autenticated user arbitrary command execution via shell metacharacters in mailbox name (closes: #396099) This is CVE-2006-5449. * Change maintainer to Horde team. stable/main/binary-sparc/libmagick6-dev_6.0.6.2-2.9_sparc.deb stable/main/binary-sparc/perlmagick_6.0.6.2-2.9_sparc.deb stable/main/binary-sparc/imagemagick_6.0.6.2-2.9_sparc.deb stable/main/binary-sparc/libmagick6_6.0.6.2-2.9_sparc.deb stable/main/binary-sparc/libmagick++6-dev_6.0.6.2-2.9_sparc.deb stable/main/binary-sparc/libmagick++6_6.0.6.2-2.9_sparc.deb imagemagick (6:6.0.6.2-2.9) stable-security; urgency=high * Non-maintainer upload for the Security Team. * coders/palm.c: Fix regression introduced in patch for CVE-2006-5456. Avoid bogus second read in macro call. Patch thanks to Vladimir Nadvornik. (CVE-2007-0770) stable/main/binary-s390/perlmagick_6.0.6.2-2.9_s390.deb stable/main/binary-s390/libmagick6_6.0.6.2-2.9_s390.deb stable/main/binary-s390/libmagick++6-dev_6.0.6.2-2.9_s390.deb stable/main/binary-s390/libmagick++6_6.0.6.2-2.9_s390.deb stable/main/binary-s390/imagemagick_6.0.6.2-2.9_s390.deb stable/main/binary-s390/libmagick6-dev_6.0.6.2-2.9_s390.deb imagemagick (6:6.0.6.2-2.9) stable-security; urgency=high * Non-maintainer upload for the Security Team. * coders/palm.c: Fix regression introduced in patch for CVE-2006-5456. Avoid bogus second read in macro call. Patch thanks to Vladimir Nadvornik. (CVE-2007-0770) stable/main/binary-powerpc/perlmagick_6.0.6.2-2.9_powerpc.deb stable/main/binary-powerpc/libmagick6-dev_6.0.6.2-2.9_powerpc.deb stable/main/binary-powerpc/libmagick++6_6.0.6.2-2.9_powerpc.deb stable/main/binary-powerpc/libmagick++6-dev_6.0.6.2-2.9_powerpc.deb stable/main/binary-powerpc/imagemagick_6.0.6.2-2.9_powerpc.deb stable/main/binary-powerpc/libmagick6_6.0.6.2-2.9_powerpc.deb imagemagick (6:6.0.6.2-2.9) stable-security; urgency=high * Non-maintainer upload for the Security Team. * coders/palm.c: Fix regression introduced in patch for CVE-2006-5456. Avoid bogus second read in macro call. Patch thanks to Vladimir Nadvornik. (CVE-2007-0770) stable/main/binary-mipsel/imagemagick_6.0.6.2-2.9_mipsel.deb stable/main/binary-mipsel/libmagick++6_6.0.6.2-2.9_mipsel.deb stable/main/binary-mipsel/libmagick6-dev_6.0.6.2-2.9_mipsel.deb stable/main/binary-mipsel/libmagick++6-dev_6.0.6.2-2.9_mipsel.deb stable/main/binary-mipsel/libmagick6_6.0.6.2-2.9_mipsel.deb stable/main/binary-mipsel/perlmagick_6.0.6.2-2.9_mipsel.deb imagemagick (6:6.0.6.2-2.9) stable-security; urgency=high * Non-maintainer upload for the Security Team. * coders/palm.c: Fix regression introduced in patch for CVE-2006-5456. Avoid bogus second read in macro call. Patch thanks to Vladimir Nadvornik. (CVE-2007-0770) stable/main/binary-mips/libmagick6_6.0.6.2-2.9_mips.deb stable/main/binary-mips/libmagick++6_6.0.6.2-2.9_mips.deb stable/main/binary-mips/libmagick6-dev_6.0.6.2-2.9_mips.deb stable/main/binary-mips/perlmagick_6.0.6.2-2.9_mips.deb stable/main/binary-mips/imagemagick_6.0.6.2-2.9_mips.deb stable/main/binary-mips/libmagick++6-dev_6.0.6.2-2.9_mips.deb imagemagick (6:6.0.6.2-2.9) stable-security; urgency=high * Non-maintainer upload for the Security Team. * coders/palm.c: Fix regression introduced in patch for CVE-2006-5456. Avoid bogus second read in macro call. Patch thanks to Vladimir Nadvornik. (CVE-2007-0770) stable/main/binary-m68k/libmagick++6-dev_6.0.6.2-2.9_m68k.deb stable/main/binary-m68k/imagemagick_6.0.6.2-2.9_m68k.deb stable/main/binary-m68k/libmagick6_6.0.6.2-2.9_m68k.deb stable/main/binary-m68k/libmagick++6_6.0.6.2-2.9_m68k.deb stable/main/binary-m68k/libmagick6-dev_6.0.6.2-2.9_m68k.deb stable/main/binary-m68k/perlmagick_6.0.6.2-2.9_m68k.deb imagemagick (6:6.0.6.2-2.9) stable-security; urgency=high * Non-maintainer upload for the Security Team. * coders/palm.c: Fix regression introduced in patch for CVE-2006-5456. Avoid bogus second read in macro call. Patch thanks to Vladimir Nadvornik. (CVE-2007-0770) stable/main/binary-ia64/libmagick6_6.0.6.2-2.9_ia64.deb stable/main/binary-ia64/libmagick++6-dev_6.0.6.2-2.9_ia64.deb stable/main/binary-ia64/perlmagick_6.0.6.2-2.9_ia64.deb stable/main/binary-ia64/imagemagick_6.0.6.2-2.9_ia64.deb stable/main/binary-ia64/libmagick++6_6.0.6.2-2.9_ia64.deb stable/main/binary-ia64/libmagick6-dev_6.0.6.2-2.9_ia64.deb imagemagick (6:6.0.6.2-2.9) stable-security; urgency=high * Non-maintainer upload for the Security Team. * coders/palm.c: Fix regression introduced in patch for CVE-2006-5456. Avoid bogus second read in macro call. Patch thanks to Vladimir Nadvornik. (CVE-2007-0770) stable/main/binary-hppa/libmagick6_6.0.6.2-2.9_hppa.deb stable/main/binary-hppa/libmagick++6-dev_6.0.6.2-2.9_hppa.deb stable/main/binary-hppa/libmagick6-dev_6.0.6.2-2.9_hppa.deb stable/main/binary-hppa/libmagick++6_6.0.6.2-2.9_hppa.deb stable/main/binary-hppa/imagemagick_6.0.6.2-2.9_hppa.deb stable/main/binary-hppa/perlmagick_6.0.6.2-2.9_hppa.deb imagemagick (6:6.0.6.2-2.9) stable-security; urgency=high * Non-maintainer upload for the Security Team. * coders/palm.c: Fix regression introduced in patch for CVE-2006-5456. Avoid bogus second read in macro call. Patch thanks to Vladimir Nadvornik. (CVE-2007-0770) stable/main/binary-arm/libmagick6_6.0.6.2-2.9_arm.deb stable/main/binary-arm/libmagick++6-dev_6.0.6.2-2.9_arm.deb stable/main/binary-arm/libmagick++6_6.0.6.2-2.9_arm.deb stable/main/binary-arm/perlmagick_6.0.6.2-2.9_arm.deb stable/main/binary-arm/libmagick6-dev_6.0.6.2-2.9_arm.deb stable/main/binary-arm/imagemagick_6.0.6.2-2.9_arm.deb imagemagick (6:6.0.6.2-2.9) stable-security; urgency=high * Non-maintainer upload for the Security Team. * coders/palm.c: Fix regression introduced in patch for CVE-2006-5456. Avoid bogus second read in macro call. Patch thanks to Vladimir Nadvornik. (CVE-2007-0770) stable/main/binary-alpha/libmagick6-dev_6.0.6.2-2.9_alpha.deb stable/main/binary-alpha/libmagick6_6.0.6.2-2.9_alpha.deb stable/main/binary-alpha/imagemagick_6.0.6.2-2.9_alpha.deb stable/main/binary-alpha/libmagick++6_6.0.6.2-2.9_alpha.deb stable/main/binary-alpha/libmagick++6-dev_6.0.6.2-2.9_alpha.deb stable/main/binary-alpha/perlmagick_6.0.6.2-2.9_alpha.deb imagemagick (6:6.0.6.2-2.9) stable-security; urgency=high * Non-maintainer upload for the Security Team. * coders/palm.c: Fix regression introduced in patch for CVE-2006-5456. Avoid bogus second read in macro call. Patch thanks to Vladimir Nadvornik. (CVE-2007-0770) stable/main/binary-i386/perlmagick_6.0.6.2-2.9_i386.deb stable/main/binary-i386/libmagick6-dev_6.0.6.2-2.9_i386.deb stable/main/binary-i386/libmagick++6_6.0.6.2-2.9_i386.deb stable/main/source/imagemagick_6.0.6.2-2.9.dsc stable/main/source/imagemagick_6.0.6.2-2.9.diff.gz stable/main/binary-i386/libmagick++6-dev_6.0.6.2-2.9_i386.deb stable/main/binary-i386/imagemagick_6.0.6.2-2.9_i386.deb stable/main/binary-i386/libmagick6_6.0.6.2-2.9_i386.deb imagemagick (6:6.0.6.2-2.9) stable-security; urgency=high * Non-maintainer upload for the Security Team. * coders/palm.c: Fix regression introduced in patch for CVE-2006-5456. Avoid bogus second read in macro call. Patch thanks to Vladimir Nadvornik. (CVE-2007-0770) stable/main/binary-sparc/gv_3.6.1-10sarge2_sparc.deb gv (1:3.6.1-10sarge2) stable-security; urgency=high * Fix patch application breakage * Also extent patch for corner case previously unhandled stable/main/binary-s390/gv_3.6.1-10sarge2_s390.deb gv (1:3.6.1-10sarge2) stable-security; urgency=high * Fix patch application breakage * Also extent patch for corner case previously unhandled stable/main/binary-powerpc/gv_3.6.1-10sarge2_powerpc.deb gv (1:3.6.1-10sarge2) stable-security; urgency=high * Fix patch application breakage * Also extent patch for corner case previously unhandled stable/main/binary-mipsel/gv_3.6.1-10sarge2_mipsel.deb gv (1:3.6.1-10sarge2) stable-security; urgency=high * Fix patch application breakage * Also extent patch for corner case previously unhandled stable/main/binary-mips/gv_3.6.1-10sarge2_mips.deb gv (1:3.6.1-10sarge2) stable-security; urgency=high * Fix patch application breakage * Also extent patch for corner case previously unhandled stable/main/binary-m68k/gv_3.6.1-10sarge2_m68k.deb gv (1:3.6.1-10sarge2) stable-security; urgency=high * Fix patch application breakage * Also extent patch for corner case previously unhandled stable/main/binary-ia64/gv_3.6.1-10sarge2_ia64.deb gv (1:3.6.1-10sarge2) stable-security; urgency=high * Fix patch application breakage * Also extent patch for corner case previously unhandled stable/main/binary-hppa/gv_3.6.1-10sarge2_hppa.deb gv (1:3.6.1-10sarge2) stable-security; urgency=high * Fix patch application breakage * Also extent patch for corner case previously unhandled stable/main/binary-arm/gv_3.6.1-10sarge2_arm.deb gv (1:3.6.1-10sarge2) stable-security; urgency=high * Fix patch application breakage * Also extent patch for corner case previously unhandled stable/main/binary-alpha/gv_3.6.1-10sarge2_alpha.deb gv (1:3.6.1-10sarge2) stable-security; urgency=high * Fix patch application breakage * Also extent patch for corner case previously unhandled stable/main/binary-i386/gv_3.6.1-10sarge2_i386.deb stable/main/source/gv_3.6.1-10sarge2.dsc stable/main/source/gv_3.6.1-10sarge2.diff.gz gv (1:3.6.1-10sarge2) stable-security; urgency=high * Fix patch application breakage * Also extent patch for corner case previously unhandled stable/main/binary-sparc/libgtk2.0-bin_2.6.4-3.2_sparc.deb stable/main/binary-sparc/libgtk2.0-0-dbg_2.6.4-3.2_sparc.deb stable/main/binary-sparc/gtk2-engines-pixbuf_2.6.4-3.2_sparc.deb stable/main/binary-sparc/libgtk2.0-0_2.6.4-3.2_sparc.deb stable/main/binary-sparc/libgtk2.0-dev_2.6.4-3.2_sparc.deb stable/main/binary-sparc/gtk2.0-examples_2.6.4-3.2_sparc.deb gtk+2.0 (2.6.4-3.2) stable-security; urgency=high * Non-maintainer upload targetted at stable-security. * SECURITY: New patch, 030_CVE-2007-0010_error-handling-in-pixbuf-loaders, to fix error handling in pixbuf loaders; CVE-2007-0010; RedHat #218755, #218932. stable/main/binary-s390/libgtk2.0-bin_2.6.4-3.2_s390.deb stable/main/binary-s390/libgtk2.0-0_2.6.4-3.2_s390.deb stable/main/binary-s390/libgtk2.0-dev_2.6.4-3.2_s390.deb stable/main/binary-s390/gtk2.0-examples_2.6.4-3.2_s390.deb stable/main/binary-s390/libgtk2.0-0-dbg_2.6.4-3.2_s390.deb stable/main/binary-s390/gtk2-engines-pixbuf_2.6.4-3.2_s390.deb gtk+2.0 (2.6.4-3.2) stable-security; urgency=high * Non-maintainer upload targetted at stable-security. * SECURITY: New patch, 030_CVE-2007-0010_error-handling-in-pixbuf-loaders, to fix error handling in pixbuf loaders; CVE-2007-0010; RedHat #218755, #218932. stable/main/binary-powerpc/libgtk2.0-bin_2.6.4-3.2_powerpc.deb stable/main/binary-powerpc/libgtk2.0-0-dbg_2.6.4-3.2_powerpc.deb stable/main/binary-powerpc/libgtk2.0-0_2.6.4-3.2_powerpc.deb stable/main/binary-powerpc/gtk2-engines-pixbuf_2.6.4-3.2_powerpc.deb stable/main/binary-powerpc/gtk2.0-examples_2.6.4-3.2_powerpc.deb stable/main/binary-powerpc/libgtk2.0-dev_2.6.4-3.2_powerpc.deb gtk+2.0 (2.6.4-3.2) stable-security; urgency=high * Non-maintainer upload targetted at stable-security. * SECURITY: New patch, 030_CVE-2007-0010_error-handling-in-pixbuf-loaders, to fix error handling in pixbuf loaders; CVE-2007-0010; RedHat #218755, #218932. stable/main/binary-mipsel/libgtk2.0-dev_2.6.4-3.2_mipsel.deb stable/main/binary-mipsel/libgtk2.0-0_2.6.4-3.2_mipsel.deb stable/main/binary-mipsel/gtk2-engines-pixbuf_2.6.4-3.2_mipsel.deb stable/main/binary-mipsel/gtk2.0-examples_2.6.4-3.2_mipsel.deb stable/main/binary-mipsel/libgtk2.0-0-dbg_2.6.4-3.2_mipsel.deb stable/main/binary-mipsel/libgtk2.0-bin_2.6.4-3.2_mipsel.deb gtk+2.0 (2.6.4-3.2) stable-security; urgency=high * Non-maintainer upload targetted at stable-security. * SECURITY: New patch, 030_CVE-2007-0010_error-handling-in-pixbuf-loaders, to fix error handling in pixbuf loaders; CVE-2007-0010; RedHat #218755, #218932. stable/main/binary-mips/gtk2.0-examples_2.6.4-3.2_mips.deb stable/main/binary-mips/libgtk2.0-0_2.6.4-3.2_mips.deb stable/main/binary-mips/libgtk2.0-bin_2.6.4-3.2_mips.deb stable/main/binary-mips/libgtk2.0-0-dbg_2.6.4-3.2_mips.deb stable/main/binary-mips/gtk2-engines-pixbuf_2.6.4-3.2_mips.deb stable/main/binary-mips/libgtk2.0-dev_2.6.4-3.2_mips.deb gtk+2.0 (2.6.4-3.2) stable-security; urgency=high * Non-maintainer upload targetted at stable-security. * SECURITY: New patch, 030_CVE-2007-0010_error-handling-in-pixbuf-loaders, to fix error handling in pixbuf loaders; CVE-2007-0010; RedHat #218755, #218932. stable/main/binary-m68k/libgtk2.0-0_2.6.4-3.2_m68k.deb stable/main/binary-m68k/gtk2.0-examples_2.6.4-3.2_m68k.deb stable/main/binary-m68k/libgtk2.0-bin_2.6.4-3.2_m68k.deb stable/main/binary-m68k/gtk2-engines-pixbuf_2.6.4-3.2_m68k.deb stable/main/binary-m68k/libgtk2.0-0-dbg_2.6.4-3.2_m68k.deb stable/main/binary-m68k/libgtk2.0-dev_2.6.4-3.2_m68k.deb gtk+2.0 (2.6.4-3.2) stable-security; urgency=high * Non-maintainer upload targetted at stable-security. * SECURITY: New patch, 030_CVE-2007-0010_error-handling-in-pixbuf-loaders, to fix error handling in pixbuf loaders; CVE-2007-0010; RedHat #218755, #218932. stable/main/binary-ia64/libgtk2.0-bin_2.6.4-3.2_ia64.deb stable/main/binary-ia64/libgtk2.0-0_2.6.4-3.2_ia64.deb stable/main/binary-ia64/gtk2-engines-pixbuf_2.6.4-3.2_ia64.deb stable/main/binary-ia64/gtk2.0-examples_2.6.4-3.2_ia64.deb stable/main/binary-ia64/libgtk2.0-dev_2.6.4-3.2_ia64.deb stable/main/binary-ia64/libgtk2.0-0-dbg_2.6.4-3.2_ia64.deb gtk+2.0 (2.6.4-3.2) stable-security; urgency=high * Non-maintainer upload targetted at stable-security. * SECURITY: New patch, 030_CVE-2007-0010_error-handling-in-pixbuf-loaders, to fix error handling in pixbuf loaders; CVE-2007-0010; RedHat #218755, #218932. stable/main/binary-hppa/libgtk2.0-bin_2.6.4-3.2_hppa.deb stable/main/binary-hppa/gtk2.0-examples_2.6.4-3.2_hppa.deb stable/main/binary-hppa/gtk2-engines-pixbuf_2.6.4-3.2_hppa.deb stable/main/binary-hppa/libgtk2.0-0-dbg_2.6.4-3.2_hppa.deb stable/main/binary-hppa/libgtk2.0-0_2.6.4-3.2_hppa.deb stable/main/binary-hppa/libgtk2.0-dev_2.6.4-3.2_hppa.deb gtk+2.0 (2.6.4-3.2) stable-security; urgency=high * Non-maintainer upload targetted at stable-security. * SECURITY: New patch, 030_CVE-2007-0010_error-handling-in-pixbuf-loaders, to fix error handling in pixbuf loaders; CVE-2007-0010; RedHat #218755, #218932. stable/main/binary-arm/libgtk2.0-0-dbg_2.6.4-3.2_arm.deb stable/main/binary-arm/libgtk2.0-dev_2.6.4-3.2_arm.deb stable/main/binary-arm/gtk2-engines-pixbuf_2.6.4-3.2_arm.deb stable/main/binary-arm/libgtk2.0-bin_2.6.4-3.2_arm.deb stable/main/binary-arm/gtk2.0-examples_2.6.4-3.2_arm.deb stable/main/binary-arm/libgtk2.0-0_2.6.4-3.2_arm.deb gtk+2.0 (2.6.4-3.2) stable-security; urgency=high * Non-maintainer upload targetted at stable-security. * SECURITY: New patch, 030_CVE-2007-0010_error-handling-in-pixbuf-loaders, to fix error handling in pixbuf loaders; CVE-2007-0010; RedHat #218755, #218932. stable/main/binary-alpha/libgtk2.0-dev_2.6.4-3.2_alpha.deb stable/main/binary-alpha/gtk2.0-examples_2.6.4-3.2_alpha.deb stable/main/binary-alpha/libgtk2.0-0_2.6.4-3.2_alpha.deb stable/main/binary-alpha/libgtk2.0-bin_2.6.4-3.2_alpha.deb stable/main/binary-alpha/libgtk2.0-0-dbg_2.6.4-3.2_alpha.deb stable/main/binary-alpha/gtk2-engines-pixbuf_2.6.4-3.2_alpha.deb gtk+2.0 (2.6.4-3.2) stable-security; urgency=high * Non-maintainer upload targetted at stable-security. * SECURITY: New patch, 030_CVE-2007-0010_error-handling-in-pixbuf-loaders, to fix error handling in pixbuf loaders; CVE-2007-0010; RedHat #218755, #218932. stable/main/source/gtk+2.0_2.6.4-3.2.diff.gz stable/main/source/gtk+2.0_2.6.4-3.2.dsc stable/main/binary-i386/libgtk2.0-bin_2.6.4-3.2_i386.deb stable/main/binary-i386/libgtk2.0-dev_2.6.4-3.2_i386.deb stable/main/binary-all/libgtk2.0-common_2.6.4-3.2_all.deb stable/main/binary-i386/libgtk2.0-0-dbg_2.6.4-3.2_i386.deb stable/main/binary-i386/gtk2.0-examples_2.6.4-3.2_i386.deb stable/main/binary-all/libgtk2.0-doc_2.6.4-3.2_all.deb stable/main/binary-i386/gtk2-engines-pixbuf_2.6.4-3.2_i386.deb stable/main/binary-i386/libgtk2.0-0_2.6.4-3.2_i386.deb gtk+2.0 (2.6.4-3.2) stable-security; urgency=high * Non-maintainer upload targetted at stable-security. * SECURITY: New patch, 030_CVE-2007-0010_error-handling-in-pixbuf-loaders, to fix error handling in pixbuf loaders; CVE-2007-0010; RedHat #218755, #218932. stable/main/binary-sparc/gpgv-udeb_1.4.1-1.sarge6_sparc.udeb stable/main/binary-sparc/gnupg_1.4.1-1.sarge6_sparc.deb gnupg (1.4.1-1.sarge6) stable-security; urgency=high * Non-maintainer upload by the Security Team, based on a patch by Bernhard Herzog. * Added patch to fix crash in ask_outfile_name [g10/openfile.c, 24_CVE-2006-6169.dpatch] * Added patch to fix remotely controllable function pointer bug [g10/encr-data.c, 24_CVE-2006-6235.dpatch] stable/main/binary-s390/gpgv-udeb_1.4.1-1.sarge6_s390.udeb stable/main/binary-s390/gnupg_1.4.1-1.sarge6_s390.deb gnupg (1.4.1-1.sarge6) stable-security; urgency=high * Non-maintainer upload by the Security Team, based on a patch by Bernhard Herzog. * Added patch to fix crash in ask_outfile_name [g10/openfile.c, 24_CVE-2006-6169.dpatch] * Added patch to fix remotely controllable function pointer bug [g10/encr-data.c, 24_CVE-2006-6235.dpatch] stable/main/binary-powerpc/gnupg_1.4.1-1.sarge6_powerpc.deb stable/main/binary-powerpc/gpgv-udeb_1.4.1-1.sarge6_powerpc.udeb gnupg (1.4.1-1.sarge6) stable-security; urgency=high * Non-maintainer upload by the Security Team, based on a patch by Bernhard Herzog. * Added patch to fix crash in ask_outfile_name [g10/openfile.c, 24_CVE-2006-6169.dpatch] * Added patch to fix remotely controllable function pointer bug [g10/encr-data.c, 24_CVE-2006-6235.dpatch] stable/main/binary-mipsel/gnupg_1.4.1-1.sarge6_mipsel.deb stable/main/binary-mipsel/gpgv-udeb_1.4.1-1.sarge6_mipsel.udeb gnupg (1.4.1-1.sarge6) stable-security; urgency=high * Non-maintainer upload by the Security Team, based on a patch by Bernhard Herzog. * Added patch to fix crash in ask_outfile_name [g10/openfile.c, 24_CVE-2006-6169.dpatch] * Added patch to fix remotely controllable function pointer bug [g10/encr-data.c, 24_CVE-2006-6235.dpatch] stable/main/binary-mips/gpgv-udeb_1.4.1-1.sarge6_mips.udeb stable/main/binary-mips/gnupg_1.4.1-1.sarge6_mips.deb gnupg (1.4.1-1.sarge6) stable-security; urgency=high * Non-maintainer upload by the Security Team, based on a patch by Bernhard Herzog. * Added patch to fix crash in ask_outfile_name [g10/openfile.c, 24_CVE-2006-6169.dpatch] * Added patch to fix remotely controllable function pointer bug [g10/encr-data.c, 24_CVE-2006-6235.dpatch] stable/main/binary-m68k/gnupg_1.4.1-1.sarge6_m68k.deb stable/main/binary-m68k/gpgv-udeb_1.4.1-1.sarge6_m68k.udeb gnupg (1.4.1-1.sarge6) stable-security; urgency=high * Non-maintainer upload by the Security Team, based on a patch by Bernhard Herzog. * Added patch to fix crash in ask_outfile_name [g10/openfile.c, 24_CVE-2006-6169.dpatch] * Added patch to fix remotely controllable function pointer bug [g10/encr-data.c, 24_CVE-2006-6235.dpatch] stable/main/binary-ia64/gnupg_1.4.1-1.sarge6_ia64.deb stable/main/binary-ia64/gpgv-udeb_1.4.1-1.sarge6_ia64.udeb gnupg (1.4.1-1.sarge6) stable-security; urgency=high * Non-maintainer upload by the Security Team, based on a patch by Bernhard Herzog. * Added patch to fix crash in ask_outfile_name [g10/openfile.c, 24_CVE-2006-6169.dpatch] * Added patch to fix remotely controllable function pointer bug [g10/encr-data.c, 24_CVE-2006-6235.dpatch] stable/main/binary-hppa/gpgv-udeb_1.4.1-1.sarge6_hppa.udeb stable/main/binary-hppa/gnupg_1.4.1-1.sarge6_hppa.deb gnupg (1.4.1-1.sarge6) stable-security; urgency=high * Non-maintainer upload by the Security Team, based on a patch by Bernhard Herzog. * Added patch to fix crash in ask_outfile_name [g10/openfile.c, 24_CVE-2006-6169.dpatch] * Added patch to fix remotely controllable function pointer bug [g10/encr-data.c, 24_CVE-2006-6235.dpatch] stable/main/binary-arm/gpgv-udeb_1.4.1-1.sarge6_arm.udeb stable/main/binary-arm/gnupg_1.4.1-1.sarge6_arm.deb gnupg (1.4.1-1.sarge6) stable-security; urgency=high * Non-maintainer upload by the Security Team, based on a patch by Bernhard Herzog. * Added patch to fix crash in ask_outfile_name [g10/openfile.c, 24_CVE-2006-6169.dpatch] * Added patch to fix remotely controllable function pointer bug [g10/encr-data.c, 24_CVE-2006-6235.dpatch] stable/main/binary-alpha/gpgv-udeb_1.4.1-1.sarge6_alpha.udeb stable/main/binary-alpha/gnupg_1.4.1-1.sarge6_alpha.deb gnupg (1.4.1-1.sarge6) stable-security; urgency=high * Non-maintainer upload by the Security Team, based on a patch by Bernhard Herzog. * Added patch to fix crash in ask_outfile_name [g10/openfile.c, 24_CVE-2006-6169.dpatch] * Added patch to fix remotely controllable function pointer bug [g10/encr-data.c, 24_CVE-2006-6235.dpatch] stable/main/binary-i386/gnupg_1.4.1-1.sarge6_i386.deb stable/main/source/gnupg_1.4.1-1.sarge6.dsc stable/main/source/gnupg_1.4.1-1.sarge6.diff.gz stable/main/binary-i386/gpgv-udeb_1.4.1-1.sarge6_i386.udeb gnupg (1.4.1-1.sarge6) stable-security; urgency=high * Non-maintainer upload by the Security Team, based on a patch by Bernhard Herzog. * Added patch to fix crash in ask_outfile_name [g10/openfile.c, 24_CVE-2006-6169.dpatch] * Added patch to fix remotely controllable function pointer bug [g10/encr-data.c, 24_CVE-2006-6235.dpatch] stable/main/binary-sparc/libc6-udeb_2.3.2.ds1-22sarge5_sparc.udeb stable/main/binary-sparc/libc6-dev-sparc64_2.3.2.ds1-22sarge5_sparc.deb stable/main/binary-sparc/libc6-dbg_2.3.2.ds1-22sarge5_sparc.deb stable/main/binary-sparc/libc6-prof_2.3.2.ds1-22sarge5_sparc.deb stable/main/binary-sparc/libc6-dev_2.3.2.ds1-22sarge5_sparc.deb stable/main/binary-sparc/libc6-sparcv9_2.3.2.ds1-22sarge5_sparc.deb stable/main/binary-sparc/libc6_2.3.2.ds1-22sarge5_sparc.deb stable/main/binary-sparc/libnss-files-udeb_2.3.2.ds1-22sarge5_sparc.udeb stable/main/binary-sparc/nscd_2.3.2.ds1-22sarge5_sparc.deb stable/main/binary-sparc/libnss-dns-udeb_2.3.2.ds1-22sarge5_sparc.udeb stable/main/binary-sparc/libc6-sparc64_2.3.2.ds1-22sarge5_sparc.deb stable/main/binary-sparc/libc6-pic_2.3.2.ds1-22sarge5_sparc.deb stable/main/binary-sparc/libc6-sparcv9b_2.3.2.ds1-22sarge5_sparc.deb glibc (2.3.2.ds1-22sarge5) stable; urgency=low * Aurelien Jarno - Update debian/patches/90_glibc232-timezones.dpatch with tzdata 2006p-1. This includes DST rules for West Australia and support for the "Energy Policy Act 2005". stable/main/binary-s390/libnss-dns-udeb_2.3.2.ds1-22sarge5_s390.udeb stable/main/binary-s390/libc6-prof_2.3.2.ds1-22sarge5_s390.deb stable/main/binary-s390/libc6_2.3.2.ds1-22sarge5_s390.deb stable/main/binary-s390/libc6-dbg_2.3.2.ds1-22sarge5_s390.deb stable/main/binary-s390/nscd_2.3.2.ds1-22sarge5_s390.deb stable/main/binary-s390/libc6-pic_2.3.2.ds1-22sarge5_s390.deb stable/main/binary-s390/libc6-udeb_2.3.2.ds1-22sarge5_s390.udeb stable/main/binary-s390/libc6-dev_2.3.2.ds1-22sarge5_s390.deb stable/main/binary-s390/libnss-files-udeb_2.3.2.ds1-22sarge5_s390.udeb stable/main/binary-s390/libc6-dev-s390x_2.3.2.ds1-22sarge5_s390.deb stable/main/binary-s390/libc6-s390x_2.3.2.ds1-22sarge5_s390.deb glibc (2.3.2.ds1-22sarge5) stable; urgency=low * Aurelien Jarno - Update debian/patches/90_glibc232-timezones.dpatch with tzdata 2006p-1. This includes DST rules for West Australia and support for the "Energy Policy Act 2005". stable/main/binary-powerpc/nscd_2.3.2.ds1-22sarge5_powerpc.deb stable/main/binary-powerpc/libc6-dbg_2.3.2.ds1-22sarge5_powerpc.deb stable/main/binary-powerpc/libnss-dns-udeb_2.3.2.ds1-22sarge5_powerpc.udeb stable/main/binary-powerpc/libc6-dev_2.3.2.ds1-22sarge5_powerpc.deb stable/main/binary-powerpc/libnss-files-udeb_2.3.2.ds1-22sarge5_powerpc.udeb stable/main/binary-powerpc/libc6_2.3.2.ds1-22sarge5_powerpc.deb stable/main/binary-powerpc/libc6-pic_2.3.2.ds1-22sarge5_powerpc.deb stable/main/binary-powerpc/libc6-udeb_2.3.2.ds1-22sarge5_powerpc.udeb stable/main/binary-powerpc/libc6-prof_2.3.2.ds1-22sarge5_powerpc.deb glibc (2.3.2.ds1-22sarge5) stable; urgency=low * Aurelien Jarno - Update debian/patches/90_glibc232-timezones.dpatch with tzdata 2006p-1. This includes DST rules for West Australia and support for the "Energy Policy Act 2005". stable/main/binary-mipsel/libc6-udeb_2.3.2.ds1-22sarge5_mipsel.udeb stable/main/binary-mipsel/libnss-files-udeb_2.3.2.ds1-22sarge5_mipsel.udeb stable/main/binary-mipsel/libc6-dbg_2.3.2.ds1-22sarge5_mipsel.deb stable/main/binary-mipsel/libc6-pic_2.3.2.ds1-22sarge5_mipsel.deb stable/main/binary-mipsel/libc6-prof_2.3.2.ds1-22sarge5_mipsel.deb stable/main/binary-mipsel/libc6-dev_2.3.2.ds1-22sarge5_mipsel.deb stable/main/binary-mipsel/libnss-dns-udeb_2.3.2.ds1-22sarge5_mipsel.udeb stable/main/binary-mipsel/libc6_2.3.2.ds1-22sarge5_mipsel.deb stable/main/binary-mipsel/nscd_2.3.2.ds1-22sarge5_mipsel.deb glibc (2.3.2.ds1-22sarge5) stable; urgency=low * Aurelien Jarno - Update debian/patches/90_glibc232-timezones.dpatch with tzdata 2006p-1. This includes DST rules for West Australia and support for the "Energy Policy Act 2005". stable/main/binary-mips/libnss-dns-udeb_2.3.2.ds1-22sarge5_mips.udeb stable/main/binary-mips/libc6-udeb_2.3.2.ds1-22sarge5_mips.udeb stable/main/binary-mips/libc6_2.3.2.ds1-22sarge5_mips.deb stable/main/binary-mips/libnss-files-udeb_2.3.2.ds1-22sarge5_mips.udeb stable/main/binary-mips/libc6-prof_2.3.2.ds1-22sarge5_mips.deb stable/main/binary-mips/libc6-pic_2.3.2.ds1-22sarge5_mips.deb stable/main/binary-mips/libc6-dev_2.3.2.ds1-22sarge5_mips.deb stable/main/binary-mips/nscd_2.3.2.ds1-22sarge5_mips.deb stable/main/binary-mips/libc6-dbg_2.3.2.ds1-22sarge5_mips.deb glibc (2.3.2.ds1-22sarge5) stable; urgency=low * Aurelien Jarno - Update debian/patches/90_glibc232-timezones.dpatch with tzdata 2006p-1. This includes DST rules for West Australia and support for the "Energy Policy Act 2005". stable/main/binary-m68k/nscd_2.3.2.ds1-22sarge5_m68k.deb stable/main/binary-m68k/libc6-dbg_2.3.2.ds1-22sarge5_m68k.deb stable/main/binary-m68k/libc6_2.3.2.ds1-22sarge5_m68k.deb stable/main/binary-m68k/libc6-prof_2.3.2.ds1-22sarge5_m68k.deb stable/main/binary-m68k/libc6-dev_2.3.2.ds1-22sarge5_m68k.deb stable/main/binary-m68k/libnss-dns-udeb_2.3.2.ds1-22sarge5_m68k.udeb stable/main/binary-m68k/libnss-files-udeb_2.3.2.ds1-22sarge5_m68k.udeb stable/main/binary-m68k/libc6-pic_2.3.2.ds1-22sarge5_m68k.deb stable/main/binary-m68k/libc6-udeb_2.3.2.ds1-22sarge5_m68k.udeb glibc (2.3.2.ds1-22sarge5) stable; urgency=low * Aurelien Jarno - Update debian/patches/90_glibc232-timezones.dpatch with tzdata 2006p-1. This includes DST rules for West Australia and support for the "Energy Policy Act 2005". stable/main/binary-ia64/nscd_2.3.2.ds1-22sarge5_ia64.deb stable/main/binary-ia64/libc6.1-dev_2.3.2.ds1-22sarge5_ia64.deb stable/main/binary-ia64/libc6.1-dbg_2.3.2.ds1-22sarge5_ia64.deb stable/main/binary-ia64/libnss-files-udeb_2.3.2.ds1-22sarge5_ia64.udeb stable/main/binary-ia64/libc6.1-prof_2.3.2.ds1-22sarge5_ia64.deb stable/main/binary-ia64/libnss-dns-udeb_2.3.2.ds1-22sarge5_ia64.udeb stable/main/binary-ia64/libc6.1_2.3.2.ds1-22sarge5_ia64.deb stable/main/binary-ia64/libc6.1-udeb_2.3.2.ds1-22sarge5_ia64.udeb stable/main/binary-ia64/libc6.1-pic_2.3.2.ds1-22sarge5_ia64.deb glibc (2.3.2.ds1-22sarge5) stable; urgency=low * Aurelien Jarno - Update debian/patches/90_glibc232-timezones.dpatch with tzdata 2006p-1. This includes DST rules for West Australia and support for the "Energy Policy Act 2005". stable/main/binary-hppa/libc6-dbg_2.3.2.ds1-22sarge5_hppa.deb stable/main/binary-hppa/nscd_2.3.2.ds1-22sarge5_hppa.deb stable/main/binary-hppa/libc6-pic_2.3.2.ds1-22sarge5_hppa.deb stable/main/binary-hppa/libc6-dev_2.3.2.ds1-22sarge5_hppa.deb stable/main/binary-hppa/libnss-dns-udeb_2.3.2.ds1-22sarge5_hppa.udeb stable/main/binary-hppa/libnss-files-udeb_2.3.2.ds1-22sarge5_hppa.udeb stable/main/binary-hppa/libc6-prof_2.3.2.ds1-22sarge5_hppa.deb stable/main/binary-hppa/libc6_2.3.2.ds1-22sarge5_hppa.deb stable/main/binary-hppa/libc6-udeb_2.3.2.ds1-22sarge5_hppa.udeb glibc (2.3.2.ds1-22sarge5) stable; urgency=low * Aurelien Jarno - Update debian/patches/90_glibc232-timezones.dpatch with tzdata 2006p-1. This includes DST rules for West Australia and support for the "Energy Policy Act 2005". stable/main/binary-arm/libc6-udeb_2.3.2.ds1-22sarge5_arm.udeb stable/main/binary-arm/libc6-dbg_2.3.2.ds1-22sarge5_arm.deb stable/main/binary-arm/libc6-prof_2.3.2.ds1-22sarge5_arm.deb stable/main/binary-arm/libc6_2.3.2.ds1-22sarge5_arm.deb stable/main/binary-arm/libc6-pic_2.3.2.ds1-22sarge5_arm.deb stable/main/binary-arm/libnss-dns-udeb_2.3.2.ds1-22sarge5_arm.udeb stable/main/binary-arm/nscd_2.3.2.ds1-22sarge5_arm.deb stable/main/binary-arm/libnss-files-udeb_2.3.2.ds1-22sarge5_arm.udeb stable/main/binary-arm/libc6-dev_2.3.2.ds1-22sarge5_arm.deb glibc (2.3.2.ds1-22sarge5) stable; urgency=low * Aurelien Jarno - Update debian/patches/90_glibc232-timezones.dpatch with tzdata 2006p-1. This includes DST rules for West Australia and support for the "Energy Policy Act 2005". stable/main/binary-alpha/libnss-dns-udeb_2.3.2.ds1-22sarge5_alpha.udeb stable/main/binary-alpha/libc6.1-pic_2.3.2.ds1-22sarge5_alpha.deb stable/main/binary-alpha/libc6.1-udeb_2.3.2.ds1-22sarge5_alpha.udeb stable/main/binary-alpha/libc6.1-dbg_2.3.2.ds1-22sarge5_alpha.deb stable/main/binary-alpha/nscd_2.3.2.ds1-22sarge5_alpha.deb stable/main/binary-alpha/libc6.1-dev_2.3.2.ds1-22sarge5_alpha.deb stable/main/binary-alpha/libc6.1-prof_2.3.2.ds1-22sarge5_alpha.deb stable/main/binary-alpha/libnss-files-udeb_2.3.2.ds1-22sarge5_alpha.udeb stable/main/binary-alpha/libc6.1_2.3.2.ds1-22sarge5_alpha.deb glibc (2.3.2.ds1-22sarge5) stable; urgency=low * Aurelien Jarno - Update debian/patches/90_glibc232-timezones.dpatch with tzdata 2006p-1. This includes DST rules for West Australia and support for the "Energy Policy Act 2005". stable/main/binary-i386/libc6-udeb_2.3.2.ds1-22sarge5_i386.udeb stable/main/source/glibc_2.3.2.ds1-22sarge5.dsc stable/main/binary-all/locales_2.3.2.ds1-22sarge5_all.deb stable/main/binary-i386/libnss-files-udeb_2.3.2.ds1-22sarge5_i386.udeb stable/main/binary-i386/libc6-pic_2.3.2.ds1-22sarge5_i386.deb stable/main/binary-all/glibc-doc_2.3.2.ds1-22sarge5_all.deb stable/main/binary-i386/libc6-prof_2.3.2.ds1-22sarge5_i386.deb stable/main/binary-i386/libc6-dev_2.3.2.ds1-22sarge5_i386.deb stable/main/source/glibc_2.3.2.ds1-22sarge5.diff.gz stable/main/binary-i386/libnss-dns-udeb_2.3.2.ds1-22sarge5_i386.udeb stable/main/binary-i386/libc6_2.3.2.ds1-22sarge5_i386.deb stable/main/binary-i386/nscd_2.3.2.ds1-22sarge5_i386.deb stable/main/binary-i386/libc6-dbg_2.3.2.ds1-22sarge5_i386.deb stable/main/binary-i386/libc6-i686_2.3.2.ds1-22sarge5_i386.deb glibc (2.3.2.ds1-22sarge5) stable; urgency=low * Aurelien Jarno - Update debian/patches/90_glibc232-timezones.dpatch with tzdata 2006p-1. This includes DST rules for West Australia and support for the "Energy Policy Act 2005". stable/main/binary-all/flexbackup_1.2.1-2sarge1_all.deb stable/main/source/flexbackup_1.2.1-2sarge1.dsc stable/main/source/flexbackup_1.2.1-2sarge1.diff.gz flexbackup (1.2.1-2sarge1) stable-security; urgency=high * Fix RC bug: unsafe use of temp file, CVE-2005-4802. (Closes: #334350) http://bugs.gentoo.org/show_bug.cgi?id=105000 http://bugs.gentoo.org/show_bug.cgi?id=116510 stable/main/binary-sparc/fetchmail_6.2.5-12sarge5_sparc.deb fetchmail (6.2.5-12sarge5) stable-security; urgency=high * SECURITY UPDATE: password can leak in cleartext when SSL configured. * Makefile.in, tls.c, pop2.c, pop3.c, imap.c, smtp.c, fetchmail.h: fixes extracted from Ubuntu who got it backporting from upstream. [CVE-2006-5867] stable/main/binary-s390/fetchmail_6.2.5-12sarge5_s390.deb fetchmail (6.2.5-12sarge5) stable-security; urgency=high * SECURITY UPDATE: password can leak in cleartext when SSL configured. * Makefile.in, tls.c, pop2.c, pop3.c, imap.c, smtp.c, fetchmail.h: fixes extracted from Ubuntu who got it backporting from upstream. [CVE-2006-5867] stable/main/binary-powerpc/fetchmail_6.2.5-12sarge5_powerpc.deb fetchmail (6.2.5-12sarge5) stable-security; urgency=high * SECURITY UPDATE: password can leak in cleartext when SSL configured. * Makefile.in, tls.c, pop2.c, pop3.c, imap.c, smtp.c, fetchmail.h: fixes extracted from Ubuntu who got it backporting from upstream. [CVE-2006-5867] stable/main/binary-mipsel/fetchmail_6.2.5-12sarge5_mipsel.deb fetchmail (6.2.5-12sarge5) stable-security; urgency=high * SECURITY UPDATE: password can leak in cleartext when SSL configured. * Makefile.in, tls.c, pop2.c, pop3.c, imap.c, smtp.c, fetchmail.h: fixes extracted from Ubuntu who got it backporting from upstream. [CVE-2006-5867] stable/main/binary-mips/fetchmail_6.2.5-12sarge5_mips.deb fetchmail (6.2.5-12sarge5) stable-security; urgency=high * SECURITY UPDATE: password can leak in cleartext when SSL configured. * Makefile.in, tls.c, pop2.c, pop3.c, imap.c, smtp.c, fetchmail.h: fixes extracted from Ubuntu who got it backporting from upstream. [CVE-2006-5867] stable/main/binary-m68k/fetchmail_6.2.5-12sarge5_m68k.deb fetchmail (6.2.5-12sarge5) stable-security; urgency=high * SECURITY UPDATE: password can leak in cleartext when SSL configured. * Makefile.in, tls.c, pop2.c, pop3.c, imap.c, smtp.c, fetchmail.h: fixes extracted from Ubuntu who got it backporting from upstream. [CVE-2006-5867] stable/main/binary-ia64/fetchmail_6.2.5-12sarge5_ia64.deb fetchmail (6.2.5-12sarge5) stable-security; urgency=high * SECURITY UPDATE: password can leak in cleartext when SSL configured. * Makefile.in, tls.c, pop2.c, pop3.c, imap.c, smtp.c, fetchmail.h: fixes extracted from Ubuntu who got it backporting from upstream. [CVE-2006-5867] stable/main/binary-hppa/fetchmail_6.2.5-12sarge5_hppa.deb fetchmail (6.2.5-12sarge5) stable-security; urgency=high * SECURITY UPDATE: password can leak in cleartext when SSL configured. * Makefile.in, tls.c, pop2.c, pop3.c, imap.c, smtp.c, fetchmail.h: fixes extracted from Ubuntu who got it backporting from upstream. [CVE-2006-5867] stable/main/binary-arm/fetchmail_6.2.5-12sarge5_arm.deb fetchmail (6.2.5-12sarge5) stable-security; urgency=high * SECURITY UPDATE: password can leak in cleartext when SSL configured. * Makefile.in, tls.c, pop2.c, pop3.c, imap.c, smtp.c, fetchmail.h: fixes extracted from Ubuntu who got it backporting from upstream. [CVE-2006-5867] stable/main/binary-alpha/fetchmail_6.2.5-12sarge5_alpha.deb fetchmail (6.2.5-12sarge5) stable-security; urgency=high * SECURITY UPDATE: password can leak in cleartext when SSL configured. * Makefile.in, tls.c, pop2.c, pop3.c, imap.c, smtp.c, fetchmail.h: fixes extracted from Ubuntu who got it backporting from upstream. [CVE-2006-5867] stable/main/source/fetchmail_6.2.5-12sarge5.dsc stable/main/source/fetchmail_6.2.5-12sarge5.diff.gz stable/main/binary-i386/fetchmail_6.2.5-12sarge5_i386.deb stable/main/binary-all/fetchmail-ssl_6.2.5-12sarge5_all.deb stable/main/binary-all/fetchmailconf_6.2.5-12sarge5_all.deb fetchmail (6.2.5-12sarge5) stable-security; urgency=high * SECURITY UPDATE: password can leak in cleartext when SSL configured. * Makefile.in, tls.c, pop2.c, pop3.c, imap.c, smtp.c, fetchmail.h: fixes extracted from Ubuntu who got it backporting from upstream. [CVE-2006-5867] stable/main/source/fai-kernels_1.9.1sarge5.tar.gz stable/main/binary-i386/fai-kernels_1.9.1sarge5_i386.deb stable/main/source/fai-kernels_1.9.1sarge5.dsc fai-kernels (1.9.1sarge5) stable-security; urgency=low * NMU by the Security Team * Build against kernel-tree-2.4.27-10sarge5: * 233_ia64-sparc-cross-region-mappings.diff [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * 234_atm-clip-freed-skb-deref.diff [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * 235_ppc-alignment-exception-table-check.diff [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * 236_s390-uaccess-memleak.diff [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * 237_smbfs-honor-mount-opts.diff Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled (closes: #310982) See CVE-2006-5871 * 238_ppc-hid0-dos.diff [SECURITY] [ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * Build against kernel-tree-2.6.8-16sarge6: * perfmon-fd-refcnt.dpatch [SECURITY][ia64] Fix file descriptor leak in perfmonctl system call which could be used as a local denial of service attack by depleting the system of file descriptors See CVE-2006-3741 * ia64-sparc-cross-region-mappings.dpatch [SECURITY] Prevent cross-region mappings on ia64 and sparc which could be used in a local DoS attack (system crash) See CVE-2006-4538 * __block_prepare_write-recovery.dpatch [SECURITY] Fix an information leak in __block_prepare_write() See CVE-2006-4813 * atm-clip-freed-skb-deref.dpatch [SECURITY] Avoid dereferencing an already freed skb, preventing a potential remote DoS (system crash) vector See CVE-2006-4997 * ip6_flowlabel-lockup.dpatch [SECURITY] Fix local DoS attack vector (lockups, oopses) in the sequence handling for /proc/net/ip6_flowlabel See CVE-2006-5619 * ppc-alignment-exception-table-check.dpatch [SECURITY][ppc] Avoid potential DoS which can be triggered by some futex ops See CVE-2006-5649 * s390-uaccess-memleak.dpatch [SECURITY][s390] Fix memory leak in copy_from_user by clearing the remaining bytes of the kernel buffer after a fault on the userspace address in copy_from_user() See CVE-2006-5174 * smbfs-honor-mount-opts.dpatch Honor uid, gid and mode mount options for smbfs even when unix extensions are enabled See CVE-2006-5871 * bridge-get_fdb_entries-overflow.dpatch Protect against possible overflow in get_fdb_entries See CVE-2006-5751 stable/main/binary-sparc/exim_3.36-16sarge1_sparc.deb stable/main/binary-sparc/eximon_3.36-16sarge1_sparc.deb exim (3.36-16sarge1) stable; urgency=low * NMU with maintainer's consent (cleared a long time ago) * acked by the stable release team * change package description to clearly show that exim 3 is deprecated stable/main/binary-s390/eximon_3.36-16sarge1_s390.deb stable/main/binary-s390/exim_3.36-16sarge1_s390.deb exim (3.36-16sarge1) stable; urgency=low * NMU with maintainer's consent (cleared a long time ago) * acked by the stable release team * change package description to clearly show that exim 3 is deprecated stable/main/binary-powerpc/exim_3.36-16sarge1_powerpc.deb stable/main/binary-powerpc/eximon_3.36-16sarge1_powerpc.deb exim (3.36-16sarge1) stable; urgency=low * NMU with maintainer's consent (cleared a long time ago) * acked by the stable release team * change package description to clearly show that exim 3 is deprecated stable/main/binary-mipsel/exim_3.36-16sarge1_mipsel.deb stable/main/binary-mipsel/eximon_3.36-16sarge1_mipsel.deb exim (3.36-16sarge1) stable; urgency=low * NMU with maintainer's consent (cleared a long time ago) * acked by the stable release team * change package description to clearly show that exim 3 is deprecated stable/main/binary-mips/exim_3.36-16sarge1_mips.deb stable/main/binary-mips/eximon_3.36-16sarge1_mips.deb exim (3.36-16sarge1) stable; urgency=low * NMU with maintainer's consent (cleared a long time ago) * acked by the stable release team * change package description to clearly show that exim 3 is deprecated stable/main/binary-m68k/exim_3.36-16sarge1_m68k.deb stable/main/binary-m68k/eximon_3.36-16sarge1_m68k.deb exim (3.36-16sarge1) stable; urgency=low * NMU with maintainer's consent (cleared a long time ago) * acked by the stable release team * change package description to clearly show that exim 3 is deprecated stable/main/binary-ia64/eximon_3.36-16sarge1_ia64.deb stable/main/binary-ia64/exim_3.36-16sarge1_ia64.deb exim (3.36-16sarge1) stable; urgency=low * NMU with maintainer's consent (cleared a long time ago) * acked by the stable release team * change package description to clearly show that exim 3 is deprecated stable/main/binary-hppa/eximon_3.36-16sarge1_hppa.deb stable/main/binary-hppa/exim_3.36-16sarge1_hppa.deb exim (3.36-16sarge1) stable; urgency=low * NMU with maintainer's consent (cleared a long time ago) * acked by the stable release team * change package description to clearly show that exim 3 is deprecated stable/main/binary-arm/eximon_3.36-16sarge1_arm.deb stable/main/binary-arm/exim_3.36-16sarge1_arm.deb exim (3.36-16sarge1) stable; urgency=low * NMU with maintainer's consent (cleared a long time ago) * acked by the stable release team * change package description to clearly show that exim 3 is deprecated stable/main/binary-alpha/eximon_3.36-16sarge1_alpha.deb stable/main/binary-alpha/exim_3.36-16sarge1_alpha.deb exim (3.36-16sarge1) stable; urgency=low * NMU with maintainer's consent (cleared a long time ago) * acked by the stable release team * change package description to clearly show that exim 3 is deprecated stable/main/source/exim_3.36-16sarge1.dsc stable/main/binary-i386/eximon_3.36-16sarge1_i386.deb stable/main/binary-i386/exim_3.36-16sarge1_i386.deb stable/main/source/exim_3.36-16sarge1.diff.gz exim (3.36-16sarge1) stable; urgency=low * NMU with maintainer's consent (cleared a long time ago) * acked by the stable release team * change package description to clearly show that exim 3 is deprecated stable/main/binary-sparc/evince_0.1.5-2sarge1_sparc.deb evince (0.1.5-2sarge1) stable-security; urgency=high * SECURITY: new patch, 10_CVE-2006-5864.patch, fixes a buffer overflow in the PostScript processor; thanks Kees Cook; CVE-2006-5864; closes: #402063. stable/main/binary-s390/evince_0.1.5-2sarge1_s390.deb evince (0.1.5-2sarge1) stable-security; urgency=high * SECURITY: new patch, 10_CVE-2006-5864.patch, fixes a buffer overflow in the PostScript processor; thanks Kees Cook; CVE-2006-5864; closes: #402063. stable/main/binary-powerpc/evince_0.1.5-2sarge1_powerpc.deb evince (0.1.5-2sarge1) stable-security; urgency=high * SECURITY: new patch, 10_CVE-2006-5864.patch, fixes a buffer overflow in the PostScript processor; thanks Kees Cook; CVE-2006-5864; closes: #402063. stable/main/binary-mipsel/evince_0.1.5-2sarge1_mipsel.deb evince (0.1.5-2sarge1) stable-security; urgency=high * SECURITY: new patch, 10_CVE-2006-5864.patch, fixes a buffer overflow in the PostScript processor; thanks Kees Cook; CVE-2006-5864; closes: #402063. stable/main/binary-mips/evince_0.1.5-2sarge1_mips.deb evince (0.1.5-2sarge1) stable-security; urgency=high * SECURITY: new patch, 10_CVE-2006-5864.patch, fixes a buffer overflow in the PostScript processor; thanks Kees Cook; CVE-2006-5864; closes: #402063. stable/main/binary-m68k/evince_0.1.5-2sarge1_m68k.deb evince (0.1.5-2sarge1) stable-security; urgency=high * SECURITY: new patch, 10_CVE-2006-5864.patch, fixes a buffer overflow in the PostScript processor; thanks Kees Cook; CVE-2006-5864; closes: #402063. stable/main/binary-ia64/evince_0.1.5-2sarge1_ia64.deb evince (0.1.5-2sarge1) stable-security; urgency=high * SECURITY: new patch, 10_CVE-2006-5864.patch, fixes a buffer overflow in the PostScript processor; thanks Kees Cook; CVE-2006-5864; closes: #402063. stable/main/binary-hppa/evince_0.1.5-2sarge1_hppa.deb evince (0.1.5-2sarge1) stable-security; urgency=high * SECURITY: new patch, 10_CVE-2006-5864.patch, fixes a buffer overflow in the PostScript processor; thanks Kees Cook; CVE-2006-5864; closes: #402063. stable/main/binary-arm/evince_0.1.5-2sarge1_arm.deb evince (0.1.5-2sarge1) stable-security; urgency=high * SECURITY: new patch, 10_CVE-2006-5864.patch, fixes a buffer overflow in the PostScript processor; thanks Kees Cook; CVE-2006-5864; closes: #402063. stable/main/binary-alpha/evince_0.1.5-2sarge1_alpha.deb evince (0.1.5-2sarge1) stable-security; urgency=high * SECURITY: new patch, 10_CVE-2006-5864.patch, fixes a buffer overflow in the PostScript processor; thanks Kees Cook; CVE-2006-5864; closes: #402063. stable/main/source/evince_0.1.5-2sarge1.dsc stable/main/binary-i386/evince_0.1.5-2sarge1_i386.deb stable/main/source/evince_0.1.5-2sarge1.diff.gz evince (0.1.5-2sarge1) stable-security; urgency=high * SECURITY: new patch, 10_CVE-2006-5864.patch, fixes a buffer overflow in the PostScript processor; thanks Kees Cook; CVE-2006-5864; closes: #402063. stable/main/binary-sparc/ethereal_0.10.10-2sarge9_sparc.deb stable/main/binary-sparc/ethereal-dev_0.10.10-2sarge9_sparc.deb stable/main/binary-sparc/ethereal-common_0.10.10-2sarge9_sparc.deb stable/main/binary-sparc/tethereal_0.10.10-2sarge9_sparc.deb ethereal (0.10.10-2sarge9) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes for several vulnerabilities: * Memory exhaustion denial of service in the XOT dissector * Off-by-one buffer overflow in MIME Multipart dissector stable/main/binary-s390/ethereal_0.10.10-2sarge9_s390.deb stable/main/binary-s390/ethereal-common_0.10.10-2sarge9_s390.deb stable/main/binary-s390/tethereal_0.10.10-2sarge9_s390.deb stable/main/binary-s390/ethereal-dev_0.10.10-2sarge9_s390.deb ethereal (0.10.10-2sarge9) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes for several vulnerabilities: * Memory exhaustion denial of service in the XOT dissector * Off-by-one buffer overflow in MIME Multipart dissector stable/main/binary-powerpc/tethereal_0.10.10-2sarge9_powerpc.deb stable/main/binary-powerpc/ethereal-common_0.10.10-2sarge9_powerpc.deb stable/main/binary-powerpc/ethereal_0.10.10-2sarge9_powerpc.deb stable/main/binary-powerpc/ethereal-dev_0.10.10-2sarge9_powerpc.deb ethereal (0.10.10-2sarge9) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes for several vulnerabilities: * Memory exhaustion denial of service in the XOT dissector * Off-by-one buffer overflow in MIME Multipart dissector stable/main/binary-mipsel/ethereal_0.10.10-2sarge9_mipsel.deb stable/main/binary-mipsel/ethereal-common_0.10.10-2sarge9_mipsel.deb stable/main/binary-mipsel/ethereal-dev_0.10.10-2sarge9_mipsel.deb stable/main/binary-mipsel/tethereal_0.10.10-2sarge9_mipsel.deb ethereal (0.10.10-2sarge9) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes for several vulnerabilities: * Memory exhaustion denial of service in the XOT dissector * Off-by-one buffer overflow in MIME Multipart dissector stable/main/binary-mips/ethereal-common_0.10.10-2sarge9_mips.deb stable/main/binary-mips/ethereal_0.10.10-2sarge9_mips.deb stable/main/binary-mips/tethereal_0.10.10-2sarge9_mips.deb stable/main/binary-mips/ethereal-dev_0.10.10-2sarge9_mips.deb ethereal (0.10.10-2sarge9) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes for several vulnerabilities: * Memory exhaustion denial of service in the XOT dissector * Off-by-one buffer overflow in MIME Multipart dissector stable/main/binary-m68k/ethereal-common_0.10.10-2sarge9_m68k.deb stable/main/binary-m68k/ethereal-dev_0.10.10-2sarge9_m68k.deb stable/main/binary-m68k/ethereal_0.10.10-2sarge9_m68k.deb stable/main/binary-m68k/tethereal_0.10.10-2sarge9_m68k.deb ethereal (0.10.10-2sarge9) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes for several vulnerabilities: * Memory exhaustion denial of service in the XOT dissector * Off-by-one buffer overflow in MIME Multipart dissector stable/main/binary-ia64/ethereal-common_0.10.10-2sarge9_ia64.deb stable/main/binary-ia64/ethereal_0.10.10-2sarge9_ia64.deb stable/main/binary-ia64/ethereal-dev_0.10.10-2sarge9_ia64.deb stable/main/binary-ia64/tethereal_0.10.10-2sarge9_ia64.deb ethereal (0.10.10-2sarge9) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes for several vulnerabilities: * Memory exhaustion denial of service in the XOT dissector * Off-by-one buffer overflow in MIME Multipart dissector stable/main/binary-hppa/tethereal_0.10.10-2sarge9_hppa.deb stable/main/binary-hppa/ethereal-dev_0.10.10-2sarge9_hppa.deb stable/main/binary-hppa/ethereal_0.10.10-2sarge9_hppa.deb stable/main/binary-hppa/ethereal-common_0.10.10-2sarge9_hppa.deb ethereal (0.10.10-2sarge9) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes for several vulnerabilities: * Memory exhaustion denial of service in the XOT dissector * Off-by-one buffer overflow in MIME Multipart dissector stable/main/binary-arm/ethereal-dev_0.10.10-2sarge9_arm.deb stable/main/binary-arm/ethereal-common_0.10.10-2sarge9_arm.deb stable/main/binary-arm/ethereal_0.10.10-2sarge9_arm.deb stable/main/binary-arm/tethereal_0.10.10-2sarge9_arm.deb ethereal (0.10.10-2sarge9) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes for several vulnerabilities: * Memory exhaustion denial of service in the XOT dissector * Off-by-one buffer overflow in MIME Multipart dissector stable/main/binary-alpha/ethereal-common_0.10.10-2sarge9_alpha.deb stable/main/binary-alpha/ethereal-dev_0.10.10-2sarge9_alpha.deb stable/main/binary-alpha/tethereal_0.10.10-2sarge9_alpha.deb stable/main/binary-alpha/ethereal_0.10.10-2sarge9_alpha.deb ethereal (0.10.10-2sarge9) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes for several vulnerabilities: * Memory exhaustion denial of service in the XOT dissector * Off-by-one buffer overflow in MIME Multipart dissector stable/main/binary-i386/ethereal-dev_0.10.10-2sarge9_i386.deb stable/main/binary-i386/ethereal_0.10.10-2sarge9_i386.deb stable/main/binary-i386/ethereal-common_0.10.10-2sarge9_i386.deb stable/main/source/ethereal_0.10.10-2sarge9.diff.gz stable/main/binary-i386/tethereal_0.10.10-2sarge9_i386.deb stable/main/source/ethereal_0.10.10-2sarge9.dsc ethereal (0.10.10-2sarge9) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes for several vulnerabilities: * Memory exhaustion denial of service in the XOT dissector * Off-by-one buffer overflow in MIME Multipart dissector stable/main/source/enemies-of-carlotta_1.0.3-1sarge1.dsc stable/main/binary-all/enemies-of-carlotta_1.0.3-1sarge1_all.deb stable/main/source/enemies-of-carlotta_1.0.3-1sarge1.diff.gz enemies-of-carlotta (1.0.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * EoC did not correctly deal with SMTP level e-mail addresses that contain shell meta characters. [CVE-2006-5875]. stable/main/binary-sparc/elog_2.5.7+r1558-4+sarge3_sparc.deb elog (2.5.7+r1558-4+sarge3) stable-security; urgency=high * Security update: + Backport r1748-r1745 from upstream's Subversion repository: "Prevent crash if logbook 'global*' is accessed and a logbook 'global*' is defined in config file" This bug was reported by OS2A team. More details could be found in "#397875: ELOG Web Logbook Remote Denial of Service Vulnerability" + Backport the patch from Debian Security Audit team (r1749 in repository). Thanks to Ulf Harnhammar. Details could be found in #392016. Short excerpt from this bug report is quoted below: "There are some incorrect handling of *printf() calls and format strings. They lead to ELOG crashing completely, with the potential of executing arbitrary machine code programs under some conditions. There are also some cross-site scripting issues." + HTML log entries are open to XSS vulnerabilites as demonstrated in #389361. Though HTML mode had not been enabled by default in this version of Elog, add "HTML default = 2" option to elog.conf for extra safety. Thanks to this option, the checkbox which enables HTML mode is not even shown during log entry. stable/main/binary-s390/elog_2.5.7+r1558-4+sarge3_s390.deb elog (2.5.7+r1558-4+sarge3) stable-security; urgency=high * Security update: + Backport r1748-r1745 from upstream's Subversion repository: "Prevent crash if logbook 'global*' is accessed and a logbook 'global*' is defined in config file" This bug was reported by OS2A team. More details could be found in "#397875: ELOG Web Logbook Remote Denial of Service Vulnerability" + Backport the patch from Debian Security Audit team (r1749 in repository). Thanks to Ulf Harnhammar. Details could be found in #392016. Short excerpt from this bug report is quoted below: "There are some incorrect handling of *printf() calls and format strings. They lead to ELOG crashing completely, with the potential of executing arbitrary machine code programs under some conditions. There are also some cross-site scripting issues." + HTML log entries are open to XSS vulnerabilites as demonstrated in #389361. Though HTML mode had not been enabled by default in this version of Elog, add "HTML default = 2" option to elog.conf for extra safety. Thanks to this option, the checkbox which enables HTML mode is not even shown during log entry. stable/main/binary-powerpc/elog_2.5.7+r1558-4+sarge3_powerpc.deb elog (2.5.7+r1558-4+sarge3) stable-security; urgency=high * Security update: + Backport r1748-r1745 from upstream's Subversion repository: "Prevent crash if logbook 'global*' is accessed and a logbook 'global*' is defined in config file" This bug was reported by OS2A team. More details could be found in "#397875: ELOG Web Logbook Remote Denial of Service Vulnerability" + Backport the patch from Debian Security Audit team (r1749 in repository). Thanks to Ulf Harnhammar. Details could be found in #392016. Short excerpt from this bug report is quoted below: "There are some incorrect handling of *printf() calls and format strings. They lead to ELOG crashing completely, with the potential of executing arbitrary machine code programs under some conditions. There are also some cross-site scripting issues." + HTML log entries are open to XSS vulnerabilites as demonstrated in #389361. Though HTML mode had not been enabled by default in this version of Elog, add "HTML default = 2" option to elog.conf for extra safety. Thanks to this option, the checkbox which enables HTML mode is not even shown during log entry. stable/main/binary-mipsel/elog_2.5.7+r1558-4+sarge3_mipsel.deb elog (2.5.7+r1558-4+sarge3) stable-security; urgency=high * Security update: + Backport r1748-r1745 from upstream's Subversion repository: "Prevent crash if logbook 'global*' is accessed and a logbook 'global*' is defined in config file" This bug was reported by OS2A team. More details could be found in "#397875: ELOG Web Logbook Remote Denial of Service Vulnerability" + Backport the patch from Debian Security Audit team (r1749 in repository). Thanks to Ulf Harnhammar. Details could be found in #392016. Short excerpt from this bug report is quoted below: "There are some incorrect handling of *printf() calls and format strings. They lead to ELOG crashing completely, with the potential of executing arbitrary machine code programs under some conditions. There are also some cross-site scripting issues." + HTML log entries are open to XSS vulnerabilites as demonstrated in #389361. Though HTML mode had not been enabled by default in this version of Elog, add "HTML default = 2" option to elog.conf for extra safety. Thanks to this option, the checkbox which enables HTML mode is not even shown during log entry. stable/main/binary-mips/elog_2.5.7+r1558-4+sarge3_mips.deb elog (2.5.7+r1558-4+sarge3) stable-security; urgency=high * Security update: + Backport r1748-r1745 from upstream's Subversion repository: "Prevent crash if logbook 'global*' is accessed and a logbook 'global*' is defined in config file" This bug was reported by OS2A team. More details could be found in "#397875: ELOG Web Logbook Remote Denial of Service Vulnerability" + Backport the patch from Debian Security Audit team (r1749 in repository). Thanks to Ulf Harnhammar. Details could be found in #392016. Short excerpt from this bug report is quoted below: "There are some incorrect handling of *printf() calls and format strings. They lead to ELOG crashing completely, with the potential of executing arbitrary machine code programs under some conditions. There are also some cross-site scripting issues." + HTML log entries are open to XSS vulnerabilites as demonstrated in #389361. Though HTML mode had not been enabled by default in this version of Elog, add "HTML default = 2" option to elog.conf for extra safety. Thanks to this option, the checkbox which enables HTML mode is not even shown during log entry. stable/main/binary-m68k/elog_2.5.7+r1558-4+sarge3_m68k.deb elog (2.5.7+r1558-4+sarge3) stable-security; urgency=high * Security update: + Backport r1748-r1745 from upstream's Subversion repository: "Prevent crash if logbook 'global*' is accessed and a logbook 'global*' is defined in config file" This bug was reported by OS2A team. More details could be found in "#397875: ELOG Web Logbook Remote Denial of Service Vulnerability" + Backport the patch from Debian Security Audit team (r1749 in repository). Thanks to Ulf Harnhammar. Details could be found in #392016. Short excerpt from this bug report is quoted below: "There are some incorrect handling of *printf() calls and format strings. They lead to ELOG crashing completely, with the potential of executing arbitrary machine code programs under some conditions. There are also some cross-site scripting issues." + HTML log entries are open to XSS vulnerabilites as demonstrated in #389361. Though HTML mode had not been enabled by default in this version of Elog, add "HTML default = 2" option to elog.conf for extra safety. Thanks to this option, the checkbox which enables HTML mode is not even shown during log entry. stable/main/binary-ia64/elog_2.5.7+r1558-4+sarge3_ia64.deb elog (2.5.7+r1558-4+sarge3) stable-security; urgency=high * Security update: + Backport r1748-r1745 from upstream's Subversion repository: "Prevent crash if logbook 'global*' is accessed and a logbook 'global*' is defined in config file" This bug was reported by OS2A team. More details could be found in "#397875: ELOG Web Logbook Remote Denial of Service Vulnerability" + Backport the patch from Debian Security Audit team (r1749 in repository). Thanks to Ulf Harnhammar. Details could be found in #392016. Short excerpt from this bug report is quoted below: "There are some incorrect handling of *printf() calls and format strings. They lead to ELOG crashing completely, with the potential of executing arbitrary machine code programs under some conditions. There are also some cross-site scripting issues." + HTML log entries are open to XSS vulnerabilites as demonstrated in #389361. Though HTML mode had not been enabled by default in this version of Elog, add "HTML default = 2" option to elog.conf for extra safety. Thanks to this option, the checkbox which enables HTML mode is not even shown during log entry. stable/main/binary-hppa/elog_2.5.7+r1558-4+sarge3_hppa.deb elog (2.5.7+r1558-4+sarge3) stable-security; urgency=high * Security update: + Backport r1748-r1745 from upstream's Subversion repository: "Prevent crash if logbook 'global*' is accessed and a logbook 'global*' is defined in config file" This bug was reported by OS2A team. More details could be found in "#397875: ELOG Web Logbook Remote Denial of Service Vulnerability" + Backport the patch from Debian Security Audit team (r1749 in repository). Thanks to Ulf Harnhammar. Details could be found in #392016. Short excerpt from this bug report is quoted below: "There are some incorrect handling of *printf() calls and format strings. They lead to ELOG crashing completely, with the potential of executing arbitrary machine code programs under some conditions. There are also some cross-site scripting issues." + HTML log entries are open to XSS vulnerabilites as demonstrated in #389361. Though HTML mode had not been enabled by default in this version of Elog, add "HTML default = 2" option to elog.conf for extra safety. Thanks to this option, the checkbox which enables HTML mode is not even shown during log entry. stable/main/binary-arm/elog_2.5.7+r1558-4+sarge3_arm.deb elog (2.5.7+r1558-4+sarge3) stable-security; urgency=high * Security update: + Backport r1748-r1745 from upstream's Subversion repository: "Prevent crash if logbook 'global*' is accessed and a logbook 'global*' is defined in config file" This bug was reported by OS2A team. More details could be found in "#397875: ELOG Web Logbook Remote Denial of Service Vulnerability" + Backport the patch from Debian Security Audit team (r1749 in repository). Thanks to Ulf Harnhammar. Details could be found in #392016. Short excerpt from this bug report is quoted below: "There are some incorrect handling of *printf() calls and format strings. They lead to ELOG crashing completely, with the potential of executing arbitrary machine code programs under some conditions. There are also some cross-site scripting issues." + HTML log entries are open to XSS vulnerabilites as demonstrated in #389361. Though HTML mode had not been enabled by default in this version of Elog, add "HTML default = 2" option to elog.conf for extra safety. Thanks to this option, the checkbox which enables HTML mode is not even shown during log entry. stable/main/binary-alpha/elog_2.5.7+r1558-4+sarge3_alpha.deb elog (2.5.7+r1558-4+sarge3) stable-security; urgency=high * Security update: + Backport r1748-r1745 from upstream's Subversion repository: "Prevent crash if logbook 'global*' is accessed and a logbook 'global*' is defined in config file" This bug was reported by OS2A team. More details could be found in "#397875: ELOG Web Logbook Remote Denial of Service Vulnerability" + Backport the patch from Debian Security Audit team (r1749 in repository). Thanks to Ulf Harnhammar. Details could be found in #392016. Short excerpt from this bug report is quoted below: "There are some incorrect handling of *printf() calls and format strings. They lead to ELOG crashing completely, with the potential of executing arbitrary machine code programs under some conditions. There are also some cross-site scripting issues." + HTML log entries are open to XSS vulnerabilites as demonstrated in #389361. Though HTML mode had not been enabled by default in this version of Elog, add "HTML default = 2" option to elog.conf for extra safety. Thanks to this option, the checkbox which enables HTML mode is not even shown during log entry. stable/main/source/elog_2.5.7+r1558-4+sarge3.diff.gz stable/main/source/elog_2.5.7+r1558-4+sarge3.dsc stable/main/binary-i386/elog_2.5.7+r1558-4+sarge3_i386.deb elog (2.5.7+r1558-4+sarge3) stable-security; urgency=high * Security update: + Backport r1748-r1745 from upstream's Subversion repository: "Prevent crash if logbook 'global*' is accessed and a logbook 'global*' is defined in config file" This bug was reported by OS2A team. More details could be found in "#397875: ELOG Web Logbook Remote Denial of Service Vulnerability" + Backport the patch from Debian Security Audit team (r1749 in repository). Thanks to Ulf Harnhammar. Details could be found in #392016. Short excerpt from this bug report is quoted below: "There are some incorrect handling of *printf() calls and format strings. They lead to ELOG crashing completely, with the potential of executing arbitrary machine code programs under some conditions. There are also some cross-site scripting issues." + HTML log entries are open to XSS vulnerabilites as demonstrated in #389361. Though HTML mode had not been enabled by default in this version of Elog, add "HTML default = 2" option to elog.conf for extra safety. Thanks to this option, the checkbox which enables HTML mode is not even shown during log entry. stable/main/binary-sparc/elinks_0.10.4-7.1_sparc.deb stable/main/binary-sparc/elinks-lite_0.10.4-7.1_sparc.deb elinks (0.10.4-7.1) stable-security; urgency=high * Backport patch from links to fix security bug in smb:// URI handling: '"' and ';' characters could be used for remote command execution (CVE-2006-5925). stable/main/binary-s390/elinks_0.10.4-7.1_s390.deb stable/main/binary-s390/elinks-lite_0.10.4-7.1_s390.deb elinks (0.10.4-7.1) stable-security; urgency=high * Backport patch from links to fix security bug in smb:// URI handling: '"' and ';' characters could be used for remote command execution (CVE-2006-5925). stable/main/binary-powerpc/elinks-lite_0.10.4-7.1_powerpc.deb stable/main/binary-powerpc/elinks_0.10.4-7.1_powerpc.deb elinks (0.10.4-7.1) stable-security; urgency=high * Backport patch from links to fix security bug in smb:// URI handling: '"' and ';' characters could be used for remote command execution (CVE-2006-5925). stable/main/binary-mipsel/elinks-lite_0.10.4-7.1_mipsel.deb stable/main/binary-mipsel/elinks_0.10.4-7.1_mipsel.deb elinks (0.10.4-7.1) stable-security; urgency=high * Backport patch from links to fix security bug in smb:// URI handling: '"' and ';' characters could be used for remote command execution (CVE-2006-5925). stable/main/binary-mips/elinks-lite_0.10.4-7.1_mips.deb stable/main/binary-mips/elinks_0.10.4-7.1_mips.deb elinks (0.10.4-7.1) stable-security; urgency=high * Backport patch from links to fix security bug in smb:// URI handling: '"' and ';' characters could be used for remote command execution (CVE-2006-5925). stable/main/binary-m68k/elinks_0.10.4-7.1_m68k.deb stable/main/binary-m68k/elinks-lite_0.10.4-7.1_m68k.deb elinks (0.10.4-7.1) stable-security; urgency=high * Backport patch from links to fix security bug in smb:// URI handling: '"' and ';' characters could be used for remote command execution (CVE-2006-5925). stable/main/binary-ia64/elinks-lite_0.10.4-7.1_ia64.deb stable/main/binary-ia64/elinks_0.10.4-7.1_ia64.deb elinks (0.10.4-7.1) stable-security; urgency=high * Backport patch from links to fix security bug in smb:// URI handling: '"' and ';' characters could be used for remote command execution (CVE-2006-5925). stable/main/binary-hppa/elinks-lite_0.10.4-7.1_hppa.deb stable/main/binary-hppa/elinks_0.10.4-7.1_hppa.deb elinks (0.10.4-7.1) stable-security; urgency=high * Backport patch from links to fix security bug in smb:// URI handling: '"' and ';' characters could be used for remote command execution (CVE-2006-5925). stable/main/binary-arm/elinks_0.10.4-7.1_arm.deb stable/main/binary-arm/elinks-lite_0.10.4-7.1_arm.deb elinks (0.10.4-7.1) stable-security; urgency=high * Backport patch from links to fix security bug in smb:// URI handling: '"' and ';' characters could be used for remote command execution (CVE-2006-5925). stable/main/binary-alpha/elinks-lite_0.10.4-7.1_alpha.deb stable/main/binary-alpha/elinks_0.10.4-7.1_alpha.deb elinks (0.10.4-7.1) stable-security; urgency=high * Backport patch from links to fix security bug in smb:// URI handling: '"' and ';' characters could be used for remote command execution (CVE-2006-5925). stable/main/binary-i386/elinks_0.10.4-7.1_i386.deb stable/main/source/elinks_0.10.4-7.1.diff.gz stable/main/source/elinks_0.10.4-7.1.dsc stable/main/binary-i386/elinks-lite_0.10.4-7.1_i386.deb elinks (0.10.4-7.1) stable-security; urgency=high * Backport patch from links to fix security bug in smb:// URI handling: '"' and ';' characters could be used for remote command execution (CVE-2006-5925). stable/main/binary-sparc/clamav-freshclam_0.84-2.sarge.13_sparc.deb stable/main/binary-sparc/libclamav-dev_0.84-2.sarge.13_sparc.deb stable/main/binary-sparc/libclamav1_0.84-2.sarge.13_sparc.deb stable/main/binary-sparc/clamav-daemon_0.84-2.sarge.13_sparc.deb stable/main/binary-sparc/clamav-milter_0.84-2.sarge.13_sparc.deb stable/main/binary-sparc/clamav_0.84-2.sarge.13_sparc.deb clamav (0.84-2.sarge.13) stable-security; urgency=low * libclamav/message.c: Unusual MIME Encoding Content Filter Bypass [ CVE-2006-6406 ] (closes: #401873) * clamscan/clamscan.c clamscan/manager.c clamscan/options.c clamav-milter/clamav-milter.c shared/cfgparser.c clamd/server-th.c libclamav/scanners.c libclamav/mbox.c libclamav/clamav.h etc/clamd.conf: nested multipart DoS [ CVE-2006-XXXX ] (closes: 401874) stable/main/binary-s390/clamav_0.84-2.sarge.13_s390.deb stable/main/binary-s390/clamav-freshclam_0.84-2.sarge.13_s390.deb stable/main/binary-s390/clamav-milter_0.84-2.sarge.13_s390.deb stable/main/binary-s390/libclamav-dev_0.84-2.sarge.13_s390.deb stable/main/binary-s390/libclamav1_0.84-2.sarge.13_s390.deb stable/main/binary-s390/clamav-daemon_0.84-2.sarge.13_s390.deb clamav (0.84-2.sarge.13) stable-security; urgency=low * libclamav/message.c: Unusual MIME Encoding Content Filter Bypass [ CVE-2006-6406 ] (closes: #401873) * clamscan/clamscan.c clamscan/manager.c clamscan/options.c clamav-milter/clamav-milter.c shared/cfgparser.c clamd/server-th.c libclamav/scanners.c libclamav/mbox.c libclamav/clamav.h etc/clamd.conf: nested multipart DoS [ CVE-2006-XXXX ] (closes: 401874) stable/main/binary-powerpc/clamav-milter_0.84-2.sarge.13_powerpc.deb stable/main/binary-powerpc/clamav-freshclam_0.84-2.sarge.13_powerpc.deb stable/main/binary-powerpc/libclamav1_0.84-2.sarge.13_powerpc.deb stable/main/binary-powerpc/libclamav-dev_0.84-2.sarge.13_powerpc.deb stable/main/binary-powerpc/clamav_0.84-2.sarge.13_powerpc.deb stable/main/binary-powerpc/clamav-daemon_0.84-2.sarge.13_powerpc.deb clamav (0.84-2.sarge.13) stable-security; urgency=low * libclamav/message.c: Unusual MIME Encoding Content Filter Bypass [ CVE-2006-6406 ] (closes: #401873) * clamscan/clamscan.c clamscan/manager.c clamscan/options.c clamav-milter/clamav-milter.c shared/cfgparser.c clamd/server-th.c libclamav/scanners.c libclamav/mbox.c libclamav/clamav.h etc/clamd.conf: nested multipart DoS [ CVE-2006-XXXX ] (closes: 401874) stable/main/binary-mipsel/clamav-daemon_0.84-2.sarge.13_mipsel.deb stable/main/binary-mipsel/clamav_0.84-2.sarge.13_mipsel.deb stable/main/binary-mipsel/libclamav1_0.84-2.sarge.13_mipsel.deb stable/main/binary-mipsel/clamav-freshclam_0.84-2.sarge.13_mipsel.deb stable/main/binary-mipsel/libclamav-dev_0.84-2.sarge.13_mipsel.deb stable/main/binary-mipsel/clamav-milter_0.84-2.sarge.13_mipsel.deb clamav (0.84-2.sarge.13) stable-security; urgency=low * libclamav/message.c: Unusual MIME Encoding Content Filter Bypass [ CVE-2006-6406 ] (closes: #401873) * clamscan/clamscan.c clamscan/manager.c clamscan/options.c clamav-milter/clamav-milter.c shared/cfgparser.c clamd/server-th.c libclamav/scanners.c libclamav/mbox.c libclamav/clamav.h etc/clamd.conf: nested multipart DoS [ CVE-2006-XXXX ] (closes: 401874) stable/main/binary-mips/libclamav1_0.84-2.sarge.13_mips.deb stable/main/binary-mips/libclamav-dev_0.84-2.sarge.13_mips.deb stable/main/binary-mips/clamav-milter_0.84-2.sarge.13_mips.deb stable/main/binary-mips/clamav-freshclam_0.84-2.sarge.13_mips.deb stable/main/binary-mips/clamav-daemon_0.84-2.sarge.13_mips.deb stable/main/binary-mips/clamav_0.84-2.sarge.13_mips.deb clamav (0.84-2.sarge.13) stable-security; urgency=low * libclamav/message.c: Unusual MIME Encoding Content Filter Bypass [ CVE-2006-6406 ] (closes: #401873) * clamscan/clamscan.c clamscan/manager.c clamscan/options.c clamav-milter/clamav-milter.c shared/cfgparser.c clamd/server-th.c libclamav/scanners.c libclamav/mbox.c libclamav/clamav.h etc/clamd.conf: nested multipart DoS [ CVE-2006-XXXX ] (closes: 401874) stable/main/binary-m68k/libclamav-dev_0.84-2.sarge.13_m68k.deb stable/main/binary-m68k/libclamav1_0.84-2.sarge.13_m68k.deb stable/main/binary-m68k/clamav-freshclam_0.84-2.sarge.13_m68k.deb stable/main/binary-m68k/clamav_0.84-2.sarge.13_m68k.deb stable/main/binary-m68k/clamav-milter_0.84-2.sarge.13_m68k.deb stable/main/binary-m68k/clamav-daemon_0.84-2.sarge.13_m68k.deb clamav (0.84-2.sarge.13) stable-security; urgency=low * libclamav/message.c: Unusual MIME Encoding Content Filter Bypass [ CVE-2006-6406 ] (closes: #401873) * clamscan/clamscan.c clamscan/manager.c clamscan/options.c clamav-milter/clamav-milter.c shared/cfgparser.c clamd/server-th.c libclamav/scanners.c libclamav/mbox.c