========================================= Thu, 09 Apr 2009 - Debian 4.0r8 released ========================================= oldstable/main/binary-sparc/znc_0.045-3+etch2_sparc.deb znc (0.045-3+etch2) oldstable-security; urgency=low * Backported upstream patch from the 0.066 release which fixes the handling of newlines in CHTTPSock::GetParam() and strip them out. This patch fixes an important privilege escalation in the webadmin module. Closes: #516950 oldstable/main/binary-s390/znc_0.045-3+etch2_s390.deb znc (0.045-3+etch2) oldstable-security; urgency=low * Backported upstream patch from the 0.066 release which fixes the handling of newlines in CHTTPSock::GetParam() and strip them out. This patch fixes an important privilege escalation in the webadmin module. Closes: #516950 oldstable/main/binary-powerpc/znc_0.045-3+etch2_powerpc.deb znc (0.045-3+etch2) oldstable-security; urgency=low * Backported upstream patch from the 0.066 release which fixes the handling of newlines in CHTTPSock::GetParam() and strip them out. This patch fixes an important privilege escalation in the webadmin module. Closes: #516950 oldstable/main/binary-mipsel/znc_0.045-3+etch2_mipsel.deb znc (0.045-3+etch2) oldstable-security; urgency=low * Backported upstream patch from the 0.066 release which fixes the handling of newlines in CHTTPSock::GetParam() and strip them out. This patch fixes an important privilege escalation in the webadmin module. Closes: #516950 oldstable/main/binary-mips/znc_0.045-3+etch2_mips.deb znc (0.045-3+etch2) oldstable-security; urgency=low * Backported upstream patch from the 0.066 release which fixes the handling of newlines in CHTTPSock::GetParam() and strip them out. This patch fixes an important privilege escalation in the webadmin module. Closes: #516950 oldstable/main/binary-ia64/znc_0.045-3+etch2_ia64.deb znc (0.045-3+etch2) oldstable-security; urgency=low * Backported upstream patch from the 0.066 release which fixes the handling of newlines in CHTTPSock::GetParam() and strip them out. This patch fixes an important privilege escalation in the webadmin module. Closes: #516950 oldstable/main/binary-i386/znc_0.045-3+etch2_i386.deb znc (0.045-3+etch2) oldstable-security; urgency=low * Backported upstream patch from the 0.066 release which fixes the handling of newlines in CHTTPSock::GetParam() and strip them out. This patch fixes an important privilege escalation in the webadmin module. Closes: #516950 oldstable/main/binary-hppa/znc_0.045-3+etch2_hppa.deb znc (0.045-3+etch2) oldstable-security; urgency=low * Backported upstream patch from the 0.066 release which fixes the handling of newlines in CHTTPSock::GetParam() and strip them out. This patch fixes an important privilege escalation in the webadmin module. Closes: #516950 oldstable/main/binary-arm/znc_0.045-3+etch2_arm.deb znc (0.045-3+etch2) oldstable-security; urgency=low * Backported upstream patch from the 0.066 release which fixes the handling of newlines in CHTTPSock::GetParam() and strip them out. This patch fixes an important privilege escalation in the webadmin module. Closes: #516950 oldstable/main/binary-alpha/znc_0.045-3+etch2_alpha.deb znc (0.045-3+etch2) oldstable-security; urgency=low * Backported upstream patch from the 0.066 release which fixes the handling of newlines in CHTTPSock::GetParam() and strip them out. This patch fixes an important privilege escalation in the webadmin module. Closes: #516950 oldstable/main/binary-amd64/znc_0.045-3+etch2_amd64.deb oldstable/main/source/znc_0.045-3+etch2.dsc oldstable/main/source/znc_0.045-3+etch2.diff.gz znc (0.045-3+etch2) oldstable-security; urgency=low * Backported upstream patch from the 0.066 release which fixes the handling of newlines in CHTTPSock::GetParam() and strip them out. This patch fixes an important privilege escalation in the webadmin module. Closes: #516950 oldstable/main/binary-sparc/yaws_1.65-4etch1_sparc.deb yaws (1.65-4etch1) oldstable-security; urgency=high * Fixed DoS when a huge number of headers are supplied in an HTTP query (CVE-2009-0751). oldstable/main/binary-s390/yaws_1.65-4etch1_s390.deb yaws (1.65-4etch1) oldstable-security; urgency=high * Fixed DoS when a huge number of headers are supplied in an HTTP query (CVE-2009-0751). oldstable/main/binary-powerpc/yaws_1.65-4etch1_powerpc.deb yaws (1.65-4etch1) oldstable-security; urgency=high * Fixed DoS when a huge number of headers are supplied in an HTTP query (CVE-2009-0751). oldstable/main/binary-mipsel/yaws_1.65-4etch1_mipsel.deb yaws (1.65-4etch1) oldstable-security; urgency=high * Fixed DoS when a huge number of headers are supplied in an HTTP query (CVE-2009-0751). oldstable/main/binary-mips/yaws_1.65-4etch1_mips.deb yaws (1.65-4etch1) oldstable-security; urgency=high * Fixed DoS when a huge number of headers are supplied in an HTTP query (CVE-2009-0751). oldstable/main/binary-ia64/yaws_1.65-4etch1_ia64.deb yaws (1.65-4etch1) oldstable-security; urgency=high * Fixed DoS when a huge number of headers are supplied in an HTTP query (CVE-2009-0751). oldstable/main/binary-hppa/yaws_1.65-4etch1_hppa.deb yaws (1.65-4etch1) oldstable-security; urgency=high * Fixed DoS when a huge number of headers are supplied in an HTTP query (CVE-2009-0751). oldstable/main/binary-arm/yaws_1.65-4etch1_arm.deb yaws (1.65-4etch1) oldstable-security; urgency=high * Fixed DoS when a huge number of headers are supplied in an HTTP query (CVE-2009-0751). oldstable/main/binary-amd64/yaws_1.65-4etch1_amd64.deb yaws (1.65-4etch1) oldstable-security; urgency=high * Fixed DoS when a huge number of headers are supplied in an HTTP query (CVE-2009-0751). oldstable/main/binary-alpha/yaws_1.65-4etch1_alpha.deb yaws (1.65-4etch1) oldstable-security; urgency=high * Fixed DoS when a huge number of headers are supplied in an HTTP query (CVE-2009-0751). oldstable/main/binary-i386/yaws_1.65-4etch1_i386.deb oldstable/main/source/yaws_1.65-4etch1.diff.gz oldstable/main/source/yaws_1.65-4etch1.dsc yaws (1.65-4etch1) oldstable-security; urgency=high * Fixed DoS when a huge number of headers are supplied in an HTTP query (CVE-2009-0751). oldstable/main/binary-sparc/wesnoth_1.2-5_sparc.deb oldstable/main/binary-sparc/wesnoth-server_1.2-5_sparc.deb oldstable/main/binary-sparc/wesnoth-editor_1.2-5_sparc.deb wesnoth (1.2-5) oldstable-security; urgency=high * Upload to fix a severe problem: - Compile with --disable-python because the python AI support allowed to break out of sandbox and allowed execution of abitrary code (CVE-2009-0367, Upstream Bug #13048). Don't install data/ais into wesnoth-data package anymore, and remove python-dev from Build-Dependencies. oldstable/main/binary-s390/wesnoth-server_1.2-5_s390.deb oldstable/main/binary-s390/wesnoth_1.2-5_s390.deb oldstable/main/binary-s390/wesnoth-editor_1.2-5_s390.deb wesnoth (1.2-5) oldstable-security; urgency=high * Upload to fix a severe problem: - Compile with --disable-python because the python AI support allowed to break out of sandbox and allowed execution of abitrary code (CVE-2009-0367, Upstream Bug #13048). Don't install data/ais into wesnoth-data package anymore, and remove python-dev from Build-Dependencies. oldstable/main/binary-mipsel/wesnoth_1.2-5_mipsel.deb oldstable/main/binary-mipsel/wesnoth-editor_1.2-5_mipsel.deb oldstable/main/binary-mipsel/wesnoth-server_1.2-5_mipsel.deb wesnoth (1.2-5) oldstable-security; urgency=high * Upload to fix a severe problem: - Compile with --disable-python because the python AI support allowed to break out of sandbox and allowed execution of abitrary code (CVE-2009-0367, Upstream Bug #13048). Don't install data/ais into wesnoth-data package anymore, and remove python-dev from Build-Dependencies. oldstable/main/binary-mips/wesnoth-server_1.2-5_mips.deb oldstable/main/binary-mips/wesnoth-editor_1.2-5_mips.deb oldstable/main/binary-mips/wesnoth_1.2-5_mips.deb wesnoth (1.2-5) oldstable-security; urgency=high * Upload to fix a severe problem: - Compile with --disable-python because the python AI support allowed to break out of sandbox and allowed execution of abitrary code (CVE-2009-0367, Upstream Bug #13048). Don't install data/ais into wesnoth-data package anymore, and remove python-dev from Build-Dependencies. oldstable/main/binary-ia64/wesnoth-server_1.2-5_ia64.deb oldstable/main/binary-ia64/wesnoth_1.2-5_ia64.deb oldstable/main/binary-ia64/wesnoth-editor_1.2-5_ia64.deb wesnoth (1.2-5) oldstable-security; urgency=high * Upload to fix a severe problem: - Compile with --disable-python because the python AI support allowed to break out of sandbox and allowed execution of abitrary code (CVE-2009-0367, Upstream Bug #13048). Don't install data/ais into wesnoth-data package anymore, and remove python-dev from Build-Dependencies. oldstable/main/binary-i386/wesnoth_1.2-5_i386.deb oldstable/main/binary-i386/wesnoth-editor_1.2-5_i386.deb oldstable/main/binary-i386/wesnoth-server_1.2-5_i386.deb wesnoth (1.2-5) oldstable-security; urgency=high * Upload to fix a severe problem: - Compile with --disable-python because the python AI support allowed to break out of sandbox and allowed execution of abitrary code (CVE-2009-0367, Upstream Bug #13048). Don't install data/ais into wesnoth-data package anymore, and remove python-dev from Build-Dependencies. oldstable/main/binary-hppa/wesnoth-server_1.2-5_hppa.deb oldstable/main/binary-hppa/wesnoth_1.2-5_hppa.deb oldstable/main/binary-hppa/wesnoth-editor_1.2-5_hppa.deb wesnoth (1.2-5) oldstable-security; urgency=high * Upload to fix a severe problem: - Compile with --disable-python because the python AI support allowed to break out of sandbox and allowed execution of abitrary code (CVE-2009-0367, Upstream Bug #13048). Don't install data/ais into wesnoth-data package anymore, and remove python-dev from Build-Dependencies. oldstable/main/binary-arm/wesnoth-server_1.2-5_arm.deb oldstable/main/binary-arm/wesnoth_1.2-5_arm.deb oldstable/main/binary-arm/wesnoth-editor_1.2-5_arm.deb wesnoth (1.2-5) oldstable-security; urgency=high * Upload to fix a severe problem: - Compile with --disable-python because the python AI support allowed to break out of sandbox and allowed execution of abitrary code (CVE-2009-0367, Upstream Bug #13048). Don't install data/ais into wesnoth-data package anymore, and remove python-dev from Build-Dependencies. oldstable/main/binary-amd64/wesnoth-server_1.2-5_amd64.deb oldstable/main/binary-amd64/wesnoth_1.2-5_amd64.deb oldstable/main/binary-amd64/wesnoth-editor_1.2-5_amd64.deb wesnoth (1.2-5) oldstable-security; urgency=high * Upload to fix a severe problem: - Compile with --disable-python because the python AI support allowed to break out of sandbox and allowed execution of abitrary code (CVE-2009-0367, Upstream Bug #13048). Don't install data/ais into wesnoth-data package anymore, and remove python-dev from Build-Dependencies. oldstable/main/binary-alpha/wesnoth-server_1.2-5_alpha.deb oldstable/main/binary-alpha/wesnoth_1.2-5_alpha.deb oldstable/main/binary-alpha/wesnoth-editor_1.2-5_alpha.deb wesnoth (1.2-5) oldstable-security; urgency=high * Upload to fix a severe problem: - Compile with --disable-python because the python AI support allowed to break out of sandbox and allowed execution of abitrary code (CVE-2009-0367, Upstream Bug #13048). Don't install data/ais into wesnoth-data package anymore, and remove python-dev from Build-Dependencies. oldstable/main/binary-all/wesnoth-data_1.2-5_all.deb oldstable/main/binary-powerpc/wesnoth-editor_1.2-5_powerpc.deb oldstable/main/binary-all/wesnoth-music_1.2-5_all.deb oldstable/main/binary-all/wesnoth-tsg_1.2-5_all.deb oldstable/main/binary-all/wesnoth-httt_1.2-5_all.deb oldstable/main/binary-powerpc/wesnoth-server_1.2-5_powerpc.deb oldstable/main/binary-powerpc/wesnoth_1.2-5_powerpc.deb oldstable/main/source/wesnoth_1.2-5.dsc oldstable/main/binary-all/wesnoth-ttb_1.2-5_all.deb oldstable/main/binary-all/wesnoth-ei_1.2-5_all.deb oldstable/main/binary-all/wesnoth-utbs_1.2-5_all.deb oldstable/main/source/wesnoth_1.2-5.diff.gz oldstable/main/binary-all/wesnoth-trow_1.2-5_all.deb wesnoth (1.2-5) oldstable-security; urgency=high * Upload to fix a severe problem: - Compile with --disable-python because the python AI support allowed to break out of sandbox and allowed execution of abitrary code (CVE-2009-0367, Upstream Bug #13048). Don't install data/ais into wesnoth-data package anymore, and remove python-dev from Build-Dependencies. oldstable/main/binary-sparc/xvnc4viewer_4.1.1+X4.3.0-21+etch1_sparc.deb oldstable/main/binary-sparc/vnc4server_4.1.1+X4.3.0-21+etch1_sparc.deb oldstable/main/binary-sparc/vnc4-common_4.1.1+X4.3.0-21+etch1_sparc.deb vnc4 (4.1.1+X4.3.0-21+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix arbitrary code execution via crafted RFB protocol data (Closes: #513531) Fixes: CVE-2008-4770 oldstable/main/binary-s390/xvnc4viewer_4.1.1+X4.3.0-21+etch1_s390.deb oldstable/main/binary-s390/vnc4-common_4.1.1+X4.3.0-21+etch1_s390.deb oldstable/main/binary-s390/vnc4server_4.1.1+X4.3.0-21+etch1_s390.deb vnc4 (4.1.1+X4.3.0-21+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix arbitrary code execution via crafted RFB protocol data (Closes: #513531) Fixes: CVE-2008-4770 oldstable/main/binary-powerpc/vnc4server_4.1.1+X4.3.0-21+etch1_powerpc.deb oldstable/main/binary-powerpc/xvnc4viewer_4.1.1+X4.3.0-21+etch1_powerpc.deb oldstable/main/binary-powerpc/vnc4-common_4.1.1+X4.3.0-21+etch1_powerpc.deb vnc4 (4.1.1+X4.3.0-21+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix arbitrary code execution via crafted RFB protocol data (Closes: #513531) Fixes: CVE-2008-4770 oldstable/main/binary-mipsel/xvnc4viewer_4.1.1+X4.3.0-21+etch1_mipsel.deb oldstable/main/binary-mipsel/vnc4-common_4.1.1+X4.3.0-21+etch1_mipsel.deb oldstable/main/binary-mipsel/vnc4server_4.1.1+X4.3.0-21+etch1_mipsel.deb vnc4 (4.1.1+X4.3.0-21+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix arbitrary code execution via crafted RFB protocol data (Closes: #513531) Fixes: CVE-2008-4770 oldstable/main/binary-mips/xvnc4viewer_4.1.1+X4.3.0-21+etch1_mips.deb oldstable/main/binary-mips/vnc4server_4.1.1+X4.3.0-21+etch1_mips.deb oldstable/main/binary-mips/vnc4-common_4.1.1+X4.3.0-21+etch1_mips.deb vnc4 (4.1.1+X4.3.0-21+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix arbitrary code execution via crafted RFB protocol data (Closes: #513531) Fixes: CVE-2008-4770 oldstable/main/binary-ia64/vnc4-common_4.1.1+X4.3.0-21+etch1_ia64.deb oldstable/main/binary-ia64/xvnc4viewer_4.1.1+X4.3.0-21+etch1_ia64.deb oldstable/main/binary-ia64/vnc4server_4.1.1+X4.3.0-21+etch1_ia64.deb vnc4 (4.1.1+X4.3.0-21+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix arbitrary code execution via crafted RFB protocol data (Closes: #513531) Fixes: CVE-2008-4770 oldstable/main/binary-hppa/xvnc4viewer_4.1.1+X4.3.0-21+etch1_hppa.deb oldstable/main/binary-hppa/vnc4server_4.1.1+X4.3.0-21+etch1_hppa.deb oldstable/main/binary-hppa/vnc4-common_4.1.1+X4.3.0-21+etch1_hppa.deb vnc4 (4.1.1+X4.3.0-21+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix arbitrary code execution via crafted RFB protocol data (Closes: #513531) Fixes: CVE-2008-4770 oldstable/main/binary-amd64/vnc4server_4.1.1+X4.3.0-21+etch1_amd64.deb oldstable/main/binary-amd64/xvnc4viewer_4.1.1+X4.3.0-21+etch1_amd64.deb oldstable/main/binary-amd64/vnc4-common_4.1.1+X4.3.0-21+etch1_amd64.deb vnc4 (4.1.1+X4.3.0-21+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix arbitrary code execution via crafted RFB protocol data (Closes: #513531) Fixes: CVE-2008-4770 oldstable/main/binary-alpha/vnc4-common_4.1.1+X4.3.0-21+etch1_alpha.deb oldstable/main/binary-alpha/xvnc4viewer_4.1.1+X4.3.0-21+etch1_alpha.deb oldstable/main/binary-alpha/vnc4server_4.1.1+X4.3.0-21+etch1_alpha.deb vnc4 (4.1.1+X4.3.0-21+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix arbitrary code execution via crafted RFB protocol data (Closes: #513531) Fixes: CVE-2008-4770 oldstable/main/binary-i386/vnc4server_4.1.1+X4.3.0-21+etch1_i386.deb oldstable/main/binary-i386/vnc4-common_4.1.1+X4.3.0-21+etch1_i386.deb oldstable/main/source/vnc4_4.1.1+X4.3.0-21+etch1.diff.gz oldstable/main/source/vnc4_4.1.1+X4.3.0-21+etch1.dsc oldstable/main/binary-i386/xvnc4viewer_4.1.1+X4.3.0-21+etch1_i386.deb vnc4 (4.1.1+X4.3.0-21+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix arbitrary code execution via crafted RFB protocol data (Closes: #513531) Fixes: CVE-2008-4770 oldstable/main/binary-sparc/vim-tcl_7.0-122+1etch5_sparc.deb oldstable/main/binary-sparc/vim-tiny_7.0-122+1etch5_sparc.deb oldstable/main/binary-sparc/vim-lesstif_7.0-122+1etch5_sparc.deb oldstable/main/binary-sparc/vim-python_7.0-122+1etch5_sparc.deb oldstable/main/binary-sparc/vim-ruby_7.0-122+1etch5_sparc.deb oldstable/main/binary-sparc/vim-perl_7.0-122+1etch5_sparc.deb oldstable/main/binary-sparc/vim-gtk_7.0-122+1etch5_sparc.deb oldstable/main/binary-sparc/vim-common_7.0-122+1etch5_sparc.deb oldstable/main/binary-sparc/vim-gnome_7.0-122+1etch5_sparc.deb oldstable/main/binary-sparc/vim_7.0-122+1etch5_sparc.deb oldstable/main/binary-sparc/vim-full_7.0-122+1etch5_sparc.deb vim (1:7.0-122+1etch5) oldstable-security; urgency=high * Fix a couple typos in CVE-2008-2712-netrw.vim.diff oldstable/main/binary-s390/vim-perl_7.0-122+1etch5_s390.deb oldstable/main/binary-s390/vim-ruby_7.0-122+1etch5_s390.deb oldstable/main/binary-s390/vim-full_7.0-122+1etch5_s390.deb oldstable/main/binary-s390/vim_7.0-122+1etch5_s390.deb oldstable/main/binary-s390/vim-lesstif_7.0-122+1etch5_s390.deb oldstable/main/binary-s390/vim-gnome_7.0-122+1etch5_s390.deb oldstable/main/binary-s390/vim-tcl_7.0-122+1etch5_s390.deb oldstable/main/binary-s390/vim-gtk_7.0-122+1etch5_s390.deb oldstable/main/binary-s390/vim-tiny_7.0-122+1etch5_s390.deb oldstable/main/binary-s390/vim-common_7.0-122+1etch5_s390.deb oldstable/main/binary-s390/vim-python_7.0-122+1etch5_s390.deb vim (1:7.0-122+1etch5) oldstable-security; urgency=high * Fix a couple typos in CVE-2008-2712-netrw.vim.diff oldstable/main/binary-powerpc/vim-perl_7.0-122+1etch5_powerpc.deb oldstable/main/binary-powerpc/vim-full_7.0-122+1etch5_powerpc.deb oldstable/main/binary-powerpc/vim-tiny_7.0-122+1etch5_powerpc.deb oldstable/main/binary-powerpc/vim-gtk_7.0-122+1etch5_powerpc.deb oldstable/main/binary-powerpc/vim_7.0-122+1etch5_powerpc.deb oldstable/main/binary-powerpc/vim-python_7.0-122+1etch5_powerpc.deb oldstable/main/binary-powerpc/vim-lesstif_7.0-122+1etch5_powerpc.deb oldstable/main/binary-powerpc/vim-ruby_7.0-122+1etch5_powerpc.deb oldstable/main/binary-powerpc/vim-tcl_7.0-122+1etch5_powerpc.deb oldstable/main/binary-powerpc/vim-common_7.0-122+1etch5_powerpc.deb oldstable/main/binary-powerpc/vim-gnome_7.0-122+1etch5_powerpc.deb vim (1:7.0-122+1etch5) oldstable-security; urgency=high * Fix a couple typos in CVE-2008-2712-netrw.vim.diff oldstable/main/binary-mipsel/vim_7.0-122+1etch5_mipsel.deb oldstable/main/binary-mipsel/vim-python_7.0-122+1etch5_mipsel.deb oldstable/main/binary-mipsel/vim-gtk_7.0-122+1etch5_mipsel.deb oldstable/main/binary-mipsel/vim-tiny_7.0-122+1etch5_mipsel.deb oldstable/main/binary-mipsel/vim-full_7.0-122+1etch5_mipsel.deb oldstable/main/binary-mipsel/vim-common_7.0-122+1etch5_mipsel.deb oldstable/main/binary-mipsel/vim-perl_7.0-122+1etch5_mipsel.deb oldstable/main/binary-mipsel/vim-gnome_7.0-122+1etch5_mipsel.deb oldstable/main/binary-mipsel/vim-tcl_7.0-122+1etch5_mipsel.deb oldstable/main/binary-mipsel/vim-ruby_7.0-122+1etch5_mipsel.deb oldstable/main/binary-mipsel/vim-lesstif_7.0-122+1etch5_mipsel.deb vim (1:7.0-122+1etch5) oldstable-security; urgency=high * Fix a couple typos in CVE-2008-2712-netrw.vim.diff oldstable/main/binary-mips/vim-full_7.0-122+1etch5_mips.deb oldstable/main/binary-mips/vim-gnome_7.0-122+1etch5_mips.deb oldstable/main/binary-mips/vim-gtk_7.0-122+1etch5_mips.deb oldstable/main/binary-mips/vim-lesstif_7.0-122+1etch5_mips.deb oldstable/main/binary-mips/vim-ruby_7.0-122+1etch5_mips.deb oldstable/main/binary-mips/vim-perl_7.0-122+1etch5_mips.deb oldstable/main/binary-mips/vim-tiny_7.0-122+1etch5_mips.deb oldstable/main/binary-mips/vim-python_7.0-122+1etch5_mips.deb oldstable/main/binary-mips/vim-tcl_7.0-122+1etch5_mips.deb oldstable/main/binary-mips/vim-common_7.0-122+1etch5_mips.deb oldstable/main/binary-mips/vim_7.0-122+1etch5_mips.deb vim (1:7.0-122+1etch5) oldstable-security; urgency=high * Fix a couple typos in CVE-2008-2712-netrw.vim.diff oldstable/main/binary-ia64/vim-perl_7.0-122+1etch5_ia64.deb oldstable/main/binary-ia64/vim-lesstif_7.0-122+1etch5_ia64.deb oldstable/main/binary-ia64/vim-gnome_7.0-122+1etch5_ia64.deb oldstable/main/binary-ia64/vim-tcl_7.0-122+1etch5_ia64.deb oldstable/main/binary-ia64/vim-ruby_7.0-122+1etch5_ia64.deb oldstable/main/binary-ia64/vim-gtk_7.0-122+1etch5_ia64.deb oldstable/main/binary-ia64/vim_7.0-122+1etch5_ia64.deb oldstable/main/binary-ia64/vim-full_7.0-122+1etch5_ia64.deb oldstable/main/binary-ia64/vim-tiny_7.0-122+1etch5_ia64.deb oldstable/main/binary-ia64/vim-python_7.0-122+1etch5_ia64.deb oldstable/main/binary-ia64/vim-common_7.0-122+1etch5_ia64.deb vim (1:7.0-122+1etch5) oldstable-security; urgency=high * Fix a couple typos in CVE-2008-2712-netrw.vim.diff oldstable/main/binary-hppa/vim-full_7.0-122+1etch5_hppa.deb oldstable/main/binary-hppa/vim-gtk_7.0-122+1etch5_hppa.deb oldstable/main/binary-hppa/vim-tcl_7.0-122+1etch5_hppa.deb oldstable/main/binary-hppa/vim-lesstif_7.0-122+1etch5_hppa.deb oldstable/main/binary-hppa/vim-gnome_7.0-122+1etch5_hppa.deb oldstable/main/binary-hppa/vim_7.0-122+1etch5_hppa.deb oldstable/main/binary-hppa/vim-ruby_7.0-122+1etch5_hppa.deb oldstable/main/binary-hppa/vim-common_7.0-122+1etch5_hppa.deb oldstable/main/binary-hppa/vim-tiny_7.0-122+1etch5_hppa.deb oldstable/main/binary-hppa/vim-python_7.0-122+1etch5_hppa.deb oldstable/main/binary-hppa/vim-perl_7.0-122+1etch5_hppa.deb vim (1:7.0-122+1etch5) oldstable-security; urgency=high * Fix a couple typos in CVE-2008-2712-netrw.vim.diff oldstable/main/binary-arm/vim-gnome_7.0-122+1etch5_arm.deb oldstable/main/binary-arm/vim-full_7.0-122+1etch5_arm.deb oldstable/main/binary-arm/vim-common_7.0-122+1etch5_arm.deb oldstable/main/binary-arm/vim-perl_7.0-122+1etch5_arm.deb oldstable/main/binary-arm/vim-ruby_7.0-122+1etch5_arm.deb oldstable/main/binary-arm/vim-lesstif_7.0-122+1etch5_arm.deb oldstable/main/binary-arm/vim-tiny_7.0-122+1etch5_arm.deb oldstable/main/binary-arm/vim-python_7.0-122+1etch5_arm.deb oldstable/main/binary-arm/vim-tcl_7.0-122+1etch5_arm.deb oldstable/main/binary-arm/vim-gtk_7.0-122+1etch5_arm.deb oldstable/main/binary-arm/vim_7.0-122+1etch5_arm.deb vim (1:7.0-122+1etch5) oldstable-security; urgency=high * Fix a couple typos in CVE-2008-2712-netrw.vim.diff oldstable/main/binary-amd64/vim-gtk_7.0-122+1etch5_amd64.deb oldstable/main/binary-amd64/vim-python_7.0-122+1etch5_amd64.deb oldstable/main/binary-amd64/vim-tiny_7.0-122+1etch5_amd64.deb oldstable/main/binary-amd64/vim-ruby_7.0-122+1etch5_amd64.deb oldstable/main/binary-amd64/vim-perl_7.0-122+1etch5_amd64.deb oldstable/main/binary-amd64/vim-lesstif_7.0-122+1etch5_amd64.deb oldstable/main/binary-amd64/vim_7.0-122+1etch5_amd64.deb oldstable/main/binary-amd64/vim-gnome_7.0-122+1etch5_amd64.deb oldstable/main/binary-amd64/vim-common_7.0-122+1etch5_amd64.deb oldstable/main/binary-amd64/vim-full_7.0-122+1etch5_amd64.deb oldstable/main/binary-amd64/vim-tcl_7.0-122+1etch5_amd64.deb vim (1:7.0-122+1etch5) oldstable-security; urgency=high * Fix a couple typos in CVE-2008-2712-netrw.vim.diff oldstable/main/binary-alpha/vim-gnome_7.0-122+1etch5_alpha.deb oldstable/main/binary-alpha/vim-full_7.0-122+1etch5_alpha.deb oldstable/main/binary-alpha/vim_7.0-122+1etch5_alpha.deb oldstable/main/binary-alpha/vim-gtk_7.0-122+1etch5_alpha.deb oldstable/main/binary-alpha/vim-lesstif_7.0-122+1etch5_alpha.deb oldstable/main/binary-alpha/vim-tcl_7.0-122+1etch5_alpha.deb oldstable/main/binary-alpha/vim-python_7.0-122+1etch5_alpha.deb oldstable/main/binary-alpha/vim-tiny_7.0-122+1etch5_alpha.deb oldstable/main/binary-alpha/vim-common_7.0-122+1etch5_alpha.deb oldstable/main/binary-alpha/vim-ruby_7.0-122+1etch5_alpha.deb oldstable/main/binary-alpha/vim-perl_7.0-122+1etch5_alpha.deb vim (1:7.0-122+1etch5) oldstable-security; urgency=high * Fix a couple typos in CVE-2008-2712-netrw.vim.diff oldstable/main/binary-i386/vim-common_7.0-122+1etch5_i386.deb oldstable/main/binary-all/vim-doc_7.0-122+1etch5_all.deb oldstable/main/source/vim_7.0-122+1etch5.diff.gz oldstable/main/binary-all/vim-runtime_7.0-122+1etch5_all.deb oldstable/main/source/vim_7.0-122+1etch5.dsc oldstable/main/binary-i386/vim-lesstif_7.0-122+1etch5_i386.deb oldstable/main/binary-i386/vim_7.0-122+1etch5_i386.deb oldstable/main/binary-i386/vim-python_7.0-122+1etch5_i386.deb oldstable/main/binary-i386/vim-tiny_7.0-122+1etch5_i386.deb oldstable/main/binary-all/vim-gui-common_7.0-122+1etch5_all.deb oldstable/main/binary-i386/vim-full_7.0-122+1etch5_i386.deb oldstable/main/binary-i386/vim-ruby_7.0-122+1etch5_i386.deb oldstable/main/binary-i386/vim-gtk_7.0-122+1etch5_i386.deb oldstable/main/binary-i386/vim-gnome_7.0-122+1etch5_i386.deb oldstable/main/binary-i386/vim-tcl_7.0-122+1etch5_i386.deb oldstable/main/binary-i386/vim-perl_7.0-122+1etch5_i386.deb vim (1:7.0-122+1etch5) oldstable-security; urgency=high * Fix a couple typos in CVE-2008-2712-netrw.vim.diff vim (1:7.0-122+1etch4) oldstable-security; urgency=high * Backport upstream patches and runtime fixes for filename escaping vulnerabilities. (Closes: #486502, #506919, CVE 2008-2712, CVE 2008-3074, CVE 2008-3076, CVE 2008-4104) - Backport patches 7.1.299, 7.1.300, 7.1.305, 7.2a.013, 7.2b.005, 7.2b.018, 7.2c.002, 7.2010, 7.2026. - Add patch CVE-2008-2712-xpm.vim.diff to fix syntax/xpm.vim and syntax/xpm2.vim. - Add patch CVE-2008-2712-zip.vim.diff to fix autoload/zip.vim. - Add patch CVE-2008-2712-netrw.vim.diff to fix autoload/netrw.vim. - Add patch CVE-2008-3074-tar.vim.diff to fix autoload/tar.vim. oldstable/main/source/typo3-src_4.0.2+debian-8.dsc oldstable/main/binary-all/typo3-src-4.0_4.0.2+debian-8_all.deb oldstable/main/source/typo3-src_4.0.2+debian-8.diff.gz oldstable/main/binary-all/typo3_4.0.2+debian-8_all.deb typo3-src (4.0.2+debian-8) stable-security; urgency=high * Added patches (backported from 4.0.12) to fix a critical information disclosure vulnerability in TYPO3 core and a XSS issue in TYPO3 backend module (Closes: 514713). oldstable/main/binary-sparc/strongswan_2.8.0+dfsg-1+etch1_sparc.deb strongswan (2.8.0+dfsg-1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 oldstable/main/binary-s390/strongswan_2.8.0+dfsg-1+etch1_s390.deb strongswan (2.8.0+dfsg-1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 oldstable/main/binary-powerpc/strongswan_2.8.0+dfsg-1+etch1_powerpc.deb strongswan (2.8.0+dfsg-1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 oldstable/main/binary-mipsel/strongswan_2.8.0+dfsg-1+etch1_mipsel.deb strongswan (2.8.0+dfsg-1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 oldstable/main/binary-mips/strongswan_2.8.0+dfsg-1+etch1_mips.deb strongswan (2.8.0+dfsg-1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 oldstable/main/binary-ia64/strongswan_2.8.0+dfsg-1+etch1_ia64.deb strongswan (2.8.0+dfsg-1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 oldstable/main/binary-hppa/strongswan_2.8.0+dfsg-1+etch1_hppa.deb strongswan (2.8.0+dfsg-1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 oldstable/main/binary-arm/strongswan_2.8.0+dfsg-1+etch1_arm.deb strongswan (2.8.0+dfsg-1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 oldstable/main/binary-amd64/strongswan_2.8.0+dfsg-1+etch1_amd64.deb strongswan (2.8.0+dfsg-1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 oldstable/main/binary-alpha/strongswan_2.8.0+dfsg-1+etch1_alpha.deb strongswan (2.8.0+dfsg-1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 oldstable/main/binary-i386/strongswan_2.8.0+dfsg-1+etch1_i386.deb oldstable/main/source/strongswan_2.8.0+dfsg-1+etch1.dsc oldstable/main/source/strongswan_2.8.0+dfsg-1+etch1.diff.gz strongswan (2.8.0+dfsg-1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 oldstable/main/binary-sparc/squid3_3.0.PRE5-5+etch1_sparc.deb oldstable/main/binary-sparc/squid3-client_3.0.PRE5-5+etch1_sparc.deb oldstable/main/binary-sparc/squid3-cgi_3.0.PRE5-5+etch1_sparc.deb squid3 (3.0.PRE5-5+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS via an HTTP request with an invalid version number Fixes: CVE-2009-0478 oldstable/main/binary-s390/squid3_3.0.PRE5-5+etch1_s390.deb oldstable/main/binary-s390/squid3-client_3.0.PRE5-5+etch1_s390.deb oldstable/main/binary-s390/squid3-cgi_3.0.PRE5-5+etch1_s390.deb squid3 (3.0.PRE5-5+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS via an HTTP request with an invalid version number Fixes: CVE-2009-0478 oldstable/main/binary-powerpc/squid3_3.0.PRE5-5+etch1_powerpc.deb oldstable/main/binary-powerpc/squid3-cgi_3.0.PRE5-5+etch1_powerpc.deb oldstable/main/binary-powerpc/squid3-client_3.0.PRE5-5+etch1_powerpc.deb squid3 (3.0.PRE5-5+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS via an HTTP request with an invalid version number Fixes: CVE-2009-0478 oldstable/main/binary-mipsel/squid3_3.0.PRE5-5+etch1_mipsel.deb oldstable/main/binary-mipsel/squid3-cgi_3.0.PRE5-5+etch1_mipsel.deb oldstable/main/binary-mipsel/squid3-client_3.0.PRE5-5+etch1_mipsel.deb squid3 (3.0.PRE5-5+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS via an HTTP request with an invalid version number Fixes: CVE-2009-0478 oldstable/main/binary-mips/squid3_3.0.PRE5-5+etch1_mips.deb oldstable/main/binary-mips/squid3-cgi_3.0.PRE5-5+etch1_mips.deb oldstable/main/binary-mips/squid3-client_3.0.PRE5-5+etch1_mips.deb squid3 (3.0.PRE5-5+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS via an HTTP request with an invalid version number Fixes: CVE-2009-0478 oldstable/main/binary-ia64/squid3_3.0.PRE5-5+etch1_ia64.deb oldstable/main/binary-ia64/squid3-client_3.0.PRE5-5+etch1_ia64.deb oldstable/main/binary-ia64/squid3-cgi_3.0.PRE5-5+etch1_ia64.deb squid3 (3.0.PRE5-5+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS via an HTTP request with an invalid version number Fixes: CVE-2009-0478 oldstable/main/binary-hppa/squid3_3.0.PRE5-5+etch1_hppa.deb oldstable/main/binary-hppa/squid3-cgi_3.0.PRE5-5+etch1_hppa.deb oldstable/main/binary-hppa/squid3-client_3.0.PRE5-5+etch1_hppa.deb squid3 (3.0.PRE5-5+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS via an HTTP request with an invalid version number Fixes: CVE-2009-0478 oldstable/main/binary-arm/squid3-client_3.0.PRE5-5+etch1_arm.deb oldstable/main/binary-arm/squid3_3.0.PRE5-5+etch1_arm.deb oldstable/main/binary-arm/squid3-cgi_3.0.PRE5-5+etch1_arm.deb squid3 (3.0.PRE5-5+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS via an HTTP request with an invalid version number Fixes: CVE-2009-0478 oldstable/main/binary-amd64/squid3-client_3.0.PRE5-5+etch1_amd64.deb oldstable/main/binary-amd64/squid3_3.0.PRE5-5+etch1_amd64.deb oldstable/main/binary-amd64/squid3-cgi_3.0.PRE5-5+etch1_amd64.deb squid3 (3.0.PRE5-5+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS via an HTTP request with an invalid version number Fixes: CVE-2009-0478 oldstable/main/binary-alpha/squid3-client_3.0.PRE5-5+etch1_alpha.deb oldstable/main/binary-alpha/squid3_3.0.PRE5-5+etch1_alpha.deb oldstable/main/binary-alpha/squid3-cgi_3.0.PRE5-5+etch1_alpha.deb squid3 (3.0.PRE5-5+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS via an HTTP request with an invalid version number Fixes: CVE-2009-0478 oldstable/main/binary-all/squid3-common_3.0.PRE5-5+etch1_all.deb oldstable/main/binary-i386/squid3-client_3.0.PRE5-5+etch1_i386.deb oldstable/main/source/squid3_3.0.PRE5-5+etch1.diff.gz oldstable/main/source/squid3_3.0.PRE5-5+etch1.dsc oldstable/main/binary-i386/squid3_3.0.PRE5-5+etch1_i386.deb oldstable/main/binary-i386/squid3-cgi_3.0.PRE5-5+etch1_i386.deb squid3 (3.0.PRE5-5+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS via an HTTP request with an invalid version number Fixes: CVE-2009-0478 oldstable/main/binary-sparc/sleuthkit_2.06-3etch1_sparc.deb sleuthkit (2.06-3etch1) oldstable; urgency=low * Fixed license issue, closes: #482146. oldstable/main/binary-s390/sleuthkit_2.06-3etch1_s390.deb sleuthkit (2.06-3etch1) oldstable; urgency=low * Fixed license issue, closes: #482146. oldstable/main/binary-powerpc/sleuthkit_2.06-3etch1_powerpc.deb sleuthkit (2.06-3etch1) oldstable; urgency=low * Fixed license issue, closes: #482146. oldstable/main/binary-mipsel/sleuthkit_2.06-3etch1_mipsel.deb sleuthkit (2.06-3etch1) oldstable; urgency=low * Fixed license issue, closes: #482146. oldstable/main/binary-mips/sleuthkit_2.06-3etch1_mips.deb sleuthkit (2.06-3etch1) oldstable; urgency=low * Fixed license issue, closes: #482146. oldstable/main/binary-ia64/sleuthkit_2.06-3etch1_ia64.deb sleuthkit (2.06-3etch1) oldstable; urgency=low * Fixed license issue, closes: #482146. oldstable/main/binary-hppa/sleuthkit_2.06-3etch1_hppa.deb sleuthkit (2.06-3etch1) oldstable; urgency=low * Fixed license issue, closes: #482146. oldstable/main/binary-arm/sleuthkit_2.06-3etch1_arm.deb sleuthkit (2.06-3etch1) oldstable; urgency=low * Fixed license issue, closes: #482146. oldstable/main/binary-amd64/sleuthkit_2.06-3etch1_amd64.deb sleuthkit (2.06-3etch1) oldstable; urgency=low * Fixed license issue, closes: #482146. oldstable/main/binary-alpha/sleuthkit_2.06-3etch1_alpha.deb sleuthkit (2.06-3etch1) oldstable; urgency=low * Fixed license issue, closes: #482146. oldstable/main/source/sleuthkit_2.06-3etch1.dsc oldstable/main/source/sleuthkit_2.06-3etch1.diff.gz oldstable/main/binary-i386/sleuthkit_2.06-3etch1_i386.deb sleuthkit (2.06-3etch1) oldstable; urgency=low * Fixed license issue, closes: #482146. oldstable/main/source/rt2570_1.1.0+cvs20060620-3+etch1.dsc oldstable/main/source/rt2570_1.1.0+cvs20060620-3+etch1.diff.gz oldstable/main/binary-all/rt2570-source_1.1.0+cvs20060620-3+etch1_all.deb rt2570 (1.1.0+cvs20060620-3+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-sparc/rt2500_1.1.0+cvs20060620-3+etch1_sparc.deb rt2500 (1.1.0+cvs20060620-3+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-s390/rt2500_1.1.0+cvs20060620-3+etch1_s390.deb rt2500 (1.1.0+cvs20060620-3+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-powerpc/rt2500_1.1.0+cvs20060620-3+etch1_powerpc.deb rt2500 (1.1.0+cvs20060620-3+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-mipsel/rt2500_1.1.0+cvs20060620-3+etch1_mipsel.deb rt2500 (1.1.0+cvs20060620-3+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-mips/rt2500_1.1.0+cvs20060620-3+etch1_mips.deb rt2500 (1.1.0+cvs20060620-3+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-ia64/rt2500_1.1.0+cvs20060620-3+etch1_ia64.deb rt2500 (1.1.0+cvs20060620-3+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-hppa/rt2500_1.1.0+cvs20060620-3+etch1_hppa.deb rt2500 (1.1.0+cvs20060620-3+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-arm/rt2500_1.1.0+cvs20060620-3+etch1_arm.deb rt2500 (1.1.0+cvs20060620-3+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-amd64/rt2500_1.1.0+cvs20060620-3+etch1_amd64.deb rt2500 (1.1.0+cvs20060620-3+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-alpha/rt2500_1.1.0+cvs20060620-3+etch1_alpha.deb rt2500 (1.1.0+cvs20060620-3+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-i386/rt2500_1.1.0+cvs20060620-3+etch1_i386.deb oldstable/main/source/rt2500_1.1.0+cvs20060620-3+etch1.dsc oldstable/main/source/rt2500_1.1.0+cvs20060620-3+etch1.diff.gz oldstable/main/binary-all/rt2500-source_1.1.0+cvs20060620-3+etch1_all.deb rt2500 (1.1.0+cvs20060620-3+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-sparc/rt2400_1.2.2+cvs20060620-4+etch1_sparc.deb rt2400 (1.2.2+cvs20060620-4+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-s390/rt2400_1.2.2+cvs20060620-4+etch1_s390.deb rt2400 (1.2.2+cvs20060620-4+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-powerpc/rt2400_1.2.2+cvs20060620-4+etch1_powerpc.deb rt2400 (1.2.2+cvs20060620-4+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-mipsel/rt2400_1.2.2+cvs20060620-4+etch1_mipsel.deb rt2400 (1.2.2+cvs20060620-4+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-mips/rt2400_1.2.2+cvs20060620-4+etch1_mips.deb rt2400 (1.2.2+cvs20060620-4+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-ia64/rt2400_1.2.2+cvs20060620-4+etch1_ia64.deb rt2400 (1.2.2+cvs20060620-4+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-hppa/rt2400_1.2.2+cvs20060620-4+etch1_hppa.deb rt2400 (1.2.2+cvs20060620-4+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-arm/rt2400_1.2.2+cvs20060620-4+etch1_arm.deb rt2400 (1.2.2+cvs20060620-4+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-amd64/rt2400_1.2.2+cvs20060620-4+etch1_amd64.deb rt2400 (1.2.2+cvs20060620-4+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-alpha/rt2400_1.2.2+cvs20060620-4+etch1_alpha.deb rt2400 (1.2.2+cvs20060620-4+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/source/rt2400_1.2.2+cvs20060620-4+etch1.diff.gz oldstable/main/binary-all/rt2400-source_1.2.2+cvs20060620-4+etch1_all.deb oldstable/main/binary-i386/rt2400_1.2.2+cvs20060620-4+etch1_i386.deb oldstable/main/source/rt2400_1.2.2+cvs20060620-4+etch1.dsc rt2400 (1.2.2+cvs20060620-4+etch1) stable-security; urgency=high * Fix CVE-2009-0282, patch by Ben Hutchings oldstable/main/binary-sparc/python-crypto_2.0.1+dfsg1-1.2+etch0_sparc.deb python-crypto (2.0.1+dfsg1-1.2+etch0) oldstable-security; urgency=high * Apply fix for CVE-2009-0544 (Buffer overflow in the ARC2 module), and a stand-alone version of the associated testcase (see http://www.openwall.com/lists/oss-security/2009/02/07/1). oldstable/main/binary-s390/python-crypto_2.0.1+dfsg1-1.2+etch0_s390.deb python-crypto (2.0.1+dfsg1-1.2+etch0) oldstable-security; urgency=high * Apply fix for CVE-2009-0544 (Buffer overflow in the ARC2 module), and a stand-alone version of the associated testcase (see http://www.openwall.com/lists/oss-security/2009/02/07/1). oldstable/main/binary-powerpc/python-crypto_2.0.1+dfsg1-1.2+etch0_powerpc.deb python-crypto (2.0.1+dfsg1-1.2+etch0) oldstable-security; urgency=high * Apply fix for CVE-2009-0544 (Buffer overflow in the ARC2 module), and a stand-alone version of the associated testcase (see http://www.openwall.com/lists/oss-security/2009/02/07/1). oldstable/main/binary-mipsel/python-crypto_2.0.1+dfsg1-1.2+etch0_mipsel.deb python-crypto (2.0.1+dfsg1-1.2+etch0) oldstable-security; urgency=high * Apply fix for CVE-2009-0544 (Buffer overflow in the ARC2 module), and a stand-alone version of the associated testcase (see http://www.openwall.com/lists/oss-security/2009/02/07/1). oldstable/main/binary-mips/python-crypto_2.0.1+dfsg1-1.2+etch0_mips.deb python-crypto (2.0.1+dfsg1-1.2+etch0) oldstable-security; urgency=high * Apply fix for CVE-2009-0544 (Buffer overflow in the ARC2 module), and a stand-alone version of the associated testcase (see http://www.openwall.com/lists/oss-security/2009/02/07/1). oldstable/main/binary-ia64/python-crypto_2.0.1+dfsg1-1.2+etch0_ia64.deb python-crypto (2.0.1+dfsg1-1.2+etch0) oldstable-security; urgency=high * Apply fix for CVE-2009-0544 (Buffer overflow in the ARC2 module), and a stand-alone version of the associated testcase (see http://www.openwall.com/lists/oss-security/2009/02/07/1). oldstable/main/binary-hppa/python-crypto_2.0.1+dfsg1-1.2+etch0_hppa.deb python-crypto (2.0.1+dfsg1-1.2+etch0) oldstable-security; urgency=high * Apply fix for CVE-2009-0544 (Buffer overflow in the ARC2 module), and a stand-alone version of the associated testcase (see http://www.openwall.com/lists/oss-security/2009/02/07/1). oldstable/main/binary-arm/python-crypto_2.0.1+dfsg1-1.2+etch0_arm.deb python-crypto (2.0.1+dfsg1-1.2+etch0) oldstable-security; urgency=high * Apply fix for CVE-2009-0544 (Buffer overflow in the ARC2 module), and a stand-alone version of the associated testcase (see http://www.openwall.com/lists/oss-security/2009/02/07/1). oldstable/main/binary-amd64/python-crypto_2.0.1+dfsg1-1.2+etch0_amd64.deb python-crypto (2.0.1+dfsg1-1.2+etch0) oldstable-security; urgency=high * Apply fix for CVE-2009-0544 (Buffer overflow in the ARC2 module), and a stand-alone version of the associated testcase (see http://www.openwall.com/lists/oss-security/2009/02/07/1). oldstable/main/binary-alpha/python-crypto_2.0.1+dfsg1-1.2+etch0_alpha.deb python-crypto (2.0.1+dfsg1-1.2+etch0) oldstable-security; urgency=high * Apply fix for CVE-2009-0544 (Buffer overflow in the ARC2 module), and a stand-alone version of the associated testcase (see http://www.openwall.com/lists/oss-security/2009/02/07/1). oldstable/main/source/python-crypto_2.0.1+dfsg1-1.2+etch0.diff.gz oldstable/main/source/python-crypto_2.0.1+dfsg1-1.2+etch0.dsc oldstable/main/binary-i386/python-crypto_2.0.1+dfsg1-1.2+etch0_i386.deb python-crypto (2.0.1+dfsg1-1.2+etch0) oldstable-security; urgency=high * Apply fix for CVE-2009-0544 (Buffer overflow in the ARC2 module), and a stand-alone version of the associated testcase (see http://www.openwall.com/lists/oss-security/2009/02/07/1). oldstable/main/binary-sparc/libecpg5_8.1.17-0etch1_sparc.deb oldstable/main/binary-sparc/libpq4_8.1.17-0etch1_sparc.deb oldstable/main/binary-sparc/postgresql-contrib-8.1_8.1.17-0etch1_sparc.deb oldstable/main/binary-sparc/libecpg-dev_8.1.17-0etch1_sparc.deb oldstable/main/binary-sparc/postgresql-pltcl-8.1_8.1.17-0etch1_sparc.deb oldstable/main/binary-sparc/libpgtypes2_8.1.17-0etch1_sparc.deb oldstable/main/binary-sparc/postgresql-plperl-8.1_8.1.17-0etch1_sparc.deb oldstable/main/binary-sparc/libecpg-compat2_8.1.17-0etch1_sparc.deb oldstable/main/binary-sparc/libpq-dev_8.1.17-0etch1_sparc.deb oldstable/main/binary-sparc/postgresql-server-dev-8.1_8.1.17-0etch1_sparc.deb oldstable/main/binary-sparc/postgresql-8.1_8.1.17-0etch1_sparc.deb oldstable/main/binary-sparc/postgresql-client-8.1_8.1.17-0etch1_sparc.deb oldstable/main/binary-sparc/postgresql-plpython-8.1_8.1.17-0etch1_sparc.deb postgresql-8.1 (8.1.17-0etch1) oldstable; urgency=low * New upstream bug fix release 8.1.17: - Prevent error recursion crashes when encoding conversion fails. This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. - Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function. This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. - Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument. - Fix decompilation of CASE WHEN with an implicit coercion. - Fix possible misassignment of the owner of a TOAST table's rowtype. If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed by someone other than the table owner, the pg_type entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or "owner of data type appears to be invalid" warnings from pg_dump after having done so (in 8.3). - Clean up PL/pgSQL error status variables fully at block exit. This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function. - Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations. oldstable/main/binary-s390/libecpg5_8.1.17-0etch1_s390.deb oldstable/main/binary-s390/postgresql-server-dev-8.1_8.1.17-0etch1_s390.deb oldstable/main/binary-s390/postgresql-plpython-8.1_8.1.17-0etch1_s390.deb oldstable/main/binary-s390/libecpg-compat2_8.1.17-0etch1_s390.deb oldstable/main/binary-s390/postgresql-plperl-8.1_8.1.17-0etch1_s390.deb oldstable/main/binary-s390/postgresql-contrib-8.1_8.1.17-0etch1_s390.deb oldstable/main/binary-s390/libpq-dev_8.1.17-0etch1_s390.deb oldstable/main/binary-s390/postgresql-client-8.1_8.1.17-0etch1_s390.deb oldstable/main/binary-s390/postgresql-8.1_8.1.17-0etch1_s390.deb oldstable/main/binary-s390/libpq4_8.1.17-0etch1_s390.deb oldstable/main/binary-s390/libecpg-dev_8.1.17-0etch1_s390.deb oldstable/main/binary-s390/libpgtypes2_8.1.17-0etch1_s390.deb oldstable/main/binary-s390/postgresql-pltcl-8.1_8.1.17-0etch1_s390.deb postgresql-8.1 (8.1.17-0etch1) oldstable; urgency=low * New upstream bug fix release 8.1.17: - Prevent error recursion crashes when encoding conversion fails. This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. - Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function. This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. - Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument. - Fix decompilation of CASE WHEN with an implicit coercion. - Fix possible misassignment of the owner of a TOAST table's rowtype. If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed by someone other than the table owner, the pg_type entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or "owner of data type appears to be invalid" warnings from pg_dump after having done so (in 8.3). - Clean up PL/pgSQL error status variables fully at block exit. This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function. - Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations. oldstable/main/binary-powerpc/libpq4_8.1.17-0etch1_powerpc.deb oldstable/main/binary-powerpc/postgresql-contrib-8.1_8.1.17-0etch1_powerpc.deb oldstable/main/binary-powerpc/libecpg-compat2_8.1.17-0etch1_powerpc.deb oldstable/main/binary-powerpc/postgresql-server-dev-8.1_8.1.17-0etch1_powerpc.deb oldstable/main/binary-powerpc/postgresql-client-8.1_8.1.17-0etch1_powerpc.deb oldstable/main/binary-powerpc/postgresql-8.1_8.1.17-0etch1_powerpc.deb oldstable/main/binary-powerpc/postgresql-plperl-8.1_8.1.17-0etch1_powerpc.deb oldstable/main/binary-powerpc/libpgtypes2_8.1.17-0etch1_powerpc.deb oldstable/main/binary-powerpc/libecpg5_8.1.17-0etch1_powerpc.deb oldstable/main/binary-powerpc/postgresql-pltcl-8.1_8.1.17-0etch1_powerpc.deb oldstable/main/binary-powerpc/libecpg-dev_8.1.17-0etch1_powerpc.deb oldstable/main/binary-powerpc/libpq-dev_8.1.17-0etch1_powerpc.deb oldstable/main/binary-powerpc/postgresql-plpython-8.1_8.1.17-0etch1_powerpc.deb postgresql-8.1 (8.1.17-0etch1) oldstable; urgency=low * New upstream bug fix release 8.1.17: - Prevent error recursion crashes when encoding conversion fails. This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. - Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function. This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. - Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument. - Fix decompilation of CASE WHEN with an implicit coercion. - Fix possible misassignment of the owner of a TOAST table's rowtype. If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed by someone other than the table owner, the pg_type entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or "owner of data type appears to be invalid" warnings from pg_dump after having done so (in 8.3). - Clean up PL/pgSQL error status variables fully at block exit. This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function. - Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations. oldstable/main/binary-mipsel/postgresql-client-8.1_8.1.17-0etch1_mipsel.deb oldstable/main/binary-mipsel/postgresql-plperl-8.1_8.1.17-0etch1_mipsel.deb oldstable/main/binary-mipsel/libecpg-compat2_8.1.17-0etch1_mipsel.deb oldstable/main/binary-mipsel/libecpg-dev_8.1.17-0etch1_mipsel.deb oldstable/main/binary-mipsel/postgresql-server-dev-8.1_8.1.17-0etch1_mipsel.deb oldstable/main/binary-mipsel/libpq4_8.1.17-0etch1_mipsel.deb oldstable/main/binary-mipsel/libpgtypes2_8.1.17-0etch1_mipsel.deb oldstable/main/binary-mipsel/postgresql-8.1_8.1.17-0etch1_mipsel.deb oldstable/main/binary-mipsel/postgresql-pltcl-8.1_8.1.17-0etch1_mipsel.deb oldstable/main/binary-mipsel/postgresql-plpython-8.1_8.1.17-0etch1_mipsel.deb oldstable/main/binary-mipsel/libpq-dev_8.1.17-0etch1_mipsel.deb oldstable/main/binary-mipsel/postgresql-contrib-8.1_8.1.17-0etch1_mipsel.deb oldstable/main/binary-mipsel/libecpg5_8.1.17-0etch1_mipsel.deb postgresql-8.1 (8.1.17-0etch1) oldstable; urgency=low * New upstream bug fix release 8.1.17: - Prevent error recursion crashes when encoding conversion fails. This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. - Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function. This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. - Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument. - Fix decompilation of CASE WHEN with an implicit coercion. - Fix possible misassignment of the owner of a TOAST table's rowtype. If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed by someone other than the table owner, the pg_type entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or "owner of data type appears to be invalid" warnings from pg_dump after having done so (in 8.3). - Clean up PL/pgSQL error status variables fully at block exit. This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function. - Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations. oldstable/main/binary-mips/postgresql-client-8.1_8.1.17-0etch1_mips.deb oldstable/main/binary-mips/postgresql-plpython-8.1_8.1.17-0etch1_mips.deb oldstable/main/binary-mips/postgresql-server-dev-8.1_8.1.17-0etch1_mips.deb oldstable/main/binary-mips/postgresql-contrib-8.1_8.1.17-0etch1_mips.deb oldstable/main/binary-mips/libpq-dev_8.1.17-0etch1_mips.deb oldstable/main/binary-mips/libpq4_8.1.17-0etch1_mips.deb oldstable/main/binary-mips/libecpg-dev_8.1.17-0etch1_mips.deb oldstable/main/binary-mips/libecpg5_8.1.17-0etch1_mips.deb oldstable/main/binary-mips/libecpg-compat2_8.1.17-0etch1_mips.deb oldstable/main/binary-mips/libpgtypes2_8.1.17-0etch1_mips.deb oldstable/main/binary-mips/postgresql-plperl-8.1_8.1.17-0etch1_mips.deb oldstable/main/binary-mips/postgresql-pltcl-8.1_8.1.17-0etch1_mips.deb oldstable/main/binary-mips/postgresql-8.1_8.1.17-0etch1_mips.deb postgresql-8.1 (8.1.17-0etch1) oldstable; urgency=low * New upstream bug fix release 8.1.17: - Prevent error recursion crashes when encoding conversion fails. This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. - Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function. This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. - Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument. - Fix decompilation of CASE WHEN with an implicit coercion. - Fix possible misassignment of the owner of a TOAST table's rowtype. If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed by someone other than the table owner, the pg_type entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or "owner of data type appears to be invalid" warnings from pg_dump after having done so (in 8.3). - Clean up PL/pgSQL error status variables fully at block exit. This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function. - Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations. oldstable/main/binary-ia64/postgresql-pltcl-8.1_8.1.17-0etch1_ia64.deb oldstable/main/binary-ia64/libecpg-compat2_8.1.17-0etch1_ia64.deb oldstable/main/binary-ia64/postgresql-8.1_8.1.17-0etch1_ia64.deb oldstable/main/binary-ia64/libpq-dev_8.1.17-0etch1_ia64.deb oldstable/main/binary-ia64/postgresql-contrib-8.1_8.1.17-0etch1_ia64.deb oldstable/main/binary-ia64/postgresql-client-8.1_8.1.17-0etch1_ia64.deb oldstable/main/binary-ia64/libecpg5_8.1.17-0etch1_ia64.deb oldstable/main/binary-ia64/libecpg-dev_8.1.17-0etch1_ia64.deb oldstable/main/binary-ia64/postgresql-plperl-8.1_8.1.17-0etch1_ia64.deb oldstable/main/binary-ia64/postgresql-plpython-8.1_8.1.17-0etch1_ia64.deb oldstable/main/binary-ia64/postgresql-server-dev-8.1_8.1.17-0etch1_ia64.deb oldstable/main/binary-ia64/libpgtypes2_8.1.17-0etch1_ia64.deb oldstable/main/binary-ia64/libpq4_8.1.17-0etch1_ia64.deb postgresql-8.1 (8.1.17-0etch1) oldstable; urgency=low * New upstream bug fix release 8.1.17: - Prevent error recursion crashes when encoding conversion fails. This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. - Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function. This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. - Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument. - Fix decompilation of CASE WHEN with an implicit coercion. - Fix possible misassignment of the owner of a TOAST table's rowtype. If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed by someone other than the table owner, the pg_type entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or "owner of data type appears to be invalid" warnings from pg_dump after having done so (in 8.3). - Clean up PL/pgSQL error status variables fully at block exit. This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function. - Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations. oldstable/main/binary-hppa/postgresql-8.1_8.1.17-0etch1_hppa.deb oldstable/main/binary-hppa/postgresql-pltcl-8.1_8.1.17-0etch1_hppa.deb oldstable/main/binary-hppa/postgresql-plperl-8.1_8.1.17-0etch1_hppa.deb oldstable/main/binary-hppa/libpq-dev_8.1.17-0etch1_hppa.deb oldstable/main/binary-hppa/postgresql-plpython-8.1_8.1.17-0etch1_hppa.deb oldstable/main/binary-hppa/libecpg-dev_8.1.17-0etch1_hppa.deb oldstable/main/binary-hppa/postgresql-client-8.1_8.1.17-0etch1_hppa.deb oldstable/main/binary-hppa/libpgtypes2_8.1.17-0etch1_hppa.deb oldstable/main/binary-hppa/libecpg5_8.1.17-0etch1_hppa.deb oldstable/main/binary-hppa/postgresql-contrib-8.1_8.1.17-0etch1_hppa.deb oldstable/main/binary-hppa/libpq4_8.1.17-0etch1_hppa.deb oldstable/main/binary-hppa/postgresql-server-dev-8.1_8.1.17-0etch1_hppa.deb oldstable/main/binary-hppa/libecpg-compat2_8.1.17-0etch1_hppa.deb postgresql-8.1 (8.1.17-0etch1) oldstable; urgency=low * New upstream bug fix release 8.1.17: - Prevent error recursion crashes when encoding conversion fails. This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. - Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function. This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. - Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument. - Fix decompilation of CASE WHEN with an implicit coercion. - Fix possible misassignment of the owner of a TOAST table's rowtype. If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed by someone other than the table owner, the pg_type entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or "owner of data type appears to be invalid" warnings from pg_dump after having done so (in 8.3). - Clean up PL/pgSQL error status variables fully at block exit. This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function. - Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations. oldstable/main/binary-arm/postgresql-contrib-8.1_8.1.17-0etch1_arm.deb oldstable/main/binary-arm/postgresql-client-8.1_8.1.17-0etch1_arm.deb oldstable/main/binary-arm/postgresql-pltcl-8.1_8.1.17-0etch1_arm.deb oldstable/main/binary-arm/postgresql-plperl-8.1_8.1.17-0etch1_arm.deb oldstable/main/binary-arm/libpq4_8.1.17-0etch1_arm.deb oldstable/main/binary-arm/postgresql-plpython-8.1_8.1.17-0etch1_arm.deb oldstable/main/binary-arm/libpgtypes2_8.1.17-0etch1_arm.deb oldstable/main/binary-arm/libecpg-dev_8.1.17-0etch1_arm.deb oldstable/main/binary-arm/postgresql-server-dev-8.1_8.1.17-0etch1_arm.deb oldstable/main/binary-arm/postgresql-8.1_8.1.17-0etch1_arm.deb oldstable/main/binary-arm/libpq-dev_8.1.17-0etch1_arm.deb oldstable/main/binary-arm/libecpg-compat2_8.1.17-0etch1_arm.deb oldstable/main/binary-arm/libecpg5_8.1.17-0etch1_arm.deb postgresql-8.1 (8.1.17-0etch1) oldstable; urgency=low * New upstream bug fix release 8.1.17: - Prevent error recursion crashes when encoding conversion fails. This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. - Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function. This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. - Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument. - Fix decompilation of CASE WHEN with an implicit coercion. - Fix possible misassignment of the owner of a TOAST table's rowtype. If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed by someone other than the table owner, the pg_type entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or "owner of data type appears to be invalid" warnings from pg_dump after having done so (in 8.3). - Clean up PL/pgSQL error status variables fully at block exit. This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function. - Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations. oldstable/main/binary-amd64/postgresql-pltcl-8.1_8.1.17-0etch1_amd64.deb oldstable/main/binary-amd64/postgresql-server-dev-8.1_8.1.17-0etch1_amd64.deb oldstable/main/binary-amd64/postgresql-contrib-8.1_8.1.17-0etch1_amd64.deb oldstable/main/binary-amd64/libecpg-compat2_8.1.17-0etch1_amd64.deb oldstable/main/binary-amd64/libecpg-dev_8.1.17-0etch1_amd64.deb oldstable/main/binary-amd64/libpgtypes2_8.1.17-0etch1_amd64.deb oldstable/main/binary-amd64/libecpg5_8.1.17-0etch1_amd64.deb oldstable/main/binary-amd64/postgresql-plperl-8.1_8.1.17-0etch1_amd64.deb oldstable/main/binary-amd64/libpq-dev_8.1.17-0etch1_amd64.deb oldstable/main/binary-amd64/postgresql-plpython-8.1_8.1.17-0etch1_amd64.deb oldstable/main/binary-amd64/postgresql-client-8.1_8.1.17-0etch1_amd64.deb oldstable/main/binary-amd64/postgresql-8.1_8.1.17-0etch1_amd64.deb oldstable/main/binary-amd64/libpq4_8.1.17-0etch1_amd64.deb postgresql-8.1 (8.1.17-0etch1) oldstable; urgency=low * New upstream bug fix release 8.1.17: - Prevent error recursion crashes when encoding conversion fails. This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. - Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function. This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. - Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument. - Fix decompilation of CASE WHEN with an implicit coercion. - Fix possible misassignment of the owner of a TOAST table's rowtype. If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed by someone other than the table owner, the pg_type entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or "owner of data type appears to be invalid" warnings from pg_dump after having done so (in 8.3). - Clean up PL/pgSQL error status variables fully at block exit. This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function. - Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations. oldstable/main/binary-alpha/postgresql-contrib-8.1_8.1.17-0etch1_alpha.deb oldstable/main/binary-alpha/postgresql-server-dev-8.1_8.1.17-0etch1_alpha.deb oldstable/main/binary-alpha/libpq-dev_8.1.17-0etch1_alpha.deb oldstable/main/binary-alpha/postgresql-plperl-8.1_8.1.17-0etch1_alpha.deb oldstable/main/binary-alpha/postgresql-plpython-8.1_8.1.17-0etch1_alpha.deb oldstable/main/binary-alpha/postgresql-client-8.1_8.1.17-0etch1_alpha.deb oldstable/main/binary-alpha/libpq4_8.1.17-0etch1_alpha.deb oldstable/main/binary-alpha/postgresql-pltcl-8.1_8.1.17-0etch1_alpha.deb oldstable/main/binary-alpha/libpgtypes2_8.1.17-0etch1_alpha.deb oldstable/main/binary-alpha/libecpg-dev_8.1.17-0etch1_alpha.deb oldstable/main/binary-alpha/postgresql-8.1_8.1.17-0etch1_alpha.deb oldstable/main/binary-alpha/libecpg-compat2_8.1.17-0etch1_alpha.deb oldstable/main/binary-alpha/libecpg5_8.1.17-0etch1_alpha.deb postgresql-8.1 (8.1.17-0etch1) oldstable; urgency=low * New upstream bug fix release 8.1.17: - Prevent error recursion crashes when encoding conversion fails. This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. - Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function. This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. - Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument. - Fix decompilation of CASE WHEN with an implicit coercion. - Fix possible misassignment of the owner of a TOAST table's rowtype. If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed by someone other than the table owner, the pg_type entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or "owner of data type appears to be invalid" warnings from pg_dump after having done so (in 8.3). - Clean up PL/pgSQL error status variables fully at block exit. This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function. - Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations. oldstable/main/source/postgresql-8.1_8.1.17.orig.tar.gz oldstable/main/binary-i386/libpq4_8.1.17-0etch1_i386.deb oldstable/main/binary-i386/libecpg-dev_8.1.17-0etch1_i386.deb oldstable/main/binary-i386/postgresql-client-8.1_8.1.17-0etch1_i386.deb oldstable/main/source/postgresql-8.1_8.1.17-0etch1.diff.gz oldstable/main/binary-i386/postgresql-pltcl-8.1_8.1.17-0etch1_i386.deb oldstable/main/binary-i386/libecpg-compat2_8.1.17-0etch1_i386.deb oldstable/main/binary-i386/libecpg5_8.1.17-0etch1_i386.deb oldstable/main/source/postgresql-8.1_8.1.17-0etch1.dsc oldstable/main/binary-i386/postgresql-8.1_8.1.17-0etch1_i386.deb oldstable/main/binary-i386/postgresql-server-dev-8.1_8.1.17-0etch1_i386.deb oldstable/main/binary-all/postgresql-doc-8.1_8.1.17-0etch1_all.deb oldstable/main/binary-i386/postgresql-plperl-8.1_8.1.17-0etch1_i386.deb oldstable/main/binary-i386/libpq-dev_8.1.17-0etch1_i386.deb oldstable/main/binary-i386/libpgtypes2_8.1.17-0etch1_i386.deb oldstable/main/binary-i386/postgresql-plpython-8.1_8.1.17-0etch1_i386.deb oldstable/main/binary-i386/postgresql-contrib-8.1_8.1.17-0etch1_i386.deb postgresql-8.1 (8.1.17-0etch1) oldstable; urgency=low * New upstream bug fix release 8.1.17: - Prevent error recursion crashes when encoding conversion fails. This change extends fixes made in the last two minor releases for related failure scenarios. The previous fixes were narrowly tailored for the original problem reports, but we have now recognized that *any* error thrown by an encoding conversion function could potentially lead to infinite recursion while trying to report the error. The solution therefore is to disable translation and encoding conversion and report the plain-ASCII form of any error message, if we find we have gotten into a recursive error reporting situation. - Disallow "CREATE CONVERSION" with the wrong encodings for the specified conversion function. This prevents one possible scenario for encoding conversion failure. The previous change is a backstop to guard against other kinds of failures in the same area. - Fix core dump when to_char() is given format codes that are inappropriate for the type of the data argument. - Fix decompilation of CASE WHEN with an implicit coercion. - Fix possible misassignment of the owner of a TOAST table's rowtype. If "CLUSTER" or a rewriting variant of "ALTER TABLE" were executed by someone other than the table owner, the pg_type entry for the table's TOAST table would end up marked as owned by that someone. This caused no immediate problems, since the permissions on the TOAST rowtype aren't examined by any ordinary database operation. However, it could lead to unexpected failures if one later tried to drop the role that issued the command (in 8.1 or 8.2), or "owner of data type appears to be invalid" warnings from pg_dump after having done so (in 8.3). - Clean up PL/pgSQL error status variables fully at block exit. This is not a problem for PL/pgSQL itself, but the omission could cause the PL/pgSQL Debugger to crash while examining the state of a function. - Add MUST (Mauritius Island Summer Time) to the default list of known timezone abbreviations. oldstable/main/source/phpmyadmin_2.9.1.1-10.dsc oldstable/main/binary-all/phpmyadmin_2.9.1.1-10_all.deb oldstable/main/source/phpmyadmin_2.9.1.1-10.diff.gz phpmyadmin (4:2.9.1.1-10) stable-security; urgency=high * Add fix for cross site scripting attack through the table parameter (CVE-2008-5621). oldstable/main/binary-sparc/libpam-modules_0.79-5+etch1_sparc.deb oldstable/main/binary-sparc/libpam0g-dev_0.79-5+etch1_sparc.deb oldstable/main/binary-sparc/libpam0g_0.79-5+etch1_sparc.deb oldstable/main/binary-sparc/libpam-cracklib_0.79-5+etch1_sparc.deb pam (0.79-5+etch1) oldstable; urgency=high * Security NMU, high urgency. * Fix signedness error in _pam_StrTok(), CVE-2009-0887. Closes: #520115. oldstable/main/binary-s390/libpam-modules_0.79-5+etch1_s390.deb oldstable/main/binary-s390/libpam0g-dev_0.79-5+etch1_s390.deb oldstable/main/binary-s390/libpam-cracklib_0.79-5+etch1_s390.deb oldstable/main/binary-s390/libpam0g_0.79-5+etch1_s390.deb pam (0.79-5+etch1) oldstable; urgency=high * Security NMU, high urgency. * Fix signedness error in _pam_StrTok(), CVE-2009-0887. Closes: #520115. oldstable/main/binary-powerpc/libpam0g_0.79-5+etch1_powerpc.deb oldstable/main/binary-powerpc/libpam-cracklib_0.79-5+etch1_powerpc.deb oldstable/main/binary-powerpc/libpam-modules_0.79-5+etch1_powerpc.deb oldstable/main/binary-powerpc/libpam0g-dev_0.79-5+etch1_powerpc.deb pam (0.79-5+etch1) oldstable; urgency=high * Security NMU, high urgency. * Fix signedness error in _pam_StrTok(), CVE-2009-0887. Closes: #520115. oldstable/main/binary-mipsel/libpam0g-dev_0.79-5+etch1_mipsel.deb oldstable/main/binary-mipsel/libpam0g_0.79-5+etch1_mipsel.deb oldstable/main/binary-mipsel/libpam-cracklib_0.79-5+etch1_mipsel.deb oldstable/main/binary-mipsel/libpam-modules_0.79-5+etch1_mipsel.deb pam (0.79-5+etch1) oldstable; urgency=high * Security NMU, high urgency. * Fix signedness error in _pam_StrTok(), CVE-2009-0887. Closes: #520115. oldstable/main/binary-mips/libpam0g_0.79-5+etch1_mips.deb oldstable/main/binary-mips/libpam-modules_0.79-5+etch1_mips.deb oldstable/main/binary-mips/libpam0g-dev_0.79-5+etch1_mips.deb oldstable/main/binary-mips/libpam-cracklib_0.79-5+etch1_mips.deb pam (0.79-5+etch1) oldstable; urgency=high * Security NMU, high urgency. * Fix signedness error in _pam_StrTok(), CVE-2009-0887. Closes: #520115. oldstable/main/binary-ia64/libpam-cracklib_0.79-5+etch1_ia64.deb oldstable/main/binary-ia64/libpam0g-dev_0.79-5+etch1_ia64.deb oldstable/main/binary-ia64/libpam-modules_0.79-5+etch1_ia64.deb oldstable/main/binary-ia64/libpam0g_0.79-5+etch1_ia64.deb pam (0.79-5+etch1) oldstable; urgency=high * Security NMU, high urgency. * Fix signedness error in _pam_StrTok(), CVE-2009-0887. Closes: #520115. oldstable/main/binary-hppa/libpam0g-dev_0.79-5+etch1_hppa.deb oldstable/main/binary-hppa/libpam0g_0.79-5+etch1_hppa.deb oldstable/main/binary-hppa/libpam-modules_0.79-5+etch1_hppa.deb oldstable/main/binary-hppa/libpam-cracklib_0.79-5+etch1_hppa.deb pam (0.79-5+etch1) oldstable; urgency=high * Security NMU, high urgency. * Fix signedness error in _pam_StrTok(), CVE-2009-0887. Closes: #520115. oldstable/main/binary-arm/libpam0g-dev_0.79-5+etch1_arm.deb oldstable/main/binary-arm/libpam-cracklib_0.79-5+etch1_arm.deb oldstable/main/binary-arm/libpam-modules_0.79-5+etch1_arm.deb oldstable/main/binary-arm/libpam0g_0.79-5+etch1_arm.deb pam (0.79-5+etch1) oldstable; urgency=high * Security NMU, high urgency. * Fix signedness error in _pam_StrTok(), CVE-2009-0887. Closes: #520115. oldstable/main/binary-amd64/libpam0g-dev_0.79-5+etch1_amd64.deb oldstable/main/binary-amd64/libpam-modules_0.79-5+etch1_amd64.deb oldstable/main/binary-amd64/libpam0g_0.79-5+etch1_amd64.deb oldstable/main/binary-amd64/libpam-cracklib_0.79-5+etch1_amd64.deb pam (0.79-5+etch1) oldstable; urgency=high * Security NMU, high urgency. * Fix signedness error in _pam_StrTok(), CVE-2009-0887. Closes: #520115. oldstable/main/binary-alpha/libpam-modules_0.79-5+etch1_alpha.deb oldstable/main/binary-alpha/libpam0g_0.79-5+etch1_alpha.deb oldstable/main/binary-alpha/libpam0g-dev_0.79-5+etch1_alpha.deb oldstable/main/binary-alpha/libpam-cracklib_0.79-5+etch1_alpha.deb pam (0.79-5+etch1) oldstable; urgency=high * Security NMU, high urgency. * Fix signedness error in _pam_StrTok(), CVE-2009-0887. Closes: #520115. oldstable/main/binary-all/libpam-runtime_0.79-5+etch1_all.deb oldstable/main/binary-i386/libpam-modules_0.79-5+etch1_i386.deb oldstable/main/binary-i386/libpam0g-dev_0.79-5+etch1_i386.deb oldstable/main/binary-i386/libpam0g_0.79-5+etch1_i386.deb oldstable/main/binary-all/libpam-doc_0.79-5+etch1_all.deb oldstable/main/binary-i386/libpam-cracklib_0.79-5+etch1_i386.deb oldstable/main/source/pam_0.79-5+etch1.diff.gz oldstable/main/source/pam_0.79-5+etch1.dsc pam (0.79-5+etch1) oldstable; urgency=high * Security NMU, high urgency. * Fix signedness error in _pam_StrTok(), CVE-2009-0887. Closes: #520115. oldstable/main/binary-sparc/optipng_0.5.5-2_sparc.deb optipng (0.5.5-2) oldstable; urgency=low * Security upload - Fix an array overflow vulnerability (CVE-2009-0749). oldstable/main/binary-s390/optipng_0.5.5-2_s390.deb optipng (0.5.5-2) oldstable; urgency=low * Security upload - Fix an array overflow vulnerability (CVE-2009-0749). oldstable/main/binary-powerpc/optipng_0.5.5-2_powerpc.deb optipng (0.5.5-2) oldstable; urgency=low * Security upload - Fix an array overflow vulnerability (CVE-2009-0749). oldstable/main/binary-mipsel/optipng_0.5.5-2_mipsel.deb optipng (0.5.5-2) oldstable; urgency=low * Security upload - Fix an array overflow vulnerability (CVE-2009-0749). oldstable/main/binary-mips/optipng_0.5.5-2_mips.deb optipng (0.5.5-2) oldstable; urgency=low * Security upload - Fix an array overflow vulnerability (CVE-2009-0749). oldstable/main/binary-ia64/optipng_0.5.5-2_ia64.deb optipng (0.5.5-2) oldstable; urgency=low * Security upload - Fix an array overflow vulnerability (CVE-2009-0749). oldstable/main/binary-i386/optipng_0.5.5-2_i386.deb optipng (0.5.5-2) oldstable; urgency=low * Security upload - Fix an array overflow vulnerability (CVE-2009-0749). oldstable/main/binary-hppa/optipng_0.5.5-2_hppa.deb optipng (0.5.5-2) oldstable; urgency=low * Security upload - Fix an array overflow vulnerability (CVE-2009-0749). oldstable/main/binary-arm/optipng_0.5.5-2_arm.deb optipng (0.5.5-2) oldstable; urgency=low * Security upload - Fix an array overflow vulnerability (CVE-2009-0749). oldstable/main/binary-alpha/optipng_0.5.5-2_alpha.deb optipng (0.5.5-2) oldstable; urgency=low * Security upload - Fix an array overflow vulnerability (CVE-2009-0749). oldstable/main/binary-amd64/optipng_0.5.5-2_amd64.deb oldstable/main/source/optipng_0.5.5-2.dsc oldstable/main/source/optipng_0.5.5-2.diff.gz optipng (0.5.5-2) oldstable; urgency=low * Security upload - Fix an array overflow vulnerability (CVE-2009-0749). oldstable/main/binary-sparc/openswan_2.4.6+dfsg.2-1.1+etch1_sparc.deb openswan (1:2.4.6+dfsg.2-1.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 * Fix insecure temp file handling in the livetest script (Closes: #496374) Fixes: CVE-2008-4190 oldstable/main/binary-s390/openswan_2.4.6+dfsg.2-1.1+etch1_s390.deb openswan (1:2.4.6+dfsg.2-1.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 * Fix insecure temp file handling in the livetest script (Closes: #496374) Fixes: CVE-2008-4190 oldstable/main/binary-powerpc/openswan_2.4.6+dfsg.2-1.1+etch1_powerpc.deb openswan (1:2.4.6+dfsg.2-1.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 * Fix insecure temp file handling in the livetest script (Closes: #496374) Fixes: CVE-2008-4190 oldstable/main/binary-mipsel/openswan_2.4.6+dfsg.2-1.1+etch1_mipsel.deb openswan (1:2.4.6+dfsg.2-1.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 * Fix insecure temp file handling in the livetest script (Closes: #496374) Fixes: CVE-2008-4190 oldstable/main/binary-mips/openswan_2.4.6+dfsg.2-1.1+etch1_mips.deb openswan (1:2.4.6+dfsg.2-1.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 * Fix insecure temp file handling in the livetest script (Closes: #496374) Fixes: CVE-2008-4190 oldstable/main/binary-ia64/openswan_2.4.6+dfsg.2-1.1+etch1_ia64.deb openswan (1:2.4.6+dfsg.2-1.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 * Fix insecure temp file handling in the livetest script (Closes: #496374) Fixes: CVE-2008-4190 oldstable/main/binary-hppa/openswan_2.4.6+dfsg.2-1.1+etch1_hppa.deb openswan (1:2.4.6+dfsg.2-1.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 * Fix insecure temp file handling in the livetest script (Closes: #496374) Fixes: CVE-2008-4190 oldstable/main/binary-arm/openswan_2.4.6+dfsg.2-1.1+etch1_arm.deb openswan (1:2.4.6+dfsg.2-1.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 * Fix insecure temp file handling in the livetest script (Closes: #496374) Fixes: CVE-2008-4190 oldstable/main/binary-amd64/openswan_2.4.6+dfsg.2-1.1+etch1_amd64.deb openswan (1:2.4.6+dfsg.2-1.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 * Fix insecure temp file handling in the livetest script (Closes: #496374) Fixes: CVE-2008-4190 oldstable/main/binary-alpha/openswan_2.4.6+dfsg.2-1.1+etch1_alpha.deb openswan (1:2.4.6+dfsg.2-1.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 * Fix insecure temp file handling in the livetest script (Closes: #496374) Fixes: CVE-2008-4190 oldstable/main/binary-i386/openswan_2.4.6+dfsg.2-1.1+etch1_i386.deb oldstable/main/source/openswan_2.4.6+dfsg.2-1.1+etch1.diff.gz oldstable/main/binary-all/linux-patch-openswan_2.4.6+dfsg.2-1.1+etch1_all.deb oldstable/main/binary-all/openswan-modules-source_2.4.6+dfsg.2-1.1+etch1_all.deb oldstable/main/source/openswan_2.4.6+dfsg.2-1.1+etch1.dsc openswan (1:2.4.6+dfsg.2-1.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS issue via malicious Dead Peer Detection packet Fixes: CVE-2009-0790 * Fix insecure temp file handling in the livetest script (Closes: #496374) Fixes: CVE-2008-4190 oldstable/main/binary-amd64/ndiswrapper-utils-1.9_1.28-1+etch1_amd64.deb ndiswrapper (1.28-1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix multiple buffer overflows via crafted wireless network traffic (Closes: #504696) Fixes: CVE-2008-4395 oldstable/main/source/ndiswrapper_1.28-1+etch1.diff.gz oldstable/main/binary-all/ndiswrapper-common_1.28-1+etch1_all.deb oldstable/main/binary-i386/ndiswrapper-utils-1.9_1.28-1+etch1_i386.deb oldstable/main/binary-all/ndiswrapper-source_1.28-1+etch1_all.deb oldstable/main/source/ndiswrapper_1.28-1+etch1.dsc ndiswrapper (1.28-1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix multiple buffer overflows via crafted wireless network traffic (Closes: #504696) Fixes: CVE-2008-4395 oldstable/main/source/moodle_1.6.3-2+etch2.dsc oldstable/main/binary-all/moodle_1.6.3-2+etch2_all.deb oldstable/main/source/moodle_1.6.3-2+etch2.diff.gz moodle (1.6.3-2+etch2) stable-security; urgency=high * Security update based on Moodle 1.6.9 (closes: #514284) - Fix XSS vulnerabilities in "login as" in HTML block (CVE-2009-0502) - Remove unusused htmlarea plugin (CVE-2008-5153) - Fix XSS vulnerabilities in log display (CVE-2009-0500) oldstable/main/binary-all/libweather-com-perl_0.5.0-3etch1_all.deb oldstable/main/source/libweather-com-perl_0.5.0-3etch1.dsc oldstable/main/source/libweather-com-perl_0.5.0-3etch1.diff.gz libweather-com-perl (0.5.0-3etch1) oldstable; urgency=low * Include patch to fix issue where weather.com's interface changes on May 2008. See http://rt.cpan.org/Public/Bug/Display.html?id=35681 * Upload to Etch as authorized by Luk Claes. oldstable/main/binary-sparc/libtk-img_1.3-15etch3_sparc.deb libtk-img (1:1.3-15etch3) oldstable-security; urgency=high * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF. * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5378 overflow triggered by crafted GIF file. oldstable/main/binary-s390/libtk-img_1.3-15etch3_s390.deb libtk-img (1:1.3-15etch3) oldstable-security; urgency=high * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF. * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5378 overflow triggered by crafted GIF file. oldstable/main/binary-powerpc/libtk-img_1.3-15etch3_powerpc.deb libtk-img (1:1.3-15etch3) oldstable-security; urgency=high * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF. * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5378 overflow triggered by crafted GIF file. oldstable/main/binary-mipsel/libtk-img_1.3-15etch3_mipsel.deb libtk-img (1:1.3-15etch3) oldstable-security; urgency=high * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF. * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5378 overflow triggered by crafted GIF file. oldstable/main/binary-mips/libtk-img_1.3-15etch3_mips.deb libtk-img (1:1.3-15etch3) oldstable-security; urgency=high * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF. * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5378 overflow triggered by crafted GIF file. oldstable/main/binary-ia64/libtk-img_1.3-15etch3_ia64.deb libtk-img (1:1.3-15etch3) oldstable-security; urgency=high * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF. * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5378 overflow triggered by crafted GIF file. oldstable/main/binary-hppa/libtk-img_1.3-15etch3_hppa.deb libtk-img (1:1.3-15etch3) oldstable-security; urgency=high * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF. * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5378 overflow triggered by crafted GIF file. oldstable/main/binary-arm/libtk-img_1.3-15etch3_arm.deb libtk-img (1:1.3-15etch3) oldstable-security; urgency=high * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF. * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5378 overflow triggered by crafted GIF file. oldstable/main/binary-amd64/libtk-img_1.3-15etch3_amd64.deb libtk-img (1:1.3-15etch3) oldstable-security; urgency=high * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF. * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5378 overflow triggered by crafted GIF file. oldstable/main/binary-alpha/libtk-img_1.3-15etch3_alpha.deb libtk-img (1:1.3-15etch3) oldstable-security; urgency=high * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF. * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5378 overflow triggered by crafted GIF file. oldstable/main/source/libtk-img_1.3-15etch3.dsc oldstable/main/source/libtk-img_1.3-15etch3.diff.gz oldstable/main/binary-i386/libtk-img_1.3-15etch3_i386.deb libtk-img (1:1.3-15etch3) oldstable-security; urgency=high * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5137 arbitrary code execution via multi-frame interlaced GIF. * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes security vulnerability CVE-2007-5378 overflow triggered by crafted GIF file. oldstable/main/binary-sparc/libsndfile1_1.0.16-2+etch1_sparc.deb oldstable/main/binary-sparc/sndfile-programs_1.0.16-2+etch1_sparc.deb oldstable/main/binary-sparc/libsndfile1-dev_1.0.16-2+etch1_sparc.deb libsndfile (1.0.16-2+etch1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix integer overflow leading to a heap-based buffer overflow via a crafted CAF file by limiting the number of channels per frame (CVE-2009-0186). oldstable/main/binary-s390/sndfile-programs_1.0.16-2+etch1_s390.deb oldstable/main/binary-s390/libsndfile1_1.0.16-2+etch1_s390.deb oldstable/main/binary-s390/libsndfile1-dev_1.0.16-2+etch1_s390.deb libsndfile (1.0.16-2+etch1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix integer overflow leading to a heap-based buffer overflow via a crafted CAF file by limiting the number of channels per frame (CVE-2009-0186). oldstable/main/binary-powerpc/libsndfile1_1.0.16-2+etch1_powerpc.deb oldstable/main/binary-powerpc/sndfile-programs_1.0.16-2+etch1_powerpc.deb oldstable/main/binary-powerpc/libsndfile1-dev_1.0.16-2+etch1_powerpc.deb libsndfile (1.0.16-2+etch1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix integer overflow leading to a heap-based buffer overflow via a crafted CAF file by limiting the number of channels per frame (CVE-2009-0186). oldstable/main/binary-mipsel/sndfile-programs_1.0.16-2+etch1_mipsel.deb oldstable/main/binary-mipsel/libsndfile1_1.0.16-2+etch1_mipsel.deb oldstable/main/binary-mipsel/libsndfile1-dev_1.0.16-2+etch1_mipsel.deb libsndfile (1.0.16-2+etch1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix integer overflow leading to a heap-based buffer overflow via a crafted CAF file by limiting the number of channels per frame (CVE-2009-0186). oldstable/main/binary-mips/libsndfile1_1.0.16-2+etch1_mips.deb oldstable/main/binary-mips/sndfile-programs_1.0.16-2+etch1_mips.deb oldstable/main/binary-mips/libsndfile1-dev_1.0.16-2+etch1_mips.deb libsndfile (1.0.16-2+etch1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix integer overflow leading to a heap-based buffer overflow via a crafted CAF file by limiting the number of channels per frame (CVE-2009-0186). oldstable/main/binary-ia64/libsndfile1_1.0.16-2+etch1_ia64.deb oldstable/main/binary-ia64/sndfile-programs_1.0.16-2+etch1_ia64.deb oldstable/main/binary-ia64/libsndfile1-dev_1.0.16-2+etch1_ia64.deb libsndfile (1.0.16-2+etch1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix integer overflow leading to a heap-based buffer overflow via