libclamav/clamav.h etc/clamd.conf: nested multipart DoS [ CVE-2006-XXXX ] (closes: 401874) stable/main/binary-ia64/clamav-milter_0.84-2.sarge.13_ia64.deb stable/main/binary-ia64/libclamav-dev_0.84-2.sarge.13_ia64.deb stable/main/binary-ia64/clamav-freshclam_0.84-2.sarge.13_ia64.deb stable/main/binary-ia64/clamav_0.84-2.sarge.13_ia64.deb stable/main/binary-ia64/libclamav1_0.84-2.sarge.13_ia64.deb stable/main/binary-ia64/clamav-daemon_0.84-2.sarge.13_ia64.deb clamav (0.84-2.sarge.13) stable-security; urgency=low * libclamav/message.c: Unusual MIME Encoding Content Filter Bypass [ CVE-2006-6406 ] (closes: #401873) * clamscan/clamscan.c clamscan/manager.c clamscan/options.c clamav-milter/clamav-milter.c shared/cfgparser.c clamd/server-th.c libclamav/scanners.c libclamav/mbox.c libclamav/clamav.h etc/clamd.conf: nested multipart DoS [ CVE-2006-XXXX ] (closes: 401874) stable/main/binary-hppa/libclamav1_0.84-2.sarge.13_hppa.deb stable/main/binary-hppa/clamav_0.84-2.sarge.13_hppa.deb stable/main/binary-hppa/clamav-freshclam_0.84-2.sarge.13_hppa.deb stable/main/binary-hppa/clamav-daemon_0.84-2.sarge.13_hppa.deb stable/main/binary-hppa/libclamav-dev_0.84-2.sarge.13_hppa.deb stable/main/binary-hppa/clamav-milter_0.84-2.sarge.13_hppa.deb clamav (0.84-2.sarge.13) stable-security; urgency=low * libclamav/message.c: Unusual MIME Encoding Content Filter Bypass [ CVE-2006-6406 ] (closes: #401873) * clamscan/clamscan.c clamscan/manager.c clamscan/options.c clamav-milter/clamav-milter.c shared/cfgparser.c clamd/server-th.c libclamav/scanners.c libclamav/mbox.c libclamav/clamav.h etc/clamd.conf: nested multipart DoS [ CVE-2006-XXXX ] (closes: 401874) stable/main/binary-arm/clamav-daemon_0.84-2.sarge.13_arm.deb stable/main/binary-arm/libclamav1_0.84-2.sarge.13_arm.deb stable/main/binary-arm/clamav_0.84-2.sarge.13_arm.deb stable/main/binary-arm/clamav-freshclam_0.84-2.sarge.13_arm.deb stable/main/binary-arm/libclamav-dev_0.84-2.sarge.13_arm.deb stable/main/binary-arm/clamav-milter_0.84-2.sarge.13_arm.deb clamav (0.84-2.sarge.13) stable-security; urgency=low * libclamav/message.c: Unusual MIME Encoding Content Filter Bypass [ CVE-2006-6406 ] (closes: #401873) * clamscan/clamscan.c clamscan/manager.c clamscan/options.c clamav-milter/clamav-milter.c shared/cfgparser.c clamd/server-th.c libclamav/scanners.c libclamav/mbox.c libclamav/clamav.h etc/clamd.conf: nested multipart DoS [ CVE-2006-XXXX ] (closes: 401874) stable/main/binary-alpha/clamav-daemon_0.84-2.sarge.13_alpha.deb stable/main/binary-alpha/clamav_0.84-2.sarge.13_alpha.deb stable/main/binary-alpha/clamav-milter_0.84-2.sarge.13_alpha.deb stable/main/binary-alpha/clamav-freshclam_0.84-2.sarge.13_alpha.deb stable/main/binary-alpha/libclamav-dev_0.84-2.sarge.13_alpha.deb stable/main/binary-alpha/libclamav1_0.84-2.sarge.13_alpha.deb clamav (0.84-2.sarge.13) stable-security; urgency=low * libclamav/message.c: Unusual MIME Encoding Content Filter Bypass [ CVE-2006-6406 ] (closes: #401873) * clamscan/clamscan.c clamscan/manager.c clamscan/options.c clamav-milter/clamav-milter.c shared/cfgparser.c clamd/server-th.c libclamav/scanners.c libclamav/mbox.c libclamav/clamav.h etc/clamd.conf: nested multipart DoS [ CVE-2006-XXXX ] (closes: 401874) stable/main/binary-all/clamav-docs_0.84-2.sarge.13_all.deb stable/main/source/clamav_0.84-2.sarge.13.dsc stable/main/binary-i386/clamav-freshclam_0.84-2.sarge.13_i386.deb stable/main/source/clamav_0.84-2.sarge.13.diff.gz stable/main/binary-i386/libclamav1_0.84-2.sarge.13_i386.deb stable/main/binary-i386/clamav_0.84-2.sarge.13_i386.deb stable/main/binary-i386/clamav-milter_0.84-2.sarge.13_i386.deb stable/main/binary-all/clamav-testfiles_0.84-2.sarge.13_all.deb stable/main/binary-all/clamav-base_0.84-2.sarge.13_all.deb stable/main/binary-i386/clamav-daemon_0.84-2.sarge.13_i386.deb stable/main/binary-i386/libclamav-dev_0.84-2.sarge.13_i386.deb clamav (0.84-2.sarge.13) stable-security; urgency=low * libclamav/message.c: Unusual MIME Encoding Content Filter Bypass [ CVE-2006-6406 ] (closes: #401873) * clamscan/clamscan.c clamscan/manager.c clamscan/options.c clamav-milter/clamav-milter.c shared/cfgparser.c clamd/server-th.c libclamav/scanners.c libclamav/mbox.c libclamav/clamav.h etc/clamd.conf: nested multipart DoS [ CVE-2006-XXXX ] (closes: 401874) stable/main/binary-all/cacti_0.8.6c-7sarge4_all.deb stable/main/source/cacti_0.8.6c-7sarge4.dsc stable/main/source/cacti_0.8.6c-7sarge4.diff.gz cacti (0.8.6c-7sarge4) stable-security; urgency=high * security update prepared for the debian security team by the package maintainer. * fix for multiple vulnerabilities in the cacti poller and default scripts, backported from the patches in 0.8.6i-3. See: #404818 * security references: - SA23528, CVE-2006-6799 * patch: - 08_SECURITY-CVE-2006-6799.dpatch stable/main/binary-all/bugzilla_2.16.7-7sarge2_all.deb stable/main/source/bugzilla_2.16.7-7sarge2.dsc stable/main/source/bugzilla_2.16.7-7sarge2.diff.gz stable/main/binary-all/bugzilla-doc_2.16.7-7sarge2_all.deb bugzilla (2.16.7-7sarge2) stable-security; urgency=high * Non-maintainer uplaod by the security team [Alexis Sukrieh] * ./syncshadowdb - CVE-2005-4534 + Backported patch from 2.16.11 for closing a security issue about temp files handling. + Upstream security advisory: http://www.bugzilla.org/security/2.16.10-nr/ [Neil McGovern] * CVE-2006-5453 fixes Thanks to Ben Hutchings for patches stable/main/binary-sparc/lwresd_9.2.4-1sarge2_sparc.deb stable/main/binary-sparc/libbind-dev_9.2.4-1sarge2_sparc.deb stable/main/binary-sparc/libisccc0_9.2.4-1sarge2_sparc.deb stable/main/binary-sparc/libisc7_9.2.4-1sarge2_sparc.deb stable/main/binary-sparc/libisccfg0_9.2.4-1sarge2_sparc.deb stable/main/binary-sparc/libdns16_9.2.4-1sarge2_sparc.deb stable/main/binary-sparc/dnsutils_9.2.4-1sarge2_sparc.deb stable/main/binary-sparc/bind9-host_9.2.4-1sarge2_sparc.deb stable/main/binary-sparc/liblwres1_9.2.4-1sarge2_sparc.deb stable/main/binary-sparc/bind9_9.2.4-1sarge2_sparc.deb bind9 (1:9.2.4-1sarge2) stable; urgency=low * Backport fix for CVE-2007-0494 (delta between 9.2.7 and 9.2.8) stable/main/binary-s390/bind9-host_9.2.4-1sarge2_s390.deb stable/main/binary-s390/lwresd_9.2.4-1sarge2_s390.deb stable/main/binary-s390/dnsutils_9.2.4-1sarge2_s390.deb stable/main/binary-s390/libbind-dev_9.2.4-1sarge2_s390.deb stable/main/binary-s390/liblwres1_9.2.4-1sarge2_s390.deb stable/main/binary-s390/bind9_9.2.4-1sarge2_s390.deb stable/main/binary-s390/libisccfg0_9.2.4-1sarge2_s390.deb stable/main/binary-s390/libisccc0_9.2.4-1sarge2_s390.deb stable/main/binary-s390/libisc7_9.2.4-1sarge2_s390.deb stable/main/binary-s390/libdns16_9.2.4-1sarge2_s390.deb bind9 (1:9.2.4-1sarge2) stable; urgency=low * Backport fix for CVE-2007-0494 (delta between 9.2.7 and 9.2.8) stable/main/binary-powerpc/libisc7_9.2.4-1sarge2_powerpc.deb stable/main/binary-powerpc/libdns16_9.2.4-1sarge2_powerpc.deb stable/main/binary-powerpc/lwresd_9.2.4-1sarge2_powerpc.deb stable/main/binary-powerpc/dnsutils_9.2.4-1sarge2_powerpc.deb stable/main/binary-powerpc/libisccc0_9.2.4-1sarge2_powerpc.deb stable/main/binary-powerpc/libisccfg0_9.2.4-1sarge2_powerpc.deb stable/main/binary-powerpc/bind9-host_9.2.4-1sarge2_powerpc.deb stable/main/binary-powerpc/liblwres1_9.2.4-1sarge2_powerpc.deb stable/main/binary-powerpc/libbind-dev_9.2.4-1sarge2_powerpc.deb stable/main/binary-powerpc/bind9_9.2.4-1sarge2_powerpc.deb bind9 (1:9.2.4-1sarge2) stable; urgency=low * Backport fix for CVE-2007-0494 (delta between 9.2.7 and 9.2.8) stable/main/binary-mipsel/dnsutils_9.2.4-1sarge2_mipsel.deb stable/main/binary-mipsel/libbind-dev_9.2.4-1sarge2_mipsel.deb stable/main/binary-mipsel/lwresd_9.2.4-1sarge2_mipsel.deb stable/main/binary-mipsel/libdns16_9.2.4-1sarge2_mipsel.deb stable/main/binary-mipsel/libisc7_9.2.4-1sarge2_mipsel.deb stable/main/binary-mipsel/bind9_9.2.4-1sarge2_mipsel.deb stable/main/binary-mipsel/libisccc0_9.2.4-1sarge2_mipsel.deb stable/main/binary-mipsel/liblwres1_9.2.4-1sarge2_mipsel.deb stable/main/binary-mipsel/bind9-host_9.2.4-1sarge2_mipsel.deb stable/main/binary-mipsel/libisccfg0_9.2.4-1sarge2_mipsel.deb bind9 (1:9.2.4-1sarge2) stable; urgency=low * Backport fix for CVE-2007-0494 (delta between 9.2.7 and 9.2.8) stable/main/binary-mips/libisccc0_9.2.4-1sarge2_mips.deb stable/main/binary-mips/bind9_9.2.4-1sarge2_mips.deb stable/main/binary-mips/lwresd_9.2.4-1sarge2_mips.deb stable/main/binary-mips/libisc7_9.2.4-1sarge2_mips.deb stable/main/binary-mips/libdns16_9.2.4-1sarge2_mips.deb stable/main/binary-mips/libbind-dev_9.2.4-1sarge2_mips.deb stable/main/binary-mips/bind9-host_9.2.4-1sarge2_mips.deb stable/main/binary-mips/liblwres1_9.2.4-1sarge2_mips.deb stable/main/binary-mips/libisccfg0_9.2.4-1sarge2_mips.deb stable/main/binary-mips/dnsutils_9.2.4-1sarge2_mips.deb bind9 (1:9.2.4-1sarge2) stable; urgency=low * Backport fix for CVE-2007-0494 (delta between 9.2.7 and 9.2.8) stable/main/binary-m68k/bind9-host_9.2.4-1sarge2_m68k.deb stable/main/binary-m68k/libdns16_9.2.4-1sarge2_m68k.deb stable/main/binary-m68k/libisc7_9.2.4-1sarge2_m68k.deb stable/main/binary-m68k/dnsutils_9.2.4-1sarge2_m68k.deb stable/main/binary-m68k/libbind-dev_9.2.4-1sarge2_m68k.deb stable/main/binary-m68k/libisccc0_9.2.4-1sarge2_m68k.deb stable/main/binary-m68k/libisccfg0_9.2.4-1sarge2_m68k.deb stable/main/binary-m68k/lwresd_9.2.4-1sarge2_m68k.deb stable/main/binary-m68k/bind9_9.2.4-1sarge2_m68k.deb stable/main/binary-m68k/liblwres1_9.2.4-1sarge2_m68k.deb bind9 (1:9.2.4-1sarge2) stable; urgency=low * Backport fix for CVE-2007-0494 (delta between 9.2.7 and 9.2.8) stable/main/binary-ia64/bind9_9.2.4-1sarge2_ia64.deb stable/main/binary-ia64/liblwres1_9.2.4-1sarge2_ia64.deb stable/main/binary-ia64/libbind-dev_9.2.4-1sarge2_ia64.deb stable/main/binary-ia64/bind9-host_9.2.4-1sarge2_ia64.deb stable/main/binary-ia64/libisccfg0_9.2.4-1sarge2_ia64.deb stable/main/binary-ia64/dnsutils_9.2.4-1sarge2_ia64.deb stable/main/binary-ia64/libisccc0_9.2.4-1sarge2_ia64.deb stable/main/binary-ia64/libdns16_9.2.4-1sarge2_ia64.deb stable/main/binary-ia64/libisc7_9.2.4-1sarge2_ia64.deb stable/main/binary-ia64/lwresd_9.2.4-1sarge2_ia64.deb bind9 (1:9.2.4-1sarge2) stable; urgency=low * Backport fix for CVE-2007-0494 (delta between 9.2.7 and 9.2.8) stable/main/binary-hppa/liblwres1_9.2.4-1sarge2_hppa.deb stable/main/binary-hppa/libdns16_9.2.4-1sarge2_hppa.deb stable/main/binary-hppa/lwresd_9.2.4-1sarge2_hppa.deb stable/main/binary-hppa/bind9-host_9.2.4-1sarge2_hppa.deb stable/main/binary-hppa/dnsutils_9.2.4-1sarge2_hppa.deb stable/main/binary-hppa/libbind-dev_9.2.4-1sarge2_hppa.deb stable/main/binary-hppa/libisccfg0_9.2.4-1sarge2_hppa.deb stable/main/binary-hppa/libisccc0_9.2.4-1sarge2_hppa.deb stable/main/binary-hppa/libisc7_9.2.4-1sarge2_hppa.deb stable/main/binary-hppa/bind9_9.2.4-1sarge2_hppa.deb bind9 (1:9.2.4-1sarge2) stable; urgency=low * Backport fix for CVE-2007-0494 (delta between 9.2.7 and 9.2.8) stable/main/binary-arm/bind9-host_9.2.4-1sarge2_arm.deb stable/main/binary-arm/libdns16_9.2.4-1sarge2_arm.deb stable/main/binary-arm/libisc7_9.2.4-1sarge2_arm.deb stable/main/binary-arm/libisccc0_9.2.4-1sarge2_arm.deb stable/main/binary-arm/libbind-dev_9.2.4-1sarge2_arm.deb stable/main/binary-arm/libisccfg0_9.2.4-1sarge2_arm.deb stable/main/binary-arm/liblwres1_9.2.4-1sarge2_arm.deb stable/main/binary-arm/lwresd_9.2.4-1sarge2_arm.deb stable/main/binary-arm/bind9_9.2.4-1sarge2_arm.deb stable/main/binary-arm/dnsutils_9.2.4-1sarge2_arm.deb bind9 (1:9.2.4-1sarge2) stable; urgency=low * Backport fix for CVE-2007-0494 (delta between 9.2.7 and 9.2.8) stable/main/binary-alpha/libisc7_9.2.4-1sarge2_alpha.deb stable/main/binary-alpha/dnsutils_9.2.4-1sarge2_alpha.deb stable/main/binary-alpha/lwresd_9.2.4-1sarge2_alpha.deb stable/main/binary-alpha/bind9-host_9.2.4-1sarge2_alpha.deb stable/main/binary-alpha/bind9_9.2.4-1sarge2_alpha.deb stable/main/binary-alpha/liblwres1_9.2.4-1sarge2_alpha.deb stable/main/binary-alpha/libbind-dev_9.2.4-1sarge2_alpha.deb stable/main/binary-alpha/libisccc0_9.2.4-1sarge2_alpha.deb stable/main/binary-alpha/libisccfg0_9.2.4-1sarge2_alpha.deb stable/main/binary-alpha/libdns16_9.2.4-1sarge2_alpha.deb bind9 (1:9.2.4-1sarge2) stable; urgency=low * Backport fix for CVE-2007-0494 (delta between 9.2.7 and 9.2.8) stable/main/binary-i386/bind9_9.2.4-1sarge2_i386.deb stable/main/binary-i386/bind9-host_9.2.4-1sarge2_i386.deb stable/main/binary-i386/libdns16_9.2.4-1sarge2_i386.deb stable/main/binary-i386/libisc7_9.2.4-1sarge2_i386.deb stable/main/binary-i386/liblwres1_9.2.4-1sarge2_i386.deb stable/main/binary-i386/libisccc0_9.2.4-1sarge2_i386.deb stable/main/binary-i386/libisccfg0_9.2.4-1sarge2_i386.deb stable/main/binary-i386/lwresd_9.2.4-1sarge2_i386.deb stable/main/binary-i386/dnsutils_9.2.4-1sarge2_i386.deb stable/main/binary-i386/libbind-dev_9.2.4-1sarge2_i386.deb stable/main/source/bind9_9.2.4-1sarge2.dsc stable/main/binary-all/bind9-doc_9.2.4-1sarge2_all.deb stable/main/source/bind9_9.2.4-1sarge2.diff.gz bind9 (1:9.2.4-1sarge2) stable; urgency=low * Backport fix for CVE-2007-0494 (delta between 9.2.7 and 9.2.8) stable/main/binary-sparc/asterisk-gtk-console_1.0.7.dfsg.1-2sarge4_sparc.deb stable/main/binary-sparc/asterisk_1.0.7.dfsg.1-2sarge4_sparc.deb stable/main/binary-sparc/asterisk-h323_1.0.7.dfsg.1-2sarge4_sparc.deb asterisk (1:1.0.7.dfsg.1-2sarge4) stable-security; urgency=high * Non-maintainer upload * Backported fix for buffer overflow in chan_skinny driver induced by an undetected integer underflow [debian/patches/99_CVE-2006-5444.dpatch] (Closes: #394025) stable/main/binary-s390/asterisk-h323_1.0.7.dfsg.1-2sarge4_s390.deb stable/main/binary-s390/asterisk-gtk-console_1.0.7.dfsg.1-2sarge4_s390.deb stable/main/binary-s390/asterisk_1.0.7.dfsg.1-2sarge4_s390.deb asterisk (1:1.0.7.dfsg.1-2sarge4) stable-security; urgency=high * Non-maintainer upload * Backported fix for buffer overflow in chan_skinny driver induced by an undetected integer underflow [debian/patches/99_CVE-2006-5444.dpatch] (Closes: #394025) stable/main/binary-mipsel/asterisk-gtk-console_1.0.7.dfsg.1-2sarge4_mipsel.deb stable/main/binary-mipsel/asterisk-h323_1.0.7.dfsg.1-2sarge4_mipsel.deb stable/main/binary-mipsel/asterisk_1.0.7.dfsg.1-2sarge4_mipsel.deb asterisk (1:1.0.7.dfsg.1-2sarge4) stable-security; urgency=high * Non-maintainer upload * Backported fix for buffer overflow in chan_skinny driver induced by an undetected integer underflow [debian/patches/99_CVE-2006-5444.dpatch] (Closes: #394025) stable/main/binary-mips/asterisk-h323_1.0.7.dfsg.1-2sarge4_mips.deb stable/main/binary-mips/asterisk-gtk-console_1.0.7.dfsg.1-2sarge4_mips.deb stable/main/binary-mips/asterisk_1.0.7.dfsg.1-2sarge4_mips.deb asterisk (1:1.0.7.dfsg.1-2sarge4) stable-security; urgency=high * Non-maintainer upload * Backported fix for buffer overflow in chan_skinny driver induced by an undetected integer underflow [debian/patches/99_CVE-2006-5444.dpatch] (Closes: #394025) stable/main/binary-m68k/asterisk_1.0.7.dfsg.1-2sarge4_m68k.deb stable/main/binary-m68k/asterisk-gtk-console_1.0.7.dfsg.1-2sarge4_m68k.deb stable/main/binary-m68k/asterisk-h323_1.0.7.dfsg.1-2sarge4_m68k.deb asterisk (1:1.0.7.dfsg.1-2sarge4) stable-security; urgency=high * Non-maintainer upload * Backported fix for buffer overflow in chan_skinny driver induced by an undetected integer underflow [debian/patches/99_CVE-2006-5444.dpatch] (Closes: #394025) stable/main/binary-ia64/asterisk_1.0.7.dfsg.1-2sarge4_ia64.deb stable/main/binary-ia64/asterisk-gtk-console_1.0.7.dfsg.1-2sarge4_ia64.deb stable/main/binary-ia64/asterisk-h323_1.0.7.dfsg.1-2sarge4_ia64.deb asterisk (1:1.0.7.dfsg.1-2sarge4) stable-security; urgency=high * Non-maintainer upload * Backported fix for buffer overflow in chan_skinny driver induced by an undetected integer underflow [debian/patches/99_CVE-2006-5444.dpatch] (Closes: #394025) stable/main/binary-i386/asterisk_1.0.7.dfsg.1-2sarge4_i386.deb stable/main/binary-i386/asterisk-gtk-console_1.0.7.dfsg.1-2sarge4_i386.deb stable/main/binary-i386/asterisk-h323_1.0.7.dfsg.1-2sarge4_i386.deb asterisk (1:1.0.7.dfsg.1-2sarge4) stable-security; urgency=high * Non-maintainer upload * Backported fix for buffer overflow in chan_skinny driver induced by an undetected integer underflow [debian/patches/99_CVE-2006-5444.dpatch] (Closes: #394025) stable/main/binary-hppa/asterisk-h323_1.0.7.dfsg.1-2sarge4_hppa.deb stable/main/binary-hppa/asterisk-gtk-console_1.0.7.dfsg.1-2sarge4_hppa.deb stable/main/binary-hppa/asterisk_1.0.7.dfsg.1-2sarge4_hppa.deb asterisk (1:1.0.7.dfsg.1-2sarge4) stable-security; urgency=high * Non-maintainer upload * Backported fix for buffer overflow in chan_skinny driver induced by an undetected integer underflow [debian/patches/99_CVE-2006-5444.dpatch] (Closes: #394025) stable/main/binary-arm/asterisk-h323_1.0.7.dfsg.1-2sarge4_arm.deb stable/main/binary-arm/asterisk-gtk-console_1.0.7.dfsg.1-2sarge4_arm.deb stable/main/binary-arm/asterisk_1.0.7.dfsg.1-2sarge4_arm.deb asterisk (1:1.0.7.dfsg.1-2sarge4) stable-security; urgency=high * Non-maintainer upload * Backported fix for buffer overflow in chan_skinny driver induced by an undetected integer underflow [debian/patches/99_CVE-2006-5444.dpatch] (Closes: #394025) stable/main/binary-alpha/asterisk_1.0.7.dfsg.1-2sarge4_alpha.deb stable/main/binary-alpha/asterisk-gtk-console_1.0.7.dfsg.1-2sarge4_alpha.deb stable/main/binary-alpha/asterisk-h323_1.0.7.dfsg.1-2sarge4_alpha.deb asterisk (1:1.0.7.dfsg.1-2sarge4) stable-security; urgency=high * Non-maintainer upload * Backported fix for buffer overflow in chan_skinny driver induced by an undetected integer underflow [debian/patches/99_CVE-2006-5444.dpatch] (Closes: #394025) stable/main/binary-all/asterisk-sounds-main_1.0.7.dfsg.1-2sarge4_all.deb stable/main/binary-all/asterisk-doc_1.0.7.dfsg.1-2sarge4_all.deb stable/main/binary-powerpc/asterisk-gtk-console_1.0.7.dfsg.1-2sarge4_powerpc.deb stable/main/binary-all/asterisk-web-vmail_1.0.7.dfsg.1-2sarge4_all.deb stable/main/source/asterisk_1.0.7.dfsg.1-2sarge4.diff.gz stable/main/binary-all/asterisk-dev_1.0.7.dfsg.1-2sarge4_all.deb stable/main/binary-powerpc/asterisk_1.0.7.dfsg.1-2sarge4_powerpc.deb stable/main/source/asterisk_1.0.7.dfsg.1-2sarge4.dsc stable/main/binary-all/asterisk-config_1.0.7.dfsg.1-2sarge4_all.deb stable/main/binary-powerpc/asterisk-h323_1.0.7.dfsg.1-2sarge4_powerpc.deb asterisk (1:1.0.7.dfsg.1-2sarge4) stable-security; urgency=high * Non-maintainer upload * Backported fix for buffer overflow in chan_skinny driver induced by an undetected integer underflow [debian/patches/99_CVE-2006-5444.dpatch] (Closes: #394025) ========================================= Sat, 28 Oct 2006 - Debian 3.1r4 released ========================================= stable/main/binary-sparc/libssl0.9.6_0.9.6m-1sarge4_sparc.deb openssl096 (0.9.6m-1sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-s390/libssl0.9.6_0.9.6m-1sarge4_s390.deb openssl096 (0.9.6m-1sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-powerpc/libssl0.9.6_0.9.6m-1sarge4_powerpc.deb openssl096 (0.9.6m-1sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-mipsel/libssl0.9.6_0.9.6m-1sarge4_mipsel.deb openssl096 (0.9.6m-1sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-mips/libssl0.9.6_0.9.6m-1sarge4_mips.deb openssl096 (0.9.6m-1sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-m68k/libssl0.9.6_0.9.6m-1sarge4_m68k.deb openssl096 (0.9.6m-1sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-ia64/libssl0.9.6_0.9.6m-1sarge4_ia64.deb openssl096 (0.9.6m-1sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-hppa/libssl0.9.6_0.9.6m-1sarge4_hppa.deb openssl096 (0.9.6m-1sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-arm/libssl0.9.6_0.9.6m-1sarge4_arm.deb openssl096 (0.9.6m-1sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-alpha/libssl0.9.6_0.9.6m-1sarge4_alpha.deb openssl096 (0.9.6m-1sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/source/openssl096_0.9.6m-1sarge4.diff.gz stable/main/binary-i386/libssl0.9.6_0.9.6m-1sarge4_i386.deb stable/main/source/openssl096_0.9.6m-1sarge4.dsc openssl096 (0.9.6m-1sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-sparc/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_sparc.deb stable/main/binary-sparc/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_sparc.deb stable/main/binary-sparc/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_sparc.deb stable/main/binary-sparc/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_sparc.deb stable/main/binary-sparc/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_sparc.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8c.1) stable-security; urgency=critical * various security issues addressed (aka 1.5.0.7 backports): 0001-no-mfsa-CVE-2006-2788-321598.txt 0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 0007-MFSA2006-61-CVE-2006-4568-343168.txt 0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 0026-GetDepth-without-DEBUG-in-BlockFrame.txt 0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-s390/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_s390.deb stable/main/binary-s390/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_s390.deb stable/main/binary-s390/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_s390.deb stable/main/binary-s390/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_s390.deb stable/main/binary-s390/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_s390.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8c.1) stable-security; urgency=critical * various security issues addressed (aka 1.5.0.7 backports): 0001-no-mfsa-CVE-2006-2788-321598.txt 0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 0007-MFSA2006-61-CVE-2006-4568-343168.txt 0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 0026-GetDepth-without-DEBUG-in-BlockFrame.txt 0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-powerpc/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_powerpc.deb stable/main/binary-powerpc/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_powerpc.deb stable/main/binary-powerpc/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_powerpc.deb stable/main/binary-powerpc/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_powerpc.deb stable/main/binary-powerpc/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_powerpc.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8c.1) stable-security; urgency=critical * various security issues addressed (aka 1.5.0.7 backports): 0001-no-mfsa-CVE-2006-2788-321598.txt 0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 0007-MFSA2006-61-CVE-2006-4568-343168.txt 0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 0026-GetDepth-without-DEBUG-in-BlockFrame.txt 0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-mipsel/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mipsel.deb stable/main/binary-mipsel/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mipsel.deb stable/main/binary-mipsel/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mipsel.deb stable/main/binary-mipsel/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mipsel.deb stable/main/binary-mipsel/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mipsel.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8c.1) stable-security; urgency=critical * various security issues addressed (aka 1.5.0.7 backports): 0001-no-mfsa-CVE-2006-2788-321598.txt 0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 0007-MFSA2006-61-CVE-2006-4568-343168.txt 0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 0026-GetDepth-without-DEBUG-in-BlockFrame.txt 0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-mips/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_mips.deb stable/main/binary-mips/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_mips.deb stable/main/binary-mips/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_mips.deb stable/main/binary-mips/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_mips.deb stable/main/binary-mips/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_mips.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8c.1) stable-security; urgency=critical * various security issues addressed (aka 1.5.0.7 backports): 0001-no-mfsa-CVE-2006-2788-321598.txt 0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 0007-MFSA2006-61-CVE-2006-4568-343168.txt 0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 0026-GetDepth-without-DEBUG-in-BlockFrame.txt 0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-m68k/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_m68k.deb stable/main/binary-m68k/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_m68k.deb stable/main/binary-m68k/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_m68k.deb stable/main/binary-m68k/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_m68k.deb stable/main/binary-m68k/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_m68k.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8c.1) stable-security; urgency=critical * various security issues addressed (aka 1.5.0.7 backports): 0001-no-mfsa-CVE-2006-2788-321598.txt 0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 0007-MFSA2006-61-CVE-2006-4568-343168.txt 0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 0026-GetDepth-without-DEBUG-in-BlockFrame.txt 0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-ia64/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_ia64.deb stable/main/binary-ia64/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_ia64.deb stable/main/binary-ia64/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_ia64.deb stable/main/binary-ia64/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_ia64.deb stable/main/binary-ia64/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_ia64.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8c.1) stable-security; urgency=critical * various security issues addressed (aka 1.5.0.7 backports): 0001-no-mfsa-CVE-2006-2788-321598.txt 0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 0007-MFSA2006-61-CVE-2006-4568-343168.txt 0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 0026-GetDepth-without-DEBUG-in-BlockFrame.txt 0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-hppa/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_hppa.deb stable/main/binary-hppa/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_hppa.deb stable/main/binary-hppa/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_hppa.deb stable/main/binary-hppa/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_hppa.deb stable/main/binary-hppa/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_hppa.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8c.1) stable-security; urgency=critical * various security issues addressed (aka 1.5.0.7 backports): 0001-no-mfsa-CVE-2006-2788-321598.txt 0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 0007-MFSA2006-61-CVE-2006-4568-343168.txt 0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 0026-GetDepth-without-DEBUG-in-BlockFrame.txt 0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-arm/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_arm.deb stable/main/binary-arm/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_arm.deb stable/main/binary-arm/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_arm.deb stable/main/binary-arm/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_arm.deb stable/main/binary-arm/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_arm.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8c.1) stable-security; urgency=critical * various security issues addressed (aka 1.5.0.7 backports): 0001-no-mfsa-CVE-2006-2788-321598.txt 0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 0007-MFSA2006-61-CVE-2006-4568-343168.txt 0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 0026-GetDepth-without-DEBUG-in-BlockFrame.txt 0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-alpha/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_alpha.deb stable/main/binary-alpha/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_alpha.deb stable/main/binary-alpha/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_alpha.deb stable/main/binary-alpha/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_alpha.deb stable/main/binary-alpha/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_alpha.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8c.1) stable-security; urgency=critical * various security issues addressed (aka 1.5.0.7 backports): 0001-no-mfsa-CVE-2006-2788-321598.txt 0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 0007-MFSA2006-61-CVE-2006-4568-343168.txt 0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 0026-GetDepth-without-DEBUG-in-BlockFrame.txt 0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/source/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.diff.gz stable/main/binary-i386/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8c.1_i386.deb stable/main/binary-i386/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1_i386.deb stable/main/source/mozilla-thunderbird_1.0.2-2.sarge1.0.8c.1.dsc stable/main/binary-i386/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8c.1_i386.deb stable/main/binary-i386/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8c.1_i386.deb stable/main/binary-i386/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8c.1_i386.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8c.1) stable-security; urgency=critical * various security issues addressed (aka 1.5.0.7 backports): 0001-no-mfsa-CVE-2006-2788-321598.txt 0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 0007-MFSA2006-61-CVE-2006-4568-343168.txt 0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 0026-GetDepth-without-DEBUG-in-BlockFrame.txt 0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/source/mindi-kernel_2.4.27-2sarge3.diff.gz stable/main/source/mindi-kernel_2.4.27-2sarge3.dsc stable/main/binary-i386/mindi-kernel_2.4.27-2sarge3_i386.deb mindi-kernel (2.4.27-2sarge3) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/source/kernel-source-2.6.8_2.6.8-16sarge5.diff.gz stable/main/binary-all/kernel-doc-2.6.8_2.6.8-16sarge5_all.deb stable/main/binary-all/kernel-source-2.6.8_2.6.8-16sarge5_all.deb stable/main/source/kernel-source-2.6.8_2.6.8-16sarge5.dsc stable/main/binary-all/kernel-patch-debian-2.6.8_2.6.8-16sarge5_all.deb stable/main/binary-all/kernel-tree-2.6.8_2.6.8-16sarge5_all.deb kernel-source-2.6.8 (2.6.8-16sarge5) stable-security; urgency=high * [ERRATA] madvise_remove-restrict.dpatch [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.6.8 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * fs-ext3-bad-nfs-handle.dpatch [SECURITY] James McKenzie discovered a Denial of Service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. See CVE-2006-3468 * direct-io-write-mem-leak.dpatch [SECURITY] Fix memory leak in O_DIRECT write. See CVE-2004-2660 * nfs-handle-long-symlinks.dpatch [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * cdrom-bad-cgc.buflen-assign.dpatch [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * usb-serial-ftdi_sio-dos.patch [SECURITY] fix userspace DoS in ftdi_sio driver See CVE-2006-2936 * selinux-tracer-SID-fix.dpatch [SECURITY] Fix vulnerability in selinux_ptrace that prevents local users from changing the tracer SID to the SID of another process See CVE-2006-1052 * netfilter-SO_ORIGINAL_DST-leak.dpatch [SECURITY] Fix information leak in SO_ORIGINAL_DST See CVE-2006-1343 * sg-no-mmap-VM_IO.dpatch [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * exit-bogus-bugon.dpatch [SECURITY] Remove bogus BUG() in exit.c which could be maliciously triggered by a local user See CVE-2006-1855 * readv-writev-missing-lsm-check.dpatch, readv-writev-missing-lsm-check-compat.dpatch [SECURITY] Add missing file_permission callback in readv/writev syscalls See CVE-2006-1856 * snmp-nat-mem-corruption-fix.dpatch [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * kfree_skb-race.dpatch [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * hppa-mb-extraneous-semicolon.dpatch, sparc32-mb-extraneous-semicolons.dpatch, sparc64-mb-extraneous-semicolons.dpatch: Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with kfree_skb-race.dpatch * sctp-priv-elevation.dpatch [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * sctp-priv-elevation-2.dpatch [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch See CVE-2006-4535 * ppc-hid0-dos.dpatch [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * udf-deadlock.dpatch [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 stable/main/source/kernel-source-2.4.27_2.4.27-10sarge4.dsc stable/main/source/kernel-source-2.4.27_2.4.27-10sarge4.diff.gz stable/main/binary-all/kernel-doc-2.4.27_2.4.27-10sarge4_all.deb stable/main/binary-all/kernel-patch-debian-2.4.27_2.4.27-10sarge4_all.deb stable/main/binary-all/kernel-source-2.4.27_2.4.27-10sarge4_all.deb stable/main/binary-all/kernel-tree-2.4.27_2.4.27-10sarge4_all.deb kernel-source-2.4.27 (2.4.27-10sarge4) stable-security; urgency=high * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-powerpc/kernel-build-2.6.8-3-powerpc-smp_2.6.8-12sarge5_powerpc.deb stable/main/binary-powerpc/kernel-image-2.6.8-3-power4_2.6.8-12sarge5_powerpc.deb stable/main/source/kernel-patch-powerpc-2.6.8_2.6.8-12sarge5.tar.gz stable/main/binary-powerpc/kernel-build-2.6.8-3-power4_2.6.8-12sarge5_powerpc.deb stable/main/binary-powerpc/kernel-image-2.6.8-3-power3-smp_2.6.8-12sarge5_powerpc.deb stable/main/binary-powerpc/kernel-image-2.6.8-3-powerpc-smp_2.6.8-12sarge5_powerpc.deb stable/main/binary-powerpc/kernel-image-2.6.8-3-powerpc_2.6.8-12sarge5_powerpc.deb stable/main/binary-powerpc/kernel-image-2.6.8-3-power3_2.6.8-12sarge5_powerpc.deb stable/main/binary-powerpc/kernel-build-2.6.8-3-power3_2.6.8-12sarge5_powerpc.deb stable/main/source/kernel-patch-powerpc-2.6.8_2.6.8-12sarge5.dsc stable/main/binary-powerpc/kernel-build-2.6.8-3-powerpc_2.6.8-12sarge5_powerpc.deb stable/main/binary-powerpc/kernel-headers-2.6.8-3_2.6.8-12sarge5_powerpc.deb stable/main/binary-powerpc/kernel-image-2.6.8-3-power4-smp_2.6.8-12sarge5_powerpc.deb stable/main/binary-powerpc/kernel-build-2.6.8-3-power4-smp_2.6.8-12sarge5_powerpc.deb stable/main/binary-powerpc/kernel-build-2.6.8-3-power3-smp_2.6.8-12sarge5_powerpc.deb kernel-patch-powerpc-2.6.8 (2.6.8-12sarge5) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge5: * [ERRATA] madvise_remove-restrict.dpatch [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.6.8 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * fs-ext3-bad-nfs-handle.dpatch [SECURITY] James McKenzie discovered a Denial of Service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. See CVE-2006-3468 * direct-io-write-mem-leak.dpatch [SECURITY] Fix memory leak in O_DIRECT write. See CVE-2004-2660 * nfs-handle-long-symlinks.dpatch [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * cdrom-bad-cgc.buflen-assign.dpatch [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * usb-serial-ftdi_sio-dos.patch [SECURITY] fix userspace DoS in ftdi_sio driver See CVE-2006-2936 * selinux-tracer-SID-fix.dpatch [SECURITY] Fix vulnerability in selinux_ptrace that prevents local users from changing the tracer SID to the SID of another process See CVE-2006-1052 * netfilter-SO_ORIGINAL_DST-leak.dpatch [SECURITY] Fix information leak in SO_ORIGINAL_DST See CVE-2006-1343 * sg-no-mmap-VM_IO.dpatch [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * exit-bogus-bugon.dpatch [SECURITY] Remove bogus BUG() in exit.c which could be maliciously triggered by a local user See CVE-2006-1855 * readv-writev-missing-lsm-check.dpatch, readv-writev-missing-lsm-check-compat.dpatch [SECURITY] Add missing file_permission callback in readv/writev syscalls See CVE-2006-1856 * snmp-nat-mem-corruption-fix.dpatch [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * kfree_skb-race.dpatch [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * hppa-mb-extraneous-semicolon.dpatch, sparc32-mb-extraneous-semicolons.dpatch, sparc64-mb-extraneous-semicolons.dpatch: Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with kfree_skb-race.dpatch * sctp-priv-elevation.dpatch [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * sctp-priv-elevation-2.dpatch [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch See CVE-2006-4535 * ppc-hid0-dos.dpatch [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * udf-deadlock.dpatch [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 stable/main/binary-powerpc/kernel-image-2.4.27-powerpc_2.4.27-10sarge4_powerpc.deb stable/main/binary-powerpc/kernel-image-2.4.27-nubus_2.4.27-10sarge4_powerpc.deb stable/main/binary-powerpc/kernel-build-2.4.27-nubus_2.4.27-10sarge4_powerpc.deb stable/main/binary-powerpc/kernel-headers-2.4.27-powerpc_2.4.27-10sarge4_powerpc.deb stable/main/binary-powerpc/kernel-patch-2.4.27-powerpc_2.4.27-10sarge4_powerpc.deb stable/main/source/kernel-patch-powerpc-2.4.27_2.4.27-10sarge4.tar.gz stable/main/binary-powerpc/kernel-build-2.4.27-powerpc-small_2.4.27-10sarge4_powerpc.deb stable/main/binary-powerpc/kernel-patch-2.4.27-nubus_2.4.27-10sarge4_powerpc.deb stable/main/binary-powerpc/kernel-headers-2.4.27-nubus_2.4.27-10sarge4_powerpc.deb stable/main/binary-powerpc/kernel-build-2.4.27-apus_2.4.27-10sarge4_powerpc.deb stable/main/binary-powerpc/kernel-image-2.4.27-powerpc-smp_2.4.27-10sarge4_powerpc.deb stable/main/binary-powerpc/kernel-headers-2.4.27-apus_2.4.27-10sarge4_powerpc.deb stable/main/binary-powerpc/kernel-build-2.4.27-powerpc-smp_2.4.27-10sarge4_powerpc.deb stable/main/binary-powerpc/kernel-image-2.4.27-powerpc-small_2.4.27-10sarge4_powerpc.deb stable/main/binary-powerpc/kernel-image-2.4.27-apus_2.4.27-10sarge4_powerpc.deb stable/main/source/kernel-patch-powerpc-2.4.27_2.4.27-10sarge4.dsc stable/main/binary-powerpc/kernel-patch-2.4.27-apus_2.4.27-10sarge4_powerpc.deb stable/main/binary-powerpc/kernel-build-2.4.27-powerpc_2.4.27-10sarge4_powerpc.deb kernel-patch-powerpc-2.4.27 (2.4.27-10sarge4) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/source/kernel-patch-2.4.27-s390_2.4.27-2sarge1.dsc stable/main/binary-all/kernel-patch-2.4.27-s390_2.4.27-2sarge1_all.deb stable/main/source/kernel-patch-2.4.27-s390_2.4.27-2sarge1.diff.gz kernel-patch-2.4.27-s390 (2.4.27-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Use kernel-tree-2.4.27-10sarge2 * Regenerate linux-2.4.27-s390.diff to apply to updated source tree * Build fix for 206_s390-sacf-fix.diff (CAN-2004-0887) from new kernel-tree. stable/main/binary-sparc/mips-tools_2.4.27-10.sarge4.040815-1_sparc.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-1) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-s390/mips-tools_2.4.27-10.sarge4.040815-1_s390.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-1) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-powerpc/mips-tools_2.4.27-10.sarge4.040815-1_powerpc.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-1) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-mipsel/kernel-image-2.4.27-xxs1500_2.4.27-10.sarge4.040815-1_mipsel.deb stable/main/binary-mipsel/kernel-image-2.4.27-r5k-lasat_2.4.27-10.sarge4.040815-1_mipsel.deb stable/main/binary-mipsel/kernel-image-2.4.27-r5k-cobalt_2.4.27-10.sarge4.040815-1_mipsel.deb stable/main/binary-mipsel/kernel-image-2.4.27-r4k-kn04_2.4.27-10.sarge4.040815-1_mipsel.deb stable/main/binary-mipsel/mips-tools_2.4.27-10.sarge4.040815-1_mipsel.deb stable/main/binary-mipsel/kernel-headers-2.4.27_2.4.27-10.sarge4.040815-1_mipsel.deb stable/main/binary-mipsel/kernel-image-2.4.27-r3k-kn02_2.4.27-10.sarge4.040815-1_mipsel.deb stable/main/binary-mipsel/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge4.040815-1_mipsel.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-1) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-mips/mips-tools_2.4.27-10.sarge4.040815-1_mips.deb stable/main/binary-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge4.040815-1_mips.deb stable/main/binary-mips/kernel-image-2.4.27-r4k-ip22_2.4.27-10.sarge4.040815-1_mips.deb stable/main/binary-mips/kernel-image-2.4.27-r5k-ip22_2.4.27-10.sarge4.040815-1_mips.deb stable/main/binary-mips/kernel-headers-2.4.27_2.4.27-10.sarge4.040815-1_mips.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-1) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-sparc/libdevmapper1.01_1.01.00-4sarge1_sparc.deb stable/main/binary-sparc/libdevmapper1.01-udeb_1.01.00-4sarge1_sparc.udeb stable/main/binary-sparc/dmsetup_1.01.00-4sarge1_sparc.deb stable/main/binary-sparc/dmsetup-udeb_1.01.00-4sarge1_sparc.udeb stable/main/binary-sparc/libdevmapper-dev_1.01.00-4sarge1_sparc.deb devmapper (2:1.01.00-4sarge1) stable; urgency=low * Non-maintainer upload. * LVM devices are created with root:disk ownership and 0660 permissions, which are used by all other disk block devices. This allows backups of LVM logical volumes with tools such as amanda, which run as user backup, a member of the disk group. stable/main/binary-s390/dmsetup_1.01.00-4sarge1_s390.deb stable/main/binary-s390/dmsetup-udeb_1.01.00-4sarge1_s390.udeb stable/main/binary-s390/libdevmapper1.01_1.01.00-4sarge1_s390.deb stable/main/binary-s390/libdevmapper-dev_1.01.00-4sarge1_s390.deb stable/main/binary-s390/libdevmapper1.01-udeb_1.01.00-4sarge1_s390.udeb devmapper (2:1.01.00-4sarge1) stable; urgency=low * Non-maintainer upload. * LVM devices are created with root:disk ownership and 0660 permissions, which are used by all other disk block devices. This allows backups of LVM logical volumes with tools such as amanda, which run as user backup, a member of the disk group. stable/main/binary-mipsel/libdevmapper-dev_1.01.00-4sarge1_mipsel.deb stable/main/binary-mipsel/dmsetup_1.01.00-4sarge1_mipsel.deb stable/main/binary-mipsel/libdevmapper1.01-udeb_1.01.00-4sarge1_mipsel.udeb stable/main/binary-mipsel/libdevmapper1.01_1.01.00-4sarge1_mipsel.deb stable/main/binary-mipsel/dmsetup-udeb_1.01.00-4sarge1_mipsel.udeb devmapper (2:1.01.00-4sarge1) stable; urgency=low * Non-maintainer upload. * LVM devices are created with root:disk ownership and 0660 permissions, which are used by all other disk block devices. This allows backups of LVM logical volumes with tools such as amanda, which run as user backup, a member of the disk group. stable/main/binary-mips/libdevmapper-dev_1.01.00-4sarge1_mips.deb stable/main/binary-mips/dmsetup-udeb_1.01.00-4sarge1_mips.udeb stable/main/binary-mips/libdevmapper1.01_1.01.00-4sarge1_mips.deb stable/main/binary-mips/dmsetup_1.01.00-4sarge1_mips.deb stable/main/binary-mips/libdevmapper1.01-udeb_1.01.00-4sarge1_mips.udeb devmapper (2:1.01.00-4sarge1) stable; urgency=low * Non-maintainer upload. * LVM devices are created with root:disk ownership and 0660 permissions, which are used by all other disk block devices. This allows backups of LVM logical volumes with tools such as amanda, which run as user backup, a member of the disk group. stable/main/binary-m68k/libdevmapper1.01_1.01.00-4sarge1_m68k.deb stable/main/binary-m68k/dmsetup-udeb_1.01.00-4sarge1_m68k.udeb stable/main/binary-m68k/libdevmapper-dev_1.01.00-4sarge1_m68k.deb stable/main/binary-m68k/libdevmapper1.01-udeb_1.01.00-4sarge1_m68k.udeb stable/main/binary-m68k/dmsetup_1.01.00-4sarge1_m68k.deb devmapper (2:1.01.00-4sarge1) stable; urgency=low * Non-maintainer upload. * LVM devices are created with root:disk ownership and 0660 permissions, which are used by all other disk block devices. This allows backups of LVM logical volumes with tools such as amanda, which run as user backup, a member of the disk group. stable/main/binary-ia64/dmsetup_1.01.00-4sarge1_ia64.deb stable/main/binary-ia64/dmsetup-udeb_1.01.00-4sarge1_ia64.udeb stable/main/binary-ia64/libdevmapper-dev_1.01.00-4sarge1_ia64.deb stable/main/binary-ia64/libdevmapper1.01-udeb_1.01.00-4sarge1_ia64.udeb stable/main/binary-ia64/libdevmapper1.01_1.01.00-4sarge1_ia64.deb devmapper (2:1.01.00-4sarge1) stable; urgency=low * Non-maintainer upload. * LVM devices are created with root:disk ownership and 0660 permissions, which are used by all other disk block devices. This allows backups of LVM logical volumes with tools such as amanda, which run as user backup, a member of the disk group. stable/main/binary-i386/dmsetup-udeb_1.01.00-4sarge1_i386.udeb stable/main/binary-i386/dmsetup_1.01.00-4sarge1_i386.deb stable/main/binary-i386/libdevmapper1.01-udeb_1.01.00-4sarge1_i386.udeb stable/main/binary-i386/libdevmapper1.01_1.01.00-4sarge1_i386.deb stable/main/binary-i386/libdevmapper-dev_1.01.00-4sarge1_i386.deb devmapper (2:1.01.00-4sarge1) stable; urgency=low * Non-maintainer upload. * LVM devices are created with root:disk ownership and 0660 permissions, which are used by all other disk block devices. This allows backups of LVM logical volumes with tools such as amanda, which run as user backup, a member of the disk group. stable/main/binary-hppa/dmsetup_1.01.00-4sarge1_hppa.deb stable/main/binary-hppa/libdevmapper1.01_1.01.00-4sarge1_hppa.deb stable/main/binary-hppa/libdevmapper-dev_1.01.00-4sarge1_hppa.deb stable/main/binary-hppa/libdevmapper1.01-udeb_1.01.00-4sarge1_hppa.udeb stable/main/binary-hppa/dmsetup-udeb_1.01.00-4sarge1_hppa.udeb devmapper (2:1.01.00-4sarge1) stable; urgency=low * Non-maintainer upload. * LVM devices are created with root:disk ownership and 0660 permissions, which are used by all other disk block devices. This allows backups of LVM logical volumes with tools such as amanda, which run as user backup, a member of the disk group. stable/main/binary-arm/dmsetup-udeb_1.01.00-4sarge1_arm.udeb stable/main/binary-arm/dmsetup_1.01.00-4sarge1_arm.deb stable/main/binary-arm/libdevmapper1.01_1.01.00-4sarge1_arm.deb stable/main/binary-arm/libdevmapper-dev_1.01.00-4sarge1_arm.deb stable/main/binary-arm/libdevmapper1.01-udeb_1.01.00-4sarge1_arm.udeb devmapper (2:1.01.00-4sarge1) stable; urgency=low * Non-maintainer upload. * LVM devices are created with root:disk ownership and 0660 permissions, which are used by all other disk block devices. This allows backups of LVM logical volumes with tools such as amanda, which run as user backup, a member of the disk group. stable/main/binary-alpha/dmsetup_1.01.00-4sarge1_alpha.deb stable/main/binary-alpha/libdevmapper1.01_1.01.00-4sarge1_alpha.deb stable/main/binary-alpha/libdevmapper-dev_1.01.00-4sarge1_alpha.deb stable/main/binary-alpha/libdevmapper1.01-udeb_1.01.00-4sarge1_alpha.udeb stable/main/binary-alpha/dmsetup-udeb_1.01.00-4sarge1_alpha.udeb devmapper (2:1.01.00-4sarge1) stable; urgency=low * Non-maintainer upload. * LVM devices are created with root:disk ownership and 0660 permissions, which are used by all other disk block devices. This allows backups of LVM logical volumes with tools such as amanda, which run as user backup, a member of the disk group. stable/main/source/devmapper_1.01.00-4sarge1.diff.gz stable/main/binary-powerpc/dmsetup_1.01.00-4sarge1_powerpc.deb stable/main/source/devmapper_1.01.00-4sarge1.dsc stable/main/binary-powerpc/libdevmapper1.01-udeb_1.01.00-4sarge1_powerpc.udeb stable/main/binary-powerpc/libdevmapper-dev_1.01.00-4sarge1_powerpc.deb stable/main/binary-powerpc/libdevmapper1.01_1.01.00-4sarge1_powerpc.deb stable/main/binary-powerpc/dmsetup-udeb_1.01.00-4sarge1_powerpc.udeb devmapper (2:1.01.00-4sarge1) stable; urgency=low * Non-maintainer upload. * LVM devices are created with root:disk ownership and 0660 permissions, which are used by all other disk block devices. This allows backups of LVM logical volumes with tools such as amanda, which run as user backup, a member of the disk group. stable/main/binary-ia64/libsqldbc7.5.00-dev_7.5.00.24-4_ia64.deb stable/main/binary-ia64/libsqlod7.5.00_7.5.00.24-4_ia64.deb stable/main/binary-ia64/maxdb-lserver_7.5.00.24-4_ia64.deb stable/main/binary-ia64/maxdb-server-7.5.00_7.5.00.24-4_ia64.deb stable/main/binary-ia64/maxdb-loadercli_7.5.00.24-4_ia64.deb stable/main/binary-ia64/maxdb-sqlcli_7.5.00.24-4_ia64.deb stable/main/binary-ia64/maxdb-webtools_7.5.00.24-4_ia64.deb stable/main/binary-ia64/python2.3-maxdb_7.5.00.24-4_ia64.deb stable/main/binary-ia64/python2.4-maxdb_7.5.00.24-4_ia64.deb stable/main/binary-ia64/python-maxdb_7.5.00.24-4_ia64.deb stable/main/binary-ia64/python2.4-maxdb-loader_7.5.00.24-4_ia64.deb stable/main/binary-ia64/maxdb-dbmcli_7.5.00.24-4_ia64.deb stable/main/binary-ia64/python2.3-maxdb-loader_7.5.00.24-4_ia64.deb stable/main/binary-ia64/libsqldbc7.5.00_7.5.00.24-4_ia64.deb stable/main/binary-ia64/maxdb-server-dbg-7.5.00_7.5.00.24-4_ia64.deb stable/main/binary-ia64/maxdb-server_7.5.00.24-4_ia64.deb stable/main/binary-ia64/libsqlod7.5.00-dev_7.5.00.24-4_ia64.deb stable/main/binary-ia64/maxdb-dbanalyzer_7.5.00.24-4_ia64.deb stable/main/binary-ia64/python-maxdb-loader_7.5.00.24-4_ia64.deb maxdb-7.5.00 (7.5.00.24-4) stable-security; urgency=high * Fix for remotely exploitable buffer overflow. (CVE-2006-4305) stable/main/binary-i386/python-maxdb-loader_7.5.00.24-4_i386.deb stable/main/binary-i386/maxdb-loadercli_7.5.00.24-4_i386.deb stable/main/binary-i386/maxdb-webtools_7.5.00.24-4_i386.deb stable/main/binary-i386/maxdb-lserver_7.5.00.24-4_i386.deb stable/main/binary-i386/libsqlod7.5.00_7.5.00.24-4_i386.deb stable/main/binary-i386/python2.4-maxdb-loader_7.5.00.24-4_i386.deb stable/main/binary-i386/libsqldbc7.5.00-dev_7.5.00.24-4_i386.deb stable/main/source/maxdb-7.5.00_7.5.00.24-4.dsc stable/main/binary-i386/python-maxdb_7.5.00.24-4_i386.deb stable/main/binary-i386/maxdb-server-dbg-7.5.00_7.5.00.24-4_i386.deb stable/main/source/maxdb-7.5.00_7.5.00.24-4.diff.gz stable/main/binary-i386/libsqldbc7.5.00_7.5.00.24-4_i386.deb stable/main/binary-i386/python2.4-maxdb_7.5.00.24-4_i386.deb stable/main/binary-i386/libsqlod7.5.00-dev_7.5.00.24-4_i386.deb stable/main/binary-i386/maxdb-server_7.5.00.24-4_i386.deb stable/main/binary-i386/maxdb-sqlcli_7.5.00.24-4_i386.deb stable/main/binary-i386/python2.3-maxdb-loader_7.5.00.24-4_i386.deb stable/main/binary-i386/python2.3-maxdb_7.5.00.24-4_i386.deb stable/main/binary-i386/maxdb-dbmcli_7.5.00.24-4_i386.deb stable/main/binary-i386/maxdb-dbanalyzer_7.5.00.24-4_i386.deb stable/main/binary-i386/maxdb-server-7.5.00_7.5.00.24-4_i386.deb maxdb-7.5.00 (7.5.00.24-4) stable-security; urgency=high * Fix for remotely exploitable buffer overflow. (CVE-2006-4305) stable/main/binary-all/migrationtools_46-1sarge1_all.deb stable/main/source/migrationtools_46-1sarge1.diff.gz stable/main/source/migrationtools_46-1sarge1.dsc migrationtools (46-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: Fix multiple insecure temporary files. stable/main/binary-sparc/mozilla-firefox-dom-inspector_1.0.4-2sarge11_sparc.deb stable/main/binary-sparc/mozilla-firefox_1.0.4-2sarge11_sparc.deb stable/main/binary-sparc/mozilla-firefox-gnome-support_1.0.4-2sarge11_sparc.deb mozilla-firefox (1.0.4-2sarge11) stable-security; urgency=critical * content/base/src/nsGenericElement.cpp: Patch from Alexander Sack to fix JavaScript regression that seems to affect Google Maps. (Closes: #385248, #385515) stable/main/binary-s390/mozilla-firefox_1.0.4-2sarge11_s390.deb stable/main/binary-s390/mozilla-firefox-gnome-support_1.0.4-2sarge11_s390.deb stable/main/binary-s390/mozilla-firefox-dom-inspector_1.0.4-2sarge11_s390.deb mozilla-firefox (1.0.4-2sarge11) stable-security; urgency=critical * content/base/src/nsGenericElement.cpp: Patch from Alexander Sack to fix JavaScript regression that seems to affect Google Maps. (Closes: #385248, #385515) stable/main/binary-powerpc/mozilla-firefox-dom-inspector_1.0.4-2sarge11_powerpc.deb stable/main/binary-powerpc/mozilla-firefox-gnome-support_1.0.4-2sarge11_powerpc.deb stable/main/binary-powerpc/mozilla-firefox_1.0.4-2sarge11_powerpc.deb mozilla-firefox (1.0.4-2sarge11) stable-security; urgency=critical * content/base/src/nsGenericElement.cpp: Patch from Alexander Sack to fix JavaScript regression that seems to affect Google Maps. (Closes: #385248, #385515) stable/main/binary-mipsel/mozilla-firefox-gnome-support_1.0.4-2sarge11_mipsel.deb stable/main/binary-mipsel/mozilla-firefox-dom-inspector_1.0.4-2sarge11_mipsel.deb stable/main/binary-mipsel/mozilla-firefox_1.0.4-2sarge11_mipsel.deb mozilla-firefox (1.0.4-2sarge11) stable-security; urgency=critical * content/base/src/nsGenericElement.cpp: Patch from Alexander Sack to fix JavaScript regression that seems to affect Google Maps. (Closes: #385248, #385515) stable/main/binary-mips/mozilla-firefox-gnome-support_1.0.4-2sarge11_mips.deb stable/main/binary-mips/mozilla-firefox-dom-inspector_1.0.4-2sarge11_mips.deb stable/main/binary-mips/mozilla-firefox_1.0.4-2sarge11_mips.deb mozilla-firefox (1.0.4-2sarge11) stable-security; urgency=critical * content/base/src/nsGenericElement.cpp: Patch from Alexander Sack to fix JavaScript regression that seems to affect Google Maps. (Closes: #385248, #385515) stable/main/binary-m68k/mozilla-firefox-gnome-support_1.0.4-2sarge11_m68k.deb stable/main/binary-m68k/mozilla-firefox_1.0.4-2sarge11_m68k.deb stable/main/binary-m68k/mozilla-firefox-dom-inspector_1.0.4-2sarge11_m68k.deb mozilla-firefox (1.0.4-2sarge11) stable-security; urgency=critical * content/base/src/nsGenericElement.cpp: Patch from Alexander Sack to fix JavaScript regression that seems to affect Google Maps. (Closes: #385248, #385515) stable/main/binary-ia64/mozilla-firefox-dom-inspector_1.0.4-2sarge11_ia64.deb stable/main/binary-ia64/mozilla-firefox-gnome-support_1.0.4-2sarge11_ia64.deb stable/main/binary-ia64/mozilla-firefox_1.0.4-2sarge11_ia64.deb mozilla-firefox (1.0.4-2sarge11) stable-security; urgency=critical * content/base/src/nsGenericElement.cpp: Patch from Alexander Sack to fix JavaScript regression that seems to affect Google Maps. (Closes: #385248, #385515) stable/main/binary-hppa/mozilla-firefox-gnome-support_1.0.4-2sarge11_hppa.deb stable/main/binary-hppa/mozilla-firefox-dom-inspector_1.0.4-2sarge11_hppa.deb stable/main/binary-hppa/mozilla-firefox_1.0.4-2sarge11_hppa.deb mozilla-firefox (1.0.4-2sarge11) stable-security; urgency=critical * content/base/src/nsGenericElement.cpp: Patch from Alexander Sack to fix JavaScript regression that seems to affect Google Maps. (Closes: #385248, #385515) stable/main/binary-arm/mozilla-firefox_1.0.4-2sarge11_arm.deb stable/main/binary-arm/mozilla-firefox-gnome-support_1.0.4-2sarge11_arm.deb stable/main/binary-arm/mozilla-firefox-dom-inspector_1.0.4-2sarge11_arm.deb mozilla-firefox (1.0.4-2sarge11) stable-security; urgency=critical * content/base/src/nsGenericElement.cpp: Patch from Alexander Sack to fix JavaScript regression that seems to affect Google Maps. (Closes: #385248, #385515) stable/main/binary-alpha/mozilla-firefox_1.0.4-2sarge11_alpha.deb stable/main/binary-alpha/mozilla-firefox-gnome-support_1.0.4-2sarge11_alpha.deb stable/main/binary-alpha/mozilla-firefox-dom-inspector_1.0.4-2sarge11_alpha.deb mozilla-firefox (1.0.4-2sarge11) stable-security; urgency=critical * content/base/src/nsGenericElement.cpp: Patch from Alexander Sack to fix JavaScript regression that seems to affect Google Maps. (Closes: #385248, #385515) stable/main/binary-i386/mozilla-firefox_1.0.4-2sarge11_i386.deb stable/main/source/mozilla-firefox_1.0.4-2sarge11.diff.gz stable/main/binary-i386/mozilla-firefox-gnome-support_1.0.4-2sarge11_i386.deb stable/main/source/mozilla-firefox_1.0.4-2sarge11.dsc stable/main/binary-i386/mozilla-firefox-dom-inspector_1.0.4-2sarge11_i386.deb mozilla-firefox (1.0.4-2sarge11) stable-security; urgency=critical * content/base/src/nsGenericElement.cpp: Patch from Alexander Sack to fix JavaScript regression that seems to affect Google Maps. (Closes: #385248, #385515) stable/main/binary-sparc/libnss-dev_1.7.8-1sarge7.3.1_sparc.deb stable/main/binary-sparc/mozilla-dev_1.7.8-1sarge7.3.1_sparc.deb stable/main/binary-sparc/mozilla-chatzilla_1.7.8-1sarge7.3.1_sparc.deb stable/main/binary-sparc/mozilla-js-debugger_1.7.8-1sarge7.3.1_sparc.deb stable/main/binary-sparc/mozilla-mailnews_1.7.8-1sarge7.3.1_sparc.deb stable/main/binary-sparc/mozilla_1.7.8-1sarge7.3.1_sparc.deb stable/main/binary-sparc/mozilla-calendar_1.7.8-1sarge7.3.1_sparc.deb stable/main/binary-sparc/mozilla-browser_1.7.8-1sarge7.3.1_sparc.deb stable/main/binary-sparc/libnspr-dev_1.7.8-1sarge7.3.1_sparc.deb stable/main/binary-sparc/mozilla-dom-inspector_1.7.8-1sarge7.3.1_sparc.deb stable/main/binary-sparc/libnspr4_1.7.8-1sarge7.3.1_sparc.deb stable/main/binary-sparc/mozilla-psm_1.7.8-1sarge7.3.1_sparc.deb stable/main/binary-sparc/libnss3_1.7.8-1sarge7.3.1_sparc.deb mozilla (2:1.7.8-1sarge7.3.1) stable-security; urgency=critical * fixes various security issues. Patches are: 3_0001-no-mfsa-CVE-2006-2788-321598.txt 3_0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 3_0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 3_0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 3_0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 3_0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 3_0007-MFSA2006-61-CVE-2006-4568-343168.txt 3_0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 3_0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 3_0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 3_0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 3_0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 3_0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 3_0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 3_0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 3_0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 3_0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 3_0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 3_0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 3_0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 3_0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 3_0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 3_0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 3_0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 3_0026-GetDepth-without-DEBUG-in-BlockFrame.txt 3_0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-s390/mozilla-psm_1.7.8-1sarge7.3.1_s390.deb stable/main/binary-s390/mozilla-dev_1.7.8-1sarge7.3.1_s390.deb stable/main/binary-s390/mozilla-mailnews_1.7.8-1sarge7.3.1_s390.deb stable/main/binary-s390/libnss-dev_1.7.8-1sarge7.3.1_s390.deb stable/main/binary-s390/libnss3_1.7.8-1sarge7.3.1_s390.deb stable/main/binary-s390/libnspr4_1.7.8-1sarge7.3.1_s390.deb stable/main/binary-s390/mozilla-calendar_1.7.8-1sarge7.3.1_s390.deb stable/main/binary-s390/mozilla-chatzilla_1.7.8-1sarge7.3.1_s390.deb stable/main/binary-s390/mozilla-dom-inspector_1.7.8-1sarge7.3.1_s390.deb stable/main/binary-s390/libnspr-dev_1.7.8-1sarge7.3.1_s390.deb stable/main/binary-s390/mozilla-browser_1.7.8-1sarge7.3.1_s390.deb stable/main/binary-s390/mozilla_1.7.8-1sarge7.3.1_s390.deb stable/main/binary-s390/mozilla-js-debugger_1.7.8-1sarge7.3.1_s390.deb mozilla (2:1.7.8-1sarge7.3.1) stable-security; urgency=critical * fixes various security issues. Patches are: 3_0001-no-mfsa-CVE-2006-2788-321598.txt 3_0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 3_0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 3_0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 3_0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 3_0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 3_0007-MFSA2006-61-CVE-2006-4568-343168.txt 3_0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 3_0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 3_0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 3_0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 3_0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 3_0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 3_0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 3_0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 3_0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 3_0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 3_0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 3_0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 3_0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 3_0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 3_0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 3_0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 3_0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 3_0026-GetDepth-without-DEBUG-in-BlockFrame.txt 3_0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-powerpc/libnss3_1.7.8-1sarge7.3.1_powerpc.deb stable/main/binary-powerpc/mozilla-chatzilla_1.7.8-1sarge7.3.1_powerpc.deb stable/main/binary-powerpc/libnspr4_1.7.8-1sarge7.3.1_powerpc.deb stable/main/binary-powerpc/mozilla-browser_1.7.8-1sarge7.3.1_powerpc.deb stable/main/binary-powerpc/mozilla-js-debugger_1.7.8-1sarge7.3.1_powerpc.deb stable/main/binary-powerpc/mozilla-psm_1.7.8-1sarge7.3.1_powerpc.deb stable/main/binary-powerpc/libnspr-dev_1.7.8-1sarge7.3.1_powerpc.deb stable/main/binary-powerpc/mozilla-calendar_1.7.8-1sarge7.3.1_powerpc.deb stable/main/binary-powerpc/mozilla-mailnews_1.7.8-1sarge7.3.1_powerpc.deb stable/main/binary-powerpc/mozilla_1.7.8-1sarge7.3.1_powerpc.deb stable/main/binary-powerpc/mozilla-dom-inspector_1.7.8-1sarge7.3.1_powerpc.deb stable/main/binary-powerpc/mozilla-dev_1.7.8-1sarge7.3.1_powerpc.deb stable/main/binary-powerpc/libnss-dev_1.7.8-1sarge7.3.1_powerpc.deb mozilla (2:1.7.8-1sarge7.3.1) stable-security; urgency=critical * fixes various security issues. Patches are: 3_0001-no-mfsa-CVE-2006-2788-321598.txt 3_0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 3_0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 3_0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 3_0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 3_0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 3_0007-MFSA2006-61-CVE-2006-4568-343168.txt 3_0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 3_0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 3_0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 3_0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 3_0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 3_0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 3_0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 3_0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 3_0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 3_0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 3_0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 3_0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 3_0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 3_0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 3_0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 3_0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 3_0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 3_0026-GetDepth-without-DEBUG-in-BlockFrame.txt 3_0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-mipsel/libnspr-dev_1.7.8-1sarge7.3.1_mipsel.deb stable/main/binary-mipsel/mozilla-mailnews_1.7.8-1sarge7.3.1_mipsel.deb stable/main/binary-mipsel/libnspr4_1.7.8-1sarge7.3.1_mipsel.deb stable/main/binary-mipsel/libnss-dev_1.7.8-1sarge7.3.1_mipsel.deb stable/main/binary-mipsel/mozilla-calendar_1.7.8-1sarge7.3.1_mipsel.deb stable/main/binary-mipsel/mozilla-chatzilla_1.7.8-1sarge7.3.1_mipsel.deb stable/main/binary-mipsel/libnss3_1.7.8-1sarge7.3.1_mipsel.deb stable/main/binary-mipsel/mozilla-js-debugger_1.7.8-1sarge7.3.1_mipsel.deb stable/main/binary-mipsel/mozilla-psm_1.7.8-1sarge7.3.1_mipsel.deb stable/main/binary-mipsel/mozilla-browser_1.7.8-1sarge7.3.1_mipsel.deb stable/main/binary-mipsel/mozilla-dev_1.7.8-1sarge7.3.1_mipsel.deb stable/main/binary-mipsel/mozilla-dom-inspector_1.7.8-1sarge7.3.1_mipsel.deb stable/main/binary-mipsel/mozilla_1.7.8-1sarge7.3.1_mipsel.deb mozilla (2:1.7.8-1sarge7.3.1) stable-security; urgency=critical * fixes various security issues. Patches are: 3_0001-no-mfsa-CVE-2006-2788-321598.txt 3_0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 3_0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 3_0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 3_0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 3_0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 3_0007-MFSA2006-61-CVE-2006-4568-343168.txt 3_0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 3_0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 3_0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 3_0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 3_0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 3_0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 3_0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 3_0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 3_0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 3_0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 3_0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 3_0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 3_0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 3_0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 3_0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 3_0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 3_0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 3_0026-GetDepth-without-DEBUG-in-BlockFrame.txt 3_0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-mips/mozilla-js-debugger_1.7.8-1sarge7.3.1_mips.deb stable/main/binary-mips/libnspr4_1.7.8-1sarge7.3.1_mips.deb stable/main/binary-mips/libnss3_1.7.8-1sarge7.3.1_mips.deb stable/main/binary-mips/mozilla_1.7.8-1sarge7.3.1_mips.deb stable/main/binary-mips/mozilla-chatzilla_1.7.8-1sarge7.3.1_mips.deb stable/main/binary-mips/libnspr-dev_1.7.8-1sarge7.3.1_mips.deb stable/main/binary-mips/mozilla-mailnews_1.7.8-1sarge7.3.1_mips.deb stable/main/binary-mips/mozilla-dom-inspector_1.7.8-1sarge7.3.1_mips.deb stable/main/binary-mips/mozilla-browser_1.7.8-1sarge7.3.1_mips.deb stable/main/binary-mips/mozilla-calendar_1.7.8-1sarge7.3.1_mips.deb stable/main/binary-mips/mozilla-dev_1.7.8-1sarge7.3.1_mips.deb stable/main/binary-mips/mozilla-psm_1.7.8-1sarge7.3.1_mips.deb stable/main/binary-mips/libnss-dev_1.7.8-1sarge7.3.1_mips.deb mozilla (2:1.7.8-1sarge7.3.1) stable-security; urgency=critical * fixes various security issues. Patches are: 3_0001-no-mfsa-CVE-2006-2788-321598.txt 3_0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 3_0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 3_0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 3_0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 3_0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 3_0007-MFSA2006-61-CVE-2006-4568-343168.txt 3_0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 3_0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 3_0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 3_0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 3_0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 3_0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 3_0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 3_0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 3_0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 3_0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 3_0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 3_0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 3_0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 3_0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 3_0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 3_0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 3_0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 3_0026-GetDepth-without-DEBUG-in-BlockFrame.txt 3_0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-m68k/libnss3_1.7.8-1sarge7.3.1_m68k.deb stable/main/binary-m68k/mozilla-js-debugger_1.7.8-1sarge7.3.1_m68k.deb stable/main/binary-m68k/mozilla-browser_1.7.8-1sarge7.3.1_m68k.deb stable/main/binary-m68k/libnspr-dev_1.7.8-1sarge7.3.1_m68k.deb stable/main/binary-m68k/mozilla-psm_1.7.8-1sarge7.3.1_m68k.deb stable/main/binary-m68k/mozilla-dev_1.7.8-1sarge7.3.1_m68k.deb stable/main/binary-m68k/libnspr4_1.7.8-1sarge7.3.1_m68k.deb stable/main/binary-m68k/mozilla_1.7.8-1sarge7.3.1_m68k.deb stable/main/binary-m68k/mozilla-chatzilla_1.7.8-1sarge7.3.1_m68k.deb stable/main/binary-m68k/libnss-dev_1.7.8-1sarge7.3.1_m68k.deb stable/main/binary-m68k/mozilla-mailnews_1.7.8-1sarge7.3.1_m68k.deb stable/main/binary-m68k/mozilla-calendar_1.7.8-1sarge7.3.1_m68k.deb stable/main/binary-m68k/mozilla-dom-inspector_1.7.8-1sarge7.3.1_m68k.deb mozilla (2:1.7.8-1sarge7.3.1) stable-security; urgency=critical * fixes various security issues. Patches are: 3_0001-no-mfsa-CVE-2006-2788-321598.txt 3_0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 3_0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 3_0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 3_0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 3_0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 3_0007-MFSA2006-61-CVE-2006-4568-343168.txt 3_0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 3_0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 3_0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 3_0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 3_0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 3_0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 3_0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 3_0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 3_0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 3_0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 3_0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 3_0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 3_0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 3_0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 3_0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 3_0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 3_0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 3_0026-GetDepth-without-DEBUG-in-BlockFrame.txt 3_0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-ia64/mozilla-js-debugger_1.7.8-1sarge7.3.1_ia64.deb stable/main/binary-ia64/mozilla-dev_1.7.8-1sarge7.3.1_ia64.deb stable/main/binary-ia64/mozilla-dom-inspector_1.7.8-1sarge7.3.1_ia64.deb stable/main/binary-ia64/mozilla_1.7.8-1sarge7.3.1_ia64.deb stable/main/binary-ia64/libnspr4_1.7.8-1sarge7.3.1_ia64.deb stable/main/binary-ia64/mozilla-calendar_1.7.8-1sarge7.3.1_ia64.deb stable/main/binary-ia64/mozilla-chatzilla_1.7.8-1sarge7.3.1_ia64.deb stable/main/binary-ia64/libnss-dev_1.7.8-1sarge7.3.1_ia64.deb stable/main/binary-ia64/mozilla-psm_1.7.8-1sarge7.3.1_ia64.deb stable/main/binary-ia64/libnss3_1.7.8-1sarge7.3.1_ia64.deb stable/main/binary-ia64/mozilla-browser_1.7.8-1sarge7.3.1_ia64.deb stable/main/binary-ia64/mozilla-mailnews_1.7.8-1sarge7.3.1_ia64.deb stable/main/binary-ia64/libnspr-dev_1.7.8-1sarge7.3.1_ia64.deb mozilla (2:1.7.8-1sarge7.3.1) stable-security; urgency=critical * fixes various security issues. Patches are: 3_0001-no-mfsa-CVE-2006-2788-321598.txt 3_0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 3_0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 3_0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 3_0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 3_0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 3_0007-MFSA2006-61-CVE-2006-4568-343168.txt 3_0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 3_0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 3_0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 3_0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 3_0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 3_0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 3_0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 3_0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 3_0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 3_0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 3_0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 3_0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 3_0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 3_0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 3_0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 3_0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 3_0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 3_0026-GetDepth-without-DEBUG-in-BlockFrame.txt 3_0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-hppa/mozilla-js-debugger_1.7.8-1sarge7.3.1_hppa.deb stable/main/binary-hppa/mozilla-dom-inspector_1.7.8-1sarge7.3.1_hppa.deb stable/main/binary-hppa/mozilla-mailnews_1.7.8-1sarge7.3.1_hppa.deb stable/main/binary-hppa/mozilla-browser_1.7.8-1sarge7.3.1_hppa.deb stable/main/binary-hppa/libnspr-dev_1.7.8-1sarge7.3.1_hppa.deb stable/main/binary-hppa/mozilla-psm_1.7.8-1sarge7.3.1_hppa.deb stable/main/binary-hppa/libnss3_1.7.8-1sarge7.3.1_hppa.deb stable/main/binary-hppa/libnss-dev_1.7.8-1sarge7.3.1_hppa.deb stable/main/binary-hppa/mozilla_1.7.8-1sarge7.3.1_hppa.deb stable/main/binary-hppa/mozilla-dev_1.7.8-1sarge7.3.1_hppa.deb stable/main/binary-hppa/mozilla-chatzilla_1.7.8-1sarge7.3.1_hppa.deb stable/main/binary-hppa/mozilla-calendar_1.7.8-1sarge7.3.1_hppa.deb stable/main/binary-hppa/libnspr4_1.7.8-1sarge7.3.1_hppa.deb mozilla (2:1.7.8-1sarge7.3.1) stable-security; urgency=critical * fixes various security issues. Patches are: 3_0001-no-mfsa-CVE-2006-2788-321598.txt 3_0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 3_0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 3_0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 3_0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 3_0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 3_0007-MFSA2006-61-CVE-2006-4568-343168.txt 3_0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 3_0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 3_0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 3_0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 3_0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 3_0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 3_0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 3_0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 3_0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 3_0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 3_0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 3_0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 3_0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 3_0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 3_0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 3_0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 3_0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 3_0026-GetDepth-without-DEBUG-in-BlockFrame.txt 3_0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-arm/mozilla-psm_1.7.8-1sarge7.3.1_arm.deb stable/main/binary-arm/mozilla-js-debugger_1.7.8-1sarge7.3.1_arm.deb stable/main/binary-arm/libnss3_1.7.8-1sarge7.3.1_arm.deb stable/main/binary-arm/libnspr4_1.7.8-1sarge7.3.1_arm.deb stable/main/binary-arm/mozilla-chatzilla_1.7.8-1sarge7.3.1_arm.deb stable/main/binary-arm/mozilla-browser_1.7.8-1sarge7.3.1_arm.deb stable/main/binary-arm/mozilla-mailnews_1.7.8-1sarge7.3.1_arm.deb stable/main/binary-arm/libnspr-dev_1.7.8-1sarge7.3.1_arm.deb stable/main/binary-arm/libnss-dev_1.7.8-1sarge7.3.1_arm.deb stable/main/binary-arm/mozilla-dom-inspector_1.7.8-1sarge7.3.1_arm.deb stable/main/binary-arm/mozilla-calendar_1.7.8-1sarge7.3.1_arm.deb stable/main/binary-arm/mozilla_1.7.8-1sarge7.3.1_arm.deb stable/main/binary-arm/mozilla-dev_1.7.8-1sarge7.3.1_arm.deb mozilla (2:1.7.8-1sarge7.3.1) stable-security; urgency=critical * fixes various security issues. Patches are: 3_0001-no-mfsa-CVE-2006-2788-321598.txt 3_0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 3_0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 3_0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 3_0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 3_0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 3_0007-MFSA2006-61-CVE-2006-4568-343168.txt 3_0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 3_0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 3_0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 3_0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 3_0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 3_0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 3_0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 3_0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 3_0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 3_0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 3_0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 3_0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 3_0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 3_0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 3_0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 3_0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 3_0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 3_0026-GetDepth-without-DEBUG-in-BlockFrame.txt 3_0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-alpha/mozilla-js-debugger_1.7.8-1sarge7.3.1_alpha.deb stable/main/binary-alpha/mozilla-mailnews_1.7.8-1sarge7.3.1_alpha.deb stable/main/binary-alpha/libnspr-dev_1.7.8-1sarge7.3.1_alpha.deb stable/main/binary-alpha/mozilla-dev_1.7.8-1sarge7.3.1_alpha.deb stable/main/binary-alpha/libnss-dev_1.7.8-1sarge7.3.1_alpha.deb stable/main/binary-alpha/mozilla-chatzilla_1.7.8-1sarge7.3.1_alpha.deb stable/main/binary-alpha/libnspr4_1.7.8-1sarge7.3.1_alpha.deb stable/main/binary-alpha/mozilla-psm_1.7.8-1sarge7.3.1_alpha.deb stable/main/binary-alpha/mozilla-dom-inspector_1.7.8-1sarge7.3.1_alpha.deb stable/main/binary-alpha/mozilla-calendar_1.7.8-1sarge7.3.1_alpha.deb stable/main/binary-alpha/mozilla-browser_1.7.8-1sarge7.3.1_alpha.deb stable/main/binary-alpha/mozilla_1.7.8-1sarge7.3.1_alpha.deb stable/main/binary-alpha/libnss3_1.7.8-1sarge7.3.1_alpha.deb mozilla (2:1.7.8-1sarge7.3.1) stable-security; urgency=critical * fixes various security issues. Patches are: 3_0001-no-mfsa-CVE-2006-2788-321598.txt 3_0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 3_0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 3_0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 3_0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 3_0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 3_0007-MFSA2006-61-CVE-2006-4568-343168.txt 3_0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 3_0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 3_0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 3_0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 3_0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 3_0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 3_0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 3_0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 3_0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 3_0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 3_0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 3_0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 3_0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 3_0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 3_0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 3_0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 3_0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 3_0026-GetDepth-without-DEBUG-in-BlockFrame.txt 3_0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-i386/libnspr-dev_1.7.8-1sarge7.3.1_i386.deb stable/main/binary-i386/libnss3_1.7.8-1sarge7.3.1_i386.deb stable/main/binary-i386/mozilla-browser_1.7.8-1sarge7.3.1_i386.deb stable/main/binary-i386/mozilla-dom-inspector_1.7.8-1sarge7.3.1_i386.deb stable/main/binary-i386/mozilla-psm_1.7.8-1sarge7.3.1_i386.deb stable/main/binary-i386/mozilla-dev_1.7.8-1sarge7.3.1_i386.deb stable/main/binary-i386/libnspr4_1.7.8-1sarge7.3.1_i386.deb stable/main/binary-i386/mozilla_1.7.8-1sarge7.3.1_i386.deb stable/main/source/mozilla_1.7.8-1sarge7.3.1.dsc stable/main/source/mozilla_1.7.8-1sarge7.3.1.diff.gz stable/main/binary-i386/mozilla-mailnews_1.7.8-1sarge7.3.1_i386.deb stable/main/binary-i386/mozilla-calendar_1.7.8-1sarge7.3.1_i386.deb stable/main/binary-i386/libnss-dev_1.7.8-1sarge7.3.1_i386.deb stable/main/binary-i386/mozilla-chatzilla_1.7.8-1sarge7.3.1_i386.deb stable/main/binary-i386/mozilla-js-debugger_1.7.8-1sarge7.3.1_i386.deb mozilla (2:1.7.8-1sarge7.3.1) stable-security; urgency=critical * fixes various security issues. Patches are: 3_0001-no-mfsa-CVE-2006-2788-321598.txt 3_0002-MFSA2006-57-Part-1-2-CVE-2006-4565-346090.txt 3_0003-MFSA2006-57-Part-2-2-CVE-2006-4566-346794.txt 3_0004-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-1-3-350640.txt 3_0005-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-2-3-351079.txt 3_0006-MFSA2006-60-CVE-2006-4340-CVE-2006-4339-Part-3-3-351848.txt 3_0007-MFSA2006-61-CVE-2006-4568-343168.txt 3_0008-MFSA-2006-63-CVE-2006-4570-346984-mail-only.txt 3_0009-MFSA2006-64-CVE-2006-4571-346980-grant-cellmap-patch.txt 3_0010-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-1-4-345967.txt 3_0011-MFSA2006-64-CVE-2006-4571-Section-3-5-Part-3-4-348532.txt 3_0012-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-1-20-268575.txt 3_0013-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-2-20-306940.txt 3_0014-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-3-20-307826.txt 3_0015-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-5-20-337419.txt 3_0016-MFSA2006-64-CVS-2006-4571-Section-4-5-Part-6-20-337883.txt 3_0018-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8a-20-348049.txt 3_0019-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8b-20-348049.txt 3_0020-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8c-20-348049.txt 3_0021-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-8d-20-348049.txt 3_0022-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-9-20-205735.txt 3_0023-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-12-20-348062.txt 3_0024-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-17-20-349201.txt 3_0025-MFSA2006-64-CVE-2006-4571-Section-5-5-344085.txt 3_0026-GetDepth-without-DEBUG-in-BlockFrame.txt 3_0028-MFSA2006-64-CVE-2006-4571-Section-4-5-Part-7-20-347355-without-svg-bug.txt stable/main/binary-sparc/mysql-server-4.1_4.1.11a-4sarge7_sparc.deb stable/main/binary-sparc/libmysqlclient14_4.1.11a-4sarge7_sparc.deb stable/main/binary-sparc/libmysqlclient14-dev_4.1.11a-4sarge7_sparc.deb stable/main/binary-sparc/mysql-client-4.1_4.1.11a-4sarge7_sparc.deb mysql-dfsg-4.1 (4.1.11a-4sarge7) stable-security; urgency=low * SECURITY: MySQL when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. (CVE-2006-4226). Closes: #384798 * SECURITY: Certain SQL queries could crash the server and prevent master-slave replication from continue until manual intervention was taken. (CVE-2006-4380). Closes: #383165 stable/main/binary-s390/libmysqlclient14-dev_4.1.11a-4sarge7_s390.deb stable/main/binary-s390/mysql-server-4.1_4.1.11a-4sarge7_s390.deb stable/main/binary-s390/libmysqlclient14_4.1.11a-4sarge7_s390.deb stable/main/binary-s390/mysql-client-4.1_4.1.11a-4sarge7_s390.deb mysql-dfsg-4.1 (4.1.11a-4sarge7) stable-security; urgency=low * SECURITY: MySQL when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. (CVE-2006-4226). Closes: #384798 * SECURITY: Certain SQL queries could crash the server and prevent master-slave replication from continue until manual intervention was taken. (CVE-2006-4380). Closes: #383165 stable/main/binary-powerpc/mysql-client-4.1_4.1.11a-4sarge7_powerpc.deb stable/main/binary-powerpc/libmysqlclient14_4.1.11a-4sarge7_powerpc.deb stable/main/binary-powerpc/mysql-server-4.1_4.1.11a-4sarge7_powerpc.deb stable/main/binary-powerpc/libmysqlclient14-dev_4.1.11a-4sarge7_powerpc.deb mysql-dfsg-4.1 (4.1.11a-4sarge7) stable-security; urgency=low * SECURITY: MySQL when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. (CVE-2006-4226). Closes: #384798 * SECURITY: Certain SQL queries could crash the server and prevent master-slave replication from continue until manual intervention was taken. (CVE-2006-4380). Closes: #383165 stable/main/binary-mipsel/mysql-server-4.1_4.1.11a-4sarge7_mipsel.deb stable/main/binary-mipsel/mysql-client-4.1_4.1.11a-4sarge7_mipsel.deb stable/main/binary-mipsel/libmysqlclient14-dev_4.1.11a-4sarge7_mipsel.deb stable/main/binary-mipsel/libmysqlclient14_4.1.11a-4sarge7_mipsel.deb mysql-dfsg-4.1 (4.1.11a-4sarge7) stable-security; urgency=low * SECURITY: MySQL when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. (CVE-2006-4226). Closes: #384798 * SECURITY: Certain SQL queries could crash the server and prevent master-slave replication from continue until manual intervention was taken. (CVE-2006-4380). Closes: #383165 stable/main/binary-mips/mysql-client-4.1_4.1.11a-4sarge7_mips.deb stable/main/binary-mips/libmysqlclient14_4.1.11a-4sarge7_mips.deb stable/main/binary-mips/libmysqlclient14-dev_4.1.11a-4sarge7_mips.deb stable/main/binary-mips/mysql-server-4.1_4.1.11a-4sarge7_mips.deb mysql-dfsg-4.1 (4.1.11a-4sarge7) stable-security; urgency=low * SECURITY: MySQL when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. (CVE-2006-4226). Closes: #384798 * SECURITY: Certain SQL queries could crash the server and prevent master-slave replication from continue until manual intervention was taken. (CVE-2006-4380). Closes: #383165 stable/main/binary-m68k/libmysqlclient14_4.1.11a-4sarge7_m68k.deb stable/main/binary-m68k/mysql-client-4.1_4.1.11a-4sarge7_m68k.deb stable/main/binary-m68k/mysql-server-4.1_4.1.11a-4sarge7_m68k.deb stable/main/binary-m68k/libmysqlclient14-dev_4.1.11a-4sarge7_m68k.deb mysql-dfsg-4.1 (4.1.11a-4sarge7) stable-security; urgency=low * SECURITY: MySQL when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. (CVE-2006-4226). Closes: #384798 * SECURITY: Certain SQL queries could crash the server and prevent master-slave replication from continue until manual intervention was taken. (CVE-2006-4380). Closes: #383165 stable/main/binary-ia64/mysql-client-4.1_4.1.11a-4sarge7_ia64.deb stable/main/binary-ia64/libmysqlclient14-dev_4.1.11a-4sarge7_ia64.deb stable/main/binary-ia64/mysql-server-4.1_4.1.11a-4sarge7_ia64.deb stable/main/binary-ia64/libmysqlclient14_4.1.11a-4sarge7_ia64.deb mysql-dfsg-4.1 (4.1.11a-4sarge7) stable-security; urgency=low * SECURITY: MySQL when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. (CVE-2006-4226). Closes: #384798 * SECURITY: Certain SQL queries could crash the server and prevent master-slave replication from continue until manual intervention was taken. (CVE-2006-4380). Closes: #383165 stable/main/binary-hppa/libmysqlclient14-dev_4.1.11a-4sarge7_hppa.deb stable/main/binary-hppa/mysql-client-4.1_4.1.11a-4sarge7_hppa.deb stable/main/binary-hppa/libmysqlclient14_4.1.11a-4sarge7_hppa.deb stable/main/binary-hppa/mysql-server-4.1_4.1.11a-4sarge7_hppa.deb mysql-dfsg-4.1 (4.1.11a-4sarge7) stable-security; urgency=low * SECURITY: MySQL when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. (CVE-2006-4226). Closes: #384798 * SECURITY: Certain SQL queries could crash the server and prevent master-slave replication from continue until manual intervention was taken. (CVE-2006-4380). Closes: #383165 stable/main/binary-arm/libmysqlclient14-dev_4.1.11a-4sarge7_arm.deb stable/main/binary-arm/libmysqlclient14_4.1.11a-4sarge7_arm.deb stable/main/binary-arm/mysql-server-4.1_4.1.11a-4sarge7_arm.deb stable/main/binary-arm/mysql-client-4.1_4.1.11a-4sarge7_arm.deb mysql-dfsg-4.1 (4.1.11a-4sarge7) stable-security; urgency=low * SECURITY: MySQL when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. (CVE-2006-4226). Closes: #384798 * SECURITY: Certain SQL queries could crash the server and prevent master-slave replication from continue until manual intervention was taken. (CVE-2006-4380). Closes: #383165 stable/main/binary-alpha/libmysqlclient14-dev_4.1.11a-4sarge7_alpha.deb stable/main/binary-alpha/libmysqlclient14_4.1.11a-4sarge7_alpha.deb stable/main/binary-alpha/mysql-client-4.1_4.1.11a-4sarge7_alpha.deb stable/main/binary-alpha/mysql-server-4.1_4.1.11a-4sarge7_alpha.deb mysql-dfsg-4.1 (4.1.11a-4sarge7) stable-security; urgency=low * SECURITY: MySQL when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. (CVE-2006-4226). Closes: #384798 * SECURITY: Certain SQL queries could crash the server and prevent master-slave replication from continue until manual intervention was taken. (CVE-2006-4380). Closes: #383165 stable/main/source/mysql-dfsg-4.1_4.1.11a-4sarge7.dsc stable/main/binary-all/mysql-common-4.1_4.1.11a-4sarge7_all.deb stable/main/binary-i386/libmysqlclient14-dev_4.1.11a-4sarge7_i386.deb stable/main/source/mysql-dfsg-4.1_4.1.11a-4sarge7.diff.gz stable/main/binary-i386/mysql-server-4.1_4.1.11a-4sarge7_i386.deb stable/main/binary-i386/mysql-client-4.1_4.1.11a-4sarge7_i386.deb stable/main/binary-i386/libmysqlclient14_4.1.11a-4sarge7_i386.deb mysql-dfsg-4.1 (4.1.11a-4sarge7) stable-security; urgency=low * SECURITY: MySQL when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. (CVE-2006-4226). Closes: #384798 * SECURITY: Certain SQL queries could crash the server and prevent master-slave replication from continue until manual intervention was taken. (CVE-2006-4380). Closes: #383165 stable/main/binary-sparc/zope2.7_2.7.5-2sarge3_sparc.deb zope2.7 (2.7.5-2sarge3) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'csv_table' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. stable/main/binary-s390/zope2.7_2.7.5-2sarge3_s390.deb zope2.7 (2.7.5-2sarge3) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'csv_table' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. stable/main/binary-powerpc/zope2.7_2.7.5-2sarge3_powerpc.deb zope2.7 (2.7.5-2sarge3) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'csv_table' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. stable/main/binary-mipsel/zope2.7_2.7.5-2sarge3_mipsel.deb zope2.7 (2.7.5-2sarge3) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'csv_table' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. stable/main/binary-mips/zope2.7_2.7.5-2sarge3_mips.deb zope2.7 (2.7.5-2sarge3) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'csv_table' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. stable/main/binary-m68k/zope2.7_2.7.5-2sarge3_m68k.deb zope2.7 (2.7.5-2sarge3) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'csv_table' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. stable/main/binary-ia64/zope2.7_2.7.5-2sarge3_ia64.deb zope2.7 (2.7.5-2sarge3) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'csv_table' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. stable/main/binary-hppa/zope2.7_2.7.5-2sarge3_hppa.deb zope2.7 (2.7.5-2sarge3) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'csv_table' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. stable/main/binary-arm/zope2.7_2.7.5-2sarge3_arm.deb zope2.7 (2.7.5-2sarge3) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'csv_table' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. stable/main/binary-alpha/zope2.7_2.7.5-2sarge3_alpha.deb zope2.7 (2.7.5-2sarge3) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'csv_table' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. stable/main/binary-i386/zope2.7_2.7.5-2sarge3_i386.deb stable/main/source/zope2.7_2.7.5-2sarge3.dsc stable/main/source/zope2.7_2.7.5-2sarge3.diff.gz zope2.7 (2.7.5-2sarge3) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'csv_table' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. stable/main/binary-all/usermin-gnupg_1.110-3.1_all.deb stable/main/binary-all/usermin_1.110-3.1_all.deb stable/main/binary-all/usermin-postgresql_1.110-3.1_all.deb stable/main/binary-all/usermin-usermount_1.110-3.1_all.deb stable/main/binary-all/usermin-htaccess_1.110-3.1_all.deb stable/main/binary-all/usermin-cron_1.110-3.1_all.deb stable/main/binary-all/usermin-procmail_1.110-3.1_all.deb stable/main/binary-all/usermin-htpasswd_1.110-3.1_all.deb stable/main/source/usermin_1.110-3.1.diff.gz stable/main/binary-all/usermin-cshrc_1.110-3.1_all.deb stable/main/binary-all/usermin-man_1.110-3.1_all.deb stable/main/binary-all/usermin-mailbox_1.110-3.1_all.deb stable/main/binary-all/usermin-schedule_1.110-3.1_all.deb stable/main/binary-all/usermin-at_1.110-3.1_all.deb stable/main/binary-all/usermin-spamassassin_1.110-3.1_all.deb stable/main/binary-all/usermin-shell_1.110-3.1_all.deb stable/main/binary-all/usermin-fetchmail_1.110-3.1_all.deb stable/main/binary-all/usermin-quota_1.110-3.1_all.deb stable/main/binary-all/usermin-mysql_1.110-3.1_all.deb stable/main/binary-all/usermin-forward_1.110-3.1_all.deb stable/main/binary-all/usermin-commands_1.110-3.1_all.deb stable/main/source/usermin_1.110-3.1.dsc stable/main/binary-all/usermin-plan_1.110-3.1_all.deb stable/main/binary-all/usermin-proc_1.110-3.1_all.deb stable/main/binary-all/usermin-tunnel_1.110-3.1_all.deb stable/main/binary-all/usermin-changepass_1.110-3.1_all.deb stable/main/binary-all/usermin-ssh_1.110-3.1_all.deb stable/main/binary-all/usermin-updown_1.110-3.1_all.deb stable/main/binary-all/usermin-chfn_1.110-3.1_all.deb usermin (1.110-3.1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Hendrik Weimer to prevent unauthorised setting of the root shell [chfn/save.cgi, CVE-2006-4246, Bug#374609] stable/main/source/trac_0.8.1-3sarge5.diff.gz stable/main/binary-all/trac_0.8.1-3sarge5_all.deb stable/main/source/trac_0.8.1-3sarge5.dsc trac (0.8.1-3sarge5) stable-security; urgency=high * Non-maintainer Upload by the Security Team * Backported upstream patch to fix file disclosure [trac/wikimacros/rst.py, debian/patches/12_CVE-2006-3695.patch] stable/main/source/systemimager_3.2.3-6sarge3.dsc stable/main/binary-all/systemimager-boot-i386-standard_3.2.3-6sarge3_all.deb stable/main/binary-all/systemimager-server-flamethrowerd_3.2.3-6sarge3_all.deb stable/main/source/systemimager_3.2.3-6sarge3.tar.gz stable/main/binary-all/systemimager-common_3.2.3-6sarge3_all.deb stable/main/binary-all/systemimager-server_3.2.3-6sarge3_all.deb stable/main/binary-all/systemimager-client_3.2.3-6sarge3_all.deb stable/main/binary-all/systemimager-doc_3.2.3-6sarge3_all.deb stable/main/binary-all/systemimager-boot-ia64-standard_3.2.3-6sarge3_all.deb systemimager (3.2.3-6sarge3) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-sparc/streamripper_1.61.7-1sarge1_sparc.deb streamripper (1.61.7-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix bufferoverflows in lib/http.c [CVE-2006-3124] stable/main/binary-s390/streamripper_1.61.7-1sarge1_s390.deb streamripper (1.61.7-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix bufferoverflows in lib/http.c [CVE-2006-3124] stable/main/binary-powerpc/streamripper_1.61.7-1sarge1_powerpc.deb streamripper (1.61.7-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix bufferoverflows in lib/http.c [CVE-2006-3124] stable/main/binary-mipsel/streamripper_1.61.7-1sarge1_mipsel.deb streamripper (1.61.7-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix bufferoverflows in lib/http.c [CVE-2006-3124] stable/main/binary-mips/streamripper_1.61.7-1sarge1_mips.deb streamripper (1.61.7-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix bufferoverflows in lib/http.c [CVE-2006-3124] stable/main/binary-m68k/streamripper_1.61.7-1sarge1_m68k.deb streamripper (1.61.7-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix bufferoverflows in lib/http.c [CVE-2006-3124] stable/main/binary-ia64/streamripper_1.61.7-1sarge1_ia64.deb streamripper (1.61.7-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix bufferoverflows in lib/http.c [CVE-2006-3124] stable/main/binary-hppa/streamripper_1.61.7-1sarge1_hppa.deb streamripper (1.61.7-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix bufferoverflows in lib/http.c [CVE-2006-3124] stable/main/binary-arm/streamripper_1.61.7-1sarge1_arm.deb streamripper (1.61.7-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix bufferoverflows in lib/http.c [CVE-2006-3124] stable/main/binary-alpha/streamripper_1.61.7-1sarge1_alpha.deb streamripper (1.61.7-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix bufferoverflows in lib/http.c [CVE-2006-3124] stable/main/source/streamripper_1.61.7-1sarge1.diff.gz stable/main/source/streamripper_1.61.7-1sarge1.dsc stable/main/binary-i386/streamripper_1.61.7-1sarge1_i386.deb streamripper (1.61.7-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix bufferoverflows in lib/http.c [CVE-2006-3124] stable/main/binary-sparc/sensible-mda_8.13.4-3sarge3_sparc.deb stable/main/binary-sparc/sendmail-bin_8.13.4-3sarge3_sparc.deb stable/main/binary-sparc/rmail_8.13.4-3sarge3_sparc.deb stable/main/binary-sparc/libmilter0_8.13.4-3sarge3_sparc.deb stable/main/binary-sparc/libmilter-dev_8.13.4-3sarge3_sparc.deb sendmail (8.13.4-3sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch to fix denial of service, Bug#385054, CVE-2006-4434, debian/patches/8.13/8.13.4/z_CVE-2006-4434.patch stable/main/binary-s390/sendmail-bin_8.13.4-3sarge3_s390.deb stable/main/binary-s390/libmilter-dev_8.13.4-3sarge3_s390.deb stable/main/binary-s390/libmilter0_8.13.4-3sarge3_s390.deb stable/main/binary-s390/sensible-mda_8.13.4-3sarge3_s390.deb stable/main/binary-s390/rmail_8.13.4-3sarge3_s390.deb sendmail (8.13.4-3sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch to fix denial of service, Bug#385054, CVE-2006-4434, debian/patches/8.13/8.13.4/z_CVE-2006-4434.patch stable/main/binary-powerpc/rmail_8.13.4-3sarge3_powerpc.deb stable/main/binary-powerpc/sendmail-bin_8.13.4-3sarge3_powerpc.deb stable/main/binary-powerpc/libmilter0_8.13.4-3sarge3_powerpc.deb stable/main/binary-powerpc/libmilter-dev_8.13.4-3sarge3_powerpc.deb stable/main/binary-powerpc/sensible-mda_8.13.4-3sarge3_powerpc.deb sendmail (8.13.4-3sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch to fix denial of service, Bug#385054, CVE-2006-4434, debian/patches/8.13/8.13.4/z_CVE-2006-4434.patch stable/main/binary-mipsel/sensible-mda_8.13.4-3sarge3_mipsel.deb stable/main/binary-mipsel/sendmail-bin_8.13.4-3sarge3_mipsel.deb stable/main/binary-mipsel/rmail_8.13.4-3sarge3_mipsel.deb stable/main/binary-mipsel/libmilter0_8.13.4-3sarge3_mipsel.deb stable/main/binary-mipsel/libmilter-dev_8.13.4-3sarge3_mipsel.deb sendmail (8.13.4-3sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch to fix denial of service, Bug#385054, CVE-2006-4434, debian/patches/8.13/8.13.4/z_CVE-2006-4434.patch stable/main/binary-mips/rmail_8.13.4-3sarge3_mips.deb stable/main/binary-mips/libmilter-dev_8.13.4-3sarge3_mips.deb stable/main/binary-mips/libmilter0_8.13.4-3sarge3_mips.deb stable/main/binary-mips/sendmail-bin_8.13.4-3sarge3_mips.deb stable/main/binary-mips/sensible-mda_8.13.4-3sarge3_mips.deb sendmail (8.13.4-3sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch to fix denial of service, Bug#385054, CVE-2006-4434, debian/patches/8.13/8.13.4/z_CVE-2006-4434.patch stable/main/binary-m68k/libmilter0_8.13.4-3sarge3_m68k.deb stable/main/binary-m68k/libmilter-dev_8.13.4-3sarge3_m68k.deb stable/main/binary-m68k/rmail_8.13.4-3sarge3_m68k.deb stable/main/binary-m68k/sensible-mda_8.13.4-3sarge3_m68k.deb stable/main/binary-m68k/sendmail-bin_8.13.4-3sarge3_m68k.deb sendmail (8.13.4-3sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch to fix denial of service, Bug#385054, CVE-2006-4434, debian/patches/8.13/8.13.4/z_CVE-2006-4434.patch stable/main/binary-ia64/rmail_8.13.4-3sarge3_ia64.deb stable/main/binary-ia64/sensible-mda_8.13.4-3sarge3_ia64.deb stable/main/binary-ia64/sendmail-bin_8.13.4-3sarge3_ia64.deb stable/main/binary-ia64/libmilter0_8.13.4-3sarge3_ia64.deb stable/main/binary-ia64/libmilter-dev_8.13.4-3sarge3_ia64.deb sendmail (8.13.4-3sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch to fix denial of service, Bug#385054, CVE-2006-4434, debian/patches/8.13/8.13.4/z_CVE-2006-4434.patch stable/main/binary-hppa/rmail_8.13.4-3sarge3_hppa.deb stable/main/binary-hppa/libmilter-dev_8.13.4-3sarge3_hppa.deb stable/main/binary-hppa/sendmail-bin_8.13.4-3sarge3_hppa.deb stable/main/binary-hppa/sensible-mda_8.13.4-3sarge3_hppa.deb stable/main/binary-hppa/libmilter0_8.13.4-3sarge3_hppa.deb sendmail (8.13.4-3sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch to fix denial of service, Bug#385054, CVE-2006-4434, debian/patches/8.13/8.13.4/z_CVE-2006-4434.patch stable/main/binary-arm/libmilter-dev_8.13.4-3sarge3_arm.deb stable/main/binary-arm/sensible-mda_8.13.4-3sarge3_arm.deb stable/main/binary-arm/sendmail-bin_8.13.4-3sarge3_arm.deb stable/main/binary-arm/libmilter0_8.13.4-3sarge3_arm.deb stable/main/binary-arm/rmail_8.13.4-3sarge3_arm.deb sendmail (8.13.4-3sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch to fix denial of service, Bug#385054, CVE-2006-4434, debian/patches/8.13/8.13.4/z_CVE-2006-4434.patch stable/main/binary-alpha/libmilter-dev_8.13.4-3sarge3_alpha.deb stable/main/binary-alpha/rmail_8.13.4-3sarge3_alpha.deb stable/main/binary-alpha/sendmail-bin_8.13.4-3sarge3_alpha.deb stable/main/binary-alpha/libmilter0_8.13.4-3sarge3_alpha.deb stable/main/binary-alpha/sensible-mda_8.13.4-3sarge3_alpha.deb sendmail (8.13.4-3sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch to fix denial of service, Bug#385054, CVE-2006-4434, debian/patches/8.13/8.13.4/z_CVE-2006-4434.patch stable/main/binary-all/sendmail-doc_8.13.4-3sarge3_all.deb stable/main/binary-all/sendmail_8.13.4-3sarge3_all.deb stable/main/binary-i386/sensible-mda_8.13.4-3sarge3_i386.deb stable/main/source/sendmail_8.13.4-3sarge3.dsc stable/main/binary-i386/libmilter0_8.13.4-3sarge3_i386.deb stable/main/binary-i386/libmilter-dev_8.13.4-3sarge3_i386.deb stable/main/binary-all/sendmail-base_8.13.4-3sarge3_all.deb stable/main/binary-all/sendmail-cf_8.13.4-3sarge3_all.deb stable/main/binary-i386/sendmail-bin_8.13.4-3sarge3_i386.deb stable/main/source/sendmail_8.13.4-3sarge3.diff.gz stable/main/binary-i386/rmail_8.13.4-3sarge3_i386.deb sendmail (8.13.4-3sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch to fix denial of service, Bug#385054, CVE-2006-4434, debian/patches/8.13/8.13.4/z_CVE-2006-4434.patch stable/main/binary-sparc/libruby1.8-dbg_1.8.2-7sarge4_sparc.deb stable/main/binary-sparc/ruby1.8_1.8.2-7sarge4_sparc.deb stable/main/binary-sparc/libopenssl-ruby1.8_1.8.2-7sarge4_sparc.deb stable/main/binary-sparc/ruby1.8-dev_1.8.2-7sarge4_sparc.deb stable/main/binary-sparc/libgdbm-ruby1.8_1.8.2-7sarge4_sparc.deb stable/main/binary-sparc/libdbm-ruby1.8_1.8.2-7sarge4_sparc.deb stable/main/binary-sparc/libtcltk-ruby1.8_1.8.2-7sarge4_sparc.deb stable/main/binary-sparc/libreadline-ruby1.8_1.8.2-7sarge4_sparc.deb stable/main/binary-sparc/libruby1.8_1.8.2-7sarge4_sparc.deb ruby1.8 (1.8.2-7sarge4) stable-security; urgency=high * akira yamada - added debian/patches/903_JVN-83768862.patch and debian/patches/904_JVN-13947696.patch from Kobayashi Noritada (closes: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. stable/main/binary-s390/ruby1.8-dev_1.8.2-7sarge4_s390.deb stable/main/binary-s390/ruby1.8_1.8.2-7sarge4_s390.deb stable/main/binary-s390/libdbm-ruby1.8_1.8.2-7sarge4_s390.deb stable/main/binary-s390/libtcltk-ruby1.8_1.8.2-7sarge4_s390.deb stable/main/binary-s390/libreadline-ruby1.8_1.8.2-7sarge4_s390.deb stable/main/binary-s390/libruby1.8-dbg_1.8.2-7sarge4_s390.deb stable/main/binary-s390/libruby1.8_1.8.2-7sarge4_s390.deb stable/main/binary-s390/libopenssl-ruby1.8_1.8.2-7sarge4_s390.deb stable/main/binary-s390/libgdbm-ruby1.8_1.8.2-7sarge4_s390.deb ruby1.8 (1.8.2-7sarge4) stable-security; urgency=high * akira yamada - added debian/patches/903_JVN-83768862.patch and debian/patches/904_JVN-13947696.patch from Kobayashi Noritada (closes: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. stable/main/binary-powerpc/libruby1.8_1.8.2-7sarge4_powerpc.deb stable/main/binary-powerpc/libgdbm-ruby1.8_1.8.2-7sarge4_powerpc.deb stable/main/binary-powerpc/libruby1.8-dbg_1.8.2-7sarge4_powerpc.deb stable/main/binary-powerpc/libreadline-ruby1.8_1.8.2-7sarge4_powerpc.deb stable/main/binary-powerpc/libdbm-ruby1.8_1.8.2-7sarge4_powerpc.deb stable/main/binary-powerpc/ruby1.8_1.8.2-7sarge4_powerpc.deb stable/main/binary-powerpc/ruby1.8-dev_1.8.2-7sarge4_powerpc.deb stable/main/binary-powerpc/libtcltk-ruby1.8_1.8.2-7sarge4_powerpc.deb stable/main/binary-powerpc/libopenssl-ruby1.8_1.8.2-7sarge4_powerpc.deb ruby1.8 (1.8.2-7sarge4) stable-security; urgency=high * akira yamada - added debian/patches/903_JVN-83768862.patch and debian/patches/904_JVN-13947696.patch from Kobayashi Noritada (closes: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. stable/main/binary-mipsel/libtcltk-ruby1.8_1.8.2-7sarge4_mipsel.deb stable/main/binary-mipsel/libreadline-ruby1.8_1.8.2-7sarge4_mipsel.deb stable/main/binary-mipsel/libruby1.8_1.8.2-7sarge4_mipsel.deb stable/main/binary-mipsel/libruby1.8-dbg_1.8.2-7sarge4_mipsel.deb stable/main/binary-mipsel/ruby1.8-dev_1.8.2-7sarge4_mipsel.deb stable/main/binary-mipsel/libopenssl-ruby1.8_1.8.2-7sarge4_mipsel.deb stable/main/binary-mipsel/libgdbm-ruby1.8_1.8.2-7sarge4_mipsel.deb stable/main/binary-mipsel/libdbm-ruby1.8_1.8.2-7sarge4_mipsel.deb stable/main/binary-mipsel/ruby1.8_1.8.2-7sarge4_mipsel.deb ruby1.8 (1.8.2-7sarge4) stable-security; urgency=high * akira yamada - added debian/patches/903_JVN-83768862.patch and debian/patches/904_JVN-13947696.patch from Kobayashi Noritada (closes: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. stable/main/binary-mips/libopenssl-ruby1.8_1.8.2-7sarge4_mips.deb stable/main/binary-mips/ruby1.8-dev_1.8.2-7sarge4_mips.deb stable/main/binary-mips/libgdbm-ruby1.8_1.8.2-7sarge4_mips.deb stable/main/binary-mips/libdbm-ruby1.8_1.8.2-7sarge4_mips.deb stable/main/binary-mips/libreadline-ruby1.8_1.8.2-7sarge4_mips.deb stable/main/binary-mips/ruby1.8_1.8.2-7sarge4_mips.deb stable/main/binary-mips/libruby1.8_1.8.2-7sarge4_mips.deb stable/main/binary-mips/libtcltk-ruby1.8_1.8.2-7sarge4_mips.deb stable/main/binary-mips/libruby1.8-dbg_1.8.2-7sarge4_mips.deb ruby1.8 (1.8.2-7sarge4) stable-security; urgency=high * akira yamada - added debian/patches/903_JVN-83768862.patch and debian/patches/904_JVN-13947696.patch from Kobayashi Noritada (closes: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. stable/main/binary-m68k/libdbm-ruby1.8_1.8.2-7sarge4_m68k.deb stable/main/binary-m68k/libgdbm-ruby1.8_1.8.2-7sarge4_m68k.deb stable/main/binary-m68k/libopenssl-ruby1.8_1.8.2-7sarge4_m68k.deb stable/main/binary-m68k/libreadline-ruby1.8_1.8.2-7sarge4_m68k.deb stable/main/binary-m68k/libtcltk-ruby1.8_1.8.2-7sarge4_m68k.deb stable/main/binary-m68k/ruby1.8-dev_1.8.2-7sarge4_m68k.deb stable/main/binary-m68k/libruby1.8_1.8.2-7sarge4_m68k.deb stable/main/binary-m68k/ruby1.8_1.8.2-7sarge4_m68k.deb stable/main/binary-m68k/libruby1.8-dbg_1.8.2-7sarge4_m68k.deb ruby1.8 (1.8.2-7sarge4) stable-security; urgency=high * akira yamada - added debian/patches/903_JVN-83768862.patch and debian/patches/904_JVN-13947696.patch from Kobayashi Noritada (closes: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. stable/main/binary-ia64/ruby1.8-dev_1.8.2-7sarge4_ia64.deb stable/main/binary-ia64/libdbm-ruby1.8_1.8.2-7sarge4_ia64.deb stable/main/binary-ia64/libopenssl-ruby1.8_1.8.2-7sarge4_ia64.deb stable/main/binary-ia64/libgdbm-ruby1.8_1.8.2-7sarge4_ia64.deb stable/main/binary-ia64/libreadline-ruby1.8_1.8.2-7sarge4_ia64.deb stable/main/binary-ia64/libruby1.8_1.8.2-7sarge4_ia64.deb stable/main/binary-ia64/libtcltk-ruby1.8_1.8.2-7sarge4_ia64.deb stable/main/binary-ia64/libruby1.8-dbg_1.8.2-7sarge4_ia64.deb stable/main/binary-ia64/ruby1.8_1.8.2-7sarge4_ia64.deb ruby1.8 (1.8.2-7sarge4) stable-security; urgency=high * akira yamada - added debian/patches/903_JVN-83768862.patch and debian/patches/904_JVN-13947696.patch from Kobayashi Noritada (closes: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. stable/main/binary-hppa/libopenssl-ruby1.8_1.8.2-7sarge4_hppa.deb stable/main/binary-hppa/libdbm-ruby1.8_1.8.2-7sarge4_hppa.deb stable/main/binary-hppa/ruby1.8_1.8.2-7sarge4_hppa.deb stable/main/binary-hppa/libruby1.8-dbg_1.8.2-7sarge4_hppa.deb stable/main/binary-hppa/libreadline-ruby1.8_1.8.2-7sarge4_hppa.deb stable/main/binary-hppa/libruby1.8_1.8.2-7sarge4_hppa.deb stable/main/binary-hppa/ruby1.8-dev_1.8.2-7sarge4_hppa.deb stable/main/binary-hppa/libtcltk-ruby1.8_1.8.2-7sarge4_hppa.deb stable/main/binary-hppa/libgdbm-ruby1.8_1.8.2-7sarge4_hppa.deb ruby1.8 (1.8.2-7sarge4) stable-security; urgency=high * akira yamada - added debian/patches/903_JVN-83768862.patch and debian/patches/904_JVN-13947696.patch from Kobayashi Noritada (closes: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. stable/main/binary-arm/libgdbm-ruby1.8_1.8.2-7sarge4_arm.deb stable/main/binary-arm/libruby1.8-dbg_1.8.2-7sarge4_arm.deb stable/main/binary-arm/libopenssl-ruby1.8_1.8.2-7sarge4_arm.deb stable/main/binary-arm/libdbm-ruby1.8_1.8.2-7sarge4_arm.deb stable/main/binary-arm/libreadline-ruby1.8_1.8.2-7sarge4_arm.deb stable/main/binary-arm/ruby1.8-dev_1.8.2-7sarge4_arm.deb stable/main/binary-arm/libtcltk-ruby1.8_1.8.2-7sarge4_arm.deb stable/main/binary-arm/ruby1.8_1.8.2-7sarge4_arm.deb stable/main/binary-arm/libruby1.8_1.8.2-7sarge4_arm.deb ruby1.8 (1.8.2-7sarge4) stable-security; urgency=high * akira yamada - added debian/patches/903_JVN-83768862.patch and debian/patches/904_JVN-13947696.patch from Kobayashi Noritada (closes: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. stable/main/binary-alpha/ruby1.8-dev_1.8.2-7sarge4_alpha.deb stable/main/binary-alpha/ruby1.8_1.8.2-7sarge4_alpha.deb stable/main/binary-alpha/libtcltk-ruby1.8_1.8.2-7sarge4_alpha.deb stable/main/binary-alpha/libruby1.8_1.8.2-7sarge4_alpha.deb stable/main/binary-alpha/libruby1.8-dbg_1.8.2-7sarge4_alpha.deb stable/main/binary-alpha/libopenssl-ruby1.8_1.8.2-7sarge4_alpha.deb stable/main/binary-alpha/libreadline-ruby1.8_1.8.2-7sarge4_alpha.deb stable/main/binary-alpha/libdbm-ruby1.8_1.8.2-7sarge4_alpha.deb stable/main/binary-alpha/libgdbm-ruby1.8_1.8.2-7sarge4_alpha.deb ruby1.8 (1.8.2-7sarge4) stable-security; urgency=high * akira yamada - added debian/patches/903_JVN-83768862.patch and debian/patches/904_JVN-13947696.patch from Kobayashi Noritada (closes: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. stable/main/binary-all/ruby1.8-examples_1.8.2-7sarge4_all.deb stable/main/binary-i386/libreadline-ruby1.8_1.8.2-7sarge4_i386.deb stable/main/binary-all/irb1.8_1.8.2-7sarge4_all.deb stable/main/binary-all/rdoc1.8_1.8.2-7sarge4_all.deb stable/main/source/ruby1.8_1.8.2-7sarge4.diff.gz stable/main/binary-i386/libdbm-ruby1.8_1.8.2-7sarge4_i386.deb stable/main/binary-all/ruby1.8-elisp_1.8.2-7sarge4_all.deb stable/main/source/ruby1.8_1.8.2-7sarge4.dsc stable/main/binary-i386/libruby1.8_1.8.2-7sarge4_i386.deb stable/main/binary-i386/libopenssl-ruby1.8_1.8.2-7sarge4_i386.deb stable/main/binary-i386/libgdbm-ruby1.8_1.8.2-7sarge4_i386.deb stable/main/binary-i386/ruby1.8_1.8.2-7sarge4_i386.deb stable/main/binary-all/ri1.8_1.8.2-7sarge4_all.deb stable/main/binary-i386/libtcltk-ruby1.8_1.8.2-7sarge4_i386.deb stable/main/binary-i386/libruby1.8-dbg_1.8.2-7sarge4_i386.deb stable/main/binary-i386/ruby1.8-dev_1.8.2-7sarge4_i386.deb ruby1.8 (1.8.2-7sarge4) stable-security; urgency=high * akira yamada - added debian/patches/903_JVN-83768862.patch and debian/patches/904_JVN-13947696.patch from Kobayashi Noritada (closes: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. stable/main/binary-all/python2.1-textwrap_0.3.7-2sarge1_all.deb stable/main/source/python-docutils_0.3.7-2sarge1.diff.gz stable/main/source/python-docutils_0.3.7-2sarge1.dsc stable/main/binary-all/python2.1-difflib_0.3.7-2sarge1_all.deb stable/main/binary-all/python2.2-textwrap_0.3.7-2sarge1_all.deb stable/main/binary-all/python2.2-docutils_0.3.7-2sarge1_all.deb stable/main/binary-all/python-roman_0.3.7-2sarge1_all.deb stable/main/binary-all/python-docutils_0.3.7-2sarge1_all.deb stable/main/binary-all/python2.3-docutils_0.3.7-2sarge1_all.deb stable/main/binary-all/python2.4-docutils_0.3.7-2sarge1_all.deb python-docutils (0.3.7-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported changes from 0.3.9 to support new settings file_insertion_enabled and raw_enabled, needed to fix CVE-2006-3695 in trac [docutils/parsers/rst/__init__.py, docutils/parsers/rst/directives/misc.py, docutils/parsers/rst/directives/images.py, docutils/parsers/rst/directives/tables.py] stable/main/binary-sparc/libssl0.9.7_0.9.7e-3sarge4_sparc.deb stable/main/binary-sparc/libssl-dev_0.9.7e-3sarge4_sparc.deb stable/main/binary-sparc/openssl_0.9.7e-3sarge4_sparc.deb stable/main/binary-sparc/libcrypto0.9.7-udeb_0.9.7e-3sarge4_sparc.udeb openssl (0.9.7e-3sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-s390/libssl0.9.7_0.9.7e-3sarge4_s390.deb stable/main/binary-s390/openssl_0.9.7e-3sarge4_s390.deb stable/main/binary-s390/libssl-dev_0.9.7e-3sarge4_s390.deb stable/main/binary-s390/libcrypto0.9.7-udeb_0.9.7e-3sarge4_s390.udeb openssl (0.9.7e-3sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-powerpc/libssl0.9.7_0.9.7e-3sarge4_powerpc.deb stable/main/binary-powerpc/openssl_0.9.7e-3sarge4_powerpc.deb stable/main/binary-powerpc/libcrypto0.9.7-udeb_0.9.7e-3sarge4_powerpc.udeb stable/main/binary-powerpc/libssl-dev_0.9.7e-3sarge4_powerpc.deb openssl (0.9.7e-3sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-mipsel/openssl_0.9.7e-3sarge4_mipsel.deb stable/main/binary-mipsel/libssl0.9.7_0.9.7e-3sarge4_mipsel.deb stable/main/binary-mipsel/libcrypto0.9.7-udeb_0.9.7e-3sarge4_mipsel.udeb stable/main/binary-mipsel/libssl-dev_0.9.7e-3sarge4_mipsel.deb openssl (0.9.7e-3sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-mips/libssl-dev_0.9.7e-3sarge4_mips.deb stable/main/binary-mips/libssl0.9.7_0.9.7e-3sarge4_mips.deb stable/main/binary-mips/libcrypto0.9.7-udeb_0.9.7e-3sarge4_mips.udeb stable/main/binary-mips/openssl_0.9.7e-3sarge4_mips.deb openssl (0.9.7e-3sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-m68k/libcrypto0.9.7-udeb_0.9.7e-3sarge4_m68k.udeb stable/main/binary-m68k/libssl0.9.7_0.9.7e-3sarge4_m68k.deb stable/main/binary-m68k/openssl_0.9.7e-3sarge4_m68k.deb stable/main/binary-m68k/libssl-dev_0.9.7e-3sarge4_m68k.deb openssl (0.9.7e-3sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-ia64/libssl0.9.7_0.9.7e-3sarge4_ia64.deb stable/main/binary-ia64/libcrypto0.9.7-udeb_0.9.7e-3sarge4_ia64.udeb stable/main/binary-ia64/openssl_0.9.7e-3sarge4_ia64.deb stable/main/binary-ia64/libssl-dev_0.9.7e-3sarge4_ia64.deb openssl (0.9.7e-3sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-hppa/openssl_0.9.7e-3sarge4_hppa.deb stable/main/binary-hppa/libssl0.9.7_0.9.7e-3sarge4_hppa.deb stable/main/binary-hppa/libssl-dev_0.9.7e-3sarge4_hppa.deb stable/main/binary-hppa/libcrypto0.9.7-udeb_0.9.7e-3sarge4_hppa.udeb openssl (0.9.7e-3sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-arm/openssl_0.9.7e-3sarge4_arm.deb stable/main/binary-arm/libcrypto0.9.7-udeb_0.9.7e-3sarge4_arm.udeb stable/main/binary-arm/libssl-dev_0.9.7e-3sarge4_arm.deb stable/main/binary-arm/libssl0.9.7_0.9.7e-3sarge4_arm.deb openssl (0.9.7e-3sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-alpha/libcrypto0.9.7-udeb_0.9.7e-3sarge4_alpha.udeb stable/main/binary-alpha/libssl-dev_0.9.7e-3sarge4_alpha.deb stable/main/binary-alpha/openssl_0.9.7e-3sarge4_alpha.deb stable/main/binary-alpha/libssl0.9.7_0.9.7e-3sarge4_alpha.deb openssl (0.9.7e-3sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/source/openssl_0.9.7e-3sarge4.diff.gz stable/main/binary-i386/libcrypto0.9.7-udeb_0.9.7e-3sarge4_i386.udeb stable/main/binary-i386/openssl_0.9.7e-3sarge4_i386.deb stable/main/binary-i386/libssl-dev_0.9.7e-3sarge4_i386.deb stable/main/source/openssl_0.9.7e-3sarge4.dsc stable/main/binary-i386/libssl0.9.7_0.9.7e-3sarge4_i386.deb openssl (0.9.7e-3sarge4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correct patch for CVE-2006-2940 to avoid the possibility of dereferencing an uninitialized pointer. stable/main/binary-sparc/ssh-krb5_3.8.1p1-7sarge1_sparc.deb openssh-krb5 (3.8.1p1-7sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix potential code injection through double free() in fatal() signal handler. (CVE-2006-5051) * Fix CPU exhaustion vulnerability in CRC attack detection. (CVE-2006-4924) stable/main/binary-s390/ssh-krb5_3.8.1p1-7sarge1_s390.deb openssh-krb5 (3.8.1p1-7sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix potential code injection through double free() in fatal() signal handler. (CVE-2006-5051) * Fix CPU exhaustion vulnerability in CRC attack detection. (CVE-2006-4924) stable/main/binary-powerpc/ssh-krb5_3.8.1p1-7sarge1_powerpc.deb openssh-krb5 (3.8.1p1-7sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix potential code injection through double free() in fatal() signal handler. (CVE-2006-5051) * Fix CPU exhaustion vulnerability in CRC attack detection. (CVE-2006-4924) stable/main/binary-mipsel/ssh-krb5_3.8.1p1-7sarge1_mipsel.deb openssh-krb5 (3.8.1p1-7sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix potential code injection through double free() in fatal() signal handler. (CVE-2006-5051) * Fix CPU exhaustion vulnerability in CRC attack detection. (CVE-2006-4924) stable/main/binary-mips/ssh-krb5_3.8.1p1-7sarge1_mips.deb openssh-krb5 (3.8.1p1-7sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix potential code injection through double free() in fatal() signal handler. (CVE-2006-5051) * Fix CPU exhaustion vulnerability in CRC attack detection. (CVE-2006-4924) stable/main/binary-m68k/ssh-krb5_3.8.1p1-7sarge1_m68k.deb openssh-krb5 (3.8.1p1-7sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix potential code injection through double free() in fatal() signal handler. (CVE-2006-5051) * Fix CPU exhaustion vulnerability in CRC attack detection. (CVE-2006-4924) stable/main/binary-ia64/ssh-krb5_3.8.1p1-7sarge1_ia64.deb openssh-krb5 (3.8.1p1-7sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix potential code injection through double free() in fatal() signal handler. (CVE-2006-5051) * Fix CPU exhaustion vulnerability in CRC attack detection. (CVE-2006-4924) stable/main/binary-hppa/ssh-krb5_3.8.1p1-7sarge1_hppa.deb openssh-krb5 (3.8.1p1-7sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix potential code injection through double free() in fatal() signal handler. (CVE-2006-5051) * Fix CPU exhaustion vulnerability in CRC attack detection. (CVE-2006-4924) stable/main/binary-arm/ssh-krb5_3.8.1p1-7sarge1_arm.deb openssh-krb5 (3.8.1p1-7sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix potential code injection through double free() in fatal() signal handler. (CVE-2006-5051) * Fix CPU exhaustion vulnerability in CRC attack detection. (CVE-2006-4924) stable/main/binary-alpha/ssh-krb5_3.8.1p1-7sarge1_alpha.deb openssh-krb5 (3.8.1p1-7sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix potential code injection through double free() in fatal() signal handler. (CVE-2006-5051) * Fix CPU exhaustion vulnerability in CRC attack detection. (CVE-2006-4924) stable/main/source/openssh-krb5_3.8.1p1-7sarge1.dsc stable/main/binary-i386/ssh-krb5_3.8.1p1-7sarge1_i386.deb stable/main/source/openssh-krb5_3.8.1p1-7sarge1.diff.gz openssh-krb5 (3.8.1p1-7sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix potential code injection through double free() in fatal() signal handler. (CVE-2006-5051) * Fix CPU exhaustion vulnerability in CRC attack detection. (CVE-2006-4924) stable/main/binary-sparc/mailman_2.1.5-8sarge5_sparc.deb mailman (2.1.5-8sarge5) stable-security; urgency=high * Security update: log injection CVE-2006-4624 stable/main/binary-s390/mailman_2.1.5-8sarge5_s390.deb mailman (2.1.5-8sarge5) stable-security; urgency=high * Security update: log injection CVE-2006-4624 stable/main/binary-mipsel/mailman_2.1.5-8sarge5_mipsel.deb mailman (2.1.5-8sarge5) stable-security; urgency=high * Security update: log injection CVE-2006-4624 stable/main/binary-mips/mailman_2.1.5-8sarge5_mips.deb mailman (2.1.5-8sarge5) stable-security; urgency=high * Security update: log injection CVE-2006-4624 stable/main/binary-m68k/mailman_2.1.5-8sarge5_m68k.deb mailman (2.1.5-8sarge5) stable-security; urgency=high * Security update: log injection CVE-2006-4624 stable/main/binary-ia64/mailman_2.1.5-8sarge5_ia64.deb mailman (2.1.5-8sarge5) stable-security; urgency=high * Security update: log injection CVE-2006-4624 stable/main/binary-i386/mailman_2.1.5-8sarge5_i386.deb mailman (2.1.5-8sarge5) stable-security; urgency=high * Security update: log injection CVE-2006-4624 stable/main/binary-hppa/mailman_2.1.5-8sarge5_hppa.deb mailman (2.1.5-8sarge5) stable-security; urgency=high * Security update: log injection CVE-2006-4624 stable/main/binary-arm/mailman_2.1.5-8sarge5_arm.deb mailman (2.1.5-8sarge5) stable-security; urgency=high * Security update: log injection CVE-2006-4624 stable/main/binary-alpha/mailman_2.1.5-8sarge5_alpha.deb mailman (2.1.5-8sarge5) stable-security; urgency=high * Security update: log injection CVE-2006-4624 stable/main/source/mailman_2.1.5-8sarge5.dsc stable/main/binary-powerpc/mailman_2.1.5-8sarge5_powerpc.deb stable/main/source/mailman_2.1.5-8sarge5.diff.gz mailman (2.1.5-8sarge5) stable-security; urgency=high * Security update: log injection CVE-2006-4624 stable/main/binary-sparc/xfs-modules-2.4.27-3-sparc32-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/reiserfs-modules-2.4.27-3-sparc32-di_0.64sarge2_sparc.udeb stable/main/source/linux-kernel-di-sparc_0.64sarge2.dsc stable/main/binary-sparc/ext3-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/ext3-modules-2.4.27-3-sparc32-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/kernel-image-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/nic-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/firmware-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/cdrom-core-modules-2.4.27-3-sparc32-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/ipv6-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/reiserfs-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/loop-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/ppp-modules-2.4.27-3-sparc32-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/ppp-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/md-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/scsi-core-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/ipv6-modules-2.4.27-3-sparc32-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/nic-modules-2.4.27-3-sparc32-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/scsi-modules-2.4.27-3-sparc32-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/firewire-core-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/cdrom-core-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/scsi-core-modules-2.4.27-3-sparc32-di_0.64sarge2_sparc.udeb stable/main/source/linux-kernel-di-sparc_0.64sarge2.tar.gz stable/main/binary-sparc/xfs-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/loop-modules-2.4.27-3-sparc32-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/ide-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/md-modules-2.4.27-3-sparc32-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/scsi-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/kernel-image-2.4.27-3-sparc32-di_0.64sarge2_sparc.udeb stable/main/binary-sparc/usb-modules-2.4.27-3-sparc64-di_0.64sarge2_sparc.udeb linux-kernel-di-sparc (0.64sarge2) stable; urgency=low * Rebuild because of missing modules in 0.64sarge1 for sparc32. stable/main/binary-sparc/libwmf-bin_0.2.8.3-2sarge1_sparc.deb stable/main/binary-sparc/libwmf0.2-7_0.2.8.3-2sarge1_sparc.deb stable/main/binary-sparc/libwmf-dev_0.2.8.3-2sarge1_sparc.deb libwmf (0.2.8.3-2sarge1) stable-security; urgency=high * NMU by the Security Team: * Fix integer overflow in player.c (CVE-2006-3376) stable/main/binary-s390/libwmf0.2-7_0.2.8.3-2sarge1_s390.deb stable/main/binary-s390/libwmf-bin_0.2.8.3-2sarge1_s390.deb stable/main/binary-s390/libwmf-dev_0.2.8.3-2sarge1_s390.deb libwmf (0.2.8.3-2sarge1) stable-security; urgency=high * NMU by the Security Team: * Fix integer overflow in player.c (CVE-2006-3376) stable/main/binary-powerpc/libwmf-bin_0.2.8.3-2sarge1_powerpc.deb stable/main/binary-powerpc/libwmf0.2-7_0.2.8.3-2sarge1_powerpc.deb stable/main/binary-powerpc/libwmf-dev_0.2.8.3-2sarge1_powerpc.deb libwmf (0.2.8.3-2sarge1) stable-security; urgency=high * NMU by the Security Team: * Fix integer overflow in player.c (CVE-2006-3376) stable/main/binary-mipsel/libwmf0.2-7_0.2.8.3-2sarge1_mipsel.deb stable/main/binary-mipsel/libwmf-bin_0.2.8.3-2sarge1_mipsel.deb stable/main/binary-mipsel/libwmf-dev_0.2.8.3-2sarge1_mipsel.deb libwmf (0.2.8.3-2sarge1) stable-security; urgency=high * NMU by the Security Team: * Fix integer overflow in player.c (CVE-2006-3376) stable/main/binary-mips/libwmf-bin_0.2.8.3-2sarge1_mips.deb stable/main/binary-mips/libwmf0.2-7_0.2.8.3-2sarge1_mips.deb stable/main/binary-mips/libwmf-dev_0.2.8.3-2sarge1_mips.deb libwmf (0.2.8.3-2sarge1) stable-security; urgency=high * NMU by the Security Team: * Fix integer overflow in player.c (CVE-2006-3376) stable/main/binary-m68k/libwmf-bin_0.2.8.3-2sarge1_m68k.deb stable/main/binary-m68k/libwmf-dev_0.2.8.3-2sarge1_m68k.deb stable/main/binary-m68k/libwmf0.2-7_0.2.8.3-2sarge1_m68k.deb libwmf (0.2.8.3-2sarge1) stable-security; urgency=high * NMU by the Security Team: * Fix integer overflow in player.c (CVE-2006-3376) stable/main/binary-ia64/libwmf-bin_0.2.8.3-2sarge1_ia64.deb stable/main/binary-ia64/libwmf0.2-7_0.2.8.3-2sarge1_ia64.deb stable/main/binary-ia64/libwmf-dev_0.2.8.3-2sarge1_ia64.deb libwmf (0.2.8.3-2sarge1) stable-security; urgency=high * NMU by the Security Team: * Fix integer overflow in player.c (CVE-2006-3376) stable/main/binary-hppa/libwmf0.2-7_0.2.8.3-2sarge1_hppa.deb stable/main/binary-hppa/libwmf-bin_0.2.8.3-2sarge1_hppa.deb stable/main/binary-hppa/libwmf-dev_0.2.8.3-2sarge1_hppa.deb libwmf (0.2.8.3-2sarge1) stable-security; urgency=high * NMU by the Security Team: * Fix integer overflow in player.c (CVE-2006-3376) stable/main/binary-arm/libwmf-dev_0.2.8.3-2sarge1_arm.deb stable/main/binary-arm/libwmf0.2-7_0.2.8.3-2sarge1_arm.deb stable/main/binary-arm/libwmf-bin_0.2.8.3-2sarge1_arm.deb libwmf (0.2.8.3-2sarge1) stable-security; urgency=high * NMU by the Security Team: * Fix integer overflow in player.c (CVE-2006-3376) stable/main/binary-alpha/libwmf-dev_0.2.8.3-2sarge1_alpha.deb stable/main/binary-alpha/libwmf0.2-7_0.2.8.3-2sarge1_alpha.deb stable/main/binary-alpha/libwmf-bin_0.2.8.3-2sarge1_alpha.deb libwmf (0.2.8.3-2sarge1) stable-security; urgency=high * NMU by the Security Team: * Fix integer overflow in player.c (CVE-2006-3376) stable/main/binary-i386/libwmf-dev_0.2.8.3-2sarge1_i386.deb stable/main/binary-i386/libwmf0.2-7_0.2.8.3-2sarge1_i386.deb stable/main/binary-all/libwmf-doc_0.2.8.3-2sarge1_all.deb stable/main/source/libwmf_0.2.8.3-2sarge1.dsc stable/main/source/libwmf_0.2.8.3-2sarge1.diff.gz stable/main/binary-i386/libwmf-bin_0.2.8.3-2sarge1_i386.deb libwmf (0.2.8.3-2sarge1) stable-security; urgency=high * NMU by the Security Team: * Fix integer overflow in player.c (CVE-2006-3376) stable/main/binary-sparc/libmusicbrainz4-dev_2.1.1-3sarge1_sparc.deb stable/main/binary-sparc/libmusicbrainz4_2.1.1-3sarge1_sparc.deb libmusicbrainz-2.1 (2.1.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/02-CVE-2006-4197.patch] stable/main/binary-s390/libmusicbrainz4-dev_2.1.1-3sarge1_s390.deb stable/main/binary-s390/libmusicbrainz4_2.1.1-3sarge1_s390.deb libmusicbrainz-2.1 (2.1.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/02-CVE-2006-4197.patch] stable/main/binary-mipsel/libmusicbrainz4-dev_2.1.1-3sarge1_mipsel.deb stable/main/binary-mipsel/libmusicbrainz4_2.1.1-3sarge1_mipsel.deb libmusicbrainz-2.1 (2.1.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/02-CVE-2006-4197.patch] stable/main/binary-mips/libmusicbrainz4-dev_2.1.1-3sarge1_mips.deb stable/main/binary-mips/libmusicbrainz4_2.1.1-3sarge1_mips.deb libmusicbrainz-2.1 (2.1.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/02-CVE-2006-4197.patch] stable/main/binary-m68k/libmusicbrainz4_2.1.1-3sarge1_m68k.deb stable/main/binary-m68k/libmusicbrainz4-dev_2.1.1-3sarge1_m68k.deb libmusicbrainz-2.1 (2.1.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/02-CVE-2006-4197.patch] stable/main/binary-ia64/libmusicbrainz4-dev_2.1.1-3sarge1_ia64.deb stable/main/binary-ia64/libmusicbrainz4_2.1.1-3sarge1_ia64.deb libmusicbrainz-2.1 (2.1.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/02-CVE-2006-4197.patch] stable/main/binary-i386/libmusicbrainz4_2.1.1-3sarge1_i386.deb stable/main/binary-i386/libmusicbrainz4-dev_2.1.1-3sarge1_i386.deb libmusicbrainz-2.1 (2.1.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/02-CVE-2006-4197.patch] stable/main/binary-hppa/libmusicbrainz4-dev_2.1.1-3sarge1_hppa.deb stable/main/binary-hppa/libmusicbrainz4_2.1.1-3sarge1_hppa.deb libmusicbrainz-2.1 (2.1.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/02-CVE-2006-4197.patch] stable/main/binary-arm/libmusicbrainz4-dev_2.1.1-3sarge1_arm.deb stable/main/binary-arm/libmusicbrainz4_2.1.1-3sarge1_arm.deb libmusicbrainz-2.1 (2.1.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/02-CVE-2006-4197.patch] stable/main/binary-alpha/libmusicbrainz4-dev_2.1.1-3sarge1_alpha.deb stable/main/binary-alpha/libmusicbrainz4_2.1.1-3sarge1_alpha.deb libmusicbrainz-2.1 (2.1.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/02-CVE-2006-4197.patch] stable/main/source/libmusicbrainz-2.1_2.1.1-3sarge1.dsc stable/main/binary-powerpc/libmusicbrainz4_2.1.1-3sarge1_powerpc.deb stable/main/binary-powerpc/libmusicbrainz4-dev_2.1.1-3sarge1_powerpc.deb stable/main/source/libmusicbrainz-2.1_2.1.1-3sarge1.diff.gz libmusicbrainz-2.1 (2.1.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/02-CVE-2006-4197.patch] stable/main/binary-sparc/python2.1-musicbrainz_2.0.2-10sarge1_sparc.deb stable/main/binary-sparc/python2.2-musicbrainz_2.0.2-10sarge1_sparc.deb stable/main/binary-sparc/python-musicbrainz_2.0.2-10sarge1_sparc.deb stable/main/binary-sparc/python2.3-musicbrainz_2.0.2-10sarge1_sparc.deb stable/main/binary-sparc/libmusicbrainz2-dev_2.0.2-10sarge1_sparc.deb stable/main/binary-sparc/libmusicbrainz2_2.0.2-10sarge1_sparc.deb libmusicbrainz-2.0 (2.0.2-10sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/03-CVE-2006-4197.patch] stable/main/binary-s390/python2.2-musicbrainz_2.0.2-10sarge1_s390.deb stable/main/binary-s390/python-musicbrainz_2.0.2-10sarge1_s390.deb stable/main/binary-s390/python2.1-musicbrainz_2.0.2-10sarge1_s390.deb stable/main/binary-s390/libmusicbrainz2_2.0.2-10sarge1_s390.deb stable/main/binary-s390/python2.3-musicbrainz_2.0.2-10sarge1_s390.deb stable/main/binary-s390/libmusicbrainz2-dev_2.0.2-10sarge1_s390.deb libmusicbrainz-2.0 (2.0.2-10sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/03-CVE-2006-4197.patch] stable/main/binary-mipsel/python2.2-musicbrainz_2.0.2-10sarge1_mipsel.deb stable/main/binary-mipsel/python2.1-musicbrainz_2.0.2-10sarge1_mipsel.deb stable/main/binary-mipsel/python-musicbrainz_2.0.2-10sarge1_mipsel.deb stable/main/binary-mipsel/libmusicbrainz2_2.0.2-10sarge1_mipsel.deb stable/main/binary-mipsel/libmusicbrainz2-dev_2.0.2-10sarge1_mipsel.deb stable/main/binary-mipsel/python2.3-musicbrainz_2.0.2-10sarge1_mipsel.deb libmusicbrainz-2.0 (2.0.2-10sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/03-CVE-2006-4197.patch] stable/main/binary-mips/libmusicbrainz2-dev_2.0.2-10sarge1_mips.deb stable/main/binary-mips/libmusicbrainz2_2.0.2-10sarge1_mips.deb stable/main/binary-mips/python2.2-musicbrainz_2.0.2-10sarge1_mips.deb stable/main/binary-mips/python2.3-musicbrainz_2.0.2-10sarge1_mips.deb stable/main/binary-mips/python2.1-musicbrainz_2.0.2-10sarge1_mips.deb stable/main/binary-mips/python-musicbrainz_2.0.2-10sarge1_mips.deb libmusicbrainz-2.0 (2.0.2-10sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/03-CVE-2006-4197.patch] stable/main/binary-m68k/python2.3-musicbrainz_2.0.2-10sarge1_m68k.deb stable/main/binary-m68k/python-musicbrainz_2.0.2-10sarge1_m68k.deb stable/main/binary-m68k/libmusicbrainz2_2.0.2-10sarge1_m68k.deb stable/main/binary-m68k/python2.1-musicbrainz_2.0.2-10sarge1_m68k.deb stable/main/binary-m68k/libmusicbrainz2-dev_2.0.2-10sarge1_m68k.deb stable/main/binary-m68k/python2.2-musicbrainz_2.0.2-10sarge1_m68k.deb libmusicbrainz-2.0 (2.0.2-10sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/03-CVE-2006-4197.patch] stable/main/binary-ia64/libmusicbrainz2-dev_2.0.2-10sarge1_ia64.deb stable/main/binary-ia64/python-musicbrainz_2.0.2-10sarge1_ia64.deb stable/main/binary-ia64/python2.1-musicbrainz_2.0.2-10sarge1_ia64.deb stable/main/binary-ia64/python2.3-musicbrainz_2.0.2-10sarge1_ia64.deb stable/main/binary-ia64/libmusicbrainz2_2.0.2-10sarge1_ia64.deb stable/main/binary-ia64/python2.2-musicbrainz_2.0.2-10sarge1_ia64.deb libmusicbrainz-2.0 (2.0.2-10sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/03-CVE-2006-4197.patch] stable/main/binary-i386/python2.3-musicbrainz_2.0.2-10sarge1_i386.deb stable/main/binary-i386/python2.2-musicbrainz_2.0.2-10sarge1_i386.deb stable/main/binary-i386/python-musicbrainz_2.0.2-10sarge1_i386.deb stable/main/binary-i386/libmusicbrainz2_2.0.2-10sarge1_i386.deb stable/main/binary-i386/python2.1-musicbrainz_2.0.2-10sarge1_i386.deb stable/main/binary-i386/libmusicbrainz2-dev_2.0.2-10sarge1_i386.deb libmusicbrainz-2.0 (2.0.2-10sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/03-CVE-2006-4197.patch] stable/main/binary-hppa/python-musicbrainz_2.0.2-10sarge1_hppa.deb stable/main/binary-hppa/libmusicbrainz2-dev_2.0.2-10sarge1_hppa.deb stable/main/binary-hppa/python2.2-musicbrainz_2.0.2-10sarge1_hppa.deb stable/main/binary-hppa/libmusicbrainz2_2.0.2-10sarge1_hppa.deb stable/main/binary-hppa/python2.1-musicbrainz_2.0.2-10sarge1_hppa.deb stable/main/binary-hppa/python2.3-musicbrainz_2.0.2-10sarge1_hppa.deb libmusicbrainz-2.0 (2.0.2-10sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/03-CVE-2006-4197.patch] stable/main/binary-arm/libmusicbrainz2_2.0.2-10sarge1_arm.deb stable/main/binary-arm/python2.1-musicbrainz_2.0.2-10sarge1_arm.deb stable/main/binary-arm/libmusicbrainz2-dev_2.0.2-10sarge1_arm.deb stable/main/binary-arm/python2.3-musicbrainz_2.0.2-10sarge1_arm.deb stable/main/binary-arm/python-musicbrainz_2.0.2-10sarge1_arm.deb stable/main/binary-arm/python2.2-musicbrainz_2.0.2-10sarge1_arm.deb libmusicbrainz-2.0 (2.0.2-10sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/03-CVE-2006-4197.patch] stable/main/binary-alpha/python2.2-musicbrainz_2.0.2-10sarge1_alpha.deb stable/main/binary-alpha/python-musicbrainz_2.0.2-10sarge1_alpha.deb stable/main/binary-alpha/libmusicbrainz2-dev_2.0.2-10sarge1_alpha.deb stable/main/binary-alpha/python2.3-musicbrainz_2.0.2-10sarge1_alpha.deb stable/main/binary-alpha/libmusicbrainz2_2.0.2-10sarge1_alpha.deb stable/main/binary-alpha/python2.1-musicbrainz_2.0.2-10sarge1_alpha.deb libmusicbrainz-2.0 (2.0.2-10sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/03-CVE-2006-4197.patch] stable/main/source/libmusicbrainz-2.0_2.0.2-10sarge1.diff.gz stable/main/binary-powerpc/python-musicbrainz_2.0.2-10sarge1_powerpc.deb stable/main/binary-powerpc/libmusicbrainz2-dev_2.0.2-10sarge1_powerpc.deb stable/main/source/libmusicbrainz-2.0_2.0.2-10sarge1.dsc stable/main/binary-powerpc/libmusicbrainz2_2.0.2-10sarge1_powerpc.deb stable/main/binary-powerpc/python2.1-musicbrainz_2.0.2-10sarge1_powerpc.deb stable/main/binary-powerpc/python2.2-musicbrainz_2.0.2-10sarge1_powerpc.deb stable/main/binary-powerpc/python2.3-musicbrainz_2.0.2-10sarge1_powerpc.deb libmusicbrainz-2.0 (2.0.2-10sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Added patch by Lukász Lalinsky and me to fix several buffer overflows [lib/http.cpp, lib/rdfparse.c, debian/patches/03-CVE-2006-4197.patch] stable/main/binary-m68k/mips-tools_2.4.27-10.sarge4.040815-1_m68k.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-1) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-ia64/mips-tools_2.4.27-10.sarge4.040815-1_ia64.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-1) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-hppa/mips-tools_2.4.27-10.sarge4.040815-1_hppa.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-1) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-arm/mips-tools_2.4.27-10.sarge4.040815-1_arm.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-1) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-alpha/mips-tools_2.4.27-10.sarge4.040815-1_alpha.