a crafted CAF file by limiting the number of channels per frame (CVE-2009-0186). oldstable/main/binary-i386/libsndfile1-dev_1.0.16-2+etch1_i386.deb oldstable/main/binary-i386/sndfile-programs_1.0.16-2+etch1_i386.deb oldstable/main/binary-i386/libsndfile1_1.0.16-2+etch1_i386.deb libsndfile (1.0.16-2+etch1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix integer overflow leading to a heap-based buffer overflow via a crafted CAF file by limiting the number of channels per frame (CVE-2009-0186). oldstable/main/binary-hppa/sndfile-programs_1.0.16-2+etch1_hppa.deb oldstable/main/binary-hppa/libsndfile1_1.0.16-2+etch1_hppa.deb oldstable/main/binary-hppa/libsndfile1-dev_1.0.16-2+etch1_hppa.deb libsndfile (1.0.16-2+etch1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix integer overflow leading to a heap-based buffer overflow via a crafted CAF file by limiting the number of channels per frame (CVE-2009-0186). oldstable/main/binary-arm/libsndfile1-dev_1.0.16-2+etch1_arm.deb oldstable/main/binary-arm/sndfile-programs_1.0.16-2+etch1_arm.deb oldstable/main/binary-arm/libsndfile1_1.0.16-2+etch1_arm.deb libsndfile (1.0.16-2+etch1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix integer overflow leading to a heap-based buffer overflow via a crafted CAF file by limiting the number of channels per frame (CVE-2009-0186). oldstable/main/binary-alpha/libsndfile1-dev_1.0.16-2+etch1_alpha.deb oldstable/main/binary-alpha/sndfile-programs_1.0.16-2+etch1_alpha.deb oldstable/main/binary-alpha/libsndfile1_1.0.16-2+etch1_alpha.deb libsndfile (1.0.16-2+etch1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix integer overflow leading to a heap-based buffer overflow via a crafted CAF file by limiting the number of channels per frame (CVE-2009-0186). oldstable/main/binary-amd64/libsndfile1-dev_1.0.16-2+etch1_amd64.deb oldstable/main/binary-amd64/libsndfile1_1.0.16-2+etch1_amd64.deb oldstable/main/binary-amd64/sndfile-programs_1.0.16-2+etch1_amd64.deb oldstable/main/source/libsndfile_1.0.16-2+etch1.dsc oldstable/main/source/libsndfile_1.0.16-2+etch1.diff.gz libsndfile (1.0.16-2+etch1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix integer overflow leading to a heap-based buffer overflow via a crafted CAF file by limiting the number of channels per frame (CVE-2009-0186). oldstable/main/binary-sparc/libpng12-0-udeb_1.2.15~beta5-1+etch2_sparc.udeb oldstable/main/binary-sparc/libpng12-0_1.2.15~beta5-1+etch2_sparc.deb oldstable/main/binary-sparc/libpng12-dev_1.2.15~beta5-1+etch2_sparc.deb libpng (1.2.15~beta5-1+etch2) oldstable-security; urgency=high * Fix memory leak on CRC errors in tEXt chunks (CVE-2008-6218). oldstable/main/binary-s390/libpng12-dev_1.2.15~beta5-1+etch2_s390.deb oldstable/main/binary-s390/libpng12-0_1.2.15~beta5-1+etch2_s390.deb oldstable/main/binary-s390/libpng12-0-udeb_1.2.15~beta5-1+etch2_s390.udeb libpng (1.2.15~beta5-1+etch2) oldstable-security; urgency=high * Fix memory leak on CRC errors in tEXt chunks (CVE-2008-6218). oldstable/main/binary-powerpc/libpng12-dev_1.2.15~beta5-1+etch2_powerpc.deb oldstable/main/binary-powerpc/libpng12-0_1.2.15~beta5-1+etch2_powerpc.deb oldstable/main/binary-powerpc/libpng12-0-udeb_1.2.15~beta5-1+etch2_powerpc.udeb libpng (1.2.15~beta5-1+etch2) oldstable-security; urgency=high * Fix memory leak on CRC errors in tEXt chunks (CVE-2008-6218). oldstable/main/binary-mipsel/libpng12-0-udeb_1.2.15~beta5-1+etch2_mipsel.udeb oldstable/main/binary-mipsel/libpng12-dev_1.2.15~beta5-1+etch2_mipsel.deb oldstable/main/binary-mipsel/libpng12-0_1.2.15~beta5-1+etch2_mipsel.deb libpng (1.2.15~beta5-1+etch2) oldstable-security; urgency=high * Fix memory leak on CRC errors in tEXt chunks (CVE-2008-6218). oldstable/main/binary-mips/libpng12-dev_1.2.15~beta5-1+etch2_mips.deb oldstable/main/binary-mips/libpng12-0_1.2.15~beta5-1+etch2_mips.deb oldstable/main/binary-mips/libpng12-0-udeb_1.2.15~beta5-1+etch2_mips.udeb libpng (1.2.15~beta5-1+etch2) oldstable-security; urgency=high * Fix memory leak on CRC errors in tEXt chunks (CVE-2008-6218). oldstable/main/binary-ia64/libpng12-dev_1.2.15~beta5-1+etch2_ia64.deb oldstable/main/binary-ia64/libpng12-0-udeb_1.2.15~beta5-1+etch2_ia64.udeb oldstable/main/binary-ia64/libpng12-0_1.2.15~beta5-1+etch2_ia64.deb libpng (1.2.15~beta5-1+etch2) oldstable-security; urgency=high * Fix memory leak on CRC errors in tEXt chunks (CVE-2008-6218). oldstable/main/binary-i386/libpng12-0-udeb_1.2.15~beta5-1+etch2_i386.udeb oldstable/main/binary-i386/libpng12-0_1.2.15~beta5-1+etch2_i386.deb oldstable/main/binary-i386/libpng12-dev_1.2.15~beta5-1+etch2_i386.deb libpng (1.2.15~beta5-1+etch2) oldstable-security; urgency=high * Fix memory leak on CRC errors in tEXt chunks (CVE-2008-6218). oldstable/main/binary-hppa/libpng12-0-udeb_1.2.15~beta5-1+etch2_hppa.udeb oldstable/main/binary-hppa/libpng12-dev_1.2.15~beta5-1+etch2_hppa.deb oldstable/main/binary-hppa/libpng12-0_1.2.15~beta5-1+etch2_hppa.deb libpng (1.2.15~beta5-1+etch2) oldstable-security; urgency=high * Fix memory leak on CRC errors in tEXt chunks (CVE-2008-6218). oldstable/main/binary-arm/libpng12-0-udeb_1.2.15~beta5-1+etch2_arm.udeb oldstable/main/binary-arm/libpng12-dev_1.2.15~beta5-1+etch2_arm.deb oldstable/main/binary-arm/libpng12-0_1.2.15~beta5-1+etch2_arm.deb libpng (1.2.15~beta5-1+etch2) oldstable-security; urgency=high * Fix memory leak on CRC errors in tEXt chunks (CVE-2008-6218). oldstable/main/binary-alpha/libpng12-dev_1.2.15~beta5-1+etch2_alpha.deb oldstable/main/binary-alpha/libpng12-0_1.2.15~beta5-1+etch2_alpha.deb oldstable/main/binary-alpha/libpng12-0-udeb_1.2.15~beta5-1+etch2_alpha.udeb libpng (1.2.15~beta5-1+etch2) oldstable-security; urgency=high * Fix memory leak on CRC errors in tEXt chunks (CVE-2008-6218). oldstable/main/binary-amd64/libpng12-0_1.2.15~beta5-1+etch2_amd64.deb oldstable/main/binary-amd64/libpng12-dev_1.2.15~beta5-1+etch2_amd64.deb oldstable/main/source/libpng_1.2.15~beta5-1+etch2.dsc oldstable/main/binary-all/libpng3_1.2.15~beta5-1+etch2_all.deb oldstable/main/source/libpng_1.2.15~beta5-1+etch2.diff.gz oldstable/main/binary-amd64/libpng12-0-udeb_1.2.15~beta5-1+etch2_amd64.udeb libpng (1.2.15~beta5-1+etch2) oldstable-security; urgency=high * Fix memory leak on CRC errors in tEXt chunks (CVE-2008-6218). oldstable/main/binary-sparc/libpam-krb5_2.6-1etch1_sparc.deb libpam-krb5 (2.6-1etch1) stable-security; urgency=high * SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore user environment variables that specify the local keytab and Kerberos configuration. Protects against a privilege escalation vulnerability. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-s390/libpam-krb5_2.6-1etch1_s390.deb libpam-krb5 (2.6-1etch1) stable-security; urgency=high * SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore user environment variables that specify the local keytab and Kerberos configuration. Protects against a privilege escalation vulnerability. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-powerpc/libpam-krb5_2.6-1etch1_powerpc.deb libpam-krb5 (2.6-1etch1) stable-security; urgency=high * SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore user environment variables that specify the local keytab and Kerberos configuration. Protects against a privilege escalation vulnerability. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-mipsel/libpam-krb5_2.6-1etch1_mipsel.deb libpam-krb5 (2.6-1etch1) stable-security; urgency=high * SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore user environment variables that specify the local keytab and Kerberos configuration. Protects against a privilege escalation vulnerability. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-mips/libpam-krb5_2.6-1etch1_mips.deb libpam-krb5 (2.6-1etch1) stable-security; urgency=high * SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore user environment variables that specify the local keytab and Kerberos configuration. Protects against a privilege escalation vulnerability. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-ia64/libpam-krb5_2.6-1etch1_ia64.deb libpam-krb5 (2.6-1etch1) stable-security; urgency=high * SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore user environment variables that specify the local keytab and Kerberos configuration. Protects against a privilege escalation vulnerability. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-hppa/libpam-krb5_2.6-1etch1_hppa.deb libpam-krb5 (2.6-1etch1) stable-security; urgency=high * SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore user environment variables that specify the local keytab and Kerberos configuration. Protects against a privilege escalation vulnerability. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-arm/libpam-krb5_2.6-1etch1_arm.deb libpam-krb5 (2.6-1etch1) stable-security; urgency=high * SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore user environment variables that specify the local keytab and Kerberos configuration. Protects against a privilege escalation vulnerability. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-amd64/libpam-krb5_2.6-1etch1_amd64.deb libpam-krb5 (2.6-1etch1) stable-security; urgency=high * SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore user environment variables that specify the local keytab and Kerberos configuration. Protects against a privilege escalation vulnerability. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-alpha/libpam-krb5_2.6-1etch1_alpha.deb libpam-krb5 (2.6-1etch1) stable-security; urgency=high * SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore user environment variables that specify the local keytab and Kerberos configuration. Protects against a privilege escalation vulnerability. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/source/libpam-krb5_2.6-1etch1.dsc oldstable/main/binary-i386/libpam-krb5_2.6-1etch1_i386.deb oldstable/main/source/libpam-krb5_2.6-1etch1.diff.gz libpam-krb5 (2.6-1etch1) stable-security; urgency=high * SECURITY (CVE-2009-0360): If invoked in a setuid context, ignore user environment variables that specify the local keytab and Kerberos configuration. Protects against a privilege escalation vulnerability. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-sparc/libpam-heimdal_2.5-1etch1_sparc.deb libpam-heimdal (2.5-1etch1) stable-security; urgency=high * Non-maintainer security upload. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-s390/libpam-heimdal_2.5-1etch1_s390.deb libpam-heimdal (2.5-1etch1) stable-security; urgency=high * Non-maintainer security upload. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-powerpc/libpam-heimdal_2.5-1etch1_powerpc.deb libpam-heimdal (2.5-1etch1) stable-security; urgency=high * Non-maintainer security upload. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-mipsel/libpam-heimdal_2.5-1etch1_mipsel.deb libpam-heimdal (2.5-1etch1) stable-security; urgency=high * Non-maintainer security upload. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-mips/libpam-heimdal_2.5-1etch1_mips.deb libpam-heimdal (2.5-1etch1) stable-security; urgency=high * Non-maintainer security upload. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-ia64/libpam-heimdal_2.5-1etch1_ia64.deb libpam-heimdal (2.5-1etch1) stable-security; urgency=high * Non-maintainer security upload. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-hppa/libpam-heimdal_2.5-1etch1_hppa.deb libpam-heimdal (2.5-1etch1) stable-security; urgency=high * Non-maintainer security upload. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-arm/libpam-heimdal_2.5-1etch1_arm.deb libpam-heimdal (2.5-1etch1) stable-security; urgency=high * Non-maintainer security upload. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-amd64/libpam-heimdal_2.5-1etch1_amd64.deb libpam-heimdal (2.5-1etch1) stable-security; urgency=high * Non-maintainer security upload. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-alpha/libpam-heimdal_2.5-1etch1_alpha.deb libpam-heimdal (2.5-1etch1) stable-security; urgency=high * Non-maintainer security upload. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/source/libpam-heimdal_2.5-1etch1.dsc oldstable/main/source/libpam-heimdal_2.5-1etch1.diff.gz oldstable/main/binary-i386/libpam-heimdal_2.5-1etch1_i386.deb libpam-heimdal (2.5-1etch1) stable-security; urgency=high * Non-maintainer security upload. * SECURITY (CVE-2009-0361): Protect against applications calling pam_setcred with PAM_REINITIALIZE_CREDS as root in a setuid context. This API call is designed to reinitialize an existing Kerberos ticket cache and therefore trusts the KRB5CCNAME environment variable, but in a setuid context, this may allow overwriting arbitrary files. oldstable/main/binary-sparc/gstreamer0.10-plugins-bad_0.10.3-3.1+etch1_sparc.deb gst-plugins-bad0.10 (0.10.3-3.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in gst/qtdemux/qtdemux.c (Closes: #514177) Fixes: CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 oldstable/main/binary-s390/gstreamer0.10-plugins-bad_0.10.3-3.1+etch1_s390.deb gst-plugins-bad0.10 (0.10.3-3.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in gst/qtdemux/qtdemux.c (Closes: #514177) Fixes: CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 oldstable/main/binary-powerpc/gstreamer0.10-plugins-bad_0.10.3-3.1+etch1_powerpc.deb gst-plugins-bad0.10 (0.10.3-3.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in gst/qtdemux/qtdemux.c (Closes: #514177) Fixes: CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 oldstable/main/binary-mipsel/gstreamer0.10-plugins-bad_0.10.3-3.1+etch1_mipsel.deb gst-plugins-bad0.10 (0.10.3-3.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in gst/qtdemux/qtdemux.c (Closes: #514177) Fixes: CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 oldstable/main/binary-mips/gstreamer0.10-plugins-bad_0.10.3-3.1+etch1_mips.deb gst-plugins-bad0.10 (0.10.3-3.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in gst/qtdemux/qtdemux.c (Closes: #514177) Fixes: CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 oldstable/main/binary-ia64/gstreamer0.10-plugins-bad_0.10.3-3.1+etch1_ia64.deb gst-plugins-bad0.10 (0.10.3-3.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in gst/qtdemux/qtdemux.c (Closes: #514177) Fixes: CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 oldstable/main/binary-hppa/gstreamer0.10-plugins-bad_0.10.3-3.1+etch1_hppa.deb gst-plugins-bad0.10 (0.10.3-3.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in gst/qtdemux/qtdemux.c (Closes: #514177) Fixes: CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 oldstable/main/binary-arm/gstreamer0.10-plugins-bad_0.10.3-3.1+etch1_arm.deb gst-plugins-bad0.10 (0.10.3-3.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in gst/qtdemux/qtdemux.c (Closes: #514177) Fixes: CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 oldstable/main/binary-amd64/gstreamer0.10-plugins-bad_0.10.3-3.1+etch1_amd64.deb gst-plugins-bad0.10 (0.10.3-3.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in gst/qtdemux/qtdemux.c (Closes: #514177) Fixes: CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 oldstable/main/binary-alpha/gstreamer0.10-plugins-bad_0.10.3-3.1+etch1_alpha.deb gst-plugins-bad0.10 (0.10.3-3.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in gst/qtdemux/qtdemux.c (Closes: #514177) Fixes: CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 oldstable/main/source/gst-plugins-bad0.10_0.10.3-3.1+etch1.dsc oldstable/main/source/gst-plugins-bad0.10_0.10.3-3.1+etch1.diff.gz oldstable/main/binary-i386/gstreamer0.10-plugins-bad_0.10.3-3.1+etch1_i386.deb gst-plugins-bad0.10 (0.10.3-3.1+etch1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in gst/qtdemux/qtdemux.c (Closes: #514177) Fixes: CVE-2009-0386 CVE-2009-0387 CVE-2009-0397 oldstable/main/binary-sparc/gs-gpl_8.54.dfsg.1-5etch2_sparc.deb gs-gpl (8.54.dfsg.1-5etch2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Include patch from RedHat to fix several integer overflows and add upper-bound checks on certain variables in the embedded icc library Fixes: CVE-2009-0583 CVE-2009-0584 oldstable/main/binary-s390/gs-gpl_8.54.dfsg.1-5etch2_s390.deb gs-gpl (8.54.dfsg.1-5etch2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Include patch from RedHat to fix several integer overflows and add upper-bound checks on certain variables in the embedded icc library Fixes: CVE-2009-0583 CVE-2009-0584 oldstable/main/binary-powerpc/gs-gpl_8.54.dfsg.1-5etch2_powerpc.deb gs-gpl (8.54.dfsg.1-5etch2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Include patch from RedHat to fix several integer overflows and add upper-bound checks on certain variables in the embedded icc library Fixes: CVE-2009-0583 CVE-2009-0584 oldstable/main/binary-mipsel/gs-gpl_8.54.dfsg.1-5etch2_mipsel.deb gs-gpl (8.54.dfsg.1-5etch2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Include patch from RedHat to fix several integer overflows and add upper-bound checks on certain variables in the embedded icc library Fixes: CVE-2009-0583 CVE-2009-0584 oldstable/main/binary-mips/gs-gpl_8.54.dfsg.1-5etch2_mips.deb gs-gpl (8.54.dfsg.1-5etch2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Include patch from RedHat to fix several integer overflows and add upper-bound checks on certain variables in the embedded icc library Fixes: CVE-2009-0583 CVE-2009-0584 oldstable/main/binary-ia64/gs-gpl_8.54.dfsg.1-5etch2_ia64.deb gs-gpl (8.54.dfsg.1-5etch2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Include patch from RedHat to fix several integer overflows and add upper-bound checks on certain variables in the embedded icc library Fixes: CVE-2009-0583 CVE-2009-0584 oldstable/main/binary-hppa/gs-gpl_8.54.dfsg.1-5etch2_hppa.deb gs-gpl (8.54.dfsg.1-5etch2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Include patch from RedHat to fix several integer overflows and add upper-bound checks on certain variables in the embedded icc library Fixes: CVE-2009-0583 CVE-2009-0584 oldstable/main/binary-arm/gs-gpl_8.54.dfsg.1-5etch2_arm.deb gs-gpl (8.54.dfsg.1-5etch2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Include patch from RedHat to fix several integer overflows and add upper-bound checks on certain variables in the embedded icc library Fixes: CVE-2009-0583 CVE-2009-0584 oldstable/main/binary-amd64/gs-gpl_8.54.dfsg.1-5etch2_amd64.deb gs-gpl (8.54.dfsg.1-5etch2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Include patch from RedHat to fix several integer overflows and add upper-bound checks on certain variables in the embedded icc library Fixes: CVE-2009-0583 CVE-2009-0584 oldstable/main/binary-alpha/gs-gpl_8.54.dfsg.1-5etch2_alpha.deb gs-gpl (8.54.dfsg.1-5etch2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Include patch from RedHat to fix several integer overflows and add upper-bound checks on certain variables in the embedded icc library Fixes: CVE-2009-0583 CVE-2009-0584 oldstable/main/binary-sparc/libgnutls13_1.4.4-3+etch4_sparc.deb oldstable/main/binary-sparc/libgnutls13-dbg_1.4.4-3+etch4_sparc.deb oldstable/main/binary-sparc/gnutls-bin_1.4.4-3+etch4_sparc.deb oldstable/main/binary-sparc/libgnutls-dev_1.4.4-3+etch4_sparc.deb gnutls13 (1.4.4-3+etch4) oldstable-security; urgency=high * Add patch from Simon Josefsson to reenable X.509v1 support for root CAs. Closes: #514807, #514735. oldstable/main/binary-s390/gnutls-bin_1.4.4-3+etch4_s390.deb oldstable/main/binary-s390/libgnutls-dev_1.4.4-3+etch4_s390.deb oldstable/main/binary-s390/libgnutls13-dbg_1.4.4-3+etch4_s390.deb oldstable/main/binary-s390/libgnutls13_1.4.4-3+etch4_s390.deb gnutls13 (1.4.4-3+etch4) oldstable-security; urgency=high * Add patch from Simon Josefsson to reenable X.509v1 support for root CAs. Closes: #514807, #514735. oldstable/main/binary-powerpc/libgnutls-dev_1.4.4-3+etch4_powerpc.deb oldstable/main/binary-powerpc/libgnutls13-dbg_1.4.4-3+etch4_powerpc.deb oldstable/main/binary-powerpc/libgnutls13_1.4.4-3+etch4_powerpc.deb oldstable/main/binary-powerpc/gnutls-bin_1.4.4-3+etch4_powerpc.deb gnutls13 (1.4.4-3+etch4) oldstable-security; urgency=high * Add patch from Simon Josefsson to reenable X.509v1 support for root CAs. Closes: #514807, #514735. oldstable/main/binary-mipsel/libgnutls13_1.4.4-3+etch4_mipsel.deb oldstable/main/binary-mipsel/libgnutls13-dbg_1.4.4-3+etch4_mipsel.deb oldstable/main/binary-mipsel/libgnutls-dev_1.4.4-3+etch4_mipsel.deb oldstable/main/binary-mipsel/gnutls-bin_1.4.4-3+etch4_mipsel.deb gnutls13 (1.4.4-3+etch4) oldstable-security; urgency=high * Add patch from Simon Josefsson to reenable X.509v1 support for root CAs. Closes: #514807, #514735. oldstable/main/binary-mips/libgnutls-dev_1.4.4-3+etch4_mips.deb oldstable/main/binary-mips/libgnutls13_1.4.4-3+etch4_mips.deb oldstable/main/binary-mips/gnutls-bin_1.4.4-3+etch4_mips.deb oldstable/main/binary-mips/libgnutls13-dbg_1.4.4-3+etch4_mips.deb gnutls13 (1.4.4-3+etch4) oldstable-security; urgency=high * Add patch from Simon Josefsson to reenable X.509v1 support for root CAs. Closes: #514807, #514735. oldstable/main/binary-ia64/gnutls-bin_1.4.4-3+etch4_ia64.deb oldstable/main/binary-ia64/libgnutls13-dbg_1.4.4-3+etch4_ia64.deb oldstable/main/binary-ia64/libgnutls13_1.4.4-3+etch4_ia64.deb oldstable/main/binary-ia64/libgnutls-dev_1.4.4-3+etch4_ia64.deb gnutls13 (1.4.4-3+etch4) oldstable-security; urgency=high * Add patch from Simon Josefsson to reenable X.509v1 support for root CAs. Closes: #514807, #514735. oldstable/main/binary-i386/libgnutls13-dbg_1.4.4-3+etch4_i386.deb oldstable/main/binary-i386/libgnutls13_1.4.4-3+etch4_i386.deb oldstable/main/binary-i386/gnutls-bin_1.4.4-3+etch4_i386.deb oldstable/main/binary-i386/libgnutls-dev_1.4.4-3+etch4_i386.deb gnutls13 (1.4.4-3+etch4) oldstable-security; urgency=high * Add patch from Simon Josefsson to reenable X.509v1 support for root CAs. Closes: #514807, #514735. oldstable/main/binary-hppa/libgnutls-dev_1.4.4-3+etch4_hppa.deb oldstable/main/binary-hppa/libgnutls13_1.4.4-3+etch4_hppa.deb oldstable/main/binary-hppa/gnutls-bin_1.4.4-3+etch4_hppa.deb oldstable/main/binary-hppa/libgnutls13-dbg_1.4.4-3+etch4_hppa.deb gnutls13 (1.4.4-3+etch4) oldstable-security; urgency=high * Add patch from Simon Josefsson to reenable X.509v1 support for root CAs. Closes: #514807, #514735. oldstable/main/binary-arm/libgnutls-dev_1.4.4-3+etch4_arm.deb oldstable/main/binary-arm/libgnutls13_1.4.4-3+etch4_arm.deb oldstable/main/binary-arm/libgnutls13-dbg_1.4.4-3+etch4_arm.deb oldstable/main/binary-arm/gnutls-bin_1.4.4-3+etch4_arm.deb gnutls13 (1.4.4-3+etch4) oldstable-security; urgency=high * Add patch from Simon Josefsson to reenable X.509v1 support for root CAs. Closes: #514807, #514735. oldstable/main/binary-alpha/libgnutls-dev_1.4.4-3+etch4_alpha.deb oldstable/main/binary-alpha/gnutls-bin_1.4.4-3+etch4_alpha.deb oldstable/main/binary-alpha/libgnutls13_1.4.4-3+etch4_alpha.deb oldstable/main/binary-alpha/libgnutls13-dbg_1.4.4-3+etch4_alpha.deb gnutls13 (1.4.4-3+etch4) oldstable-security; urgency=high * Add patch from Simon Josefsson to reenable X.509v1 support for root CAs. Closes: #514807, #514735. oldstable/main/binary-sparc/libglib2.0-udeb_2.12.4-2+etch1_sparc.udeb oldstable/main/binary-sparc/libglib2.0-0-dbg_2.12.4-2+etch1_sparc.deb oldstable/main/binary-sparc/libglib2.0-0_2.12.4-2+etch1_sparc.deb oldstable/main/binary-sparc/libglib2.0-dev_2.12.4-2+etch1_sparc.deb glib2.0 (2.12.4-2+etch1) oldstable-security; urgency=low * SECURITY: 012_base64-overflow-CVE-2008-4316.patch: + Possible arbitrary code execution when processing large Base64 strings. Patch from upstream SVN, fixes CVS-2008-4316 (Closes: #520046). oldstable/main/binary-s390/libglib2.0-0_2.12.4-2+etch1_s390.deb oldstable/main/binary-s390/libglib2.0-udeb_2.12.4-2+etch1_s390.udeb oldstable/main/binary-s390/libglib2.0-0-dbg_2.12.4-2+etch1_s390.deb oldstable/main/binary-s390/libglib2.0-dev_2.12.4-2+etch1_s390.deb glib2.0 (2.12.4-2+etch1) oldstable-security; urgency=low * SECURITY: 012_base64-overflow-CVE-2008-4316.patch: + Possible arbitrary code execution when processing large Base64 strings. Patch from upstream SVN, fixes CVS-2008-4316 (Closes: #520046). oldstable/main/binary-powerpc/libglib2.0-0-dbg_2.12.4-2+etch1_powerpc.deb oldstable/main/binary-powerpc/libglib2.0-0_2.12.4-2+etch1_powerpc.deb oldstable/main/binary-powerpc/libglib2.0-dev_2.12.4-2+etch1_powerpc.deb oldstable/main/binary-powerpc/libglib2.0-udeb_2.12.4-2+etch1_powerpc.udeb glib2.0 (2.12.4-2+etch1) oldstable-security; urgency=low * SECURITY: 012_base64-overflow-CVE-2008-4316.patch: + Possible arbitrary code execution when processing large Base64 strings. Patch from upstream SVN, fixes CVS-2008-4316 (Closes: #520046). oldstable/main/binary-mipsel/libglib2.0-udeb_2.12.4-2+etch1_mipsel.udeb oldstable/main/binary-mipsel/libglib2.0-0_2.12.4-2+etch1_mipsel.deb oldstable/main/binary-mipsel/libglib2.0-dev_2.12.4-2+etch1_mipsel.deb oldstable/main/binary-mipsel/libglib2.0-0-dbg_2.12.4-2+etch1_mipsel.deb glib2.0 (2.12.4-2+etch1) oldstable-security; urgency=low * SECURITY: 012_base64-overflow-CVE-2008-4316.patch: + Possible arbitrary code execution when processing large Base64 strings. Patch from upstream SVN, fixes CVS-2008-4316 (Closes: #520046). oldstable/main/binary-mips/libglib2.0-dev_2.12.4-2+etch1_mips.deb oldstable/main/binary-mips/libglib2.0-udeb_2.12.4-2+etch1_mips.udeb oldstable/main/binary-mips/libglib2.0-0_2.12.4-2+etch1_mips.deb oldstable/main/binary-mips/libglib2.0-0-dbg_2.12.4-2+etch1_mips.deb glib2.0 (2.12.4-2+etch1) oldstable-security; urgency=low * SECURITY: 012_base64-overflow-CVE-2008-4316.patch: + Possible arbitrary code execution when processing large Base64 strings. Patch from upstream SVN, fixes CVS-2008-4316 (Closes: #520046). oldstable/main/binary-ia64/libglib2.0-udeb_2.12.4-2+etch1_ia64.udeb oldstable/main/binary-ia64/libglib2.0-0_2.12.4-2+etch1_ia64.deb oldstable/main/binary-ia64/libglib2.0-dev_2.12.4-2+etch1_ia64.deb oldstable/main/binary-ia64/libglib2.0-0-dbg_2.12.4-2+etch1_ia64.deb glib2.0 (2.12.4-2+etch1) oldstable-security; urgency=low * SECURITY: 012_base64-overflow-CVE-2008-4316.patch: + Possible arbitrary code execution when processing large Base64 strings. Patch from upstream SVN, fixes CVS-2008-4316 (Closes: #520046). oldstable/main/binary-i386/libglib2.0-0-dbg_2.12.4-2+etch1_i386.deb oldstable/main/binary-i386/libglib2.0-0_2.12.4-2+etch1_i386.deb oldstable/main/binary-i386/libglib2.0-dev_2.12.4-2+etch1_i386.deb oldstable/main/binary-i386/libglib2.0-udeb_2.12.4-2+etch1_i386.udeb glib2.0 (2.12.4-2+etch1) oldstable-security; urgency=low * SECURITY: 012_base64-overflow-CVE-2008-4316.patch: + Possible arbitrary code execution when processing large Base64 strings. Patch from upstream SVN, fixes CVS-2008-4316 (Closes: #520046). oldstable/main/binary-hppa/libglib2.0-0-dbg_2.12.4-2+etch1_hppa.deb