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-1) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/source/kernel-patch-2.4.27-mips_2.4.27-10.sarge4.040815-1.tar.gz stable/main/source/kernel-patch-2.4.27-mips_2.4.27-10.sarge4.040815-1.dsc stable/main/binary-i386/mips-tools_2.4.27-10.sarge4.040815-1_i386.deb kernel-patch-2.4.27-mips (2.4.27-10.sarge4.040815-1) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/source/kernel-image-speakup-i386_2.4.27-1.1sarge3.tar.gz stable/main/source/kernel-image-speakup-i386_2.4.27-1.1sarge3.dsc stable/main/binary-i386/kernel-headers-2.4.27-speakup_2.4.27-1.1sarge3_i386.deb stable/main/binary-i386/kernel-image-2.4.27-speakup_2.4.27-1.1sarge3_i386.deb stable/main/binary-all/kernel-doc-2.4.27-speakup_2.4.27-1.1sarge3_all.deb kernel-image-speakup-i386 (2.4.27-1.1sarge3) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-sparc/kernel-image-2.6.8-3-sparc32_2.6.8-15sarge5_sparc.deb stable/main/source/kernel-image-2.6.8-sparc_2.6.8-15sarge5.tar.gz stable/main/source/kernel-image-2.6.8-sparc_2.6.8-15sarge5.dsc stable/main/binary-sparc/kernel-build-2.6.8-3_2.6.8-15sarge5_sparc.deb stable/main/binary-sparc/kernel-headers-2.6.8-3-sparc64-smp_2.6.8-15sarge5_sparc.deb stable/main/binary-sparc/kernel-headers-2.6.8-3-sparc64_2.6.8-15sarge5_sparc.deb stable/main/binary-sparc/kernel-headers-2.6.8-3_2.6.8-15sarge5_sparc.deb stable/main/binary-sparc/kernel-headers-2.6.8-3-sparc32_2.6.8-15sarge5_sparc.deb stable/main/binary-sparc/kernel-image-2.6.8-3-sparc64-smp_2.6.8-15sarge5_sparc.deb stable/main/binary-sparc/kernel-image-2.6.8-3-sparc64_2.6.8-15sarge5_sparc.deb kernel-image-2.6.8-sparc (2.6.8-15sarge5) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge5: * [ERRATA] madvise_remove-restrict.dpatch [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.6.8 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * fs-ext3-bad-nfs-handle.dpatch [SECURITY] James McKenzie discovered a Denial of Service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. See CVE-2006-3468 * direct-io-write-mem-leak.dpatch [SECURITY] Fix memory leak in O_DIRECT write. See CVE-2004-2660 * nfs-handle-long-symlinks.dpatch [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * cdrom-bad-cgc.buflen-assign.dpatch [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * usb-serial-ftdi_sio-dos.patch [SECURITY] fix userspace DoS in ftdi_sio driver See CVE-2006-2936 * selinux-tracer-SID-fix.dpatch [SECURITY] Fix vulnerability in selinux_ptrace that prevents local users from changing the tracer SID to the SID of another process See CVE-2006-1052 * netfilter-SO_ORIGINAL_DST-leak.dpatch [SECURITY] Fix information leak in SO_ORIGINAL_DST See CVE-2006-1343 * sg-no-mmap-VM_IO.dpatch [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * exit-bogus-bugon.dpatch [SECURITY] Remove bogus BUG() in exit.c which could be maliciously triggered by a local user See CVE-2006-1855 * readv-writev-missing-lsm-check.dpatch, readv-writev-missing-lsm-check-compat.dpatch [SECURITY] Add missing file_permission callback in readv/writev syscalls See CVE-2006-1856 * snmp-nat-mem-corruption-fix.dpatch [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * kfree_skb-race.dpatch [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * hppa-mb-extraneous-semicolon.dpatch, sparc32-mb-extraneous-semicolons.dpatch, sparc64-mb-extraneous-semicolons.dpatch: Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with kfree_skb-race.dpatch * sctp-priv-elevation.dpatch [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * sctp-priv-elevation-2.dpatch [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch See CVE-2006-4535 * ppc-hid0-dos.dpatch [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * udf-deadlock.dpatch [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 stable/main/binary-s390/kernel-image-2.6.8-3-s390x_2.6.8-5sarge5_s390.deb stable/main/binary-s390/kernel-image-2.6.8-3-s390_2.6.8-5sarge5_s390.deb stable/main/binary-s390/kernel-headers-2.6.8-3_2.6.8-5sarge5_s390.deb stable/main/binary-s390/kernel-image-2.6.8-3-s390-tape_2.6.8-5sarge5_s390.deb kernel-image-2.6.8-s390 (2.6.8-5sarge5) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge5: * [ERRATA] madvise_remove-restrict.dpatch [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.6.8 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * fs-ext3-bad-nfs-handle.dpatch [SECURITY] James McKenzie discovered a Denial of Service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. See CVE-2006-3468 * direct-io-write-mem-leak.dpatch [SECURITY] Fix memory leak in O_DIRECT write. See CVE-2004-2660 * nfs-handle-long-symlinks.dpatch [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * cdrom-bad-cgc.buflen-assign.dpatch [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * usb-serial-ftdi_sio-dos.patch [SECURITY] fix userspace DoS in ftdi_sio driver See CVE-2006-2936 * selinux-tracer-SID-fix.dpatch [SECURITY] Fix vulnerability in selinux_ptrace that prevents local users from changing the tracer SID to the SID of another process See CVE-2006-1052 * netfilter-SO_ORIGINAL_DST-leak.dpatch [SECURITY] Fix information leak in SO_ORIGINAL_DST See CVE-2006-1343 * sg-no-mmap-VM_IO.dpatch [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * exit-bogus-bugon.dpatch [SECURITY] Remove bogus BUG() in exit.c which could be maliciously triggered by a local user See CVE-2006-1855 * readv-writev-missing-lsm-check.dpatch, readv-writev-missing-lsm-check-compat.dpatch [SECURITY] Add missing file_permission callback in readv/writev syscalls See CVE-2006-1856 * snmp-nat-mem-corruption-fix.dpatch [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * kfree_skb-race.dpatch [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * hppa-mb-extraneous-semicolon.dpatch, sparc32-mb-extraneous-semicolons.dpatch, sparc64-mb-extraneous-semicolons.dpatch: Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with kfree_skb-race.dpatch * sctp-priv-elevation.dpatch [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * sctp-priv-elevation-2.dpatch [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch See CVE-2006-4535 * ppc-hid0-dos.dpatch [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * udf-deadlock.dpatch [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 stable/main/source/kernel-image-2.6.8-s390_2.6.8-5sarge5.tar.gz stable/main/source/kernel-image-2.6.8-s390_2.6.8-5sarge5.dsc stable/main/binary-all/kernel-patch-2.6.8-s390_2.6.8-5sarge5_all.deb kernel-image-2.6.8-s390 (2.6.8-5sarge5) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge5: * [ERRATA] madvise_remove-restrict.dpatch [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.6.8 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * fs-ext3-bad-nfs-handle.dpatch [SECURITY] James McKenzie discovered a Denial of Service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. See CVE-2006-3468 * direct-io-write-mem-leak.dpatch [SECURITY] Fix memory leak in O_DIRECT write. See CVE-2004-2660 * nfs-handle-long-symlinks.dpatch [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * cdrom-bad-cgc.buflen-assign.dpatch [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * usb-serial-ftdi_sio-dos.patch [SECURITY] fix userspace DoS in ftdi_sio driver See CVE-2006-2936 * selinux-tracer-SID-fix.dpatch [SECURITY] Fix vulnerability in selinux_ptrace that prevents local users from changing the tracer SID to the SID of another process See CVE-2006-1052 * netfilter-SO_ORIGINAL_DST-leak.dpatch [SECURITY] Fix information leak in SO_ORIGINAL_DST See CVE-2006-1343 * sg-no-mmap-VM_IO.dpatch [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * exit-bogus-bugon.dpatch [SECURITY] Remove bogus BUG() in exit.c which could be maliciously triggered by a local user See CVE-2006-1855 * readv-writev-missing-lsm-check.dpatch, readv-writev-missing-lsm-check-compat.dpatch [SECURITY] Add missing file_permission callback in readv/writev syscalls See CVE-2006-1856 * snmp-nat-mem-corruption-fix.dpatch [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * kfree_skb-race.dpatch [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * hppa-mb-extraneous-semicolon.dpatch, sparc32-mb-extraneous-semicolons.dpatch, sparc64-mb-extraneous-semicolons.dpatch: Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with kfree_skb-race.dpatch * sctp-priv-elevation.dpatch [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * sctp-priv-elevation-2.dpatch [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch See CVE-2006-4535 * ppc-hid0-dos.dpatch [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * udf-deadlock.dpatch [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 stable/main/source/kernel-image-2.6.8-m68k_2.6.8-4sarge5.tar.gz stable/main/binary-m68k/kernel-image-2.6.8-bvme6000_2.6.8-4sarge5_m68k.deb stable/main/binary-m68k/kernel-image-2.6.8-hp_2.6.8-4sarge5_m68k.deb stable/main/source/kernel-image-2.6.8-m68k_2.6.8-4sarge5.dsc stable/main/binary-m68k/kernel-image-2.6.8-mvme16x_2.6.8-4sarge5_m68k.deb stable/main/binary-m68k/kernel-image-2.6.8-amiga_2.6.8-4sarge5_m68k.deb stable/main/binary-m68k/kernel-image-2.6.8-q40_2.6.8-4sarge5_m68k.deb stable/main/binary-m68k/kernel-image-2.6.8-mac_2.6.8-4sarge5_m68k.deb stable/main/binary-m68k/kernel-image-2.6.8-sun3_2.6.8-4sarge5_m68k.deb stable/main/binary-m68k/kernel-image-2.6.8-mvme147_2.6.8-4sarge5_m68k.deb stable/main/binary-m68k/kernel-image-2.6.8-atari_2.6.8-4sarge5_m68k.deb kernel-image-2.6.8-m68k (2.6.8-4sarge5) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge5: * [ERRATA] madvise_remove-restrict.dpatch [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.6.8 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * fs-ext3-bad-nfs-handle.dpatch [SECURITY] James McKenzie discovered a Denial of Service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. See CVE-2006-3468 * direct-io-write-mem-leak.dpatch [SECURITY] Fix memory leak in O_DIRECT write. See CVE-2004-2660 * nfs-handle-long-symlinks.dpatch [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * cdrom-bad-cgc.buflen-assign.dpatch [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * usb-serial-ftdi_sio-dos.patch [SECURITY] fix userspace DoS in ftdi_sio driver See CVE-2006-2936 * selinux-tracer-SID-fix.dpatch [SECURITY] Fix vulnerability in selinux_ptrace that prevents local users from changing the tracer SID to the SID of another process See CVE-2006-1052 * netfilter-SO_ORIGINAL_DST-leak.dpatch [SECURITY] Fix information leak in SO_ORIGINAL_DST See CVE-2006-1343 * sg-no-mmap-VM_IO.dpatch [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * exit-bogus-bugon.dpatch [SECURITY] Remove bogus BUG() in exit.c which could be maliciously triggered by a local user See CVE-2006-1855 * readv-writev-missing-lsm-check.dpatch, readv-writev-missing-lsm-check-compat.dpatch [SECURITY] Add missing file_permission callback in readv/writev syscalls See CVE-2006-1856 * snmp-nat-mem-corruption-fix.dpatch [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * kfree_skb-race.dpatch [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * hppa-mb-extraneous-semicolon.dpatch, sparc32-mb-extraneous-semicolons.dpatch, sparc64-mb-extraneous-semicolons.dpatch: Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with kfree_skb-race.dpatch * sctp-priv-elevation.dpatch [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * sctp-priv-elevation-2.dpatch [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch See CVE-2006-4535 * ppc-hid0-dos.dpatch [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * udf-deadlock.dpatch [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 stable/main/binary-ia64/kernel-headers-2.6.8-3-itanium-smp_2.6.8-14sarge5_ia64.deb stable/main/binary-ia64/kernel-headers-2.6.8-3_2.6.8-14sarge5_ia64.deb stable/main/source/kernel-image-2.6.8-ia64_2.6.8-14sarge5.dsc stable/main/binary-ia64/kernel-headers-2.6-itanium-smp_2.6.8-14sarge5_ia64.deb stable/main/binary-ia64/kernel-headers-2.6-mckinley_2.6.8-14sarge5_ia64.deb stable/main/binary-ia64/kernel-image-2.6.8-3-itanium_2.6.8-14sarge5_ia64.deb stable/main/binary-ia64/kernel-image-2.6-itanium_2.6.8-14sarge5_ia64.deb stable/main/binary-ia64/kernel-image-2.6.8-3-mckinley-smp_2.6.8-14sarge5_ia64.deb stable/main/binary-ia64/kernel-image-2.6-mckinley-smp_2.6.8-14sarge5_ia64.deb stable/main/binary-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-14sarge5_ia64.deb stable/main/binary-ia64/kernel-headers-2.6.8-3-itanium_2.6.8-14sarge5_ia64.deb stable/main/binary-ia64/kernel-headers-2.6.8-3-mckinley_2.6.8-14sarge5_ia64.deb stable/main/binary-ia64/kernel-headers-2.6.8-3-mckinley-smp_2.6.8-14sarge5_ia64.deb stable/main/source/kernel-image-2.6.8-ia64_2.6.8-14sarge5.tar.gz stable/main/binary-ia64/kernel-image-2.6.8-3-itanium-smp_2.6.8-14sarge5_ia64.deb stable/main/binary-ia64/kernel-headers-2.6-itanium_2.6.8-14sarge5_ia64.deb stable/main/binary-ia64/kernel-image-2.6.8-3-mckinley_2.6.8-14sarge5_ia64.deb stable/main/binary-ia64/kernel-image-2.6-mckinley_2.6.8-14sarge5_ia64.deb stable/main/binary-ia64/kernel-image-2.6-itanium-smp_2.6.8-14sarge5_ia64.deb kernel-image-2.6.8-ia64 (2.6.8-14sarge5) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge5: * [ERRATA] madvise_remove-restrict.dpatch [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.6.8 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * fs-ext3-bad-nfs-handle.dpatch [SECURITY] James McKenzie discovered a Denial of Service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. See CVE-2006-3468 * direct-io-write-mem-leak.dpatch [SECURITY] Fix memory leak in O_DIRECT write. See CVE-2004-2660 * nfs-handle-long-symlinks.dpatch [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * cdrom-bad-cgc.buflen-assign.dpatch [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * usb-serial-ftdi_sio-dos.patch [SECURITY] fix userspace DoS in ftdi_sio driver See CVE-2006-2936 * selinux-tracer-SID-fix.dpatch [SECURITY] Fix vulnerability in selinux_ptrace that prevents local users from changing the tracer SID to the SID of another process See CVE-2006-1052 * netfilter-SO_ORIGINAL_DST-leak.dpatch [SECURITY] Fix information leak in SO_ORIGINAL_DST See CVE-2006-1343 * sg-no-mmap-VM_IO.dpatch [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * exit-bogus-bugon.dpatch [SECURITY] Remove bogus BUG() in exit.c which could be maliciously triggered by a local user See CVE-2006-1855 * readv-writev-missing-lsm-check.dpatch, readv-writev-missing-lsm-check-compat.dpatch [SECURITY] Add missing file_permission callback in readv/writev syscalls See CVE-2006-1856 * snmp-nat-mem-corruption-fix.dpatch [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * kfree_skb-race.dpatch [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * hppa-mb-extraneous-semicolon.dpatch, sparc32-mb-extraneous-semicolons.dpatch, sparc64-mb-extraneous-semicolons.dpatch: Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with kfree_skb-race.dpatch * sctp-priv-elevation.dpatch [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * sctp-priv-elevation-2.dpatch [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch See CVE-2006-4535 * ppc-hid0-dos.dpatch [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * udf-deadlock.dpatch [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 stable/main/binary-i386/kernel-image-2.6.8-3-686_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-image-2.6.8-3-k7_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-3-k7_2.6.8-16sarge5_i386.deb stable/main/source/kernel-image-2.6.8-i386_2.6.8-16sarge5.tar.gz stable/main/binary-i386/kernel-image-2.6.8-3-686-smp_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-image-2.6.8-3-386_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-3-686_2.6.8-16sarge5_i386.deb stable/main/source/kernel-image-2.6.8-i386_2.6.8-16sarge5.dsc stable/main/binary-i386/kernel-image-2.6.8-3-k7-smp_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-3-386_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-3-k7-smp_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-3-686-smp_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-3_2.6.8-16sarge5_i386.deb kernel-image-2.6.8-i386 (2.6.8-16sarge5) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge5: * [ERRATA] madvise_remove-restrict.dpatch [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.6.8 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * fs-ext3-bad-nfs-handle.dpatch [SECURITY] James McKenzie discovered a Denial of Service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. See CVE-2006-3468 * direct-io-write-mem-leak.dpatch [SECURITY] Fix memory leak in O_DIRECT write. See CVE-2004-2660 * nfs-handle-long-symlinks.dpatch [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * cdrom-bad-cgc.buflen-assign.dpatch [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * usb-serial-ftdi_sio-dos.patch [SECURITY] fix userspace DoS in ftdi_sio driver See CVE-2006-2936 * selinux-tracer-SID-fix.dpatch [SECURITY] Fix vulnerability in selinux_ptrace that prevents local users from changing the tracer SID to the SID of another process See CVE-2006-1052 * netfilter-SO_ORIGINAL_DST-leak.dpatch [SECURITY] Fix information leak in SO_ORIGINAL_DST See CVE-2006-1343 * sg-no-mmap-VM_IO.dpatch [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * exit-bogus-bugon.dpatch [SECURITY] Remove bogus BUG() in exit.c which could be maliciously triggered by a local user See CVE-2006-1855 * readv-writev-missing-lsm-check.dpatch, readv-writev-missing-lsm-check-compat.dpatch [SECURITY] Add missing file_permission callback in readv/writev syscalls See CVE-2006-1856 * snmp-nat-mem-corruption-fix.dpatch [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * kfree_skb-race.dpatch [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * hppa-mb-extraneous-semicolon.dpatch, sparc32-mb-extraneous-semicolons.dpatch, sparc64-mb-extraneous-semicolons.dpatch: Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with kfree_skb-race.dpatch * sctp-priv-elevation.dpatch [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * sctp-priv-elevation-2.dpatch [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch See CVE-2006-4535 * ppc-hid0-dos.dpatch [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * udf-deadlock.dpatch [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 stable/main/binary-hppa/kernel-image-2.6.8-3-64_2.6.8-6sarge5_hppa.deb stable/main/binary-hppa/kernel-headers-2.6.8-3-64-smp_2.6.8-6sarge5_hppa.deb stable/main/binary-hppa/kernel-image-2.6.8-3-32_2.6.8-6sarge5_hppa.deb stable/main/binary-hppa/kernel-headers-2.6.8-3_2.6.8-6sarge5_hppa.deb stable/main/binary-hppa/kernel-image-2.6.8-3-64-smp_2.6.8-6sarge5_hppa.deb stable/main/binary-hppa/kernel-headers-2.6.8-3-64_2.6.8-6sarge5_hppa.deb stable/main/source/kernel-image-2.6.8-hppa_2.6.8-6sarge5.tar.gz stable/main/source/kernel-image-2.6.8-hppa_2.6.8-6sarge5.dsc stable/main/binary-hppa/kernel-headers-2.6.8-3-32_2.6.8-6sarge5_hppa.deb stable/main/binary-hppa/kernel-headers-2.6.8-3-32-smp_2.6.8-6sarge5_hppa.deb stable/main/binary-hppa/kernel-image-2.6.8-3-32-smp_2.6.8-6sarge5_hppa.deb kernel-image-2.6.8-hppa (2.6.8-6sarge5) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge5: * [ERRATA] madvise_remove-restrict.dpatch [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.6.8 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * fs-ext3-bad-nfs-handle.dpatch [SECURITY] James McKenzie discovered a Denial of Service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. See CVE-2006-3468 * direct-io-write-mem-leak.dpatch [SECURITY] Fix memory leak in O_DIRECT write. See CVE-2004-2660 * nfs-handle-long-symlinks.dpatch [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * cdrom-bad-cgc.buflen-assign.dpatch [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * usb-serial-ftdi_sio-dos.patch [SECURITY] fix userspace DoS in ftdi_sio driver See CVE-2006-2936 * selinux-tracer-SID-fix.dpatch [SECURITY] Fix vulnerability in selinux_ptrace that prevents local users from changing the tracer SID to the SID of another process See CVE-2006-1052 * netfilter-SO_ORIGINAL_DST-leak.dpatch [SECURITY] Fix information leak in SO_ORIGINAL_DST See CVE-2006-1343 * sg-no-mmap-VM_IO.dpatch [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * exit-bogus-bugon.dpatch [SECURITY] Remove bogus BUG() in exit.c which could be maliciously triggered by a local user See CVE-2006-1855 * readv-writev-missing-lsm-check.dpatch, readv-writev-missing-lsm-check-compat.dpatch [SECURITY] Add missing file_permission callback in readv/writev syscalls See CVE-2006-1856 * snmp-nat-mem-corruption-fix.dpatch [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * kfree_skb-race.dpatch [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * hppa-mb-extraneous-semicolon.dpatch, sparc32-mb-extraneous-semicolons.dpatch, sparc64-mb-extraneous-semicolons.dpatch: Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with kfree_skb-race.dpatch * sctp-priv-elevation.dpatch [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * sctp-priv-elevation-2.dpatch [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch See CVE-2006-4535 * ppc-hid0-dos.dpatch [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * udf-deadlock.dpatch [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 stable/main/source/kernel-image-2.6.8-amd64_2.6.8-16sarge5.tar.gz stable/main/binary-i386/kernel-image-2.6.8-12-amd64-generic_2.6.8-16sarge5_i386.deb stable/main/source/kernel-image-2.6.8-amd64_2.6.8-16sarge5.dsc stable/main/binary-i386/kernel-image-2.6.8-12-em64t-p4_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-12-amd64-k8-smp_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-image-2.6.8-12-amd64-k8-smp_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-12_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-image-2.6.8-12-amd64-k8_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-12-em64t-p4-smp_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-12-amd64-k8_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-12-amd64-generic_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-image-2.6.8-12-em64t-p4-smp_2.6.8-16sarge5_i386.deb stable/main/binary-i386/kernel-headers-2.6.8-12-em64t-p4_2.6.8-16sarge5_i386.deb kernel-image-2.6.8-amd64 (2.6.8-16sarge5) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge5: * [ERRATA] madvise_remove-restrict.dpatch [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.6.8 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * fs-ext3-bad-nfs-handle.dpatch [SECURITY] James McKenzie discovered a Denial of Service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. See CVE-2006-3468 * direct-io-write-mem-leak.dpatch [SECURITY] Fix memory leak in O_DIRECT write. See CVE-2004-2660 * nfs-handle-long-symlinks.dpatch [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * cdrom-bad-cgc.buflen-assign.dpatch [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * usb-serial-ftdi_sio-dos.patch [SECURITY] fix userspace DoS in ftdi_sio driver See CVE-2006-2936 * selinux-tracer-SID-fix.dpatch [SECURITY] Fix vulnerability in selinux_ptrace that prevents local users from changing the tracer SID to the SID of another process See CVE-2006-1052 * netfilter-SO_ORIGINAL_DST-leak.dpatch [SECURITY] Fix information leak in SO_ORIGINAL_DST See CVE-2006-1343 * sg-no-mmap-VM_IO.dpatch [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * exit-bogus-bugon.dpatch [SECURITY] Remove bogus BUG() in exit.c which could be maliciously triggered by a local user See CVE-2006-1855 * readv-writev-missing-lsm-check.dpatch, readv-writev-missing-lsm-check-compat.dpatch [SECURITY] Add missing file_permission callback in readv/writev syscalls See CVE-2006-1856 * snmp-nat-mem-corruption-fix.dpatch [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * kfree_skb-race.dpatch [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * hppa-mb-extraneous-semicolon.dpatch, sparc32-mb-extraneous-semicolons.dpatch, sparc64-mb-extraneous-semicolons.dpatch: Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with kfree_skb-race.dpatch * sctp-priv-elevation.dpatch [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * sctp-priv-elevation-2.dpatch [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch See CVE-2006-4535 * ppc-hid0-dos.dpatch [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * udf-deadlock.dpatch [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 stable/main/binary-alpha/kernel-image-2.6.8-3-smp_2.6.8-16sarge5_alpha.deb stable/main/binary-alpha/kernel-image-2.6.8-3-generic_2.6.8-16sarge5_alpha.deb stable/main/binary-alpha/kernel-headers-2.6.8-3-smp_2.6.8-16sarge5_alpha.deb stable/main/source/kernel-image-2.6.8-alpha_2.6.8-16sarge5.tar.gz stable/main/binary-alpha/kernel-headers-2.6.8-3-generic_2.6.8-16sarge5_alpha.deb stable/main/binary-alpha/kernel-headers-2.6.8-3_2.6.8-16sarge5_alpha.deb stable/main/source/kernel-image-2.6.8-alpha_2.6.8-16sarge5.dsc kernel-image-2.6.8-alpha (2.6.8-16sarge5) stable-security; urgency=high * Build against kernel-tree-2.6.8-16sarge5: * [ERRATA] madvise_remove-restrict.dpatch [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.6.8 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * fs-ext3-bad-nfs-handle.dpatch [SECURITY] James McKenzie discovered a Denial of Service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. See CVE-2006-3468 * direct-io-write-mem-leak.dpatch [SECURITY] Fix memory leak in O_DIRECT write. See CVE-2004-2660 * nfs-handle-long-symlinks.dpatch [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * cdrom-bad-cgc.buflen-assign.dpatch [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * usb-serial-ftdi_sio-dos.patch [SECURITY] fix userspace DoS in ftdi_sio driver See CVE-2006-2936 * selinux-tracer-SID-fix.dpatch [SECURITY] Fix vulnerability in selinux_ptrace that prevents local users from changing the tracer SID to the SID of another process See CVE-2006-1052 * netfilter-SO_ORIGINAL_DST-leak.dpatch [SECURITY] Fix information leak in SO_ORIGINAL_DST See CVE-2006-1343 * sg-no-mmap-VM_IO.dpatch [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * exit-bogus-bugon.dpatch [SECURITY] Remove bogus BUG() in exit.c which could be maliciously triggered by a local user See CVE-2006-1855 * readv-writev-missing-lsm-check.dpatch, readv-writev-missing-lsm-check-compat.dpatch [SECURITY] Add missing file_permission callback in readv/writev syscalls See CVE-2006-1856 * snmp-nat-mem-corruption-fix.dpatch [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * kfree_skb-race.dpatch [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * hppa-mb-extraneous-semicolon.dpatch, sparc32-mb-extraneous-semicolons.dpatch, sparc64-mb-extraneous-semicolons.dpatch: Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with kfree_skb-race.dpatch * sctp-priv-elevation.dpatch [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * sctp-priv-elevation-2.dpatch [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch See CVE-2006-4535 * ppc-hid0-dos.dpatch [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * udf-deadlock.dpatch [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 stable/main/binary-sparc/kernel-headers-2.4.27-3_2.4.27-9sarge4_sparc.deb stable/main/binary-sparc/kernel-image-2.4.27-3-sparc64_2.4.27-9sarge4_sparc.deb stable/main/binary-sparc/kernel-build-2.4.27-3_2.4.27-9sarge4_sparc.deb stable/main/source/kernel-image-2.4.27-sparc_2.4.27-9sarge4.dsc stable/main/binary-sparc/kernel-image-2.4.27-3-sparc32-smp_2.4.27-9sarge4_sparc.deb stable/main/binary-sparc/kernel-image-2.4.27-3-sparc64-smp_2.4.27-9sarge4_sparc.deb stable/main/binary-sparc/kernel-headers-2.4.27-3-sparc32-smp_2.4.27-9sarge4_sparc.deb stable/main/binary-sparc/kernel-headers-2.4.27-3-sparc64_2.4.27-9sarge4_sparc.deb stable/main/source/kernel-image-2.4.27-sparc_2.4.27-9sarge4.tar.gz stable/main/binary-sparc/kernel-headers-2.4.27-3-sparc32_2.4.27-9sarge4_sparc.deb stable/main/binary-sparc/kernel-headers-2.4.27-3-sparc64-smp_2.4.27-9sarge4_sparc.deb stable/main/binary-sparc/kernel-image-2.4.27-3-sparc32_2.4.27-9sarge4_sparc.deb kernel-image-2.4.27-sparc (2.4.27-9sarge4) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-s390/kernel-image-2.4.27-3-s390_2.4.27-2sarge4_s390.deb stable/main/binary-s390/kernel-image-2.4.27-3-s390x_2.4.27-2sarge4_s390.deb stable/main/binary-s390/kernel-headers-2.4.27-3_2.4.27-2sarge4_s390.deb stable/main/binary-s390/kernel-image-2.4.27-3-s390-tape_2.4.27-2sarge4_s390.deb stable/main/source/kernel-image-2.4.27-s390_2.4.27-2sarge4.tar.gz stable/main/source/kernel-image-2.4.27-s390_2.4.27-2sarge4.dsc kernel-image-2.4.27-s390 (2.4.27-2sarge4) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-m68k/kernel-image-2.4.27-amiga_2.4.27-3sarge4_m68k.deb stable/main/binary-m68k/kernel-image-2.4.27-mvme147_2.4.27-3sarge4_m68k.deb stable/main/source/kernel-image-2.4.27-m68k_2.4.27-3sarge4.dsc stable/main/binary-m68k/kernel-image-2.4.27-mac_2.4.27-3sarge4_m68k.deb stable/main/binary-m68k/kernel-image-2.4.27-atari_2.4.27-3sarge4_m68k.deb stable/main/binary-m68k/kernel-image-2.4.27-mvme16x_2.4.27-3sarge4_m68k.deb stable/main/binary-m68k/kernel-image-2.4.27-q40_2.4.27-3sarge4_m68k.deb stable/main/binary-m68k/kernel-image-2.4.27-bvme6000_2.4.27-3sarge4_m68k.deb stable/main/source/kernel-image-2.4.27-m68k_2.4.27-3sarge4.tar.gz kernel-image-2.4.27-m68k (2.4.27-3sarge4) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-ia64/kernel-image-2.4-mckinley-smp_2.4.27-10sarge4_ia64.deb stable/main/binary-ia64/kernel-image-2.4-itanium_2.4.27-10sarge4_ia64.deb stable/main/binary-ia64/kernel-headers-2.4.27-3-mckinley_2.4.27-10sarge4_ia64.deb stable/main/binary-ia64/kernel-image-2.4.27-3-mckinley-smp_2.4.27-10sarge4_ia64.deb stable/main/binary-ia64/kernel-image-2.4.27-3-itanium-smp_2.4.27-10sarge4_ia64.deb stable/main/binary-ia64/kernel-image-2.4-itanium-smp_2.4.27-10sarge4_ia64.deb stable/main/binary-ia64/kernel-headers-2.4.27-3-itanium-smp_2.4.27-10sarge4_ia64.deb stable/main/source/kernel-image-2.4.27-ia64_2.4.27-10sarge4.dsc stable/main/binary-ia64/kernel-image-2.4.27-3-itanium_2.4.27-10sarge4_ia64.deb stable/main/binary-ia64/kernel-headers-2.4.27-3-itanium_2.4.27-10sarge4_ia64.deb stable/main/binary-ia64/kernel-image-2.4.27-3-mckinley_2.4.27-10sarge4_ia64.deb stable/main/binary-ia64/kernel-headers-2.4.27-3_2.4.27-10sarge4_ia64.deb stable/main/source/kernel-image-2.4.27-ia64_2.4.27-10sarge4.tar.gz stable/main/binary-ia64/kernel-image-2.4-mckinley_2.4.27-10sarge4_ia64.deb stable/main/binary-ia64/kernel-headers-2.4.27-3-mckinley-smp_2.4.27-10sarge4_ia64.deb stable/main/binary-ia64/kernel-build-2.4.27-3_2.4.27-10sarge4_ia64.deb kernel-image-2.4.27-ia64 (2.4.27-10sarge4) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-i386/kernel-image-2.4.27-3-386_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-pcmcia-modules-2.4.27-3-k7_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-image-2.4.27-3-k7_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3-686_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-image-2.4.27-3-686_2.4.27-10sarge4_i386.deb stable/main/source/kernel-image-2.4.27-i386_2.4.27-10sarge4.tar.gz stable/main/binary-i386/kernel-headers-2.4.27-3-k7_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3-686-smp_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-image-2.4.27-3-686-smp_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3-k6_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-pcmcia-modules-2.4.27-3-k7-smp_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3-k7-smp_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-image-2.4.27-3-k6_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-build-2.4.27-3_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-pcmcia-modules-2.4.27-3-k6_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-pcmcia-modules-2.4.27-3-386_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-image-2.4.27-3-586tsc_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3-586tsc_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-pcmcia-modules-2.4.27-3-686-smp_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3-386_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-pcmcia-modules-2.4.27-3-686_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-image-2.4.27-3-k7-smp_2.4.27-10sarge4_i386.deb stable/main/source/kernel-image-2.4.27-i386_2.4.27-10sarge4.dsc stable/main/binary-i386/kernel-pcmcia-modules-2.4.27-3-586tsc_2.4.27-10sarge4_i386.deb stable/main/binary-i386/kernel-headers-2.4.27-3_2.4.27-10sarge4_i386.deb kernel-image-2.4.27-i386 (2.4.27-10sarge4) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-arm/kernel-image-2.4.27-riscpc_2.4.27-2sarge4_arm.deb stable/main/binary-arm/kernel-image-2.4.27-riscstation_2.4.27-2sarge4_arm.deb stable/main/binary-arm/kernel-headers-2.4.27_2.4.27-2sarge4_arm.deb stable/main/source/kernel-image-2.4.27-arm_2.4.27-2sarge4.dsc stable/main/binary-arm/kernel-image-2.4.27-netwinder_2.4.27-2sarge4_arm.deb stable/main/binary-arm/kernel-build-2.4.27_2.4.27-2sarge4_arm.deb stable/main/source/kernel-image-2.4.27-arm_2.4.27-2sarge4.tar.gz stable/main/binary-arm/kernel-image-2.4.27-bast_2.4.27-2sarge4_arm.deb stable/main/binary-arm/kernel-image-2.4.27-lart_2.4.27-2sarge4_arm.deb kernel-image-2.4.27-arm (2.4.27-2sarge4) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/source/kernel-image-2.4.27-alpha_2.4.27-10sarge4.tar.gz stable/main/binary-alpha/kernel-headers-2.4.27-3_2.4.27-10sarge4_alpha.deb stable/main/binary-alpha/kernel-image-2.4.27-3-smp_2.4.27-10sarge4_alpha.deb stable/main/source/kernel-image-2.4.27-alpha_2.4.27-10sarge4.dsc stable/main/binary-alpha/kernel-headers-2.4.27-3-smp_2.4.27-10sarge4_alpha.deb stable/main/binary-alpha/kernel-build-2.4.27-3_2.4.27-10sarge4_alpha.deb stable/main/binary-alpha/kernel-headers-2.4.27-3-generic_2.4.27-10sarge4_alpha.deb stable/main/binary-alpha/kernel-image-2.4.27-3-generic_2.4.27-10sarge4_alpha.deb kernel-image-2.4.27-alpha (2.4.27-10sarge4) stable-security; urgency=high * Build against kernel-tree-2.4.27-10sarge4: * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-sparc/kdeprint_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/khelpcenter_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/ksysguardd_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/konsole_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/konqueror_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/ksmserver_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kcontrol_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kfind_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kdesktop_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/libkonq4_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/konqueror-nsplugins_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kappfinder_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kate_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/klipper_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kwin_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kdebase-kio-plugins_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/ktip_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/ksplash_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kdebase-dev_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/libkonq4-dev_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kdepasswd_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kpager_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kdm_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kdebase-bin_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kmenuedit_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kpersonalizer_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/ksysguard_3.3.2-1sarge3_sparc.deb stable/main/binary-sparc/kicker_3.3.2-1sarge3_sparc.deb kdebase (4:3.3.2-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix information disclosure vulnerability in kdm [debian/patches/17_CVE-2006-2449-information-disclosure.diff] stable/main/binary-s390/kpersonalizer_3.3.2-1sarge3_s390.deb stable/main/binary-s390/konsole_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kfind_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kdm_3.3.2-1sarge3_s390.deb stable/main/binary-s390/konqueror-nsplugins_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kicker_3.3.2-1sarge3_s390.deb stable/main/binary-s390/ktip_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kdesktop_3.3.2-1sarge3_s390.deb stable/main/binary-s390/ksysguard_3.3.2-1sarge3_s390.deb stable/main/binary-s390/konqueror_3.3.2-1sarge3_s390.deb stable/main/binary-s390/ksplash_3.3.2-1sarge3_s390.deb stable/main/binary-s390/klipper_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kdepasswd_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kate_3.3.2-1sarge3_s390.deb stable/main/binary-s390/libkonq4-dev_3.3.2-1sarge3_s390.deb stable/main/binary-s390/khelpcenter_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kmenuedit_3.3.2-1sarge3_s390.deb stable/main/binary-s390/ksysguardd_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kdeprint_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kappfinder_3.3.2-1sarge3_s390.deb stable/main/binary-s390/ksmserver_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kdebase-kio-plugins_3.3.2-1sarge3_s390.deb stable/main/binary-s390/libkonq4_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kcontrol_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kdebase-bin_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kdebase-dev_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kpager_3.3.2-1sarge3_s390.deb stable/main/binary-s390/kwin_3.3.2-1sarge3_s390.deb kdebase (4:3.3.2-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix information disclosure vulnerability in kdm [debian/patches/17_CVE-2006-2449-information-disclosure.diff] stable/main/binary-powerpc/kdm_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kpersonalizer_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/ksysguard_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kdesktop_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/ksplash_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kicker_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/ktip_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/konsole_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kdebase-kio-plugins_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kwin_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kappfinder_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kpager_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/klipper_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/konqueror-nsplugins_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/libkonq4-dev_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/konqueror_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kdebase-dev_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kate_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kcontrol_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kfind_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kdeprint_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kdepasswd_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/khelpcenter_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/libkonq4_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/ksysguardd_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kdebase-bin_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/ksmserver_3.3.2-1sarge3_powerpc.deb stable/main/binary-powerpc/kmenuedit_3.3.2-1sarge3_powerpc.deb kdebase (4:3.3.2-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix information disclosure vulnerability in kdm [debian/patches/17_CVE-2006-2449-information-disclosure.diff] stable/main/binary-mipsel/konqueror-nsplugins_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kicker_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kdebase-dev_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/libkonq4-dev_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kpersonalizer_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kdesktop_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/konsole_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/ksmserver_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/libkonq4_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/ktip_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kdeprint_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kwin_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kate_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/ksplash_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kfind_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/konqueror_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kdebase-bin_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kcontrol_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kdm_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/klipper_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/ksysguardd_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kpager_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kmenuedit_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kappfinder_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/ksysguard_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kdepasswd_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/khelpcenter_3.3.2-1sarge3_mipsel.deb stable/main/binary-mipsel/kdebase-kio-plugins_3.3.2-1sarge3_mipsel.deb kdebase (4:3.3.2-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix information disclosure vulnerability in kdm [debian/patches/17_CVE-2006-2449-information-disclosure.diff] stable/main/binary-mips/kcontrol_3.3.2-1sarge3_mips.deb stable/main/binary-mips/konqueror-nsplugins_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kdepasswd_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kdebase-kio-plugins_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kdebase-bin_3.3.2-1sarge3_mips.deb stable/main/binary-mips/konqueror_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kfind_3.3.2-1sarge3_mips.deb stable/main/binary-mips/libkonq4-dev_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kdeprint_3.3.2-1sarge3_mips.deb stable/main/binary-mips/klipper_3.3.2-1sarge3_mips.deb stable/main/binary-mips/ksplash_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kwin_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kappfinder_3.3.2-1sarge3_mips.deb stable/main/binary-mips/khelpcenter_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kpager_3.3.2-1sarge3_mips.deb stable/main/binary-mips/konsole_3.3.2-1sarge3_mips.deb stable/main/binary-mips/ksmserver_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kpersonalizer_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kate_3.3.2-1sarge3_mips.deb stable/main/binary-mips/ksysguard_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kdm_3.3.2-1sarge3_mips.deb stable/main/binary-mips/ktip_3.3.2-1sarge3_mips.deb stable/main/binary-mips/ksysguardd_3.3.2-1sarge3_mips.deb stable/main/binary-mips/libkonq4_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kicker_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kdesktop_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kdebase-dev_3.3.2-1sarge3_mips.deb stable/main/binary-mips/kmenuedit_3.3.2-1sarge3_mips.deb kdebase (4:3.3.2-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix information disclosure vulnerability in kdm [debian/patches/17_CVE-2006-2449-information-disclosure.diff] stable/main/binary-m68k/ksplash_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/libkonq4-dev_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kdesktop_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/khelpcenter_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kdepasswd_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/konqueror-nsplugins_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kdebase-dev_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kappfinder_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kwin_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/libkonq4_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kdm_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/ktip_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/klipper_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kpersonalizer_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kicker_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kmenuedit_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/ksysguard_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kdebase-kio-plugins_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/konsole_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kcontrol_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/ksmserver_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kfind_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/ksysguardd_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kdebase-bin_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kate_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kdeprint_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/kpager_3.3.2-1sarge3_m68k.deb stable/main/binary-m68k/konqueror_3.3.2-1sarge3_m68k.deb kdebase (4:3.3.2-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix information disclosure vulnerability in kdm [debian/patches/17_CVE-2006-2449-information-disclosure.diff] stable/main/binary-ia64/kdepasswd_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kcontrol_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/ksysguard_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/konqueror-nsplugins_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/libkonq4_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/ktip_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/ksysguardd_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kfind_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kdesktop_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/konqueror_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kdm_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/libkonq4-dev_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kpersonalizer_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/ksplash_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/ksmserver_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kicker_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kappfinder_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/khelpcenter_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kpager_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kwin_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/konsole_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kate_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/klipper_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kdebase-kio-plugins_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kdebase-bin_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kmenuedit_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kdeprint_3.3.2-1sarge3_ia64.deb stable/main/binary-ia64/kdebase-dev_3.3.2-1sarge3_ia64.deb kdebase (4:3.3.2-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix information disclosure vulnerability in kdm [debian/patches/17_CVE-2006-2449-information-disclosure.diff] stable/main/binary-hppa/libkonq4-dev_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kcontrol_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/khelpcenter_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/ksysguardd_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/ksmserver_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kate_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kdeprint_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kdepasswd_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kdebase-dev_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kdesktop_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kpersonalizer_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/konqueror_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/konsole_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kpager_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kdebase-kio-plugins_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/ktip_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/ksplash_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/ksysguard_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kdm_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kappfinder_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/konqueror-nsplugins_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kfind_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kicker_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kdebase-bin_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/libkonq4_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kwin_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/klipper_3.3.2-1sarge3_hppa.deb stable/main/binary-hppa/kmenuedit_3.3.2-1sarge3_hppa.deb kdebase (4:3.3.2-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix information disclosure vulnerability in kdm [debian/patches/17_CVE-2006-2449-information-disclosure.diff] stable/main/binary-arm/khelpcenter_3.3.2-1sarge3_arm.deb stable/main/binary-arm/konqueror-nsplugins_3.3.2-1sarge3_arm.deb stable/main/binary-arm/ksplash_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kfind_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kdebase-dev_3.3.2-1sarge3_arm.deb stable/main/binary-arm/konsole_3.3.2-1sarge3_arm.deb stable/main/binary-arm/konqueror_3.3.2-1sarge3_arm.deb stable/main/binary-arm/ktip_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kdepasswd_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kicker_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kate_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kdebase-bin_3.3.2-1sarge3_arm.deb stable/main/binary-arm/libkonq4_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kwin_3.3.2-1sarge3_arm.deb stable/main/binary-arm/libkonq4-dev_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kmenuedit_3.3.2-1sarge3_arm.deb stable/main/binary-arm/klipper_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kdm_3.3.2-1sarge3_arm.deb stable/main/binary-arm/ksmserver_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kappfinder_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kdebase-kio-plugins_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kdesktop_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kpager_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kdeprint_3.3.2-1sarge3_arm.deb stable/main/binary-arm/ksysguard_3.3.2-1sarge3_arm.deb stable/main/binary-arm/ksysguardd_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kpersonalizer_3.3.2-1sarge3_arm.deb stable/main/binary-arm/kcontrol_3.3.2-1sarge3_arm.deb kdebase (4:3.3.2-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix information disclosure vulnerability in kdm [debian/patches/17_CVE-2006-2449-information-disclosure.diff] stable/main/binary-alpha/libkonq4_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/ksysguardd_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kcontrol_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kfind_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kdesktop_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kdepasswd_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/konqueror-nsplugins_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/konqueror_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kdebase-bin_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/ksplash_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/ktip_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kwin_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/klipper_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kmenuedit_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kappfinder_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kpager_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/ksmserver_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kpersonalizer_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/khelpcenter_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kdm_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/libkonq4-dev_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kdeprint_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/ksysguard_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kicker_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kdebase-dev_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kdebase-kio-plugins_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/konsole_3.3.2-1sarge3_alpha.deb stable/main/binary-alpha/kate_3.3.2-1sarge3_alpha.deb kdebase (4:3.3.2-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix information disclosure vulnerability in kdm [debian/patches/17_CVE-2006-2449-information-disclosure.diff] stable/main/binary-i386/kmenuedit_3.3.2-1sarge3_i386.deb stable/main/binary-i386/khelpcenter_3.3.2-1sarge3_i386.deb stable/main/binary-i386/kdebase-bin_3.3.2-1sarge3_i386.deb stable/main/binary-i386/ksysguard_3.3.2-1sarge3_i386.deb stable/main/binary-i386/konsole_3.3.2-1sarge3_i386.deb stable/main/binary-i386/kdm_3.3.2-1sarge3_i386.deb stable/main/binary-i386/kdepasswd_3.3.2-1sarge3_i386.deb stable/main/binary-i386/kate_3.3.2-1sarge3_i386.deb stable/main/binary-i386/kwin_3.3.2-1sarge3_i386.deb stable/main/binary-all/xfonts-konsole_3.3.2-1sarge3_all.deb stable/main/binary-i386/ksplash_3.3.2-1sarge3_i386.deb stable/main/binary-i386/kpersonalizer_3.3.2-1sarge3_i386.deb stable/main/source/kdebase_3.3.2-1sarge3.dsc stable/main/binary-i386/kpager_3.3.2-1sarge3_i386.deb stable/main/binary-i386/kappfinder_3.3.2-1sarge3_i386.deb stable/main/binary-i386/ksysguardd_3.3.2-1sarge3_i386.deb stable/main/binary-i386/ksmserver_3.3.2-1sarge3_i386.deb stable/main/binary-all/kdebase-data_3.3.2-1sarge3_all.deb stable/main/binary-i386/kcontrol_3.3.2-1sarge3_i386.deb stable/main/binary-i386/kdebase-dev_3.3.2-1sarge3_i386.deb stable/main/binary-i386/konqueror_3.3.2-1sarge3_i386.deb stable/main/source/kdebase_3.3.2-1sarge3.diff.gz stable/main/binary-i386/kfind_3.3.2-1sarge3_i386.deb stable/main/binary-i386/kicker_3.3.2-1sarge3_i386.deb stable/main/binary-i386/klipper_3.3.2-1sarge3_i386.deb stable/main/binary-i386/ktip_3.3.2-1sarge3_i386.deb stable/main/binary-i386/kdebase-kio-plugins_3.3.2-1sarge3_i386.deb stable/main/binary-i386/kdesktop_3.3.2-1sarge3_i386.deb stable/main/binary-i386/libkonq4_3.3.2-1sarge3_i386.deb stable/main/binary-all/kdebase_3.3.2-1sarge3_all.deb stable/main/binary-i386/konqueror-nsplugins_3.3.2-1sarge3_i386.deb stable/main/binary-all/kdebase-doc_3.3.2-1sarge3_all.deb stable/main/binary-i386/kdeprint_3.3.2-1sarge3_i386.deb stable/main/binary-i386/libkonq4-dev_3.3.2-1sarge3_i386.deb kdebase (4:3.3.2-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix information disclosure vulnerability in kdm [debian/patches/17_CVE-2006-2449-information-disclosure.diff] stable/main/binary-sparc/isakmpd_20041012-1sarge1_sparc.deb isakmpd (20041012-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Apply upstream patch to correct CVE-2006-4436 (Debian bug #385894) stable/main/binary-s390/isakmpd_20041012-1sarge1_s390.deb isakmpd (20041012-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Apply upstream patch to correct CVE-2006-4436 (Debian bug #385894) stable/main/binary-powerpc/isakmpd_20041012-1sarge1_powerpc.deb isakmpd (20041012-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Apply upstream patch to correct CVE-2006-4436 (Debian bug #385894) stable/main/binary-mipsel/isakmpd_20041012-1sarge1_mipsel.deb isakmpd (20041012-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Apply upstream patch to correct CVE-2006-4436 (Debian bug #385894) stable/main/binary-mips/isakmpd_20041012-1sarge1_mips.deb isakmpd (20041012-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Apply upstream patch to correct CVE-2006-4436 (Debian bug #385894) stable/main/binary-m68k/isakmpd_20041012-1sarge1_m68k.deb isakmpd (20041012-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Apply upstream patch to correct CVE-2006-4436 (Debian bug #385894) stable/main/binary-ia64/isakmpd_20041012-1sarge1_ia64.deb isakmpd (20041012-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Apply upstream patch to correct CVE-2006-4436 (Debian bug #385894) stable/main/binary-hppa/isakmpd_20041012-1sarge1_hppa.deb isakmpd (20041012-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Apply upstream patch to correct CVE-2006-4436 (Debian bug #385894) stable/main/binary-arm/isakmpd_20041012-1sarge1_arm.deb isakmpd (20041012-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Apply upstream patch to correct CVE-2006-4436 (Debian bug #385894) stable/main/binary-alpha/isakmpd_20041012-1sarge1_alpha.deb isakmpd (20041012-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Apply upstream patch to correct CVE-2006-4436 (Debian bug #385894) stable/main/binary-i386/isakmpd_20041012-1sarge1_i386.deb stable/main/source/isakmpd_20041012-1sarge1.dsc stable/main/source/isakmpd_20041012-1sarge1.diff.gz isakmpd (20041012-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Apply upstream patch to correct CVE-2006-4436 (Debian bug #385894) stable/main/binary-sparc/libmagick++6_6.0.6.2-2.7_sparc.deb stable/main/binary-sparc/libmagick6_6.0.6.2-2.7_sparc.deb stable/main/binary-sparc/imagemagick_6.0.6.2-2.7_sparc.deb stable/main/binary-sparc/perlmagick_6.0.6.2-2.7_sparc.deb stable/main/binary-sparc/libmagick6-dev_6.0.6.2-2.7_sparc.deb stable/main/binary-sparc/libmagick++6-dev_6.0.6.2-2.7_sparc.deb imagemagick (6:6.0.6.2-2.7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix buffer overflows in SUN bitmap decoder [CVE-2006-3744] * Fix buffer overflows in XCF decoder [CVE-2006-3743] * Fix buffer overflow in display(1) [CVE-2006-2440] stable/main/binary-s390/libmagick6-dev_6.0.6.2-2.7_s390.deb stable/main/binary-s390/perlmagick_6.0.6.2-2.7_s390.deb stable/main/binary-s390/libmagick++6_6.0.6.2-2.7_s390.deb stable/main/binary-s390/imagemagick_6.0.6.2-2.7_s390.deb stable/main/binary-s390/libmagick++6-dev_6.0.6.2-2.7_s390.deb stable/main/binary-s390/libmagick6_6.0.6.2-2.7_s390.deb imagemagick (6:6.0.6.2-2.7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix buffer overflows in SUN bitmap decoder [CVE-2006-3744] * Fix buffer overflows in XCF decoder [CVE-2006-3743] * Fix buffer overflow in display(1) [CVE-2006-2440] stable/main/binary-powerpc/libmagick6_6.0.6.2-2.7_powerpc.deb stable/main/binary-powerpc/libmagick++6-dev_6.0.6.2-2.7_powerpc.deb stable/main/binary-powerpc/imagemagick_6.0.6.2-2.7_powerpc.deb stable/main/binary-powerpc/libmagick++6_6.0.6.2-2.7_powerpc.deb stable/main/binary-powerpc/libmagick6-dev_6.0.6.2-2.7_powerpc.deb stable/main/binary-powerpc/perlmagick_6.0.6.2-2.7_powerpc.deb imagemagick (6:6.0.6.2-2.7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix buffer overflows in SUN bitmap decoder [CVE-2006-3744] * Fix buffer overflows in XCF decoder [CVE-2006-3743] * Fix buffer overflow in display(1) [CVE-2006-2440] stable/main/binary-mipsel/perlmagick_6.0.6.2-2.7_mipsel.deb stable/main/binary-mipsel/libmagick++6-dev_6.0.6.2-2.7_mipsel.deb stable/main/binary-mipsel/libmagick6-dev_6.0.6.2-2.7_mipsel.deb stable/main/binary-mipsel/libmagick++6_6.0.6.2-2.7_mipsel.deb stable/main/binary-mipsel/imagemagick_6.0.6.2-2.7_mipsel.deb stable/main/binary-mipsel/libmagick6_6.0.6.2-2.7_mipsel.deb imagemagick (6:6.0.6.2-2.7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix buffer overflows in SUN bitmap decoder [CVE-2006-3744] * Fix buffer overflows in XCF decoder [CVE-2006-3743] * Fix buffer overflow in display(1) [CVE-2006-2440] stable/main/binary-mips/libmagick++6-dev_6.0.6.2-2.7_mips.deb stable/main/binary-mips/perlmagick_6.0.6.2-2.7_mips.deb stable/main/binary-mips/libmagick6_6.0.6.2-2.7_mips.deb stable/main/binary-mips/libmagick6-dev_6.0.6.2-2.7_mips.deb stable/main/binary-mips/libmagick++6_6.0.6.2-2.7_mips.deb stable/main/binary-mips/imagemagick_6.0.6.2-2.7_mips.deb imagemagick (6:6.0.6.2-2.7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix buffer overflows in SUN bitmap decoder [CVE-2006-3744] * Fix buffer overflows in XCF decoder [CVE-2006-3743] * Fix buffer overflow in display(1) [CVE-2006-2440] stable/main/binary-m68k/imagemagick_6.0.6.2-2.7_m68k.deb stable/main/binary-m68k/libmagick++6_6.0.6.2-2.7_m68k.deb stable/main/binary-m68k/libmagick6-dev_6.0.6.2-2.7_m68k.deb stable/main/binary-m68k/perlmagick_6.0.6.2-2.7_m68k.deb stable/main/binary-m68k/libmagick6_6.0.6.2-2.7_m68k.deb stable/main/binary-m68k/libmagick++6-dev_6.0.6.2-2.7_m68k.deb imagemagick (6:6.0.6.2-2.7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix buffer overflows in SUN bitmap decoder [CVE-2006-3744] * Fix buffer overflows in XCF decoder [CVE-2006-3743] * Fix buffer overflow in display(1) [CVE-2006-2440] stable/main/binary-ia64/perlmagick_6.0.6.2-2.7_ia64.deb stable/main/binary-ia64/libmagick++6-dev_6.0.6.2-2.7_ia64.deb stable/main/binary-ia64/libmagick6_6.0.6.2-2.7_ia64.deb stable/main/binary-ia64/libmagick6-dev_6.0.6.2-2.7_ia64.deb stable/main/binary-ia64/imagemagick_6.0.6.2-2.7_ia64.deb stable/main/binary-ia64/libmagick++6_6.0.6.2-2.7_ia64.deb imagemagick (6:6.0.6.2-2.7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix buffer overflows in SUN bitmap decoder [CVE-2006-3744] * Fix buffer overflows in XCF decoder [CVE-2006-3743] * Fix buffer overflow in display(1) [CVE-2006-2440] stable/main/binary-hppa/perlmagick_6.0.6.2-2.7_hppa.deb stable/main/binary-hppa/libmagick6-dev_6.0.6.2-2.7_hppa.deb stable/main/binary-hppa/libmagick++6_6.0.6.2-2.7_hppa.deb stable/main/binary-hppa/imagemagick_6.0.6.2-2.7_hppa.deb stable/main/binary-hppa/libmagick++6-dev_6.0.6.2-2.7_hppa.deb stable/main/binary-hppa/libmagick6_6.0.6.2-2.7_hppa.deb imagemagick (6:6.0.6.2-2.7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix buffer overflows in SUN bitmap decoder [CVE-2006-3744] * Fix buffer overflows in XCF decoder [CVE-2006-3743] * Fix buffer overflow in display(1) [CVE-2006-2440] stable/main/binary-arm/perlmagick_6.0.6.2-2.7_arm.deb stable/main/binary-arm/libmagick6-dev_6.0.6.2-2.7_arm.deb stable/main/binary-arm/libmagick++6_6.0.6.2-2.7_arm.deb stable/main/binary-arm/libmagick++6-dev_6.0.6.2-2.7_arm.deb stable/main/binary-arm/libmagick6_6.0.6.2-2.7_arm.deb stable/main/binary-arm/imagemagick_6.0.6.2-2.7_arm.deb imagemagick (6:6.0.6.2-2.7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix buffer overflows in SUN bitmap decoder [CVE-2006-3744] * Fix buffer overflows in XCF decoder [CVE-2006-3743] * Fix buffer overflow in display(1) [CVE-2006-2440] stable/main/binary-alpha/libmagick++6-dev_6.0.6.2-2.7_alpha.deb stable/main/binary-alpha/imagemagick_6.0.6.2-2.7_alpha.deb stable/main/binary-alpha/libmagick6_6.0.6.2-2.7_alpha.deb stable/main/binary-alpha/libmagick6-dev_6.0.6.2-2.7_alpha.deb stable/main/binary-alpha/libmagick++6_6.0.6.2-2.7_alpha.deb stable/main/binary-alpha/perlmagick_6.0.6.2-2.7_alpha.deb imagemagick (6:6.0.6.2-2.7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix buffer overflows in SUN bitmap decoder [CVE-2006-3744] * Fix buffer overflows in XCF decoder [CVE-2006-3743] * Fix buffer overflow in display(1) [CVE-2006-2440] stable/main/binary-i386/libmagick++6_6.0.6.2-2.7_i386.deb stable/main/binary-i386/libmagick6-dev_6.0.6.2-2.7_i386.deb stable/main/binary-i386/libmagick6_6.0.6.2-2.7_i386.deb stable/main/binary-i386/libmagick++6-dev_6.0.6.2-2.7_i386.deb stable/main/source/imagemagick_6.0.6.2-2.7.dsc stable/main/binary-i386/perlmagick_6.0.6.2-2.7_i386.deb stable/main/binary-i386/imagemagick_6.0.6.2-2.7_i386.deb stable/main/source/imagemagick_6.0.6.2-2.7.diff.gz imagemagick (6:6.0.6.2-2.7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix buffer overflows in SUN bitmap decoder [CVE-2006-3744] * Fix buffer overflows in XCF decoder [CVE-2006-3743] * Fix buffer overflow in display(1) [CVE-2006-2440] stable/main/binary-sparc/gzip_1.3.5-10sarge2_sparc.deb gzip (1.3.5-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several security problems discovered by Tavis Ormandy of Google: - DoS through null pointer deference in the Huffman code (CVE-2006-4334) - Out-of-bands stack write in LZH decompression code (CVE-2006-4335) - Buffer overflow in pack code (CVE-2006-4336) - Buffer overflow in LZH code (CVE-2006-4337) - DoS through an infinite loop in LZH code (CVE-2006-4337) (Patch by Thomas Biege of SuSe) stable/main/binary-s390/gzip_1.3.5-10sarge2_s390.deb gzip (1.3.5-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several security problems discovered by Tavis Ormandy of Google: - DoS through null pointer deference in the Huffman code (CVE-2006-4334) - Out-of-bands stack write in LZH decompression code (CVE-2006-4335) - Buffer overflow in pack code (CVE-2006-4336) - Buffer overflow in LZH code (CVE-2006-4337) - DoS through an infinite loop in LZH code (CVE-2006-4337) (Patch by Thomas Biege of SuSe) stable/main/binary-powerpc/gzip_1.3.5-10sarge2_powerpc.deb gzip (1.3.5-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several security problems discovered by Tavis Ormandy of Google: - DoS through null pointer deference in the Huffman code (CVE-2006-4334) - Out-of-bands stack write in LZH decompression code (CVE-2006-4335) - Buffer overflow in pack code (CVE-2006-4336) - Buffer overflow in LZH code (CVE-2006-4337) - DoS through an infinite loop in LZH code (CVE-2006-4337) (Patch by Thomas Biege of SuSe) stable/main/binary-mipsel/gzip_1.3.5-10sarge2_mipsel.deb gzip (1.3.5-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several security problems discovered by Tavis Ormandy of Google: - DoS through null pointer deference in the Huffman code (CVE-2006-4334) - Out-of-bands stack write in LZH decompression code (CVE-2006-4335) - Buffer overflow in pack code (CVE-2006-4336) - Buffer overflow in LZH code (CVE-2006-4337) - DoS through an infinite loop in LZH code (CVE-2006-4337) (Patch by Thomas Biege of SuSe) stable/main/binary-mips/gzip_1.3.5-10sarge2_mips.deb gzip (1.3.5-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several security problems discovered by Tavis Ormandy of Google: - DoS through null pointer deference in the Huffman code (CVE-2006-4334) - Out-of-bands stack write in LZH decompression code (CVE-2006-4335) - Buffer overflow in pack code (CVE-2006-4336) - Buffer overflow in LZH code (CVE-2006-4337) - DoS through an infinite loop in LZH code (CVE-2006-4337) (Patch by Thomas Biege of SuSe) stable/main/binary-m68k/gzip_1.3.5-10sarge2_m68k.deb gzip (1.3.5-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several security problems discovered by Tavis Ormandy of Google: - DoS through null pointer deference in the Huffman code (CVE-2006-4334) - Out-of-bands stack write in LZH decompression code (CVE-2006-4335) - Buffer overflow in pack code (CVE-2006-4336) - Buffer overflow in LZH code (CVE-2006-4337) - DoS through an infinite loop in LZH code (CVE-2006-4337) (Patch by Thomas Biege of SuSe) stable/main/binary-ia64/gzip_1.3.5-10sarge2_ia64.deb gzip (1.3.5-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several security problems discovered by Tavis Ormandy of Google: - DoS through null pointer deference in the Huffman code (CVE-2006-4334) - Out-of-bands stack write in LZH decompression code (CVE-2006-4335) - Buffer overflow in pack code (CVE-2006-4336) - Buffer overflow in LZH code (CVE-2006-4337) - DoS through an infinite loop in LZH code (CVE-2006-4337) (Patch by Thomas Biege of SuSe) stable/main/binary-hppa/gzip_1.3.5-10sarge2_hppa.deb gzip (1.3.5-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several security problems discovered by Tavis Ormandy of Google: - DoS through null pointer deference in the Huffman code (CVE-2006-4334) - Out-of-bands stack write in LZH decompression code (CVE-2006-4335) - Buffer overflow in pack code (CVE-2006-4336) - Buffer overflow in LZH code (CVE-2006-4337) - DoS through an infinite loop in LZH code (CVE-2006-4337) (Patch by Thomas Biege of SuSe) stable/main/binary-arm/gzip_1.3.5-10sarge2_arm.deb gzip (1.3.5-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several security problems discovered by Tavis Ormandy of Google: - DoS through null pointer deference in the Huffman code (CVE-2006-4334) - Out-of-bands stack write in LZH decompression code (CVE-2006-4335) - Buffer overflow in pack code (CVE-2006-4336) - Buffer overflow in LZH code (CVE-2006-4337) - DoS through an infinite loop in LZH code (CVE-2006-4337) (Patch by Thomas Biege of SuSe) stable/main/binary-alpha/gzip_1.3.5-10sarge2_alpha.deb gzip (1.3.5-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several security problems discovered by Tavis Ormandy of Google: - DoS through null pointer deference in the Huffman code (CVE-2006-4334) - Out-of-bands stack write in LZH decompression code (CVE-2006-4335) - Buffer overflow in pack code (CVE-2006-4336) - Buffer overflow in LZH code (CVE-2006-4337) - DoS through an infinite loop in LZH code (CVE-2006-4337) (Patch by Thomas Biege of SuSe) stable/main/binary-i386/gzip_1.3.5-10sarge2_i386.deb stable/main/source/gzip_1.3.5-10sarge2.dsc stable/main/source/gzip_1.3.5-10sarge2.diff.gz gzip (1.3.5-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several security problems discovered by Tavis Ormandy of Google: - DoS through null pointer deference in the Huffman code (CVE-2006-4334) - Out-of-bands stack write in LZH decompression code (CVE-2006-4335) - Buffer overflow in pack code (CVE-2006-4336) - Buffer overflow in LZH code (CVE-2006-4337) - DoS through an infinite loop in LZH code (CVE-2006-4337) (Patch by Thomas Biege of SuSe) stable/main/binary-sparc/gtetrinet_0.7.8-1sarge2_sparc.deb gtetrinet (0.7.8-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Rebuild to bypass alpha buildd problems stable/main/binary-s390/gtetrinet_0.7.8-1sarge2_s390.deb gtetrinet (0.7.8-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Rebuild to bypass alpha buildd problems stable/main/binary-mipsel/gtetrinet_0.7.8-1sarge2_mipsel.deb gtetrinet (0.7.8-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Rebuild to bypass alpha buildd problems stable/main/binary-mips/gtetrinet_0.7.8-1sarge2_mips.deb gtetrinet (0.7.8-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Rebuild to bypass alpha buildd problems stable/main/binary-m68k/gtetrinet_0.7.8-1sarge2_m68k.deb gtetrinet (0.7.8-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Rebuild to bypass alpha buildd problems stable/main/binary-ia64/gtetrinet_0.7.8-1sarge2_ia64.deb gtetrinet (0.7.8-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Rebuild to bypass alpha buildd problems stable/main/binary-i386/gtetrinet_0.7.8-1sarge2_i386.deb gtetrinet (0.7.8-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Rebuild to bypass alpha buildd problems stable/main/binary-hppa/gtetrinet_0.7.8-1sarge2_hppa.deb gtetrinet (0.7.8-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Rebuild to bypass alpha buildd problems stable/main/binary-arm/gtetrinet_0.7.8-1sarge2_arm.deb gtetrinet (0.7.8-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Rebuild to bypass alpha buildd problems stable/main/binary-alpha/gtetrinet_0.7.8-1sarge2_alpha.deb gtetrinet (0.7.8-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Rebuild to bypass alpha buildd problems stable/main/source/gtetrinet_0.7.8-1sarge2.dsc stable/main/binary-powerpc/gtetrinet_0.7.8-1sarge2_powerpc.deb stable/main/source/gtetrinet_0.7.8-1sarge2.diff.gz gtetrinet (0.7.8-1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Rebuild to bypass alpha buildd problems stable/main/binary-sparc/libgnutls11_1.0.16-13.2sarge2_sparc.deb stable/main/binary-sparc/libgnutls11-dbg_1.0.16-13.2sarge2_sparc.deb stable/main/binary-sparc/gnutls-bin_1.0.16-13.2sarge2_sparc.deb stable/main/binary-sparc/libgnutls11-dev_1.0.16-13.2sarge2_sparc.deb gnutls11 (1.0.16-13.2sarge2) stable-security; urgency=high * Pulled from upstream 1.4.2-->1.4.4: Fix PKCS#1 verification to avoid a variant of Bleichenbacher's Crypto 06 rump session attack. See (which is not exactly the same as the problem we fix here). Reported by Yutaka OIWA . See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more information. CVE-2006-4790 stable/main/binary-s390/libgnutls11_1.0.16-13.2sarge2_s390.deb stable/main/binary-s390/libgnutls11-dbg_1.0.16-13.2sarge2_s390.deb stable/main/binary-s390/gnutls-bin_1.0.16-13.2sarge2_s390.deb stable/main/binary-s390/libgnutls11-dev_1.0.16-13.2sarge2_s390.deb gnutls11 (1.0.16-13.2sarge2) stable-security; urgency=high * Pulled from upstream 1.4.2-->1.4.4: Fix PKCS#1 verification to avoid a variant of Bleichenbacher's Crypto 06 rump session attack. See (which is not exactly the same as the problem we fix here). Reported by Yutaka OIWA . See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more information. CVE-2006-4790 stable/main/binary-powerpc/gnutls-bin_1.0.16-13.2sarge2_powerpc.deb stable/main/binary-powerpc/libgnutls11-dev_1.0.16-13.2sarge2_powerpc.deb stable/main/binary-powerpc/libgnutls11_1.0.16-13.2sarge2_powerpc.deb stable/main/binary-powerpc/libgnutls11-dbg_1.0.16-13.2sarge2_powerpc.deb gnutls11 (1.0.16-13.2sarge2) stable-security; urgency=high * Pulled from upstream 1.4.2-->1.4.4: Fix PKCS#1 verification to avoid a variant of Bleichenbacher's Crypto 06 rump session attack. See (which is not exactly the same as the problem we fix here). Reported by Yutaka OIWA . See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more information. CVE-2006-4790 stable/main/binary-mipsel/libgnutls11_1.0.16-13.2sarge2_mipsel.deb stable/main/binary-mipsel/libgnutls11-dbg_1.0.16-13.2sarge2_mipsel.deb stable/main/binary-mipsel/gnutls-bin_1.0.16-13.2sarge2_mipsel.deb stable/main/binary-mipsel/libgnutls11-dev_1.0.16-13.2sarge2_mipsel.deb gnutls11 (1.0.16-13.2sarge2) stable-security; urgency=high * Pulled from upstream 1.4.2-->1.4.4: Fix PKCS#1 verification to avoid a variant of Bleichenbacher's Crypto 06 rump session attack. See (which is not exactly the same as the problem we fix here). Reported by Yutaka OIWA . See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more information. CVE-2006-4790 stable/main/binary-mips/libgnutls11_1.0.16-13.2sarge2_mips.deb stable/main/binary-mips/libgnutls11-dev_1.0.16-13.2sarge2_mips.deb stable/main/binary-mips/gnutls-bin_1.0.16-13.2sarge2_mips.deb stable/main/binary-mips/libgnutls11-dbg_1.0.16-13.2sarge2_mips.deb gnutls11 (1.0.16-13.2sarge2) stable-security; urgency=high * Pulled from upstream 1.4.2-->1.4.4: Fix PKCS#1 verification to avoid a variant of Bleichenbacher's Crypto 06 rump session attack. See (which is not exactly the same as the problem we fix here). Reported by Yutaka OIWA . See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more information. CVE-2006-4790 stable/main/binary-m68k/libgnutls11-dev_1.0.16-13.2sarge2_m68k.deb stable/main/binary-m68k/gnutls-bin_1.0.16-13.2sarge2_m68k.deb stable/main/binary-m68k/libgnutls11_1.0.16-13.2sarge2_m68k.deb stable/main/binary-m68k/libgnutls11-dbg_1.0.16-13.2sarge2_m68k.deb gnutls11 (1.0.16-13.2sarge2) stable-security; urgency=high * Pulled from upstream 1.4.2-->1.4.4: Fix PKCS#1 verification to avoid a variant of Bleichenbacher's Crypto 06 rump session attack. See (which is not exactly the same as the problem we fix here). Reported by Yutaka OIWA . See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more information. CVE-2006-4790 stable/main/binary-ia64/libgnutls11-dbg_1.0.16-13.2sarge2_ia64.deb stable/main/binary-ia64/libgnutls11_1.0.16-13.2sarge2_ia64.deb stable/main/binary-ia64/gnutls-bin_1.0.16-13.2sarge2_ia64.deb stable/main/binary-ia64/libgnutls11-dev_1.0.16-13.2sarge2_ia64.deb gnutls11 (1.0.16-13.2sarge2) stable-security; urgency=high * Pulled from upstream 1.4.2-->1.4.4: Fix PKCS#1 verification to avoid a variant of Bleichenbacher's Crypto 06 rump session attack. See (which is not exactly the same as the problem we fix here). Reported by Yutaka OIWA . See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more information. CVE-2006-4790 stable/main/binary-hppa/libgnutls11_1.0.16-13.2sarge2_hppa.deb stable/main/binary-hppa/libgnutls11-dbg_1.0.16-13.2sarge2_hppa.deb stable/main/binary-hppa/gnutls-bin_1.0.16-13.2sarge2_hppa.deb stable/main/binary-hppa/libgnutls11-dev_1.0.16-13.2sarge2_hppa.deb gnutls11 (1.0.16-13.2sarge2) stable-security; urgency=high * Pulled from upstream 1.4.2-->1.4.4: Fix PKCS#1 verification to avoid a variant of Bleichenbacher's Crypto 06 rump session attack. See (which is not exactly the same as the problem we fix here). Reported by Yutaka OIWA . See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more information. CVE-2006-4790 stable/main/binary-arm/libgnutls11-dbg_1.0.16-13.2sarge2_arm.deb stable/main/binary-arm/libgnutls11_1.0.16-13.2sarge2_arm.deb stable/main/binary-arm/libgnutls11-dev_1.0.16-13.2sarge2_arm.deb stable/main/binary-arm/gnutls-bin_1.0.16-13.2sarge2_arm.deb gnutls11 (1.0.16-13.2sarge2) stable-security; urgency=high * Pulled from upstream 1.4.2-->1.4.4: Fix PKCS#1 verification to avoid a variant of Bleichenbacher's Crypto 06 rump session attack. See (which is not exactly the same as the problem we fix here). Reported by Yutaka OIWA . See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more information. CVE-2006-4790 stable/main/binary-alpha/libgnutls11-dbg_1.0.16-13.2sarge2_alpha.deb stable/main/binary-alpha/libgnutls11_1.0.16-13.2sarge2_alpha.deb stable/main/binary-alpha/libgnutls11-dev_1.0.16-13.2sarge2_alpha.deb stable/main/binary-alpha/gnutls-bin_1.0.16-13.2sarge2_alpha.deb gnutls11 (1.0.16-13.2sarge2) stable-security; urgency=high * Pulled from upstream 1.4.2-->1.4.4: Fix PKCS#1 verification to avoid a variant of Bleichenbacher's Crypto 06 rump session attack. See (which is not exactly the same as the problem we fix here). Reported by Yutaka OIWA . See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more information. CVE-2006-4790 stable/main/binary-i386/libgnutls11-dbg_1.0.16-13.2sarge2_i386.deb stable/main/binary-i386/gnutls-bin_1.0.16-13.2sarge2_i386.deb stable/main/binary-i386/libgnutls11_1.0.16-13.2sarge2_i386.deb stable/main/source/gnutls11_1.0.16-13.2sarge2.diff.gz stable/main/binary-i386/libgnutls11-dev_1.0.16-13.2sarge2_i386.deb stable/main/source/gnutls11_1.0.16-13.2sarge2.dsc gnutls11 (1.0.16-13.2sarge2) stable-security; urgency=high * Pulled from upstream 1.4.2-->1.4.4: Fix PKCS#1 verification to avoid a variant of Bleichenbacher's Crypto 06 rump session attack. See (which is not exactly the same as the problem we fix here). Reported by Yutaka OIWA . See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more information. CVE-2006-4790 stable/main/binary-sparc/gij-3.4_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/gcc-3.4_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/gnat-3.4_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/libstdc++6_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/libstdc++6-dev_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/libffi3-dev_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/libstdc++6-dbg_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/g77-3.4_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/cpp-3.4_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/gcc-3.4-base_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/libffi3_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/gobjc-3.4_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/fastjar_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/libstdc++6-pic_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/g++-3.4_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/lib64gcc1_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/libgcc1_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/gcj-3.4_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/gpc-2.1-3.4_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/libgcj5-awt_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/lib64stdc++6_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/libgcj5_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/treelang-3.4_3.4.3-13sarge1_sparc.deb stable/main/binary-sparc/libgcj5-dev_3.4.3-13sarge1_sparc.deb gcc-3.4 (3.4.3-13sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Richard Guenther to prevent directory traversal [fastjar/jartool.c, debian/patches/CVE-2006-3619.dpatch, http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359] stable/main/binary-s390/gij-3.4_3.4.3-13sarge1_s390.deb stable/main/binary-s390/libstdc++6-dev_3.4.3-13sarge1_s390.deb stable/main/binary-s390/gcc-3.4-base_3.4.3-13sarge1_s390.deb stable/main/binary-s390/gcc-3.4_3.4.3-13sarge1_s390.deb stable/main/binary-s390/lib64gcc1_3.4.3-13sarge1_s390.deb stable/main/binary-s390/fastjar_3.4.3-13sarge1_s390.deb stable/main/binary-s390/libffi3_3.4.3-13sarge1_s390.deb stable/main/binary-s390/libgcc1_3.4.3-13sarge1_s390.deb stable/main/binary-s390/libffi3-dev_3.4.3-13sarge1_s390.deb stable/main/binary-s390/libstdc++6-dbg_3.4.3-13sarge1_s390.deb stable/main/binary-s390/treelang-3.4_3.4.3-13sarge1_s390.deb stable/main/binary-s390/libgcj5-awt_3.4.3-13sarge1_s390.deb stable/main/binary-s390/libstdc++6_3.4.3-13sarge1_s390.deb stable/main/binary-s390/gobjc-3.4_3.4.3-13sarge1_s390.deb stable/main/binary-s390/gnat-3.4_3.4.3-13sarge1_s390.deb stable/main/binary-s390/gpc-2.1-3.4_3.4.3-13sarge1_s390.deb stable/main/binary-s390/lib64stdc++6_3.4.3-13sarge1_s390.deb stable/main/binary-s390/libgcj5_3.4.3-13sarge1_s390.deb stable/main/binary-s390/libstdc++6-pic_3.4.3-13sarge1_s390.deb stable/main/binary-s390/libgcj5-dev_3.4.3-13sarge1_s390.deb stable/main/binary-s390/cpp-3.4_3.4.3-13sarge1_s390.deb stable/main/binary-s390/g++-3.4_3.4.3-13sarge1_s390.deb stable/main/binary-s390/g77-3.4_3.4.3-13sarge1_s390.deb stable/main/binary-s390/gcj-3.4_3.4.3-13sarge1_s390.deb gcc-3.4 (3.4.3-13sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Richard Guenther to prevent directory traversal [fastjar/jartool.c, debian/patches/CVE-2006-3619.dpatch, http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359] stable/main/binary-powerpc/g++-3.4_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/gcj-3.4_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/gpc-2.1-3.4_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/cpp-3.4_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/libffi3_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/libstdc++6-pic_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/gobjc-3.4_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/libstdc++6-dev_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/g77-3.4_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/gcc-3.4_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/fastjar_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/libstdc++6-dbg_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/gcc-3.4-base_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/libffi3-dev_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/libgcj5_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/libgcj5-awt_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/gij-3.4_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/libgcj5-dev_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/libgcc1_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/libstdc++6_3.4.3-13sarge1_powerpc.deb stable/main/binary-powerpc/gnat-3.4_3.4.3-13sarge1_powerpc.deb gcc-3.4 (3.4.3-13sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Richard Guenther to prevent directory traversal [fastjar/jartool.c, debian/patches/CVE-2006-3619.dpatch, http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359] stable/main/binary-mipsel/treelang-3.4_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/gcc-3.4-base_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/cpp-3.4_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/g++-3.4_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/libstdc++6_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/libffi3_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/libstdc++6-dev_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/g77-3.4_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/libffi3-dev_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/gpc-2.1-3.4_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/gnat-3.4_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/libstdc++6-dbg_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/libstdc++6-pic_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/gobjc-3.4_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/fastjar_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/libgcc1_3.4.3-13sarge1_mipsel.deb stable/main/binary-mipsel/gcc-3.4_3.4.3-13sarge1_mipsel.deb gcc-3.4 (3.4.3-13sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Richard Guenther to prevent directory traversal [fastjar/jartool.c, debian/patches/CVE-2006-3619.dpatch, http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359] stable/main/binary-mips/libstdc++6-pic_3.4.3-13sarge1_mips.deb stable/main/binary-mips/treelang-3.4_3.4.3-13sarge1_mips.deb stable/main/binary-mips/gcc-3.4-base_3.4.3-13sarge1_mips.deb stable/main/binary-mips/gcc-3.4_3.4.3-13sarge1_mips.deb stable/main/binary-mips/libstdc++6-dbg_3.4.3-13sarge1_mips.deb stable/main/binary-mips/libffi3-dev_3.4.3-13sarge1_mips.deb stable/main/binary-mips/gobjc-3.4_3.4.3-13sarge1_mips.deb stable/main/binary-mips/gpc-2.1-3.4_3.4.3-13sarge1_mips.deb stable/main/binary-mips/libffi3_3.4.3-13sarge1_mips.deb stable/main/binary-mips/fastjar_3.4.3-13sarge1_mips.deb stable/main/binary-mips/g++-3.4_3.4.3-13sarge1_mips.deb stable/main/binary-mips/libstdc++6-dev_3.4.3-13sarge1_mips.deb stable/main/binary-mips/libstdc++6_3.4.3-13sarge1_mips.deb stable/main/binary-mips/g77-3.4_3.4.3-13sarge1_mips.deb stable/main/binary-mips/libgcc1_3.4.3-13sarge1_mips.deb stable/main/binary-mips/gnat-3.4_3.4.3-13sarge1_mips.deb stable/main/binary-mips/cpp-3.4_3.4.3-13sarge1_mips.deb gcc-3.4 (3.4.3-13sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Richard Guenther to prevent directory traversal [fastjar/jartool.c, debian/patches/CVE-2006-3619.dpatch, http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359] stable/main/binary-m68k/gcc-3.4-base_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/libffi3_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/gcj-3.4_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/libgcj5-awt_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/gobjc-3.4_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/g77-3.4_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/libgcj5-dev_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/treelang-3.4_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/libgcc2_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/libstdc++6-pic_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/libstdc++6_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/libstdc++6-dev_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/gpc-2.1-3.4_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/gcc-3.4_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/libstdc++6-dbg_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/g++-3.4_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/gij-3.4_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/fastjar_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/libffi3-dev_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/libgcj5_3.4.3-13sarge1_m68k.deb stable/main/binary-m68k/cpp-3.4_3.4.3-13sarge1_m68k.deb gcc-3.4 (3.4.3-13sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Richard Guenther to prevent directory traversal [fastjar/jartool.c, debian/patches/CVE-2006-3619.dpatch, http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359] stable/main/binary-ia64/g++-3.4_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/gcc-3.4-base_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/libgcj5-awt_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/gcc-3.4_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/gij-3.4_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/gnat-3.4_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/libstdc++6-pic_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/gcj-3.4_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/libffi3-dev_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/gpc-2.1-3.4_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/libstdc++6-dbg_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/fastjar_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/libstdc++6-dev_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/libstdc++6_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/libffi3_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/cpp-3.4_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/gobjc-3.4_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/treelang-3.4_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/libgnat-3.4_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/libgcj5_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/libgcj5-dev_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/libgcc1_3.4.3-13sarge1_ia64.deb stable/main/binary-ia64/g77-3.4_3.4.3-13sarge1_ia64.deb gcc-3.4 (3.4.3-13sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Richard Guenther to prevent directory traversal [fastjar/jartool.c, debian/patches/CVE-2006-3619.dpatch, http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359] stable/main/binary-hppa/gnat-3.4_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/libstdc++6_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/libstdc++6-pic_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/gcc-3.4-hppa64_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/libgcj5-dev_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/libgcj5-awt_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/gpc-2.1-3.4_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/libgcc2_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/libffi3-dev_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/g77-3.4_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/libstdc++6-dbg_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/libffi3_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/gcj-3.4_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/treelang-3.4_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/gcc-3.4-base_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/gobjc-3.4_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/fastjar_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/gcc-3.4_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/libstdc++6-dev_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/g++-3.4_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/libgcj5_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/cpp-3.4_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/libgnat-3.4_3.4.3-13sarge1_hppa.deb stable/main/binary-hppa/gij-3.4_3.4.3-13sarge1_hppa.deb gcc-3.4 (3.4.3-13sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Richard Guenther to prevent directory traversal [fastjar/jartool.c, debian/patches/CVE-2006-3619.dpatch, http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359] stable/main/binary-arm/gobjc-3.4_3.4.3-13sarge1_arm.deb stable/main/binary-arm/libffi3_3.4.3-13sarge1_arm.deb stable/main/binary-arm/gcj-3.4_3.4.3-13sarge1_arm.deb stable/main/binary-arm/gcc-3.4_3.4.3-13sarge1_arm.deb stable/main/binary-arm/gcc-3.4-base_3.4.3-13sarge1_arm.deb stable/main/binary-arm/libgcj5-dev_3.4.3-13sarge1_arm.deb stable/main/binary-arm/libstdc++6-0-pic_3.4.3-13sarge1_arm.deb stable/main/binary-arm/libgcc1_3.4.3-13sarge1_arm.deb stable/main/binary-arm/libgcj5_3.4.3-13sarge1_arm.deb stable/main/binary-arm/g77-3.4_3.4.3-13sarge1_arm.deb stable/main/binary-arm/fastjar_3.4.3-13sarge1_arm.deb stable/main/binary-arm/libstdc++6-0_3.4.3-13sarge1_arm.deb stable/main/binary-arm/cpp-3.4_3.4.3-13sarge1_arm.deb stable/main/binary-arm/libstdc++6-0-dev_3.4.3-13sarge1_arm.deb stable/main/binary-arm/libgcj5-awt_3.4.3-13sarge1_arm.deb stable/main/binary-arm/libffi3-dev_3.4.3-13sarge1_arm.deb stable/main/binary-arm/gpc-2.1-3.4_3.4.3-13sarge1_arm.deb stable/main/binary-arm/g++-3.4_3.4.3-13sarge1_arm.deb stable/main/binary-arm/treelang-3.4_3.4.3-13sarge1_arm.deb stable/main/binary-arm/libstdc++6-0-dbg_3.4.3-13sarge1_arm.deb stable/main/binary-arm/gij-3.4_3.4.3-13sarge1_arm.deb gcc-3.4 (3.4.3-13sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Richard Guenther to prevent directory traversal [fastjar/jartool.c, debian/patches/CVE-2006-3619.dpatch, http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359] stable/main/binary-alpha/treelang-3.4_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/libstdc++6-dev_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/libstdc++6-pic_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/gpc-2.1-3.4_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/libstdc++6_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/libstdc++6-dbg_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/libffi3-dev_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/g++-3.4_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/g77-3.4_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/gij-3.4_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/gobjc-3.4_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/gnat-3.4_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/libffi3_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/cpp-3.4_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/libgcj5-awt_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/libgcj5_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/libgcc1_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/gcj-3.4_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/fastjar_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/gcc-3.4-base_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/gcc-3.4_3.4.3-13sarge1_alpha.deb stable/main/binary-alpha/libgcj5-dev_3.4.3-13sarge1_alpha.deb gcc-3.4 (3.4.3-13sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Richard Guenther to prevent directory traversal [fastjar/jartool.c, debian/patches/CVE-2006-3619.dpatch, http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359] stable/main/binary-all/cpp-3.4-doc_3.4.3-13sarge1_all.deb stable/main/binary-i386/fastjar_3.4.3-13sarge1_i386.deb stable/main/binary-i386/g++-3.4_3.4.3-13sarge1_i386.deb stable/main/binary-i386/libgcj5_3.4.3-13sarge1_i386.deb stable/main/binary-i386/gpc-2.1-3.4_3.4.3-13sarge1_i386.deb stable/main/binary-i386/treelang-3.4_3.4.3-13sarge1_i386.deb stable/main/binary-i386/lib64gcc1_3.4.3-13sarge1_i386.deb stable/main/binary-i386/libffi3_3.4.3-13sarge1_i386.deb stable/main/binary-i386/gcj-3.4_3.4.3-13sarge1_i386.deb stable/main/binary-i386/libgcc1_3.4.3-13sarge1_i386.deb stable/main/binary-i386/libgnat-3.4_3.4.3-13sarge1_i386.deb stable/main/binary-i386/gcc-3.4_3.4.3-13sarge1_i386.deb stable/main/binary-i386/libstdc++6_3.4.3-13sarge1_i386.deb stable/main/binary-all/gpc-2.1-3.4-doc_3.4.3-13sarge1_all.deb stable/main/binary-i386/libgcj5-dev_3.4.3-13sarge1_i386.deb stable/main/binary-all/gnat-3.4-doc_3.4.3-13sarge1_all.deb stable/main/binary-i386/libffi3-dev_3.4.3-13sarge1_i386.deb stable/main/binary-i386/lib64stdc++6_3.4.3-13sarge1_i386.deb stable/main/binary-i386/cpp-3.4_3.4.3-13sarge1_i386.deb stable/main/binary-i386/libstdc++6-dbg_3.4.3-13sarge1_i386.deb stable/main/binary-i386/g77-3.4_3.4.3-13sarge1_i386.deb stable/main/binary-all/g77-3.4-doc_3.4.3-13sarge1_all.deb stable/main/source/gcc-3.4_3.4.3-13sarge1.dsc stable/main/binary-all/gcc-3.4-doc_3.4.3-13sarge1_all.deb stable/main/binary-i386/gnat-3.4_3.4.3-13sarge1_i386.deb stable/main/binary-all/libgcj5-common_3.4.3-13sarge1_all.deb stable/main/binary-i386/libstdc++6-pic_3.4.3-13sarge1_i386.deb stable/main/binary-all/libstdc++6-doc_3.4.3-13sarge1_all.deb stable/main/binary-i386/libstdc++6-dev_3.4.3-13sarge1_i386.deb stable/main/binary-i386/gobjc-3.4_3.4.3-13sarge1_i386.deb stable/main/source/gcc-3.4_3.4.3-13sarge1.diff.gz stable/main/binary-i386/gcc-3.4-base_3.4.3-13sarge1_i386.deb stable/main/binary-i386/gij-3.4_3.4.3-13sarge1_i386.deb stable/main/binary-i386/libgcj5-awt_3.4.3-13sarge1_i386.deb gcc-3.4 (3.4.3-13sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Richard Guenther to prevent directory traversal [fastjar/jartool.c, debian/patches/CVE-2006-3619.dpatch, http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28359] stable/main/binary-sparc/libfreetype6_2.1.7-6_sparc.deb stable/main/binary-sparc/libfreetype6-udeb_2.1.7-6_sparc.udeb stable/main/binary-sparc/libfreetype6-dev_2.1.7-6_sparc.deb stable/main/binary-sparc/freetype2-demos_2.1.7-6_sparc.deb freetype (2.1.7-6) stable-security; urgency=high * Add debian/patches-freetype/CVE-2006-3467_pcf-strlen.patch for CVE-2006-3467, a missing string length check in PCF files that leads to a possibly exploitable integer overflow. Thanks to Martin Pitt for the patch. Closes: #379920. stable/main/binary-s390/libfreetype6-udeb_2.1.7-6_s390.udeb stable/main/binary-s390/libfreetype6_2.1.7-6_s390.deb stable/main/binary-s390/libfreetype6-dev_2.1.7-6_s390.deb stable/main/binary-s390/freetype2-demos_2.1.7-6_s390.deb freetype (2.1.7-6) stable-security; urgency=high * Add debian/patches-freetype/CVE-2006-3467_pcf-strlen.patch for CVE-2006-3467, a missing string length check in PCF files that leads to a possibly exploitable integer overflow. Thanks to Martin Pitt for the patch. Closes: #379920. stable/main/binary-powerpc/libfreetype6-dev_2.1.7-6_powerpc.deb stable/main/binary-powerpc/libfreetype6-udeb_2.1.7-6_powerpc.udeb stable/main/binary-powerpc/libfreetype6_2.1.7-6_powerpc.deb stable/main/binary-powerpc/freetype2-demos_2.1.7-6_powerpc.deb freetype (2.1.7-6) stable-security; urgency=high * Add debian/patches-freetype/CVE-2006-3467_pcf-strlen.patch for CVE-2006-3467, a missing string length check in PCF files that leads to a possibly exploitable integer overflow. Thanks to Martin Pitt for the patch. Closes: #379920. stable/main/binary-mipsel/libfreetype6_2.1.7-6_mipsel.deb stable/main/binary-mipsel/libfreetype6-dev_2.1.7-6_mipsel.deb stable/main/binary-mipsel/libfreetype6-udeb_2.1.7-6_mipsel.udeb stable/main/binary-mipsel/freetype2-demos_2.1.7-6_mipsel.deb freetype (2.1.7-6) stable-security; urgency=high * Add debian/patches-freetype/CVE-2006-3467_pcf-strlen.patch for CVE-2006-3467, a missing string length check in PCF files that leads to a possibly exploitable integer overflow. Thanks to Martin Pitt for the patch. Closes: #379920. stable/main/binary-mips/freetype2-demos_2.1.7-6_mips.deb stable/main/binary-mips/libfreetype6-dev_2.1.7-6_mips.deb stable/main/binary-mips/libfreetype6-udeb_2.1.7-6_mips.udeb stable/main/binary-mips/libfreetype6_2.1.7-6_mips.deb freetype (2.1.7-6) stable-security; urgency=high * Add debian/patches-freetype/CVE-2006-3467_pcf-strlen.patch for CVE-2006-3467, a missing string length check in PCF files that leads to a possibly exploitable integer overflow. Thanks to Martin Pitt for the patch. Closes: #379920. stable/main/binary-m68k/libfreetype6-dev_2.1.7-6_m68k.deb stable/main/binary-m68k/freetype2-demos_2.1.7-6_m68k.deb stable/main/binary-m68k/libfreetype6-udeb_2.1.7-6_m68k.udeb stable/main/binary-m68k/libfreetype6_2.1.7-6_m68k.deb freetype (2.1.7-6) stable-security; urgency=high * Add debian/patches-freetype/CVE-2006-3467_pcf-strlen.patch for CVE-2006-3467, a missing string length check in PCF files that leads to a possibly exploitable integer overflow. Thanks to Martin Pitt for the patch. Closes: #379920. stable/main/binary-ia64/freetype2-demos_2.1.7-6_ia64.deb stable/main/binary-ia64/libfreetype6-dev_2.1.7-6_ia64.deb stable/main/binary-ia64/libfreetype6-udeb_2.1.7-6_ia64.udeb stable/main/binary-ia64/libfreetype6_2.1.7-6_ia64.deb freetype (2.1.7-6) stable-security; urgency=high * Add debian/patches-freetype/CVE-2006-3467_pcf-strlen.patch for CVE-2006-3467, a missing string length check in PCF files that leads to a possibly exploitable integer overflow. Thanks to Martin Pitt for the patch. Closes: #379920. stable/main/binary-hppa/freetype2-demos_2.1.7-6_hppa.deb stable/main/binary-hppa/libfreetype6-udeb_2.1.7-6_hppa.udeb stable/main/binary-hppa/libfreetype6_2.1.7-6_hppa.deb stable/main/binary-hppa/libfreetype6-dev_2.1.7-6_hppa.deb freetype (2.1.7-6) stable-security; urgency=high * Add debian/patches-freetype/CVE-2006-3467_pcf-strlen.patch for CVE-2006-3467, a missing string length check in PCF files that leads to a possibly exploitable integer overflow. Thanks to Martin Pitt for the patch. Closes: #379920. stable/main/binary-arm/freetype2-demos_2.1.7-6_arm.deb stable/main/binary-arm/libfreetype6-udeb_2.1.7-6_arm.udeb stable/main/binary-arm/libfreetype6_2.1.7-6_arm.deb stable/main/binary-arm/libfreetype6-dev_2.1.7-6_arm.deb freetype (2.1.7-6) stable-security; urgency=high * Add debian/patches-freetype/CVE-2006-3467_pcf-strlen.patch for CVE-2006-3467, a missing string length check in PCF files that leads to a possibly exploitable integer overflow. Thanks to Martin Pitt for the patch. Closes: #379920. stable/main/binary-alpha/freetype2-demos_2.1.7-6_alpha.deb stable/main/binary-alpha/libfreetype6-dev_2.1.7-6_alpha.deb stable/main/binary-alpha/libfreetype6-udeb_2.1.7-6_alpha.udeb stable/main/binary-alpha/libfreetype6_2.1.7-6_alpha.deb freetype (2.1.7-6) stable-security; urgency=high * Add debian/patches-freetype/CVE-2006-3467_pcf-strlen.patch for CVE-2006-3467, a missing string length check in PCF files that leads to a possibly exploitable integer overflow. Thanks to Martin Pitt for the patch. Closes: #379920. stable/main/binary-i386/libfreetype6_2.1.7-6_i386.deb stable/main/source/freetype_2.1.7-6.diff.gz stable/main/source/freetype_2.1.7-6.dsc stable/main/binary-i386/libfreetype6-dev_2.1.7-6_i386.deb stable/main/binary-i386/libfreetype6-udeb_2.1.7-6_i386.udeb stable/main/binary-i386/freetype2-demos_2.1.7-6_i386.deb freetype (2.1.7-6) stable-security; urgency=high * Add debian/patches-freetype/CVE-2006-3467_pcf-strlen.patch for CVE-2006-3467, a missing string length check in PCF files that leads to a possibly exploitable integer overflow. Thanks to Martin Pitt for the patch. Closes: #379920. stable/main/source/fai-kernels_1.9.1sarge4.dsc stable/main/binary-i386/fai-kernels_1.9.1sarge4_i386.deb stable/main/source/fai-kernels_1.9.1sarge4.tar.gz fai-kernels (1.9.1sarge4) stable-security; urgency=high * NMU by the Security Team * Build against kernel-tree-2.6.8-16sarge5: * [ERRATA] madvise_remove-restrict.dpatch [SECURITY] The 2.6.8-16sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.6.8 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * fs-ext3-bad-nfs-handle.dpatch [SECURITY] James McKenzie discovered a Denial of Service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. See CVE-2006-3468 * direct-io-write-mem-leak.dpatch [SECURITY] Fix memory leak in O_DIRECT write. See CVE-2004-2660 * nfs-handle-long-symlinks.dpatch [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * cdrom-bad-cgc.buflen-assign.dpatch [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * usb-serial-ftdi_sio-dos.patch [SECURITY] fix userspace DoS in ftdi_sio driver See CVE-2006-2936 * selinux-tracer-SID-fix.dpatch [SECURITY] Fix vulnerability in selinux_ptrace that prevents local users from changing the tracer SID to the SID of another process See CVE-2006-1052 * netfilter-SO_ORIGINAL_DST-leak.dpatch [SECURITY] Fix information leak in SO_ORIGINAL_DST See CVE-2006-1343 * sg-no-mmap-VM_IO.dpatch [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * exit-bogus-bugon.dpatch [SECURITY] Remove bogus BUG() in exit.c which could be maliciously triggered by a local user See CVE-2006-1855 * readv-writev-missing-lsm-check.dpatch, readv-writev-missing-lsm-check-compat.dpatch [SECURITY] Add missing file_permission callback in readv/writev syscalls See CVE-2006-1856 * snmp-nat-mem-corruption-fix.dpatch [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * kfree_skb-race.dpatch [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * hppa-mb-extraneous-semicolon.dpatch, sparc32-mb-extraneous-semicolons.dpatch, sparc64-mb-extraneous-semicolons.dpatch: Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with kfree_skb-race.dpatch * sctp-priv-elevation.dpatch [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * sctp-priv-elevation-2.dpatch [SECURITY] Fix local DoS resulting from sctp-priv-elevation.dpatch See CVE-2006-4535 * ppc-hid0-dos.dpatch [SECURITY][ppc] Fix local DoS by clearing HID0 attention enable on PPC970 at boot time See CVE-2006-4093 * udf-deadlock.dpatch [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * Build against kernel-tree-2.4.27-10sarge4 * [ERRATA] 213_madvise_remove-restrict.diff [SECURITY] The 2.4.27-10sarge3 changelog associated this patch with CVE-2006-1524. However, this patch fixes an mprotect issue that was split off from the original report into CVE-2006-2071. 2.4.27 is not vulnerable to CVE-2006-1524 the madvise_remove issue. See CVE-2006-2071 * 223_nfs-handle-long-symlinks.diff [SECURITY] Fix buffer overflow in NFS readline handling that allows a remote server to cause a denial of service (crash) via a long symlink See CVE-2005-4798 * 224_cdrom-bad-cgc.buflen-assign.diff [SECURITY] Fix buffer overflow in dvd_read_bca which could potentially be used by a local user to trigger a buffer overflow via a specially crafted DVD, USB stick, or similar automatically mounted device. See CVE-2006-2935 * 225_sg-no-mmap-VM_IO.diff [SECURITY] Fix DoS vulnerability whereby a local user could attempt a dio/mmap and cause the sg driver to oops. See CVE-2006-1528 * 226_snmp-nat-mem-corruption-fix.diff [SECURITY] Fix memory corruption in snmp_trap_decode See CVE-2006-2444 * 227_kfree_skb.diff [SECURITY] Fix race between kfree_skb and __skb_unlink See CVE-2006-2446 * 228_sparc-mb-extraneous-semicolons.diff Fix a syntax error caused by extranous semicolons in smp_mb() macros which resulted in a build failure with 227_kfree_skb.diff * 229_sctp-priv-elevation.diff, 230_sctp-priv-elevation-2.diff [SECURITY] Fix SCTP privelege escalation See CVE-2006-3745 * 231_udf-deadlock.diff [SECURITY] Fix possible UDF deadlock and memory corruption See CVE-2006-4145 * 232_sparc-membar-extraneous-semicolons.diff Fix an additional syntax error caused by extraneous semicolons in membar macros on sparc stable/main/binary-sparc/ethereal-common_0.10.10-2sarge8_sparc.deb stable/main/binary-sparc/tethereal_0.10.10-2sarge8_sparc.deb stable/main/binary-sparc/ethereal_0.10.10-2sarge8_sparc.deb stable/main/binary-sparc/ethereal-dev_0.10.10-2sarge8_sparc.deb ethereal (0.10.10-2sarge8) stable-security; urgency=high * Non-maintainer upload by the Security Team * Memory exhaustion denial of service in Q.2391 dissector (CVE-2006-4333) stable/main/binary-s390/ethereal-common_0.10.10-2sarge8_s390.deb stable/main/binary-s390/ethereal-dev_0.10.10-2sarge8_s390.deb stable/main/binary-s390/ethereal_0.10.10-2sarge8_s390.deb stable/main/binary-s390/tethereal_0.10.10-2sarge8_s390.deb ethereal (0.10.10-2sarge8) stable-security; urgency=high * Non-maintainer upload by the Security Team * Memory exhaustion denial of service in Q.2391 dissector (CVE-2006-4333) stable/main/binary-powerpc/ethereal_0.10.10-2sarge8_powerpc.deb stable/main/binary-powerpc/ethereal-common_0.10.10-2sarge8_powerpc.deb stable/main/binary-powerpc/ethereal-dev_0.10.10-2sarge8_powerpc.deb stable/main/binary-powerpc/tethereal_0.10.10-2sarge8_powerpc.deb ethereal (0.10.10-2sarge8) stable-security; urgency=high * Non-maintainer upload by the Security Team * Memory exhaustion denial of service in Q.2391 dissector (CVE-2006-4333) stable/main/binary-mipsel/tethereal_0.10.10-2sarge8_mipsel.deb stable/main/binary-mipsel/ethereal-dev_0.10.10-2sarge8_mipsel.deb stable/main/binary-mipsel/ethereal_0.10.10-2sarge8_mipsel.deb stable/main/binary-mipsel/ethereal-common_0.10.10-2sarge8_mipsel.deb ethereal (0.10.10-2sarge8) stable-security; urgency=high * Non-maintainer upload by the Security Team * Memory exhaustion denial of service in Q.2391 dissector (CVE-2006-4333) stable/main/binary-mips/ethereal-dev_0.10.10-2sarge8_mips.deb stable/main/binary-mips/tethereal_0.10.10-2sarge8_mips.deb stable/main/binary-mips/ethereal-common_0.10.10-2sarge8_mips.deb stable/main/binary-mips/ethereal_0.10.10-2sarge8_mips.deb ethereal (0.10.10-2sarge8) stable-security; urgency=high * Non-maintainer upload by the Security Team * Memory exhaustion denial of service in Q.2391 dissector (CVE-2006-4333) stable/main/binary-m68k/tethereal_0.10.10-2sarge8_m68k.deb stable/main/binary-m68k/ethereal-dev_0.10.10-2sarge8_m68k.deb stable/main/binary-m68k/ethereal_0.10.10-2sarge8_m68k.deb stable/main/binary-m68k/ethereal-common_0.10.10-2sarge8_m68k.deb ethereal (0.10.10-2sarge8) stable-security; urgency=high * Non-maintainer upload by the Security Team * Memory exhaustion denial of service in Q.2391 dissector (CVE-2006-4333) stable/main/binary-ia64/ethereal-common_0.10.10-2sarge8_ia64.deb stable/main/binary-ia64/ethereal_0.10.10-2sarge8_ia64.deb stable/main/binary-ia64/tethereal_0.10.10-2sarge8_ia64.deb stable/main/binary-ia64/ethereal-dev_0.10.10-2sarge8_ia64.deb ethereal (0.10.10-2sarge8) stable-security; urgency=high * Non-maintainer upload by the Security Team * Memory exhaustion denial of service in Q.2391 dissector (CVE-2006-4333) stable/main/binary-hppa/ethereal-common_0.10.10-2sarge8_hppa.deb stable/main/binary-hppa/ethereal-dev_0.10.10-2sarge8_hppa.deb stable/main/binary-hppa/ethereal_0.10.10-2sarge8_hppa.deb stable/main/binary-hppa/tethereal_0.10.10-2sarge8_hppa.deb ethereal (0.10.10-2sarge8) stable-security; urgency=high * Non-maintainer upload by the Security Team * Memory exhaustion denial of service in Q.2391 dissector (CVE-2006-4333) stable/main/binary-arm/tethereal_0.10.10-2sarge8_arm.deb stable/main/binary-arm/ethereal-dev_0.10.10-2sarge8_arm.deb stable/main/binary-arm/ethereal_0.10.10-2sarge8_arm.deb stable/main/binary-arm/ethereal-common_0.10.10-2sarge8_arm.deb ethereal (0.10.10-2sarge8) stable-security; urgency=high * Non-maintainer upload by the Security Team * Memory exhaustion denial of service in Q.2391 dissector (CVE-2006-4333) stable/main/binary-alpha/ethereal-common_0.10.10-2sarge8_alpha.deb stable/main/binary-alpha/ethereal-dev_0.10.10-2sarge8_alpha.deb stable/main/binary-alpha/tethereal_0.10.10-2sarge8_alpha.deb stable/main/binary-alpha/ethereal_0.10.10-2sarge8_alpha.deb ethereal (0.10.10-2sarge8) stable-security; urgency=high * Non-maintainer upload by the Security Team * Memory exhaustion denial of service in Q.2391 dissector (CVE-2006-4333) stable/main/binary-i386/ethereal_0.10.10-2sarge8_i386.deb stable/main/source/ethereal_0.10.10-2sarge8.diff.gz stable/main/binary-i386/ethereal-common_0.10.10-2sarge8_i386.deb stable/main/source/ethereal_0.10.10-2sarge8.dsc stable/main/binary-i386/tethereal_0.10.10-2sarge8_i386.deb stable/main/binary-i386/ethereal-dev_0.10.10-2sarge8_i386.deb ethereal (0.10.10-2sarge8) stable-security; urgency=high * Non-maintainer upload by the Security Team * Memory exhaustion denial of service in Q.2391 dissector (CVE-2006-4333) stable/main/binary-sparc/debian-installer-manual_20050317sarge1+b1_sparc.deb debian-installer (20050317sarge1+b1) stable; urgency=low * Binary-only non-maintainer upload for sparc; no source changes. * Rebuild with fixed udebs. stable/main/binary-sparc/deal_3.0.8-2sarge1_sparc.deb deal (3.0.8-2sarge1) stable; urgency=low * Fix segfault on amd64, (int)random() sometimes returned negative numbers (Closes: #383625). stable/main/binary-s390/deal_3.0.8-2sarge1_s390.deb deal (3.0.8-2sarge1) stable; urgency=low * Fix segfault on amd64, (int)random() sometimes returned negative numbers (Closes: #383625). stable/main/binary-powerpc/deal_3.0.8-2sarge1_powerpc.deb deal (3.0.8-2sarge1) stable; urgency=low * Fix segfault on amd64, (int)random() sometimes returned negative numbers (Closes: #383625). stable/main/binary-mipsel/deal_3.0.8-2sarge1_mipsel.deb deal (3.0.8-2sarge1) stable; urgency=low * Fix segfault on amd64, (int)random() sometimes returned negative numbers (Closes: #383625). stable/main/binary-mips/deal_3.0.8-2sarge1_mips.deb deal (3.0.8-2sarge1) stable; urgency=low * Fix segfault on amd64, (int)random() sometimes returned negative numbers (Closes: #383625). stable/main/binary-m68k/deal_3.0.8-2sarge1_m68k.deb deal (3.0.8-2sarge1) stable; urgency=low * Fix segfault on amd64, (int)random() sometimes returned negative numbers (Closes: #383625). stable/main/binary-ia64/deal_3.0.8-2sarge1_ia64.deb deal (3.0.8-2sarge1) stable; urgency=low * Fix segfault on amd64, (int)random() sometimes returned negative numbers (Closes: #383625). stable/main/binary-hppa/deal_3.0.8-2sarge1_hppa.deb deal (3.0.8-2sarge1) stable; urgency=low * Fix segfault on amd64, (int)random() sometimes returned negative numbers (Closes: #383625). stable/main/binary-arm/deal_3.0.8-2sarge1_arm.deb deal (3.0.8-2sarge1) stable; urgency=low * Fix segfault on amd64, (int)random() sometimes returned negative numbers (Closes: #383625). stable/main/binary-alpha/deal_3.0.8-2sarge1_alpha.deb deal (3.0.8-2sarge1) stable; urgency=low * Fix segfault on amd64, (int)random() sometimes returned negative numbers (Closes: #383625). stable/main/source/deal_3.0.8-2sarge1.diff.gz stable/main/source/deal_3.0.8-2sarge1.dsc stable/main/binary-i386/deal_3.0.8-2sarge1_i386.deb deal (3.0.8-2sarge1) stable; urgency=low * Fix segfault on amd64, (int)random() sometimes returned negative numbers (Closes: #383625). stable/main/binary-sparc/cscope_15.5-1.1sarge2_sparc.deb cscope (15.5-1.1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several buffer overflows. (CVE-2006-4262) stable/main/binary-s390/cscope_15.5-1.1sarge2_s390.deb cscope (15.5-1.1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several buffer overflows. (CVE-2006-4262) stable/main/binary-powerpc/cscope_15.5-1.1sarge2_powerpc.deb cscope (15.5-1.1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several buffer overflows. (CVE-2006-4262) stable/main/binary-mipsel/cscope_15.5-1.1sarge2_mipsel.deb cscope (15.5-1.1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several buffer overflows. (CVE-2006-4262) stable/main/binary-mips/cscope_15.5-1.1sarge2_mips.deb cscope (15.5-1.1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several buffer overflows. (CVE-2006-4262) stable/main/binary-m68k/cscope_15.5-1.1sarge2_m68k.deb cscope (15.5-1.1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several buffer overflows. (CVE-2006-4262) stable/main/binary-ia64/cscope_15.5-1.1sarge2_ia64.deb cscope (15.5-1.1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several buffer overflows. (CVE-2006-4262) stable/main/binary-hppa/cscope_15.5-1.1sarge2_hppa.deb cscope (15.5-1.1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several buffer overflows. (CVE-2006-4262) stable/main/binary-arm/cscope_15.5-1.1sarge2_arm.deb cscope (15.5-1.1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several buffer overflows. (CVE-2006-4262) stable/main/binary-alpha/cscope_15.5-1.1sarge2_alpha.deb cscope (15.5-1.1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several buffer overflows. (CVE-2006-4262) stable/main/binary-i386/cscope_15.5-1.1sarge2_i386.deb stable/main/source/cscope_15.5-1.1sarge2.dsc stable/main/source/cscope_15.5-1.1sarge2.diff.gz cscope (15.5-1.1sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix several buffer overflows. (CVE-2006-4262) stable/main/binary-sparc/cheesetracker_0.9.9-1sarge1_sparc.deb cheesetracker (0.9.9-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid buffer overflow when loading input files. [CVE-2006-3814] stable/main/binary-s390/cheesetracker_0.9.9-1sarge1_s390.deb cheesetracker (0.9.9-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid buffer overflow when loading input files. [CVE-2006-3814] stable/main/binary-powerpc/cheesetracker_0.9.9-1sarge1_powerpc.deb cheesetracker (0.9.9-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid buffer overflow when loading input files. [CVE-2006-3814] stable/main/binary-mipsel/cheesetracker_0.9.9-1sarge1_mipsel.deb cheesetracker (0.9.9-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid buffer overflow when loading input files. [CVE-2006-3814] stable/main/binary-mips/cheesetracker_0.9.9-1sarge1_mips.deb cheesetracker (0.9.9-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid buffer overflow when loading input files. [CVE-2006-3814] stable/main/binary-m68k/cheesetracker_0.9.9-1sarge1_m68k.deb cheesetracker (0.9.9-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid buffer overflow when loading input files. [CVE-2006-3814] stable/main/binary-ia64/cheesetracker_0.9.9-1sarge1_ia64.deb cheesetracker (0.9.9-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid buffer overflow when loading input files. [CVE-2006-3814] stable/main/binary-hppa/cheesetracker_0.9.9-1sarge1_hppa.deb cheesetracker (0.9.9-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid buffer overflow when loading input files. [CVE-2006-3814] stable/main/binary-arm/cheesetracker_0.9.9-1sarge1_arm.deb cheesetracker (0.9.9-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid buffer overflow when loading input files. [CVE-2006-3814] stable/main/binary-alpha/cheesetracker_0.9.9-1sarge1_alpha.deb cheesetracker (0.9.9-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid buffer overflow when loading input files. [CVE-2006-3814] stable/main/binary-i386/cheesetracker_0.9.9-1sarge1_i386.deb stable/main/source/cheesetracker_0.9.9-1sarge1.diff.gz stable/main/source/cheesetracker_0.9.9-1sarge1.dsc cheesetracker (0.9.9-1sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid buffer overflow when loading input files. [CVE-2006-3814] stable/main/binary-sparc/capi4hylafax_01.02.03-10sarge2_sparc.deb capi4hylafax (1:01.02.03-10sarge2) stable-security; urgency=high * Update of the security update: Add the fix to the mgetty mode. Remote arbitrary command execution through TSI string. [CVE-2006-3126] stable/main/binary-m68k/capi4hylafax_01.02.03-10sarge2_m68k.deb capi4hylafax (1:01.02.03-10sarge2) stable-security; urgency=high * Update of the security update: Add the fix to the mgetty mode. Remote arbitrary command execution through TSI string. [CVE-2006-3126] stable/main/binary-ia64/capi4hylafax_01.02.03-10sarge2_ia64.deb capi4hylafax (1:01.02.03-10sarge2) stable-security; urgency=high * Update of the security update: Add the fix to the mgetty mode. Remote arbitrary command execution through TSI string. [CVE-2006-3126] stable/main/binary-i386/capi4hylafax_01.02.03-10sarge2_i386.deb capi4hylafax (1:01.02.03-10sarge2) stable-security; urgency=high * Update of the security update: Add the fix to the mgetty mode. Remote arbitrary command execution through TSI string. [CVE-2006-3126] stable/main/binary-arm/capi4hylafax_01.02.03-10sarge2_arm.deb capi4hylafax (1:01.02.03-10sarge2) stable-security; urgency=high * Update of the security update: Add the fix to the mgetty mode. Remote arbitrary command execution through TSI string. [CVE-2006-3126] stable/main/binary-alpha/capi4hylafax_01.02.03-10sarge2_alpha.deb capi4hylafax (1:01.02.03-10sarge2) stable-security; urgency=high * Update of the security update: Add the fix to the mgetty mode. Remote arbitrary command execution through TSI string. [CVE-2006-3126] stable/main/source/capi4hylafax_01.02.03-10sarge2.diff.gz stable/main/source/capi4hylafax_01.02.03-10sarge2.dsc stable/main/binary-powerpc/capi4hylafax_01.02.03-10sarge2_powerpc.deb capi4hylafax (1:01.02.03-10sarge2) stable-security; urgency=high * Update of the security update: Add the fix to the mgetty mode. Remote arbitrary command execution through TSI string. [CVE-2006-3126] stable/main/binary-sparc/bomberclone_0.11.5-1sarge2_sparc.deb bomberclone (0.11.5-1sarge2) stable-security; urgency=high * New maintainer. See bug #316569. * Applied patch by Steffen Pohle to fix remote vulnerabilities [ChangeLog, include/network.h, include/packets.h, src/configuration.c, src/network.c, src/packets.c, src/pkgcache.c, CVE-2006-4005, CVE-2006-4006]. See bug #382082. stable/main/binary-s390/bomberclone_0.11.5-1sarge2_s390.deb bomberclone (0.11.5-1sarge2) stable-security; urgency=high * New maintainer. See bug #316569. * Applied patch by Steffen Pohle to fix remote vulnerabilities [ChangeLog, include/network.h, include/packets.h, src/configuration.c, src/network.c, src/packets.c, src/pkgcache.c, CVE-2006-4005, CVE-2006-4006]. See bug #382082. stable/main/binary-mipsel/bomberclone_0.11.5-1sarge2_mipsel.deb bomberclone (0.11.5-1sarge2) stable-security; urgency=high * New maintainer. See bug #316569. * Applied patch by Steffen Pohle to fix remote vulnerabilities [ChangeLog, include/network.h, include/packets.h, src/configuration.c, src/network.c, src/packets.c, src/pkgcache.c, CVE-2006-4005, CVE-2006-4006]. See bug #382082. stable/main/binary-mips/bomberclone_0.11.5-1sarge2_mips.deb bomberclone (0.11.5-1sarge2) stable-security; urgency=high * New maintainer. See bug #316569. * Applied patch by Steffen Pohle to fix remote vulnerabilities [ChangeLog, include/network.h, include/packets.h, src/configuration.c, src/network.c, src/packets.c, src/pkgcache.c, CVE-2006-4005, CVE-2006-4006]. See bug #382082. stable/main/binary-m68k/bomberclone_0.11.5-1sarge2_m68k.deb bomberclone (0.11.5-1sarge2) stable-security; urgency=high * New maintainer. See bug #316569. * Applied patch by Steffen Pohle to fix remote vulnerabilities [ChangeLog, include/network.h, include/packets.h, src/configuration.c, src/network.c, src/packets.c, src/pkgcache.c, CVE-2006-4005, CVE-2006-4006]. See bug #382082. stable/main/binary-ia64/bomberclone_0.11.5-1sarge2_ia64.deb bomberclone (0.11.5-1sarge2) stable-security; urgency=high * New maintainer. See bug #316569. * Applied patch by Steffen Pohle to fix remote vulnerabilities [ChangeLog, include/network.h, include/packets.h, src/configuration.c, src/network.c, src/packets.c, src/pkgcache.c, CVE-2006-4005, CVE-2006-4006]. See bug #382082. stable/main/binary-i386/bomberclone_0.11.5-1sarge2_i386.deb bomberclone (0.11.5-1sarge2) stable-security; urgency=high * New maintainer. See bug #316569. * Applied patch by Steffen Pohle to fix remote vulnerabilities [ChangeLog, include/network.h, include/packets.h, src/configuration.c, src/network.c, src/packets.c, src/pkgcache.c, CVE-2006-4005, CVE-2006-4006]. See bug #382082. stable/main/binary-hppa/bomberclone_0.11.5-1sarge2_hppa.deb bomberclone (0.11.5-1sarge2) stable-security; urgency=high * New maintainer. See bug #316569. * Applied patch by Steffen Pohle to fix remote vulnerabilities [ChangeLog, include/network.h, include/packets.h, src/configuration.c, src/network.c, src/packets.c, src/pkgcache.c, CVE-2006-4005, CVE-2006-4006]. See bug #382082. stable/main/binary-arm/bomberclone_0.11.5-1sarge2_arm.deb bomberclone (0.11.5-1sarge2) stable-security; urgency=high * New maintainer. See bug #316569. * Applied patch by Steffen Pohle to fix remote vulnerabilities [ChangeLog, include/network.h, include/packets.h, src/configuration.c, src/network.c, src/packets.c, src/pkgcache.c, CVE-2006-4005, CVE-2006-4006]. See bug #382082. stable/main/binary-alpha/bomberclone_0.11.5-1sarge2_alpha.deb bomberclone (0.11.5-1sarge2) stable-security; urgency=high * New maintainer. See bug #316569. * Applied patch by Steffen Pohle to fix remote vulnerabilities [ChangeLog, include/network.h, include/packets.h, src/configuration.c, src/network.c, src/packets.c, src/pkgcache.c, CVE-2006-4005, CVE-2006-4006]. See bug #382082. stable/main/source/bomberclone_0.11.5-1sarge2.diff.gz stable/main/binary-all/bomberclone-data_0.11.5-1sarge2_all.deb stable/main/source/bomberclone_0.11.5-1sarge2.dsc stable/main/binary-powerpc/bomberclone_0.11.5-1sarge2_powerpc.deb bomberclone (0.11.5-1sarge2) stable-security; urgency=high * New maintainer. See bug #316569. * Applied patch by Steffen Pohle to fix remote vulnerabilities [ChangeLog, include/network.h, include/packets.h, src/configuration.c, src/network.c, src/packets.c, src/pkgcache.c, CVE-2006-4005, CVE-2006-4006]. See bug #382082. stable/main/binary-sparc/libisc7_9.2.4-1sarge1_sparc.deb stable/main/binary-sparc/libisccc0_9.2.4-1sarge1_sparc.deb stable/main/binary-sparc/libisccfg0_9.2.4-1sarge1_sparc.deb stable/main/binary-sparc/bind9_9.2.4-1sarge1_sparc.deb stable/main/binary-sparc/dnsutils_9.2.4-1sarge1_sparc.deb stable/main/binary-sparc/libbind-dev_9.2.4-1sarge1_sparc.deb stable/main/binary-sparc/libdns16_9.2.4-1sarge1_sparc.deb stable/main/binary-sparc/lwresd_9.2.4-1sarge1_sparc.deb stable/main/binary-sparc/liblwres1_9.2.4-1sarge1_sparc.deb stable/main/binary-sparc/bind9-host_9.2.4-1sarge1_sparc.deb bind9 (1:9.2.4-1sarge1) stable; urgency=low * Backport bugfix for 1941 from 9.2.6-P1. Closes: #386237, #386245 - fixes CVE-2006-4095 and CVE-2006-4096. - ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642] stable/main/binary-s390/libisc7_9.2.4-1sarge1_s390.deb stable/main/binary-s390/libbind-dev_9.2.4-1sarge1_s390.deb stable/main/binary-s390/liblwres1_9.2.4-1sarge1_s390.deb stable/main/binary-s390/libdns16_9.2.4-1sarge1_s390.deb stable/main/binary-s390/dnsutils_9.2.4-1sarge1_s390.deb stable/main/binary-s390/bind9-host_9.2.4-1sarge1_s390.deb stable/main/binary-s390/lwresd_9.2.4-1sarge1_s390.deb stable/main/binary-s390/bind9_9.2.4-1sarge1_s390.deb stable/main/binary-s390/libisccc0_9.2.4-1sarge1_s390.deb stable/main/binary-s390/libisccfg0_9.2.4-1sarge1_s390.deb bind9 (1:9.2.4-1sarge1) stable; urgency=low * Backport bugfix for 1941 from 9.2.6-P1. Closes: #386237, #386245 - fixes CVE-2006-4095 and CVE-2006-4096. - ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642] stable/main/binary-mipsel/libbind-dev_9.2.4-1sarge1_mipsel.deb stable/main/binary-mipsel/libisccfg0_9.2.4-1sarge1_mipsel.deb stable/main/binary-mipsel/libisccc0_9.2.4-1sarge1_mipsel.deb stable/main/binary-mipsel/libisc7_9.2.4-1sarge1_mipsel.deb stable/main/binary-mipsel/libdns16_9.2.4-1sarge1_mipsel.deb stable/main/binary-mipsel/dnsutils_9.2.4-1sarge1_mipsel.deb stable/main/binary-mipsel/bind9_9.2.4-1sarge1_mipsel.deb stable/main/binary-mipsel/liblwres1_9.2.4-1sarge1_mipsel.deb stable/main/binary-mipsel/lwresd_9.2.4-1sarge1_mipsel.deb stable/main/binary-mipsel/bind9-host_9.2.4-1sarge1_mipsel.deb bind9 (1:9.2.4-1sarge1) stable; urgency=low * Backport bugfix for 1941 from 9.2.6-P1. Closes: #386237, #386245 - fixes CVE-2006-4095 and CVE-2006-4096. - ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642] stable/main/binary-mips/dnsutils_9.2.4-1sarge1_mips.deb stable/main/binary-mips/libbind-dev_9.2.4-1sarge1_mips.deb stable/main/binary-mips/libdns16_9.2.4-1sarge1_mips.deb stable/main/binary-mips/libisc7_9.2.4-1sarge1_mips.deb stable/main/binary-mips/lwresd_9.2.4-1sarge1_mips.deb stable/main/binary-mips/libisccc0_9.2.4-1sarge1_mips.deb stable/main/binary-mips/libisccfg0_9.2.4-1sarge1_mips.deb stable/main/binary-mips/bind9-host_9.2.4-1sarge1_mips.deb stable/main/binary-mips/bind9_9.2.4-1sarge1_mips.deb stable/main/binary-mips/liblwres1_9.2.4-1sarge1_mips.deb bind9 (1:9.2.4-1sarge1) stable; urgency=low * Backport bugfix for 1941 from 9.2.6-P1. Closes: #386237, #386245 - fixes CVE-2006-4095 and CVE-2006-4096. - ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642] stable/main/binary-m68k/dnsutils_9.2.4-1sarge1_m68k.deb stable/main/binary-m68k/libisc7_9.2.4-1sarge1_m68k.deb stable/main/binary-m68k/libdns16_9.2.4-1sarge1_m68k.deb stable/main/binary-m68k/libbind-dev_9.2.4-1sarge1_m68k.deb stable/main/binary-m68k/libisccfg0_9.2.4-1sarge1_m68k.deb stable/main/binary-m68k/libisccc0_9.2.4-1sarge1_m68k.deb stable/main/binary-m68k/lwresd_9.2.4-1sarge1_m68k.deb stable/main/binary-m68k/liblwres1_9.2.4-1sarge1_m68k.deb stable/main/binary-m68k/bind9_9.2.4-1sarge1_m68k.deb stable/main/binary-m68k/bind9-host_9.2.4-1sarge1_m68k.deb bind9 (1:9.2.4-1sarge1) stable; urgency=low * Backport bugfix for 1941 from 9.2.6-P1. Closes: #386237, #386245 - fixes CVE-2006-4095 and CVE-2006-4096. - ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642] stable/main/binary-ia64/dnsutils_9.2.4-1sarge1_ia64.deb stable/main/binary-ia64/bind9-host_9.2.4-1sarge1_ia64.deb stable/main/binary-ia64/libisc7_9.2.4-1sarge1_ia64.deb stable/main/binary-ia64/libdns16_9.2.4-1sarge1_ia64.deb stable/main/binary-ia64/libbind-dev_9.2.4-1sarge1_ia64.deb stable/main/binary-ia64/bind9_9.2.4-1sarge1_ia64.deb stable/main/binary-ia64/liblwres1_9.2.4-1sarge1_ia64.deb stable/main/binary-ia64/lwresd_9.2.4-1sarge1_ia64.deb stable/main/binary-ia64/libisccfg0_9.2.4-1sarge1_ia64.deb stable/main/binary-ia64/libisccc0_9.2.4-1sarge1_ia64.deb bind9 (1:9.2.4-1sarge1) stable; urgency=low * Backport bugfix for 1941 from 9.2.6-P1. Closes: #386237, #386245 - fixes CVE-2006-4095 and CVE-2006-4096. - ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642] stable/main/binary-i386/liblwres1_9.2.4-1sarge1_i386.deb stable/main/binary-i386/libisccfg0_9.2.4-1sarge1_i386.deb stable/main/binary-i386/libisccc0_9.2.4-1sarge1_i386.deb stable/main/binary-i386/lwresd_9.2.4-1sarge1_i386.deb stable/main/binary-i386/bind9_9.2.4-1sarge1_i386.deb stable/main/binary-i386/libisc7_9.2.4-1sarge1_i386.deb stable/main/binary-i386/libdns16_9.2.4-1sarge1_i386.deb stable/main/binary-i386/libbind-dev_9.2.4-1sarge1_i386.deb stable/main/binary-i386/dnsutils_9.2.4-1sarge1_i386.deb stable/main/binary-i386/bind9-host_9.2.4-1sarge1_i386.deb bind9 (1:9.2.4-1sarge1) stable; urgency=low * Backport bugfix for 1941 from 9.2.6-P1. Closes: #386237, #386245 - fixes CVE-2006-4095 and CVE-2006-4096. - ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642] stable/main/binary-hppa/lwresd_9.2.4-1sarge1_hppa.deb stable/main/binary-hppa/bind9-host_9.2.4-1sarge1_hppa.deb stable/main/binary-hppa/dnsutils_9.2.4-1sarge1_hppa.deb stable/main/binary-hppa/libbind-dev_9.2.4-1sarge1_hppa.deb stable/main/binary-hppa/libisccc0_9.2.4-1sarge1_hppa.deb stable/main/binary-hppa/libisccfg0_9.2.4-1sarge1_hppa.deb stable/main/binary-hppa/bind9_9.2.4-1sarge1_hppa.deb stable/main/binary-hppa/libisc7_9.2.4-1sarge1_hppa.deb stable/main/binary-hppa/libdns16_9.2.4-1sarge1_hppa.deb stable/main/binary-hppa/liblwres1_9.2.4-1sarge1_hppa.deb bind9 (1:9.2.4-1sarge1) stable; urgency=low * Backport bugfix for 1941 from 9.2.6-P1. Closes: #386237, #386245 - fixes CVE-2006-4095 and CVE-2006-4096. - ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642] stable/main/binary-arm/libisc7_9.2.4-1sarge1_arm.deb stable/main/binary-arm/libdns16_9.2.4-1sarge1_arm.deb stable/main/binary-arm/bind9_9.2.4-1sarge1_arm.deb stable/main/binary-arm/lwresd_9.2.4-1sarge1_arm.deb stable/main/binary-arm/liblwres1_9.2.4-1sarge1_arm.deb stable/main/binary-arm/libisccc0_9.2.4-1sarge1_arm.deb stable/main/binary-arm/dnsutils_9.2.4-1sarge1_arm.deb stable/main/binary-arm/bind9-host_9.2.4-1sarge1_arm.deb stable/main/binary-arm/libbind-dev_9.2.4-1sarge1_arm.deb stable/main/binary-arm/libisccfg0_9.2.4-1sarge1_arm.deb bind9 (1:9.2.4-1sarge1) stable; urgency=low * Backport bugfix for 1941 from 9.2.6-P1. Closes: #386237, #386245 - fixes CVE-2006-4095 and CVE-2006-4096. - ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642] stable/main/binary-alpha/libisc7_9.2.4-1sarge1_alpha.deb stable/main/binary-alpha/libbind-dev_9.2.4-1sarge1_alpha.deb stable/main/binary-alpha/liblwres1_9.2.4-1sarge1_alpha.deb stable/main/binary-alpha/lwresd_9.2.4-1sarge1_alpha.deb stable/main/binary-alpha/bind9-host_9.2.4-1sarge1_alpha.deb stable/main/binary-alpha/bind9_9.2.4-1sarge1_alpha.deb stable/main/binary-alpha/libisccfg0_9.2.4-1sarge1_alpha.deb stable/main/binary-alpha/libisccc0_9.2.4-1sarge1_alpha.deb stable/main/binary-alpha/libdns16_9.2.4-1sarge1_alpha.deb stable/main/binary-alpha/dnsutils_9.2.4-1sarge1_alpha.deb bind9 (1:9.2.4-1sarge1) stable; urgency=low * Backport bugfix for 1941 from 9.2.6-P1. Closes: #386237, #386245 - fixes CVE-2006-4095 and CVE-2006-4096. - ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642] stable/main/binary-powerpc/bind9-host_9.2.4-1sarge1_powerpc.deb stable/main/binary-powerpc/libdns16_9.2.4-1sarge1_powerpc.deb stable/main/binary-powerpc/libisc7_9.2.4-1sarge1_powerpc.deb stable/main/binary-powerpc/dnsutils_9.2.4-1sarge1_powerpc.deb stable/main/binary-all/bind9-doc_9.2.4-1sarge1_all.deb stable/main/source/bind9_9.2.4-1sarge1.diff.gz stable/main/binary-powerpc/liblwres1_9.2.4-1sarge1_powerpc.deb stable/main/binary-powerpc/bind9_9.2.4-1sarge1_powerpc.deb stable/main/binary-powerpc/libbind-dev_9.2.4-1sarge1_powerpc.deb stable/main/binary-powerpc/lwresd_9.2.4-1sarge1_powerpc.deb stable/main/binary-powerpc/libisccfg0_9.2.4-1sarge1_powerpc.deb stable/main/binary-powerpc/libisccc0_9.2.4-1sarge1_powerpc.deb stable/main/source/bind9_9.2.4-1sarge1.dsc bind9 (1:9.2.4-1sarge1) stable; urgency=low * Backport bugfix for 1941 from 9.2.6-P1. Closes: #386237, #386245 - fixes CVE-2006-4095 and CVE-2006-4096. - ncache_adderesult() should set eresult even if no rdataset is passed to it. [RT #15642] stable/main/binary-sparc/apache-common_1.3.33-6sarge3_sparc.deb stable/main/binary-sparc/apache-dbg_1.3.33-6sarge3_sparc.deb stable/main/binary-sparc/apache_1.3.33-6sarge3_sparc.deb stable/main/binary-sparc/apache-ssl_1.3.33-6sarge3_sparc.deb stable/main/binary-sparc/libapache-mod-perl_1.29.0.3-6sarge3_sparc.deb stable/main/binary-sparc/apache-perl_1.3.33-6sarge3_sparc.deb apache (1.3.33-6sarge3) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Added 910_expect_header_xss_CVE-2006-391 to fix a potential XSS issue affecting the use of the Expect header. [CVE-2006-391] * Added 911_mod_imap_xss-CVE-2005-3352 to fix a potential XSS issue when using Referer headers in mod_imap. [CVE02005-3352] stable/main/binary-s390/apache-ssl_1.3.33-6sarge3_s390.deb stable/main/binary-s390/apache-common_1.3.33-6sarge3_s390.deb stable/main/binary-s390/apache_1.3.33-6sarge3_s390.deb stable/main/binary-s390/apache-perl_1.3.33-6sarge3_s390.deb stable/main/binary-s390/libapache-mod-perl_1.29.0.3-6sarge3_s390.deb stable/main/binary-s390/apache-dbg_1.3.33-6sarge3_s390.deb apache (1.3.33-6sarge3) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Added 910_expect_header_xss_CVE-2006-391 to fix a potential XSS issue affecting the use of the Expect header. [CVE-2006-391] * Added 911_mod_imap_xss-CVE-2005-3352 to fix a potential XSS issue when using Referer headers in mod_imap. [CVE02005-3352] stable/main/binary-powerpc/apache-dbg_1.3.33-6sarge3_powerpc.deb stable/main/binary-powerpc/apache-common_1.3.33-6sarge3_powerpc.deb stable/main/binary-powerpc/apache_1.3.33-6sarge3_powerpc.deb stable/main/binary-powerpc/apache-perl_1.3.33-6sarge3_powerpc.deb stable/main/binary-powerpc/apache-ssl_1.3.33-6sarge3_powerpc.deb stable/main/binary-powerpc/libapache-mod-perl_1.29.0.3-6sarge3_powerpc.deb apache (1.3.33-6sarge3) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Added 910_expect_header_xss_CVE-2006-391 to fix a potential XSS issue affecting the use of the Expect header. [CVE-2006-391] * Added 911_mod_imap_xss-CVE-2005-3352 to fix a potential XSS issue when using Referer headers in mod_imap. [CVE02005-3352] stable/main/binary-mipsel/apache-ssl_1.3.33-6sarge3_mipsel.deb stable/main/binary-mipsel/apache-common_1.3.33-6sarge3_mipsel.deb stable/main/binary-mipsel/libapache-mod-perl_1.29.0.3-6sarge3_mipsel.deb stable/main/binary-mipsel/apache_1.3.33-6sarge3_mipsel.deb stable/main/binary-mipsel/apache-perl_1.3.33-6sarge3_mipsel.deb stable/main/binary-mipsel/apache-dbg_1.3.33-6sarge3_mipsel.deb apache (1.3.33-6sarge3) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Added 910_expect_header_xss_CVE-2006-391 to fix a potential XSS issue affecting the use of the Expect header. [CVE-2006-391] * Added 911_mod_imap_xss-CVE-2005-3352 to fix a potential XSS issue when using Referer headers in mod_imap. [CVE02005-3352] stable/main/binary-mips/apache-ssl_1.3.33-6sarge3_mips.deb stable/main/binary-mips/apache-common_1.3.33-6sarge3_mips.deb stable/main/binary-mips/libapache-mod-perl_1.29.0.3-6sarge3_mips.deb stable/main/binary-mips/apache_1.3.33-6sarge3_mips.deb stable/main/binary-mips/apache-dbg_1.3.33-6sarge3_mips.deb stable/main/binary-mips/apache-perl_1.3.33-6sarge3_mips.deb apache (1.3.33-6sarge3) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Added 910_expect_header_xss_CVE-2006-391 to fix a potential XSS issue affecting the use of the Expect header. [CVE-2006-391] * Added 911_mod_imap_xss-CVE-2005-3352 to fix a potential XSS issue when using Referer headers in mod_imap. [CVE02005-3352] stable/main/binary-m68k/apache-dbg_1.3.33-6sarge3_m68k.deb stable/main/binary-m68k/apache_1.3.33-6sarge3_m68k.deb stable/main/binary-m68k/libapache-mod-perl_1.29.0.3-6sarge3_m68k.deb stable/main/binary-m68k/apache-perl_1.3.33-6sarge3_m68k.deb stable/main/binary-m68k/apache-ssl_1.3.33-6sarge3_m68k.deb stable/main/binary-m68k/apache-common_1.3.33-6sarge3_m68k.deb apache (1.3.33-6sarge3) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Added 910_expect_header_xss_CVE-2006-391 to fix a potential XSS issue affecting the use of the Expect header. [CVE-2006-391] * Added 911_mod_imap_xss-CVE-2005-3352 to fix a potential XSS issue when using Referer headers in mod_imap. [CVE02005-3352] stable/main/binary-ia64/apache-dbg_1.3.33-6sarge3_ia64.deb stable/main/binary-ia64/apache-ssl_1.3.33-6sarge3_ia64.deb stable/main/binary-ia64/apache_1.3.33-6sarge3_ia64.deb stable/main/binary-ia64/apache-common_1.3.33-6sarge3_ia64.deb stable/main/binary-ia64/libapache-mod-perl_1.29.0.3-6sarge3_ia64.deb stable/main/binary-ia64/apache-perl_1.3.33-6sarge3_ia64.deb apache (1.3.33-6sarge3) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Added 910_expect_header_xss_CVE-2006-391 to fix a potential XSS issue affecting the use of the Expect header. [CVE-2006-391] * Added 911_mod_imap_xss-CVE-2005-3352 to fix a potential XSS issue when using Referer headers in mod_imap. [CVE02005-3352] stable/main/binary-hppa/apache-common_1.3.33-6sarge3_hppa.deb stable/main/binary-hppa/apache-perl_1.3.33-6sarge3_hppa.deb stable/main/binary-hppa/apache-ssl_1.3.33-6sarge3_hppa.deb stable/main/binary-hppa/apache-dbg_1.3.33-6sarge3_hppa.deb stable/main/binary-hppa/apache_1.3.33-6sarge3_hppa.deb stable/main/binary-hppa/libapache-mod-perl_1.29.0.3-6sarge3_hppa.deb apache (1.3.33-6sarge3) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Added 910_expect_header_xss_CVE-2006-391 to fix a potential XSS issue affecting the use of the Expect header. [CVE-2006-391] * Added 911_mod_imap_xss-CVE-2005-3352 to fix a potential XSS issue when using Referer headers in mod_imap. [CVE02005-3352] stable/main/binary-arm/apache-perl_1.3.33-6sarge3_arm.deb stable/main/binary-arm/apache-common_1.3.33-6sarge3_arm.deb stable/main/binary-arm/libapache-mod-perl_1.29.0.3-6sarge3_arm.deb stable/main/binary-arm/apache_1.3.33-6sarge3_arm.deb stable/main/binary-arm/apache-dbg_1.3.33-6sarge3_arm.deb stable/main/binary-arm/apache-ssl_1.3.33-6sarge3_arm.deb apache (1.3.33-6sarge3) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Added 910_expect_header_xss_CVE-2006-391 to fix a potential XSS issue affecting the use of the Expect header. [CVE-2006-391] * Added 911_mod_imap_xss-CVE-2005-3352 to fix a potential XSS issue when using Referer headers in mod_imap. [CVE02005-3352] stable/main/binary-alpha/apache-perl_1.3.33-6sarge3_alpha.deb stable/main/binary-alpha/apache-ssl_1.3.33-6sarge3_alpha.deb stable/main/binary-alpha/apache-common_1.3.33-6sarge3_alpha.deb stable/main/binary-alpha/apache_1.3.33-6sarge3_alpha.deb stable/main/binary-alpha/apache-dbg_1.3.33-6sarge3_alpha.deb stable/main/binary-alpha/libapache-mod-perl_1.29.0.3-6sarge3_alpha.deb apache (1.3.33-6sarge3) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Added 910_expect_header_xss_CVE-2006-391 to fix a potential XSS issue affecting the use of the Expect header. [CVE-2006-391] * Added 911_mod_imap_xss-CVE-2005-3352 to fix a potential XSS issue when using Referer headers in mod_imap. [CVE02005-3352] stable/main/binary-i386/apache-perl_1.3.33-6sarge3_i386.deb stable/main/binary-i386/apache-common_1.3.33-6sarge3_i386.deb stable/main/binary-all/apache-doc_1.3.33-6sarge3_all.deb stable/main/binary-i386/apache-ssl_1.3.33-6sarge3_i386.deb stable/main/binary-i386/apache-dbg_1.3.33-6sarge3_i386.deb stable/main/binary-all/apache-utils_1.3.33-6sarge3_all.deb stable/main/source/apache_1.3.33-6sarge3.diff.gz stable/main/binary-i386/libapache-mod-perl_1.29.0.3-6sarge3_i386.deb stable/main/binary-i386/apache_1.3.33-6sarge3_i386.deb stable/main/source/apache_1.3.33-6sarge3.dsc stable/main/binary-all/apache-dev_1.3.33-6sarge3_all.deb apache (1.3.33-6sarge3) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Added 910_expect_header_xss_CVE-2006-391 to fix a potential XSS issue affecting the use of the Expect header. [CVE-2006-391] * Added 911_mod_imap_xss-CVE-2005-3352 to fix a potential XSS issue when using Referer headers in mod_imap. [CVE02005-3352] stable/main/binary-sparc/alsaplayer-oss_0.99.76-0.3sarge1_sparc.deb stable/main/binary-sparc/alsaplayer-gtk_0.99.76-0.3sarge1_sparc.deb stable/main/binary-sparc/libalsaplayer-dev_0.99.76-0.3sarge1_sparc.deb stable/main/binary-sparc/libalsaplayer0_0.99.76-0.3sarge1_sparc.deb stable/main/binary-sparc/alsaplayer-common_0.99.76-0.3sarge1_sparc.deb stable/main/binary-sparc/alsaplayer-text_0.99.76-0.3sarge1_sparc.deb stable/main/binary-sparc/alsaplayer-daemon_0.99.76-0.3sarge1_sparc.deb stable/main/binary-sparc/alsaplayer-alsa_0.99.76-0.3sarge1_sparc.deb stable/main/binary-sparc/alsaplayer-nas_0.99.76-0.3sarge1_sparc.deb stable/main/binary-sparc/alsaplayer-xosd_0.99.76-0.3sarge1_sparc.deb stable/main/binary-sparc/alsaplayer-jack_0.99.76-0.3sarge1_sparc.deb stable/main/binary-sparc/alsaplayer-esd_0.99.76-0.3sarge1_sparc.deb stable/main/binary-sparc/alsaplayer_0.99.76-0.3sarge1_sparc.deb alsaplayer (0.99.76-0.3sarge1) stable-security; urgency=high * Fix some buffer overflow bugs. (CVE-2006-4089) stable/main/binary-s390/alsaplayer-nas_0.99.76-0.3sarge1_s390.deb stable/main/binary-s390/alsaplayer-alsa_0.99.76-0.3sarge1_s390.deb stable/main/binary-s390/alsaplayer-jack_0.99.76-0.3sarge1_s390.deb stable/main/binary-s390/alsaplayer-xosd_0.99.76-0.3sarge1_s390.deb stable/main/binary-s390/alsaplayer_0.99.76-0.3sarge1_s390.deb stable/main/binary-s390/alsaplayer-esd_0.99.76-0.3sarge1_s390.deb stable/main/binary-s390/alsaplayer-oss_0.99.76-0.3sarge1_s390.deb stable/main/binary-s390/libalsaplayer-dev_0.99.76-0.3sarge1_s390.deb stable/main/binary-s390/alsaplayer-text_0.99.76-0.3sarge1_s390.deb stable/main/binary-s390/libalsaplayer0_0.99.76-0.3sarge1_s390.deb stable/main/binary-s390/alsaplayer-common_0.99.76-0.3sarge1_s390.deb stable/main/binary-s390/alsaplayer-gtk_0.99.76-0.3sarge1_s390.deb stable/main/binary-s390/alsaplayer-daemon_0.99.76-0.3sarge1_s390.deb alsaplayer (0.99.76-0.3sarge1) stable-security; urgency=high * Fix some buffer overflow bugs. (CVE-2006-4089) stable/main/binary-powerpc/alsaplayer-esd_0.99.76-0.3sarge1_powerpc.deb stable/main/binary-powerpc/alsaplayer-oss_0.99.76-0.3sarge1_powerpc.deb stable/main/binary-powerpc/alsaplayer-common_0.99.76-0.3sarge1_powerpc.deb stable/main/binary-powerpc/alsaplayer-xosd_0.99.76-0.3sarge1_powerpc.deb stable/main/binary-powerpc/alsaplayer-jack_0.99.76-0.3sarge1_powerpc.deb stable/main/binary-powerpc/alsaplayer_0.99.76-0.3sarge1_powerpc.deb stable/main/binary-powerpc/alsaplayer-gtk_0.99.76-0.3sarge1_powerpc.deb stable/main/binary-powerpc/alsaplayer-nas_0.99.76-0.3sarge1_powerpc.deb stable/main/binary-powerpc/libalsaplayer0_0.99.76-0.3sarge1_powerpc.deb stable/main/binary-powerpc/alsaplayer-alsa_0.99.76-0.3sarge1_powerpc.deb stable/main/binary-powerpc/libalsaplayer-dev_0.99.76-0.3sarge1_powerpc.deb stable/main/binary-powerpc/alsaplayer-daemon_0.99.76-0.3sarge1_powerpc.deb stable/main/binary-powerpc/alsaplayer-text_0.99.76-0.3sarge1_powerpc.deb alsaplayer (0.99.76-0.3sarge1) stable-security; urgency=high * Fix some buffer overflow bugs. (CVE-2006-4089) stable/main/binary-mipsel/alsaplayer-jack_0.99.76-0.3sarge1_mipsel.deb stable/main/binary-mipsel/libalsaplayer0_0.99.76-0.3sarge1_mipsel.deb stable/main/binary-mipsel/libalsaplayer-dev_0.99.76-0.3sarge1_mipsel.deb stable/main/binary-mipsel/alsaplayer-oss_0.99.76-0.3sarge1_mipsel.deb stable/main/binary-mipsel/alsaplayer-common_0.99.76-0.3sarge1_mipsel.deb stable/main/binary-mipsel/alsaplayer-daemon_0.99.76-0.3sarge1_mipsel.deb stable/main/binary-mipsel/alsaplayer-text_0.99.76-0.3sarge1_mipsel.deb stable/main/binary-mipsel/alsaplayer_0.99.76-0.3sarge1_mipsel.deb stable/main/binary-mipsel/alsaplayer-alsa_0.99.76-0.3sarge1_mipsel.deb stable/main/binary-mipsel/alsaplayer-xosd_0.99.76-0.3sarge1_mipsel.deb stable/main/binary-mipsel/alsaplayer-esd_0.99.76-0.3sarge1_mipsel.deb stable/main/binary-mipsel/alsaplayer-nas_0.99.76-0.3sarge1_mipsel.deb stable/main/binary-mipsel/alsaplayer-gtk_0.99.76-0.3sarge1_mipsel.deb alsaplayer (0.99.76-0.3sarge1) stable-security; urgency=high * Fix some buffer overflow bugs. (CVE-2006-4089) stable/main/binary-mips/alsaplayer-text_0.99.76-0.3sarge1_mips.deb stable/main/binary-mips/alsaplayer-alsa_0.99.76-0.3sarge1_mips.deb stable/main/binary-mips/libalsaplayer-dev_0.99.76-0.3sarge1_mips.deb stable/main/binary-mips/alsaplayer-nas_0.99.76-0.3sarge1_mips.deb stable/main/binary-mips/libalsaplayer0_0.99.76-0.3sarge1_mips.deb stable/main/binary-mips/alsaplayer-common_0.99.76-0.3sarge1_mips.deb stable/main/binary-mips/alsaplayer-daemon_0.99.76-0.3sarge1_mips.deb stable/main/binary-mips/alsaplayer_0.99.76-0.3sarge1_mips.deb stable/main/binary-mips/alsaplayer-jack_0.99.76-0.3sarge1_mips.deb stable/main/binary-mips/alsaplayer-oss_0.99.76-0.3sarge1_mips.deb stable/main/binary-mips/alsaplayer-esd_0.99.76-0.3sarge1_mips.deb stable/main/binary-mips/alsaplayer-gtk_0.99.76-0.3sarge1_mips.deb stable/main/binary-mips/alsaplayer-xosd_0.99.76-0.3sarge1_mips.deb alsaplayer (0.99.76-0.3sarge1) stable-security; urgency=high * Fix some buffer overflow bugs. (CVE-2006-4089) stable/main/binary-m68k/alsaplayer-gtk_0.99.76-0.3sarge1_m68k.deb stable/main/binary-m68k/alsaplayer-common_0.99.76-0.3sarge1_m68k.deb stable/main/binary-m68k/alsaplayer-oss_0.99.76-0.3sarge1_m68k.deb stable/main/binary-m68k/alsaplayer-nas_0.99.76-0.3sarge1_m68k.deb stable/main/binary-m68k/alsaplayer-xosd_0.99.76-0.3sarge1_m68k.deb stable/main/binary-m68k/alsaplayer-text_0.99.76-0.3sarge1_m68k.deb stable/main/binary-m68k/libalsaplayer-dev_0.99.76-0.3sarge1_m68k.deb stable/main/binary-m68k/alsaplayer-alsa_0.99.76-0.3sarge1_m68k.deb stable/main/binary-m68k/alsaplayer_0.99.76-0.3sarge1_m68k.deb stable/main/binary-m68k/alsaplayer-daemon_0.99.76-0.3sarge1_m68k.deb stable/main/binary-m68k/alsaplayer-jack_0.99.76-0.3sarge1_m68k.deb stable/main/binary-m68k/libalsaplayer0_0.99.76-0.3sarge1_m68k.deb stable/main/binary-m68k/alsaplayer-esd_0.99.76-0.3sarge1_m68k.deb alsaplayer (0.99.76-0.3sarge1) stable-security; urgency=high * Fix some buffer overflow bugs. (CVE-2006-4089) stable/main/binary-ia64/alsaplayer-nas_0.99.76-0.3sarge1_ia64.deb stable/main/binary-ia64/alsaplayer_0.99.76-0.3sarge1_ia64.deb stable/main/binary-ia64/alsaplayer-text_0.99.76-0.3sarge1_ia64.deb stable/main/binary-ia64/alsaplayer-alsa_0.99.76-0.3sarge1_ia64.deb stable/main/binary-ia64/alsaplayer-xosd_0.99.76-0.3sarge1_ia64.deb stable/main/binary-ia64/alsaplayer-gtk_0.99.76-0.3sarge1_ia64.deb stable/main/binary-ia64/alsaplayer-common_0.99.76-0.3sarge1_ia64.deb stable/main/binary-ia64/alsaplayer-esd_0.99.76-0.3sarge1_ia64.deb stable/main/binary-ia64/alsaplayer-oss_0.99.76-0.3sarge1_ia64.deb stable/main/binary-ia64/alsaplayer-jack_0.99.76-0.3sarge1_ia64.deb stable/main/binary-ia64/libalsaplayer0_0.99.76-0.3sarge1_ia64.deb stable/main/binary-ia64/alsaplayer-daemon_0.99.76-0.3sarge1_ia64.deb stable/main/binary-ia64/libalsaplayer-dev_0.99.76-0.3sarge1_ia64.deb alsaplayer (0.99.76-0.3sarge1) stable-security; urgency=high * Fix some buffer overflow bugs. (CVE-2006-4089) stable/main/binary-i386/libalsaplayer0_0.99.76-0.3sarge1_i386.deb stable/main/binary-i386/alsaplayer-jack_0.99.76-0.3sarge1_i386.deb stable/main/binary-i386/libalsaplayer-dev_0.99.76-0.3sarge1_i386.deb stable/main/binary-i386/alsaplayer-daemon_0.99.76-0.3sarge1_i386.deb stable/main/binary-i386/alsaplayer-esd_0.99.76-0.3sarge1_i386.deb stable/main/binary-i386/alsaplayer-oss_0.99.76-0.3sarge1_i386.deb stable/main/binary-i386/alsaplayer-text_0.99.76-0.3sarge1_i386.deb stable/main/binary-i386/alsaplayer_0.99.76-0.3sarge1_i386.deb stable/main/binary-i386/alsaplayer-common_0.99.76-0.3sarge1_i386.deb stable/main/binary-i386/alsaplayer-xosd_0.99.76-0.3sarge1_i386.deb stable/main/binary-i386/alsaplayer-alsa_0.99.76-0.3sarge1_i386.deb stable/main/binary-i386/alsaplayer-nas_0.99.76-0.3sarge1_i386.deb stable/main/binary-i386/alsaplayer-gtk_0.99.76-0.3sarge1_i386.deb alsaplayer (0.99.76-0.3sarge1) stable-security; urgency=high * Fix some buffer overflow bugs. (CVE-2006-4089) stable/main/binary-hppa/alsaplayer-text_0.99.76-0.3sarge1_hppa.deb stable/main/binary-hppa/alsaplayer-nas_0.99.76-0.3sarge1_hppa.deb stable/main/binary-hppa/alsaplayer-gtk_0.99.76-0.3sarge1_hppa.deb stable/main/binary-hppa/alsaplayer_0.99.76-0.3sarge1_hppa.deb stable/main/binary-hppa/alsaplayer-xosd_0.99.76-0.3sarge1_hppa.deb stable/main/binary-hppa/alsaplayer-alsa_0.99.76-0.3sarge1_hppa.deb stable/main/binary-hppa/alsaplayer-oss_0.99.76-0.3sarge1_hppa.deb stable/main/binary-hppa/alsaplayer-jack_0.99.76-0.3sarge1_hppa.deb stable/main/binary-hppa/alsaplayer-esd_0.99.76-0.3sarge1_hppa.deb stable/main/binary-hppa/alsaplayer-common_0.99.76-0.3sarge1_hppa.deb stable/main/binary-hppa/libalsaplayer-dev_0.99.76-0.3sarge1_hppa.deb stable/main/binary-hppa/alsaplayer-daemon_0.99.76-0.3sarge1_hppa.deb stable/main/binary-hppa/libalsaplayer0_0.99.76-0.3sarge1_hppa.deb alsaplayer (0.99.76-0.3sarge1) stable-security; urgency=high * Fix some buffer overflow bugs. (CVE-2006-4089) stable/main/binary-alpha/alsaplayer-jack_0.99.76-0.3sarge1_alpha.deb stable/main/binary-alpha/alsaplayer-xosd_0.99.76-0.3sarge1_alpha.deb stable/main/binary-alpha/alsaplayer-nas_0.99.76-0.3sarge1_alpha.deb stable/main/binary-alpha/libalsaplayer-dev_0.99.76-0.3sarge1_alpha.deb stable/main/binary-alpha/alsaplayer-daemon_0.99.76-0.3sarge1_alpha.deb stable/main/binary-alpha/alsaplayer-alsa_0.99.76-0.3sarge1_alpha.deb stable/main/binary-alpha/alsaplayer_0.99.76-0.3sarge1_alpha.deb stable/main/binary-alpha/alsaplayer-text_0.99.76-0.3sarge1_alpha.deb stable/main/binary-alpha/alsaplayer-esd_0.99.76-0.3sarge1_alpha.deb stable/main/binary-alpha/libalsaplayer0_0.99.76-0.3sarge1_alpha.deb stable/main/binary-alpha/alsaplayer-common_0.99.76-0.3sarge1_alpha.deb stable/main/binary-alpha/alsaplayer-gtk_0.99.76-0.3sarge1_alpha.deb stable/main/binary-alpha/alsaplayer-oss_0.99.76-0.3sarge1_alpha.deb alsaplayer (0.99.76-0.3sarge1) stable-security; urgency=high * Fix some buffer overflow bugs. (CVE-2006-4089) stable/main/source/alsaplayer_0.99.76-0.3sarge1.dsc stable/main/binary-arm/alsaplayer-text_0.99.76-0.3sarge1_arm.deb stable/main/binary-arm/alsaplayer-oss_0.99.76-0.3sarge1_arm.deb stable/main/source/alsaplayer_0.99.76-0.3sarge1.diff.gz stable/main/binary-arm/libalsaplayer0_0.99.76-0.3sarge1_arm.deb stable/main/binary-arm/alsaplayer_0.99.76-0.3sarge1_arm.deb stable/main/binary-arm/alsaplayer-common_0.99.76-0.3sarge1_arm.deb stable/main/binary-arm/alsaplayer-gtk_0.99.76-0.3sarge1_arm.deb stable/main/binary-arm/alsaplayer-daemon_0.99.76-0.3sarge1_arm.deb stable/main/binary-arm/alsaplayer-esd_0.99.76-0.3sarge1_arm.deb stable/main/binary-arm/alsaplayer-jack_0.99.76-0.3sarge1_arm.deb stable/main/binary-arm/alsaplayer-alsa_0.99.76-0.3sarge1_arm.deb stable/main/binary-arm/alsaplayer-xosd_0.99.76-0.3sarge1_arm.deb stable/main/binary-arm/alsaplayer-nas_0.99.76-0.3sarge1_arm.deb stable/main/binary-arm/libalsaplayer-dev_0.99.76-0.3sarge1_arm.deb alsaplayer (0.99.76-0.3sarge1) stable-security; urgency=high * Fix some buffer overflow bugs. (CVE-2006-4089) ========================================= Thu, 31 Aug 2006 - Debian 3.1r3 released ========================================= stable/main/source/libcrypt-cbc-perl_2.12-1sarge1.diff.gz stable/main/binary-all/libcrypt-cbc-perl_2.12-1sarge1_all.deb stable/main/source/libcrypt-cbc-perl_2.12-1sarge1.dsc libcrypt-cbc-perl (2.12-1sarge1) stable-security; urgency=high * SECURITY FIX: solves weakness when using certain block algorithms stable/main/binary-sparc/zope2.7_2.7.5-2sarge2_sparc.deb zope2.7 (2.7.5-2sarge2) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'raw' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. (Closes: #377285) - CVE-2006-3458 stable/main/binary-s390/zope2.7_2.7.5-2sarge2_s390.deb zope2.7 (2.7.5-2sarge2) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'raw' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. (Closes: #377285) - CVE-2006-3458 stable/main/binary-powerpc/zope2.7_2.7.5-2sarge2_powerpc.deb zope2.7 (2.7.5-2sarge2) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'raw' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. (Closes: #377285) - CVE-2006-3458 stable/main/binary-mipsel/zope2.7_2.7.5-2sarge2_mipsel.deb zope2.7 (2.7.5-2sarge2) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'raw' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. (Closes: #377285) - CVE-2006-3458 stable/main/binary-mips/zope2.7_2.7.5-2sarge2_mips.deb zope2.7 (2.7.5-2sarge2) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'raw' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. (Closes: #377285) - CVE-2006-3458 stable/main/binary-m68k/zope2.7_2.7.5-2sarge2_m68k.deb zope2.7 (2.7.5-2sarge2) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'raw' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. (Closes: #377285) - CVE-2006-3458 stable/main/binary-ia64/zope2.7_2.7.5-2sarge2_ia64.deb zope2.7 (2.7.5-2sarge2) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'raw' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. (Closes: #377285) - CVE-2006-3458 stable/main/binary-hppa/zope2.7_2.7.5-2sarge2_hppa.deb zope2.7 (2.7.5-2sarge2) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'raw' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. (Closes: #377285) - CVE-2006-3458 stable/main/binary-arm/zope2.7_2.7.5-2sarge2_arm.deb zope2.7 (2.7.5-2sarge2) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'raw' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. (Closes: #377285) - CVE-2006-3458 stable/main/binary-alpha/zope2.7_2.7.5-2sarge2_alpha.deb zope2.7 (2.7.5-2sarge2) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'raw' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. (Closes: #377285) - CVE-2006-3458 stable/main/binary-i386/zope2.7_2.7.5-2sarge2_i386.deb stable/main/source/zope2.7_2.7.5-2sarge2.diff.gz stable/main/source/zope2.7_2.7.5-2sarge2.dsc zope2.7 (2.7.5-2sarge2) stable-security; urgency=high * SECURITY UPDATE: Arbitrary file inclusion. * Disable 'raw' ReST directive in included docutils to prevent reading arbitrary files through ReST documents. (Closes: #377285) - CVE-2006-3458 stable/main/source/zope-cmfplone_2.0.4-3sarge1.dsc stable/main/source/zope-cmfplone_2.0.4-3sarge1.diff.gz stable/main/binary-all/plone_2.0.4-3sarge1_all.deb stable/main/binary-all/zope-cmfplone_2.0.4-3sarge1_all.deb zope-cmfplone (2.0.4-3sarge1) stable-security; urgency=high * Applied PloneHotfix20060410; Adds security declarations to unprotected MembershipTool methods: changeMemberPortrait, deletePersonalPortrait, testCurrentPassword. stable/main/source/zgv_5.7-1.4.diff.gz stable/main/binary-i386/zgv_5.7-1.4_i386.deb stable/main/source/zgv_5.7-1.4.dsc zgv (5.7-1.4) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Russell Marks to fix segmentation faults [src/readjpeg.c, CVE-2006-1060] stable/main/binary-sparc/xzgv_0.8-3sarge1_sparc.deb xzgv (0.8-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Russell Marks to fix segmentation faults [src/readjpeg.c, CVE-2006-1060] stable/main/binary-s390/xzgv_0.8-3sarge1_s390.deb xzgv (0.8-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Russell Marks to fix segmentation faults [src/readjpeg.c, CVE-2006-1060] stable/main/binary-mipsel/xzgv_0.8-3sarge1_mipsel.deb xzgv (0.8-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Russell Marks to fix segmentation faults [src/readjpeg.c, CVE-2006-1060] stable/main/binary-mips/xzgv_0.8-3sarge1_mips.deb xzgv (0.8-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Russell Marks to fix segmentation faults [src/readjpeg.c, CVE-2006-1060] stable/main/binary-m68k/xzgv_0.8-3sarge1_m68k.deb xzgv (0.8-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Russell Marks to fix segmentation faults [src/readjpeg.c, CVE-2006-1060] stable/main/binary-ia64/xzgv_0.8-3sarge1_ia64.deb xzgv (0.8-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Russell Marks to fix segmentation faults [src/readjpeg.c, CVE-2006-1060] stable/main/binary-i386/xzgv_0.8-3sarge1_i386.deb xzgv (0.8-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Russell Marks to fix segmentation faults [src/readjpeg.c, CVE-2006-1060] stable/main/binary-hppa/xzgv_0.8-3sarge1_hppa.deb xzgv (0.8-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Russell Marks to fix segmentation faults [src/readjpeg.c, CVE-2006-1060] stable/main/binary-arm/xzgv_0.8-3sarge1_arm.deb xzgv (0.8-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Russell Marks to fix segmentation faults [src/readjpeg.c, CVE-2006-1060] stable/main/binary-alpha/xzgv_0.8-3sarge1_alpha.deb xzgv (0.8-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Russell Marks to fix segmentation faults [src/readjpeg.c, CVE-2006-1060] stable/main/source/xzgv_0.8-3sarge1.diff.gz stable/main/binary-powerpc/xzgv_0.8-3sarge1_powerpc.deb stable/main/source/xzgv_0.8-3sarge1.dsc xzgv (0.8-3sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Russell Marks to fix segmentation faults [src/readjpeg.c, CVE-2006-1060] stable/main/binary-sparc/cddb_2.6-17sarge1_sparc.deb stable/main/binary-sparc/xmcd_2.6-17sarge1_sparc.deb xmcd (2.6-17sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fully implemented non-world-writeable directories [libdi_d/config.sh alias xmcdconfig, CVE-2006-2542] stable/main/binary-s390/cddb_2.6-17sarge1_s390.deb stable/main/binary-s390/xmcd_2.6-17sarge1_s390.deb xmcd (2.6-17sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fully implemented non-world-writeable directories [libdi_d/config.sh alias xmcdconfig, CVE-2006-2542] stable/main/binary-mipsel/xmcd_2.6-17sarge1_mipsel.deb stable/main/binary-mipsel/cddb_2.6-17sarge1_mipsel.deb xmcd (2.6-17sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fully implemented non-world-writeable directories [libdi_d/config.sh alias xmcdconfig, CVE-2006-2542] stable/main/binary-mips/xmcd_2.6-17sarge1_mips.deb stable/main/binary-mips/cddb_2.6-17sarge1_mips.deb xmcd (2.6-17sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fully implemented non-world-writeable directories [libdi_d/config.sh alias xmcdconfig, CVE-2006-2542] stable/main/binary-m68k/xmcd_2.6-17sarge1_m68k.deb stable/main/binary-m68k/cddb_2.6-17sarge1_m68k.deb xmcd (2.6-17sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fully implemented non-world-writeable directories [libdi_d/config.sh alias xmcdconfig, CVE-2006-2542] stable/main/binary-ia64/cddb_2.6-17sarge1_ia64.deb stable/main/binary-ia64/xmcd_2.6-17sarge1_ia64.deb xmcd (2.6-17sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fully implemented non-world-writeable directories [libdi_d/config.sh alias xmcdconfig, CVE-2006-2542] stable/main/binary-i386/cddb_2.6-17sarge1_i386.deb stable/main/binary-i386/xmcd_2.6-17sarge1_i386.deb xmcd (2.6-17sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fully implemented non-world-writeable directories [libdi_d/config.sh alias xmcdconfig, CVE-2006-2542] stable/main/binary-hppa/xmcd_2.6-17sarge1_hppa.deb stable/main/binary-hppa/cddb_2.6-17sarge1_hppa.deb xmcd (2.6-17sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fully implemented non-world-writeable directories [libdi_d/config.sh alias xmcdconfig, CVE-2006-2542] stable/main/binary-arm/xmcd_2.6-17sarge1_arm.deb stable/main/binary-arm/cddb_2.6-17sarge1_arm.deb xmcd (2.6-17sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fully implemented non-world-writeable directories [libdi_d/config.sh alias xmcdconfig, CVE-2006-2542] stable/main/binary-alpha/xmcd_2.6-17sarge1_alpha.deb stable/main/binary-alpha/cddb_2.6-17sarge1_alpha.deb xmcd (2.6-17sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fully implemented non-world-writeable directories [libdi_d/config.sh alias xmcdconfig, CVE-2006-2542] stable/main/binary-powerpc/xmcd_2.6-17sarge1_powerpc.deb stable/main/binary-powerpc/cddb_2.6-17sarge1_powerpc.deb stable/main/source/xmcd_2.6-17sarge1.dsc stable/main/source/xmcd_2.6-17sarge1.diff.gz xmcd (2.6-17sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fully implemented non-world-writeable directories [libdi_d/config.sh alias xmcdconfig, CVE-2006-2542] stable/main/binary-sparc/xine-ui_0.99.3-1sarge1_sparc.deb xine-ui (0.99.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Corrected call to report() and printf() to fix format string vulnerabilities [src/xitk/main.c, src/xitk/xine-toolkit/xitk.c, CVE-2006-2230] stable/main/binary-s390/xine-ui_0.99.3-1sarge1_s390.deb xine-ui (0.99.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Corrected call to report() and printf() to fix format string vulnerabilities [src/xitk/main.c, src/xitk/xine-toolkit/xitk.c, CVE-2006-2230] stable/main/binary-powerpc/xine-ui_0.99.3-1sarge1_powerpc.deb xine-ui (0.99.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Corrected call to report() and printf() to fix format string vulnerabilities [src/xitk/main.c, src/xitk/xine-toolkit/xitk.c, CVE-2006-2230] stable/main/binary-mipsel/xine-ui_0.99.3-1sarge1_mipsel.deb xine-ui (0.99.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Corrected call to report() and printf() to fix format string vulnerabilities [src/xitk/main.c, src/xitk/xine-toolkit/xitk.c, CVE-2006-2230] stable/main/binary-mips/xine-ui_0.99.3-1sarge1_mips.deb xine-ui (0.99.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Corrected call to report() and printf() to fix format string vulnerabilities [src/xitk/main.c, src/xitk/xine-toolkit/xitk.c, CVE-2006-2230] stable/main/binary-m68k/xine-ui_0.99.3-1sarge1_m68k.deb xine-ui (0.99.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Corrected call to report() and printf() to fix format string vulnerabilities [src/xitk/main.c, src/xitk/xine-toolkit/xitk.c, CVE-2006-2230] stable/main/binary-ia64/xine-ui_0.99.3-1sarge1_ia64.deb xine-ui (0.99.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Corrected call to report() and printf() to fix format string vulnerabilities [src/xitk/main.c, src/xitk/xine-toolkit/xitk.c, CVE-2006-2230] stable/main/binary-hppa/xine-ui_0.99.3-1sarge1_hppa.deb xine-ui (0.99.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Corrected call to report() and printf() to fix format string vulnerabilities [src/xitk/main.c, src/xitk/xine-toolkit/xitk.c, CVE-2006-2230] stable/main/binary-arm/xine-ui_0.99.3-1sarge1_arm.deb xine-ui (0.99.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Corrected call to report() and printf() to fix format string vulnerabilities [src/xitk/main.c, src/xitk/xine-toolkit/xitk.c, CVE-2006-2230] stable/main/binary-alpha/xine-ui_0.99.3-1sarge1_alpha.deb xine-ui (0.99.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Corrected call to report() and printf() to fix format string vulnerabilities [src/xitk/main.c, src/xitk/xine-toolkit/xitk.c, CVE-2006-2230] stable/main/binary-i386/xine-ui_0.99.3-1sarge1_i386.deb stable/main/source/xine-ui_0.99.3-1sarge1.dsc stable/main/source/xine-ui_0.99.3-1sarge1.diff.gz xine-ui (0.99.3-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Corrected call to report() and printf() to fix format string vulnerabilities [src/xitk/main.c, src/xitk/xine-toolkit/xitk.c, CVE-2006-2230] stable/main/binary-sparc/libxine-dev_1.0.1-1sarge3_sparc.deb stable/main/binary-sparc/libxine1_1.0.1-1sarge3_sparc.deb xine-lib (1.0.1-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Applied patch by Diego Petten to fix buffer overflow in the HTTP input plugin [src/input/input_http.c, CVE-2006-2802] stable/main/binary-s390/libxine-dev_1.0.1-1sarge3_s390.deb stable/main/binary-s390/libxine1_1.0.1-1sarge3_s390.deb xine-lib (1.0.1-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Applied patch by Diego Petten to fix buffer overflow in the HTTP input plugin [src/input/input_http.c, CVE-2006-2802] stable/main/binary-mipsel/libxine1_1.0.1-1sarge3_mipsel.deb stable/main/binary-mipsel/libxine-dev_1.0.1-1sarge3_mipsel.deb xine-lib (1.0.1-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Applied patch by Diego Petten to fix buffer overflow in the HTTP input plugin [src/input/input_http.c, CVE-2006-2802] stable/main/binary-mips/libxine1_1.0.1-1sarge3_mips.deb stable/main/binary-mips/libxine-dev_1.0.1-1sarge3_mips.deb xine-lib (1.0.1-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Applied patch by Diego Petten to fix buffer overflow in the HTTP input plugin [src/input/input_http.c, CVE-2006-2802] stable/main/binary-m68k/libxine-dev_1.0.1-1sarge3_m68k.deb stable/main/binary-m68k/libxine1_1.0.1-1sarge3_m68k.deb xine-lib (1.0.1-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Applied patch by Diego Petten to fix buffer overflow in the HTTP input plugin [src/input/input_http.c, CVE-2006-2802] stable/main/binary-ia64/libxine1_1.0.1-1sarge3_ia64.deb stable/main/binary-ia64/libxine-dev_1.0.1-1sarge3_ia64.deb xine-lib (1.0.1-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Applied patch by Diego Petten to fix buffer overflow in the HTTP input plugin [src/input/input_http.c, CVE-2006-2802] stable/main/binary-i386/libxine-dev_1.0.1-1sarge3_i386.deb stable/main/binary-i386/libxine1_1.0.1-1sarge3_i386.deb xine-lib (1.0.1-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Applied patch by Diego Petten to fix buffer overflow in the HTTP input plugin [src/input/input_http.c, CVE-2006-2802] stable/main/binary-hppa/libxine1_1.0.1-1sarge3_hppa.deb stable/main/binary-hppa/libxine-dev_1.0.1-1sarge3_hppa.deb xine-lib (1.0.1-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Applied patch by Diego Petten to fix buffer overflow in the HTTP input plugin [src/input/input_http.c, CVE-2006-2802] stable/main/binary-arm/libxine-dev_1.0.1-1sarge3_arm.deb stable/main/binary-arm/libxine1_1.0.1-1sarge3_arm.deb xine-lib (1.0.1-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Applied patch by Diego Petten to fix buffer overflow in the HTTP input plugin [src/input/input_http.c, CVE-2006-2802] stable/main/binary-alpha/libxine1_1.0.1-1sarge3_alpha.deb stable/main/binary-alpha/libxine-dev_1.0.1-1sarge3_alpha.deb xine-lib (1.0.1-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Applied patch by Diego Petten to fix buffer overflow in the HTTP input plugin [src/input/input_http.c, CVE-2006-2802] stable/main/source/xine-lib_1.0.1-1sarge3.dsc stable/main/binary-powerpc/libxine-dev_1.0.1-1sarge3_powerpc.deb stable/main/binary-powerpc/libxine1_1.0.1-1sarge3_powerpc.deb stable/main/source/xine-lib_1.0.1-1sarge3.diff.gz xine-lib (1.0.1-1sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Applied patch by Diego Petten to fix buffer overflow in the HTTP input plugin [src/input/input_http.c, CVE-2006-2802] stable/main/binary-sparc/wzdftpd-mod-tcl_0.5.2-1.1sarge2_sparc.deb stable/main/binary-sparc/wzdftpd-dev_0.5.2-1.1sarge2_sparc.deb stable/main/binary-sparc/wzdftpd_0.5.2-1.1sarge2_sparc.deb stable/main/binary-sparc/wzdftpd-mod-perl_0.5.2-1.1sarge2_sparc.deb stable/main/binary-sparc/wzdftpd-back-mysql_0.5.2-1.1sarge2_sparc.deb wzdftpd (0.5.2-1.1sarge2) stable; urgency=high * Fix depends for wzdftpd-mod-perl and wzdftpd-mod-tcl (Closes: #372531, #369829) stable/main/binary-s390/wzdftpd-mod-perl_0.5.2-1.1sarge2_s390.deb stable/main/binary-s390/wzdftpd-dev_0.5.2-1.1sarge2_s390.deb stable/main/binary-s390/wzdftpd_0.5.2-1.1sarge2_s390.deb stable/main/binary-s390/wzdftpd-mod-tcl_0.5.2-1.1sarge2_s390.deb stable/main/binary-s390/wzdftpd-back-mysql_0.5.2-1.1sarge2_s390.deb wzdftpd (0.5.2-1.1sarge2) stable; urgency=high * Fix depends for wzdftpd-mod-perl and wzdftpd-mod-tcl (Closes: #372531, #369829) stable/main/binary-powerpc/wzdftpd-mod-tcl_0.5.2-1.1sarge2_powerpc.deb stable/main/binary-powerpc/wzdftpd-back-mysql_0.5.2-1.1sarge2_powerpc.deb stable/main/binary-powerpc/wzdftpd-dev_0.5.2-1.1sarge2_powerpc.deb stable/main/binary-powerpc/wzdftpd_0.5.2-1.1sarge2_powerpc.deb stable/main/binary-powerpc/wzdftpd-mod-perl_0.5.2-1.1sarge2_powerpc.deb wzdftpd (0.5.2-1.1sarge2) stable; urgency=high * Fix depends for wzdftpd-mod-perl and wzdftpd-mod-tcl (Closes: #372531, #369829) stable/main/binary-mipsel/wzdftpd_0.5.2-1.1sarge2_mipsel.deb stable/main/binary-mipsel/wzdftpd-back-mysql_0.5.2-1.1sarge2_mipsel.deb stable/main/binary-mipsel/wzdftpd-dev_0.5.2-1.1sarge2_mipsel.deb stable/main/binary-mipsel/wzdftpd-mod-perl_0.5.2-1.1sarge2_mipsel.deb stable/main/binary-mipsel/wzdftpd-mod-tcl_0.5.2-1.1sarge2_mipsel.deb wzdftpd (0.5.2-1.1sarge2) stable; urgency=high * Fix depends for wzdftpd-mod-perl and wzdftpd-mod-tcl (Closes: #372531, #369829) stable/main/binary-mips/wzdftpd_0.5.2-1.1sarge2_mips.deb stable/main/binary-mips/wzdftpd-back-mysql_0.5.2-1.1sarge2_mips.deb stable/main/binary-mips/wzdftpd-dev_0.5.2-1.1sarge2_mips.deb stable/main/binary-mips/wzdftpd-mod-tcl_0.5.2-1.1sarge2_mips.deb stable/main/binary-mips/wzdftpd-mod-perl_0.5.2-1.1sarge2_mips.deb wzdftpd (0.5.2-1.1sarge2) stable; urgency=high * Fix depends for wzdftpd-mod-perl and wzdftpd-mod-tcl (Closes: #372531, #369829) stable/main/binary-m68k/wzdftpd-back-mysql_0.5.2-1.1sarge2_m68k.deb stable/main/binary-m68k/wzdftpd-dev_0.5.2-1.1sarge2_m68k.deb stable/main/binary-m68k/wzdftpd_0.5.2-1.1sarge2_m68k.deb stable/main/binary-m68k/wzdftpd-mod-perl_0.5.2-1.1sarge2_m68k.deb stable/main/binary-m68k/wzdftpd-mod-tcl_0.5.2-1.1sarge2_m68k.deb wzdftpd (0.5.2-1.1sarge2) stable; urgency=high * Fix depends for wzdftpd-mod-perl and wzdftpd-mod-tcl (Closes: #372531, #369829) stable/main/binary-ia64/wzdftpd-back-mysql_0.5.2-1.1sarge2_ia64.deb stable/main/binary-ia64/wzdftpd_0.5.2-1.1sarge2_ia64.deb stable/main/binary-ia64/wzdftpd-dev_0.5.2-1.1sarge2_ia64.deb stable/main/binary-ia64/wzdftpd-mod-perl_0.5.2-1.1sarge2_ia64.deb stable/main/binary-ia64/wzdftpd-mod-tcl_0.5.2-1.1sarge2_ia64.deb wzdftpd (0.5.2-1.1sarge2) stable; urgency=high * Fix depends for wzdftpd-mod-perl and wzdftpd-mod-tcl (Closes: #372531, #369829) stable/main/binary-hppa/wzdftpd-mod-perl_0.5.2-1.1sarge2_hppa.deb stable/main/binary-hppa/wzdftpd-mod-tcl_0.5.2-1.1sarge2_hppa.deb stable/main/binary-hppa/wzdftpd-back-mysql_0.5.2-1.1sarge2_hppa.deb stable/main/binary-hppa/wzdftpd-dev_0.5.2-1.1sarge2_hppa.deb stable/main/binary-hppa/wzdftpd_0.5.2-1.1sarge2_hppa.deb wzdftpd (0.5.2-1.1sarge2) stable; urgency=high * Fix depends for wzdftpd-mod-perl and wzdftpd-mod-tcl (Closes: #372531, #369829) stable/main/binary-arm/wzdftpd-mod-perl_0.5.2-1.1sarge2_arm.deb stable/main/binary-arm/wzdftpd_0.5.2-1.1sarge2_arm.deb stable/main/binary-arm/wzdftpd-back-mysql_0.5.2-1.1sarge2_arm.deb stable/main/binary-arm/wzdftpd-mod-tcl_0.5.2-1.1sarge2_arm.deb stable/main/binary-arm/wzdftpd-dev_0.5.2-1.1sarge2_arm.deb wzdftpd (0.5.2-1.1sarge2) stable; urgency=high * Fix depends for wzdftpd-mod-perl and wzdftpd-mod-tcl (Closes: #372531, #369829) stable/main/binary-alpha/wzdftpd-mod-perl_0.5.2-1.1sarge2_alpha.deb stable/main/binary-alpha/wzdftpd-dev_0.5.2-1.1sarge2_alpha.deb stable/main/binary-alpha/wzdftpd-back-mysql_0.5.2-1.1sarge2_alpha.deb stable/main/binary-alpha/wzdftpd-mod-tcl_0.5.2-1.1sarge2_alpha.deb stable/main/binary-alpha/wzdftpd_0.5.2-1.1sarge2_alpha.deb wzdftpd (0.5.2-1.1sarge2) stable; urgency=high * Fix depends for wzdftpd-mod-perl and wzdftpd-mod-tcl (Closes: #372531, #369829) stable/main/binary-i386/wzdftpd-mod-perl_0.5.2-1.1sarge2_i386.deb stable/main/binary-i386/wzdftpd-mod-tcl_0.5.2-1.1sarge2_i386.deb stable/main/source/wzdftpd_0.5.2-1.1sarge2.diff.gz stable/main/binary-i386/wzdftpd-back-mysql_0.5.2-1.1sarge2_i386.deb stable/main/binary-i386/wzdftpd_0.5.2-1.1sarge2_i386.deb stable/main/binary-i386/wzdftpd-dev_0.5.2-1.1sarge2_i386.deb stable/main/source/wzdftpd_0.5.2-1.1sarge2.dsc wzdftpd (0.5.2-1.1sarge2) stable; urgency=high * Fix depends for wzdftpd-mod-perl and wzdftpd-mod-tcl (Closes: #372531, #369829) stable/main/binary-sparc/libwv2-dev_0.2.2-1sarge1_sparc.deb stable/main/binary-sparc/libwv2-1_0.2.2-1sarge1_sparc.deb wv2 (0.2.2-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix boundary check error [src/word_helper.h, CVE-2006-2197] stable/main/binary-s390/libwv2-1_0.2.2-1sarge1_s390.deb stable/main/binary-s390/libwv2-dev_0.2.2-1sarge1_s390.deb wv2 (0.2.2-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix boundary check error [src/word_helper.h, CVE-2006-2197] stable/main/binary-mipsel/libwv2-1_0.2.2-1sarge1_mipsel.deb stable/main/binary-mipsel/libwv2-dev_0.2.2-1sarge1_mipsel.deb wv2 (0.2.2-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix boundary check error [src/word_helper.h, CVE-2006-2197] stable/main/binary-mips/libwv2-1_0.2.2-1sarge1_mips.deb stable/main/binary-mips/libwv2-dev_0.2.2-1sarge1_mips.deb wv2 (0.2.2-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix boundary check error [src/word_helper.h, CVE-2006-2197] stable/main/binary-m68k/libwv2-dev_0.2.2-1sarge1_m68k.deb stable/main/binary-m68k/libwv2-1_0.2.2-1sarge1_m68k.deb wv2 (0.2.2-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix boundary check error [src/word_helper.h, CVE-2006-2197] stable/main/binary-ia64/libwv2-1_0.2.2-1sarge1_ia64.deb stable/main/binary-ia64/libwv2-dev_0.2.2-1sarge1_ia64.deb wv2 (0.2.2-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix boundary check error [src/word_helper.h, CVE-2006-2197] stable/main/binary-i386/libwv2-dev_0.2.2-1sarge1_i386.deb stable/main/binary-i386/libwv2-1_0.2.2-1sarge1_i386.deb wv2 (0.2.2-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix boundary check error [src/word_helper.h, CVE-2006-2197] stable/main/binary-hppa/libwv2-1_0.2.2-1sarge1_hppa.deb stable/main/binary-hppa/libwv2-dev_0.2.2-1sarge1_hppa.deb wv2 (0.2.2-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix boundary check error [src/word_helper.h, CVE-2006-2197] stable/main/binary-arm/libwv2-1_0.2.2-1sarge1_arm.deb stable/main/binary-arm/libwv2-dev_0.2.2-1sarge1_arm.deb wv2 (0.2.2-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix boundary check error [src/word_helper.h, CVE-2006-2197] stable/main/binary-alpha/libwv2-dev_0.2.2-1sarge1_alpha.deb stable/main/binary-alpha/libwv2-1_0.2.2-1sarge1_alpha.deb wv2 (0.2.2-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix boundary check error [src/word_helper.h, CVE-2006-2197] stable/main/source/wv2_0.2.2-1sarge1.diff.gz stable/main/binary-powerpc/libwv2-dev_0.2.2-1sarge1_powerpc.deb stable/main/binary-powerpc/libwv2-1_0.2.2-1sarge1_powerpc.deb stable/main/source/wv2_0.2.2-1sarge1.dsc wv2 (0.2.2-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix boundary check error [src/word_helper.h, CVE-2006-2197] stable/main/binary-all/webcalendar_0.9.45-4sarge5_all.deb stable/main/source/webcalendar_0.9.45-4sarge5.dsc stable/main/source/webcalendar_0.9.45-4sarge5.diff.gz webcalendar (0.9.45-4sarge5) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported upstream patch to fix file disclosure vulnerability if register_globals is turned on. [includes/config.php, tools/send_reminders.php, tools/convert_passwords.php, CVE-2006-2762] stable/main/binary-sparc/vlan_1.8-1sarge1_sparc.deb vlan (1.8-1sarge1) stable; urgency=medium * Fix /etc/network/if-up.d/ip to not set rp_filter to 1 when rp_filter isn't set in /etc/network/interfaces. (Closes: #330673, #378714) * Add myself to Uploaders. stable/main/binary-s390/vlan_1.8-1sarge1_s390.deb vlan (1.8-1sarge1) stable; urgency=medium * Fix /etc/network/if-up.d/ip to not set rp_filter to 1 when rp_filter isn't set in /etc/network/interfaces. (Closes: #330673, #378714) * Add myself to Uploaders. stable/main/binary-powerpc/vlan_1.8-1sarge1_powerpc.deb vlan (1.8-1sarge1) stable; urgency=medium * Fix /etc/network/if-up.d/ip to not set rp_filter to 1 when rp_filter isn't set in /etc/network/interfaces. (Closes: #330673, #378714) * Add myself to Uploaders. stable/main/binary-mipsel/vlan_1.8-1sarge1_mipsel.deb vlan (1.8-1sarge1) stable; urgency=medium * Fix /etc/network/if-up.d/ip to not set rp_filter to 1 when rp_filter isn't set in /etc/network/interfaces. (Closes: #330673, #378714) * Add myself to Uploaders. stable/main/binary-mips/vlan_1.8-1sarge1_mips.deb vlan (1.8-1sarge1) stable; urgency=medium * Fix /etc/network/if-up.d/ip to not set rp_filter to 1 when rp_filter isn't set in /etc/network/interfaces. (Closes: #330673, #378714) * Add myself to Uploaders. stable/main/binary-m68k/vlan_1.8-1sarge1_m68k.deb vlan (1.8-1sarge1) stable; urgency=medium * Fix /etc/network/if-up.d/ip to not set rp_filter to 1 when rp_filter isn't set in /etc/network/interfaces. (Closes: #330673, #378714) * Add myself to Uploaders. stable/main/binary-ia64/vlan_1.8-1sarge1_ia64.deb vlan (1.8-1sarge1) stable; urgency=medium * Fix /etc/network/if-up.d/ip to not set rp_filter to 1 when rp_filter isn't set in /etc/network/interfaces. (Closes: #330673, #378714) * Add myself to Uploaders. stable/main/binary-hppa/vlan_1.8-1sarge1_hppa.deb vlan (1.8-1sarge1) stable; urgency=medium * Fix /etc/network/if-up.d/ip to not set rp_filter to 1 when rp_filter isn't set in /etc/network/interfaces. (Closes: #330673, #378714) * Add myself to Uploaders. stable/main/binary-arm/vlan_1.8-1sarge1_arm.deb vlan (1.8-1sarge1) stable; urgency=medium * Fix /etc/network/if-up.d/ip to not set rp_filter to 1 when rp_filter isn't set in /etc/network/interfaces. (Closes: #330673, #378714) * Add myself to Uploaders. stable/main/binary-alpha/vlan_1.8-1sarge1_alpha.deb vlan (1.8-1sarge1) stable; urgency=medium * Fix /etc/network/if-up.d/ip to not set rp_filter to 1 when rp_filter isn't set in /etc/network/interfaces. (Closes: #330673, #378714) * Add myself to Uploaders. stable/main/source/vlan_1.8-1sarge1.diff.gz stable/main/source/vlan_1.8-1sarge1.dsc stable/main/binary-i386/vlan_1.8-1sarge1_i386.deb vlan (1.8-1sarge1) stable; urgency=medium * Fix /etc/network/if-up.d/ip to not set rp_filter to 1 when rp_filter isn't set in /etc/network/interfaces. (Closes: #330673, #378714) * Add myself to Uploaders. stable/main/binary-sparc/typespeed_0.4.4-8sarge1_sparc.deb typespeed (0.4.4-8sarge1) stable; urgency=high * Non-maintainer upload by The Security Team. * Fix a buffer overflow when reading data from across the network. [CVE-2006-1515] stable/main/binary-s390/typespeed_0.4.4-8sarge1_s390.deb typespeed (0.4.4-8sarge1) stable; urgency=high * Non-maintainer upload by The Security Team. * Fix a buffer overflow when reading data from across the network. [CVE-2006-1515] stable/main/binary-powerpc/typespeed_0.4.4-8sarge1_powerpc.deb typespeed (0.4.4-8sarge1) stable; urgency=high * Non-maintainer upload by The Security Team. * Fix a buffer overflow when reading data from across the network. [CVE-2006-1515] stable/main/binary-mipsel/typespeed_0.4.4-8sarge1_mipsel.deb typespeed (0.4.4-8sarge1) stable; urgency=high * Non-maintainer upload by The Security Team. * Fix a buffer overflow when reading data from across the network. [CVE-2006-1515] stable/main/binary-mips/typespeed_0.4.4-8sarge1_mips.deb typespeed (0.4.4-8sarge1) stable; urgency=high * Non-maintainer upload by The Security Team. * Fix a buffer overflow when reading data from across the network. [CVE-2006-1515] stable/main/binary-m68k/typespeed_0.4.4-8sarge1_m68k.deb typespeed (0.4.4-8sarge1) stable; urgency=high * Non-maintainer upload by The Security Team. * Fix a buffer overflow when reading data from across the network. [CVE-2006-1515] stable/main/binary-ia64/typespeed_0.4.4-8sarge1_ia64.deb typespeed (0.4.4-8sarge1) stable; urgency=high * Non-maintainer upload by The Security Team. * Fix a buffer overflow when reading data from across the network. [CVE-2006-1515] stable/main/binary-hppa/typespeed_0.4.4-8sarge1_hppa.deb typespeed (0.4.4-8sarge1) stable; urgency=high * Non-maintainer upload by The Security Team. * Fix a buffer overflow when reading data from across the network. [CVE-2006-1515] stable/main/binary-arm/typespeed_0.4.4-8sarge1_arm.deb typespeed (0.4.4-8sarge1) stable; urgency=high * Non-maintainer upload by The Security Team. * Fix a buffer overflow when reading data from across the network. [CVE-2006-1515] stable/main/binary-alpha/typespeed_0.4.4-8sarge1_alpha.deb typespeed (0.4.4-8sarge1) stable; urgency=high * Non-maintainer upload by The Security Team. * Fix a buffer overflow when reading data from across the network. [CVE-2006-1515] stable/main/source/typespeed_0.4.4-8sarge1.dsc stable/main/source/typespeed_0.4.4-8sarge1.diff.gz stable/main/binary-i386/typespeed_0.4.4-8sarge1_i386.deb typespeed (0.4.4-8sarge1) stable; urgency=high * Non-maintainer upload by The Security Team. * Fix a buffer overflow when reading data from across the network. [CVE-2006-1515] stable/main/binary-sparc/libtiff4-dev_3.7.2-7_sparc.deb stable/main/binary-sparc/libtiff4_3.7.2-7_sparc.deb stable/main/binary-sparc/libtiff-opengl_3.7.2-7_sparc.deb stable/main/binary-sparc/libtiffxx0_3.7.2-7_sparc.deb stable/main/binary-sparc/libtiff-tools_3.7.2-7_sparc.deb tiff (3.7.2-7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch by Tavis Ormandy to fix several vulnerabilities [libtiff/tif_aux.c, libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_dirread.c, libtiff/tif_fax3.c, libtiff/tif_jpeg.c, libtiff/tif_next.c, libtiff/tif_pixarlog.c, libtiff/tif_read.c, libtiff/tiffiop.h, debian/patches/CVE-2006-3459-3465.patch] stable/main/binary-s390/libtiff-tools_3.7.2-7_s390.deb stable/main/binary-s390/libtiff-opengl_3.7.2-7_s390.deb stable/main/binary-s390/libtiffxx0_3.7.2-7_s390.deb stable/main/binary-s390/libtiff4_3.7.2-7_s390.deb stable/main/binary-s390/libtiff4-dev_3.7.2-7_s390.deb tiff (3.7.2-7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch by Tavis Ormandy to fix several vulnerabilities [libtiff/tif_aux.c, libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_dirread.c, libtiff/tif_fax3.c, libtiff/tif_jpeg.c, libtiff/tif_next.c, libtiff/tif_pixarlog.c, libtiff/tif_read.c, libtiff/tiffiop.h, debian/patches/CVE-2006-3459-3465.patch] stable/main/binary-mipsel/libtiff-opengl_3.7.2-7_mipsel.deb stable/main/binary-mipsel/libtiff4_3.7.2-7_mipsel.deb stable/main/binary-mipsel/libtiff4-dev_3.7.2-7_mipsel.deb stable/main/binary-mipsel/libtiffxx0_3.7.2-7_mipsel.deb stable/main/binary-mipsel/libtiff-tools_3.7.2-7_mipsel.deb tiff (3.7.2-7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch by Tavis Ormandy to fix several vulnerabilities [libtiff/tif_aux.c, libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_dirread.c, libtiff/tif_fax3.c, libtiff/tif_jpeg.c, libtiff/tif_next.c, libtiff/tif_pixarlog.c, libtiff/tif_read.c, libtiff/tiffiop.h, debian/patches/CVE-2006-3459-3465.patch] stable/main/binary-mips/libtiff-tools_3.7.2-7_mips.deb stable/main/binary-mips/libtiff4_3.7.2-7_mips.deb stable/main/binary-mips/libtiff-opengl_3.7.2-7_mips.deb stable/main/binary-mips/libtiff4-dev_3.7.2-7_mips.deb stable/main/binary-mips/libtiffxx0_3.7.2-7_mips.deb tiff (3.7.2-7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch by Tavis Ormandy to fix several vulnerabilities [libtiff/tif_aux.c, libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_dirread.c, libtiff/tif_fax3.c, libtiff/tif_jpeg.c, libtiff/tif_next.c, libtiff/tif_pixarlog.c, libtiff/tif_read.c, libtiff/tiffiop.h, debian/patches/CVE-2006-3459-3465.patch] stable/main/binary-m68k/libtiff-opengl_3.7.2-7_m68k.deb stable/main/binary-m68k/libtiff4-dev_3.7.2-7_m68k.deb stable/main/binary-m68k/libtiff4_3.7.2-7_m68k.deb stable/main/binary-m68k/libtiff-tools_3.7.2-7_m68k.deb stable/main/binary-m68k/libtiffxx0_3.7.2-7_m68k.deb tiff (3.7.2-7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch by Tavis Ormandy to fix several vulnerabilities [libtiff/tif_aux.c, libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_dirread.c, libtiff/tif_fax3.c, libtiff/tif_jpeg.c, libtiff/tif_next.c, libtiff/tif_pixarlog.c, libtiff/tif_read.c, libtiff/tiffiop.h, debian/patches/CVE-2006-3459-3465.patch] stable/main/binary-ia64/libtiff4_3.7.2-7_ia64.deb stable/main/binary-ia64/libtiff-tools_3.7.2-7_ia64.deb stable/main/binary-ia64/libtiff-opengl_3.7.2-7_ia64.deb stable/main/binary-ia64/libtiff4-dev_3.7.2-7_ia64.deb stable/main/binary-ia64/libtiffxx0_3.7.2-7_ia64.deb tiff (3.7.2-7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch by Tavis Ormandy to fix several vulnerabilities [libtiff/tif_aux.c, libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_dirread.c, libtiff/tif_fax3.c, libtiff/tif_jpeg.c, libtiff/tif_next.c, libtiff/tif_pixarlog.c, libtiff/tif_read.c, libtiff/tiffiop.h, debian/patches/CVE-2006-3459-3465.patch] stable/main/binary-i386/libtiffxx0_3.7.2-7_i386.deb stable/main/binary-i386/libtiff4-dev_3.7.2-7_i386.deb stable/main/binary-i386/libtiff-opengl_3.7.2-7_i386.deb stable/main/binary-i386/libtiff4_3.7.2-7_i386.deb stable/main/binary-i386/libtiff-tools_3.7.2-7_i386.deb tiff (3.7.2-7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch by Tavis Ormandy to fix several vulnerabilities [libtiff/tif_aux.c, libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_dirread.c, libtiff/tif_fax3.c, libtiff/tif_jpeg.c, libtiff/tif_next.c, libtiff/tif_pixarlog.c, libtiff/tif_read.c, libtiff/tiffiop.h, debian/patches/CVE-2006-3459-3465.patch] stable/main/binary-hppa/libtiff4_3.7.2-7_hppa.deb stable/main/binary-hppa/libtiff-opengl_3.7.2-7_hppa.deb stable/main/binary-hppa/libtiff4-dev_3.7.2-7_hppa.deb stable/main/binary-hppa/libtiff-tools_3.7.2-7_hppa.deb stable/main/binary-hppa/libtiffxx0_3.7.2-7_hppa.deb tiff (3.7.2-7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch by Tavis Ormandy to fix several vulnerabilities [libtiff/tif_aux.c, libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_dirread.c, libtiff/tif_fax3.c, libtiff/tif_jpeg.c, libtiff/tif_next.c, libtiff/tif_pixarlog.c, libtiff/tif_read.c, libtiff/tiffiop.h, debian/patches/CVE-2006-3459-3465.patch] stable/main/binary-arm/libtiffxx0_3.7.2-7_arm.deb stable/main/binary-arm/libtiff4-dev_3.7.2-7_arm.deb stable/main/binary-arm/libtiff-tools_3.7.2-7_arm.deb stable/main/binary-arm/libtiff-opengl_3.7.2-7_arm.deb stable/main/binary-arm/libtiff4_3.7.2-7_arm.deb tiff (3.7.2-7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch by Tavis Ormandy to fix several vulnerabilities [libtiff/tif_aux.c, libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_dirread.c, libtiff/tif_fax3.c, libtiff/tif_jpeg.c, libtiff/tif_next.c, libtiff/tif_pixarlog.c, libtiff/tif_read.c, libtiff/tiffiop.h, debian/patches/CVE-2006-3459-3465.patch] stable/main/binary-alpha/libtiff-tools_3.7.2-7_alpha.deb stable/main/binary-alpha/libtiffxx0_3.7.2-7_alpha.deb stable/main/binary-alpha/libtiff4_3.7.2-7_alpha.deb stable/main/binary-alpha/libtiff4-dev_3.7.2-7_alpha.deb stable/main/binary-alpha/libtiff-opengl_3.7.2-7_alpha.deb tiff (3.7.2-7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch by Tavis Ormandy to fix several vulnerabilities [libtiff/tif_aux.c, libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_dirread.c, libtiff/tif_fax3.c, libtiff/tif_jpeg.c, libtiff/tif_next.c, libtiff/tif_pixarlog.c, libtiff/tif_read.c, libtiff/tiffiop.h, debian/patches/CVE-2006-3459-3465.patch] stable/main/binary-powerpc/libtiff-opengl_3.7.2-7_powerpc.deb stable/main/binary-powerpc/libtiff4_3.7.2-7_powerpc.deb stable/main/binary-powerpc/libtiff-tools_3.7.2-7_powerpc.deb stable/main/binary-powerpc/libtiffxx0_3.7.2-7_powerpc.deb stable/main/source/tiff_3.7.2-7.dsc stable/main/source/tiff_3.7.2-7.diff.gz stable/main/binary-powerpc/libtiff4-dev_3.7.2-7_powerpc.deb tiff (3.7.2-7) stable-security; urgency=high * Non-maintainer upload by the Security Team * Backported patch by Tavis Ormandy to fix several vulnerabilities [libtiff/tif_aux.c, libtiff/tif_dir.c, libtiff/tif_dirinfo.c, libtiff/tif_dirread.c, libtiff/tif_fax3.c, libtiff/tif_jpeg.c, libtiff/tif_next.c, libtiff/tif_pixarlog.c, libtiff/tif_read.c, libtiff/tiffiop.h, debian/patches/CVE-2006-3459-3465.patch] stable/main/binary-all/systemimager-client_3.2.3-6sarge2_all.deb stable/main/binary-all/systemimager-boot-i386-standard_3.2.3-6sarge2_all.deb stable/main/source/systemimager_3.2.3-6sarge2.tar.gz stable/main/binary-all/systemimager-boot-ia64-standard_3.2.3-6sarge2_all.deb stable/main/binary-all/systemimager-common_3.2.3-6sarge2_all.deb stable/main/source/systemimager_3.2.3-6sarge2.dsc stable/main/binary-all/systemimager-server-flamethrowerd_3.2.3-6sarge2_all.deb stable/main/binary-all/systemimager-doc_3.2.3-6sarge2_all.deb stable/main/binary-all/systemimager-server_3.2.3-6sarge2_all.deb systemimager (3.2.3-6sarge2) stable-security; urgency=high * Rebuild against kernel-source-2.6.8 (2.6.8-16sarge3): * 207_smbfs-chroot-escape.diff [SECURITY] Fix directory traversal vulnerability in smbfs that permits local users to escape chroot restrictions See CVE-2006-1864 * 208_ia64-die_if_kernel-returns.diff [SECURITY][ia64] Fix a potential local DoS on ia64 systems caused by an incorrect 'noreturn' attribute on die_if_kernel() See CVE-2006-0742 * 209_sctp-discard-unexpected-in-closed.diff [SECURITY] Fix remote DoS in SCTP code by discarding unexpected chunks received in CLOSED state instead of calling BUG() See CVE-2006-2271 * 210_ipv4-id-no-increment.diff [SECURITY] Fix vulnerability that allows remote attackers to conduct an Idle Scan attack, bypassing intended protections against such attacks See CVE-2006-1242 * 211_usb-gadget-rndis-bufoverflow.diff [SECURITY] Fix buffer overflow in the USB Gadget RNDIS implementation that allows for a remote DoS attack (kmalloc'd memory corruption) See CVE-2006-1368 * 212_ipv4-sin_zero_clear.diff [SECURITY] Fix local information leak in af_inet code See CVE-2006-1343 * 213_madvise_remove-restrict.diff [SECURITY] Fix vulnerability that allows local users to bypass IPC permissions and replace portions of read-only tmpfs files with zeroes. See CVE-2006-1524 * 214_mcast-ip-route-null-deref.diff [SECURITY] Fix local DoS vulnerability that allows local users to panic a system by requesting a route for a multicast IP See CVE-2006-1525 * 215_sctp-fragment-recurse.diff [SECURITY] Fix remote DoS vulnerability that can lead to infinite recursion when a packet containing two or more DATA fragments is received See CVE-2006-2274 * 216_sctp-fragmented-receive-fix.diff [SECURITY] Fix remote DoS vulnerability that allows IP fragmented COOKIE_ECHO and HEARTBEAT SCTP control chunks to cause a kernel panic See CVE-2006-2272 * 217_amd64-fp-reg-leak.diff [SECURITY][amd64] Fix an information leak that allows a process to see a portion of the floating point state of other processes, possibly exposing sensitive information. See CVE-2006-1056 * 218_do_add_counters-race.diff [SECURITY] Fix race condition in the do_add_counters() function in netfilter that allows local users with CAP_NET_ADMIN capabilities to read kernel memory See CVE-2006-0039 * 219_sctp-hb-ack-overflow.diff [SECURITY] Fix a remote buffer overflow that can result from a badly formatted HB-ACK chunk See CVE-2006-1857 * 220_sctp-param-bound-checks.diff [SECURITY] Fix a bound checking error (remote DoS) in the SCTP parameter checking code See CVE-2006-1858 * 221_netfilter-do_replace-overflow.diff [SECURITY] Fix buffer overflow in netfilter do_replace which can could be triggered by users with CAP_NET_ADMIN rights. See CVE-2006-0038 * 222_binfmt-bad-elf-entry-address.diff [SECURITY][amd64] Fix potential local DoS vulnerability in the binfmt_elf code on em64t processors See CVE-2006-0741 stable/main/source/squirrelmail_1.4.4-9.diff.gz stable/main/binary-all/squirrelmail_1.4.4-9_all.deb stable/main/source/squirrelmail_1.4.4-9.dsc squirrelmail (2:1.4.4-9) stable-security; urgency=high * Fix variable overwriting by logged-in user in compose.php [CVE-2006-4019] stable/main/binary-sparc/spamc_3.0.3-2sarge1_sparc.deb spamassassin (3.0.3-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix remote command execution vulnerability [spamd/spamd.raw, debian/patches/40_CVE-2006-2447.dpatch] stable/main/binary-s390/spamc_3.0.3-2sarge1_s390.deb spamassassin (3.0.3-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix remote command execution vulnerability [spamd/spamd.raw, debian/patches/40_CVE-2006-2447.dpatch] stable/main/binary-mipsel/spamc_3.0.3-2sarge1_mipsel.deb spamassassin (3.0.3-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix remote command execution vulnerability [spamd/spamd.raw, debian/patches/40_CVE-2006-2447.dpatch] stable/main/binary-mips/spamc_3.0.3-2sarge1_mips.deb spamassassin (3.0.3-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix remote command execution vulnerability [spamd/spamd.raw, debian/patches/40_CVE-2006-2447.dpatch] stable/main/binary-m68k/spamc_3.0.3-2sarge1_m68k.deb spamassassin (3.0.3-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix remote command execution vulnerability [spamd/spamd.raw, debian/patches/40_CVE-2006-2447.dpatch] stable/main/binary-ia64/spamc_3.0.3-2sarge1_ia64.deb spamassassin (3.0.3-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix remote command execution vulnerability [spamd/spamd.raw, debian/patches/40_CVE-2006-2447.dpatch] stable/main/binary-i386/spamc_3.0.3-2sarge1_i386.deb spamassassin (3.0.3-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix remote command execution vulnerability [spamd/spamd.raw, debian/patches/40_CVE-2006-2447.dpatch] stable/main/binary-hppa/spamc_3.0.3-2sarge1_hppa.deb spamassassin (3.0.3-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix remote command execution vulnerability [spamd/spamd.raw, debian/patches/40_CVE-2006-2447.dpatch] stable/main/binary-arm/spamc_3.0.3-2sarge1_arm.deb spamassassin (3.0.3-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix remote command execution vulnerability [spamd/spamd.raw, debian/patches/40_CVE-2006-2447.dpatch] stable/main/binary-alpha/spamc_3.0.3-2sarge1_alpha.deb spamassassin (3.0.3-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix remote command execution vulnerability [spamd/spamd.raw, debian/patches/40_CVE-2006-2447.dpatch] stable/main/binary-powerpc/spamc_3.0.3-2sarge1_powerpc.deb stable/main/source/spamassassin_3.0.3-2sarge1.dsc stable/main/source/spamassassin_3.0.3-2sarge1.diff.gz stable/main/binary-all/spamassassin_3.0.3-2sarge1_all.deb spamassassin (3.0.3-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix remote command execution vulnerability [spamd/spamd.raw, debian/patches/40_CVE-2006-2447.dpatch] stable/main/source/sitebar_3.2.6-7.1.dsc stable/main/source/sitebar_3.2.6-7.1.diff.gz stable/main/binary-all/sitebar_3.2.6-7.1_all.deb sitebar (3.2.6-7.1) stable-security; urgency=high * Non-maintainer upload for security bug fix. * Properly encode the 'command' parameter of command.php (CVE-2006-3320, Closes: #377299). stable/main/binary-sparc/passwd_4.0.3-31sarge9_sparc.deb stable/main/binary-sparc/login_4.0.3-31sarge9_sparc.deb shadow (1:4.0.3-31sarge9) stable; urgency=low * passwd.postinst: On upgrades from any prior version, chmod 600 various base-config and d-i log files that might contain sensative information, including in some cases, passwords. Thanks to Joey Hess for the patch. Closes: #356939 stable/main/binary-s390/login_4.0.3-31sarge9_s390.deb stable/main/binary-s390/passwd_4.0.3-31sarge9_s390.deb shadow (1:4.0.3-31sarge9) stable; urgency=low * passwd.postinst: On upgrades from any prior version, chmod 600 various base-config and d-i log files that might contain sensative information, including in some cases, passwords. Thanks to Joey Hess for the patch. Closes: #356939 stable/main/binary-powerpc/passwd_4.0.3-31sarge9_powerpc.deb stable/main/binary-powerpc/login_4.0.3-31sarge9_powerpc.deb shadow (1:4.0.3-31sarge9) stable; urgency=low * passwd.postinst: On upgrades from any prior version, chmod 600 various base-config and d-i log files that might contain sensative information, including in some cases, passwords. Thanks to Joey Hess for the patch. Closes: #356939 stable/main/binary-mipsel/login_4.0.3-31sarge9_mipsel.deb stable/main/binary-mipsel/passwd_4.0.3-31sarge9_mipsel.deb shadow (1:4.0.3-31sarge9) stable; urgency=low * passwd.postinst: On upgrades from any prior version, chmod 600 various base-config and d-i log files that might contain sensative information, including in some cases, passwords. Thanks to Joey Hess for the patch. Closes: #356939 stable/main/binary-mips/login_4.0.3-31sarge9_mips.deb stable/main/binary-mips/passwd_4.0.3-31sarge9_mips.deb shadow (1:4.0.3-31sarge9) stable; urgency=low * passwd.postinst: On upgrades from any prior version, chmod 600 various base-config and d-i log files that might contain sensative information, including in some cases, passwords. Thanks to Joey Hess for the patch. Closes: #356939 stable/main/binary-m68k/login_4.0.3-31sarge9_m68k.deb stable/main/binary-m68k/passwd_4.0.3-31sarge9_m68k.deb shadow (1:4.0.3-31sarge9) stable; urgency=low * passwd.postinst: On upgrades from any prior version, chmod 600 various base-config and d-i log files that might contain sensative information, including in some cases, passwords. Thanks to Joey Hess for the patch. Closes: #356939 stable/main/binary-ia64/passwd_4.0.3-31sarge9_ia64.deb stable/main/binary-ia64/login_4.0.3-31sarge9_ia64.deb shadow (1:4.0.3-31sarge9) stable; urgency=low * passwd.postinst: On upgrades from any prior version, chmod 600 various base-config and d-i log files that might contain sensative information, including in some cases, passwords. Thanks to Joey Hess for the patch. Closes: #356939 stable/main/binary-hppa/passwd_4.0.3-31sarge9_hppa.deb stable/main/binary-hppa/login_4.0.3-31sarge9_hppa.deb shadow (1:4.0.3-31sarge9) stable; urgency=low * passwd.postinst: On upgrades from any prior version, chmod 600 various base-config and d-i log files that might contain sensative information, including in some cases, passwords. Thanks to Joey Hess for the patch. Closes: #356939 stable/main/binary-arm/login_4.0.3-31sarge9_arm.deb stable/main/binary-arm/passwd_4.0.3-31sarge9_arm.deb shadow (1:4.0.3-31sarge9) stable; urgency=low * passwd.postinst: On upgrades from any prior version, chmod 600 various base-config and d-i log files that might contain sensative information, including in some cases, passwords. Thanks to Joey Hess for the patch. Closes: #356939 stable/main/binary-alpha/login_4.0.3-31sarge9_alpha.deb stable/main/binary-alpha/passwd_4.0.3-31sarge9_alpha.deb shadow (1:4.0.3-31sarge9) stable; urgency=low * passwd.postinst: On upgrades from any prior version, chmod 600 various base-config and d-i log files that might contain sensative information, including in some cases, passwords. Thanks to Joey Hess for the patch. Closes: #356939 stable/main/source/shadow_4.0.3-31sarge9.dsc stable/main/binary-i386/passwd_4.0.3-31sarge9_i386.deb stable/main/binary-i386/login_4.0.3-31sarge9_i386.deb stable/main/source/shadow_4.0.3-31sarge9.diff.gz shadow (1:4.0.3-31sarge9) stable; urgency=low * passwd.postinst: On upgrades from any prior version, chmod 600 various base-config and d-i log files that might contain sensative information, including in some cases, passwords. Thanks to Joey Hess for the patch. Closes: #356939 stable/main/binary-sparc/rmail_8.13.4-3sarge2_sparc.deb stable/main/binary-sparc/libmilter0_8.13.4-3sarge2_sparc.deb stable/main/binary-sparc/libmilter-dev_8.13.4-3sarge2_sparc.deb stable/main/binary-sparc/sendmail-bin_8.13.4-3sarge2_sparc.deb stable/main/binary-sparc/sensible-mda_8.13.4-3sarge2_sparc.deb sendmail (8.13.4-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix denial of service [VU#146718, Bug#380258, debian/patches/8.13/8.13.4/z_CVE-2006-1173.patch] stable/main/binary-s390/rmail_8.13.4-3sarge2_s390.deb stable/main/binary-s390/libmilter0_8.13.4-3sarge2_s390.deb stable/main/binary-s390/libmilter-dev_8.13.4-3sarge2_s390.deb stable/main/binary-s390/sensible-mda_8.13.4-3sarge2_s390.deb stable/main/binary-s390/sendmail-bin_8.13.4-3sarge2_s390.deb sendmail (8.13.4-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix denial of service [VU#146718, Bug#380258, debian/patches/8.13/8.13.4/z_CVE-2006-1173.patch] stable/main/binary-mipsel/libmilter0_8.13.4-3sarge2_mipsel.deb stable/main/binary-mipsel/sendmail-bin_8.13.4-3sarge2_mipsel.deb stable/main/binary-mipsel/sensible-mda_8.13.4-3sarge2_mipsel.deb stable/main/binary-mipsel/libmilter-dev_8.13.4-3sarge2_mipsel.deb stable/main/binary-mipsel/rmail_8.13.4-3sarge2_mipsel.deb sendmail (8.13.4-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix denial of service [VU#146718, Bug#380258, debian/patches/8.13/8.13.4/z_CVE-2006-1173.patch] stable/main/binary-mips/libmilter-dev_8.13.4-3sarge2_mips.deb stable/main/binary-mips/rmail_8.13.4-3sarge2_mips.deb stable/main/binary-mips/libmilter0_8.13.4-3sarge2_mips.deb stable/main/binary-mips/sensible-mda_8.13.4-3sarge2_mips.deb stable/main/binary-mips/sendmail-bin_8.13.4-3sarge2_mips.deb sendmail (8.13.4-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix denial of service [VU#146718, Bug#380258, debian/patches/8.13/8.13.4/z_CVE-2006-1173.patch] stable/main/binary-m68k/rmail_8.13.4-3sarge2_m68k.deb stable/main/binary-m68k/libmilter-dev_8.13.4-3sarge2_m68k.deb stable/main/binary-m68k/sendmail-bin_8.13.4-3sarge2_m68k.deb stable/main/binary-m68k/sensible-mda_8.13.4-3sarge2_m68k.deb stable/main/binary-m68k/libmilter0_8.13.4-3sarge2_m68k.deb sendmail (8.13.4-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix denial of service [VU#146718, Bug#380258, debian/patches/8.13/8.13.4/z_CVE-2006-1173.patch] stable/main/binary-ia64/libmilter-dev_8.13.4-3sarge2_ia64.deb stable/main/binary-ia64/sendmail-bin_8.13.4-3sarge2_ia64.deb stable/main/binary-ia64/sensible-mda_8.13.4-3sarge2_ia64.deb stable/main/binary-ia64/libmilter0_8.13.4-3sarge2_ia64.deb stable/main/binary-ia64/rmail_8.13.4-3sarge2_ia64.deb sendmail (8.13.4-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix denial of service [VU#146718, Bug#380258, debian/patches/8.13/8.13.4/z_CVE-2006-1173.patch] stable/main/binary-i386/sendmail-bin_8.13.4-3sarge2_i386.deb stable/main/binary-i386/sensible-mda_8.13.4-3sarge2_i386.deb stable/main/binary-i386/libmilter0_8.13.4-3sarge2_i386.deb stable/main/binary-i386/rmail_8.13.4-3sarge2_i386.deb stable/main/binary-i386/libmilter-dev_8.13.4-3sarge2_i386.deb sendmail (8.13.4-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix denial of service [VU#146718, Bug#380258, debian/patches/8.13/8.13.4/z_CVE-2006-1173.patch] stable/main/binary-hppa/libmilter0_8.13.4-3sarge2_hppa.deb stable/main/binary-hppa/libmilter-dev_8.13.4-3sarge2_hppa.deb stable/main/binary-hppa/rmail_8.13.4-3sarge2_hppa.deb stable/main/binary-hppa/sensible-mda_8.13.4-3sarge2_hppa.deb stable/main/binary-hppa/sendmail-bin_8.13.4-3sarge2_hppa.deb sendmail (8.13.4-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix denial of service [VU#146718, Bug#380258, debian/patches/8.13/8.13.4/z_CVE-2006-1173.patch] stable/main/binary-arm/libmilter0_8.13.4-3sarge2_arm.deb stable/main/binary-arm/sendmail-bin_8.13.4-3sarge2_arm.deb stable/main/binary-arm/rmail_8.13.4-3sarge2_arm.deb stable/main/binary-arm/sensible-mda_8.13.4-3sarge2_arm.deb stable/main/binary-arm/libmilter-dev_8.13.4-3sarge2_arm.deb sendmail (8.13.4-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix denial of service [VU#146718, Bug#380258, debian/patches/8.13/8.13.4/z_CVE-2006-1173.patch] stable/main/binary-alpha/rmail_8.13.4-3sarge2_alpha.deb stable/main/binary-alpha/libmilter-dev_8.13.4-3sarge2_alpha.deb stable/main/binary-alpha/libmilter0_8.13.4-3sarge2_alpha.deb stable/main/binary-alpha/sendmail-bin_8.13.4-3sarge2_alpha.deb stable/main/binary-alpha/sensible-mda_8.13.4-3sarge2_alpha.deb sendmail (8.13.4-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix denial of service [VU#146718, Bug#380258, debian/patches/8.13/8.13.4/z_CVE-2006-1173.patch] stable/main/source/sendmail_8.13.4-3sarge2.diff.gz stable/main/source/sendmail_8.13.4-3sarge2.dsc stable/main/binary-powerpc/libmilter-dev_8.13.4-3sarge2_powerpc.deb stable/main/binary-powerpc/sensible-mda_8.13.4-3sarge2_powerpc.deb stable/main/binary-all/sendmail-doc_8.13.4-3sarge2_all.deb stable/main/binary-all/sendmail_8.13.4-3sarge2_all.deb stable/main/binary-all/sendmail-cf_8.13.4-3sarge2_all.deb stable/main/binary-powerpc/libmilter0_8.13.4-3sarge2_powerpc.deb stable/main/binary-powerpc/sendmail-bin_8.13.4-3sarge2_powerpc.deb stable/main/binary-powerpc/rmail_8.13.4-3sarge2_powerpc.deb stable/main/binary-all/sendmail-base_8.13.4-3sarge2_all.deb sendmail (8.13.4-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied upstream patch to fix denial of service [VU#146718, Bug#380258, debian/patches/8.13/8.13.4/z_CVE-2006-1173.patch] stable/main/binary-sparc/winbind_3.0.14a-3sarge2_sparc.deb stable/main/binary-sparc/libsmbclient_3.0.14a-3sarge2_sparc.deb stable/main/binary-sparc/smbfs_3.0.14a-3sarge2_sparc.deb stable/main/binary-sparc/swat_3.0.14a-3sarge2_sparc.deb stable/main/binary-sparc/samba_3.0.14a-3sarge2_sparc.deb stable/main/binary-sparc/samba-common_3.0.14a-3sarge2_sparc.deb stable/main/binary-sparc/samba-dbg_3.0.14a-3sarge2_sparc.deb stable/main/binary-sparc/libsmbclient-dev_3.0.14a-3sarge2_sparc.deb stable/main/binary-sparc/libpam-smbpass_3.0.14a-3sarge2_sparc.deb stable/main/binary-sparc/python2.3-samba_3.0.14a-3sarge2_sparc.deb stable/main/binary-sparc/smbclient_3.0.14a-3sarge2_sparc.deb samba (3.0.14a-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: Fix anonymous memory exhaustion DoS. [CVE-2006-3403] stable/main/binary-s390/samba-dbg_3.0.14a-3sarge2_s390.deb stable/main/binary-s390/smbfs_3.0.14a-3sarge2_s390.deb stable/main/binary-s390/libpam-smbpass_3.0.14a-3sarge2_s390.deb stable/main/binary-s390/libsmbclient_3.0.14a-3sarge2_s390.deb stable/main/binary-s390/python2.3-samba_3.0.14a-3sarge2_s390.deb stable/main/binary-s390/smbclient_3.0.14a-3sarge2_s390.deb stable/main/binary-s390/libsmbclient-dev_3.0.14a-3sarge2_s390.deb stable/main/binary-s390/winbind_3.0.14a-3sarge2_s390.deb stable/main/binary-s390/swat_3.0.14a-3sarge2_s390.deb stable/main/binary-s390/samba-common_3.0.14a-3sarge2_s390.deb stable/main/binary-s390/samba_3.0.14a-3sarge2_s390.deb samba (3.0.14a-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: Fix anonymous memory exhaustion DoS. [CVE-2006-3403] stable/main/binary-powerpc/swat_3.0.14a-3sarge2_powerpc.deb stable/main/binary-powerpc/smbclient_3.0.14a-3sarge2_powerpc.deb stable/main/binary-powerpc/samba_3.0.14a-3sarge2_powerpc.deb stable/main/binary-powerpc/libpam-smbpass_3.0.14a-3sarge2_powerpc.deb stable/main/binary-powerpc/python2.3-samba_3.0.14a-3sarge2_powerpc.deb stable/main/binary-powerpc/libsmbclient_3.0.14a-3sarge2_powerpc.deb stable/main/binary-powerpc/samba-dbg_3.0.14a-3sarge2_powerpc.deb stable/main/binary-powerpc/libsmbclient-dev_3.0.14a-3sarge2_powerpc.deb stable/main/binary-powerpc/winbind_3.0.14a-3sarge2_powerpc.deb stable/main/binary-powerpc/samba-common_3.0.14a-3sarge2_powerpc.deb stable/main/binary-powerpc/smbfs_3.0.14a-3sarge2_powerpc.deb samba (3.0.14a-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: Fix anonymous memory exhaustion DoS. [CVE-2006-3403] stable/main/binary-mipsel/samba-dbg_3.0.14a-3sarge2_mipsel.deb stable/main/binary-mipsel/libsmbclient-dev_3.0.14a-3sarge2_mipsel.deb stable/main/binary-mipsel/libsmbclient_3.0.14a-3sarge2_mipsel.deb stable/main/binary-mipsel/samba_3.0.14a-3sarge2_mipsel.deb stable/main/binary-mipsel/swat_3.0.14a-3sarge2_mipsel.deb stable/main/binary-mipsel/smbfs_3.0.14a-3sarge2_mipsel.deb stable/main/binary-mipsel/libpam-smbpass_3.0.14a-3sarge2_mipsel.deb stable/main/binary-mipsel/python2.3-samba_3.0.14a-3sarge2_mipsel.deb stable/main/binary-mipsel/samba-common_3.0.14a-3sarge2_mipsel.deb stable/main/binary-mipsel/smbclient_3.0.14a-3sarge2_mipsel.deb stable/main/binary-mipsel/winbind_3.0.14a-3sarge2_mipsel.deb samba (3.0.14a-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: Fix anonymous memory exhaustion DoS. [CVE-2006-3403] stable/main/binary-mips/samba-dbg_3.0.14a-3sarge2_mips.deb stable/main/binary-mips/libsmbclient-dev_3.0.14a-3sarge2_mips.deb stable/main/binary-mips/libpam-smbpass_3.0.14a-3sarge2_mips.deb stable/main/binary-mips/smbfs_3.0.14a-3sarge2_mips.deb stable/main/binary-mips/swat_3.0.14a-3sarge2_mips.deb stable/main/binary-mips/samba-common_3.0.14a-3sarge2_mips.deb stable/main/binary-mips/samba_3.0.14a-3sarge2_mips.deb stable/main/binary-mips/winbind_3.0.14a-3sarge2_mips.deb stable/main/binary-mips/python2.3-samba_3.0.14a-3sarge2_mips.deb stable/main/binary-mips/smbclient_3.0.14a-3sarge2_mips.deb stable/main/binary-mips/libsmbclient_3.0.14a-3sarge2_mips.deb samba (3.0.14a-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: Fix anonymous memory exhaustion DoS. [CVE-2006-3403] stable/main/binary-m68k/smbfs_3.0.14a-3sarge2_m68k.deb stable/main/binary-m68k/libsmbclient_3.0.14a-3sarge2_m68k.deb stable/main/binary-m68k/libpam-smbpass_3.0.14a-3sarge2_m68k.deb stable/main/binary-m68k/swat_3.0.14a-3sarge2_m68k.deb stable/main/binary-m68k/smbclient_3.0.14a-3sarge2_m68k.deb stable/main/binary-m68k/libsmbclient-dev_3.0.14a-3sarge2_m68k.deb stable/main/binary-m68k/python2.3-samba_3.0.14a-3sarge2_m68k.deb stable/main/binary-m68k/samba-common_3.0.14a-3sarge2_m68k.deb stable/main/binary-m68k/samba_3.0.14a-3sarge2_m68k.deb stable/main/binary-m68k/samba-dbg_3.0.14a-3sarge2_m68k.deb stable/main/binary-m68k/winbind_3.0.14a-3sarge2_m68k.deb samba (3.0.14a-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: Fix anonymous memory exhaustion DoS. [CVE-2006-3403] stable/main/binary-ia64/libsmbclient-dev_3.0.14a-3sarge2_ia64.deb stable/main/binary-ia64/samba-common_3.0.14a-3sarge2_ia64.deb stable/main/binary-ia64/libpam-smbpass_3.0.14a-3sarge2_ia64.deb stable/main/binary-ia64/winbind_3.0.14a-3sarge2_ia64.deb stable/main/binary-ia64/smbclient_3.0.14a-3sarge2_ia64.deb stable/main/binary-ia64/python2.3-samba_3.0.14a-3sarge2_ia64.deb stable/main/binary-ia64/samba-dbg_3.0.14a-3sarge2_ia64.deb stable/main/binary-ia64/swat_3.0.14a-3sarge2_ia64.deb stable/main/binary-ia64/smbfs_3.0.14a-3sarge2_ia64.deb stable/main/binary-ia64/libsmbclient_3.0.14a-3sarge2_ia64.deb stable/main/binary-ia64/samba_3.0.14a-3sarge2_ia64.deb samba (3.0.14a-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: Fix anonymous memory exhaustion DoS. [CVE-2006-3403] stable/main/binary-hppa/swat_3.0.14a-3sarge2_hppa.deb stable/main/binary-hppa/libsmbclient_3.0.14a-3sarge2_hppa.deb stable/main/binary-hppa/libpam-smbpass_3.0.14a-3sarge2_hppa.deb stable/main/binary-hppa/libsmbclient-dev_3.0.14a-3sarge2_hppa.deb stable/main/binary-hppa/winbind_3.0.14a-3sarge2_hppa.deb stable/main/binary-hppa/smbclient_3.0.14a-3sarge2_hppa.deb stable/main/binary-hppa/samba-common_3.0.14a-3sarge2_hppa.deb stable/main/binary-hppa/python2.3-samba_3.0.14a-3sarge2_hppa.deb stable/main/binary-hppa/samba-dbg_3.0.14a-3sarge2_hppa.deb stable/main/binary-hppa/smbfs_3.0.14a-3sarge2_hppa.deb stable/main/binary-hppa/samba_3.0.14a-3sarge2_hppa.deb samba (3.0.14a-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: Fix anonymous memory exhaustion DoS. [CVE-2006-3403] stable/main/binary-arm/libsmbclient-dev_3.0.14a-3sarge2_arm.deb stable/main/binary-arm/samba-dbg_3.0.14a-3sarge2_arm.deb stable/main/binary-arm/smbclient_3.0.14a-3sarge2_arm.deb stable/main/binary-arm/libsmbclient_3.0.14a-3sarge2_arm.deb stable/main/binary-arm/swat_3.0.14a-3sarge2_arm.deb stable/main/binary-arm/libpam-smbpass_3.0.14a-3sarge2_arm.deb stable/main/binary-arm/smbfs_3.0.14a-3sarge2_arm.deb stable/main/binary-arm/samba_3.0.14a-3sarge2_arm.deb stable/main/binary-arm/samba-common_3.0.14a-3sarge2_arm.deb stable/main/binary-arm/python2.3-samba_3.0.14a-3sarge2_arm.deb stable/main/binary-arm/winbind_3.0.14a-3sarge2_arm.deb samba (3.0.14a-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: Fix anonymous memory exhaustion DoS. [CVE-2006-3403] stable/main/binary-alpha/libsmbclient-dev_3.0.14a-3sarge2_alpha.deb stable/main/binary-alpha/swat_3.0.14a-3sarge2_alpha.deb stable/main/binary-alpha/samba-dbg_3.0.14a-3sarge2_alpha.deb stable/main/binary-alpha/samba_3.0.14a-3sarge2_alpha.deb stable/main/binary-alpha/smbfs_3.0.14a-3sarge2_alpha.deb stable/main/binary-alpha/python2.3-samba_3.0.14a-3sarge2_alpha.deb stable/main/binary-alpha/libsmbclient_3.0.14a-3sarge2_alpha.deb stable/main/binary-alpha/smbclient_3.0.14a-3sarge2_alpha.deb stable/main/binary-alpha/libpam-smbpass_3.0.14a-3sarge2_alpha.deb stable/main/binary-alpha/winbind_3.0.14a-3sarge2_alpha.deb stable/main/binary-alpha/samba-common_3.0.14a-3sarge2_alpha.deb samba (3.0.14a-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: Fix anonymous memory exhaustion DoS. [CVE-2006-3403] stable/main/binary-i386/winbind_3.0.14a-3sarge2_i386.deb stable/main/binary-i386/samba_3.0.14a-3sarge2_i386.deb stable/main/binary-i386/samba-dbg_3.0.14a-3sarge2_i386.deb stable/main/binary-i386/swat_3.0.14a-3sarge2_i386.deb stable/main/binary-i386/python2.3-samba_3.0.14a-3sarge2_i386.deb stable/main/binary-i386/samba-common_3.0.14a-3sarge2_i386.deb stable/main/binary-all/samba-doc_3.0.14a-3sarge2_all.deb stable/main/source/samba_3.0.14a-3sarge2.diff.gz stable/main/binary-i386/smbclient_3.0.14a-3sarge2_i386.deb stable/main/binary-i386/libpam-smbpass_3.0.14a-3sarge2_i386.deb stable/main/binary-i386/libsmbclient-dev_3.0.14a-3sarge2_i386.deb stable/main/binary-i386/smbfs_3.0.14a-3sarge2_i386.deb stable/main/binary-i386/libsmbclient_3.0.14a-3sarge2_i386.deb stable/main/source/samba_3.0.14a-3sarge2.dsc samba (3.0.14a-3sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team: Fix anonymous memory exhaustion DoS. [CVE-2006-3403] stable/main/binary-sparc/libsyslog-ruby1.6_1.6.8-12sarge2_sparc.deb stable/main/binary-sparc/libruby1.6_1.6.8-12sarge2_sparc.deb stable/main/binary-sparc/libtcltk-ruby1.6_1.6.8-12sarge2_sparc.deb stable/main/binary-sparc/libreadline-ruby1.6_1.6.8-12sarge2_sparc.deb stable/main/binary-sparc/libruby1.6-dbg_1.6.8-12sarge2_sparc.deb stable/main/binary-sparc/libdbm-ruby1.6_1.6.8-12sarge2_sparc.deb stable/main/binary-sparc/libgdbm-ruby1.6_1.6.8-12sarge2_sparc.deb stable/main/binary-sparc/ruby1.6-dev_1.6.8-12sarge2_sparc.deb stable/main/binary-sparc/ruby1.6_1.6.8-12sarge2_sparc.deb stable/main/binary-sparc/libtk-ruby1.6_1.6.8-12sarge2_sparc.deb stable/main/binary-sparc/libsdbm-ruby1.6_1.6.8-12sarge2_sparc.deb stable/main/binary-sparc/libpty-ruby1.6_1.6.8-12sarge2_sparc.deb stable/main/binary-sparc/libcurses-ruby1.6_1.6.8-12sarge2_sparc.deb ruby1.6 (1.6.8-12sarge2) stable-security; urgency=high * akira yamada - added debian/patches/815-83768862.patch and debian/patches/816-13947696.patch from Kobayashi Noritada (see: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. (Both issues are tracked as CVE-2006-3694) stable/main/binary-s390/libdbm-ruby1.6_1.6.8-12sarge2_s390.deb stable/main/binary-s390/ruby1.6_1.6.8-12sarge2_s390.deb stable/main/binary-s390/libsdbm-ruby1.6_1.6.8-12sarge2_s390.deb stable/main/binary-s390/libreadline-ruby1.6_1.6.8-12sarge2_s390.deb stable/main/binary-s390/libpty-ruby1.6_1.6.8-12sarge2_s390.deb stable/main/binary-s390/libtcltk-ruby1.6_1.6.8-12sarge2_s390.deb stable/main/binary-s390/libruby1.6_1.6.8-12sarge2_s390.deb stable/main/binary-s390/libcurses-ruby1.6_1.6.8-12sarge2_s390.deb stable/main/binary-s390/libtk-ruby1.6_1.6.8-12sarge2_s390.deb stable/main/binary-s390/libruby1.6-dbg_1.6.8-12sarge2_s390.deb stable/main/binary-s390/libsyslog-ruby1.6_1.6.8-12sarge2_s390.deb stable/main/binary-s390/ruby1.6-dev_1.6.8-12sarge2_s390.deb stable/main/binary-s390/libgdbm-ruby1.6_1.6.8-12sarge2_s390.deb ruby1.6 (1.6.8-12sarge2) stable-security; urgency=high * akira yamada - added debian/patches/815-83768862.patch and debian/patches/816-13947696.patch from Kobayashi Noritada (see: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. (Both issues are tracked as CVE-2006-3694) stable/main/binary-powerpc/libtcltk-ruby1.6_1.6.8-12sarge2_powerpc.deb stable/main/binary-powerpc/libreadline-ruby1.6_1.6.8-12sarge2_powerpc.deb stable/main/binary-powerpc/libsdbm-ruby1.6_1.6.8-12sarge2_powerpc.deb stable/main/binary-powerpc/libpty-ruby1.6_1.6.8-12sarge2_powerpc.deb stable/main/binary-powerpc/ruby1.6_1.6.8-12sarge2_powerpc.deb stable/main/binary-powerpc/libtk-ruby1.6_1.6.8-12sarge2_powerpc.deb stable/main/binary-powerpc/libcurses-ruby1.6_1.6.8-12sarge2_powerpc.deb stable/main/binary-powerpc/libsyslog-ruby1.6_1.6.8-12sarge2_powerpc.deb stable/main/binary-powerpc/libgdbm-ruby1.6_1.6.8-12sarge2_powerpc.deb stable/main/binary-powerpc/libruby1.6_1.6.8-12sarge2_powerpc.deb stable/main/binary-powerpc/ruby1.6-dev_1.6.8-12sarge2_powerpc.deb stable/main/binary-powerpc/libruby1.6-dbg_1.6.8-12sarge2_powerpc.deb stable/main/binary-powerpc/libdbm-ruby1.6_1.6.8-12sarge2_powerpc.deb ruby1.6 (1.6.8-12sarge2) stable-security; urgency=high * akira yamada - added debian/patches/815-83768862.patch and debian/patches/816-13947696.patch from Kobayashi Noritada (see: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. (Both issues are tracked as CVE-2006-3694) stable/main/binary-mipsel/ruby1.6_1.6.8-12sarge2_mipsel.deb stable/main/binary-mipsel/libruby1.6-dbg_1.6.8-12sarge2_mipsel.deb stable/main/binary-mipsel/libpty-ruby1.6_1.6.8-12sarge2_mipsel.deb stable/main/binary-mipsel/libsdbm-ruby1.6_1.6.8-12sarge2_mipsel.deb stable/main/binary-mipsel/libgdbm-ruby1.6_1.6.8-12sarge2_mipsel.deb stable/main/binary-mipsel/libtcltk-ruby1.6_1.6.8-12sarge2_mipsel.deb stable/main/binary-mipsel/ruby1.6-dev_1.6.8-12sarge2_mipsel.deb stable/main/binary-mipsel/libreadline-ruby1.6_1.6.8-12sarge2_mipsel.deb stable/main/binary-mipsel/libdbm-ruby1.6_1.6.8-12sarge2_mipsel.deb stable/main/binary-mipsel/libtk-ruby1.6_1.6.8-12sarge2_mipsel.deb stable/main/binary-mipsel/libcurses-ruby1.6_1.6.8-12sarge2_mipsel.deb stable/main/binary-mipsel/libruby1.6_1.6.8-12sarge2_mipsel.deb stable/main/binary-mipsel/libsyslog-ruby1.6_1.6.8-12sarge2_mipsel.deb ruby1.6 (1.6.8-12sarge2) stable-security; urgency=high * akira yamada - added debian/patches/815-83768862.patch and debian/patches/816-13947696.patch from Kobayashi Noritada (see: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. (Both