oldstable/main/binary-hppa/libglib2.0-udeb_2.12.4-2+etch1_hppa.udeb oldstable/main/binary-hppa/libglib2.0-0_2.12.4-2+etch1_hppa.deb oldstable/main/binary-hppa/libglib2.0-dev_2.12.4-2+etch1_hppa.deb glib2.0 (2.12.4-2+etch1) oldstable-security; urgency=low * SECURITY: 012_base64-overflow-CVE-2008-4316.patch: + Possible arbitrary code execution when processing large Base64 strings. Patch from upstream SVN, fixes CVS-2008-4316 (Closes: #520046). oldstable/main/binary-arm/libglib2.0-udeb_2.12.4-2+etch1_arm.udeb oldstable/main/binary-arm/libglib2.0-0_2.12.4-2+etch1_arm.deb oldstable/main/binary-arm/libglib2.0-dev_2.12.4-2+etch1_arm.deb oldstable/main/binary-arm/libglib2.0-0-dbg_2.12.4-2+etch1_arm.deb glib2.0 (2.12.4-2+etch1) oldstable-security; urgency=low * SECURITY: 012_base64-overflow-CVE-2008-4316.patch: + Possible arbitrary code execution when processing large Base64 strings. Patch from upstream SVN, fixes CVS-2008-4316 (Closes: #520046). oldstable/main/binary-alpha/libglib2.0-udeb_2.12.4-2+etch1_alpha.udeb oldstable/main/binary-alpha/libglib2.0-0_2.12.4-2+etch1_alpha.deb oldstable/main/binary-alpha/libglib2.0-dev_2.12.4-2+etch1_alpha.deb oldstable/main/binary-alpha/libglib2.0-0-dbg_2.12.4-2+etch1_alpha.deb glib2.0 (2.12.4-2+etch1) oldstable-security; urgency=low * SECURITY: 012_base64-overflow-CVE-2008-4316.patch: + Possible arbitrary code execution when processing large Base64 strings. Patch from upstream SVN, fixes CVS-2008-4316 (Closes: #520046). oldstable/main/binary-sparc/libdevil1c2_1.6.7-5+etch1_sparc.deb oldstable/main/binary-sparc/libdevil-dev_1.6.7-5+etch1_sparc.deb devil (1.6.7-5+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in the iGetHdrHeader() function that allow arbitrary code execution via a crafted Radiance RGBE file (Closes: #511844, #512122) Fixes: CVE-2008-5262 oldstable/main/binary-s390/libdevil-dev_1.6.7-5+etch1_s390.deb oldstable/main/binary-s390/libdevil1c2_1.6.7-5+etch1_s390.deb devil (1.6.7-5+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in the iGetHdrHeader() function that allow arbitrary code execution via a crafted Radiance RGBE file (Closes: #511844, #512122) Fixes: CVE-2008-5262 oldstable/main/binary-powerpc/libdevil-dev_1.6.7-5+etch1_powerpc.deb oldstable/main/binary-powerpc/libdevil1c2_1.6.7-5+etch1_powerpc.deb devil (1.6.7-5+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in the iGetHdrHeader() function that allow arbitrary code execution via a crafted Radiance RGBE file (Closes: #511844, #512122) Fixes: CVE-2008-5262 oldstable/main/binary-mipsel/libdevil-dev_1.6.7-5+etch1_mipsel.deb oldstable/main/binary-mipsel/libdevil1c2_1.6.7-5+etch1_mipsel.deb devil (1.6.7-5+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in the iGetHdrHeader() function that allow arbitrary code execution via a crafted Radiance RGBE file (Closes: #511844, #512122) Fixes: CVE-2008-5262 oldstable/main/binary-mips/libdevil-dev_1.6.7-5+etch1_mips.deb oldstable/main/binary-mips/libdevil1c2_1.6.7-5+etch1_mips.deb devil (1.6.7-5+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in the iGetHdrHeader() function that allow arbitrary code execution via a crafted Radiance RGBE file (Closes: #511844, #512122) Fixes: CVE-2008-5262 oldstable/main/binary-ia64/libdevil1c2_1.6.7-5+etch1_ia64.deb oldstable/main/binary-ia64/libdevil-dev_1.6.7-5+etch1_ia64.deb devil (1.6.7-5+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in the iGetHdrHeader() function that allow arbitrary code execution via a crafted Radiance RGBE file (Closes: #511844, #512122) Fixes: CVE-2008-5262 oldstable/main/binary-hppa/libdevil-dev_1.6.7-5+etch1_hppa.deb oldstable/main/binary-hppa/libdevil1c2_1.6.7-5+etch1_hppa.deb devil (1.6.7-5+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in the iGetHdrHeader() function that allow arbitrary code execution via a crafted Radiance RGBE file (Closes: #511844, #512122) Fixes: CVE-2008-5262 oldstable/main/binary-arm/libdevil-dev_1.6.7-5+etch1_arm.deb oldstable/main/binary-arm/libdevil1c2_1.6.7-5+etch1_arm.deb devil (1.6.7-5+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in the iGetHdrHeader() function that allow arbitrary code execution via a crafted Radiance RGBE file (Closes: #511844, #512122) Fixes: CVE-2008-5262 oldstable/main/binary-amd64/libdevil-dev_1.6.7-5+etch1_amd64.deb oldstable/main/binary-amd64/libdevil1c2_1.6.7-5+etch1_amd64.deb devil (1.6.7-5+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in the iGetHdrHeader() function that allow arbitrary code execution via a crafted Radiance RGBE file (Closes: #511844, #512122) Fixes: CVE-2008-5262 oldstable/main/binary-alpha/libdevil1c2_1.6.7-5+etch1_alpha.deb oldstable/main/binary-alpha/libdevil-dev_1.6.7-5+etch1_alpha.deb devil (1.6.7-5+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in the iGetHdrHeader() function that allow arbitrary code execution via a crafted Radiance RGBE file (Closes: #511844, #512122) Fixes: CVE-2008-5262 oldstable/main/binary-sparc/debian-installer_20070308etch5_sparc.deb debian-installer (20070308etch5) oldstable; urgency=low * Rebuild to avoid .svn files in the tarball oldstable/main/binary-s390/debian-installer_20070308etch5_s390.deb debian-installer (20070308etch5) oldstable; urgency=low * Rebuild to avoid .svn files in the tarball oldstable/main/binary-powerpc/debian-installer_20070308etch5_powerpc.deb debian-installer (20070308etch5) oldstable; urgency=low * Rebuild to avoid .svn files in the tarball oldstable/main/binary-mipsel/debian-installer_20070308etch5_mipsel.deb debian-installer (20070308etch5) oldstable; urgency=low * Rebuild to avoid .svn files in the tarball oldstable/main/binary-mips/debian-installer_20070308etch5_mips.deb debian-installer (20070308etch5) oldstable; urgency=low * Rebuild to avoid .svn files in the tarball oldstable/main/binary-ia64/debian-installer_20070308etch5_ia64.deb debian-installer (20070308etch5) oldstable; urgency=low * Rebuild to avoid .svn files in the tarball oldstable/main/binary-i386/debian-installer_20070308etch5_i386.deb debian-installer (20070308etch5) oldstable; urgency=low * Rebuild to avoid .svn files in the tarball oldstable/main/binary-hppa/debian-installer_20070308etch5_hppa.deb debian-installer (20070308etch5) oldstable; urgency=low * Rebuild to avoid .svn files in the tarball oldstable/main/binary-arm/debian-installer_20070308etch5_arm.deb debian-installer (20070308etch5) oldstable; urgency=low * Rebuild to avoid .svn files in the tarball oldstable/main/binary-alpha/debian-installer_20070308etch5_alpha.deb debian-installer (20070308etch5) oldstable; urgency=low * Rebuild to avoid .svn files in the tarball oldstable/main/binary-sparc/libcurl3-openssl-dev_7.15.5-1etch2_sparc.deb oldstable/main/binary-sparc/libcurl3-gnutls_7.15.5-1etch2_sparc.deb oldstable/main/binary-sparc/libcurl3_7.15.5-1etch2_sparc.deb oldstable/main/binary-sparc/libcurl3-dbg_7.15.5-1etch2_sparc.deb oldstable/main/binary-sparc/curl_7.15.5-1etch2_sparc.deb oldstable/main/binary-sparc/libcurl3-gnutls-dev_7.15.5-1etch2_sparc.deb curl (7.15.5-1etch2) oldstable-security; urgency=high * Applied upstream patch to fix arbitrary file access (CVE-2009-0037). oldstable/main/binary-s390/libcurl3-dbg_7.15.5-1etch2_s390.deb oldstable/main/binary-s390/libcurl3_7.15.5-1etch2_s390.deb oldstable/main/binary-s390/libcurl3-gnutls-dev_7.15.5-1etch2_s390.deb oldstable/main/binary-s390/curl_7.15.5-1etch2_s390.deb oldstable/main/binary-s390/libcurl3-gnutls_7.15.5-1etch2_s390.deb oldstable/main/binary-s390/libcurl3-openssl-dev_7.15.5-1etch2_s390.deb curl (7.15.5-1etch2) oldstable-security; urgency=high * Applied upstream patch to fix arbitrary file access (CVE-2009-0037). oldstable/main/binary-powerpc/libcurl3-gnutls-dev_7.15.5-1etch2_powerpc.deb oldstable/main/binary-powerpc/libcurl3-dbg_7.15.5-1etch2_powerpc.deb oldstable/main/binary-powerpc/curl_7.15.5-1etch2_powerpc.deb oldstable/main/binary-powerpc/libcurl3-gnutls_7.15.5-1etch2_powerpc.deb oldstable/main/binary-powerpc/libcurl3-openssl-dev_7.15.5-1etch2_powerpc.deb oldstable/main/binary-powerpc/libcurl3_7.15.5-1etch2_powerpc.deb curl (7.15.5-1etch2) oldstable-security; urgency=high * Applied upstream patch to fix arbitrary file access (CVE-2009-0037). oldstable/main/binary-mipsel/curl_7.15.5-1etch2_mipsel.deb oldstable/main/binary-mipsel/libcurl3-gnutls-dev_7.15.5-1etch2_mipsel.deb oldstable/main/binary-mipsel/libcurl3-openssl-dev_7.15.5-1etch2_mipsel.deb oldstable/main/binary-mipsel/libcurl3-gnutls_7.15.5-1etch2_mipsel.deb oldstable/main/binary-mipsel/libcurl3-dbg_7.15.5-1etch2_mipsel.deb oldstable/main/binary-mipsel/libcurl3_7.15.5-1etch2_mipsel.deb curl (7.15.5-1etch2) oldstable-security; urgency=high * Applied upstream patch to fix arbitrary file access (CVE-2009-0037). oldstable/main/binary-mips/libcurl3-gnutls-dev_7.15.5-1etch2_mips.deb oldstable/main/binary-mips/curl_7.15.5-1etch2_mips.deb oldstable/main/binary-mips/libcurl3-gnutls_7.15.5-1etch2_mips.deb oldstable/main/binary-mips/libcurl3_7.15.5-1etch2_mips.deb oldstable/main/binary-mips/libcurl3-dbg_7.15.5-1etch2_mips.deb oldstable/main/binary-mips/libcurl3-openssl-dev_7.15.5-1etch2_mips.deb curl (7.15.5-1etch2) oldstable-security; urgency=high * Applied upstream patch to fix arbitrary file access (CVE-2009-0037). oldstable/main/binary-ia64/libcurl3-dbg_7.15.5-1etch2_ia64.deb oldstable/main/binary-ia64/curl_7.15.5-1etch2_ia64.deb oldstable/main/binary-ia64/libcurl3-gnutls-dev_7.15.5-1etch2_ia64.deb oldstable/main/binary-ia64/libcurl3-gnutls_7.15.5-1etch2_ia64.deb oldstable/main/binary-ia64/libcurl3_7.15.5-1etch2_ia64.deb oldstable/main/binary-ia64/libcurl3-openssl-dev_7.15.5-1etch2_ia64.deb curl (7.15.5-1etch2) oldstable-security; urgency=high * Applied upstream patch to fix arbitrary file access (CVE-2009-0037). oldstable/main/binary-hppa/libcurl3-gnutls_7.15.5-1etch2_hppa.deb oldstable/main/binary-hppa/libcurl3-gnutls-dev_7.15.5-1etch2_hppa.deb oldstable/main/binary-hppa/curl_7.15.5-1etch2_hppa.deb oldstable/main/binary-hppa/libcurl3_7.15.5-1etch2_hppa.deb oldstable/main/binary-hppa/libcurl3-dbg_7.15.5-1etch2_hppa.deb oldstable/main/binary-hppa/libcurl3-openssl-dev_7.15.5-1etch2_hppa.deb curl (7.15.5-1etch2) oldstable-security; urgency=high * Applied upstream patch to fix arbitrary file access (CVE-2009-0037). oldstable/main/binary-arm/libcurl3-openssl-dev_7.15.5-1etch2_arm.deb oldstable/main/binary-arm/libcurl3-dbg_7.15.5-1etch2_arm.deb oldstable/main/binary-arm/libcurl3-gnutls_7.15.5-1etch2_arm.deb oldstable/main/binary-arm/libcurl3_7.15.5-1etch2_arm.deb oldstable/main/binary-arm/curl_7.15.5-1etch2_arm.deb oldstable/main/binary-arm/libcurl3-gnutls-dev_7.15.5-1etch2_arm.deb curl (7.15.5-1etch2) oldstable-security; urgency=high * Applied upstream patch to fix arbitrary file access (CVE-2009-0037). oldstable/main/binary-amd64/libcurl3-gnutls_7.15.5-1etch2_amd64.deb oldstable/main/binary-amd64/libcurl3_7.15.5-1etch2_amd64.deb oldstable/main/binary-amd64/libcurl3-openssl-dev_7.15.5-1etch2_amd64.deb oldstable/main/binary-amd64/libcurl3-gnutls-dev_7.15.5-1etch2_amd64.deb oldstable/main/binary-amd64/libcurl3-dbg_7.15.5-1etch2_amd64.deb oldstable/main/binary-amd64/curl_7.15.5-1etch2_amd64.deb curl (7.15.5-1etch2) oldstable-security; urgency=high * Applied upstream patch to fix arbitrary file access (CVE-2009-0037). oldstable/main/binary-alpha/libcurl3-gnutls-dev_7.15.5-1etch2_alpha.deb oldstable/main/binary-alpha/curl_7.15.5-1etch2_alpha.deb oldstable/main/binary-alpha/libcurl3-dbg_7.15.5-1etch2_alpha.deb oldstable/main/binary-alpha/libcurl3_7.15.5-1etch2_alpha.deb oldstable/main/binary-alpha/libcurl3-gnutls_7.15.5-1etch2_alpha.deb oldstable/main/binary-alpha/libcurl3-openssl-dev_7.15.5-1etch2_alpha.deb curl (7.15.5-1etch2) oldstable-security; urgency=high * Applied upstream patch to fix arbitrary file access (CVE-2009-0037). oldstable/main/binary-sparc/boinc-dev_5.4.11-4+etch1_sparc.deb oldstable/main/binary-sparc/boinc-client_5.4.11-4+etch1_sparc.deb oldstable/main/binary-sparc/boinc-manager_5.4.11-4+etch1_sparc.deb boinc (5.4.11-4+etch1) stable-security; urgency=high * Correction for CVE-2009-0126 misuses the OpenSSL api on decrypt_public function in lib/crypt.cpp, Closes: #511521 * add myslef to uploaders oldstable/main/binary-s390/boinc-dev_5.4.11-4+etch1_s390.deb oldstable/main/binary-s390/boinc-manager_5.4.11-4+etch1_s390.deb oldstable/main/binary-s390/boinc-client_5.4.11-4+etch1_s390.deb boinc (5.4.11-4+etch1) stable-security; urgency=high * Correction for CVE-2009-0126 misuses the OpenSSL api on decrypt_public function in lib/crypt.cpp, Closes: #511521 * add myslef to uploaders oldstable/main/binary-powerpc/boinc-manager_5.4.11-4+etch1_powerpc.deb oldstable/main/binary-powerpc/boinc-client_5.4.11-4+etch1_powerpc.deb oldstable/main/binary-powerpc/boinc-dev_5.4.11-4+etch1_powerpc.deb boinc (5.4.11-4+etch1) stable-security; urgency=high * Correction for CVE-2009-0126 misuses the OpenSSL api on decrypt_public function in lib/crypt.cpp, Closes: #511521 * add myslef to uploaders oldstable/main/binary-mipsel/boinc-client_5.4.11-4+etch1_mipsel.deb oldstable/main/binary-mipsel/boinc-manager_5.4.11-4+etch1_mipsel.deb oldstable/main/binary-mipsel/boinc-dev_5.4.11-4+etch1_mipsel.deb boinc (5.4.11-4+etch1) stable-security; urgency=high * Correction for CVE-2009-0126 misuses the OpenSSL api on decrypt_public function in lib/crypt.cpp, Closes: #511521 * add myslef to uploaders oldstable/main/binary-mips/boinc-manager_5.4.11-4+etch1_mips.deb oldstable/main/binary-mips/boinc-client_5.4.11-4+etch1_mips.deb oldstable/main/binary-mips/boinc-dev_5.4.11-4+etch1_mips.deb boinc (5.4.11-4+etch1) stable-security; urgency=high * Correction for CVE-2009-0126 misuses the OpenSSL api on decrypt_public function in lib/crypt.cpp, Closes: #511521 * add myslef to uploaders oldstable/main/binary-ia64/boinc-dev_5.4.11-4+etch1_ia64.deb oldstable/main/binary-ia64/boinc-client_5.4.11-4+etch1_ia64.deb oldstable/main/binary-ia64/boinc-manager_5.4.11-4+etch1_ia64.deb boinc (5.4.11-4+etch1) stable-security; urgency=high * Correction for CVE-2009-0126 misuses the OpenSSL api on decrypt_public function in lib/crypt.cpp, Closes: #511521 * add myslef to uploaders oldstable/main/binary-hppa/boinc-dev_5.4.11-4+etch1_hppa.deb oldstable/main/binary-hppa/boinc-manager_5.4.11-4+etch1_hppa.deb oldstable/main/binary-hppa/boinc-client_5.4.11-4+etch1_hppa.deb boinc (5.4.11-4+etch1) stable-security; urgency=high * Correction for CVE-2009-0126 misuses the OpenSSL api on decrypt_public function in lib/crypt.cpp, Closes: #511521 * add myslef to uploaders oldstable/main/binary-arm/boinc-dev_5.4.11-4+etch1_arm.deb oldstable/main/binary-arm/boinc-client_5.4.11-4+etch1_arm.deb oldstable/main/binary-arm/boinc-manager_5.4.11-4+etch1_arm.deb boinc (5.4.11-4+etch1) stable-security; urgency=high * Correction for CVE-2009-0126 misuses the OpenSSL api on decrypt_public function in lib/crypt.cpp, Closes: #511521 * add myslef to uploaders oldstable/main/binary-amd64/boinc-manager_5.4.11-4+etch1_amd64.deb oldstable/main/binary-amd64/boinc-client_5.4.11-4+etch1_amd64.deb oldstable/main/binary-amd64/boinc-dev_5.4.11-4+etch1_amd64.deb boinc (5.4.11-4+etch1) stable-security; urgency=high * Correction for CVE-2009-0126 misuses the OpenSSL api on decrypt_public function in lib/crypt.cpp, Closes: #511521 * add myslef to uploaders oldstable/main/binary-alpha/boinc-dev_5.4.11-4+etch1_alpha.deb oldstable/main/binary-alpha/boinc-manager_5.4.11-4+etch1_alpha.deb oldstable/main/binary-alpha/boinc-client_5.4.11-4+etch1_alpha.deb boinc (5.4.11-4+etch1) stable-security; urgency=high * Correction for CVE-2009-0126 misuses the OpenSSL api on decrypt_public function in lib/crypt.cpp, Closes: #511521 * add myslef to uploaders stable/main/source/gs-gpl_8.54.dfsg.1-5etch2.dsc stable/main/binary-all/gs_8.54.dfsg.1-5etch2_all.deb stable/main/source/gs-gpl_8.54.dfsg.1-5etch2.diff.gz stable/main/binary-i386/gs-gpl_8.54.dfsg.1-5etch2_i386.deb gs-gpl (8.54.dfsg.1-5etch2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Include patch from RedHat to fix several integer overflows and add upper-bound checks on certain variables in the embedded icc library Fixes: CVE-2009-0583 CVE-2009-0584 stable/main/binary-amd64/libgnutls-dev_1.4.4-3+etch4_amd64.deb stable/main/source/gnutls13_1.4.4-3+etch4.diff.gz stable/main/binary-amd64/libgnutls13-dbg_1.4.4-3+etch4_amd64.deb stable/main/binary-amd64/libgnutls13_1.4.4-3+etch4_amd64.deb stable/main/source/gnutls13_1.4.4-3+etch4.dsc stable/main/binary-amd64/gnutls-bin_1.4.4-3+etch4_amd64.deb stable/main/binary-all/gnutls-doc_1.4.4-3+etch4_all.deb gnutls13 (1.4.4-3+etch4) oldstable-security; urgency=high * Add patch from Simon Josefsson to reenable X.509v1 support for root CAs. Closes: #514807, #514735. stable/main/binary-amd64/libglib2.0-0-dbg_2.12.4-2+etch1_amd64.deb stable/main/source/glib2.0_2.12.4-2+etch1.diff.gz stable/main/binary-all/libglib2.0-data_2.12.4-2+etch1_all.deb stable/main/binary-amd64/libglib2.0-udeb_2.12.4-2+etch1_amd64.udeb stable/main/binary-amd64/libglib2.0-dev_2.12.4-2+etch1_amd64.deb stable/main/binary-amd64/libglib2.0-0_2.12.4-2+etch1_amd64.deb stable/main/source/glib2.0_2.12.4-2+etch1.dsc stable/main/binary-all/libglib2.0-doc_2.12.4-2+etch1_all.deb glib2.0 (2.12.4-2+etch1) oldstable-security; urgency=low * SECURITY: 012_base64-overflow-CVE-2008-4316.patch: + Possible arbitrary code execution when processing large Base64 strings. Patch from upstream SVN, fixes CVS-2008-4316 (Closes: #520046). stable/main/source/devil_1.6.7-5+etch1.dsc stable/main/binary-i386/libdevil1c2_1.6.7-5+etch1_i386.deb stable/main/source/devil_1.6.7-5+etch1.diff.gz stable/main/binary-i386/libdevil-dev_1.6.7-5+etch1_i386.deb devil (1.6.7-5+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflows in the iGetHdrHeader() function that allow arbitrary code execution via a crafted Radiance RGBE file (Closes: #511844, #512122) Fixes: CVE-2008-5262 stable/main/source/debian-installer_20070308etch5.tar.gz stable/main/source/debian-installer_20070308etch5.dsc stable/main/binary-amd64/debian-installer_20070308etch5_amd64.deb debian-installer (20070308etch5) oldstable; urgency=low * Rebuild to avoid .svn files in the tarball stable/main/binary-i386/libcurl3-gnutls_7.15.5-1etch2_i386.deb stable/main/binary-i386/libcurl3-gnutls-dev_7.15.5-1etch2_i386.deb stable/main/source/curl_7.15.5-1etch2.dsc stable/main/binary-i386/libcurl3-openssl-dev_7.15.5-1etch2_i386.deb stable/main/binary-i386/libcurl3_7.15.5-1etch2_i386.deb stable/main/binary-i386/curl_7.15.5-1etch2_i386.deb stable/main/binary-all/libcurl3-dev_7.15.5-1etch2_all.deb stable/main/source/curl_7.15.5-1etch2.diff.gz stable/main/binary-i386/libcurl3-dbg_7.15.5-1etch2_i386.deb curl (7.15.5-1etch2) oldstable-security; urgency=high * Applied upstream patch to fix arbitrary file access (CVE-2009-0037). ========================================= Mon, 09 Feb 2009 - Debian 4.0r7 released ========================================= stable/main/binary-sparc/libtonezone1_1.2.11.dfsg-1+etch1_sparc.deb stable/main/binary-sparc/libtonezone-dev_1.2.11.dfsg-1+etch1_sparc.deb stable/main/binary-sparc/zaptel_1.2.11.dfsg-1+etch1_sparc.deb zaptel (1:1.2.11.dfsg-1+etch1) stable-security; urgency=high * Apply patch from Tzafrir Cohen to validate the sync field for the ZT_SPANCONFIG ioctl. Closes: #507459. stable/main/binary-s390/zaptel_1.2.11.dfsg-1+etch1_s390.deb stable/main/binary-s390/libtonezone-dev_1.2.11.dfsg-1+etch1_s390.deb stable/main/binary-s390/libtonezone1_1.2.11.dfsg-1+etch1_s390.deb zaptel (1:1.2.11.dfsg-1+etch1) stable-security; urgency=high * Apply patch from Tzafrir Cohen to validate the sync field for the ZT_SPANCONFIG ioctl. Closes: #507459. stable/main/binary-powerpc/libtonezone-dev_1.2.11.dfsg-1+etch1_powerpc.deb stable/main/binary-powerpc/libtonezone1_1.2.11.dfsg-1+etch1_powerpc.deb stable/main/binary-powerpc/zaptel_1.2.11.dfsg-1+etch1_powerpc.deb zaptel (1:1.2.11.dfsg-1+etch1) stable-security; urgency=high * Apply patch from Tzafrir Cohen to validate the sync field for the ZT_SPANCONFIG ioctl. Closes: #507459. stable/main/binary-mipsel/zaptel_1.2.11.dfsg-1+etch1_mipsel.deb stable/main/binary-mipsel/libtonezone1_1.2.11.dfsg-1+etch1_mipsel.deb stable/main/binary-mipsel/libtonezone-dev_1.2.11.dfsg-1+etch1_mipsel.deb zaptel (1:1.2.11.dfsg-1+etch1) stable-security; urgency=high * Apply patch from Tzafrir Cohen to validate the sync field for the ZT_SPANCONFIG ioctl. Closes: #507459. stable/main/binary-mips/zaptel_1.2.11.dfsg-1+etch1_mips.deb stable/main/binary-mips/libtonezone1_1.2.11.dfsg-1+etch1_mips.deb stable/main/binary-mips/libtonezone-dev_1.2.11.dfsg-1+etch1_mips.deb zaptel (1:1.2.11.dfsg-1+etch1) stable-security; urgency=high * Apply patch from Tzafrir Cohen to validate the sync field for the ZT_SPANCONFIG ioctl. Closes: #507459. stable/main/binary-ia64/libtonezone1_1.2.11.dfsg-1+etch1_ia64.deb stable/main/binary-ia64/zaptel_1.2.11.dfsg-1+etch1_ia64.deb stable/main/binary-ia64/libtonezone-dev_1.2.11.dfsg-1+etch1_ia64.deb zaptel (1:1.2.11.dfsg-1+etch1) stable-security; urgency=high * Apply patch from Tzafrir Cohen to validate the sync field for the ZT_SPANCONFIG ioctl. Closes: #507459. stable/main/binary-i386/libtonezone-dev_1.2.11.dfsg-1+etch1_i386.deb stable/main/binary-i386/libtonezone1_1.2.11.dfsg-1+etch1_i386.deb stable/main/binary-i386/zaptel_1.2.11.dfsg-1+etch1_i386.deb zaptel (1:1.2.11.dfsg-1+etch1) stable-security; urgency=high * Apply patch from Tzafrir Cohen to validate the sync field for the ZT_SPANCONFIG ioctl. Closes: #507459. stable/main/binary-hppa/zaptel_1.2.11.dfsg-1+etch1_hppa.deb stable/main/binary-hppa/libtonezone1_1.2.11.dfsg-1+etch1_hppa.deb stable/main/binary-hppa/libtonezone-dev_1.2.11.dfsg-1+etch1_hppa.deb zaptel (1:1.2.11.dfsg-1+etch1) stable-security; urgency=high * Apply patch from Tzafrir Cohen to validate the sync field for the ZT_SPANCONFIG ioctl. Closes: #507459. stable/main/binary-arm/zaptel_1.2.11.dfsg-1+etch1_arm.deb stable/main/binary-arm/libtonezone1_1.2.11.dfsg-1+etch1_arm.deb stable/main/binary-arm/libtonezone-dev_1.2.11.dfsg-1+etch1_arm.deb zaptel (1:1.2.11.dfsg-1+etch1) stable-security; urgency=high * Apply patch from Tzafrir Cohen to validate the sync field for the ZT_SPANCONFIG ioctl. Closes: #507459. stable/main/binary-alpha/zaptel_1.2.11.dfsg-1+etch1_alpha.deb stable/main/binary-alpha/libtonezone1_1.2.11.dfsg-1+etch1_alpha.deb stable/main/binary-alpha/libtonezone-dev_1.2.11.dfsg-1+etch1_alpha.deb zaptel (1:1.2.11.dfsg-1+etch1) stable-security; urgency=high * Apply patch from Tzafrir Cohen to validate the sync field for the ZT_SPANCONFIG ioctl. Closes: #507459. stable/main/source/zaptel_1.2.11.dfsg-1+etch1.diff.gz stable/main/binary-amd64/libtonezone-dev_1.2.11.dfsg-1+etch1_amd64.deb stable/main/binary-all/zaptel-source_1.2.11.dfsg-1+etch1_all.deb stable/main/binary-amd64/zaptel_1.2.11.dfsg-1+etch1_amd64.deb stable/main/binary-amd64/libtonezone1_1.2.11.dfsg-1+etch1_amd64.deb stable/main/source/zaptel_1.2.11.dfsg-1+etch1.dsc zaptel (1:1.2.11.dfsg-1+etch1) stable-security; urgency=high * Apply patch from Tzafrir Cohen to validate the sync field for the ZT_SPANCONFIG ioctl. Closes: #507459. stable/main/binary-sparc/libxul0d_1.8.0.15~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/libnss3-0d_1.8.0.15~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/python-xpcom_1.8.0.15~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/xulrunner-gnome-support_1.8.0.15~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/spidermonkey-bin_1.8.0.15~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/libnss3-tools_1.8.0.15~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/libmozjs0d-dbg_1.8.0.15~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/libnss3-0d-dbg_1.8.0.15~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/libnspr4-0d_1.8.0.15~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/libmozjs0d_1.8.0.15~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/xulrunner_1.8.0.15~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/libnspr4-0d-dbg_1.8.0.15~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/libxul0d-dbg_1.8.0.15~pre080614i-0etch1_sparc.deb xulrunner (1.8.0.15~pre080614i-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.19) - Patches: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz - Tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/xulrunner_1.5.0.15pre080614i-source.tar.bz2 * Upstream advisories (v2.0.0.19): MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-s390/libmozjs0d-dbg_1.8.0.15~pre080614i-0etch1_s390.deb stable/main/binary-s390/libnss3-tools_1.8.0.15~pre080614i-0etch1_s390.deb stable/main/binary-s390/libxul0d-dbg_1.8.0.15~pre080614i-0etch1_s390.deb stable/main/binary-s390/libnss3-0d-dbg_1.8.0.15~pre080614i-0etch1_s390.deb stable/main/binary-s390/spidermonkey-bin_1.8.0.15~pre080614i-0etch1_s390.deb stable/main/binary-s390/xulrunner_1.8.0.15~pre080614i-0etch1_s390.deb stable/main/binary-s390/libnss3-0d_1.8.0.15~pre080614i-0etch1_s390.deb stable/main/binary-s390/libnspr4-0d-dbg_1.8.0.15~pre080614i-0etch1_s390.deb stable/main/binary-s390/xulrunner-gnome-support_1.8.0.15~pre080614i-0etch1_s390.deb stable/main/binary-s390/libxul0d_1.8.0.15~pre080614i-0etch1_s390.deb stable/main/binary-s390/python-xpcom_1.8.0.15~pre080614i-0etch1_s390.deb stable/main/binary-s390/libnspr4-0d_1.8.0.15~pre080614i-0etch1_s390.deb stable/main/binary-s390/libmozjs0d_1.8.0.15~pre080614i-0etch1_s390.deb xulrunner (1.8.0.15~pre080614i-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.19) - Patches: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz - Tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/xulrunner_1.5.0.15pre080614i-source.tar.bz2 * Upstream advisories (v2.0.0.19): MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-powerpc/libnspr4-0d-dbg_1.8.0.15~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/libmozjs0d-dbg_1.8.0.15~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/xulrunner-gnome-support_1.8.0.15~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/libxul0d-dbg_1.8.0.15~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/libnss3-0d_1.8.0.15~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/libnss3-0d-dbg_1.8.0.15~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/libmozjs0d_1.8.0.15~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/libnspr4-0d_1.8.0.15~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/spidermonkey-bin_1.8.0.15~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/python-xpcom_1.8.0.15~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/libnss3-tools_1.8.0.15~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/libxul0d_1.8.0.15~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/xulrunner_1.8.0.15~pre080614i-0etch1_powerpc.deb xulrunner (1.8.0.15~pre080614i-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.19) - Patches: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz - Tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/xulrunner_1.5.0.15pre080614i-source.tar.bz2 * Upstream advisories (v2.0.0.19): MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-mipsel/libnspr4-0d_1.8.0.15~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/libmozjs0d_1.8.0.15~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/xulrunner_1.8.0.15~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/libxul0d_1.8.0.15~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/xulrunner-gnome-support_1.8.0.15~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/libnss3-tools_1.8.0.15~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/libnspr4-0d-dbg_1.8.0.15~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/libmozjs0d-dbg_1.8.0.15~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/libnss3-0d-dbg_1.8.0.15~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/python-xpcom_1.8.0.15~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/spidermonkey-bin_1.8.0.15~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/libnss3-0d_1.8.0.15~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/libxul0d-dbg_1.8.0.15~pre080614i-0etch1_mipsel.deb xulrunner (1.8.0.15~pre080614i-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.19) - Patches: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz - Tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/xulrunner_1.5.0.15pre080614i-source.tar.bz2 * Upstream advisories (v2.0.0.19): MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-mips/libxul0d-dbg_1.8.0.15~pre080614i-0etch1_mips.deb stable/main/binary-mips/python-xpcom_1.8.0.15~pre080614i-0etch1_mips.deb stable/main/binary-mips/libxul0d_1.8.0.15~pre080614i-0etch1_mips.deb stable/main/binary-mips/libnss3-0d_1.8.0.15~pre080614i-0etch1_mips.deb stable/main/binary-mips/libnss3-tools_1.8.0.15~pre080614i-0etch1_mips.deb stable/main/binary-mips/xulrunner-gnome-support_1.8.0.15~pre080614i-0etch1_mips.deb stable/main/binary-mips/spidermonkey-bin_1.8.0.15~pre080614i-0etch1_mips.deb stable/main/binary-mips/xulrunner_1.8.0.15~pre080614i-0etch1_mips.deb stable/main/binary-mips/libnspr4-0d-dbg_1.8.0.15~pre080614i-0etch1_mips.deb stable/main/binary-mips/libmozjs0d-dbg_1.8.0.15~pre080614i-0etch1_mips.deb stable/main/binary-mips/libmozjs0d_1.8.0.15~pre080614i-0etch1_mips.deb stable/main/binary-mips/libnss3-0d-dbg_1.8.0.15~pre080614i-0etch1_mips.deb stable/main/binary-mips/libnspr4-0d_1.8.0.15~pre080614i-0etch1_mips.deb xulrunner (1.8.0.15~pre080614i-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.19) - Patches: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz - Tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/xulrunner_1.5.0.15pre080614i-source.tar.bz2 * Upstream advisories (v2.0.0.19): MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-ia64/libnspr4-0d-dbg_1.8.0.15~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/libnss3-tools_1.8.0.15~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/libmozjs0d-dbg_1.8.0.15~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/libmozjs0d_1.8.0.15~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/libnss3-0d_1.8.0.15~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/spidermonkey-bin_1.8.0.15~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/libxul0d_1.8.0.15~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/libnspr4-0d_1.8.0.15~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/python-xpcom_1.8.0.15~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/xulrunner_1.8.0.15~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/libnss3-0d-dbg_1.8.0.15~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/libxul0d-dbg_1.8.0.15~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/xulrunner-gnome-support_1.8.0.15~pre080614i-0etch1_ia64.deb xulrunner (1.8.0.15~pre080614i-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.19) - Patches: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz - Tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/xulrunner_1.5.0.15pre080614i-source.tar.bz2 * Upstream advisories (v2.0.0.19): MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-i386/libnss3-0d-dbg_1.8.0.15~pre080614i-0etch1_i386.deb stable/main/binary-i386/python-xpcom_1.8.0.15~pre080614i-0etch1_i386.deb stable/main/binary-i386/libxul0d-dbg_1.8.0.15~pre080614i-0etch1_i386.deb stable/main/binary-i386/libnspr4-0d_1.8.0.15~pre080614i-0etch1_i386.deb stable/main/binary-i386/libmozjs0d_1.8.0.15~pre080614i-0etch1_i386.deb stable/main/binary-i386/xulrunner_1.8.0.15~pre080614i-0etch1_i386.deb stable/main/binary-i386/libxul0d_1.8.0.15~pre080614i-0etch1_i386.deb stable/main/binary-i386/xulrunner-gnome-support_1.8.0.15~pre080614i-0etch1_i386.deb stable/main/binary-i386/libmozjs0d-dbg_1.8.0.15~pre080614i-0etch1_i386.deb stable/main/binary-i386/libnss3-0d_1.8.0.15~pre080614i-0etch1_i386.deb stable/main/binary-i386/spidermonkey-bin_1.8.0.15~pre080614i-0etch1_i386.deb stable/main/binary-i386/libnspr4-0d-dbg_1.8.0.15~pre080614i-0etch1_i386.deb stable/main/binary-i386/libnss3-tools_1.8.0.15~pre080614i-0etch1_i386.deb xulrunner (1.8.0.15~pre080614i-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.19) - Patches: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz - Tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/xulrunner_1.5.0.15pre080614i-source.tar.bz2 * Upstream advisories (v2.0.0.19): MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-hppa/libxul0d-dbg_1.8.0.15~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/libnspr4-0d_1.8.0.15~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/libnspr4-0d-dbg_1.8.0.15~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/libmozjs0d_1.8.0.15~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/python-xpcom_1.8.0.15~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/xulrunner_1.8.0.15~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/libxul0d_1.8.0.15~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/xulrunner-gnome-support_1.8.0.15~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/spidermonkey-bin_1.8.0.15~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/libnss3-0d_1.8.0.15~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/libnss3-0d-dbg_1.8.0.15~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/libmozjs0d-dbg_1.8.0.15~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/libnss3-tools_1.8.0.15~pre080614i-0etch1_hppa.deb xulrunner (1.8.0.15~pre080614i-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.19) - Patches: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz - Tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/xulrunner_1.5.0.15pre080614i-source.tar.bz2 * Upstream advisories (v2.0.0.19): MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-arm/libxul0d-dbg_1.8.0.15~pre080614i-0etch1_arm.deb stable/main/binary-arm/libnss3-0d_1.8.0.15~pre080614i-0etch1_arm.deb stable/main/binary-arm/libmozjs0d_1.8.0.15~pre080614i-0etch1_arm.deb stable/main/binary-arm/xulrunner_1.8.0.15~pre080614i-0etch1_arm.deb stable/main/binary-arm/xulrunner-gnome-support_1.8.0.15~pre080614i-0etch1_arm.deb stable/main/binary-arm/libnspr4-0d-dbg_1.8.0.15~pre080614i-0etch1_arm.deb stable/main/binary-arm/libnss3-tools_1.8.0.15~pre080614i-0etch1_arm.deb stable/main/binary-arm/spidermonkey-bin_1.8.0.15~pre080614i-0etch1_arm.deb stable/main/binary-arm/python-xpcom_1.8.0.15~pre080614i-0etch1_arm.deb stable/main/binary-arm/libnspr4-0d_1.8.0.15~pre080614i-0etch1_arm.deb stable/main/binary-arm/libmozjs0d-dbg_1.8.0.15~pre080614i-0etch1_arm.deb stable/main/binary-arm/libxul0d_1.8.0.15~pre080614i-0etch1_arm.deb stable/main/binary-arm/libnss3-0d-dbg_1.8.0.15~pre080614i-0etch1_arm.deb xulrunner (1.8.0.15~pre080614i-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.19) - Patches: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz - Tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/xulrunner_1.5.0.15pre080614i-source.tar.bz2 * Upstream advisories (v2.0.0.19): MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-alpha/libxul0d-dbg_1.8.0.15~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/libnss3-0d_1.8.0.15~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/spidermonkey-bin_1.8.0.15~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/libnss3-tools_1.8.0.15~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/libnspr4-0d-dbg_1.8.0.15~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/xulrunner_1.8.0.15~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/xulrunner-gnome-support_1.8.0.15~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/python-xpcom_1.8.0.15~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/libxul0d_1.8.0.15~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/libnspr4-0d_1.8.0.15~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/libmozjs0d_1.8.0.15~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/libnss3-0d-dbg_1.8.0.15~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/libmozjs0d-dbg_1.8.0.15~pre080614i-0etch1_alpha.deb xulrunner (1.8.0.15~pre080614i-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.19) - Patches: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz - Tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/xulrunner_1.5.0.15pre080614i-source.tar.bz2 * Upstream advisories (v2.0.0.19): MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-all/libnss3-dev_1.8.0.15~pre080614i-0etch1_all.deb stable/main/binary-amd64/libnspr4-0d_1.8.0.15~pre080614i-0etch1_amd64.deb stable/main/source/xulrunner_1.8.0.15~pre080614i.orig.tar.gz stable/main/binary-all/libsmjs1_1.8.0.15~pre080614i-0etch1_all.deb stable/main/binary-amd64/xulrunner_1.8.0.15~pre080614i-0etch1_amd64.deb stable/main/binary-amd64/libmozjs0d_1.8.0.15~pre080614i-0etch1_amd64.deb stable/main/binary-all/libmozillainterfaces-java_1.8.0.15~pre080614i-0etch1_all.deb stable/main/binary-amd64/spidermonkey-bin_1.8.0.15~pre080614i-0etch1_amd64.deb stable/main/binary-amd64/python-xpcom_1.8.0.15~pre080614i-0etch1_amd64.deb stable/main/binary-amd64/libnss3-0d-dbg_1.8.0.15~pre080614i-0etch1_amd64.deb stable/main/binary-all/libxul-common_1.8.0.15~pre080614i-0etch1_all.deb stable/main/binary-amd64/libnss3-0d_1.8.0.15~pre080614i-0etch1_amd64.deb stable/main/binary-amd64/xulrunner-gnome-support_1.8.0.15~pre080614i-0etch1_amd64.deb stable/main/binary-all/libxul-dev_1.8.0.15~pre080614i-0etch1_all.deb stable/main/source/xulrunner_1.8.0.15~pre080614i-0etch1.diff.gz stable/main/binary-all/libmozjs-dev_1.8.0.15~pre080614i-0etch1_all.deb stable/main/binary-amd64/libmozjs0d-dbg_1.8.0.15~pre080614i-0etch1_amd64.deb stable/main/binary-amd64/libnspr4-0d-dbg_1.8.0.15~pre080614i-0etch1_amd64.deb stable/main/binary-amd64/libxul0d_1.8.0.15~pre080614i-0etch1_amd64.deb stable/main/binary-all/libsmjs-dev_1.8.0.15~pre080614i-0etch1_all.deb stable/main/binary-amd64/libxul0d-dbg_1.8.0.15~pre080614i-0etch1_amd64.deb stable/main/binary-all/libnspr4-dev_1.8.0.15~pre080614i-0etch1_all.deb stable/main/binary-amd64/libnss3-tools_1.8.0.15~pre080614i-0etch1_amd64.deb stable/main/source/xulrunner_1.8.0.15~pre080614i-0etch1.dsc xulrunner (1.8.0.15~pre080614i-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.19) - Patches: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz - Tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/xulrunner_1.5.0.15pre080614i-source.tar.bz2 * Upstream advisories (v2.0.0.19): MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-sparc/xterm_222-1etch4_sparc.deb xterm (222-1etch4) stable-security; urgency=high * Backport allowFontOps setting (still defaulting to false) from xterm 238. stable/main/binary-s390/xterm_222-1etch4_s390.deb xterm (222-1etch4) stable-security; urgency=high * Backport allowFontOps setting (still defaulting to false) from xterm 238. stable/main/binary-powerpc/xterm_222-1etch4_powerpc.deb xterm (222-1etch4) stable-security; urgency=high * Backport allowFontOps setting (still defaulting to false) from xterm 238. stable/main/binary-mipsel/xterm_222-1etch4_mipsel.deb xterm (222-1etch4) stable-security; urgency=high * Backport allowFontOps setting (still defaulting to false) from xterm 238. stable/main/binary-mips/xterm_222-1etch4_mips.deb xterm (222-1etch4) stable-security; urgency=high * Backport allowFontOps setting (still defaulting to false) from xterm 238. stable/main/binary-ia64/xterm_222-1etch4_ia64.deb xterm (222-1etch4) stable-security; urgency=high * Backport allowFontOps setting (still defaulting to false) from xterm 238. stable/main/binary-i386/xterm_222-1etch4_i386.deb xterm (222-1etch4) stable-security; urgency=high * Backport allowFontOps setting (still defaulting to false) from xterm 238. stable/main/binary-hppa/xterm_222-1etch4_hppa.deb xterm (222-1etch4) stable-security; urgency=high * Backport allowFontOps setting (still defaulting to false) from xterm 238. stable/main/binary-arm/xterm_222-1etch4_arm.deb xterm (222-1etch4) stable-security; urgency=high * Backport allowFontOps setting (still defaulting to false) from xterm 238. stable/main/binary-alpha/xterm_222-1etch4_alpha.deb xterm (222-1etch4) stable-security; urgency=high * Backport allowFontOps setting (still defaulting to false) from xterm 238. stable/main/source/xterm_222-1etch4.dsc stable/main/source/xterm_222-1etch4.diff.gz stable/main/binary-amd64/xterm_222-1etch4_amd64.deb xterm (222-1etch4) stable-security; urgency=high * Backport allowFontOps setting (still defaulting to false) from xterm 238. stable/main/binary-sparc/uw-mailutils_2002edebian1-13.1+etch1_sparc.deb stable/main/binary-sparc/mlock_2002edebian1-13.1+etch1_sparc.deb stable/main/binary-sparc/libc-client2002edebian_2002edebian1-13.1+etch1_sparc.deb stable/main/binary-sparc/ipopd_2002edebian1-13.1+etch1_sparc.deb stable/main/binary-sparc/libc-client-dev_2002edebian1-13.1+etch1_sparc.deb stable/main/binary-sparc/uw-imapd_2002edebian1-13.1+etch1_sparc.deb uw-imap (7:2002edebian1-13.1+etch1) stable-security; urgency=high * Add patch 0001 from newer 2007d release, fixing local exploitable security hole in dmail and tmail. Thanks to Tomas Pospisek for reporting. * Add patch 0002 from newer 2007d release, to not close already closed smtp netstream. * Set urgency=high due to security issue. stable/main/binary-s390/libc-client2002edebian_2002edebian1-13.1+etch1_s390.deb stable/main/binary-s390/mlock_2002edebian1-13.1+etch1_s390.deb stable/main/binary-s390/uw-imapd_2002edebian1-13.1+etch1_s390.deb stable/main/binary-s390/ipopd_2002edebian1-13.1+etch1_s390.deb stable/main/binary-s390/uw-mailutils_2002edebian1-13.1+etch1_s390.deb stable/main/binary-s390/libc-client-dev_2002edebian1-13.1+etch1_s390.deb uw-imap (7:2002edebian1-13.1+etch1) stable-security; urgency=high * Add patch 0001 from newer 2007d release, fixing local exploitable security hole in dmail and tmail. Thanks to Tomas Pospisek for reporting. * Add patch 0002 from newer 2007d release, to not close already closed smtp netstream. * Set urgency=high due to security issue. stable/main/binary-powerpc/uw-mailutils_2002edebian1-13.1+etch1_powerpc.deb stable/main/binary-powerpc/uw-imapd_2002edebian1-13.1+etch1_powerpc.deb stable/main/binary-powerpc/libc-client2002edebian_2002edebian1-13.1+etch1_powerpc.deb stable/main/binary-powerpc/ipopd_2002edebian1-13.1+etch1_powerpc.deb stable/main/binary-powerpc/libc-client-dev_2002edebian1-13.1+etch1_powerpc.deb stable/main/binary-powerpc/mlock_2002edebian1-13.1+etch1_powerpc.deb uw-imap (7:2002edebian1-13.1+etch1) stable-security; urgency=high * Add patch 0001 from newer 2007d release, fixing local exploitable security hole in dmail and tmail. Thanks to Tomas Pospisek for reporting. * Add patch 0002 from newer 2007d release, to not close already closed smtp netstream. * Set urgency=high due to security issue. stable/main/binary-mipsel/mlock_2002edebian1-13.1+etch1_mipsel.deb stable/main/binary-mipsel/uw-mailutils_2002edebian1-13.1+etch1_mipsel.deb stable/main/binary-mipsel/libc-client2002edebian_2002edebian1-13.1+etch1_mipsel.deb stable/main/binary-mipsel/uw-imapd_2002edebian1-13.1+etch1_mipsel.deb stable/main/binary-mipsel/libc-client-dev_2002edebian1-13.1+etch1_mipsel.deb stable/main/binary-mipsel/ipopd_2002edebian1-13.1+etch1_mipsel.deb uw-imap (7:2002edebian1-13.1+etch1) stable-security; urgency=high * Add patch 0001 from newer 2007d release, fixing local exploitable security hole in dmail and tmail. Thanks to Tomas Pospisek for reporting. * Add patch 0002 from newer 2007d release, to not close already closed smtp netstream. * Set urgency=high due to security issue. stable/main/binary-mips/libc-client2002edebian_2002edebian1-13.1+etch1_mips.deb stable/main/binary-mips/ipopd_2002edebian1-13.1+etch1_mips.deb stable/main/binary-mips/libc-client-dev_2002edebian1-13.1+etch1_mips.deb stable/main/binary-mips/uw-imapd_2002edebian1-13.1+etch1_mips.deb stable/main/binary-mips/uw-mailutils_2002edebian1-13.1+etch1_mips.deb stable/main/binary-mips/mlock_2002edebian1-13.1+etch1_mips.deb uw-imap (7:2002edebian1-13.1+etch1) stable-security; urgency=high * Add patch 0001 from newer 2007d release, fixing local exploitable security hole in dmail and tmail. Thanks to Tomas Pospisek for reporting. * Add patch 0002 from newer 2007d release, to not close already closed smtp netstream. * Set urgency=high due to security issue. stable/main/binary-ia64/ipopd_2002edebian1-13.1+etch1_ia64.deb stable/main/binary-ia64/mlock_2002edebian1-13.1+etch1_ia64.deb stable/main/binary-ia64/uw-imapd_2002edebian1-13.1+etch1_ia64.deb stable/main/binary-ia64/uw-mailutils_2002edebian1-13.1+etch1_ia64.deb stable/main/binary-ia64/libc-client-dev_2002edebian1-13.1+etch1_ia64.deb stable/main/binary-ia64/libc-client2002edebian_2002edebian1-13.1+etch1_ia64.deb uw-imap (7:2002edebian1-13.1+etch1) stable-security; urgency=high * Add patch 0001 from newer 2007d release, fixing local exploitable security hole in dmail and tmail. Thanks to Tomas Pospisek for reporting. * Add patch 0002 from newer 2007d release, to not close already closed smtp netstream. * Set urgency=high due to security issue. stable/main/binary-i386/mlock_2002edebian1-13.1+etch1_i386.deb stable/main/binary-i386/ipopd_2002edebian1-13.1+etch1_i386.deb stable/main/binary-i386/uw-mailutils_2002edebian1-13.1+etch1_i386.deb stable/main/binary-i386/libc-client2002edebian_2002edebian1-13.1+etch1_i386.deb stable/main/binary-i386/libc-client-dev_2002edebian1-13.1+etch1_i386.deb stable/main/binary-i386/uw-imapd_2002edebian1-13.1+etch1_i386.deb uw-imap (7:2002edebian1-13.1+etch1) stable-security; urgency=high * Add patch 0001 from newer 2007d release, fixing local exploitable security hole in dmail and tmail. Thanks to Tomas Pospisek for reporting. * Add patch 0002 from newer 2007d release, to not close already closed smtp netstream. * Set urgency=high due to security issue. stable/main/binary-hppa/uw-mailutils_2002edebian1-13.1+etch1_hppa.deb stable/main/binary-hppa/mlock_2002edebian1-13.1+etch1_hppa.deb stable/main/binary-hppa/uw-imapd_2002edebian1-13.1+etch1_hppa.deb stable/main/binary-hppa/libc-client-dev_2002edebian1-13.1+etch1_hppa.deb stable/main/binary-hppa/libc-client2002edebian_2002edebian1-13.1+etch1_hppa.deb stable/main/binary-hppa/ipopd_2002edebian1-13.1+etch1_hppa.deb uw-imap (7:2002edebian1-13.1+etch1) stable-security; urgency=high * Add patch 0001 from newer 2007d release, fixing local exploitable security hole in dmail and tmail. Thanks to Tomas Pospisek for reporting. * Add patch 0002 from newer 2007d release, to not close already closed smtp netstream. * Set urgency=high due to security issue. stable/main/binary-arm/uw-mailutils_2002edebian1-13.1+etch1_arm.deb stable/main/binary-arm/libc-client2002edebian_2002edebian1-13.1+etch1_arm.deb stable/main/binary-arm/mlock_2002edebian1-13.1+etch1_arm.deb stable/main/binary-arm/uw-imapd_2002edebian1-13.1+etch1_arm.deb stable/main/binary-arm/libc-client-dev_2002edebian1-13.1+etch1_arm.deb stable/main/binary-arm/ipopd_2002edebian1-13.1+etch1_arm.deb uw-imap (7:2002edebian1-13.1+etch1) stable-security; urgency=high * Add patch 0001 from newer 2007d release, fixing local exploitable security hole in dmail and tmail. Thanks to Tomas Pospisek for reporting. * Add patch 0002 from newer 2007d release, to not close already closed smtp netstream. * Set urgency=high due to security issue. stable/main/binary-alpha/uw-imapd_2002edebian1-13.1+etch1_alpha.deb stable/main/binary-alpha/uw-mailutils_2002edebian1-13.1+etch1_alpha.deb stable/main/binary-alpha/ipopd_2002edebian1-13.1+etch1_alpha.deb stable/main/binary-alpha/mlock_2002edebian1-13.1+etch1_alpha.deb stable/main/binary-alpha/libc-client2002edebian_2002edebian1-13.1+etch1_alpha.deb stable/main/binary-alpha/libc-client-dev_2002edebian1-13.1+etch1_alpha.deb uw-imap (7:2002edebian1-13.1+etch1) stable-security; urgency=high * Add patch 0001 from newer 2007d release, fixing local exploitable security hole in dmail and tmail. Thanks to Tomas Pospisek for reporting. * Add patch 0002 from newer 2007d release, to not close already closed smtp netstream. * Set urgency=high due to security issue. stable/main/binary-amd64/libc-client-dev_2002edebian1-13.1+etch1_amd64.deb stable/main/binary-all/uw-imapd-ssl_2002edebian1-13.1+etch1_all.deb stable/main/binary-amd64/uw-imapd_2002edebian1-13.1+etch1_amd64.deb stable/main/binary-all/ipopd-ssl_2002edebian1-13.1+etch1_all.deb stable/main/binary-amd64/uw-mailutils_2002edebian1-13.1+etch1_amd64.deb stable/main/binary-amd64/libc-client2002edebian_2002edebian1-13.1+etch1_amd64.deb stable/main/binary-amd64/ipopd_2002edebian1-13.1+etch1_amd64.deb stable/main/source/uw-imap_2002edebian1-13.1+etch1.dsc stable/main/binary-amd64/mlock_2002edebian1-13.1+etch1_amd64.deb stable/main/source/uw-imap_2002edebian1-13.1+etch1.diff.gz uw-imap (7:2002edebian1-13.1+etch1) stable-security; urgency=high * Add patch 0001 from newer 2007d release, fixing local exploitable security hole in dmail and tmail. Thanks to Tomas Pospisek for reporting. * Add patch 0002 from newer 2007d release, to not close already closed smtp netstream. * Set urgency=high due to security issue. stable/main/source/user-mode-linux_2.6.18-1um-2etch.24.dsc stable/main/binary-i386/user-mode-linux_2.6.18-1um-2etch.24_i386.deb stable/main/source/user-mode-linux_2.6.18-1um-2etch.24.diff.gz user-mode-linux (2.6.18-1um-2etch.24) stable; urgency=high * Rebuild against linux-source-2.6.18_2.6.18.dfsg.1-24: [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/binary-all/tkman_2.2-2etch1_all.deb stable/main/source/tkman_2.2-2etch1.dsc stable/main/source/tkman_2.2-2etch1.diff.gz tkman (2.2-2etch1) stable; urgency=low * Fixed CVE-2008-5137, by calling mktemp. (+ debian/patches/07_use-mktemp.dpatch) (Closes: #506496) stable/main/binary-sparc/libtagcoll-dev_1.6.3-2_sparc.deb tagcoll (1.6.3-2) etch-proposed-updates; urgency=low * Dropped the 'tagcoll' binary package. Closes: #510482. stable/main/binary-s390/libtagcoll-dev_1.6.3-2_s390.deb tagcoll (1.6.3-2) etch-proposed-updates; urgency=low * Dropped the 'tagcoll' binary package. Closes: #510482. stable/main/binary-powerpc/libtagcoll-dev_1.6.3-2_powerpc.deb tagcoll (1.6.3-2) etch-proposed-updates; urgency=low * Dropped the 'tagcoll' binary package. Closes: #510482. stable/main/binary-mipsel/libtagcoll-dev_1.6.3-2_mipsel.deb tagcoll (1.6.3-2) etch-proposed-updates; urgency=low * Dropped the 'tagcoll' binary package. Closes: #510482. stable/main/binary-mips/libtagcoll-dev_1.6.3-2_mips.deb tagcoll (1.6.3-2) etch-proposed-updates; urgency=low * Dropped the 'tagcoll' binary package. Closes: #510482. stable/main/binary-ia64/libtagcoll-dev_1.6.3-2_ia64.deb tagcoll (1.6.3-2) etch-proposed-updates; urgency=low * Dropped the 'tagcoll' binary package. Closes: #510482. stable/main/binary-i386/libtagcoll-dev_1.6.3-2_i386.deb tagcoll (1.6.3-2) etch-proposed-updates; urgency=low * Dropped the 'tagcoll' binary package. Closes: #510482. stable/main/binary-hppa/libtagcoll-dev_1.6.3-2_hppa.deb tagcoll (1.6.3-2) etch-proposed-updates; urgency=low * Dropped the 'tagcoll' binary package. Closes: #510482. stable/main/binary-arm/libtagcoll-dev_1.6.3-2_arm.deb tagcoll (1.6.3-2) etch-proposed-updates; urgency=low * Dropped the 'tagcoll' binary package. Closes: #510482. stable/main/binary-alpha/libtagcoll-dev_1.6.3-2_alpha.deb tagcoll (1.6.3-2) etch-proposed-updates; urgency=low * Dropped the 'tagcoll' binary package. Closes: #510482. stable/main/source/tagcoll_1.6.3-2.dsc stable/main/source/tagcoll_1.6.3-2.tar.gz stable/main/binary-amd64/libtagcoll-dev_1.6.3-2_amd64.deb tagcoll (1.6.3-2) etch-proposed-updates; urgency=low * Dropped the 'tagcoll' binary package. Closes: #510482. stable/main/binary-sparc/login_4.0.18.1-7+etch1_sparc.deb stable/main/binary-sparc/passwd_4.0.18.1-7+etch1_sparc.deb shadow (1:4.0.18.1-7+etch1) stable-security; urgency=high * The "Curé nantais" release * debian/patches/303_login_symlink_attack: Fix a race condition that could lead to gaining ownership or changing mode of arbitrary files. Closes: #505271 [CVE-2008-5394] stable/main/binary-s390/passwd_4.0.18.1-7+etch1_s390.deb stable/main/binary-s390/login_4.0.18.1-7+etch1_s390.deb shadow (1:4.0.18.1-7+etch1) stable-security; urgency=high * The "Curé nantais" release * debian/patches/303_login_symlink_attack: Fix a race condition that could lead to gaining ownership or changing mode of arbitrary files. Closes: #505271 [CVE-2008-5394] stable/main/binary-powerpc/login_4.0.18.1-7+etch1_powerpc.deb stable/main/binary-powerpc/passwd_4.0.18.1-7+etch1_powerpc.deb shadow (1:4.0.18.1-7+etch1) stable-security; urgency=high * The "Curé nantais" release * debian/patches/303_login_symlink_attack: Fix a race condition that could lead to gaining ownership or changing mode of arbitrary files. Closes: #505271 [CVE-2008-5394] stable/main/binary-mipsel/passwd_4.0.18.1-7+etch1_mipsel.deb stable/main/binary-mipsel/login_4.0.18.1-7+etch1_mipsel.deb shadow (1:4.0.18.1-7+etch1) stable-security; urgency=high * The "Curé nantais" release * debian/patches/303_login_symlink_attack: Fix a race condition that could lead to gaining ownership or changing mode of arbitrary files. Closes: #505271 [CVE-2008-5394] stable/main/binary-mips/login_4.0.18.1-7+etch1_mips.deb stable/main/binary-mips/passwd_4.0.18.1-7+etch1_mips.deb shadow (1:4.0.18.1-7+etch1) stable-security; urgency=high * The "Curé nantais" release * debian/patches/303_login_symlink_attack: Fix a race condition that could lead to gaining ownership or changing mode of arbitrary files. Closes: #505271 [CVE-2008-5394] stable/main/binary-ia64/passwd_4.0.18.1-7+etch1_ia64.deb