issues are tracked as CVE-2006-3694) stable/main/binary-mips/libruby1.6-dbg_1.6.8-12sarge2_mips.deb stable/main/binary-mips/ruby1.6-dev_1.6.8-12sarge2_mips.deb stable/main/binary-mips/libreadline-ruby1.6_1.6.8-12sarge2_mips.deb stable/main/binary-mips/ruby1.6_1.6.8-12sarge2_mips.deb stable/main/binary-mips/libtcltk-ruby1.6_1.6.8-12sarge2_mips.deb stable/main/binary-mips/libgdbm-ruby1.6_1.6.8-12sarge2_mips.deb stable/main/binary-mips/libtk-ruby1.6_1.6.8-12sarge2_mips.deb stable/main/binary-mips/libcurses-ruby1.6_1.6.8-12sarge2_mips.deb stable/main/binary-mips/libsdbm-ruby1.6_1.6.8-12sarge2_mips.deb stable/main/binary-mips/libsyslog-ruby1.6_1.6.8-12sarge2_mips.deb stable/main/binary-mips/libdbm-ruby1.6_1.6.8-12sarge2_mips.deb stable/main/binary-mips/libpty-ruby1.6_1.6.8-12sarge2_mips.deb stable/main/binary-mips/libruby1.6_1.6.8-12sarge2_mips.deb ruby1.6 (1.6.8-12sarge2) stable-security; urgency=high * akira yamada - added debian/patches/815-83768862.patch and debian/patches/816-13947696.patch from Kobayashi Noritada (see: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. (Both issues are tracked as CVE-2006-3694) stable/main/binary-m68k/libsyslog-ruby1.6_1.6.8-12sarge2_m68k.deb stable/main/binary-m68k/libreadline-ruby1.6_1.6.8-12sarge2_m68k.deb stable/main/binary-m68k/libpty-ruby1.6_1.6.8-12sarge2_m68k.deb stable/main/binary-m68k/libtcltk-ruby1.6_1.6.8-12sarge2_m68k.deb stable/main/binary-m68k/libsdbm-ruby1.6_1.6.8-12sarge2_m68k.deb stable/main/binary-m68k/libcurses-ruby1.6_1.6.8-12sarge2_m68k.deb stable/main/binary-m68k/libdbm-ruby1.6_1.6.8-12sarge2_m68k.deb stable/main/binary-m68k/libtk-ruby1.6_1.6.8-12sarge2_m68k.deb stable/main/binary-m68k/ruby1.6_1.6.8-12sarge2_m68k.deb stable/main/binary-m68k/ruby1.6-dev_1.6.8-12sarge2_m68k.deb stable/main/binary-m68k/libruby1.6-dbg_1.6.8-12sarge2_m68k.deb stable/main/binary-m68k/libruby1.6_1.6.8-12sarge2_m68k.deb stable/main/binary-m68k/libgdbm-ruby1.6_1.6.8-12sarge2_m68k.deb ruby1.6 (1.6.8-12sarge2) stable-security; urgency=high * akira yamada - added debian/patches/815-83768862.patch and debian/patches/816-13947696.patch from Kobayashi Noritada (see: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. (Both issues are tracked as CVE-2006-3694) stable/main/binary-ia64/libdbm-ruby1.6_1.6.8-12sarge2_ia64.deb stable/main/binary-ia64/libtk-ruby1.6_1.6.8-12sarge2_ia64.deb stable/main/binary-ia64/ruby1.6_1.6.8-12sarge2_ia64.deb stable/main/binary-ia64/libreadline-ruby1.6_1.6.8-12sarge2_ia64.deb stable/main/binary-ia64/ruby1.6-dev_1.6.8-12sarge2_ia64.deb stable/main/binary-ia64/libsyslog-ruby1.6_1.6.8-12sarge2_ia64.deb stable/main/binary-ia64/libsdbm-ruby1.6_1.6.8-12sarge2_ia64.deb stable/main/binary-ia64/libruby1.6_1.6.8-12sarge2_ia64.deb stable/main/binary-ia64/libruby1.6-dbg_1.6.8-12sarge2_ia64.deb stable/main/binary-ia64/libcurses-ruby1.6_1.6.8-12sarge2_ia64.deb stable/main/binary-ia64/libpty-ruby1.6_1.6.8-12sarge2_ia64.deb stable/main/binary-ia64/libgdbm-ruby1.6_1.6.8-12sarge2_ia64.deb stable/main/binary-ia64/libtcltk-ruby1.6_1.6.8-12sarge2_ia64.deb ruby1.6 (1.6.8-12sarge2) stable-security; urgency=high * akira yamada - added debian/patches/815-83768862.patch and debian/patches/816-13947696.patch from Kobayashi Noritada (see: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. (Both issues are tracked as CVE-2006-3694) stable/main/binary-hppa/libsyslog-ruby1.6_1.6.8-12sarge2_hppa.deb stable/main/binary-hppa/libcurses-ruby1.6_1.6.8-12sarge2_hppa.deb stable/main/binary-hppa/libpty-ruby1.6_1.6.8-12sarge2_hppa.deb stable/main/binary-hppa/libgdbm-ruby1.6_1.6.8-12sarge2_hppa.deb stable/main/binary-hppa/ruby1.6_1.6.8-12sarge2_hppa.deb stable/main/binary-hppa/ruby1.6-dev_1.6.8-12sarge2_hppa.deb stable/main/binary-hppa/libtk-ruby1.6_1.6.8-12sarge2_hppa.deb stable/main/binary-hppa/libruby1.6-dbg_1.6.8-12sarge2_hppa.deb stable/main/binary-hppa/libruby1.6_1.6.8-12sarge2_hppa.deb stable/main/binary-hppa/libreadline-ruby1.6_1.6.8-12sarge2_hppa.deb stable/main/binary-hppa/libtcltk-ruby1.6_1.6.8-12sarge2_hppa.deb stable/main/binary-hppa/libsdbm-ruby1.6_1.6.8-12sarge2_hppa.deb stable/main/binary-hppa/libdbm-ruby1.6_1.6.8-12sarge2_hppa.deb ruby1.6 (1.6.8-12sarge2) stable-security; urgency=high * akira yamada - added debian/patches/815-83768862.patch and debian/patches/816-13947696.patch from Kobayashi Noritada (see: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. (Both issues are tracked as CVE-2006-3694) stable/main/binary-arm/libruby1.6-dbg_1.6.8-12sarge2_arm.deb stable/main/binary-arm/libtcltk-ruby1.6_1.6.8-12sarge2_arm.deb stable/main/binary-arm/libpty-ruby1.6_1.6.8-12sarge2_arm.deb stable/main/binary-arm/libdbm-ruby1.6_1.6.8-12sarge2_arm.deb stable/main/binary-arm/libreadline-ruby1.6_1.6.8-12sarge2_arm.deb stable/main/binary-arm/libsyslog-ruby1.6_1.6.8-12sarge2_arm.deb stable/main/binary-arm/ruby1.6_1.6.8-12sarge2_arm.deb stable/main/binary-arm/ruby1.6-dev_1.6.8-12sarge2_arm.deb stable/main/binary-arm/libsdbm-ruby1.6_1.6.8-12sarge2_arm.deb stable/main/binary-arm/libruby1.6_1.6.8-12sarge2_arm.deb stable/main/binary-arm/libgdbm-ruby1.6_1.6.8-12sarge2_arm.deb stable/main/binary-arm/libcurses-ruby1.6_1.6.8-12sarge2_arm.deb stable/main/binary-arm/libtk-ruby1.6_1.6.8-12sarge2_arm.deb ruby1.6 (1.6.8-12sarge2) stable-security; urgency=high * akira yamada - added debian/patches/815-83768862.patch and debian/patches/816-13947696.patch from Kobayashi Noritada (see: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. (Both issues are tracked as CVE-2006-3694) stable/main/binary-alpha/ruby1.6_1.6.8-12sarge2_alpha.deb stable/main/binary-alpha/libsdbm-ruby1.6_1.6.8-12sarge2_alpha.deb stable/main/binary-alpha/libruby1.6_1.6.8-12sarge2_alpha.deb stable/main/binary-alpha/libreadline-ruby1.6_1.6.8-12sarge2_alpha.deb stable/main/binary-alpha/libcurses-ruby1.6_1.6.8-12sarge2_alpha.deb stable/main/binary-alpha/ruby1.6-dev_1.6.8-12sarge2_alpha.deb stable/main/binary-alpha/libpty-ruby1.6_1.6.8-12sarge2_alpha.deb stable/main/binary-alpha/libgdbm-ruby1.6_1.6.8-12sarge2_alpha.deb stable/main/binary-alpha/libtk-ruby1.6_1.6.8-12sarge2_alpha.deb stable/main/binary-alpha/libdbm-ruby1.6_1.6.8-12sarge2_alpha.deb stable/main/binary-alpha/libsyslog-ruby1.6_1.6.8-12sarge2_alpha.deb stable/main/binary-alpha/libruby1.6-dbg_1.6.8-12sarge2_alpha.deb stable/main/binary-alpha/libtcltk-ruby1.6_1.6.8-12sarge2_alpha.deb ruby1.6 (1.6.8-12sarge2) stable-security; urgency=high * akira yamada - added debian/patches/815-83768862.patch and debian/patches/816-13947696.patch from Kobayashi Noritada (see: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. (Both issues are tracked as CVE-2006-3694) stable/main/binary-i386/libruby1.6_1.6.8-12sarge2_i386.deb stable/main/binary-i386/libtcltk-ruby1.6_1.6.8-12sarge2_i386.deb stable/main/binary-all/ruby1.6-elisp_1.6.8-12sarge2_all.deb stable/main/binary-i386/libreadline-ruby1.6_1.6.8-12sarge2_i386.deb stable/main/binary-i386/libpty-ruby1.6_1.6.8-12sarge2_i386.deb stable/main/source/ruby1.6_1.6.8-12sarge2.diff.gz stable/main/binary-i386/libsyslog-ruby1.6_1.6.8-12sarge2_i386.deb stable/main/binary-all/irb1.6_1.6.8-12sarge2_all.deb stable/main/binary-all/ruby1.6-examples_1.6.8-12sarge2_all.deb stable/main/binary-i386/libgdbm-ruby1.6_1.6.8-12sarge2_i386.deb stable/main/source/ruby1.6_1.6.8-12sarge2.dsc stable/main/binary-i386/libruby1.6-dbg_1.6.8-12sarge2_i386.deb stable/main/binary-i386/libdbm-ruby1.6_1.6.8-12sarge2_i386.deb stable/main/binary-i386/libtk-ruby1.6_1.6.8-12sarge2_i386.deb stable/main/binary-i386/libsdbm-ruby1.6_1.6.8-12sarge2_i386.deb stable/main/binary-i386/libcurses-ruby1.6_1.6.8-12sarge2_i386.deb stable/main/binary-i386/ruby1.6_1.6.8-12sarge2_i386.deb stable/main/binary-i386/ruby1.6-dev_1.6.8-12sarge2_i386.deb ruby1.6 (1.6.8-12sarge2) stable-security; urgency=high * akira yamada - added debian/patches/815-83768862.patch and debian/patches/816-13947696.patch from Kobayashi Noritada (see: #378029): - JVN#83768862: Alias features cannot handle safe levels correclty, so it can be safety bypass. - JVN#13947696: Some methods have defects that they can call other methods, which really should be prohibited, in safe level 4. (Both issues are tracked as CVE-2006-3694) stable/main/binary-sparc/rssh_2.2.3-1.sarge.2_sparc.deb rssh (2.2.3-1.sarge.2) stable-security; urgency=high * Command line parse fix for a problem introduced with the security fix integrated in 2.2.3-1.sarge.1. [CVE-2006-1320] (Closes: #363978) stable/main/binary-s390/rssh_2.2.3-1.sarge.2_s390.deb rssh (2.2.3-1.sarge.2) stable-security; urgency=high * Command line parse fix for a problem introduced with the security fix integrated in 2.2.3-1.sarge.1. [CVE-2006-1320] (Closes: #363978) stable/main/binary-powerpc/rssh_2.2.3-1.sarge.2_powerpc.deb rssh (2.2.3-1.sarge.2) stable-security; urgency=high * Command line parse fix for a problem introduced with the security fix integrated in 2.2.3-1.sarge.1. [CVE-2006-1320] (Closes: #363978) stable/main/binary-mipsel/rssh_2.2.3-1.sarge.2_mipsel.deb rssh (2.2.3-1.sarge.2) stable-security; urgency=high * Command line parse fix for a problem introduced with the security fix integrated in 2.2.3-1.sarge.1. [CVE-2006-1320] (Closes: #363978) stable/main/binary-mips/rssh_2.2.3-1.sarge.2_mips.deb rssh (2.2.3-1.sarge.2) stable-security; urgency=high * Command line parse fix for a problem introduced with the security fix integrated in 2.2.3-1.sarge.1. [CVE-2006-1320] (Closes: #363978) stable/main/binary-m68k/rssh_2.2.3-1.sarge.2_m68k.deb rssh (2.2.3-1.sarge.2) stable-security; urgency=high * Command line parse fix for a problem introduced with the security fix integrated in 2.2.3-1.sarge.1. [CVE-2006-1320] (Closes: #363978) stable/main/binary-ia64/rssh_2.2.3-1.sarge.2_ia64.deb rssh (2.2.3-1.sarge.2) stable-security; urgency=high * Command line parse fix for a problem introduced with the security fix integrated in 2.2.3-1.sarge.1. [CVE-2006-1320] (Closes: #363978) stable/main/binary-hppa/rssh_2.2.3-1.sarge.2_hppa.deb rssh (2.2.3-1.sarge.2) stable-security; urgency=high * Command line parse fix for a problem introduced with the security fix integrated in 2.2.3-1.sarge.1. [CVE-2006-1320] (Closes: #363978) stable/main/binary-arm/rssh_2.2.3-1.sarge.2_arm.deb rssh (2.2.3-1.sarge.2) stable-security; urgency=high * Command line parse fix for a problem introduced with the security fix integrated in 2.2.3-1.sarge.1. [CVE-2006-1320] (Closes: #363978) stable/main/binary-alpha/rssh_2.2.3-1.sarge.2_alpha.deb rssh (2.2.3-1.sarge.2) stable-security; urgency=high * Command line parse fix for a problem introduced with the security fix integrated in 2.2.3-1.sarge.1. [CVE-2006-1320] (Closes: #363978) stable/main/source/rssh_2.2.3-1.sarge.2.diff.gz stable/main/source/rssh_2.2.3-1.sarge.2.dsc stable/main/binary-i386/rssh_2.2.3-1.sarge.2_i386.deb rssh (2.2.3-1.sarge.2) stable-security; urgency=high * Command line parse fix for a problem introduced with the security fix integrated in 2.2.3-1.sarge.1. [CVE-2006-1320] (Closes: #363978) stable/main/binary-sparc/libresmgr-dev_1.0-2sarge2_sparc.deb stable/main/binary-sparc/libresmgr1_1.0-2sarge2_sparc.deb stable/main/binary-sparc/resmgr_1.0-2sarge2_sparc.deb resmgr (1.0-2sarge2) stable-security; urgency=high * Adjusted changelog entry stable/main/binary-s390/libresmgr-dev_1.0-2sarge2_s390.deb stable/main/binary-s390/libresmgr1_1.0-2sarge2_s390.deb stable/main/binary-s390/resmgr_1.0-2sarge2_s390.deb resmgr (1.0-2sarge2) stable-security; urgency=high * Adjusted changelog entry stable/main/binary-mipsel/libresmgr1_1.0-2sarge2_mipsel.deb stable/main/binary-mipsel/libresmgr-dev_1.0-2sarge2_mipsel.deb stable/main/binary-mipsel/resmgr_1.0-2sarge2_mipsel.deb resmgr (1.0-2sarge2) stable-security; urgency=high * Adjusted changelog entry stable/main/binary-mips/resmgr_1.0-2sarge2_mips.deb stable/main/binary-mips/libresmgr1_1.0-2sarge2_mips.deb stable/main/binary-mips/libresmgr-dev_1.0-2sarge2_mips.deb resmgr (1.0-2sarge2) stable-security; urgency=high * Adjusted changelog entry stable/main/binary-m68k/resmgr_1.0-2sarge2_m68k.deb stable/main/binary-m68k/libresmgr-dev_1.0-2sarge2_m68k.deb stable/main/binary-m68k/libresmgr1_1.0-2sarge2_m68k.deb resmgr (1.0-2sarge2) stable-security; urgency=high * Adjusted changelog entry stable/main/binary-ia64/libresmgr-dev_1.0-2sarge2_ia64.deb stable/main/binary-ia64/libresmgr1_1.0-2sarge2_ia64.deb stable/main/binary-ia64/resmgr_1.0-2sarge2_ia64.deb resmgr (1.0-2sarge2) stable-security; urgency=high * Adjusted changelog entry stable/main/binary-i386/libresmgr-dev_1.0-2sarge2_i386.deb stable/main/binary-i386/libresmgr1_1.0-2sarge2_i386.deb stable/main/binary-i386/resmgr_1.0-2sarge2_i386.deb resmgr (1.0-2sarge2) stable-security; urgency=high * Adjusted changelog entry stable/main/binary-hppa/libresmgr1_1.0-2sarge2_hppa.deb stable/main/binary-hppa/libresmgr-dev_1.0-2sarge2_hppa.deb stable/main/binary-hppa/resmgr_1.0-2sarge2_hppa.deb resmgr (1.0-2sarge2) stable-security; urgency=high * Adjusted changelog entry stable/main/binary-arm/libresmgr-dev_1.0-2sarge2_arm.deb stable/main/binary-arm/libresmgr1_1.0-2sarge2_arm.deb stable/main/binary-arm/resmgr_1.0-2sarge2_arm.deb resmgr (1.0-2sarge2) stable-security; urgency=high * Adjusted changelog entry stable/main/binary-alpha/libresmgr-dev_1.0-2sarge2_alpha.deb stable/main/binary-alpha/libresmgr1_1.0-2sarge2_alpha.deb stable/main/binary-alpha/resmgr_1.0-2sarge2_alpha.deb resmgr (1.0-2sarge2) stable-security; urgency=high * Adjusted changelog entry stable/main/binary-powerpc/libresmgr1_1.0-2sarge2_powerpc.deb stable/main/source/resmgr_1.0-2sarge2.dsc stable/main/binary-powerpc/resmgr_1.0-2sarge2_powerpc.deb stable/main/source/resmgr_1.0-2sarge2.diff.gz stable/main/binary-powerpc/libresmgr-dev_1.0-2sarge2_powerpc.deb resmgr (1.0-2sarge2) stable-security; urgency=high * Adjusted changelog entry stable/main/binary-sparc/quagga_0.98.3-7.2_sparc.deb quagga (0.98.3-7.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Moved patches named after the old rejected CVE name to refer to CVE-2006-2223. * Added a fifth patch to fix CVE-2006-2223 or CVE-2006-2224 resp. * Applied security patch that fixes a bug which allowed local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface [bgpd/bgp_community.c, CVE-2006-2276, closes: #366980] stable/main/binary-s390/quagga_0.98.3-7.2_s390.deb quagga (0.98.3-7.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Moved patches named after the old rejected CVE name to refer to CVE-2006-2223. * Added a fifth patch to fix CVE-2006-2223 or CVE-2006-2224 resp. * Applied security patch that fixes a bug which allowed local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface [bgpd/bgp_community.c, CVE-2006-2276, closes: #366980] stable/main/binary-mipsel/quagga_0.98.3-7.2_mipsel.deb quagga (0.98.3-7.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Moved patches named after the old rejected CVE name to refer to CVE-2006-2223. * Added a fifth patch to fix CVE-2006-2223 or CVE-2006-2224 resp. * Applied security patch that fixes a bug which allowed local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface [bgpd/bgp_community.c, CVE-2006-2276, closes: #366980] stable/main/binary-mips/quagga_0.98.3-7.2_mips.deb quagga (0.98.3-7.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Moved patches named after the old rejected CVE name to refer to CVE-2006-2223. * Added a fifth patch to fix CVE-2006-2223 or CVE-2006-2224 resp. * Applied security patch that fixes a bug which allowed local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface [bgpd/bgp_community.c, CVE-2006-2276, closes: #366980] stable/main/binary-m68k/quagga_0.98.3-7.2_m68k.deb quagga (0.98.3-7.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Moved patches named after the old rejected CVE name to refer to CVE-2006-2223. * Added a fifth patch to fix CVE-2006-2223 or CVE-2006-2224 resp. * Applied security patch that fixes a bug which allowed local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface [bgpd/bgp_community.c, CVE-2006-2276, closes: #366980] stable/main/binary-ia64/quagga_0.98.3-7.2_ia64.deb quagga (0.98.3-7.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Moved patches named after the old rejected CVE name to refer to CVE-2006-2223. * Added a fifth patch to fix CVE-2006-2223 or CVE-2006-2224 resp. * Applied security patch that fixes a bug which allowed local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface [bgpd/bgp_community.c, CVE-2006-2276, closes: #366980] stable/main/binary-i386/quagga_0.98.3-7.2_i386.deb quagga (0.98.3-7.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Moved patches named after the old rejected CVE name to refer to CVE-2006-2223. * Added a fifth patch to fix CVE-2006-2223 or CVE-2006-2224 resp. * Applied security patch that fixes a bug which allowed local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface [bgpd/bgp_community.c, CVE-2006-2276, closes: #366980] stable/main/binary-hppa/quagga_0.98.3-7.2_hppa.deb quagga (0.98.3-7.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Moved patches named after the old rejected CVE name to refer to CVE-2006-2223. * Added a fifth patch to fix CVE-2006-2223 or CVE-2006-2224 resp. * Applied security patch that fixes a bug which allowed local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface [bgpd/bgp_community.c, CVE-2006-2276, closes: #366980] stable/main/binary-arm/quagga_0.98.3-7.2_arm.deb quagga (0.98.3-7.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Moved patches named after the old rejected CVE name to refer to CVE-2006-2223. * Added a fifth patch to fix CVE-2006-2223 or CVE-2006-2224 resp. * Applied security patch that fixes a bug which allowed local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface [bgpd/bgp_community.c, CVE-2006-2276, closes: #366980] stable/main/binary-alpha/quagga_0.98.3-7.2_alpha.deb quagga (0.98.3-7.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Moved patches named after the old rejected CVE name to refer to CVE-2006-2223. * Added a fifth patch to fix CVE-2006-2223 or CVE-2006-2224 resp. * Applied security patch that fixes a bug which allowed local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface [bgpd/bgp_community.c, CVE-2006-2276, closes: #366980] stable/main/source/quagga_0.98.3-7.2.dsc stable/main/source/quagga_0.98.3-7.2.diff.gz stable/main/binary-powerpc/quagga_0.98.3-7.2_powerpc.deb stable/main/binary-all/quagga-doc_0.98.3-7.2_all.deb quagga (0.98.3-7.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Moved patches named after the old rejected CVE name to refer to CVE-2006-2223. * Added a fifth patch to fix CVE-2006-2223 or CVE-2006-2224 resp. * Applied security patch that fixes a bug which allowed local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface [bgpd/bgp_community.c, CVE-2006-2276, closes: #366980] stable/main/binary-sparc/python2.1-pgsql_2.4.0-5sarge1_sparc.deb stable/main/binary-sparc/python2.2-pgsql_2.4.0-5sarge1_sparc.deb stable/main/binary-sparc/python2.3-pgsql_2.4.0-5sarge1_sparc.deb python-pgsql (2.4.0-5sarge1) stable; urgency=high * In routines PgQuoteString() and PgQuoteBytea(), quotes are now escaped as '', not as \' (closes: #369250). In some multi-byte encodings you can exploit \' escaping to inject SQL code, and so \' no longer works for such client encodings with newer PostgreSQL servers. Thanks to Martin Pitt for the patch. * Reference: CVE-2006-2314. stable/main/binary-s390/python2.3-pgsql_2.4.0-5sarge1_s390.deb stable/main/binary-s390/python2.1-pgsql_2.4.0-5sarge1_s390.deb stable/main/binary-s390/python2.2-pgsql_2.4.0-5sarge1_s390.deb python-pgsql (2.4.0-5sarge1) stable; urgency=high * In routines PgQuoteString() and PgQuoteBytea(), quotes are now escaped as '', not as \' (closes: #369250). In some multi-byte encodings you can exploit \' escaping to inject SQL code, and so \' no longer works for such client encodings with newer PostgreSQL servers. Thanks to Martin Pitt for the patch. * Reference: CVE-2006-2314. stable/main/binary-powerpc/python2.3-pgsql_2.4.0-5sarge1_powerpc.deb stable/main/binary-powerpc/python2.2-pgsql_2.4.0-5sarge1_powerpc.deb stable/main/binary-powerpc/python2.1-pgsql_2.4.0-5sarge1_powerpc.deb python-pgsql (2.4.0-5sarge1) stable; urgency=high * In routines PgQuoteString() and PgQuoteBytea(), quotes are now escaped as '', not as \' (closes: #369250). In some multi-byte encodings you can exploit \' escaping to inject SQL code, and so \' no longer works for such client encodings with newer PostgreSQL servers. Thanks to Martin Pitt for the patch. * Reference: CVE-2006-2314. stable/main/binary-mipsel/python2.3-pgsql_2.4.0-5sarge1_mipsel.deb stable/main/binary-mipsel/python2.2-pgsql_2.4.0-5sarge1_mipsel.deb stable/main/binary-mipsel/python2.1-pgsql_2.4.0-5sarge1_mipsel.deb python-pgsql (2.4.0-5sarge1) stable; urgency=high * In routines PgQuoteString() and PgQuoteBytea(), quotes are now escaped as '', not as \' (closes: #369250). In some multi-byte encodings you can exploit \' escaping to inject SQL code, and so \' no longer works for such client encodings with newer PostgreSQL servers. Thanks to Martin Pitt for the patch. * Reference: CVE-2006-2314. stable/main/binary-mips/python2.3-pgsql_2.4.0-5sarge1_mips.deb stable/main/binary-mips/python2.2-pgsql_2.4.0-5sarge1_mips.deb stable/main/binary-mips/python2.1-pgsql_2.4.0-5sarge1_mips.deb python-pgsql (2.4.0-5sarge1) stable; urgency=high * In routines PgQuoteString() and PgQuoteBytea(), quotes are now escaped as '', not as \' (closes: #369250). In some multi-byte encodings you can exploit \' escaping to inject SQL code, and so \' no longer works for such client encodings with newer PostgreSQL servers. Thanks to Martin Pitt for the patch. * Reference: CVE-2006-2314. stable/main/binary-m68k/python2.2-pgsql_2.4.0-5sarge1_m68k.deb stable/main/binary-m68k/python2.3-pgsql_2.4.0-5sarge1_m68k.deb stable/main/binary-m68k/python2.1-pgsql_2.4.0-5sarge1_m68k.deb python-pgsql (2.4.0-5sarge1) stable; urgency=high * In routines PgQuoteString() and PgQuoteBytea(), quotes are now escaped as '', not as \' (closes: #369250). In some multi-byte encodings you can exploit \' escaping to inject SQL code, and so \' no longer works for such client encodings with newer PostgreSQL servers. Thanks to Martin Pitt for the patch. * Reference: CVE-2006-2314. stable/main/binary-ia64/python2.3-pgsql_2.4.0-5sarge1_ia64.deb stable/main/binary-ia64/python2.2-pgsql_2.4.0-5sarge1_ia64.deb stable/main/binary-ia64/python2.1-pgsql_2.4.0-5sarge1_ia64.deb python-pgsql (2.4.0-5sarge1) stable; urgency=high * In routines PgQuoteString() and PgQuoteBytea(), quotes are now escaped as '', not as \' (closes: #369250). In some multi-byte encodings you can exploit \' escaping to inject SQL code, and so \' no longer works for such client encodings with newer PostgreSQL servers. Thanks to Martin Pitt for the patch. * Reference: CVE-2006-2314. stable/main/binary-hppa/python2.3-pgsql_2.4.0-5sarge1_hppa.deb stable/main/binary-hppa/python2.1-pgsql_2.4.0-5sarge1_hppa.deb stable/main/binary-hppa/python2.2-pgsql_2.4.0-5sarge1_hppa.deb python-pgsql (2.4.0-5sarge1) stable; urgency=high * In routines PgQuoteString() and PgQuoteBytea(), quotes are now escaped as '', not as \' (closes: #369250). In some multi-byte encodings you can exploit \' escaping to inject SQL code, and so \' no longer works for such client encodings with newer PostgreSQL servers. Thanks to Martin Pitt for the patch. * Reference: CVE-2006-2314. stable/main/binary-arm/python2.1-pgsql_2.4.0-5sarge1_arm.deb stable/main/binary-arm/python2.3-pgsql_2.4.0-5sarge1_arm.deb stable/main/binary-arm/python2.2-pgsql_2.4.0-5sarge1_arm.deb python-pgsql (2.4.0-5sarge1) stable; urgency=high * In routines PgQuoteString() and PgQuoteBytea(), quotes are now escaped as '', not as \' (closes: #369250). In some multi-byte encodings you can exploit \' escaping to inject SQL code, and so \' no longer works for such client encodings with newer PostgreSQL servers. Thanks to Martin Pitt for the patch. * Reference: CVE-2006-2314. stable/main/binary-alpha/python2.3-pgsql_2.4.0-5sarge1_alpha.deb stable/main/binary-alpha/python2.2-pgsql_2.4.0-5sarge1_alpha.deb stable/main/binary-alpha/python2.1-pgsql_2.4.0-5sarge1_alpha.deb python-pgsql (2.4.0-5sarge1) stable; urgency=high * In routines PgQuoteString() and PgQuoteBytea(), quotes are now escaped as '', not as \' (closes: #369250). In some multi-byte encodings you can exploit \' escaping to inject SQL code, and so \' no longer works for such client encodings with newer PostgreSQL servers. Thanks to Martin Pitt for the patch. * Reference: CVE-2006-2314. stable/main/binary-i386/python2.1-pgsql_2.4.0-5sarge1_i386.deb stable/main/source/python-pgsql_2.4.0-5sarge1.dsc stable/main/binary-i386/python2.3-pgsql_2.4.0-5sarge1_i386.deb stable/main/source/python-pgsql_2.4.0-5sarge1.diff.gz stable/main/binary-i386/python2.2-pgsql_2.4.0-5sarge1_i386.deb stable/main/binary-all/python-pgsql_2.4.0-5sarge1_all.deb python-pgsql (2.4.0-5sarge1) stable; urgency=high * In routines PgQuoteString() and PgQuoteBytea(), quotes are now escaped as '', not as \' (closes: #369250). In some multi-byte encodings you can exploit \' escaping to inject SQL code, and so \' no longer works for such client encodings with newer PostgreSQL servers. Thanks to Martin Pitt for the patch. * Reference: CVE-2006-2314. stable/main/source/preseed_1.01.2.tar.gz stable/main/binary-all/file-preseed_1.01.2_all.udeb stable/main/binary-all/network-preseed_1.01.2_all.udeb stable/main/source/preseed_1.01.2.dsc preseed (1.01.2) stable; urgency=low * Re-upload as udebs got unaccepted by mistake. * Updated translations: - Arabic (ar.po) by Ossama M. Khayat - Bulgarian (bg.po) by Ognyan Kulev - Bosnian (bs.po) by Safir Secerovic - Welsh (cy.po) by Dafydd Harries - Danish (da.po) by Claus Hindsgaul - German (de.po) by Jens Seidel - Greek, Modern (1453-) (el.po) by quad-nrg.net - Spanish (Castilian) (es.po) by Javier Fernández-Sanguino Peña - Basque (eu.po) by Piarres Beobide - Finnish (fi.po) by Tapio Lehtonen - French (fr.po) by Christian Perrier - Gallegan (gl.po) by Jacobo Tarrio - Hebrew (he.po) by Lior Kaplan - Croatian (hr.po) by Krunoslav Gernhard - Hungarian (hu.po) by SZERVÃC Attila - Italian (it.po) by Giuseppe Sacco - Lithuanian (lt.po) by KÄ™stutis BiliÅ«nas - Latvian (lv.po) by Aigars Mahinovs - Bøkmal, Norwegian (nb.po) by Bjørn Steensrud - Norwegian Nynorsk (nn.po) by HÃ¥vard Korsvoll - Polish (pl.po) by Bartosz Fenski - Portuguese (Brazil) (pt_BR.po) by André Luís Lopes - Portuguese (pt.po) by Miguel Figueiredo - Romanian (ro.po) by Eddy PetriÅŸor - Russian (ru.po) by Yuri Kozlov - Slovak (sk.po) by Peter Mann - Slovenian (sl.po) by Jure ÄŒuhalev - Albanian (sq.po) by Elian Myftiu - Swedish (sv.po) by Daniel Nylander - Turkish (tr.po) by Recai OktaÅŸ - Ukrainian (uk.po) by Eugeniy Meshcheryakov - Simplified Chinese (zh_CN.po) by Carlos Z.F. Liu stable/main/binary-s390/ppxp_0.2001080415-10sarge2_s390.deb stable/main/binary-s390/ppxp-tcltk_0.2001080415-10sarge2_s390.deb stable/main/binary-s390/ppxp-dev_0.2001080415-10sarge2_s390.deb stable/main/binary-s390/ppxp-x11_0.2001080415-10sarge2_s390.deb ppxp (0.2001080415-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * No changes rebuild due to the release stable/main/binary-powerpc/ppxp-dev_0.2001080415-10sarge2_powerpc.deb stable/main/binary-powerpc/ppxp-x11_0.2001080415-10sarge2_powerpc.deb stable/main/binary-powerpc/ppxp-tcltk_0.2001080415-10sarge2_powerpc.deb stable/main/binary-powerpc/ppxp_0.2001080415-10sarge2_powerpc.deb ppxp (0.2001080415-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * No changes rebuild due to the release stable/main/binary-mipsel/ppxp-tcltk_0.2001080415-10sarge2_mipsel.deb stable/main/binary-mipsel/ppxp_0.2001080415-10sarge2_mipsel.deb stable/main/binary-mipsel/ppxp-x11_0.2001080415-10sarge2_mipsel.deb stable/main/binary-mipsel/ppxp-dev_0.2001080415-10sarge2_mipsel.deb ppxp (0.2001080415-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * No changes rebuild due to the release stable/main/binary-mips/ppxp_0.2001080415-10sarge2_mips.deb stable/main/binary-mips/ppxp-dev_0.2001080415-10sarge2_mips.deb stable/main/binary-mips/ppxp-x11_0.2001080415-10sarge2_mips.deb stable/main/binary-mips/ppxp-tcltk_0.2001080415-10sarge2_mips.deb ppxp (0.2001080415-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * No changes rebuild due to the release stable/main/binary-m68k/ppxp-x11_0.2001080415-10sarge2_m68k.deb stable/main/binary-m68k/ppxp-dev_0.2001080415-10sarge2_m68k.deb stable/main/binary-m68k/ppxp_0.2001080415-10sarge2_m68k.deb stable/main/binary-m68k/ppxp-tcltk_0.2001080415-10sarge2_m68k.deb ppxp (0.2001080415-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * No changes rebuild due to the release stable/main/binary-ia64/ppxp-x11_0.2001080415-10sarge2_ia64.deb stable/main/binary-ia64/ppxp-tcltk_0.2001080415-10sarge2_ia64.deb stable/main/binary-ia64/ppxp_0.2001080415-10sarge2_ia64.deb stable/main/binary-ia64/ppxp-dev_0.2001080415-10sarge2_ia64.deb ppxp (0.2001080415-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * No changes rebuild due to the release stable/main/binary-i386/ppxp-tcltk_0.2001080415-10sarge2_i386.deb stable/main/binary-i386/ppxp-x11_0.2001080415-10sarge2_i386.deb stable/main/binary-i386/ppxp-dev_0.2001080415-10sarge2_i386.deb stable/main/binary-i386/ppxp_0.2001080415-10sarge2_i386.deb ppxp (0.2001080415-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * No changes rebuild due to the release stable/main/binary-hppa/ppxp_0.2001080415-10sarge2_hppa.deb stable/main/binary-hppa/ppxp-x11_0.2001080415-10sarge2_hppa.deb stable/main/binary-hppa/ppxp-tcltk_0.2001080415-10sarge2_hppa.deb stable/main/binary-hppa/ppxp-dev_0.2001080415-10sarge2_hppa.deb ppxp (0.2001080415-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * No changes rebuild due to the release stable/main/binary-arm/ppxp_0.2001080415-10sarge2_arm.deb stable/main/binary-arm/ppxp-tcltk_0.2001080415-10sarge2_arm.deb stable/main/binary-arm/ppxp-x11_0.2001080415-10sarge2_arm.deb stable/main/binary-arm/ppxp-dev_0.2001080415-10sarge2_arm.deb ppxp (0.2001080415-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * No changes rebuild due to the release stable/main/binary-alpha/ppxp-dev_0.2001080415-10sarge2_alpha.deb stable/main/binary-alpha/ppxp_0.2001080415-10sarge2_alpha.deb stable/main/binary-alpha/ppxp-x11_0.2001080415-10sarge2_alpha.deb stable/main/binary-alpha/ppxp-tcltk_0.2001080415-10sarge2_alpha.deb ppxp (0.2001080415-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * No changes rebuild due to the release stable/main/binary-sparc/ppxp-tcltk_0.2001080415-10sarge2_sparc.deb stable/main/source/ppxp_0.2001080415-10sarge2.dsc stable/main/source/ppxp_0.2001080415-10sarge2.diff.gz stable/main/binary-sparc/ppxp-dev_0.2001080415-10sarge2_sparc.deb stable/main/binary-sparc/ppxp-x11_0.2001080415-10sarge2_sparc.deb stable/main/binary-sparc/ppxp_0.2001080415-10sarge2_sparc.deb ppxp (0.2001080415-10sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * No changes rebuild due to the release stable/main/binary-sparc/ppp-udeb_2.4.3-20050321+2sarge1_sparc.udeb stable/main/binary-sparc/ppp_2.4.3-20050321+2sarge1_sparc.deb ppp (2.4.3-20050321+2sarge1) stable-security; urgency=medium * Non-maintainer upload by the Security Team * Applied patch by Marcus Meissner to honor the return value of a potentially failing setuid() call [pppd/plugins/winbind.c, debian/patches/zzz-CVE-2006-2194] stable/main/binary-s390/ppp_2.4.3-20050321+2sarge1_s390.deb stable/main/binary-s390/ppp-udeb_2.4.3-20050321+2sarge1_s390.udeb ppp (2.4.3-20050321+2sarge1) stable-security; urgency=medium * Non-maintainer upload by the Security Team * Applied patch by Marcus Meissner to honor the return value of a potentially failing setuid() call [pppd/plugins/winbind.c, debian/patches/zzz-CVE-2006-2194] stable/main/binary-mipsel/ppp_2.4.3-20050321+2sarge1_mipsel.deb stable/main/binary-mipsel/ppp-udeb_2.4.3-20050321+2sarge1_mipsel.udeb ppp (2.4.3-20050321+2sarge1) stable-security; urgency=medium * Non-maintainer upload by the Security Team * Applied patch by Marcus Meissner to honor the return value of a potentially failing setuid() call [pppd/plugins/winbind.c, debian/patches/zzz-CVE-2006-2194] stable/main/binary-mips/ppp_2.4.3-20050321+2sarge1_mips.deb stable/main/binary-mips/ppp-udeb_2.4.3-20050321+2sarge1_mips.udeb ppp (2.4.3-20050321+2sarge1) stable-security; urgency=medium * Non-maintainer upload by the Security Team * Applied patch by Marcus Meissner to honor the return value of a potentially failing setuid() call [pppd/plugins/winbind.c, debian/patches/zzz-CVE-2006-2194] stable/main/binary-m68k/ppp-udeb_2.4.3-20050321+2sarge1_m68k.udeb stable/main/binary-m68k/ppp_2.4.3-20050321+2sarge1_m68k.deb ppp (2.4.3-20050321+2sarge1) stable-security; urgency=medium * Non-maintainer upload by the Security Team * Applied patch by Marcus Meissner to honor the return value of a potentially failing setuid() call [pppd/plugins/winbind.c, debian/patches/zzz-CVE-2006-2194] stable/main/binary-ia64/ppp-udeb_2.4.3-20050321+2sarge1_ia64.udeb stable/main/binary-ia64/ppp_2.4.3-20050321+2sarge1_ia64.deb ppp (2.4.3-20050321+2sarge1) stable-security; urgency=medium * Non-maintainer upload by the Security Team * Applied patch by Marcus Meissner to honor the return value of a potentially failing setuid() call [pppd/plugins/winbind.c, debian/patches/zzz-CVE-2006-2194] stable/main/binary-i386/ppp-udeb_2.4.3-20050321+2sarge1_i386.udeb stable/main/binary-i386/ppp_2.4.3-20050321+2sarge1_i386.deb ppp (2.4.3-20050321+2sarge1) stable-security; urgency=medium * Non-maintainer upload by the Security Team * Applied patch by Marcus Meissner to honor the return value of a potentially failing setuid() call [pppd/plugins/winbind.c, debian/patches/zzz-CVE-2006-2194] stable/main/binary-hppa/ppp_2.4.3-20050321+2sarge1_hppa.deb stable/main/binary-hppa/ppp-udeb_2.4.3-20050321+2sarge1_hppa.udeb ppp (2.4.3-20050321+2sarge1) stable-security; urgency=medium * Non-maintainer upload by the Security Team * Applied patch by Marcus Meissner to honor the return value of a potentially failing setuid() call [pppd/plugins/winbind.c, debian/patches/zzz-CVE-2006-2194] stable/main/binary-arm/ppp_2.4.3-20050321+2sarge1_arm.deb stable/main/binary-arm/ppp-udeb_2.4.3-20050321+2sarge1_arm.udeb ppp (2.4.3-20050321+2sarge1) stable-security; urgency=medium * Non-maintainer upload by the Security Team * Applied patch by Marcus Meissner to honor the return value of a potentially failing setuid() call [pppd/plugins/winbind.c, debian/patches/zzz-CVE-2006-2194] stable/main/binary-alpha/ppp-udeb_2.4.3-20050321+2sarge1_alpha.udeb stable/main/binary-alpha/ppp_2.4.3-20050321+2sarge1_alpha.deb ppp (2.4.3-20050321+2sarge1) stable-security; urgency=medium * Non-maintainer upload by the Security Team * Applied patch by Marcus Meissner to honor the return value of a potentially failing setuid() call [pppd/plugins/winbind.c, debian/patches/zzz-CVE-2006-2194] stable/main/source/ppp_2.4.3-20050321+2sarge1.diff.gz stable/main/binary-powerpc/ppp-udeb_2.4.3-20050321+2sarge1_powerpc.udeb stable/main/source/ppp_2.4.3-20050321+2sarge1.dsc stable/main/binary-all/ppp-dev_2.4.3-20050321+2sarge1_all.deb stable/main/binary-powerpc/ppp_2.4.3-20050321+2sarge1_powerpc.deb ppp (2.4.3-20050321+2sarge1) stable-security; urgency=medium * Non-maintainer upload by the Security Team * Applied patch by Marcus Meissner to honor the return value of a potentially failing setuid() call [pppd/plugins/winbind.c, debian/patches/zzz-CVE-2006-2194] stable/main/source/postgrey_1.21-1sarge1.dsc stable/main/source/postgrey_1.21-1sarge1.diff.gz stable/main/binary-all/postgrey_1.21-1sarge1_all.deb postgrey (1.21-1sarge1) stable-security; urgency=high * Security upload: fix format string attack in the logging function. Fix backported from 1.22. [postgrey, CVE-2005-1127] stable/main/binary-sparc/postgresql-contrib_7.4.7-6sarge3_sparc.deb stable/main/binary-sparc/libpgtcl-dev_7.4.7-6sarge3_sparc.deb stable/main/binary-sparc/postgresql-dev_7.4.7-6sarge3_sparc.deb stable/main/binary-sparc/libecpg-dev_7.4.7-6sarge3_sparc.deb stable/main/binary-sparc/libpq3_7.4.7-6sarge3_sparc.deb stable/main/binary-sparc/postgresql-client_7.4.7-6sarge3_sparc.deb stable/main/binary-sparc/libpgtcl_7.4.7-6sarge3_sparc.deb stable/main/binary-sparc/postgresql_7.4.7-6sarge3_sparc.deb stable/main/binary-sparc/libecpg4_7.4.7-6sarge3_sparc.deb postgresql (7.4.7-6sarge3) stable; urgency=low * debian/patches/57quote-escaping.patch: - contrib/dbmirror/DBMirror.pl: Fix parsing of quotes escaped as '' in the PendingData table to make the script work with the updated quoting method introduced in 7.4.7-6sarge2 (using \' escaping is insecure). - Closes: #372115 stable/main/binary-s390/postgresql-dev_7.4.7-6sarge3_s390.deb stable/main/binary-s390/postgresql-client_7.4.7-6sarge3_s390.deb stable/main/binary-s390/libpq3_7.4.7-6sarge3_s390.deb stable/main/binary-s390/postgresql_7.4.7-6sarge3_s390.deb stable/main/binary-s390/postgresql-contrib_7.4.7-6sarge3_s390.deb stable/main/binary-s390/libpgtcl_7.4.7-6sarge3_s390.deb stable/main/binary-s390/libecpg4_7.4.7-6sarge3_s390.deb stable/main/binary-s390/libpgtcl-dev_7.4.7-6sarge3_s390.deb stable/main/binary-s390/libecpg-dev_7.4.7-6sarge3_s390.deb postgresql (7.4.7-6sarge3) stable; urgency=low * debian/patches/57quote-escaping.patch: - contrib/dbmirror/DBMirror.pl: Fix parsing of quotes escaped as '' in the PendingData table to make the script work with the updated quoting method introduced in 7.4.7-6sarge2 (using \' escaping is insecure). - Closes: #372115 stable/main/binary-powerpc/postgresql-contrib_7.4.7-6sarge3_powerpc.deb stable/main/binary-powerpc/libecpg4_7.4.7-6sarge3_powerpc.deb stable/main/binary-powerpc/libpgtcl_7.4.7-6sarge3_powerpc.deb stable/main/binary-powerpc/libpq3_7.4.7-6sarge3_powerpc.deb stable/main/binary-powerpc/postgresql-client_7.4.7-6sarge3_powerpc.deb stable/main/binary-powerpc/libpgtcl-dev_7.4.7-6sarge3_powerpc.deb stable/main/binary-powerpc/libecpg-dev_7.4.7-6sarge3_powerpc.deb stable/main/binary-powerpc/postgresql-dev_7.4.7-6sarge3_powerpc.deb stable/main/binary-powerpc/postgresql_7.4.7-6sarge3_powerpc.deb postgresql (7.4.7-6sarge3) stable; urgency=low * debian/patches/57quote-escaping.patch: - contrib/dbmirror/DBMirror.pl: Fix parsing of quotes escaped as '' in the PendingData table to make the script work with the updated quoting method introduced in 7.4.7-6sarge2 (using \' escaping is insecure). - Closes: #372115 stable/main/binary-mipsel/libpq3_7.4.7-6sarge3_mipsel.deb stable/main/binary-mipsel/postgresql-client_7.4.7-6sarge3_mipsel.deb stable/main/binary-mipsel/libecpg4_7.4.7-6sarge3_mipsel.deb stable/main/binary-mipsel/postgresql-contrib_7.4.7-6sarge3_mipsel.deb stable/main/binary-mipsel/postgresql_7.4.7-6sarge3_mipsel.deb stable/main/binary-mipsel/libpgtcl_7.4.7-6sarge3_mipsel.deb stable/main/binary-mipsel/libpgtcl-dev_7.4.7-6sarge3_mipsel.deb stable/main/binary-mipsel/postgresql-dev_7.4.7-6sarge3_mipsel.deb stable/main/binary-mipsel/libecpg-dev_7.4.7-6sarge3_mipsel.deb postgresql (7.4.7-6sarge3) stable; urgency=low * debian/patches/57quote-escaping.patch: - contrib/dbmirror/DBMirror.pl: Fix parsing of quotes escaped as '' in the PendingData table to make the script work with the updated quoting method introduced in 7.4.7-6sarge2 (using \' escaping is insecure). - Closes: #372115 stable/main/binary-mips/libpgtcl_7.4.7-6sarge3_mips.deb stable/main/binary-mips/libecpg-dev_7.4.7-6sarge3_mips.deb stable/main/binary-mips/postgresql-dev_7.4.7-6sarge3_mips.deb stable/main/binary-mips/postgresql_7.4.7-6sarge3_mips.deb stable/main/binary-mips/postgresql-client_7.4.7-6sarge3_mips.deb stable/main/binary-mips/libpgtcl-dev_7.4.7-6sarge3_mips.deb stable/main/binary-mips/postgresql-contrib_7.4.7-6sarge3_mips.deb stable/main/binary-mips/libpq3_7.4.7-6sarge3_mips.deb stable/main/binary-mips/libecpg4_7.4.7-6sarge3_mips.deb postgresql (7.4.7-6sarge3) stable; urgency=low * debian/patches/57quote-escaping.patch: - contrib/dbmirror/DBMirror.pl: Fix parsing of quotes escaped as '' in the PendingData table to make the script work with the updated quoting method introduced in 7.4.7-6sarge2 (using \' escaping is insecure). - Closes: #372115 stable/main/binary-m68k/postgresql-dev_7.4.7-6sarge3_m68k.deb stable/main/binary-m68k/libpgtcl-dev_7.4.7-6sarge3_m68k.deb stable/main/binary-m68k/libpgtcl_7.4.7-6sarge3_m68k.deb stable/main/binary-m68k/postgresql-contrib_7.4.7-6sarge3_m68k.deb stable/main/binary-m68k/libpq3_7.4.7-6sarge3_m68k.deb stable/main/binary-m68k/libecpg-dev_7.4.7-6sarge3_m68k.deb stable/main/binary-m68k/libecpg4_7.4.7-6sarge3_m68k.deb stable/main/binary-m68k/postgresql-client_7.4.7-6sarge3_m68k.deb stable/main/binary-m68k/postgresql_7.4.7-6sarge3_m68k.deb postgresql (7.4.7-6sarge3) stable; urgency=low * debian/patches/57quote-escaping.patch: - contrib/dbmirror/DBMirror.pl: Fix parsing of quotes escaped as '' in the PendingData table to make the script work with the updated quoting method introduced in 7.4.7-6sarge2 (using \' escaping is insecure). - Closes: #372115 stable/main/binary-ia64/libpgtcl_7.4.7-6sarge3_ia64.deb stable/main/binary-ia64/postgresql-dev_7.4.7-6sarge3_ia64.deb stable/main/binary-ia64/postgresql_7.4.7-6sarge3_ia64.deb stable/main/binary-ia64/libpq3_7.4.7-6sarge3_ia64.deb stable/main/binary-ia64/postgresql-contrib_7.4.7-6sarge3_ia64.deb stable/main/binary-ia64/libecpg4_7.4.7-6sarge3_ia64.deb stable/main/binary-ia64/libecpg-dev_7.4.7-6sarge3_ia64.deb stable/main/binary-ia64/postgresql-client_7.4.7-6sarge3_ia64.deb stable/main/binary-ia64/libpgtcl-dev_7.4.7-6sarge3_ia64.deb postgresql (7.4.7-6sarge3) stable; urgency=low * debian/patches/57quote-escaping.patch: - contrib/dbmirror/DBMirror.pl: Fix parsing of quotes escaped as '' in the PendingData table to make the script work with the updated quoting method introduced in 7.4.7-6sarge2 (using \' escaping is insecure). - Closes: #372115 stable/main/binary-hppa/postgresql-client_7.4.7-6sarge3_hppa.deb stable/main/binary-hppa/libpgtcl_7.4.7-6sarge3_hppa.deb stable/main/binary-hppa/postgresql_7.4.7-6sarge3_hppa.deb stable/main/binary-hppa/libpq3_7.4.7-6sarge3_hppa.deb stable/main/binary-hppa/postgresql-dev_7.4.7-6sarge3_hppa.deb stable/main/binary-hppa/libecpg-dev_7.4.7-6sarge3_hppa.deb stable/main/binary-hppa/libpgtcl-dev_7.4.7-6sarge3_hppa.deb stable/main/binary-hppa/postgresql-contrib_7.4.7-6sarge3_hppa.deb stable/main/binary-hppa/libecpg4_7.4.7-6sarge3_hppa.deb postgresql (7.4.7-6sarge3) stable; urgency=low * debian/patches/57quote-escaping.patch: - contrib/dbmirror/DBMirror.pl: Fix parsing of quotes escaped as '' in the PendingData table to make the script work with the updated quoting method introduced in 7.4.7-6sarge2 (using \' escaping is insecure). - Closes: #372115 stable/main/binary-arm/libpgtcl_7.4.7-6sarge3_arm.deb stable/main/binary-arm/libecpg4_7.4.7-6sarge3_arm.deb stable/main/binary-arm/postgresql-dev_7.4.7-6sarge3_arm.deb stable/main/binary-arm/postgresql-contrib_7.4.7-6sarge3_arm.deb stable/main/binary-arm/libpq3_7.4.7-6sarge3_arm.deb stable/main/binary-arm/postgresql-client_7.4.7-6sarge3_arm.deb stable/main/binary-arm/postgresql_7.4.7-6sarge3_arm.deb stable/main/binary-arm/libpgtcl-dev_7.4.7-6sarge3_arm.deb stable/main/binary-arm/libecpg-dev_7.4.7-6sarge3_arm.deb postgresql (7.4.7-6sarge3) stable; urgency=low * debian/patches/57quote-escaping.patch: - contrib/dbmirror/DBMirror.pl: Fix parsing of quotes escaped as '' in the PendingData table to make the script work with the updated quoting method introduced in 7.4.7-6sarge2 (using \' escaping is insecure). - Closes: #372115 stable/main/binary-alpha/postgresql-client_7.4.7-6sarge3_alpha.deb stable/main/binary-alpha/libecpg4_7.4.7-6sarge3_alpha.deb stable/main/binary-alpha/libpgtcl-dev_7.4.7-6sarge3_alpha.deb stable/main/binary-alpha/libpgtcl_7.4.7-6sarge3_alpha.deb stable/main/binary-alpha/libpq3_7.4.7-6sarge3_alpha.deb stable/main/binary-alpha/postgresql_7.4.7-6sarge3_alpha.deb stable/main/binary-alpha/libecpg-dev_7.4.7-6sarge3_alpha.deb stable/main/binary-alpha/postgresql-dev_7.4.7-6sarge3_alpha.deb stable/main/binary-alpha/postgresql-contrib_7.4.7-6sarge3_alpha.deb postgresql (7.4.7-6sarge3) stable; urgency=low * debian/patches/57quote-escaping.patch: - contrib/dbmirror/DBMirror.pl: Fix parsing of quotes escaped as '' in the PendingData table to make the script work with the updated quoting method introduced in 7.4.7-6sarge2 (using \' escaping is insecure). - Closes: #372115 stable/main/binary-all/postgresql-doc_7.4.7-6sarge3_all.deb stable/main/binary-i386/postgresql-dev_7.4.7-6sarge3_i386.deb stable/main/binary-i386/libecpg-dev_7.4.7-6sarge3_i386.deb stable/main/binary-i386/postgresql-contrib_7.4.7-6sarge3_i386.deb stable/main/source/postgresql_7.4.7-6sarge3.diff.gz stable/main/binary-i386/libpq3_7.4.7-6sarge3_i386.deb stable/main/binary-i386/postgresql_7.4.7-6sarge3_i386.deb stable/main/binary-i386/postgresql-client_7.4.7-6sarge3_i386.deb stable/main/binary-i386/libecpg4_7.4.7-6sarge3_i386.deb stable/main/binary-i386/libpgtcl_7.4.7-6sarge3_i386.deb stable/main/binary-i386/libpgtcl-dev_7.4.7-6sarge3_i386.deb stable/main/source/postgresql_7.4.7-6sarge3.dsc postgresql (7.4.7-6sarge3) stable; urgency=low * debian/patches/57quote-escaping.patch: - contrib/dbmirror/DBMirror.pl: Fix parsing of quotes escaped as '' in the PendingData table to make the script work with the updated quoting method introduced in 7.4.7-6sarge2 (using \' escaping is insecure). - Closes: #372115 stable/main/source/popfile_0.22.2-2sarge1.diff.gz stable/main/source/popfile_0.22.2-2sarge1.dsc stable/main/binary-all/popfile_0.22.2-2sarge1_all.deb popfile (0.22.2-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team: * Fix denial of service vulnerability through malformed character sets in email messages. (CVE-2006-0876) stable/main/binary-sparc/pinball_0.3.1-3sarge1_sparc.deb stable/main/binary-sparc/pinball-dev_0.3.1-3sarge1_sparc.deb pinball (0.3.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid loading levels and compiled plugins from user-controllable locations. [CVE-2006-2196] stable/main/binary-s390/pinball_0.3.1-3sarge1_s390.deb stable/main/binary-s390/pinball-dev_0.3.1-3sarge1_s390.deb pinball (0.3.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid loading levels and compiled plugins from user-controllable locations. [CVE-2006-2196] stable/main/binary-powerpc/pinball-dev_0.3.1-3sarge1_powerpc.deb stable/main/binary-powerpc/pinball_0.3.1-3sarge1_powerpc.deb pinball (0.3.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid loading levels and compiled plugins from user-controllable locations. [CVE-2006-2196] stable/main/binary-mipsel/pinball_0.3.1-3sarge1_mipsel.deb stable/main/binary-mipsel/pinball-dev_0.3.1-3sarge1_mipsel.deb pinball (0.3.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid loading levels and compiled plugins from user-controllable locations. [CVE-2006-2196] stable/main/binary-mips/pinball_0.3.1-3sarge1_mips.deb stable/main/binary-mips/pinball-dev_0.3.1-3sarge1_mips.deb pinball (0.3.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid loading levels and compiled plugins from user-controllable locations. [CVE-2006-2196] stable/main/binary-m68k/pinball-dev_0.3.1-3sarge1_m68k.deb stable/main/binary-m68k/pinball_0.3.1-3sarge1_m68k.deb pinball (0.3.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid loading levels and compiled plugins from user-controllable locations. [CVE-2006-2196] stable/main/binary-ia64/pinball_0.3.1-3sarge1_ia64.deb stable/main/binary-ia64/pinball-dev_0.3.1-3sarge1_ia64.deb pinball (0.3.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid loading levels and compiled plugins from user-controllable locations. [CVE-2006-2196] stable/main/binary-hppa/pinball_0.3.1-3sarge1_hppa.deb stable/main/binary-hppa/pinball-dev_0.3.1-3sarge1_hppa.deb pinball (0.3.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid loading levels and compiled plugins from user-controllable locations. [CVE-2006-2196] stable/main/binary-arm/pinball_0.3.1-3sarge1_arm.deb stable/main/binary-arm/pinball-dev_0.3.1-3sarge1_arm.deb pinball (0.3.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid loading levels and compiled plugins from user-controllable locations. [CVE-2006-2196] stable/main/binary-alpha/pinball_0.3.1-3sarge1_alpha.deb stable/main/binary-alpha/pinball-dev_0.3.1-3sarge1_alpha.deb pinball (0.3.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid loading levels and compiled plugins from user-controllable locations. [CVE-2006-2196] stable/main/source/pinball_0.3.1-3sarge1.diff.gz stable/main/binary-i386/pinball-dev_0.3.1-3sarge1_i386.deb stable/main/binary-all/pinball-data_0.3.1-3sarge1_all.deb stable/main/binary-i386/pinball_0.3.1-3sarge1_i386.deb stable/main/source/pinball_0.3.1-3sarge1.dsc pinball (0.3.1-3sarge1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid loading levels and compiled plugins from user-controllable locations. [CVE-2006-2196] stable/main/source/phpldapadmin_0.9.5-3sarge3.dsc stable/main/source/phpldapadmin_0.9.5-3sarge3.diff.gz stable/main/binary-all/phpldapadmin_0.9.5-3sarge3_all.deb phpldapadmin (0.9.5-3sarge3) stable-security; urgency=high * copy_form.php, rename_form.php, delete_form.php, search.php: Fixes multiple xss vulnerabilities. [CVE-2006-2016, Bug#365313] stable/main/binary-all/phpgroupware-stocks_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-fudforum_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-admin_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-registration_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-manual_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-img_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-developer-tools_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-chat_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-phpbrain_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-headlines_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-hr_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-tts_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-projects_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-notes_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-skel_0.9.16.005-3.sarge5_all.deb stable/main/source/phpgroupware_0.9.16.005-3.sarge5.dsc stable/main/binary-all/phpgroupware-filemanager_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-polls_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-dj_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-calendar_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-comic_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-ftp_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-core_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-xmlrpc_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-eldaptir_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-phpsysinfo_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-phpgwapi_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-infolog_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-wiki_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-bookmarks_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-email_0.9.16.005-3.sarge5_all.deb stable/main/source/phpgroupware_0.9.16.005-3.sarge5.diff.gz stable/main/binary-all/phpgroupware-nntp_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-sitemgr_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-phonelog_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-news-admin_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-forum_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-soap_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-qmailldap_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-addressbook_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-messenger_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-preferences_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-etemplate_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-felamimail_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-folders_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-todo_0.9.16.005-3.sarge5_all.deb stable/main/binary-all/phpgroupware-setup_0.9.16.005-3.sarge5_all.deb phpgroupware (0.9.16.005-3.sarge5) stable-security; urgency=high * Non-maintainer upload for the Security Team * Fixed code injection in fudforum. [fudforum/setup/base/src/register.php.t, CVE-2005-2781] stable/main/source/phpbb2_2.0.13+1-6sarge3.dsc stable/main/binary-all/phpbb2_2.0.13-6sarge3_all.deb stable/main/binary-all/phpbb2-conf-mysql_2.0.13-6sarge3_all.deb stable/main/source/phpbb2_2.0.13+1-6sarge3.diff.gz stable/main/binary-all/phpbb2-languages_2.0.13-6sarge3_all.deb phpbb2 (2.0.13+1-6sarge3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix arbitrary web script execution through missing input sanitising in Font Colour 3 variables. (CVE-2006-1896) stable/main/binary-sparc/perl-debug_5.8.4-8sarge5_sparc.deb stable/main/binary-sparc/perl-base_5.8.4-8sarge5_sparc.deb stable/main/binary-sparc/libperl5.8_5.8.4-8sarge5_sparc.deb stable/main/binary-sparc/libperl-dev_5.8.4-8sarge5_sparc.deb stable/main/binary-sparc/perl_5.8.4-8sarge5_sparc.deb stable/main/binary-sparc/perl-suid_5.8.4-8sarge5_sparc.deb perl (5.8.4-8sarge5) stable; urgency=low * Apply upstream changes #23084 and #23085 to correct problems with the utf8/taint fix and Tk 804.27 . stable/main/binary-s390/perl-base_5.8.4-8sarge5_s390.deb stable/main/binary-s390/libperl5.8_5.8.4-8sarge5_s390.deb stable/main/binary-s390/perl-suid_5.8.4-8sarge5_s390.deb stable/main/binary-s390/libperl-dev_5.8.4-8sarge5_s390.deb stable/main/binary-s390/perl_5.8.4-8sarge5_s390.deb stable/main/binary-s390/perl-debug_5.8.4-8sarge5_s390.deb perl (5.8.4-8sarge5) stable; urgency=low * Apply upstream changes #23084 and #23085 to correct problems with the utf8/taint fix and Tk 804.27 . stable/main/binary-powerpc/perl-base_5.8.4-8sarge5_powerpc.deb stable/main/binary-powerpc/perl-suid_5.8.4-8sarge5_powerpc.deb stable/main/binary-powerpc/perl-debug_5.8.4-8sarge5_powerpc.deb stable/main/binary-powerpc/libperl5.8_5.8.4-8sarge5_powerpc.deb stable/main/binary-powerpc/libperl-dev_5.8.4-8sarge5_powerpc.deb stable/main/binary-powerpc/perl_5.8.4-8sarge5_powerpc.deb perl (5.8.4-8sarge5) stable; urgency=low * Apply upstream changes #23084 and #23085 to correct problems with the utf8/taint fix and Tk 804.27 . stable/main/binary-mipsel/libperl5.8_5.8.4-8sarge5_mipsel.deb stable/main/binary-mipsel/perl-suid_5.8.4-8sarge5_mipsel.deb stable/main/binary-mipsel/perl_5.8.4-8sarge5_mipsel.deb stable/main/binary-mipsel/perl-base_5.8.4-8sarge5_mipsel.deb stable/main/binary-mipsel/libperl-dev_5.8.4-8sarge5_mipsel.deb stable/main/binary-mipsel/perl-debug_5.8.4-8sarge5_mipsel.deb perl (5.8.4-8sarge5) stable; urgency=low * Apply upstream changes #23084 and #23085 to correct problems with the utf8/taint fix and Tk 804.27 . stable/main/binary-mips/perl-suid_5.8.4-8sarge5_mips.deb stable/main/binary-mips/libperl5.8_5.8.4-8sarge5_mips.deb stable/main/binary-mips/perl-base_5.8.4-8sarge5_mips.deb stable/main/binary-mips/libperl-dev_5.8.4-8sarge5_mips.deb stable/main/binary-mips/perl-debug_5.8.4-8sarge5_mips.deb stable/main/binary-mips/perl_5.8.4-8sarge5_mips.deb perl (5.8.4-8sarge5) stable; urgency=low * Apply upstream changes #23084 and #23085 to correct problems with the utf8/taint fix and Tk 804.27 . stable/main/binary-m68k/libperl5.8_5.8.4-8sarge5_m68k.deb stable/main/binary-m68k/perl-debug_5.8.4-8sarge5_m68k.deb stable/main/binary-m68k/perl-base_5.8.4-8sarge5_m68k.deb stable/main/binary-m68k/perl_5.8.4-8sarge5_m68k.deb stable/main/binary-m68k/perl-suid_5.8.4-8sarge5_m68k.deb stable/main/binary-m68k/libperl-dev_5.8.4-8sarge5_m68k.deb perl (5.8.4-8sarge5) stable; urgency=low * Apply upstream changes #23084 and #23085 to correct problems with the utf8/taint fix and Tk 804.27 . stable/main/binary-ia64/perl-debug_5.8.4-8sarge5_ia64.deb stable/main/binary-ia64/perl-base_5.8.4-8sarge5_ia64.deb stable/main/binary-ia64/perl-suid_5.8.4-8sarge5_ia64.deb stable/main/binary-ia64/libperl5.8_5.8.4-8sarge5_ia64.deb stable/main/binary-ia64/libperl-dev_5.8.4-8sarge5_ia64.deb stable/main/binary-ia64/perl_5.8.4-8sarge5_ia64.deb perl (5.8.4-8sarge5) stable; urgency=low * Apply upstream changes #23084 and #23085 to correct problems with the utf8/taint fix and Tk 804.27 . stable/main/binary-hppa/perl-suid_5.8.4-8sarge5_hppa.deb stable/main/binary-hppa/perl-debug_5.8.4-8sarge5_hppa.deb stable/main/binary-hppa/libperl5.8_5.8.4-8sarge5_hppa.deb stable/main/binary-hppa/perl_5.8.4-8sarge5_hppa.deb stable/main/binary-hppa/libperl-dev_5.8.4-8sarge5_hppa.deb stable/main/binary-hppa/perl-base_5.8.4-8sarge5_hppa.deb perl (5.8.4-8sarge5) stable; urgency=low * Apply upstream changes #23084 and #23085 to correct problems with the utf8/taint fix and Tk 804.27 . stable/main/binary-arm/perl-suid_5.8.4-8sarge5_arm.deb stable/main/binary-arm/libperl-dev_5.8.4-8sarge5_arm.deb stable/main/binary-arm/perl_5.8.4-8sarge5_arm.deb stable/main/binary-arm/perl-base_5.8.4-8sarge5_arm.deb stable/main/binary-arm/perl-debug_5.8.4-8sarge5_arm.deb stable/main/binary-arm/libperl5.8_5.8.4-8sarge5_arm.deb perl (5.8.4-8sarge5) stable; urgency=low * Apply upstream changes #23084 and #23085 to correct problems with the utf8/taint fix and Tk 804.27 . stable/main/binary-alpha/perl-suid_5.8.4-8sarge5_alpha.deb stable/main/binary-alpha/libperl-dev_5.8.4-8sarge5_alpha.deb stable/main/binary-alpha/perl_5.8.4-8sarge5_alpha.deb stable/main/binary-alpha/libperl5.8_5.8.4-8sarge5_alpha.deb stable/main/binary-alpha/perl-base_5.8.4-8sarge5_alpha.deb stable/main/binary-alpha/perl-debug_5.8.4-8sarge5_alpha.deb perl (5.8.4-8sarge5) stable; urgency=low * Apply upstream changes #23084 and #23085 to correct problems with the utf8/taint fix and Tk 804.27 . stable/main/binary-i386/libperl-dev_5.8.4-8sarge5_i386.deb stable/main/source/perl_5.8.4-8sarge5.diff.gz stable/main/binary-all/libcgi-fast-perl_5.8.4-8sarge5_all.deb stable/main/source/perl_5.8.4-8sarge5.dsc stable/main/binary-i386/perl-debug_5.8.4-8sarge5_i386.deb stable/main/binary-i386/perl_5.8.4-8sarge5_i386.deb stable/main/binary-i386/libperl5.8_5.8.4-8sarge5_i386.deb stable/main/binary-all/perl-modules_5.8.4-8sarge5_all.deb stable/main/binary-i386/perl-suid_5.8.4-8sarge5_i386.deb stable/main/binary-i386/perl-base_5.8.4-8sarge5_i386.deb stable/main/binary-all/perl-doc_5.8.4-8sarge5_all.deb perl (5.8.4-8sarge5) stable; urgency=low * Apply upstream changes #23084 and #23085 to correct problems with the utf8/taint fix and Tk 804.27 . stable/main/binary-i386/pcmcia-modules-2.4.27-3-686-smp_3.2.5+2sarge1_i386.deb stable/main/binary-i386/pcmcia-modules-2.4.27-3-k6_3.2.5+2sarge1_i386.deb stable/main/binary-i386/pcmcia-modules-2.4.27-3-586tsc_3.2.5+2sarge1_i386.deb stable/main/source/pcmcia-modules-2.4.27-i386_3.2.5+2sarge1.tar.gz stable/main/source/pcmcia-modules-2.4.27-i386_3.2.5+2sarge1.dsc stable/main/binary-i386/pcmcia-modules-2.4.27-3-686_3.2.5+2sarge1_i386.deb stable/main/binary-i386/pcmcia-modules-2.4.27-3-k7_3.2.5+2sarge1_i386.deb stable/main/binary-i386/pcmcia-modules-2.4.27-3-386_3.2.5+2sarge1_i386.deb stable/main/binary-i386/pcmcia-modules-2.4.27-3-k7-smp_3.2.5+2sarge1_i386.deb pcmcia-modules-2.4.27-i386 (3.2.5+2sarge1) stable-security; urgency=low * Build against kernel-image-2.4.27-i386 2.4.27-10sarge2. * Export MODULE_LOC for all commands. * Remove unpack-stamp when cleaning. stable/main/binary-sparc/osiris_4.0.6-1sarge1_sparc.deb stable/main/binary-sparc/osirisd_4.0.6-1sarge1_sparc.deb stable/main/binary-sparc/osirismd_4.0.6-1sarge1_sparc.deb osiris (4.0.6-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Ulf Harnhammar to fix arbitrary code execution and other problems [osirisd/logging.c, osirismd/logging.c, CVE-2006-3120] stable/main/binary-s390/osirismd_4.0.6-1sarge1_s390.deb stable/main/binary-s390/osirisd_4.0.6-1sarge1_s390.deb stable/main/binary-s390/osiris_4.0.6-1sarge1_s390.deb osiris (4.0.6-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Ulf Harnhammar to fix arbitrary code execution and other problems [osirisd/logging.c, osirismd/logging.c, CVE-2006-3120] stable/main/binary-mipsel/osirismd_4.0.6-1sarge1_mipsel.deb stable/main/binary-mipsel/osirisd_4.0.6-1sarge1_mipsel.deb stable/main/binary-mipsel/osiris_4.0.6-1sarge1_mipsel.deb osiris (4.0.6-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Ulf Harnhammar to fix arbitrary code execution and other problems [osirisd/logging.c, osirismd/logging.c, CVE-2006-3120] stable/main/binary-mips/osirismd_4.0.6-1sarge1_mips.deb stable/main/binary-mips/osirisd_4.0.6-1sarge1_mips.deb stable/main/binary-mips/osiris_4.0.6-1sarge1_mips.deb osiris (4.0.6-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Ulf Harnhammar to fix arbitrary code execution and other problems [osirisd/logging.c, osirismd/logging.c, CVE-2006-3120] stable/main/binary-m68k/osirisd_4.0.6-1sarge1_m68k.deb stable/main/binary-m68k/osirismd_4.0.6-1sarge1_m68k.deb stable/main/binary-m68k/osiris_4.0.6-1sarge1_m68k.deb osiris (4.0.6-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Ulf Harnhammar to fix arbitrary code execution and other problems [osirisd/logging.c, osirismd/logging.c, CVE-2006-3120] stable/main/binary-ia64/osirisd_4.0.6-1sarge1_ia64.deb stable/main/binary-ia64/osirismd_4.0.6-1sarge1_ia64.deb stable/main/binary-ia64/osiris_4.0.6-1sarge1_ia64.deb osiris (4.0.6-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Ulf Harnhammar to fix arbitrary code execution and other problems [osirisd/logging.c, osirismd/logging.c, CVE-2006-3120] stable/main/binary-i386/osiris_4.0.6-1sarge1_i386.deb stable/main/binary-i386/osirisd_4.0.6-1sarge1_i386.deb stable/main/binary-i386/osirismd_4.0.6-1sarge1_i386.deb osiris (4.0.6-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Ulf Harnhammar to fix arbitrary code execution and other problems [osirisd/logging.c, osirismd/logging.c, CVE-2006-3120] stable/main/binary-hppa/osirismd_4.0.6-1sarge1_hppa.deb stable/main/binary-hppa/osirisd_4.0.6-1sarge1_hppa.deb stable/main/binary-hppa/osiris_4.0.6-1sarge1_hppa.deb osiris (4.0.6-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Ulf Harnhammar to fix arbitrary code execution and other problems [osirisd/logging.c, osirismd/logging.c, CVE-2006-3120] stable/main/binary-arm/osirismd_4.0.6-1sarge1_arm.deb stable/main/binary-arm/osiris_4.0.6-1sarge1_arm.deb stable/main/binary-arm/osirisd_4.0.6-1sarge1_arm.deb osiris (4.0.6-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Ulf Harnhammar to fix arbitrary code execution and other problems [osirisd/logging.c, osirismd/logging.c, CVE-2006-3120] stable/main/binary-alpha/osirisd_4.0.6-1sarge1_alpha.deb stable/main/binary-alpha/osirismd_4.0.6-1sarge1_alpha.deb stable/main/binary-alpha/osiris_4.0.6-1sarge1_alpha.deb osiris (4.0.6-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Ulf Harnhammar to fix arbitrary code execution and other problems [osirisd/logging.c, osirismd/logging.c, CVE-2006-3120] stable/main/binary-powerpc/osirisd_4.0.6-1sarge1_powerpc.deb stable/main/source/osiris_4.0.6-1sarge1.diff.gz stable/main/source/osiris_4.0.6-1sarge1.dsc stable/main/binary-powerpc/osirismd_4.0.6-1sarge1_powerpc.deb stable/main/binary-powerpc/osiris_4.0.6-1sarge1_powerpc.deb osiris (4.0.6-1sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Applied patch by Ulf Harnhammar to fix arbitrary code execution and other problems [osirisd/logging.c, osirismd/logging.c, CVE-2006-3120] stable/main/binary-sparc/openvpn_2.0-1sarge3_sparc.deb openvpn (2.0-1sarge3) stable-security; urgency=low * Sarge security release. - Applied upstream patches to disallow "setenv" to be pushed to clients from the server. (CVE-2006-1629) stable/main/binary-s390/openvpn_2.0-1sarge3_s390.deb openvpn (2.0-1sarge3) stable-security; urgency=low * Sarge security release. - Applied upstream patches to disallow "setenv" to be pushed to clients from the server. (CVE-2006-1629) stable/main/binary-powerpc/openvpn_2.0-1sarge3_powerpc.deb openvpn (2.0-1sarge3) stable-security; urgency=low * Sarge security release. - Applied upstream patches to disallow "setenv" to be pushed to clients from the server. (CVE-2006-1629) stable/main/binary-mipsel/openvpn_2.0-1sarge3_mipsel.deb openvpn (2.0-1sarge3) stable-security; urgency=low * Sarge security release. - Applied upstream patches to disallow "setenv" to be pushed to clients from the server. (CVE-2006-1629) stable/main/binary-mips/openvpn_2.0-1sarge3_mips.deb openvpn (2.0-1sarge3) stable-security; urgency=low * Sarge security release. - Applied upstream patches to disallow "setenv" to be pushed to clients from the server. (CVE-2006-1629) stable/main/binary-m68k/openvpn_2.0-1sarge3_m68k.deb openvpn (2.0-1sarge3) stable-security; urgency=low * Sarge security release. - Applied upstream patches to disallow "setenv" to be pushed to clients from the server. (CVE-2006-1629) stable/main/binary-ia64/openvpn_2.0-1sarge3_ia64.deb openvpn (2.0-1sarge3) stable-security; urgency=low * Sarge security release. - Applied upstream patches to disallow "setenv" to be pushed to clients from the server. (CVE-2006-1629) stable/main/binary-hppa/openvpn_2.0-1sarge3_hppa.deb openvpn (2.0-1sarge3) stable-security; urgency=low * Sarge security release. - Applied upstream patches to disallow "setenv" to be pushed to clients from the server. (CVE-2006-1629) stable/main/binary-arm/openvpn_2.0-1sarge3_arm.deb openvpn (2.0-1sarge3) stable-security; urgency=low * Sarge security release. - Applied upstream patches to disallow "setenv" to be pushed to clients from the server. (CVE-2006-1629) stable/main/binary-alpha/openvpn_2.0-1sarge3_alpha.deb openvpn (2.0-1sarge3) stable-security; urgency=low * Sarge security release. - Applied upstream patches to disallow "setenv" to be pushed to clients from the server. (CVE-2006-1629) stable/main/source/openvpn_2.0-1sarge3.dsc stable/main/binary-i386/openvpn_2.0-1sarge3_i386.deb stable/main/source/openvpn_2.0-1sarge3.diff.gz openvpn (2.0-1sarge3) stable-security; urgency=low * Sarge security release. - Applied upstream patches to disallow "setenv" to be pushed to clients from the server. (CVE-2006-1629) stable/main/binary-s390/openoffice.org-gtk-gnome_1.1.3-9sarge3_s390.deb stable/main/binary-s390/openoffice.org-bin_1.1.3-9sarge3_s390.deb stable/main/binary-s390/openoffice.org-kde_1.1.3-9sarge3_s390.deb stable/main/binary-s390/openoffice.org-evolution_1.1.3-9sarge3_s390.deb stable/main/binary-s390/openoffice.org-dev_1.1.3-9sarge3_s390.deb openoffice.org (1.1.3-9sarge3) stable-security; urgency=high * ooo-build/patches/OOO_1_1/sax-xml-2-utf8-converter-extra-1.1.x.diff: add addiitional patch for the file format patch needed for OOo < 1.1.5 stable/main/binary-powerpc/openoffice.org-gtk-gnome_1.1.3-9sarge3_powerpc.deb stable/main/binary-powerpc/openoffice.org-kde_1.1.3-9sarge3_powerpc.deb stable/main/binary-powerpc/openoffice.org-bin_1.1.3-9sarge3_powerpc.deb stable/main/binary-powerpc/openoffice.org-dev_1.1.3-9sarge3_powerpc.deb stable/main/binary-powerpc/openoffice.org-evolution_1.1.3-9sarge3_powerpc.deb openoffice.org (1.1.3-9sarge3) stable-security; urgency=high * ooo-build/patches/OOO_1_1/sax-xml-2-utf8-converter-extra-1.1.x.diff: add addiitional patch for the file format patch needed for OOo < 1.1.5 stable/main/binary-all/openoffice.org-l10n-hu_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-ca_1.1.3-9sarge3_all.deb stable/main/binary-i386/openoffice.org-dev_1.1.3-9sarge3_i386.deb stable/main/binary-all/openoffice.org-l10n-he_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-zu_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-eu_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-zh-tw_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-fr_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-gl_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-de_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-it_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-nb_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-el_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-en_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-kn_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-thesaurus-en-us_1.1.3-9sarge3_all.deb stable/main/binary-sparc/openoffice.org-dev_1.1.3-9sarge3_sparc.deb stable/main/binary-all/openoffice.org-l10n-nn_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-ko_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-zh-cn_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-da_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-sv_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-tr_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-af_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-fi_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-nl_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-ar_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-cy_1.1.3-9sarge3_all.deb stable/main/binary-i386/openoffice.org-bin_1.1.3-9sarge3_i386.deb stable/main/binary-i386/openoffice.org-evolution_1.1.3-9sarge3_i386.deb stable/main/binary-i386/openoffice.org-gtk-gnome_1.1.3-9sarge3_i386.deb stable/main/binary-all/openoffice.org-l10n-pt-br_1.1.3-9sarge3_all.deb stable/main/binary-sparc/openoffice.org-gtk-gnome_1.1.3-9sarge3_sparc.deb stable/main/binary-all/openoffice.org-l10n-pl_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-sk_1.1.3-9sarge3_all.deb stable/main/binary-all/ttf-opensymbol_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-th_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-cs_1.1.3-9sarge3_all.deb stable/main/source/openoffice.org_1.1.3-9sarge3.diff.gz stable/main/binary-all/openoffice.org-l10n-ru_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-mimelnk_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-es_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-ja_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-lt_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-sl_1.1.3-9sarge3_all.deb stable/main/binary-sparc/openoffice.org-evolution_1.1.3-9sarge3_sparc.deb stable/main/binary-sparc/openoffice.org-bin_1.1.3-9sarge3_sparc.deb stable/main/binary-sparc/openoffice.org-kde_1.1.3-9sarge3_sparc.deb stable/main/binary-all/openoffice.org-l10n-ns_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org_1.1.3-9sarge3_all.deb stable/main/binary-i386/openoffice.org-kde_1.1.3-9sarge3_i386.deb stable/main/binary-all/openoffice.org-l10n-hi_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-pt_1.1.3-9sarge3_all.deb stable/main/binary-all/openoffice.org-l10n-et_1.1.3-9sarge3_all.deb stable/main/source/openoffice.org_1.1.3-9sarge3.dsc stable/main/binary-all/openoffice.org-l10n-tn_1.1.3-9sarge3_all.deb openoffice.org (1.1.3-9sarge3) stable-security; urgency=high * ooo-build/patches/OOO_1_1/sax-xml-2-utf8-converter-extra-1.1.x.diff: add addiitional patch for the file format patch needed for OOo < 1.1.5 stable/main/binary-sparc/octaviz_0.4.0-10sarge1_sparc.deb octaviz (0.4.0-10sarge1) stable; urgency=low +++ Changes by Thomas Weber * recompile to pick up correct Octave version (Closes: #341676, #304162) * Apply 40-cast-pointer-long.patch. This should bring all released stable architectures back in sync stable/main/binary-s390/octaviz_0.4.0-10sarge1_s390.deb octaviz (0.4.0-10sarge1) stable; urgency=low +++ Changes by Thomas Weber * recompile to pick up correct Octave version (Closes: #341676, #304162) * Apply 40-cast-pointer-long.patch. This should bring all released stable architectures back in sync stable/main/binary-powerpc/octaviz_0.4.0-10sarge1_powerpc.deb octaviz (0.4.0-10sarge1) stable; urgency=low +++ Changes by Thomas Weber * recompile to pick up correct Octave version (Closes: #341676, #304162) * Apply 40-cast-pointer-long.patch. This should bring all released stable architectures back in sync stable/main/binary-mipsel/octaviz_0.4.0-10sarge1_mipsel.deb octaviz (0.4.0-10sarge1) stable; urgency=low +++ Changes by Thomas Weber * recompile to pick up correct Octave version (Closes: #341676, #304162) * Apply 40-cast-pointer-long.patch. This should bring all released stable architectures back in sync stable/main/binary-mips/octaviz_0.4.0-10sarge1_mips.deb octaviz (0.4.0-10sarge1) stable; urgency=low +++ Changes by Thomas Weber * recompile to pick up correct Octave version (Closes: #341676, #304162) * Apply 40-cast-pointer-long.patch. This should bring all released stable architectures back in sync stable/main/binary-m68k/octaviz_0.4.0-10sarge1_m68k.deb octaviz (0.4.0-10sarge1) stable; urgency=low +++ Changes by Thomas Weber * recompile to pick up correct Octave version (Closes: #341676, #304162) * Apply 40-cast-pointer-long.patch. This should bring all released stable architectures back in sync stable/main/binary-hppa/octaviz_0.4.0-10sarge1_hppa.deb octaviz (0.4.0-10sarge1) stable; urgency=low +++ Changes by Thomas Weber * recompile to pick up correct Octave version (Closes: #341676, #304162) * Apply 40-cast-pointer-long.patch. This should bring all released stable architectures back in sync stable/main/binary-arm/octaviz_0.4.0-10sarge1_arm.deb octaviz (0.4.0-10sarge1) stable; urgency=low +++ Changes by Thomas Weber * recompile to pick up correct Octave version (Closes: #341676, #304162) * Apply 40-cast-pointer-long.patch. This should bring all released stable architectures back in sync stable/main/source/octaviz_0.4.0-10sarge1.diff.gz stable/main/source/octaviz_0.4.0-10sarge1.dsc stable/main/binary-i386/octaviz_0.4.0-10sarge1_i386.deb octaviz (0.4.0-10sarge1) stable; urgency=low +++ Changes by Thomas Weber * recompile to pick up correct Octave version (Closes: #341676, #304162) * Apply 40-cast-pointer-long.patch. This should bring all released stable architectures back in sync stable/main/binary-i386/ndiswrapper-modules-2.6.8-3-k7_1.1-2sarge1_i386.deb stable/main/binary-i386/ndiswrapper-modules-2.6.8-3-k7-smp_1.1-2sarge1_i386.deb stable/main/binary-i386/ndiswrapper-modules-2.6.8-3-386_1.1-2sarge1_i386.deb stable/main/binary-i386/ndiswrapper-modules-2.6.8-3-686_1.1-2sarge1_i386.deb stable/main/binary-i386/ndiswrapper-modules-2.6.8-3-686-smp_1.1-2sarge1_i386.deb stable/main/source/ndiswrapper-modules-i386_1.1-2sarge1.tar.gz stable/main/source/ndiswrapper-modules-i386_1.1-2sarge1.dsc ndiswrapper-modules-i386 (1.1-2sarge1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Rebuild for -3 ABI stable/main/binary-sparc/ncompress_4.2.4-15sarge2_sparc.deb ncompress (4.2.4-15sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correction of the security patch by Ludwig Nussel [compress42.c, CVE-2006-1168] stable/main/binary-s390/ncompress_4.2.4-15sarge2_s390.deb ncompress (4.2.4-15sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correction of the security patch by Ludwig Nussel [compress42.c, CVE-2006-1168] stable/main/binary-mipsel/ncompress_4.2.4-15sarge2_mipsel.deb ncompress (4.2.4-15sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correction of the security patch by Ludwig Nussel [compress42.c, CVE-2006-1168] stable/main/binary-mips/ncompress_4.2.4-15sarge2_mips.deb ncompress (4.2.4-15sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correction of the security patch by Ludwig Nussel [compress42.c, CVE-2006-1168] stable/main/binary-m68k/ncompress_4.2.4-15sarge2_m68k.deb ncompress (4.2.4-15sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correction of the security patch by Ludwig Nussel [compress42.c, CVE-2006-1168] stable/main/binary-ia64/ncompress_4.2.4-15sarge2_ia64.deb ncompress (4.2.4-15sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correction of the security patch by Ludwig Nussel [compress42.c, CVE-2006-1168] stable/main/binary-i386/ncompress_4.2.4-15sarge2_i386.deb ncompress (4.2.4-15sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correction of the security patch by Ludwig Nussel [compress42.c, CVE-2006-1168] stable/main/binary-hppa/ncompress_4.2.4-15sarge2_hppa.deb ncompress (4.2.4-15sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correction of the security patch by Ludwig Nussel [compress42.c, CVE-2006-1168] stable/main/binary-arm/ncompress_4.2.4-15sarge2_arm.deb ncompress (4.2.4-15sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correction of the security patch by Ludwig Nussel [compress42.c, CVE-2006-1168] stable/main/binary-alpha/ncompress_4.2.4-15sarge2_alpha.deb ncompress (4.2.4-15sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correction of the security patch by Ludwig Nussel [compress42.c, CVE-2006-1168] stable/main/source/ncompress_4.2.4-15sarge2.diff.gz stable/main/binary-powerpc/ncompress_4.2.4-15sarge2_powerpc.deb stable/main/source/ncompress_4.2.4-15sarge2.dsc ncompress (4.2.4-15sarge2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Correction of the security patch by Ludwig Nussel [compress42.c, CVE-2006-1168] stable/main/binary-sparc/nagios-text_1.3-cvs.20050402-2.sarge.2_sparc.deb stable/main/binary-sparc/nagios-mysql_1.3-cvs.20050402-2.sarge.2_sparc.deb stable/main/binary-sparc/nagios-pgsql_1.3-cvs.20050402-2.sarge.2_sparc.deb nagios (2:1.3-cvs.20050402-2.sarge.