stable/main/binary-ia64/login_4.0.18.1-7+etch1_ia64.deb shadow (1:4.0.18.1-7+etch1) stable-security; urgency=high * The "Curé nantais" release * debian/patches/303_login_symlink_attack: Fix a race condition that could lead to gaining ownership or changing mode of arbitrary files. Closes: #505271 [CVE-2008-5394] stable/main/binary-hppa/passwd_4.0.18.1-7+etch1_hppa.deb stable/main/binary-hppa/login_4.0.18.1-7+etch1_hppa.deb shadow (1:4.0.18.1-7+etch1) stable-security; urgency=high * The "Curé nantais" release * debian/patches/303_login_symlink_attack: Fix a race condition that could lead to gaining ownership or changing mode of arbitrary files. Closes: #505271 [CVE-2008-5394] stable/main/binary-arm/passwd_4.0.18.1-7+etch1_arm.deb stable/main/binary-arm/login_4.0.18.1-7+etch1_arm.deb shadow (1:4.0.18.1-7+etch1) stable-security; urgency=high * The "Curé nantais" release * debian/patches/303_login_symlink_attack: Fix a race condition that could lead to gaining ownership or changing mode of arbitrary files. Closes: #505271 [CVE-2008-5394] stable/main/binary-amd64/passwd_4.0.18.1-7+etch1_amd64.deb stable/main/binary-amd64/login_4.0.18.1-7+etch1_amd64.deb shadow (1:4.0.18.1-7+etch1) stable-security; urgency=high * The "Curé nantais" release * debian/patches/303_login_symlink_attack: Fix a race condition that could lead to gaining ownership or changing mode of arbitrary files. Closes: #505271 [CVE-2008-5394] stable/main/binary-alpha/login_4.0.18.1-7+etch1_alpha.deb stable/main/binary-alpha/passwd_4.0.18.1-7+etch1_alpha.deb shadow (1:4.0.18.1-7+etch1) stable-security; urgency=high * The "Curé nantais" release * debian/patches/303_login_symlink_attack: Fix a race condition that could lead to gaining ownership or changing mode of arbitrary files. Closes: #505271 [CVE-2008-5394] stable/main/binary-i386/passwd_4.0.18.1-7+etch1_i386.deb stable/main/source/shadow_4.0.18.1-7+etch1.dsc stable/main/source/shadow_4.0.18.1-7+etch1.diff.gz stable/main/binary-i386/login_4.0.18.1-7+etch1_i386.deb shadow (1:4.0.18.1-7+etch1) stable-security; urgency=high * The "Curé nantais" release * debian/patches/303_login_symlink_attack: Fix a race condition that could lead to gaining ownership or changing mode of arbitrary files. Closes: #505271 [CVE-2008-5394] stable/main/binary-sparc/ruby1.9-dev_1.9.0+20060609-1etch4_sparc.deb stable/main/binary-sparc/libruby1.9-dbg_1.9.0+20060609-1etch4_sparc.deb stable/main/binary-sparc/ruby1.9_1.9.0+20060609-1etch4_sparc.deb stable/main/binary-sparc/libopenssl-ruby1.9_1.9.0+20060609-1etch4_sparc.deb stable/main/binary-sparc/libdbm-ruby1.9_1.9.0+20060609-1etch4_sparc.deb stable/main/binary-sparc/libgdbm-ruby1.9_1.9.0+20060609-1etch4_sparc.deb stable/main/binary-sparc/libtcltk-ruby1.9_1.9.0+20060609-1etch4_sparc.deb stable/main/binary-sparc/libreadline-ruby1.9_1.9.0+20060609-1etch4_sparc.deb stable/main/binary-sparc/libruby1.9_1.9.0+20060609-1etch4_sparc.deb ruby1.9 (1.9.0+20060609-1etch4) stable-security; urgency=high * updated debian/patches/104_rexml_dos.dpatch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/106_CVE-2008-3443.dpatch: - fixes CVE-2008-3443. stable/main/binary-s390/libopenssl-ruby1.9_1.9.0+20060609-1etch4_s390.deb stable/main/binary-s390/libruby1.9_1.9.0+20060609-1etch4_s390.deb stable/main/binary-s390/libgdbm-ruby1.9_1.9.0+20060609-1etch4_s390.deb stable/main/binary-s390/libreadline-ruby1.9_1.9.0+20060609-1etch4_s390.deb stable/main/binary-s390/ruby1.9-dev_1.9.0+20060609-1etch4_s390.deb stable/main/binary-s390/libtcltk-ruby1.9_1.9.0+20060609-1etch4_s390.deb stable/main/binary-s390/ruby1.9_1.9.0+20060609-1etch4_s390.deb stable/main/binary-s390/libdbm-ruby1.9_1.9.0+20060609-1etch4_s390.deb stable/main/binary-s390/libruby1.9-dbg_1.9.0+20060609-1etch4_s390.deb ruby1.9 (1.9.0+20060609-1etch4) stable-security; urgency=high * updated debian/patches/104_rexml_dos.dpatch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/106_CVE-2008-3443.dpatch: - fixes CVE-2008-3443. stable/main/binary-powerpc/libreadline-ruby1.9_1.9.0+20060609-1etch4_powerpc.deb stable/main/binary-powerpc/libruby1.9_1.9.0+20060609-1etch4_powerpc.deb stable/main/binary-powerpc/libtcltk-ruby1.9_1.9.0+20060609-1etch4_powerpc.deb stable/main/binary-powerpc/ruby1.9-dev_1.9.0+20060609-1etch4_powerpc.deb stable/main/binary-powerpc/libruby1.9-dbg_1.9.0+20060609-1etch4_powerpc.deb stable/main/binary-powerpc/libdbm-ruby1.9_1.9.0+20060609-1etch4_powerpc.deb stable/main/binary-powerpc/ruby1.9_1.9.0+20060609-1etch4_powerpc.deb stable/main/binary-powerpc/libgdbm-ruby1.9_1.9.0+20060609-1etch4_powerpc.deb stable/main/binary-powerpc/libopenssl-ruby1.9_1.9.0+20060609-1etch4_powerpc.deb ruby1.9 (1.9.0+20060609-1etch4) stable-security; urgency=high * updated debian/patches/104_rexml_dos.dpatch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/106_CVE-2008-3443.dpatch: - fixes CVE-2008-3443. stable/main/binary-mipsel/libgdbm-ruby1.9_1.9.0+20060609-1etch4_mipsel.deb stable/main/binary-mipsel/libruby1.9_1.9.0+20060609-1etch4_mipsel.deb stable/main/binary-mipsel/libopenssl-ruby1.9_1.9.0+20060609-1etch4_mipsel.deb stable/main/binary-mipsel/libdbm-ruby1.9_1.9.0+20060609-1etch4_mipsel.deb stable/main/binary-mipsel/libreadline-ruby1.9_1.9.0+20060609-1etch4_mipsel.deb stable/main/binary-mipsel/ruby1.9_1.9.0+20060609-1etch4_mipsel.deb stable/main/binary-mipsel/ruby1.9-dev_1.9.0+20060609-1etch4_mipsel.deb stable/main/binary-mipsel/libtcltk-ruby1.9_1.9.0+20060609-1etch4_mipsel.deb stable/main/binary-mipsel/libruby1.9-dbg_1.9.0+20060609-1etch4_mipsel.deb ruby1.9 (1.9.0+20060609-1etch4) stable-security; urgency=high * updated debian/patches/104_rexml_dos.dpatch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/106_CVE-2008-3443.dpatch: - fixes CVE-2008-3443. stable/main/binary-mips/libgdbm-ruby1.9_1.9.0+20060609-1etch4_mips.deb stable/main/binary-mips/libtcltk-ruby1.9_1.9.0+20060609-1etch4_mips.deb stable/main/binary-mips/libruby1.9_1.9.0+20060609-1etch4_mips.deb stable/main/binary-mips/ruby1.9_1.9.0+20060609-1etch4_mips.deb stable/main/binary-mips/libopenssl-ruby1.9_1.9.0+20060609-1etch4_mips.deb stable/main/binary-mips/ruby1.9-dev_1.9.0+20060609-1etch4_mips.deb stable/main/binary-mips/libreadline-ruby1.9_1.9.0+20060609-1etch4_mips.deb stable/main/binary-mips/libdbm-ruby1.9_1.9.0+20060609-1etch4_mips.deb stable/main/binary-mips/libruby1.9-dbg_1.9.0+20060609-1etch4_mips.deb ruby1.9 (1.9.0+20060609-1etch4) stable-security; urgency=high * updated debian/patches/104_rexml_dos.dpatch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/106_CVE-2008-3443.dpatch: - fixes CVE-2008-3443. stable/main/binary-ia64/libopenssl-ruby1.9_1.9.0+20060609-1etch4_ia64.deb stable/main/binary-ia64/libreadline-ruby1.9_1.9.0+20060609-1etch4_ia64.deb stable/main/binary-ia64/libruby1.9_1.9.0+20060609-1etch4_ia64.deb stable/main/binary-ia64/libruby1.9-dbg_1.9.0+20060609-1etch4_ia64.deb stable/main/binary-ia64/libtcltk-ruby1.9_1.9.0+20060609-1etch4_ia64.deb stable/main/binary-ia64/libdbm-ruby1.9_1.9.0+20060609-1etch4_ia64.deb stable/main/binary-ia64/ruby1.9_1.9.0+20060609-1etch4_ia64.deb stable/main/binary-ia64/libgdbm-ruby1.9_1.9.0+20060609-1etch4_ia64.deb stable/main/binary-ia64/ruby1.9-dev_1.9.0+20060609-1etch4_ia64.deb ruby1.9 (1.9.0+20060609-1etch4) stable-security; urgency=high * updated debian/patches/104_rexml_dos.dpatch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/106_CVE-2008-3443.dpatch: - fixes CVE-2008-3443. stable/main/binary-hppa/ruby1.9_1.9.0+20060609-1etch4_hppa.deb stable/main/binary-hppa/libruby1.9-dbg_1.9.0+20060609-1etch4_hppa.deb stable/main/binary-hppa/libgdbm-ruby1.9_1.9.0+20060609-1etch4_hppa.deb stable/main/binary-hppa/libreadline-ruby1.9_1.9.0+20060609-1etch4_hppa.deb stable/main/binary-hppa/libtcltk-ruby1.9_1.9.0+20060609-1etch4_hppa.deb stable/main/binary-hppa/libruby1.9_1.9.0+20060609-1etch4_hppa.deb stable/main/binary-hppa/ruby1.9-dev_1.9.0+20060609-1etch4_hppa.deb stable/main/binary-hppa/libdbm-ruby1.9_1.9.0+20060609-1etch4_hppa.deb stable/main/binary-hppa/libopenssl-ruby1.9_1.9.0+20060609-1etch4_hppa.deb ruby1.9 (1.9.0+20060609-1etch4) stable-security; urgency=high * updated debian/patches/104_rexml_dos.dpatch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/106_CVE-2008-3443.dpatch: - fixes CVE-2008-3443. stable/main/binary-arm/libruby1.9-dbg_1.9.0+20060609-1etch4_arm.deb stable/main/binary-arm/libruby1.9_1.9.0+20060609-1etch4_arm.deb stable/main/binary-arm/ruby1.9-dev_1.9.0+20060609-1etch4_arm.deb stable/main/binary-arm/libdbm-ruby1.9_1.9.0+20060609-1etch4_arm.deb stable/main/binary-arm/libgdbm-ruby1.9_1.9.0+20060609-1etch4_arm.deb stable/main/binary-arm/ruby1.9_1.9.0+20060609-1etch4_arm.deb stable/main/binary-arm/libtcltk-ruby1.9_1.9.0+20060609-1etch4_arm.deb stable/main/binary-arm/libreadline-ruby1.9_1.9.0+20060609-1etch4_arm.deb stable/main/binary-arm/libopenssl-ruby1.9_1.9.0+20060609-1etch4_arm.deb ruby1.9 (1.9.0+20060609-1etch4) stable-security; urgency=high * updated debian/patches/104_rexml_dos.dpatch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/106_CVE-2008-3443.dpatch: - fixes CVE-2008-3443. stable/main/binary-amd64/ruby1.9-dev_1.9.0+20060609-1etch4_amd64.deb stable/main/binary-amd64/libdbm-ruby1.9_1.9.0+20060609-1etch4_amd64.deb stable/main/binary-amd64/ruby1.9_1.9.0+20060609-1etch4_amd64.deb stable/main/binary-amd64/libruby1.9_1.9.0+20060609-1etch4_amd64.deb stable/main/binary-amd64/libgdbm-ruby1.9_1.9.0+20060609-1etch4_amd64.deb stable/main/binary-amd64/libtcltk-ruby1.9_1.9.0+20060609-1etch4_amd64.deb stable/main/binary-amd64/libreadline-ruby1.9_1.9.0+20060609-1etch4_amd64.deb stable/main/binary-amd64/libopenssl-ruby1.9_1.9.0+20060609-1etch4_amd64.deb stable/main/binary-amd64/libruby1.9-dbg_1.9.0+20060609-1etch4_amd64.deb ruby1.9 (1.9.0+20060609-1etch4) stable-security; urgency=high * updated debian/patches/104_rexml_dos.dpatch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/106_CVE-2008-3443.dpatch: - fixes CVE-2008-3443. stable/main/binary-alpha/libopenssl-ruby1.9_1.9.0+20060609-1etch4_alpha.deb stable/main/binary-alpha/ruby1.9_1.9.0+20060609-1etch4_alpha.deb stable/main/binary-alpha/libdbm-ruby1.9_1.9.0+20060609-1etch4_alpha.deb stable/main/binary-alpha/libgdbm-ruby1.9_1.9.0+20060609-1etch4_alpha.deb stable/main/binary-alpha/ruby1.9-dev_1.9.0+20060609-1etch4_alpha.deb stable/main/binary-alpha/libreadline-ruby1.9_1.9.0+20060609-1etch4_alpha.deb stable/main/binary-alpha/libtcltk-ruby1.9_1.9.0+20060609-1etch4_alpha.deb stable/main/binary-alpha/libruby1.9_1.9.0+20060609-1etch4_alpha.deb stable/main/binary-alpha/libruby1.9-dbg_1.9.0+20060609-1etch4_alpha.deb ruby1.9 (1.9.0+20060609-1etch4) stable-security; urgency=high * updated debian/patches/104_rexml_dos.dpatch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/106_CVE-2008-3443.dpatch: - fixes CVE-2008-3443. stable/main/binary-i386/libreadline-ruby1.9_1.9.0+20060609-1etch4_i386.deb stable/main/binary-i386/libruby1.9_1.9.0+20060609-1etch4_i386.deb stable/main/binary-all/ruby1.9-examples_1.9.0+20060609-1etch4_all.deb stable/main/source/ruby1.9_1.9.0+20060609-1etch4.diff.gz stable/main/binary-i386/ruby1.9-dev_1.9.0+20060609-1etch4_i386.deb stable/main/binary-all/rdoc1.9_1.9.0+20060609-1etch4_all.deb stable/main/binary-i386/libruby1.9-dbg_1.9.0+20060609-1etch4_i386.deb stable/main/binary-i386/libopenssl-ruby1.9_1.9.0+20060609-1etch4_i386.deb stable/main/binary-i386/libgdbm-ruby1.9_1.9.0+20060609-1etch4_i386.deb stable/main/source/ruby1.9_1.9.0+20060609-1etch4.dsc stable/main/binary-all/irb1.9_1.9.0+20060609-1etch4_all.deb stable/main/binary-i386/libdbm-ruby1.9_1.9.0+20060609-1etch4_i386.deb stable/main/binary-all/ri1.9_1.9.0+20060609-1etch4_all.deb stable/main/binary-all/ruby1.9-elisp_1.9.0+20060609-1etch4_all.deb stable/main/binary-i386/libtcltk-ruby1.9_1.9.0+20060609-1etch4_i386.deb stable/main/binary-i386/ruby1.9_1.9.0+20060609-1etch4_i386.deb ruby1.9 (1.9.0+20060609-1etch4) stable-security; urgency=high * updated debian/patches/104_rexml_dos.dpatch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/106_CVE-2008-3443.dpatch: - fixes CVE-2008-3443. stable/main/binary-sparc/libdbm-ruby1.8_1.8.5-4etch4_sparc.deb stable/main/binary-sparc/libgdbm-ruby1.8_1.8.5-4etch4_sparc.deb stable/main/binary-sparc/libtcltk-ruby1.8_1.8.5-4etch4_sparc.deb stable/main/binary-sparc/libruby1.8-dbg_1.8.5-4etch4_sparc.deb stable/main/binary-sparc/libreadline-ruby1.8_1.8.5-4etch4_sparc.deb stable/main/binary-sparc/libopenssl-ruby1.8_1.8.5-4etch4_sparc.deb stable/main/binary-sparc/ruby1.8-dev_1.8.5-4etch4_sparc.deb stable/main/binary-sparc/libruby1.8_1.8.5-4etch4_sparc.deb stable/main/binary-sparc/ruby1.8_1.8.5-4etch4_sparc.deb ruby1.8 (1.8.5-4etch4) stable-security; urgency=high * updated 168_rexml_dos.patch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/169_CVE-2008-3443.patch: - backported fixes of CVE-2008-3443 from r18343 (1.8.6-p284). stable/main/binary-s390/ruby1.8_1.8.5-4etch4_s390.deb stable/main/binary-s390/ruby1.8-dev_1.8.5-4etch4_s390.deb stable/main/binary-s390/libgdbm-ruby1.8_1.8.5-4etch4_s390.deb stable/main/binary-s390/libopenssl-ruby1.8_1.8.5-4etch4_s390.deb stable/main/binary-s390/libtcltk-ruby1.8_1.8.5-4etch4_s390.deb stable/main/binary-s390/libreadline-ruby1.8_1.8.5-4etch4_s390.deb stable/main/binary-s390/libdbm-ruby1.8_1.8.5-4etch4_s390.deb stable/main/binary-s390/libruby1.8-dbg_1.8.5-4etch4_s390.deb stable/main/binary-s390/libruby1.8_1.8.5-4etch4_s390.deb ruby1.8 (1.8.5-4etch4) stable-security; urgency=high * updated 168_rexml_dos.patch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/169_CVE-2008-3443.patch: - backported fixes of CVE-2008-3443 from r18343 (1.8.6-p284). stable/main/binary-powerpc/libruby1.8_1.8.5-4etch4_powerpc.deb stable/main/binary-powerpc/libreadline-ruby1.8_1.8.5-4etch4_powerpc.deb stable/main/binary-powerpc/libopenssl-ruby1.8_1.8.5-4etch4_powerpc.deb stable/main/binary-powerpc/ruby1.8_1.8.5-4etch4_powerpc.deb stable/main/binary-powerpc/libdbm-ruby1.8_1.8.5-4etch4_powerpc.deb stable/main/binary-powerpc/libruby1.8-dbg_1.8.5-4etch4_powerpc.deb stable/main/binary-powerpc/libgdbm-ruby1.8_1.8.5-4etch4_powerpc.deb stable/main/binary-powerpc/libtcltk-ruby1.8_1.8.5-4etch4_powerpc.deb stable/main/binary-powerpc/ruby1.8-dev_1.8.5-4etch4_powerpc.deb ruby1.8 (1.8.5-4etch4) stable-security; urgency=high * updated 168_rexml_dos.patch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/169_CVE-2008-3443.patch: - backported fixes of CVE-2008-3443 from r18343 (1.8.6-p284). stable/main/binary-mipsel/ruby1.8_1.8.5-4etch4_mipsel.deb stable/main/binary-mipsel/libruby1.8_1.8.5-4etch4_mipsel.deb stable/main/binary-mipsel/libopenssl-ruby1.8_1.8.5-4etch4_mipsel.deb stable/main/binary-mipsel/libruby1.8-dbg_1.8.5-4etch4_mipsel.deb stable/main/binary-mipsel/ruby1.8-dev_1.8.5-4etch4_mipsel.deb stable/main/binary-mipsel/libreadline-ruby1.8_1.8.5-4etch4_mipsel.deb stable/main/binary-mipsel/libdbm-ruby1.8_1.8.5-4etch4_mipsel.deb stable/main/binary-mipsel/libgdbm-ruby1.8_1.8.5-4etch4_mipsel.deb stable/main/binary-mipsel/libtcltk-ruby1.8_1.8.5-4etch4_mipsel.deb ruby1.8 (1.8.5-4etch4) stable-security; urgency=high * updated 168_rexml_dos.patch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/169_CVE-2008-3443.patch: - backported fixes of CVE-2008-3443 from r18343 (1.8.6-p284). stable/main/binary-mips/ruby1.8_1.8.5-4etch4_mips.deb stable/main/binary-mips/libruby1.8-dbg_1.8.5-4etch4_mips.deb stable/main/binary-mips/libopenssl-ruby1.8_1.8.5-4etch4_mips.deb stable/main/binary-mips/libgdbm-ruby1.8_1.8.5-4etch4_mips.deb stable/main/binary-mips/ruby1.8-dev_1.8.5-4etch4_mips.deb stable/main/binary-mips/libreadline-ruby1.8_1.8.5-4etch4_mips.deb stable/main/binary-mips/libtcltk-ruby1.8_1.8.5-4etch4_mips.deb stable/main/binary-mips/libruby1.8_1.8.5-4etch4_mips.deb stable/main/binary-mips/libdbm-ruby1.8_1.8.5-4etch4_mips.deb ruby1.8 (1.8.5-4etch4) stable-security; urgency=high * updated 168_rexml_dos.patch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/169_CVE-2008-3443.patch: - backported fixes of CVE-2008-3443 from r18343 (1.8.6-p284). stable/main/binary-ia64/libopenssl-ruby1.8_1.8.5-4etch4_ia64.deb stable/main/binary-ia64/libgdbm-ruby1.8_1.8.5-4etch4_ia64.deb stable/main/binary-ia64/ruby1.8-dev_1.8.5-4etch4_ia64.deb stable/main/binary-ia64/ruby1.8_1.8.5-4etch4_ia64.deb stable/main/binary-ia64/libdbm-ruby1.8_1.8.5-4etch4_ia64.deb stable/main/binary-ia64/libruby1.8-dbg_1.8.5-4etch4_ia64.deb stable/main/binary-ia64/libruby1.8_1.8.5-4etch4_ia64.deb stable/main/binary-ia64/libreadline-ruby1.8_1.8.5-4etch4_ia64.deb stable/main/binary-ia64/libtcltk-ruby1.8_1.8.5-4etch4_ia64.deb ruby1.8 (1.8.5-4etch4) stable-security; urgency=high * updated 168_rexml_dos.patch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/169_CVE-2008-3443.patch: - backported fixes of CVE-2008-3443 from r18343 (1.8.6-p284). stable/main/binary-i386/libgdbm-ruby1.8_1.8.5-4etch4_i386.deb stable/main/binary-i386/libruby1.8_1.8.5-4etch4_i386.deb stable/main/binary-i386/libruby1.8-dbg_1.8.5-4etch4_i386.deb stable/main/binary-i386/libdbm-ruby1.8_1.8.5-4etch4_i386.deb stable/main/binary-i386/libopenssl-ruby1.8_1.8.5-4etch4_i386.deb stable/main/binary-i386/libtcltk-ruby1.8_1.8.5-4etch4_i386.deb stable/main/binary-i386/ruby1.8-dev_1.8.5-4etch4_i386.deb stable/main/binary-i386/libreadline-ruby1.8_1.8.5-4etch4_i386.deb stable/main/binary-i386/ruby1.8_1.8.5-4etch4_i386.deb ruby1.8 (1.8.5-4etch4) stable-security; urgency=high * updated 168_rexml_dos.patch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/169_CVE-2008-3443.patch: - backported fixes of CVE-2008-3443 from r18343 (1.8.6-p284). stable/main/binary-hppa/ruby1.8-dev_1.8.5-4etch4_hppa.deb stable/main/binary-hppa/libreadline-ruby1.8_1.8.5-4etch4_hppa.deb stable/main/binary-hppa/libopenssl-ruby1.8_1.8.5-4etch4_hppa.deb stable/main/binary-hppa/libgdbm-ruby1.8_1.8.5-4etch4_hppa.deb stable/main/binary-hppa/libruby1.8-dbg_1.8.5-4etch4_hppa.deb stable/main/binary-hppa/libdbm-ruby1.8_1.8.5-4etch4_hppa.deb stable/main/binary-hppa/libtcltk-ruby1.8_1.8.5-4etch4_hppa.deb stable/main/binary-hppa/ruby1.8_1.8.5-4etch4_hppa.deb stable/main/binary-hppa/libruby1.8_1.8.5-4etch4_hppa.deb ruby1.8 (1.8.5-4etch4) stable-security; urgency=high * updated 168_rexml_dos.patch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/169_CVE-2008-3443.patch: - backported fixes of CVE-2008-3443 from r18343 (1.8.6-p284). stable/main/binary-arm/libruby1.8_1.8.5-4etch4_arm.deb stable/main/binary-arm/libgdbm-ruby1.8_1.8.5-4etch4_arm.deb stable/main/binary-arm/libtcltk-ruby1.8_1.8.5-4etch4_arm.deb stable/main/binary-arm/libreadline-ruby1.8_1.8.5-4etch4_arm.deb stable/main/binary-arm/ruby1.8-dev_1.8.5-4etch4_arm.deb stable/main/binary-arm/libopenssl-ruby1.8_1.8.5-4etch4_arm.deb stable/main/binary-arm/libdbm-ruby1.8_1.8.5-4etch4_arm.deb stable/main/binary-arm/ruby1.8_1.8.5-4etch4_arm.deb stable/main/binary-arm/libruby1.8-dbg_1.8.5-4etch4_arm.deb ruby1.8 (1.8.5-4etch4) stable-security; urgency=high * updated 168_rexml_dos.patch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/169_CVE-2008-3443.patch: - backported fixes of CVE-2008-3443 from r18343 (1.8.6-p284). stable/main/binary-alpha/ruby1.8_1.8.5-4etch4_alpha.deb stable/main/binary-alpha/ruby1.8-dev_1.8.5-4etch4_alpha.deb stable/main/binary-alpha/libopenssl-ruby1.8_1.8.5-4etch4_alpha.deb stable/main/binary-alpha/libruby1.8-dbg_1.8.5-4etch4_alpha.deb stable/main/binary-alpha/libdbm-ruby1.8_1.8.5-4etch4_alpha.deb stable/main/binary-alpha/libtcltk-ruby1.8_1.8.5-4etch4_alpha.deb stable/main/binary-alpha/libgdbm-ruby1.8_1.8.5-4etch4_alpha.deb stable/main/binary-alpha/libreadline-ruby1.8_1.8.5-4etch4_alpha.deb stable/main/binary-alpha/libruby1.8_1.8.5-4etch4_alpha.deb ruby1.8 (1.8.5-4etch4) stable-security; urgency=high * updated 168_rexml_dos.patch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/169_CVE-2008-3443.patch: - backported fixes of CVE-2008-3443 from r18343 (1.8.6-p284). stable/main/binary-amd64/libruby1.8-dbg_1.8.5-4etch4_amd64.deb stable/main/binary-amd64/libreadline-ruby1.8_1.8.5-4etch4_amd64.deb stable/main/binary-amd64/libdbm-ruby1.8_1.8.5-4etch4_amd64.deb stable/main/binary-amd64/ruby1.8_1.8.5-4etch4_amd64.deb stable/main/binary-all/ri1.8_1.8.5-4etch4_all.deb stable/main/binary-amd64/libopenssl-ruby1.8_1.8.5-4etch4_amd64.deb stable/main/binary-amd64/libgdbm-ruby1.8_1.8.5-4etch4_amd64.deb stable/main/binary-amd64/libruby1.8_1.8.5-4etch4_amd64.deb stable/main/binary-all/irb1.8_1.8.5-4etch4_all.deb stable/main/binary-all/rdoc1.8_1.8.5-4etch4_all.deb stable/main/binary-amd64/ruby1.8-dev_1.8.5-4etch4_amd64.deb stable/main/source/ruby1.8_1.8.5-4etch4.diff.gz stable/main/binary-amd64/libtcltk-ruby1.8_1.8.5-4etch4_amd64.deb stable/main/source/ruby1.8_1.8.5-4etch4.dsc stable/main/binary-all/ruby1.8-elisp_1.8.5-4etch4_all.deb stable/main/binary-all/ruby1.8-examples_1.8.5-4etch4_all.deb ruby1.8 (1.8.5-4etch4) stable-security; urgency=high * updated 168_rexml_dos.patch: - fixed regression of fix of REXML DoS vulnerability (CVE-2008-3790) (ref: #502535) * applied debian/patches/169_CVE-2008-3443.patch: - backported fixes of CVE-2008-3443 from r18343 (1.8.6-p284). stable/main/binary-sparc/proftpd_1.3.0-19etch2_sparc.deb proftpd-dfsg (1.3.0-19etch2) stable-security; urgency=low * [SECURITY] Added patch xsiteforgery.dpatch. It fixes CVE-2008-4242. See also http://bugs.proftpd.org/show_bug.cgi?id=3115 stable/main/binary-s390/proftpd_1.3.0-19etch2_s390.deb proftpd-dfsg (1.3.0-19etch2) stable-security; urgency=low * [SECURITY] Added patch xsiteforgery.dpatch. It fixes CVE-2008-4242. See also http://bugs.proftpd.org/show_bug.cgi?id=3115 stable/main/binary-powerpc/proftpd_1.3.0-19etch2_powerpc.deb proftpd-dfsg (1.3.0-19etch2) stable-security; urgency=low * [SECURITY] Added patch xsiteforgery.dpatch. It fixes CVE-2008-4242. See also http://bugs.proftpd.org/show_bug.cgi?id=3115 stable/main/binary-mipsel/proftpd_1.3.0-19etch2_mipsel.deb proftpd-dfsg (1.3.0-19etch2) stable-security; urgency=low * [SECURITY] Added patch xsiteforgery.dpatch. It fixes CVE-2008-4242. See also http://bugs.proftpd.org/show_bug.cgi?id=3115 stable/main/binary-mips/proftpd_1.3.0-19etch2_mips.deb proftpd-dfsg (1.3.0-19etch2) stable-security; urgency=low * [SECURITY] Added patch xsiteforgery.dpatch. It fixes CVE-2008-4242. See also http://bugs.proftpd.org/show_bug.cgi?id=3115 stable/main/binary-ia64/proftpd_1.3.0-19etch2_ia64.deb proftpd-dfsg (1.3.0-19etch2) stable-security; urgency=low * [SECURITY] Added patch xsiteforgery.dpatch. It fixes CVE-2008-4242. See also http://bugs.proftpd.org/show_bug.cgi?id=3115 stable/main/binary-hppa/proftpd_1.3.0-19etch2_hppa.deb proftpd-dfsg (1.3.0-19etch2) stable-security; urgency=low * [SECURITY] Added patch xsiteforgery.dpatch. It fixes CVE-2008-4242. See also http://bugs.proftpd.org/show_bug.cgi?id=3115 stable/main/binary-arm/proftpd_1.3.0-19etch2_arm.deb proftpd-dfsg (1.3.0-19etch2) stable-security; urgency=low * [SECURITY] Added patch xsiteforgery.dpatch. It fixes CVE-2008-4242. See also http://bugs.proftpd.org/show_bug.cgi?id=3115 stable/main/binary-amd64/proftpd_1.3.0-19etch2_amd64.deb proftpd-dfsg (1.3.0-19etch2) stable-security; urgency=low * [SECURITY] Added patch xsiteforgery.dpatch. It fixes CVE-2008-4242. See also http://bugs.proftpd.org/show_bug.cgi?id=3115 stable/main/binary-alpha/proftpd_1.3.0-19etch2_alpha.deb proftpd-dfsg (1.3.0-19etch2) stable-security; urgency=low * [SECURITY] Added patch xsiteforgery.dpatch. It fixes CVE-2008-4242. See also http://bugs.proftpd.org/show_bug.cgi?id=3115 stable/main/source/proftpd-dfsg_1.3.0-19etch2.dsc stable/main/binary-all/proftpd-mysql_1.3.0-19etch2_all.deb stable/main/binary-i386/proftpd_1.3.0-19etch2_i386.deb stable/main/binary-all/proftpd-ldap_1.3.0-19etch2_all.deb stable/main/binary-all/proftpd-pgsql_1.3.0-19etch2_all.deb stable/main/source/proftpd-dfsg_1.3.0-19etch2.diff.gz stable/main/binary-all/proftpd-doc_1.3.0-19etch2_all.deb proftpd-dfsg (1.3.0-19etch2) stable-security; urgency=low * [SECURITY] Added patch xsiteforgery.dpatch. It fixes CVE-2008-4242. See also http://bugs.proftpd.org/show_bug.cgi?id=3115 stable/main/source/phppgadmin_4.0.1-3.1etch2.dsc stable/main/source/phppgadmin_4.0.1-3.1etch2.diff.gz stable/main/binary-all/phppgadmin_4.0.1-3.1etch2_all.deb phppgadmin (4.0.1-3.1etch2) stable-security; urgency=low * debian/patches/02_CVE-2007-2865_CVE-2007-5728.dpatch: Restore redirect functionality and fix a regression introduced in the previous security update (closes: #511759). stable/main/binary-all/php-xajax_0.2.4-2+etch1_all.deb stable/main/source/php-xajax_0.2.4-2+etch1.dsc stable/main/source/php-xajax_0.2.4-2+etch1.diff.gz php-xajax (0.2.4-2+etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix cross-site scripting in URL input Fixes: CVE-2007-2739 stable/main/binary-sparc/perl-base_5.8.8-7etch6_sparc.deb stable/main/binary-sparc/libperl-dev_5.8.8-7etch6_sparc.deb stable/main/binary-sparc/perl-suid_5.8.8-7etch6_sparc.deb stable/main/binary-sparc/perl_5.8.8-7etch6_sparc.deb stable/main/binary-sparc/libperl5.8_5.8.8-7etch6_sparc.deb stable/main/binary-sparc/perl-debug_5.8.8-7etch6_sparc.deb perl (5.8.8-7etch6) stable-security; urgency=low * Amend security fix to allow removal of the current directory by rmtree (closes: #479317). stable/main/binary-s390/libperl-dev_5.8.8-7etch6_s390.deb stable/main/binary-s390/perl-base_5.8.8-7etch6_s390.deb stable/main/binary-s390/perl_5.8.8-7etch6_s390.deb stable/main/binary-s390/perl-suid_5.8.8-7etch6_s390.deb stable/main/binary-s390/perl-debug_5.8.8-7etch6_s390.deb stable/main/binary-s390/libperl5.8_5.8.8-7etch6_s390.deb perl (5.8.8-7etch6) stable-security; urgency=low * Amend security fix to allow removal of the current directory by rmtree (closes: #479317). stable/main/binary-powerpc/perl-base_5.8.8-7etch6_powerpc.deb stable/main/binary-powerpc/perl_5.8.8-7etch6_powerpc.deb stable/main/binary-powerpc/libperl-dev_5.8.8-7etch6_powerpc.deb stable/main/binary-powerpc/perl-debug_5.8.8-7etch6_powerpc.deb stable/main/binary-powerpc/perl-suid_5.8.8-7etch6_powerpc.deb stable/main/binary-powerpc/libperl5.8_5.8.8-7etch6_powerpc.deb perl (5.8.8-7etch6) stable-security; urgency=low * Amend security fix to allow removal of the current directory by rmtree (closes: #479317). stable/main/binary-mipsel/perl-suid_5.8.8-7etch6_mipsel.deb stable/main/binary-mipsel/perl-debug_5.8.8-7etch6_mipsel.deb stable/main/binary-mipsel/perl_5.8.8-7etch6_mipsel.deb stable/main/binary-mipsel/perl-base_5.8.8-7etch6_mipsel.deb stable/main/binary-mipsel/libperl-dev_5.8.8-7etch6_mipsel.deb stable/main/binary-mipsel/libperl5.8_5.8.8-7etch6_mipsel.deb perl (5.8.8-7etch6) stable-security; urgency=low * Amend security fix to allow removal of the current directory by rmtree (closes: #479317). stable/main/binary-mips/perl-base_5.8.8-7etch6_mips.deb