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Add overflow protection for Content-Length [cgi/getcgi.c, debian/patches/99999_CVE-2006-2162.dpatch] stable/main/binary-s390/nagios-mysql_1.3-cvs.20050402-2.sarge.2_s390.deb stable/main/binary-s390/nagios-pgsql_1.3-cvs.20050402-2.sarge.2_s390.deb stable/main/binary-s390/nagios-text_1.3-cvs.20050402-2.sarge.2_s390.deb nagios (2:1.3-cvs.20050402-2.sarge.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Add overflow protection for Content-Length [cgi/getcgi.c, debian/patches/99999_CVE-2006-2162.dpatch] stable/main/binary-powerpc/nagios-text_1.3-cvs.20050402-2.sarge.2_powerpc.deb stable/main/binary-powerpc/nagios-pgsql_1.3-cvs.20050402-2.sarge.2_powerpc.deb stable/main/binary-powerpc/nagios-mysql_1.3-cvs.20050402-2.sarge.2_powerpc.deb nagios (2:1.3-cvs.20050402-2.sarge.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Add overflow protection for Content-Length [cgi/getcgi.c, debian/patches/99999_CVE-2006-2162.dpatch] stable/main/binary-mipsel/nagios-text_1.3-cvs.20050402-2.sarge.2_mipsel.deb stable/main/binary-mipsel/nagios-mysql_1.3-cvs.20050402-2.sarge.2_mipsel.deb stable/main/binary-mipsel/nagios-pgsql_1.3-cvs.20050402-2.sarge.2_mipsel.deb nagios (2:1.3-cvs.20050402-2.sarge.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Add overflow protection for Content-Length [cgi/getcgi.c, debian/patches/99999_CVE-2006-2162.dpatch] stable/main/binary-mips/nagios-pgsql_1.3-cvs.20050402-2.sarge.2_mips.deb stable/main/binary-mips/nagios-text_1.3-cvs.20050402-2.sarge.2_mips.deb stable/main/binary-mips/nagios-mysql_1.3-cvs.20050402-2.sarge.2_mips.deb nagios (2:1.3-cvs.20050402-2.sarge.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Add overflow protection for Content-Length [cgi/getcgi.c, debian/patches/99999_CVE-2006-2162.dpatch] stable/main/binary-m68k/nagios-text_1.3-cvs.20050402-2.sarge.2_m68k.deb stable/main/binary-m68k/nagios-pgsql_1.3-cvs.20050402-2.sarge.2_m68k.deb stable/main/binary-m68k/nagios-mysql_1.3-cvs.20050402-2.sarge.2_m68k.deb nagios (2:1.3-cvs.20050402-2.sarge.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Add overflow protection for Content-Length [cgi/getcgi.c, debian/patches/99999_CVE-2006-2162.dpatch] stable/main/binary-ia64/nagios-pgsql_1.3-cvs.20050402-2.sarge.2_ia64.deb stable/main/binary-ia64/nagios-text_1.3-cvs.20050402-2.sarge.2_ia64.deb stable/main/binary-ia64/nagios-mysql_1.3-cvs.20050402-2.sarge.2_ia64.deb nagios (2:1.3-cvs.20050402-2.sarge.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Add overflow protection for Content-Length [cgi/getcgi.c, debian/patches/99999_CVE-2006-2162.dpatch] stable/main/binary-hppa/nagios-pgsql_1.3-cvs.20050402-2.sarge.2_hppa.deb stable/main/binary-hppa/nagios-text_1.3-cvs.20050402-2.sarge.2_hppa.deb stable/main/binary-hppa/nagios-mysql_1.3-cvs.20050402-2.sarge.2_hppa.deb nagios (2:1.3-cvs.20050402-2.sarge.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Add overflow protection for Content-Length [cgi/getcgi.c, debian/patches/99999_CVE-2006-2162.dpatch] stable/main/binary-arm/nagios-pgsql_1.3-cvs.20050402-2.sarge.2_arm.deb stable/main/binary-arm/nagios-mysql_1.3-cvs.20050402-2.sarge.2_arm.deb stable/main/binary-arm/nagios-text_1.3-cvs.20050402-2.sarge.2_arm.deb nagios (2:1.3-cvs.20050402-2.sarge.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Add overflow protection for Content-Length [cgi/getcgi.c, debian/patches/99999_CVE-2006-2162.dpatch] stable/main/binary-alpha/nagios-pgsql_1.3-cvs.20050402-2.sarge.2_alpha.deb stable/main/binary-alpha/nagios-text_1.3-cvs.20050402-2.sarge.2_alpha.deb stable/main/binary-alpha/nagios-mysql_1.3-cvs.20050402-2.sarge.2_alpha.deb nagios (2:1.3-cvs.20050402-2.sarge.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Add overflow protection for Content-Length [cgi/getcgi.c, debian/patches/99999_CVE-2006-2162.dpatch] stable/main/binary-i386/nagios-mysql_1.3-cvs.20050402-2.sarge.2_i386.deb stable/main/source/nagios_1.3-cvs.20050402-2.sarge.2.diff.gz stable/main/binary-all/nagios-common_1.3-cvs.20050402-2.sarge.2_all.deb stable/main/binary-i386/nagios-pgsql_1.3-cvs.20050402-2.sarge.2_i386.deb stable/main/source/nagios_1.3-cvs.20050402-2.sarge.2.dsc stable/main/binary-i386/nagios-text_1.3-cvs.20050402-2.sarge.2_i386.deb nagios (2:1.3-cvs.20050402-2.sarge.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Add overflow protection for Content-Length [cgi/getcgi.c, debian/patches/99999_CVE-2006-2162.dpatch] stable/main/binary-sparc/libmysqlclient14-dev_4.1.11a-4sarge5_sparc.deb stable/main/binary-sparc/mysql-server-4.1_4.1.11a-4sarge5_sparc.deb stable/main/binary-sparc/libmysqlclient14_4.1.11a-4sarge5_sparc.deb stable/main/binary-sparc/mysql-client-4.1_4.1.11a-4sarge5_sparc.deb mysql-dfsg-4.1 (4.1.11a-4sarge5) stable-security; urgency=low * Security upload prepared for the security team by the Debian MySQL package maintainers. * Fixed DoS bug where any user could crash the server with "SELECT str_to_date(1, NULL);" (CVE-2006-3081). The vulnerability was discovered by Kanatoko . Closes: #373913 * Fixed DoS bug where any user could crash the server with "SELECT date_format('%d%s', 1); (CVE-2006-3469). The vulnerability was discovered by Maillefer Jean-David and filed as MySQL bug #20729. Closes: #375694 stable/main/binary-s390/libmysqlclient14_4.1.11a-4sarge5_s390.deb stable/main/binary-s390/libmysqlclient14-dev_4.1.11a-4sarge5_s390.deb stable/main/binary-s390/mysql-client-4.1_4.1.11a-4sarge5_s390.deb stable/main/binary-s390/mysql-server-4.1_4.1.11a-4sarge5_s390.deb mysql-dfsg-4.1 (4.1.11a-4sarge5) stable-security; urgency=low * Security upload prepared for the security team by the Debian MySQL package maintainers. * Fixed DoS bug where any user could crash the server with "SELECT str_to_date(1, NULL);" (CVE-2006-3081). The vulnerability was discovered by Kanatoko . Closes: #373913 * Fixed DoS bug where any user could crash the server with "SELECT date_format('%d%s', 1); (CVE-2006-3469). The vulnerability was discovered by Maillefer Jean-David and filed as MySQL bug #20729. Closes: #375694 stable/main/binary-powerpc/mysql-client-4.1_4.1.11a-4sarge5_powerpc.deb stable/main/binary-powerpc/libmysqlclient14-dev_4.1.11a-4sarge5_powerpc.deb stable/main/binary-powerpc/libmysqlclient14_4.1.11a-4sarge5_powerpc.deb stable/main/binary-powerpc/mysql-server-4.1_4.1.11a-4sarge5_powerpc.deb mysql-dfsg-4.1 (4.1.11a-4sarge5) stable-security; urgency=low * Security upload prepared for the security team by the Debian MySQL package maintainers. * Fixed DoS bug where any user could crash the server with "SELECT str_to_date(1, NULL);" (CVE-2006-3081). The vulnerability was discovered by Kanatoko . Closes: #373913 * Fixed DoS bug where any user could crash the server with "SELECT date_format('%d%s', 1); (CVE-2006-3469). The vulnerability was discovered by Maillefer Jean-David and filed as MySQL bug #20729. Closes: #375694 stable/main/binary-mipsel/mysql-client-4.1_4.1.11a-4sarge5_mipsel.deb stable/main/binary-mipsel/libmysqlclient14_4.1.11a-4sarge5_mipsel.deb stable/main/binary-mipsel/mysql-server-4.1_4.1.11a-4sarge5_mipsel.deb stable/main/binary-mipsel/libmysqlclient14-dev_4.1.11a-4sarge5_mipsel.deb mysql-dfsg-4.1 (4.1.11a-4sarge5) stable-security; urgency=low * Security upload prepared for the security team by the Debian MySQL package maintainers. * Fixed DoS bug where any user could crash the server with "SELECT str_to_date(1, NULL);" (CVE-2006-3081). The vulnerability was discovered by Kanatoko . Closes: #373913 * Fixed DoS bug where any user could crash the server with "SELECT date_format('%d%s', 1); (CVE-2006-3469). The vulnerability was discovered by Maillefer Jean-David and filed as MySQL bug #20729. Closes: #375694 stable/main/binary-mips/libmysqlclient14-dev_4.1.11a-4sarge5_mips.deb stable/main/binary-mips/mysql-client-4.1_4.1.11a-4sarge5_mips.deb stable/main/binary-mips/libmysqlclient14_4.1.11a-4sarge5_mips.deb stable/main/binary-mips/mysql-server-4.1_4.1.11a-4sarge5_mips.deb mysql-dfsg-4.1 (4.1.11a-4sarge5) stable-security; urgency=low * Security upload prepared for the security team by the Debian MySQL package maintainers. * Fixed DoS bug where any user could crash the server with "SELECT str_to_date(1, NULL);" (CVE-2006-3081). The vulnerability was discovered by Kanatoko . Closes: #373913 * Fixed DoS bug where any user could crash the server with "SELECT date_format('%d%s', 1); (CVE-2006-3469). The vulnerability was discovered by Maillefer Jean-David and filed as MySQL bug #20729. Closes: #375694 stable/main/binary-m68k/mysql-client-4.1_4.1.11a-4sarge5_m68k.deb stable/main/binary-m68k/libmysqlclient14-dev_4.1.11a-4sarge5_m68k.deb stable/main/binary-m68k/mysql-server-4.1_4.1.11a-4sarge5_m68k.deb stable/main/binary-m68k/libmysqlclient14_4.1.11a-4sarge5_m68k.deb mysql-dfsg-4.1 (4.1.11a-4sarge5) stable-security; urgency=low * Security upload prepared for the security team by the Debian MySQL package maintainers. * Fixed DoS bug where any user could crash the server with "SELECT str_to_date(1, NULL);" (CVE-2006-3081). The vulnerability was discovered by Kanatoko . Closes: #373913 * Fixed DoS bug where any user could crash the server with "SELECT date_format('%d%s', 1); (CVE-2006-3469). The vulnerability was discovered by Maillefer Jean-David and filed as MySQL bug #20729. Closes: #375694 stable/main/binary-ia64/libmysqlclient14_4.1.11a-4sarge5_ia64.deb stable/main/binary-ia64/mysql-client-4.1_4.1.11a-4sarge5_ia64.deb stable/main/binary-ia64/mysql-server-4.1_4.1.11a-4sarge5_ia64.deb stable/main/binary-ia64/libmysqlclient14-dev_4.1.11a-4sarge5_ia64.deb mysql-dfsg-4.1 (4.1.11a-4sarge5) stable-security; urgency=low * Security upload prepared for the security team by the Debian MySQL package maintainers. * Fixed DoS bug where any user could crash the server with "SELECT str_to_date(1, NULL);" (CVE-2006-3081). The vulnerability was discovered by Kanatoko . Closes: #373913 * Fixed DoS bug where any user could crash the server with "SELECT date_format('%d%s', 1); (CVE-2006-3469). The vulnerability was discovered by Maillefer Jean-David and filed as MySQL bug #20729. Closes: #375694 stable/main/binary-hppa/libmysqlclient14_4.1.11a-4sarge5_hppa.deb stable/main/binary-hppa/libmysqlclient14-dev_4.1.11a-4sarge5_hppa.deb stable/main/binary-hppa/mysql-server-4.1_4.1.11a-4sarge5_hppa.deb stable/main/binary-hppa/mysql-client-4.1_4.1.11a-4sarge5_hppa.deb mysql-dfsg-4.1 (4.1.11a-4sarge5) stable-security; urgency=low * Security upload prepared for the security team by the Debian MySQL package maintainers. * Fixed DoS bug where any user could crash the server with "SELECT str_to_date(1, NULL);" (CVE-2006-3081). The vulnerability was discovered by Kanatoko . Closes: #373913 * Fixed DoS bug where any user could crash the server with "SELECT date_format('%d%s', 1); (CVE-2006-3469). The vulnerability was discovered by Maillefer Jean-David and filed as MySQL bug #20729. Closes: #375694 stable/main/binary-arm/libmysqlclient14_4.1.11a-4sarge5_arm.deb stable/main/binary-arm/mysql-server-4.1_4.1.11a-4sarge5_arm.deb stable/main/binary-arm/libmysqlclient14-dev_4.1.11a-4sarge5_arm.deb stable/main/binary-arm/mysql-client-4.1_4.1.11a-4sarge5_arm.deb mysql-dfsg-4.1 (4.1.11a-4sarge5) stable-security; urgency=low * Security upload prepared for the security team by the Debian MySQL package maintainers. * Fixed DoS bug where any user could crash the server with "SELECT str_to_date(1, NULL);" (CVE-2006-3081). The vulnerability was discovered by Kanatoko . Closes: #373913 * Fixed DoS bug where any user could crash the server with "SELECT date_format('%d%s', 1); (CVE-2006-3469). The vulnerability was discovered by Maillefer Jean-David and filed as MySQL bug #20729. Closes: #375694 stable/main/binary-alpha/libmysqlclient14_4.1.11a-4sarge5_alpha.deb stable/main/binary-alpha/mysql-client-4.1_4.1.11a-4sarge5_alpha.deb stable/main/binary-alpha/libmysqlclient14-dev_4.1.11a-4sarge5_alpha.deb stable/main/binary-alpha/mysql-server-4.1_4.1.11a-4sarge5_alpha.deb mysql-dfsg-4.1 (4.1.11a-4sarge5) stable-security; urgency=low * Security upload prepared for the security team by the Debian MySQL package maintainers. * Fixed DoS bug where any user could crash the server with "SELECT str_to_date(1, NULL);" (CVE-2006-3081). The vulnerability was discovered by Kanatoko . Closes: #373913 * Fixed DoS bug where any user could crash the server with "SELECT date_format('%d%s', 1); (CVE-2006-3469). The vulnerability was discovered by Maillefer Jean-David and filed as MySQL bug #20729. Closes: #375694 stable/main/binary-all/mysql-common-4.1_4.1.11a-4sarge5_all.deb stable/main/binary-i386/mysql-client-4.1_4.1.11a-4sarge5_i386.deb stable/main/source/mysql-dfsg-4.1_4.1.11a-4sarge5.dsc stable/main/source/mysql-dfsg-4.1_4.1.11a-4sarge5.diff.gz stable/main/binary-i386/mysql-server-4.1_4.1.11a-4sarge5_i386.deb stable/main/binary-i386/libmysqlclient14_4.1.11a-4sarge5_i386.deb stable/main/binary-i386/libmysqlclient14-dev_4.1.11a-4sarge5_i386.deb mysql-dfsg-4.1 (4.1.11a-4sarge5) stable-security; urgency=low * Security upload prepared for the security team by the Debian MySQL package maintainers. * Fixed DoS bug where any user could crash the server with "SELECT str_to_date(1, NULL);" (CVE-2006-3081). The vulnerability was discovered by Kanatoko . Closes: #373913 * Fixed DoS bug where any user could crash the server with "SELECT date_format('%d%s', 1); (CVE-2006-3469). The vulnerability was discovered by Maillefer Jean-David and filed as MySQL bug #20729. Closes: #375694 stable/main/binary-sparc/mysql-server_4.0.24-10sarge2_sparc.deb stable/main/binary-sparc/libmysqlclient12-dev_4.0.24-10sarge2_sparc.deb stable/main/binary-sparc/mysql-client_4.0.24-10sarge2_sparc.deb stable/main/binary-sparc/libmysqlclient12_4.0.24-10sarge2_sparc.deb mysql-dfsg (4.0.24-10sarge2) stable-security; urgency=low * Security upload prepared for the security team by the debian mysql package maintainers. * Extracted upstream patch to fix from the diff of 4.1.18 and 4.1.19 to fix the following bugs: - When sending a specifically malformed login packet, the server fills the response with uninitialized memory content which could contain sensitive information. (CVE-2006-1516) - An authenticated user could read random memory from MySQL server, by taking advantage of a non checked packet length. (CVE-2006-1517) - An authenticated user could remotely execute arbitrary commands by taking advantage of a stack overflow. (CVE-2006-1518) Closes: #366043, #366048 * Backported upstream patch to fix a bug which allows local users to bypass logging mechanisms via SQL queries that contain the NULL character. (CVE-2006-0903). Closes: #366162 stable/main/binary-s390/mysql-server_4.0.24-10sarge2_s390.deb stable/main/binary-s390/libmysqlclient12-dev_4.0.24-10sarge2_s390.deb stable/main/binary-s390/libmysqlclient12_4.0.24-10sarge2_s390.deb stable/main/binary-s390/mysql-client_4.0.24-10sarge2_s390.deb mysql-dfsg (4.0.24-10sarge2) stable-security; urgency=low * Security upload prepared for the security team by the debian mysql package maintainers. * Extracted upstream patch to fix from the diff of 4.1.18 and 4.1.19 to fix the following bugs: - When sending a specifically malformed login packet, the server fills the response with uninitialized memory content which could contain sensitive information. (CVE-2006-1516) - An authenticated user could read random memory from MySQL server, by taking advantage of a non checked packet length. (CVE-2006-1517) - An authenticated user could remotely execute arbitrary commands by taking advantage of a stack overflow. (CVE-2006-1518) Closes: #366043, #366048 * Backported upstream patch to fix a bug which allows local users to bypass logging mechanisms via SQL queries that contain the NULL character. (CVE-2006-0903). Closes: #366162 stable/main/binary-mipsel/mysql-server_4.0.24-10sarge2_mipsel.deb stable/main/binary-mipsel/libmysqlclient12_4.0.24-10sarge2_mipsel.deb stable/main/binary-mipsel/mysql-client_4.0.24-10sarge2_mipsel.deb stable/main/binary-mipsel/libmysqlclient12-dev_4.0.24-10sarge2_mipsel.deb mysql-dfsg (4.0.24-10sarge2) stable-security; urgency=low * Security upload prepared for the security team by the debian mysql package maintainers. * Extracted upstream patch to fix from the diff of 4.1.18 and 4.1.19 to fix the following bugs: - When sending a specifically malformed login packet, the server fills the response with uninitialized memory content which could contain sensitive information. (CVE-2006-1516) - An authenticated user could read random memory from MySQL server, by taking advantage of a non checked packet length. (CVE-2006-1517) - An authenticated user could remotely execute arbitrary commands by taking advantage of a stack overflow. (CVE-2006-1518) Closes: #366043, #366048 * Backported upstream patch to fix a bug which allows local users to bypass logging mechanisms via SQL queries that contain the NULL character. (CVE-2006-0903). Closes: #366162 stable/main/binary-mips/libmysqlclient12_4.0.24-10sarge2_mips.deb stable/main/binary-mips/mysql-client_4.0.24-10sarge2_mips.deb stable/main/binary-mips/libmysqlclient12-dev_4.0.24-10sarge2_mips.deb stable/main/binary-mips/mysql-server_4.0.24-10sarge2_mips.deb mysql-dfsg (4.0.24-10sarge2) stable-security; urgency=low * Security upload prepared for the security team by the debian mysql package maintainers. * Extracted upstream patch to fix from the diff of 4.1.18 and 4.1.19 to fix the following bugs: - When sending a specifically malformed login packet, the server fills the response with uninitialized memory content which could contain sensitive information. (CVE-2006-1516) - An authenticated user could read random memory from MySQL server, by taking advantage of a non checked packet length. (CVE-2006-1517) - An authenticated user could remotely execute arbitrary commands by taking advantage of a stack overflow. (CVE-2006-1518) Closes: #366043, #366048 * Backported upstream patch to fix a bug which allows local users to bypass logging mechanisms via SQL queries that contain the NULL character. (CVE-2006-0903). Closes: #366162 stable/main/binary-m68k/libmysqlclient12-dev_4.0.24-10sarge2_m68k.deb stable/main/binary-m68k/mysql-client_4.0.24-10sarge2_m68k.deb stable/main/binary-m68k/libmysqlclient12_4.0.24-10sarge2_m68k.deb stable/main/binary-m68k/mysql-server_4.0.24-10sarge2_m68k.deb mysql-dfsg (4.0.24-10sarge2) stable-security; urgency=low * Security upload prepared for the security team by the debian mysql package maintainers. * Extracted upstream patch to fix from the diff of 4.1.18 and 4.1.19 to fix the following bugs: - When sending a specifically malformed login packet, the server fills the response with uninitialized memory content which could contain sensitive information. (CVE-2006-1516) - An authenticated user could read random memory from MySQL server, by taking advantage of a non checked packet length. (CVE-2006-1517) - An authenticated user could remotely execute arbitrary commands by taking advantage of a stack overflow. (CVE-2006-1518) Closes: #366043, #366048 * Backported upstream patch to fix a bug which allows local users to bypass logging mechanisms via SQL queries that contain the NULL character. (CVE-2006-0903). Closes: #366162 stable/main/binary-ia64/mysql-client_4.0.24-10sarge2_ia64.deb stable/main/binary-ia64/mysql-server_4.0.24-10sarge2_ia64.deb stable/main/binary-ia64/libmysqlclient12_4.0.24-10sarge2_ia64.deb stable/main/binary-ia64/libmysqlclient12-dev_4.0.24-10sarge2_ia64.deb mysql-dfsg (4.0.24-10sarge2) stable-security; urgency=low * Security upload prepared for the security team by the debian mysql package maintainers. * Extracted upstream patch to fix from the diff of 4.1.18 and 4.1.19 to fix the following bugs: - When sending a specifically malformed login packet, the server fills the response with uninitialized memory content which could contain sensitive information. (CVE-2006-1516) - An authenticated user could read random memory from MySQL server, by taking advantage of a non checked packet length. (CVE-2006-1517) - An authenticated user could remotely execute arbitrary commands by taking advantage of a stack overflow. (CVE-2006-1518) Closes: #366043, #366048 * Backported upstream patch to fix a bug which allows local users to bypass logging mechanisms via SQL queries that contain the NULL character. (CVE-2006-0903). Closes: #366162 stable/main/binary-i386/mysql-server_4.0.24-10sarge2_i386.deb stable/main/binary-i386/libmysqlclient12-dev_4.0.24-10sarge2_i386.deb stable/main/binary-i386/mysql-client_4.0.24-10sarge2_i386.deb stable/main/binary-i386/libmysqlclient12_4.0.24-10sarge2_i386.deb mysql-dfsg (4.0.24-10sarge2) stable-security; urgency=low * Security upload prepared for the security team by the debian mysql package maintainers. * Extracted upstream patch to fix from the diff of 4.1.18 and 4.1.19 to fix the following bugs: - When sending a specifically malformed login packet, the server fills the response with uninitialized memory content which could contain sensitive information. (CVE-2006-1516) - An authenticated user could read random memory from MySQL server, by taking advantage of a non checked packet length. (CVE-2006-1517) - An authenticated user could remotely execute arbitrary commands by taking advantage of a stack overflow. (CVE-2006-1518) Closes: #366043, #366048 * Backported upstream patch to fix a bug which allows local users to bypass logging mechanisms via SQL queries that contain the NULL character. (CVE-2006-0903). Closes: #366162 stable/main/binary-hppa/mysql-client_4.0.24-10sarge2_hppa.deb stable/main/binary-hppa/libmysqlclient12-dev_4.0.24-10sarge2_hppa.deb stable/main/binary-hppa/libmysqlclient12_4.0.24-10sarge2_hppa.deb stable/main/binary-hppa/mysql-server_4.0.24-10sarge2_hppa.deb mysql-dfsg (4.0.24-10sarge2) stable-security; urgency=low * Security upload prepared for the security team by the debian mysql package maintainers. * Extracted upstream patch to fix from the diff of 4.1.18 and 4.1.19 to fix the following bugs: - When sending a specifically malformed login packet, the server fills the response with uninitialized memory content which could contain sensitive information. (CVE-2006-1516) - An authenticated user could read random memory from MySQL server, by taking advantage of a non checked packet length. (CVE-2006-1517) - An authenticated user could remotely execute arbitrary commands by taking advantage of a stack overflow. (CVE-2006-1518) Closes: #366043, #366048 * Backported upstream patch to fix a bug which allows local users to bypass logging mechanisms via SQL queries that contain the NULL character. (CVE-2006-0903). Closes: #366162 stable/main/binary-arm/libmysqlclient12-dev_4.0.24-10sarge2_arm.deb stable/main/binary-arm/mysql-server_4.0.24-10sarge2_arm.deb stable/main/binary-arm/libmysqlclient12_4.0.24-10sarge2_arm.deb stable/main/binary-arm/mysql-client_4.0.24-10sarge2_arm.deb mysql-dfsg (4.0.24-10sarge2) stable-security; urgency=low * Security upload prepared for the security team by the debian mysql package maintainers. * Extracted upstream patch to fix from the diff of 4.1.18 and 4.1.19 to fix the following bugs: - When sending a specifically malformed login packet, the server fills the response with uninitialized memory content which could contain sensitive information. (CVE-2006-1516) - An authenticated user could read random memory from MySQL server, by taking advantage of a non checked packet length. (CVE-2006-1517) - An authenticated user could remotely execute arbitrary commands by taking advantage of a stack overflow. (CVE-2006-1518) Closes: #366043, #366048 * Backported upstream patch to fix a bug which allows local users to bypass logging mechanisms via SQL queries that contain the NULL character. (CVE-2006-0903). Closes: #366162 stable/main/binary-alpha/libmysqlclient12-dev_4.0.24-10sarge2_alpha.deb stable/main/binary-alpha/mysql-client_4.0.24-10sarge2_alpha.deb stable/main/binary-alpha/libmysqlclient12_4.0.24-10sarge2_alpha.deb stable/main/binary-alpha/mysql-server_4.0.24-10sarge2_alpha.deb mysql-dfsg (4.0.24-10sarge2) stable-security; urgency=low * Security upload prepared for the security team by the debian mysql package maintainers. * Extracted upstream patch to fix from the diff of 4.1.18 and 4.1.19 to fix the following bugs: - When sending a specifically malformed login packet, the server fills the response with uninitialized memory content which could contain sensitive information. (CVE-2006-1516) - An authenticated user could read random memory from MySQL server, by taking advantage of a non checked packet length. (CVE-2006-1517) - An authenticated user could remotely execute arbitrary commands by taking advantage of a stack overflow. (CVE-2006-1518) Closes: #366043, #366048 * Backported upstream patch to fix a bug which allows local users to bypass logging mechanisms via SQL queries that contain the NULL character. (CVE-2006-0903). Closes: #366162 stable/main/source/mysql-dfsg_4.0.24-10sarge2.diff.gz stable/main/binary-powerpc/mysql-client_4.0.24-10sarge2_powerpc.deb stable/main/binary-powerpc/libmysqlclient12_4.0.24-10sarge2_powerpc.deb stable/main/source/mysql-dfsg_4.0.24-10sarge2.dsc stable/main/binary-powerpc/libmysqlclient12-dev_4.0.24-10sarge2_powerpc.deb stable/main/binary-all/mysql-common_4.0.24-10sarge2_all.deb stable/main/binary-powerpc/mysql-server_4.0.24-10sarge2_powerpc.deb mysql-dfsg (4.0.24-10sarge2) stable-security; urgency=low * Security upload prepared for the security team by the debian mysql package maintainers. * Extracted upstream patch to fix from the diff of 4.1.18 and 4.1.19 to fix the following bugs: - When sending a specifically malformed login packet, the server fills the response with uninitialized memory content which could contain sensitive information. (CVE-2006-1516) - An authenticated user could read random memory from MySQL server, by taking advantage of a non checked packet length. (CVE-2006-1517) - An authenticated user could remotely execute arbitrary commands by taking advantage of a stack overflow. (CVE-2006-1518) Closes: #366043, #366048 * Backported upstream patch to fix a bug which allows local users to bypass logging mechanisms via SQL queries that contain the NULL character. (CVE-2006-0903). Closes: #366162 stable/main/binary-sparc/mutt_1.5.9-2sarge2_sparc.deb mutt (1.5.9-2sarge2) stable-security; urgency=high * Fix buffer overflow in IMAP parsing code stable/main/binary-s390/mutt_1.5.9-2sarge2_s390.deb mutt (1.5.9-2sarge2) stable-security; urgency=high * Fix buffer overflow in IMAP parsing code stable/main/binary-powerpc/mutt_1.5.9-2sarge2_powerpc.deb mutt (1.5.9-2sarge2) stable-security; urgency=high * Fix buffer overflow in IMAP parsing code stable/main/binary-mipsel/mutt_1.5.9-2sarge2_mipsel.deb mutt (1.5.9-2sarge2) stable-security; urgency=high * Fix buffer overflow in IMAP parsing code stable/main/binary-mips/mutt_1.5.9-2sarge2_mips.deb mutt (1.5.9-2sarge2) stable-security; urgency=high * Fix buffer overflow in IMAP parsing code stable/main/binary-m68k/mutt_1.5.9-2sarge2_m68k.deb mutt (1.5.9-2sarge2) stable-security; urgency=high * Fix buffer overflow in IMAP parsing code stable/main/binary-ia64/mutt_1.5.9-2sarge2_ia64.deb mutt (1.5.9-2sarge2) stable-security; urgency=high * Fix buffer overflow in IMAP parsing code stable/main/binary-hppa/mutt_1.5.9-2sarge2_hppa.deb mutt (1.5.9-2sarge2) stable-security; urgency=high * Fix buffer overflow in IMAP parsing code stable/main/binary-arm/mutt_1.5.9-2sarge2_arm.deb mutt (1.5.9-2sarge2) stable-security; urgency=high * Fix buffer overflow in IMAP parsing code stable/main/binary-alpha/mutt_1.5.9-2sarge2_alpha.deb mutt (1.5.9-2sarge2) stable-security; urgency=high * Fix buffer overflow in IMAP parsing code stable/main/binary-i386/mutt_1.5.9-2sarge2_i386.deb stable/main/source/mutt_1.5.9-2sarge2.diff.gz stable/main/source/mutt_1.5.9-2sarge2.dsc mutt (1.5.9-2sarge2) stable-security; urgency=high * Fix buffer overflow in IMAP parsing code stable/non-free/binary-i386/mpg123-oss-i486_0.59r-20sarge1_i386.deb stable/non-free/binary-powerpc/mpg123-esd_0.59r-20sarge1_powerpc.deb stable/non-free/source/mpg123_0.59r-20sarge1.dsc stable/non-free/binary-hppa/mpg123_0.59r-20sarge1_hppa.deb stable/non-free/binary-i386/mpg123-nas_0.59r-20sarge1_i386.deb stable/non-free/binary-sparc/mpg123_0.59r-20sarge1_sparc.deb stable/non-free/binary-alpha/mpg123-esd_0.59r-20sarge1_alpha.deb stable/non-free/binary-powerpc/mpg123_0.59r-20sarge1_powerpc.deb stable/non-free/binary-i386/mpg123_0.59r-20sarge1_i386.deb stable/non-free/binary-alpha/mpg123_0.59r-20sarge1_alpha.deb stable/non-free/binary-arm/mpg123_0.59r-20sarge1_arm.deb stable/non-free/source/mpg123_0.59r-20sarge1.diff.gz stable/non-free/binary-m68k/mpg123_0.59r-20sarge1_m68k.deb stable/non-free/binary-i386/mpg123-esd_0.59r-20sarge1_i386.deb stable/non-free/binary-i386/mpg123-oss-3dnow_0.59r-20sarge1_i386.deb mpg123 (0.59r-20sarge1) stable-security; urgency=high * layer3.c: Fix buffer overflow in III_i_stereo() (CVE-2006-1655). Closes: #361863 stable/main/binary-sparc/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8b.1_sparc.deb stable/main/binary-sparc/mozilla-thunderbird_1.0.2-2.sarge1.0.8b.1_sparc.deb stable/main/binary-sparc/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8b.1_sparc.deb stable/main/binary-sparc/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8b.1_sparc.deb stable/main/binary-sparc/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8b.1_sparc.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8b.1) stable-security; urgency=critical Patches listed below are in debian/patches/tbird-1.0.8a-1.0.8b * regression fixes: + 0003-regression-343713-was-introduced-by-fix-for-mfsa2006-31-336601.txt + 0004-regression-336875-was-introduced-by-fix-for-mfsa2006-31-336601.txt * late security patches left out in 2:1.7.8-1sarge7.1 CVE-2006-2779 (Issue 2/6) aka mfsa2006-32 (Part 2/7) + 0001-mfsa2006-32-325730-329982-Part-2-7.txt + 0002-mfsa2006-32-325730-329982-Part-2-7.txt * new security patches: CVE-2006-3805 (mfsa2006-50 Part 1) comprises 4 issues whose patches are: + 338804 - 0005-CVE-2006-3805-mfsa2006-50-Part-1-2-338804-Part-1-4.txt + 340129 - 0006-CVE-2006-3805-mfsa2006-50-Part-1-2-340129-Part-2-4.txt + 341877 - 0007-CVE-2006-3805-mfsa2006-50-Part-1-2-341877-Part-3-4.txt + 341956 - 0008-CVE-2006-3805-mfsa2006-50-Part-1-2-341956-Part-4-4.txt CVE-2006-3806 (mfsa2006-50 Part 2) comprises 4 issues: + 336409 - 0009-CVE-2006-3806-mfsa2006-50-Part-2-2-336409-Part-1-5.txt + 336410 - 0010-CVE-2006-3806-mfsa2006-50-Part-2-2-336410-Part-2-5.txt + 338001 - 0011-CVE-2006-3806-mfsa2006-50-Part-2-2-338001-Part-3-5.txt + 338121 - 0012-CVE-2006-3806-mfsa2006-50-Part-2-2-338121-Part-4-5.txt + 342960 - 0013-CVE-2006-3806-mfsa2006-50-Part-2-2-342960-Part-5-5.txt CVE-2006-3807 (mfsa2006-51) comprises 1 issue: + 340727 - 0014-CVE-2006-3807-mfsa2006-51-340727.txt CVE-2006-3808 (mfsa2006-52) comprises 1 issue: + 337389 - 0015-CVE-2006-3808-mfsa2006-52-337389.txt CVE-2006-3809 (mfsa2006-53) comprises 1 issue: + 340107 - 0016-CVE-2006-3809-mfsa2006-53-340107.txt CVE-2006-3810 (mfsa2006-55) comprises 6 issue: + 284219 - 0017-CVE-2006-3811-mfsa2006-55-284219-Part-1-6.txt + 329900 - 0018-CVE-2006-3811-mfsa2006-55-329900-Part-2-6.txt + 331679 - 0019-CVE-2006-3811-mfsa2006-55-331679-Part-3-6.txt + 336162 - 0020-CVE-2006-3811-mfsa2006-55-336162-Part-4-6.txt - 0023-CVE-2006-3811-mfsa2006-55-336162-Part-4-6-2nd-bits.txt + 337462 - 0021-CVE-2006-3811-mfsa2006-55-337462-Part-5-6.txt + 338129 - 0022-CVE-2006-3811-mfsa2006-55-338129-Part-6-6.txt stable/main/binary-s390/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8b.1_s390.deb stable/main/binary-s390/mozilla-thunderbird_1.0.2-2.sarge1.0.8b.1_s390.deb stable/main/binary-s390/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8b.1_s390.deb stable/main/binary-s390/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8b.1_s390.deb stable/main/binary-s390/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8b.1_s390.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8b.1) stable-security; urgency=critical Patches listed below are in debian/patches/tbird-1.0.8a-1.0.8b * regression fixes: + 0003-regression-343713-was-introduced-by-fix-for-mfsa2006-31-336601.txt + 0004-regression-336875-was-introduced-by-fix-for-mfsa2006-31-336601.txt * late security patches left out in 2:1.7.8-1sarge7.1 CVE-2006-2779 (Issue 2/6) aka mfsa2006-32 (Part 2/7) + 0001-mfsa2006-32-325730-329982-Part-2-7.txt + 0002-mfsa2006-32-325730-329982-Part-2-7.txt * new security patches: CVE-2006-3805 (mfsa2006-50 Part 1) comprises 4 issues whose patches are: + 338804 - 0005-CVE-2006-3805-mfsa2006-50-Part-1-2-338804-Part-1-4.txt + 340129 - 0006-CVE-2006-3805-mfsa2006-50-Part-1-2-340129-Part-2-4.txt + 341877 - 0007-CVE-2006-3805-mfsa2006-50-Part-1-2-341877-Part-3-4.txt + 341956 - 0008-CVE-2006-3805-mfsa2006-50-Part-1-2-341956-Part-4-4.txt CVE-2006-3806 (mfsa2006-50 Part 2) comprises 4 issues: + 336409 - 0009-CVE-2006-3806-mfsa2006-50-Part-2-2-336409-Part-1-5.txt + 336410 - 0010-CVE-2006-3806-mfsa2006-50-Part-2-2-336410-Part-2-5.txt + 338001 - 0011-CVE-2006-3806-mfsa2006-50-Part-2-2-338001-Part-3-5.txt + 338121 - 0012-CVE-2006-3806-mfsa2006-50-Part-2-2-338121-Part-4-5.txt + 342960 - 0013-CVE-2006-3806-mfsa2006-50-Part-2-2-342960-Part-5-5.txt CVE-2006-3807 (mfsa2006-51) comprises 1 issue: + 340727 - 0014-CVE-2006-3807-mfsa2006-51-340727.txt CVE-2006-3808 (mfsa2006-52) comprises 1 issue: + 337389 - 0015-CVE-2006-3808-mfsa2006-52-337389.txt CVE-2006-3809 (mfsa2006-53) comprises 1 issue: + 340107 - 0016-CVE-2006-3809-mfsa2006-53-340107.txt CVE-2006-3810 (mfsa2006-55) comprises 6 issue: + 284219 - 0017-CVE-2006-3811-mfsa2006-55-284219-Part-1-6.txt + 329900 - 0018-CVE-2006-3811-mfsa2006-55-329900-Part-2-6.txt + 331679 - 0019-CVE-2006-3811-mfsa2006-55-331679-Part-3-6.txt + 336162 - 0020-CVE-2006-3811-mfsa2006-55-336162-Part-4-6.txt - 0023-CVE-2006-3811-mfsa2006-55-336162-Part-4-6-2nd-bits.txt + 337462 - 0021-CVE-2006-3811-mfsa2006-55-337462-Part-5-6.txt + 338129 - 0022-CVE-2006-3811-mfsa2006-55-338129-Part-6-6.txt stable/main/binary-powerpc/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8b.1_powerpc.deb stable/main/binary-powerpc/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8b.1_powerpc.deb stable/main/binary-powerpc/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8b.1_powerpc.deb stable/main/binary-powerpc/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8b.1_powerpc.deb stable/main/binary-powerpc/mozilla-thunderbird_1.0.2-2.sarge1.0.8b.1_powerpc.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8b.1) stable-security; urgency=critical Patches listed below are in debian/patches/tbird-1.0.8a-1.0.8b * regression fixes: + 0003-regression-343713-was-introduced-by-fix-for-mfsa2006-31-336601.txt + 0004-regression-336875-was-introduced-by-fix-for-mfsa2006-31-336601.txt * late security patches left out in 2:1.7.8-1sarge7.1 CVE-2006-2779 (Issue 2/6) aka mfsa2006-32 (Part 2/7) + 0001-mfsa2006-32-325730-329982-Part-2-7.txt + 0002-mfsa2006-32-325730-329982-Part-2-7.txt * new security patches: CVE-2006-3805 (mfsa2006-50 Part 1) comprises 4 issues whose patches are: + 338804 - 0005-CVE-2006-3805-mfsa2006-50-Part-1-2-338804-Part-1-4.txt + 340129 - 0006-CVE-2006-3805-mfsa2006-50-Part-1-2-340129-Part-2-4.txt + 341877 - 0007-CVE-2006-3805-mfsa2006-50-Part-1-2-341877-Part-3-4.txt + 341956 - 0008-CVE-2006-3805-mfsa2006-50-Part-1-2-341956-Part-4-4.txt CVE-2006-3806 (mfsa2006-50 Part 2) comprises 4 issues: + 336409 - 0009-CVE-2006-3806-mfsa2006-50-Part-2-2-336409-Part-1-5.txt + 336410 - 0010-CVE-2006-3806-mfsa2006-50-Part-2-2-336410-Part-2-5.txt + 338001 - 0011-CVE-2006-3806-mfsa2006-50-Part-2-2-338001-Part-3-5.txt + 338121 - 0012-CVE-2006-3806-mfsa2006-50-Part-2-2-338121-Part-4-5.txt + 342960 - 0013-CVE-2006-3806-mfsa2006-50-Part-2-2-342960-Part-5-5.txt CVE-2006-3807 (mfsa2006-51) comprises 1 issue: + 340727 - 0014-CVE-2006-3807-mfsa2006-51-340727.txt CVE-2006-3808 (mfsa2006-52) comprises 1 issue: + 337389 - 0015-CVE-2006-3808-mfsa2006-52-337389.txt CVE-2006-3809 (mfsa2006-53) comprises 1 issue: + 340107 - 0016-CVE-2006-3809-mfsa2006-53-340107.txt CVE-2006-3810 (mfsa2006-55) comprises 6 issue: + 284219 - 0017-CVE-2006-3811-mfsa2006-55-284219-Part-1-6.txt + 329900 - 0018-CVE-2006-3811-mfsa2006-55-329900-Part-2-6.txt + 331679 - 0019-CVE-2006-3811-mfsa2006-55-331679-Part-3-6.txt + 336162 - 0020-CVE-2006-3811-mfsa2006-55-336162-Part-4-6.txt - 0023-CVE-2006-3811-mfsa2006-55-336162-Part-4-6-2nd-bits.txt + 337462 - 0021-CVE-2006-3811-mfsa2006-55-337462-Part-5-6.txt + 338129 - 0022-CVE-2006-3811-mfsa2006-55-338129-Part-6-6.txt stable/main/binary-mipsel/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8b.1_mipsel.deb stable/main/binary-mipsel/mozilla-thunderbird_1.0.2-2.sarge1.0.8b.1_mipsel.deb stable/main/binary-mipsel/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8b.1_mipsel.deb stable/main/binary-mipsel/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8b.1_mipsel.deb stable/main/binary-mipsel/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8b.1_mipsel.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8b.1) stable-security; urgency=critical Patches listed below are in debian/patches/tbird-1.0.8a-1.0.8b * regression fixes: + 0003-regression-343713-was-introduced-by-fix-for-mfsa2006-31-336601.txt + 0004-regression-336875-was-introduced-by-fix-for-mfsa2006-31-336601.txt * late security patches left out in 2:1.7.8-1sarge7.1 CVE-2006-2779 (Issue 2/6) aka mfsa2006-32 (Part 2/7) + 0001-mfsa2006-32-325730-329982-Part-2-7.txt + 0002-mfsa2006-32-325730-329982-Part-2-7.txt * new security patches: CVE-2006-3805 (mfsa2006-50 Part 1) comprises 4 issues whose patches are: + 338804 - 0005-CVE-2006-3805-mfsa2006-50-Part-1-2-338804-Part-1-4.txt + 340129 - 0006-CVE-2006-3805-mfsa2006-50-Part-1-2-340129-Part-2-4.txt + 341877 - 0007-CVE-2006-3805-mfsa2006-50-Part-1-2-341877-Part-3-4.txt + 341956 - 0008-CVE-2006-3805-mfsa2006-50-Part-1-2-341956-Part-4-4.txt CVE-2006-3806 (mfsa2006-50 Part 2) comprises 4 issues: + 336409 - 0009-CVE-2006-3806-mfsa2006-50-Part-2-2-336409-Part-1-5.txt + 336410 - 0010-CVE-2006-3806-mfsa2006-50-Part-2-2-336410-Part-2-5.txt + 338001 - 0011-CVE-2006-3806-mfsa2006-50-Part-2-2-338001-Part-3-5.txt + 338121 - 0012-CVE-2006-3806-mfsa2006-50-Part-2-2-338121-Part-4-5.txt + 342960 - 0013-CVE-2006-3806-mfsa2006-50-Part-2-2-342960-Part-5-5.txt CVE-2006-3807 (mfsa2006-51) comprises 1 issue: + 340727 - 0014-CVE-2006-3807-mfsa2006-51-340727.txt CVE-2006-3808 (mfsa2006-52) comprises 1 issue: + 337389 - 0015-CVE-2006-3808-mfsa2006-52-337389.txt CVE-2006-3809 (mfsa2006-53) comprises 1 issue: + 340107 - 0016-CVE-2006-3809-mfsa2006-53-340107.txt CVE-2006-3810 (mfsa2006-55) comprises 6 issue: + 284219 - 0017-CVE-2006-3811-mfsa2006-55-284219-Part-1-6.txt + 329900 - 0018-CVE-2006-3811-mfsa2006-55-329900-Part-2-6.txt + 331679 - 0019-CVE-2006-3811-mfsa2006-55-331679-Part-3-6.txt + 336162 - 0020-CVE-2006-3811-mfsa2006-55-336162-Part-4-6.txt - 0023-CVE-2006-3811-mfsa2006-55-336162-Part-4-6-2nd-bits.txt + 337462 - 0021-CVE-2006-3811-mfsa2006-55-337462-Part-5-6.txt + 338129 - 0022-CVE-2006-3811-mfsa2006-55-338129-Part-6-6.txt stable/main/binary-mips/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8b.1_mips.deb stable/main/binary-mips/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8b.1_mips.deb stable/main/binary-mips/mozilla-thunderbird_1.0.2-2.sarge1.0.8b.1_mips.deb stable/main/binary-mips/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8b.1_mips.deb stable/main/binary-mips/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8b.1_mips.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8b.1) stable-security; urgency=critical Patches listed below are in debian/patches/tbird-1.0.8a-1.0.8b * regression fixes: + 0003-regression-343713-was-introduced-by-fix-for-mfsa2006-31-336601.txt + 0004-regression-336875-was-introduced-by-fix-for-mfsa2006-31-336601.txt * late security patches left out in 2:1.7.8-1sarge7.1 CVE-2006-2779 (Issue 2/6) aka mfsa2006-32 (Part 2/7) + 0001-mfsa2006-32-325730-329982-Part-2-7.txt + 0002-mfsa2006-32-325730-329982-Part-2-7.txt * new security patches: CVE-2006-3805 (mfsa2006-50 Part 1) comprises 4 issues whose patches are: + 338804 - 0005-CVE-2006-3805-mfsa2006-50-Part-1-2-338804-Part-1-4.txt + 340129 - 0006-CVE-2006-3805-mfsa2006-50-Part-1-2-340129-Part-2-4.txt + 341877 - 0007-CVE-2006-3805-mfsa2006-50-Part-1-2-341877-Part-3-4.txt + 341956 - 0008-CVE-2006-3805-mfsa2006-50-Part-1-2-341956-Part-4-4.txt CVE-2006-3806 (mfsa2006-50 Part 2) comprises 4 issues: + 336409 - 0009-CVE-2006-3806-mfsa2006-50-Part-2-2-336409-Part-1-5.txt + 336410 - 0010-CVE-2006-3806-mfsa2006-50-Part-2-2-336410-Part-2-5.txt + 338001 - 0011-CVE-2006-3806-mfsa2006-50-Part-2-2-338001-Part-3-5.txt + 338121 - 0012-CVE-2006-3806-mfsa2006-50-Part-2-2-338121-Part-4-5.txt + 342960 - 0013-CVE-2006-3806-mfsa2006-50-Part-2-2-342960-Part-5-5.txt CVE-2006-3807 (mfsa2006-51) comprises 1 issue: + 340727 - 0014-CVE-2006-3807-mfsa2006-51-340727.txt CVE-2006-3808 (mfsa2006-52) comprises 1 issue: + 337389 - 0015-CVE-2006-3808-mfsa2006-52-337389.txt CVE-2006-3809 (mfsa2006-53) comprises 1 issue: + 340107 - 0016-CVE-2006-3809-mfsa2006-53-340107.txt CVE-2006-3810 (mfsa2006-55) comprises 6 issue: + 284219 - 0017-CVE-2006-3811-mfsa2006-55-284219-Part-1-6.txt + 329900 - 0018-CVE-2006-3811-mfsa2006-55-329900-Part-2-6.txt + 331679 - 0019-CVE-2006-3811-mfsa2006-55-331679-Part-3-6.txt + 336162 - 0020-CVE-2006-3811-mfsa2006-55-336162-Part-4-6.txt - 0023-CVE-2006-3811-mfsa2006-55-336162-Part-4-6-2nd-bits.txt + 337462 - 0021-CVE-2006-3811-mfsa2006-55-337462-Part-5-6.txt + 338129 - 0022-CVE-2006-3811-mfsa2006-55-338129-Part-6-6.txt stable/main/binary-m68k/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8b.1_m68k.deb stable/main/binary-m68k/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8b.1_m68k.deb stable/main/binary-m68k/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8b.1_m68k.deb stable/main/binary-m68k/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8b.1_m68k.deb stable/main/binary-m68k/mozilla-thunderbird_1.0.2-2.sarge1.0.8b.1_m68k.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8b.1) stable-security; urgency=critical Patches listed below are in debian/patches/tbird-1.0.8a-1.0.8b * regression fixes: + 0003-regression-343713-was-introduced-by-fix-for-mfsa2006-31-336601.txt + 0004-regression-336875-was-introduced-by-fix-for-mfsa2006-31-336601.txt * late security patches left out in 2:1.7.8-1sarge7.1 CVE-2006-2779 (Issue 2/6) aka mfsa2006-32 (Part 2/7) + 0001-mfsa2006-32-325730-329982-Part-2-7.txt + 0002-mfsa2006-32-325730-329982-Part-2-7.txt * new security patches: CVE-2006-3805 (mfsa2006-50 Part 1) comprises 4 issues whose patches are: + 338804 - 0005-CVE-2006-3805-mfsa2006-50-Part-1-2-338804-Part-1-4.txt + 340129 - 0006-CVE-2006-3805-mfsa2006-50-Part-1-2-340129-Part-2-4.txt + 341877 - 0007-CVE-2006-3805-mfsa2006-50-Part-1-2-341877-Part-3-4.txt + 341956 - 0008-CVE-2006-3805-mfsa2006-50-Part-1-2-341956-Part-4-4.txt CVE-2006-3806 (mfsa2006-50 Part 2) comprises 4 issues: + 336409 - 0009-CVE-2006-3806-mfsa2006-50-Part-2-2-336409-Part-1-5.txt + 336410 - 0010-CVE-2006-3806-mfsa2006-50-Part-2-2-336410-Part-2-5.txt + 338001 - 0011-CVE-2006-3806-mfsa2006-50-Part-2-2-338001-Part-3-5.txt + 338121 - 0012-CVE-2006-3806-mfsa2006-50-Part-2-2-338121-Part-4-5.txt + 342960 - 0013-CVE-2006-3806-mfsa2006-50-Part-2-2-342960-Part-5-5.txt CVE-2006-3807 (mfsa2006-51) comprises 1 issue: + 340727 - 0014-CVE-2006-3807-mfsa2006-51-340727.txt CVE-2006-3808 (mfsa2006-52) comprises 1 issue: + 337389 - 0015-CVE-2006-3808-mfsa2006-52-337389.txt CVE-2006-3809 (mfsa2006-53) comprises 1 issue: + 340107 - 0016-CVE-2006-3809-mfsa2006-53-340107.txt CVE-2006-3810 (mfsa2006-55) comprises 6 issue: + 284219 - 0017-CVE-2006-3811-mfsa2006-55-284219-Part-1-6.txt + 329900 - 0018-CVE-2006-3811-mfsa2006-55-329900-Part-2-6.txt + 331679 - 0019-CVE-2006-3811-mfsa2006-55-331679-Part-3-6.txt + 336162 - 0020-CVE-2006-3811-mfsa2006-55-336162-Part-4-6.txt - 0023-CVE-2006-3811-mfsa2006-55-336162-Part-4-6-2nd-bits.txt + 337462 - 0021-CVE-2006-3811-mfsa2006-55-337462-Part-5-6.txt + 338129 - 0022-CVE-2006-3811-mfsa2006-55-338129-Part-6-6.txt stable/main/binary-ia64/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8b.1_ia64.deb stable/main/binary-ia64/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8b.1_ia64.deb stable/main/binary-ia64/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8b.1_ia64.deb stable/main/binary-ia64/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8b.1_ia64.deb stable/main/binary-ia64/mozilla-thunderbird_1.0.2-2.sarge1.0.8b.1_ia64.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8b.1) stable-security; urgency=critical Patches listed below are in debian/patches/tbird-1.0.8a-1.0.8b * regression fixes: + 0003-regression-343713-was-introduced-by-fix-for-mfsa2006-31-336601.txt + 0004-regression-336875-was-introduced-by-fix-for-mfsa2006-31-336601.txt * late security patches left out in 2:1.7.8-1sarge7.1 CVE-2006-2779 (Issue 2/6) aka mfsa2006-32 (Part 2/7) + 0001-mfsa2006-32-325730-329982-Part-2-7.txt + 0002-mfsa2006-32-325730-329982-Part-2-7.txt * new security patches: CVE-2006-3805 (mfsa2006-50 Part 1) comprises 4 issues whose patches are: + 338804 - 0005-CVE-2006-3805-mfsa2006-50-Part-1-2-338804-Part-1-4.txt + 340129 - 0006-CVE-2006-3805-mfsa2006-50-Part-1-2-340129-Part-2-4.txt + 341877 - 0007-CVE-2006-3805-mfsa2006-50-Part-1-2-341877-Part-3-4.txt + 341956 - 0008-CVE-2006-3805-mfsa2006-50-Part-1-2-341956-Part-4-4.txt CVE-2006-3806 (mfsa2006-50 Part 2) comprises 4 issues: + 336409 - 0009-CVE-2006-3806-mfsa2006-50-Part-2-2-336409-Part-1-5.txt + 336410 - 0010-CVE-2006-3806-mfsa2006-50-Part-2-2-336410-Part-2-5.txt + 338001 - 0011-CVE-2006-3806-mfsa2006-50-Part-2-2-338001-Part-3-5.txt + 338121 - 0012-CVE-2006-3806-mfsa2006-50-Part-2-2-338121-Part-4-5.txt + 342960 - 0013-CVE-2006-3806-mfsa2006-50-Part-2-2-342960-Part-5-5.txt CVE-2006-3807 (mfsa2006-51) comprises 1 issue: + 340727 - 0014-CVE-2006-3807-mfsa2006-51-340727.txt CVE-2006-3808 (mfsa2006-52) comprises 1 issue: + 337389 - 0015-CVE-2006-3808-mfsa2006-52-337389.txt CVE-2006-3809 (mfsa2006-53) comprises 1 issue: + 340107 - 0016-CVE-2006-3809-mfsa2006-53-340107.txt CVE-2006-3810 (mfsa2006-55) comprises 6 issue: + 284219 - 0017-CVE-2006-3811-mfsa2006-55-284219-Part-1-6.txt + 329900 - 0018-CVE-2006-3811-mfsa2006-55-329900-Part-2-6.txt + 331679 - 0019-CVE-2006-3811-mfsa2006-55-331679-Part-3-6.txt + 336162 - 0020-CVE-2006-3811-mfsa2006-55-336162-Part-4-6.txt - 0023-CVE-2006-3811-mfsa2006-55-336162-Part-4-6-2nd-bits.txt + 337462 - 0021-CVE-2006-3811-mfsa2006-55-337462-Part-5-6.txt + 338129 - 0022-CVE-2006-3811-mfsa2006-55-338129-Part-6-6.txt stable/main/binary-hppa/mozilla-thunderbird_1.0.2-2.sarge1.0.8b.1_hppa.deb stable/main/binary-hppa/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8b.1_hppa.deb stable/main/binary-hppa/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8b.1_hppa.deb stable/main/binary-hppa/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8b.1_hppa.deb stable/main/binary-hppa/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8b.1_hppa.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8b.1) stable-security; urgency=critical Patches listed below are in debian/patches/tbird-1.0.8a-1.0.8b * regression fixes: + 0003-regression-343713-was-introduced-by-fix-for-mfsa2006-31-336601.txt + 0004-regression-336875-was-introduced-by-fix-for-mfsa2006-31-336601.txt * late security patches left out in 2:1.7.8-1sarge7.1 CVE-2006-2779 (Issue 2/6) aka mfsa2006-32 (Part 2/7) + 0001-mfsa2006-32-325730-329982-Part-2-7.txt + 0002-mfsa2006-32-325730-329982-Part-2-7.txt * new security patches: CVE-2006-3805 (mfsa2006-50 Part 1) comprises 4 issues whose patches are: + 338804 - 0005-CVE-2006-3805-mfsa2006-50-Part-1-2-338804-Part-1-4.txt + 340129 - 0006-CVE-2006-3805-mfsa2006-50-Part-1-2-340129-Part-2-4.txt + 341877 - 0007-CVE-2006-3805-mfsa2006-50-Part-1-2-341877-Part-3-4.txt + 341956 - 0008-CVE-2006-3805-mfsa2006-50-Part-1-2-341956-Part-4-4.txt CVE-2006-3806 (mfsa2006-50 Part 2) comprises 4 issues: + 336409 - 0009-CVE-2006-3806-mfsa2006-50-Part-2-2-336409-Part-1-5.txt + 336410 - 0010-CVE-2006-3806-mfsa2006-50-Part-2-2-336410-Part-2-5.txt + 338001 - 0011-CVE-2006-3806-mfsa2006-50-Part-2-2-338001-Part-3-5.txt + 338121 - 0012-CVE-2006-3806-mfsa2006-50-Part-2-2-338121-Part-4-5.txt + 342960 - 0013-CVE-2006-3806-mfsa2006-50-Part-2-2-342960-Part-5-5.txt CVE-2006-3807 (mfsa2006-51) comprises 1 issue: + 340727 - 0014-CVE-2006-3807-mfsa2006-51-340727.txt CVE-2006-3808 (mfsa2006-52) comprises 1 issue: + 337389 - 0015-CVE-2006-3808-mfsa2006-52-337389.txt CVE-2006-3809 (mfsa2006-53) comprises 1 issue: + 340107 - 0016-CVE-2006-3809-mfsa2006-53-340107.txt CVE-2006-3810 (mfsa2006-55) comprises 6 issue: + 284219 - 0017-CVE-2006-3811-mfsa2006-55-284219-Part-1-6.txt + 329900 - 0018-CVE-2006-3811-mfsa2006-55-329900-Part-2-6.txt + 331679 - 0019-CVE-2006-3811-mfsa2006-55-331679-Part-3-6.txt + 336162 - 0020-CVE-2006-3811-mfsa2006-55-336162-Part-4-6.txt - 0023-CVE-2006-3811-mfsa2006-55-336162-Part-4-6-2nd-bits.txt + 337462 - 0021-CVE-2006-3811-mfsa2006-55-337462-Part-5-6.txt + 338129 - 0022-CVE-2006-3811-mfsa2006-55-338129-Part-6-6.txt stable/main/binary-arm/mozilla-thunderbird_1.0.2-2.sarge1.0.8b.1_arm.deb stable/main/binary-arm/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8b.1_arm.deb stable/main/binary-arm/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8b.1_arm.deb stable/main/binary-arm/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8b.1_arm.deb stable/main/binary-arm/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8b.1_arm.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8b.1) stable-security; urgency=critical Patches listed below are in debian/patches/tbird-1.0.8a-1.0.8b * regression fixes: + 0003-regression-343713-was-introduced-by-fix-for-mfsa2006-31-336601.txt + 0004-regression-336875-was-introduced-by-fix-for-mfsa2006-31-336601.txt * late security patches left out in 2:1.7.8-1sarge7.1 CVE-2006-2779 (Issue 2/6) aka mfsa2006-32 (Part 2/7) + 0001-mfsa2006-32-325730-329982-Part-2-7.txt + 0002-mfsa2006-32-325730-329982-Part-2-7.txt * new security patches: CVE-2006-3805 (mfsa2006-50 Part 1) comprises 4 issues whose patches are: + 338804 - 0005-CVE-2006-3805-mfsa2006-50-Part-1-2-338804-Part-1-4.txt + 340129 - 0006-CVE-2006-3805-mfsa2006-50-Part-1-2-340129-Part-2-4.txt + 341877 - 0007-CVE-2006-3805-mfsa2006-50-Part-1-2-341877-Part-3-4.txt + 341956 - 0008-CVE-2006-3805-mfsa2006-50-Part-1-2-341956-Part-4-4.txt CVE-2006-3806 (mfsa2006-50 Part 2) comprises 4 issues: + 336409 - 0009-CVE-2006-3806-mfsa2006-50-Part-2-2-336409-Part-1-5.txt + 336410 - 0010-CVE-2006-3806-mfsa2006-50-Part-2-2-336410-Part-2-5.txt + 338001 - 0011-CVE-2006-3806-mfsa2006-50-Part-2-2-338001-Part-3-5.txt + 338121 - 0012-CVE-2006-3806-mfsa2006-50-Part-2-2-338121-Part-4-5.txt + 342960 - 0013-CVE-2006-3806-mfsa2006-50-Part-2-2-342960-Part-5-5.txt CVE-2006-3807 (mfsa2006-51) comprises 1 issue: + 340727 - 0014-CVE-2006-3807-mfsa2006-51-340727.txt CVE-2006-3808 (mfsa2006-52) comprises 1 issue: + 337389 - 0015-CVE-2006-3808-mfsa2006-52-337389.txt CVE-2006-3809 (mfsa2006-53) comprises 1 issue: + 340107 - 0016-CVE-2006-3809-mfsa2006-53-340107.txt CVE-2006-3810 (mfsa2006-55) comprises 6 issue: + 284219 - 0017-CVE-2006-3811-mfsa2006-55-284219-Part-1-6.txt + 329900 - 0018-CVE-2006-3811-mfsa2006-55-329900-Part-2-6.txt + 331679 - 0019-CVE-2006-3811-mfsa2006-55-331679-Part-3-6.txt + 336162 - 0020-CVE-2006-3811-mfsa2006-55-336162-Part-4-6.txt - 0023-CVE-2006-3811-mfsa2006-55-336162-Part-4-6-2nd-bits.txt + 337462 - 0021-CVE-2006-3811-mfsa2006-55-337462-Part-5-6.txt + 338129 - 0022-CVE-2006-3811-mfsa2006-55-338129-Part-6-6.txt stable/main/binary-alpha/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8b.1_alpha.deb stable/main/binary-alpha/mozilla-thunderbird_1.0.2-2.sarge1.0.8b.1_alpha.deb stable/main/binary-alpha/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8b.1_alpha.deb stable/main/binary-alpha/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8b.1_alpha.deb stable/main/binary-alpha/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8b.1_alpha.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8b.1) stable-security; urgency=critical Patches listed below are in debian/patches/tbird-1.0.8a-1.0.8b * regression fixes: + 0003-regression-343713-was-introduced-by-fix-for-mfsa2006-31-336601.txt + 0004-regression-336875-was-introduced-by-fix-for-mfsa2006-31-336601.txt * late security patches left out in 2:1.7.8-1sarge7.1 CVE-2006-2779 (Issue 2/6) aka mfsa2006-32 (Part 2/7) + 0001-mfsa2006-32-325730-329982-Part-2-7.txt + 0002-mfsa2006-32-325730-329982-Part-2-7.txt * new security patches: CVE-2006-3805 (mfsa2006-50 Part 1) comprises 4 issues whose patches are: + 338804 - 0005-CVE-2006-3805-mfsa2006-50-Part-1-2-338804-Part-1-4.txt + 340129 - 0006-CVE-2006-3805-mfsa2006-50-Part-1-2-340129-Part-2-4.txt + 341877 - 0007-CVE-2006-3805-mfsa2006-50-Part-1-2-341877-Part-3-4.txt + 341956 - 0008-CVE-2006-3805-mfsa2006-50-Part-1-2-341956-Part-4-4.txt CVE-2006-3806 (mfsa2006-50 Part 2) comprises 4 issues: + 336409 - 0009-CVE-2006-3806-mfsa2006-50-Part-2-2-336409-Part-1-5.txt + 336410 - 0010-CVE-2006-3806-mfsa2006-50-Part-2-2-336410-Part-2-5.txt + 338001 - 0011-CVE-2006-3806-mfsa2006-50-Part-2-2-338001-Part-3-5.txt + 338121 - 0012-CVE-2006-3806-mfsa2006-50-Part-2-2-338121-Part-4-5.txt + 342960 - 0013-CVE-2006-3806-mfsa2006-50-Part-2-2-342960-Part-5-5.txt CVE-2006-3807 (mfsa2006-51) comprises 1 issue: + 340727 - 0014-CVE-2006-3807-mfsa2006-51-340727.txt CVE-2006-3808 (mfsa2006-52) comprises 1 issue: + 337389 - 0015-CVE-2006-3808-mfsa2006-52-337389.txt CVE-2006-3809 (mfsa2006-53) comprises 1 issue: + 340107 - 0016-CVE-2006-3809-mfsa2006-53-340107.txt CVE-2006-3810 (mfsa2006-55) comprises 6 issue: + 284219 - 0017-CVE-2006-3811-mfsa2006-55-284219-Part-1-6.txt + 329900 - 0018-CVE-2006-3811-mfsa2006-55-329900-Part-2-6.txt + 331679 - 0019-CVE-2006-3811-mfsa2006-55-331679-Part-3-6.txt + 336162 - 0020-CVE-2006-3811-mfsa2006-55-336162-Part-4-6.txt - 0023-CVE-2006-3811-mfsa2006-55-336162-Part-4-6-2nd-bits.txt + 337462 - 0021-CVE-2006-3811-mfsa2006-55-337462-Part-5-6.txt + 338129 - 0022-CVE-2006-3811-mfsa2006-55-338129-Part-6-6.txt stable/main/source/mozilla-thunderbird_1.0.2-2.sarge1.0.8b.1.dsc stable/main/binary-i386/mozilla-thunderbird-dev_1.0.2-2.sarge1.0.8b.1_i386.deb stable/main/source/mozilla-thunderbird_1.0.2-2.sarge1.0.8b.1.diff.gz stable/main/binary-i386/mozilla-thunderbird_1.0.2-2.sarge1.0.8b.1_i386.deb stable/main/binary-i386/mozilla-thunderbird-inspector_1.0.2-2.sarge1.0.8b.1_i386.deb stable/main/binary-i386/mozilla-thunderbird-typeaheadfind_1.0.2-2.sarge1.0.8b.1_i386.deb stable/main/binary-i386/mozilla-thunderbird-offline_1.0.2-2.sarge1.0.8b.1_i386.deb mozilla-thunderbird (1.0.2-2.sarge1.0.8b.1) stable-security; urgency=critical Patches listed below are in debian/patches/tbird-1.0.8a-1.0.8b * regression fixes: + 0003-regression-343713-was-introduced-by-fix-for-mfsa2006-31-336601.txt + 0004-regression-336875-was-introduced-by-fix-for-mfsa2006-31-336601.txt * late security patches left out in 2:1.7.8-1sarge7.1 CVE-2006-2779 (Issue 2/6) aka mfsa2006-32 (Part 2/7) + 0001-mfsa2006-32-325730-329982-Part-2-7.txt + 0002-mfsa2006-32-325730-329982-Part-2-7.txt * new security patches: CVE-2006-3805 (mfsa2006-50 Part 1) comprises 4 issues whose patches are: + 338804 - 0005-CVE-2006-3805-mfsa2006-50-Part-1-2-338804-Part-1-4.txt + 340129 - 0006-CVE-2006-3805-mfsa2006-50-Part-1-2-340129-Part-2-4.txt + 341877 - 0007-CVE-2006-3805-mfsa2006-50-Part-1-2-341877-Part-3-4.txt + 341956 - 0008-CVE-2006-3805-mfsa2006-50-Part-1-2-341956-Part-4-4.txt CVE-2006-3806 (mfsa2006-50 Part 2) comprises 4 issues: + 336409 - 0009-CVE-2006-3806-mfsa2006-50-Part-2-2-336409-Part-1-5.txt + 336410 - 0010-CVE-2006-3806-mfsa2006-50-Part-2-2-336410-Part-2-5.txt + 338001 - 0011-CVE-2006-3806-mfsa2006-50-Part-2-2-338001-Part-3-5.txt + 338121 - 0012-CVE-2006-3806-mfsa2006-50-Part-2-2-338121-Part-4-5.txt + 342960 - 0013-CVE-2006-3806-mfsa2006-50-Part-2-2-342960-Part-5-5.txt CVE-2006-3807 (mfsa2006-51) comprises 1 issue: + 340727 - 0014-CVE-2006-3807-mfsa2006-51-340727.txt CVE-2006-3808 (mfsa2006-52) comprises 1 issue: + 337389 - 0015-CVE-2006-3808-mfsa2006-52-337389.txt CVE-2006-3809 (mfsa2006-53) comprises 1 issue: + 340107 - 0016-CVE-2006-3809-mfsa2006-53-340107.txt CVE-2006-3810 (mfsa2006-55) comprises 6 issue: + 284219 - 0017-CVE-2006-3811-mfsa2006-55-284219-Part-1-6.txt + 329900 - 0018-CVE-2006-3811-mfsa2006-55-329900-Part-2-6.txt + 331679 - 0019-CVE-2006-3811-mfsa2006-55-331679-Part-3-6.txt + 336162 - 0020-CVE-2006-3811-mfsa2006-55-336162-Part-4-6.txt - 0023-CVE-2006-3811-mfsa2006-55-336162-Part-4-6-2nd-bits.txt + 337462 - 0021-CVE-2006-3811-mfsa2006-55-337462-Part-5-6.txt + 338129 - 0022-CVE-2006-3811-mfsa2006-55-338129-Part-6-6.txt stable/main/binary-sparc/mozilla-firefox_1.0.4-2sarge9_sparc.deb stable/main/binary-sparc/mozilla-firefox-dom-inspector_1.0.4-2sarge9_sparc.deb stable/main/binary-sparc/mozilla-firefox-gnome-support_1.0.4-2sarge9_sparc.deb mozilla-firefox (1.0.4-2sarge9) stable-security; urgency=critical * content/xul/templates/src/nsXULContentUtils.cpp, content/xul/templates/src/nsXULSortService.cpp: A couple of patches from Alexander Sack to fix regressions caused by the previous security fixes. stable/main/binary-s390/mozilla-firefox-gnome-support_1.0.4-2sarge9_s390.deb stable/main/binary-s390/mozilla-firefox_1.0.4-2sarge9_s390.deb stable/main/binary-s390/mozilla-firefox-dom-inspector_1.0.4-2sarge9_s390.deb mozilla-firefox (1.0.4-2sarge9) stable-security; urgency=critical * content/xul/templates/src/nsXULContentUtils.cpp, content/xul/templates/src/nsXULSortService.cpp: A couple of patches from Alexander Sack to fix regressions caused by the previous security fixes. stable/main/binary-powerpc/mozilla-firefox-dom-inspector_1.0.4-2sarge9_powerpc.deb stable/main/binary-powerpc/mozilla-firefox-gnome-support_1.0.4-2sarge9_powerpc.deb stable/main/binary-powerpc/mozilla-firefox_1.0.4-2sarge9_powerpc.deb mozilla-firefox (1.0.4-2sarge9) stable-security; urgency=critical * content/xul/templates/src/nsXULContentUtils.cpp, content/xul/templates/src/nsXULSortService.cpp: A couple of patches from Alexander Sack to fix regressions caused by the previous security fixes. stable/main/binary-mipsel/mozilla-firefox_1.0.4-2sarge9_mipsel.deb stable/main/binary-mipsel/mozilla-firefox-gnome-support_1.0.4-2sarge9_mipsel.deb stable/main/binary-mipsel/mozilla-firefox-dom-inspector_1.0.4-2sarge9_mipsel.deb mozilla-firefox (1.0.4-2sarge9) stable-security; urgency=critical * content/xul/templates/src/nsXULContentUtils.cpp, content/xul/templates/src/nsXULSortService.cpp: A couple of patches from Alexander Sack to fix regressions caused by the previous security fixes. stable/main/binary-mips/mozilla-firefox_1.0.4-2sarge9_mips.deb stable/main/binary-mips/mozilla-firefox-gnome-support_1.0.4-2sarge9_mips.deb stable/main/binary-mips/mozilla-firefox-dom-inspector_1.0.4-2sarge9_mips.deb mozilla-firefox (1.0.4-2sarge9) stable-security; urgency=critical * content/xul/templates/src/nsXULContentUtils.cpp, content/xul/templates/src/nsXULSortService.cpp: A couple of patches from Alexander Sack to fix regressions caused by the previous security fixes. stable/main/binary-m68k/mozilla-firefox_1.0.4-2sarge9_m68k.deb stable/main/binary-m68k/mozilla-firefox-dom-inspector_1.0.4-2sarge9_m68k.deb stable/main/binary-m68k/mozilla-firefox-gnome-support_1.0.4-2sarge9_m68k.deb mozilla-firefox (1.0.4-2sarge9) stable-security; urgency=critical * content/xul/templates/src/nsXULContentUtils.cpp, content/xul/templates/src/nsXULSortService.cpp: A couple of patches from Alexander Sack to fix regressions caused by the previous security fixes. stable/main/binary-ia64/mozilla-firefox_1.0.4-2sarge9_ia64.deb stable/main/binary-ia64/mozilla-firefox-gnome-support_1.0.4-2sarge9_ia64.deb stable/main/binary-ia64/mozilla-firefox-dom-inspector_1.0.4-2sarge9_ia64.deb mozilla-firefox (1.0.4-2sarge9) stable-security; urgency=critical * content/xul/templates/src/nsXULContentUtils.cpp, content/xul/templates/src/nsXULSortService.cpp: A couple of patches from Alexander Sack to fix regressions caused by the previous security fixes. stable/main/binary-hppa/mozilla-firefox_1.0.4-2sarge9_hppa.deb stable/main/binary-hppa/mozilla-firefox-dom-inspector_1.0.4-2sarge9_hppa.deb stable/main/binary-hppa/mozilla-firefox-gnome-support_1.0.4-2sarge9_hppa.deb mozilla-firefox (1.0.4-2sarge9) stable-security; urgency=critical * content/xul/templates/src/nsXULContentUtils.cpp, content/xul/templates/src/nsXULSortService.cpp: A couple of patches from Alexander Sack to fix regressions caused by the previous security fixes. stable/main/binary-arm/mozilla-firefox_1.0.4-2sarge9_arm.deb stable/main/binary-arm/mozilla-firefox-gnome-support_1.0.4-2sarge9_arm.deb stable/main/binary-arm/mozilla-firefox-dom-inspector_1.0.4-2sarge9_arm.deb mozilla-firefox (1.0.4-2sarge9) stable-security; urgency=critical * content/xul/templates/src/nsXULContentUtils.cpp, content/xul/templates/src/nsXULSortService.cpp: A couple of patches from Alexander Sack to fix regressions caused by the previous security fixes. stable/main/binary-alpha/mozilla-firefox_1.0.4-2sarge9_alpha.deb stable/main/binary-alpha/mozilla-firefox-gnome-support_1.0.4-2sarge9_alpha.deb stable/main/binary-alpha/mozilla-firefox-dom-inspector_1.0.4-2sarge9_alpha.deb mozilla-firefox (1.0.4-2sarge9) stable-security; urgency=critical * content/xul/templates/src/nsXULContentUtils.cpp, content/xul/templates/src/nsXULSortService.cpp: A couple of patches from Alexander Sack to fix regressions caused by the previous security fixes. stable/main/binary-i386/mozilla-firefox-dom-inspector_1.0.4-2sarge9_i386.deb stable/main/binary-i386/mozilla-firefox-gnome-support_1.0.4-2sarge9_i386.deb stable/main/binary-i386/mozilla-firefox_1.0.4-2sarge9_i386.deb stable/main/source/mozilla-firefox_1.0.4-2sarge9.diff.gz stable/main/source/mozilla-firefox_1.0.4-2sarge9.dsc mozilla-firefox (1.0.4-2sarge9) stable-security; urgency=critical * content/xul/templates/src/nsXULContentUtils.cpp, content/xul/templates/src/nsXULSortService.cpp: A couple of patches from Alexander Sack to fix regressions caused by the previous security fixes. stable/main/binary-sparc/mozilla-browser_1.7.8-1sarge7.1_sparc.deb stable/main/binary-sparc/libnspr-dev_1.7.8-1sarge7.1_sparc.deb stable/main/binary-sparc/mozilla-js-debugger_1.7.8-1sarge7.1_sparc.deb stable/main/binary-sparc/mozilla-calendar_1.7.8-1sarge7.1_sparc.deb stable/main/binary-sparc/mozilla-psm_1.7.8-1sarge7.1_sparc.deb stable/main/binary-sparc/mozilla-dom-inspector_1.7.8-1sarge7.1_sparc.deb stable/main/binary-sparc/mozilla_1.7.8-1sarge7.1_sparc.deb stable/main/binary-sparc/mozilla-chatzilla_1.7.8-1sarge7.1_sparc.deb stable/main/binary-sparc/mozilla-dev_1.7.8-1sarge7.1_sparc.deb stable/main/binary-sparc/libnss-dev_1.7.8-1sarge7.1_sparc.deb stable/main/binary-sparc/mozilla-mailnews_1.7.8-1sarge7.1_sparc.deb stable/main/binary-sparc/libnspr4_1.7.8-1sarge7.1_sparc.deb stable/main/binary-sparc/libnss3_1.7.8-1sarge7.1_sparc.deb mozilla (2:1.7.8-1sarge7.1) stable-security; urgency=critical * dropped mozilla 1.7.14 patches in debian/patches that fix various security issues: + CVE-2006-2787 : 1_0001-mfsa2006-31-319263-336601-336313.txt + CVE-2006-2786 1/2 : 1_0002-mfsa2006-33-Part-1-2-329746.txt + CVE-2006-2786 2/2 : 1_0003-mfsa2006-33-Part-2-2-330214.txt + CVE-2006-2785 2/2 : 1_0004-mfsa2006-34-Part2-2-329521-suite.txt + CVE-2006-2775 : 1_0005-mfsa2006-35-329677.txt 1_0023-mfsa2006-35-335142-regression-1-2-for-329677.txt 1_0024-mfsa2006-35-337841-regression-part-2-2-for-329677.txt + CVE-2006-2784 : 1_0006-mfsa2006-36-330037.txt + CVE-2006-2776 : 1_0007-mfsa2006-37-330773-with-belt-and-braces.txt + CVE-2006-2778 : 1_0008-mfsa2006-38-330897.txt + CVE-2006-1942 : 1_0009-mfsa2006-39-CVE-2006-1942-334341-suite.txt + CVE-2006-2781 : 1_0010-mfsa2006-40-334384.txt + CVE-2006-2782 : 1_0011-mfsa2006-41-334977.txt + CVE-2006-2783 : 1_0012-mfsa2006-42-335816.txt + CVE-2006-2777 : 1_0013-mfsa2006-43-336830.txt + CVE-2006-2779 3/6 : 1_0014-mfsa2006-32-Part-3-7-326501.txt + CVE-2006-2779 4/6 : 1_0015-mfsa2006-32-Part-4a-7-326931.txt + CVE-2006-2785 2/2 : 1_0015-mfsa2006-34-Part-1-2-xpfe-329468-suite.txt + CVE-2006-2779 4/6 : 1_0016-mfsa2006-32-Part-4b-7-329219.txt + CVE-2006-2779 4/6 : 1_0017-mfsa2006-32-Part-4c-7-330818-proper-aviary.txt + CVE-2006-2779 6/6 : 1_0018-mfsa2006-32-Part-6-7-332971.txt + CVE-2006-2780 : 1_0019-js-src-jsstr.c-335535-mfsa2006-32-Part-7-7.txt + CVE-2006-2779 5/6 : 1_0021-mfsa2006-32-Part-5-7-327712.txt * Note: CVE-2006-2779 (mfsa2006-32) is only partially fixed. Missing are tricky parts 1/6 and 2/6 from advisory: 1/6: Removing nested