stable/main/binary-mips/perl_5.8.8-7etch6_mips.deb stable/main/binary-mips/libperl5.8_5.8.8-7etch6_mips.deb stable/main/binary-mips/libperl-dev_5.8.8-7etch6_mips.deb stable/main/binary-mips/perl-debug_5.8.8-7etch6_mips.deb stable/main/binary-mips/perl-suid_5.8.8-7etch6_mips.deb perl (5.8.8-7etch6) stable-security; urgency=low * Amend security fix to allow removal of the current directory by rmtree (closes: #479317). stable/main/binary-ia64/perl-base_5.8.8-7etch6_ia64.deb stable/main/binary-ia64/libperl5.8_5.8.8-7etch6_ia64.deb stable/main/binary-ia64/perl-suid_5.8.8-7etch6_ia64.deb stable/main/binary-ia64/perl_5.8.8-7etch6_ia64.deb stable/main/binary-ia64/libperl-dev_5.8.8-7etch6_ia64.deb stable/main/binary-ia64/perl-debug_5.8.8-7etch6_ia64.deb perl (5.8.8-7etch6) stable-security; urgency=low * Amend security fix to allow removal of the current directory by rmtree (closes: #479317). stable/main/binary-hppa/libperl-dev_5.8.8-7etch6_hppa.deb stable/main/binary-hppa/perl_5.8.8-7etch6_hppa.deb stable/main/binary-hppa/perl-debug_5.8.8-7etch6_hppa.deb stable/main/binary-hppa/perl-base_5.8.8-7etch6_hppa.deb stable/main/binary-hppa/libperl5.8_5.8.8-7etch6_hppa.deb stable/main/binary-hppa/perl-suid_5.8.8-7etch6_hppa.deb perl (5.8.8-7etch6) stable-security; urgency=low * Amend security fix to allow removal of the current directory by rmtree (closes: #479317). stable/main/binary-arm/libperl5.8_5.8.8-7etch6_arm.deb stable/main/binary-arm/perl-suid_5.8.8-7etch6_arm.deb stable/main/binary-arm/libperl-dev_5.8.8-7etch6_arm.deb stable/main/binary-arm/perl-debug_5.8.8-7etch6_arm.deb stable/main/binary-arm/perl_5.8.8-7etch6_arm.deb stable/main/binary-arm/perl-base_5.8.8-7etch6_arm.deb perl (5.8.8-7etch6) stable-security; urgency=low * Amend security fix to allow removal of the current directory by rmtree (closes: #479317). stable/main/binary-amd64/libperl5.8_5.8.8-7etch6_amd64.deb stable/main/binary-amd64/perl-base_5.8.8-7etch6_amd64.deb stable/main/binary-amd64/perl-debug_5.8.8-7etch6_amd64.deb stable/main/binary-amd64/perl-suid_5.8.8-7etch6_amd64.deb stable/main/binary-amd64/perl_5.8.8-7etch6_amd64.deb stable/main/binary-amd64/libperl-dev_5.8.8-7etch6_amd64.deb perl (5.8.8-7etch6) stable-security; urgency=low * Amend security fix to allow removal of the current directory by rmtree (closes: #479317). stable/main/binary-alpha/libperl5.8_5.8.8-7etch6_alpha.deb stable/main/binary-alpha/perl_5.8.8-7etch6_alpha.deb stable/main/binary-alpha/libperl-dev_5.8.8-7etch6_alpha.deb stable/main/binary-alpha/perl-debug_5.8.8-7etch6_alpha.deb stable/main/binary-alpha/perl-suid_5.8.8-7etch6_alpha.deb stable/main/binary-alpha/perl-base_5.8.8-7etch6_alpha.deb perl (5.8.8-7etch6) stable-security; urgency=low * Amend security fix to allow removal of the current directory by rmtree (closes: #479317). stable/main/binary-all/perl-doc_5.8.8-7etch6_all.deb stable/main/binary-all/libcgi-fast-perl_5.8.8-7etch6_all.deb stable/main/source/perl_5.8.8-7etch6.diff.gz stable/main/binary-i386/libperl-dev_5.8.8-7etch6_i386.deb stable/main/binary-i386/perl-base_5.8.8-7etch6_i386.deb stable/main/binary-all/perl-modules_5.8.8-7etch6_all.deb stable/main/source/perl_5.8.8-7etch6.dsc stable/main/binary-i386/libperl5.8_5.8.8-7etch6_i386.deb stable/main/binary-i386/perl-debug_5.8.8-7etch6_i386.deb stable/main/binary-i386/perl-suid_5.8.8-7etch6_i386.deb stable/main/binary-i386/perl_5.8.8-7etch6_i386.deb perl (5.8.8-7etch6) stable-security; urgency=low * Amend security fix to allow removal of the current directory by rmtree (closes: #479317). stable/main/binary-sparc/libssl0.9.7-dbg_0.9.7k-3.1etch2_sparc.deb stable/main/binary-sparc/libssl0.9.7_0.9.7k-3.1etch2_sparc.deb openssl097 (0.9.7k-3.1etch2) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) stable/main/binary-s390/libssl0.9.7-dbg_0.9.7k-3.1etch2_s390.deb stable/main/binary-s390/libssl0.9.7_0.9.7k-3.1etch2_s390.deb openssl097 (0.9.7k-3.1etch2) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) stable/main/binary-powerpc/libssl0.9.7-dbg_0.9.7k-3.1etch2_powerpc.deb stable/main/binary-powerpc/libssl0.9.7_0.9.7k-3.1etch2_powerpc.deb openssl097 (0.9.7k-3.1etch2) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) stable/main/binary-mipsel/libssl0.9.7-dbg_0.9.7k-3.1etch2_mipsel.deb stable/main/binary-mipsel/libssl0.9.7_0.9.7k-3.1etch2_mipsel.deb openssl097 (0.9.7k-3.1etch2) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) stable/main/binary-mips/libssl0.9.7_0.9.7k-3.1etch2_mips.deb stable/main/binary-mips/libssl0.9.7-dbg_0.9.7k-3.1etch2_mips.deb openssl097 (0.9.7k-3.1etch2) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) stable/main/binary-ia64/libssl0.9.7-dbg_0.9.7k-3.1etch2_ia64.deb stable/main/binary-ia64/libssl0.9.7_0.9.7k-3.1etch2_ia64.deb openssl097 (0.9.7k-3.1etch2) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) stable/main/binary-i386/libssl0.9.7-dbg_0.9.7k-3.1etch2_i386.deb stable/main/binary-i386/libssl0.9.7_0.9.7k-3.1etch2_i386.deb openssl097 (0.9.7k-3.1etch2) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) stable/main/binary-hppa/libssl0.9.7-dbg_0.9.7k-3.1etch2_hppa.deb stable/main/binary-hppa/libssl0.9.7_0.9.7k-3.1etch2_hppa.deb openssl097 (0.9.7k-3.1etch2) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) stable/main/binary-arm/libssl0.9.7_0.9.7k-3.1etch2_arm.deb stable/main/binary-arm/libssl0.9.7-dbg_0.9.7k-3.1etch2_arm.deb openssl097 (0.9.7k-3.1etch2) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) stable/main/binary-alpha/libssl0.9.7_0.9.7k-3.1etch2_alpha.deb stable/main/binary-alpha/libssl0.9.7-dbg_0.9.7k-3.1etch2_alpha.deb openssl097 (0.9.7k-3.1etch2) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) stable/main/binary-amd64/libssl0.9.7_0.9.7k-3.1etch2_amd64.deb stable/main/source/openssl097_0.9.7k-3.1etch2.diff.gz stable/main/source/openssl097_0.9.7k-3.1etch2.dsc stable/main/binary-amd64/libssl0.9.7-dbg_0.9.7k-3.1etch2_amd64.deb openssl097 (0.9.7k-3.1etch2) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) stable/main/binary-sparc/libssl0.9.8-dbg_0.9.8c-4etch4_sparc.deb stable/main/binary-sparc/libcrypto0.9.8-udeb_0.9.8c-4etch4_sparc.udeb stable/main/binary-sparc/openssl_0.9.8c-4etch4_sparc.deb stable/main/binary-sparc/libssl0.9.8_0.9.8c-4etch4_sparc.deb stable/main/binary-sparc/libssl-dev_0.9.8c-4etch4_sparc.deb openssl (0.9.8c-4etch4) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) * ipv6_from_asc() could write 1 byte longer than the buffer in case the ipv6 address didn't have "::" part. stable/main/binary-s390/openssl_0.9.8c-4etch4_s390.deb stable/main/binary-s390/libssl0.9.8-dbg_0.9.8c-4etch4_s390.deb stable/main/binary-s390/libssl-dev_0.9.8c-4etch4_s390.deb stable/main/binary-s390/libcrypto0.9.8-udeb_0.9.8c-4etch4_s390.udeb stable/main/binary-s390/libssl0.9.8_0.9.8c-4etch4_s390.deb openssl (0.9.8c-4etch4) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) * ipv6_from_asc() could write 1 byte longer than the buffer in case the ipv6 address didn't have "::" part. stable/main/binary-powerpc/libcrypto0.9.8-udeb_0.9.8c-4etch4_powerpc.udeb stable/main/binary-powerpc/openssl_0.9.8c-4etch4_powerpc.deb stable/main/binary-powerpc/libssl0.9.8_0.9.8c-4etch4_powerpc.deb stable/main/binary-powerpc/libssl-dev_0.9.8c-4etch4_powerpc.deb stable/main/binary-powerpc/libssl0.9.8-dbg_0.9.8c-4etch4_powerpc.deb openssl (0.9.8c-4etch4) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) * ipv6_from_asc() could write 1 byte longer than the buffer in case the ipv6 address didn't have "::" part. stable/main/binary-mipsel/libssl0.9.8-dbg_0.9.8c-4etch4_mipsel.deb stable/main/binary-mipsel/libssl-dev_0.9.8c-4etch4_mipsel.deb stable/main/binary-mipsel/openssl_0.9.8c-4etch4_mipsel.deb stable/main/binary-mipsel/libssl0.9.8_0.9.8c-4etch4_mipsel.deb stable/main/binary-mipsel/libcrypto0.9.8-udeb_0.9.8c-4etch4_mipsel.udeb openssl (0.9.8c-4etch4) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) * ipv6_from_asc() could write 1 byte longer than the buffer in case the ipv6 address didn't have "::" part. stable/main/binary-mips/libssl0.9.8-dbg_0.9.8c-4etch4_mips.deb stable/main/binary-mips/libssl0.9.8_0.9.8c-4etch4_mips.deb stable/main/binary-mips/libssl-dev_0.9.8c-4etch4_mips.deb stable/main/binary-mips/openssl_0.9.8c-4etch4_mips.deb stable/main/binary-mips/libcrypto0.9.8-udeb_0.9.8c-4etch4_mips.udeb openssl (0.9.8c-4etch4) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) * ipv6_from_asc() could write 1 byte longer than the buffer in case the ipv6 address didn't have "::" part. stable/main/binary-ia64/libcrypto0.9.8-udeb_0.9.8c-4etch4_ia64.udeb stable/main/binary-ia64/libssl0.9.8-dbg_0.9.8c-4etch4_ia64.deb stable/main/binary-ia64/openssl_0.9.8c-4etch4_ia64.deb stable/main/binary-ia64/libssl0.9.8_0.9.8c-4etch4_ia64.deb stable/main/binary-ia64/libssl-dev_0.9.8c-4etch4_ia64.deb openssl (0.9.8c-4etch4) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) * ipv6_from_asc() could write 1 byte longer than the buffer in case the ipv6 address didn't have "::" part. stable/main/binary-i386/libssl-dev_0.9.8c-4etch4_i386.deb stable/main/binary-i386/libcrypto0.9.8-udeb_0.9.8c-4etch4_i386.udeb stable/main/binary-i386/libssl0.9.8_0.9.8c-4etch4_i386.deb stable/main/binary-i386/libssl0.9.8-dbg_0.9.8c-4etch4_i386.deb stable/main/binary-i386/openssl_0.9.8c-4etch4_i386.deb openssl (0.9.8c-4etch4) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) * ipv6_from_asc() could write 1 byte longer than the buffer in case the ipv6 address didn't have "::" part. stable/main/binary-hppa/libssl0.9.8-dbg_0.9.8c-4etch4_hppa.deb stable/main/binary-hppa/openssl_0.9.8c-4etch4_hppa.deb stable/main/binary-hppa/libssl0.9.8_0.9.8c-4etch4_hppa.deb stable/main/binary-hppa/libcrypto0.9.8-udeb_0.9.8c-4etch4_hppa.udeb stable/main/binary-hppa/libssl-dev_0.9.8c-4etch4_hppa.deb openssl (0.9.8c-4etch4) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) * ipv6_from_asc() could write 1 byte longer than the buffer in case the ipv6 address didn't have "::" part. stable/main/binary-arm/libssl0.9.8_0.9.8c-4etch4_arm.deb stable/main/binary-arm/libcrypto0.9.8-udeb_0.9.8c-4etch4_arm.udeb stable/main/binary-arm/libssl-dev_0.9.8c-4etch4_arm.deb stable/main/binary-arm/libssl0.9.8-dbg_0.9.8c-4etch4_arm.deb stable/main/binary-arm/openssl_0.9.8c-4etch4_arm.deb openssl (0.9.8c-4etch4) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) * ipv6_from_asc() could write 1 byte longer than the buffer in case the ipv6 address didn't have "::" part. stable/main/binary-alpha/libcrypto0.9.8-udeb_0.9.8c-4etch4_alpha.udeb stable/main/binary-alpha/libssl-dev_0.9.8c-4etch4_alpha.deb stable/main/binary-alpha/libssl0.9.8-dbg_0.9.8c-4etch4_alpha.deb stable/main/binary-alpha/openssl_0.9.8c-4etch4_alpha.deb stable/main/binary-alpha/libssl0.9.8_0.9.8c-4etch4_alpha.deb openssl (0.9.8c-4etch4) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) * ipv6_from_asc() could write 1 byte longer than the buffer in case the ipv6 address didn't have "::" part. stable/main/binary-amd64/libssl0.9.8-dbg_0.9.8c-4etch4_amd64.deb stable/main/source/openssl_0.9.8c-4etch4.diff.gz stable/main/source/openssl_0.9.8c-4etch4.dsc stable/main/binary-amd64/openssl_0.9.8c-4etch4_amd64.deb stable/main/binary-amd64/libssl0.9.8_0.9.8c-4etch4_amd64.deb stable/main/binary-amd64/libssl-dev_0.9.8c-4etch4_amd64.deb stable/main/binary-amd64/libcrypto0.9.8-udeb_0.9.8c-4etch4_amd64.udeb openssl (0.9.8c-4etch4) stable-security; urgency=low * Internal calls to didn't properly check for errors which resulted in malformed DSA and ECDSA signatures being treated as a good signature rather than as an error. (CVE-2008-5077) * ipv6_from_asc() could write 1 byte longer than the buffer in case the ipv6 address didn't have "::" part. stable/main/binary-sparc/ntp_4.2.2.p4+dfsg-2etch1_sparc.deb stable/main/binary-sparc/ntpdate_4.2.2.p4+dfsg-2etch1_sparc.deb ntp (1:4.2.2.p4+dfsg-2etch1) stable-security; urgency=low * It did not properly check the return value of EVP_VerifyFinal which results in an malformed DSA signature being treated as a good signature rather than as an error. (CVE-2009-0021) stable/main/binary-s390/ntp_4.2.2.p4+dfsg-2etch1_s390.deb stable/main/binary-s390/ntpdate_4.2.2.p4+dfsg-2etch1_s390.deb ntp (1:4.2.2.p4+dfsg-2etch1) stable-security; urgency=low * It did not properly check the return value of EVP_VerifyFinal which results in an malformed DSA signature being treated as a good signature rather than as an error. (CVE-2009-0021) stable/main/binary-powerpc/ntp_4.2.2.p4+dfsg-2etch1_powerpc.deb stable/main/binary-powerpc/ntpdate_4.2.2.p4+dfsg-2etch1_powerpc.deb ntp (1:4.2.2.p4+dfsg-2etch1) stable-security; urgency=low * It did not properly check the return value of EVP_VerifyFinal which results in an malformed DSA signature being treated as a good signature rather than as an error. (CVE-2009-0021) stable/main/binary-mipsel/ntp_4.2.2.p4+dfsg-2etch1_mipsel.deb stable/main/binary-mipsel/ntpdate_4.2.2.p4+dfsg-2etch1_mipsel.deb ntp (1:4.2.2.p4+dfsg-2etch1) stable-security; urgency=low * It did not properly check the return value of EVP_VerifyFinal which results in an malformed DSA signature being treated as a good signature rather than as an error. (CVE-2009-0021) stable/main/binary-mips/ntp_4.2.2.p4+dfsg-2etch1_mips.deb stable/main/binary-mips/ntpdate_4.2.2.p4+dfsg-2etch1_mips.deb ntp (1:4.2.2.p4+dfsg-2etch1) stable-security; urgency=low * It did not properly check the return value of EVP_VerifyFinal which results in an malformed DSA signature being treated as a good signature rather than as an error. (CVE-2009-0021) stable/main/binary-ia64/ntp_4.2.2.p4+dfsg-2etch1_ia64.deb stable/main/binary-ia64/ntpdate_4.2.2.p4+dfsg-2etch1_ia64.deb ntp (1:4.2.2.p4+dfsg-2etch1) stable-security; urgency=low * It did not properly check the return value of EVP_VerifyFinal which results in an malformed DSA signature being treated as a good signature rather than as an error. (CVE-2009-0021) stable/main/binary-i386/ntp_4.2.2.p4+dfsg-2etch1_i386.deb stable/main/binary-i386/ntpdate_4.2.2.p4+dfsg-2etch1_i386.deb ntp (1:4.2.2.p4+dfsg-2etch1) stable-security; urgency=low * It did not properly check the return value of EVP_VerifyFinal which results in an malformed DSA signature being treated as a good signature rather than as an error. (CVE-2009-0021) stable/main/binary-hppa/ntp_4.2.2.p4+dfsg-2etch1_hppa.deb stable/main/binary-hppa/ntpdate_4.2.2.p4+dfsg-2etch1_hppa.deb ntp (1:4.2.2.p4+dfsg-2etch1) stable-security; urgency=low * It did not properly check the return value of EVP_VerifyFinal which results in an malformed DSA signature being treated as a good signature rather than as an error. (CVE-2009-0021) stable/main/binary-arm/ntp_4.2.2.p4+dfsg-2etch1_arm.deb stable/main/binary-arm/ntpdate_4.2.2.p4+dfsg-2etch1_arm.deb ntp (1:4.2.2.p4+dfsg-2etch1) stable-security; urgency=low * It did not properly check the return value of EVP_VerifyFinal which results in an malformed DSA signature being treated as a good signature rather than as an error. (CVE-2009-0021) stable/main/binary-alpha/ntp_4.2.2.p4+dfsg-2etch1_alpha.deb stable/main/binary-alpha/ntpdate_4.2.2.p4+dfsg-2etch1_alpha.deb ntp (1:4.2.2.p4+dfsg-2etch1) stable-security; urgency=low * It did not properly check the return value of EVP_VerifyFinal which results in an malformed DSA signature being treated as a good signature rather than as an error. (CVE-2009-0021) stable/main/binary-amd64/ntp_4.2.2.p4+dfsg-2etch1_amd64.deb stable/main/binary-amd64/ntpdate_4.2.2.p4+dfsg-2etch1_amd64.deb stable/main/source/ntp_4.2.2.p4+dfsg-2etch1.diff.gz stable/main/source/ntp_4.2.2.p4+dfsg-2etch1.dsc stable/main/binary-all/ntp-simple_4.2.2.p4+dfsg-2etch1_all.deb stable/main/binary-all/ntp-doc_4.2.2.p4+dfsg-2etch1_all.deb stable/main/binary-all/ntp-refclock_4.2.2.p4+dfsg-2etch1_all.deb ntp (1:4.2.2.p4+dfsg-2etch1) stable-security; urgency=low * It did not properly check the return value of EVP_VerifyFinal which results in an malformed DSA signature being treated as a good signature rather than as an error. (CVE-2009-0021) stable/main/binary-sparc/no-ip_2.1.1-4+etch1_sparc.deb no-ip (2.1.1-4+etch1) stable-security; urgency=high * Fix buffer overflow in HTTP response parsing stable/main/binary-s390/no-ip_2.1.1-4+etch1_s390.deb no-ip (2.1.1-4+etch1) stable-security; urgency=high * Fix buffer overflow in HTTP response parsing stable/main/binary-powerpc/no-ip_2.1.1-4+etch1_powerpc.deb no-ip (2.1.1-4+etch1) stable-security; urgency=high * Fix buffer overflow in HTTP response parsing stable/main/binary-mipsel/no-ip_2.1.1-4+etch1_mipsel.deb no-ip (2.1.1-4+etch1) stable-security; urgency=high * Fix buffer overflow in HTTP response parsing stable/main/binary-mips/no-ip_2.1.1-4+etch1_mips.deb no-ip (2.1.1-4+etch1) stable-security; urgency=high * Fix buffer overflow in HTTP response parsing stable/main/binary-ia64/no-ip_2.1.1-4+etch1_ia64.deb no-ip (2.1.1-4+etch1) stable-security; urgency=high * Fix buffer overflow in HTTP response parsing stable/main/binary-hppa/no-ip_2.1.1-4+etch1_hppa.deb no-ip (2.1.1-4+etch1) stable-security; urgency=high * Fix buffer overflow in HTTP response parsing stable/main/binary-arm/no-ip_2.1.1-4+etch1_arm.deb no-ip (2.1.1-4+etch1) stable-security; urgency=high * Fix buffer overflow in HTTP response parsing stable/main/binary-amd64/no-ip_2.1.1-4+etch1_amd64.deb no-ip (2.1.1-4+etch1) stable-security; urgency=high * Fix buffer overflow in HTTP response parsing stable/main/binary-alpha/no-ip_2.1.1-4+etch1_alpha.deb no-ip (2.1.1-4+etch1) stable-security; urgency=high * Fix buffer overflow in HTTP response parsing stable/main/source/no-ip_2.1.1-4+etch1.diff.gz stable/main/source/no-ip_2.1.1-4+etch1.dsc stable/main/binary-i386/no-ip_2.1.1-4+etch1_i386.deb no-ip (2.1.1-4+etch1) stable-security; urgency=high * Fix buffer overflow in HTTP response parsing stable/main/binary-sparc/netatalk_2.0.3-4+etch2_sparc.deb netatalk (2.0.3-4+etch2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix incomplete patch for CVE-2008-5718 by updating 213_CVE-2008-5718.patch to also quote a few missing characters that allow overwriting arbitrary files (Closes: #510585). stable/main/binary-s390/netatalk_2.0.3-4+etch2_s390.deb netatalk (2.0.3-4+etch2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix incomplete patch for CVE-2008-5718 by updating 213_CVE-2008-5718.patch to also quote a few missing characters that allow overwriting arbitrary files (Closes: #510585). stable/main/binary-powerpc/netatalk_2.0.3-4+etch2_powerpc.deb netatalk (2.0.3-4+etch2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix incomplete patch for CVE-2008-5718 by updating 213_CVE-2008-5718.patch to also quote a few missing characters that allow overwriting arbitrary files (Closes: #510585). stable/main/binary-mipsel/netatalk_2.0.3-4+etch2_mipsel.deb netatalk (2.0.3-4+etch2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix incomplete patch for CVE-2008-5718 by updating 213_CVE-2008-5718.patch to also quote a few missing characters that allow overwriting arbitrary files (Closes: #510585). stable/main/binary-mips/netatalk_2.0.3-4+etch2_mips.deb netatalk (2.0.3-4+etch2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix incomplete patch for CVE-2008-5718 by updating 213_CVE-2008-5718.patch to also quote a few missing characters that allow overwriting arbitrary files (Closes: #510585). stable/main/binary-ia64/netatalk_2.0.3-4+etch2_ia64.deb netatalk (2.0.3-4+etch2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix incomplete patch for CVE-2008-5718 by updating 213_CVE-2008-5718.patch to also quote a few missing characters that allow overwriting arbitrary files (Closes: #510585). stable/main/binary-i386/netatalk_2.0.3-4+etch2_i386.deb netatalk (2.0.3-4+etch2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix incomplete patch for CVE-2008-5718 by updating 213_CVE-2008-5718.patch to also quote a few missing characters that allow overwriting arbitrary files (Closes: #510585). stable/main/binary-hppa/netatalk_2.0.3-4+etch2_hppa.deb netatalk (2.0.3-4+etch2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix incomplete patch for CVE-2008-5718 by updating 213_CVE-2008-5718.patch to also quote a few missing characters that allow overwriting arbitrary files (Closes: #510585). stable/main/binary-arm/netatalk_2.0.3-4+etch2_arm.deb netatalk (2.0.3-4+etch2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix incomplete patch for CVE-2008-5718 by updating 213_CVE-2008-5718.patch to also quote a few missing characters that allow overwriting arbitrary files (Closes: #510585). stable/main/binary-alpha/netatalk_2.0.3-4+etch2_alpha.deb netatalk (2.0.3-4+etch2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix incomplete patch for CVE-2008-5718 by updating 213_CVE-2008-5718.patch to also quote a few missing characters that allow overwriting arbitrary files (Closes: #510585). stable/main/source/netatalk_2.0.3-4+etch2.diff.gz stable/main/source/netatalk_2.0.3-4+etch2.dsc stable/main/binary-amd64/netatalk_2.0.3-4+etch2_amd64.deb netatalk (2.0.3-4+etch2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix incomplete patch for CVE-2008-5718 by updating 213_CVE-2008-5718.patch to also quote a few missing characters that allow overwriting arbitrary files (Closes: #510585). stable/main/binary-all/muttprint_0.72d-8etch1_all.deb stable/main/source/muttprint_0.72d-8etch1.dsc stable/main/source/muttprint_0.72d-8etch1.diff.gz stable/main/binary-all/muttprint-manual_0.72d-8etch1_all.deb stable/main/binary-all/ospics_0.72d-8etch1_all.deb muttprint (0.72d-8etch1) stable; urgency=high * backport fix for 15_CVE 15_2008-5368 from upstrem (closes: #509487) stable/main/source/moodle_1.6.3-2+etch1.diff.gz stable/main/binary-all/moodle_1.6.3-2+etch1_all.deb stable/main/source/moodle_1.6.3-2+etch1.dsc moodle (1.6.3-2+etch1) stable-security; urgency=high * Adopt orphaned package (closes: #494642) [ Francois Marier ] * Fix vulnerabilities in embedded copy of smarty (CVE-2008-1066, CVE-2008-4811, CVE-2008-4810) (closes: #471158, #504345) * Patch snoopy input sanitising (CVE-2008-4796, closes: #504235) * Patch XSS scripting bug in blog/edit (CVE-2008-3326, closes: #492492) * Patch CSRF in edit profile page (CVE-2008-3325) * Patch XSS bug in kses (CVE-2008-1502, closes: #489533) * Patch XSS bug in user search page (CVE-2007-3555, closes: #432264) * Patch security bug in the embedded (and customised) copy of phpmailer (CVE-2007-3215, closes: #429339, #429190) [ Dan Poltawski ] * Patch SQL injection bug in hotpot module (MSA-08-0010) * Patch privilege escalation bug in moodle core (MSA-08-0001) * Patch CSRF bug in message settings page (MSA-08-0023) * Patch XSS bug in wiki page titles (CVE-2008-5432, closes: #508593) * Patch XSS bug in string cleaning functions (MSA-08-0021) * Patch XSS bug in RSS feeds * Fix parameter cleaning in forum user page * Fix critical security hole which allows any user to reset a users password (MDL-7755) * Fix XSS bug in login block (MDL-8849) * Fix insufficient cleaning of PARAM_HOST (MDL-12793) * Fix XSS bug in logged urls (MDL-11414) * Fix uncleaned params in wiki (MDL-14806) * Fix text cleaning (MDL-10276) stable/main/source/moin_1.5.3-1.2etch2.diff.gz stable/main/source/moin_1.5.3-1.2etch2.dsc stable/main/binary-all/python-moinmoin_1.5.3-1.2etch2_all.deb stable/main/binary-all/moinmoin-common_1.5.3-1.2etch2_all.deb moin (1.5.3-1.2etch2) stable-security; urgency=high * Non-maintainer upload by the security team * Fix cross-site scripting vulnerability via basename parameter in the AttachFile action (Closes: #513158) Fixes: CVE-2009-0260 * Extend the wikiutil.escape function to also escape single quotes "'" as done in newer versions * Fix cross-site scripting vulnerability in antispam.py via malformed content Fixes: CVE-2009-0312 stable/main/binary-sparc/ftpd-ssl_0.17.18+0.3-6etch1_sparc.deb linux-ftpd-ssl (0.17.18+0.3-6etch1) stable-proposed-updates; urgency=low * Fix CVE-2008-4247, a cross-site request forgery caused by splitting long command lines (Closes: #500518). stable/main/binary-s390/ftpd-ssl_0.17.18+0.3-6etch1_s390.deb linux-ftpd-ssl (0.17.18+0.3-6etch1) stable-proposed-updates; urgency=low * Fix CVE-2008-4247, a cross-site request forgery caused by splitting long command lines (Closes: #500518). stable/main/binary-powerpc/ftpd-ssl_0.17.18+0.3-6etch1_powerpc.deb linux-ftpd-ssl (0.17.18+0.3-6etch1) stable-proposed-updates; urgency=low * Fix CVE-2008-4247, a cross-site request forgery caused by splitting long command lines (Closes: #500518). stable/main/binary-mipsel/ftpd-ssl_0.17.18+0.3-6etch1_mipsel.deb linux-ftpd-ssl (0.17.18+0.3-6etch1) stable-proposed-updates; urgency=low * Fix CVE-2008-4247, a cross-site request forgery caused by splitting long command lines (Closes: #500518). stable/main/binary-mips/ftpd-ssl_0.17.18+0.3-6etch1_mips.deb linux-ftpd-ssl (0.17.18+0.3-6etch1) stable-proposed-updates; urgency=low * Fix CVE-2008-4247, a cross-site request forgery caused by splitting long command lines (Closes: #500518). stable/main/binary-ia64/ftpd-ssl_0.17.18+0.3-6etch1_ia64.deb linux-ftpd-ssl (0.17.18+0.3-6etch1) stable-proposed-updates; urgency=low * Fix CVE-2008-4247, a cross-site request forgery caused by splitting long command lines (Closes: #500518). stable/main/binary-hppa/ftpd-ssl_0.17.18+0.3-6etch1_hppa.deb linux-ftpd-ssl (0.17.18+0.3-6etch1) stable-proposed-updates; urgency=low * Fix CVE-2008-4247, a cross-site request forgery caused by splitting long command lines (Closes: #500518). stable/main/binary-arm/ftpd-ssl_0.17.18+0.3-6etch1_arm.deb linux-ftpd-ssl (0.17.18+0.3-6etch1) stable-proposed-updates; urgency=low * Fix CVE-2008-4247, a cross-site request forgery caused by splitting long command lines (Closes: #500518). stable/main/binary-amd64/ftpd-ssl_0.17.18+0.3-6etch1_amd64.deb linux-ftpd-ssl (0.17.18+0.3-6etch1) stable-proposed-updates; urgency=low * Fix CVE-2008-4247, a cross-site request forgery caused by splitting long command lines (Closes: #500518). stable/main/binary-alpha/ftpd-ssl_0.17.18+0.3-6etch1_alpha.deb linux-ftpd-ssl (0.17.18+0.3-6etch1) stable-proposed-updates; urgency=low * Fix CVE-2008-4247, a cross-site request forgery caused by splitting long command lines (Closes: #500518). stable/main/source/linux-ftpd-ssl_0.17.18+0.3-6etch1.dsc stable/main/source/linux-ftpd-ssl_0.17.18+0.3-6etch1.diff.gz stable/main/binary-i386/ftpd-ssl_0.17.18+0.3-6etch1_i386.deb linux-ftpd-ssl (0.17.18+0.3-6etch1) stable-proposed-updates; urgency=low * Fix CVE-2008-4247, a cross-site request forgery caused by splitting long command lines (Closes: #500518). stable/main/binary-sparc/linux-image-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.8_sparc.deb stable/main/binary-sparc/linux-headers-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.8_sparc.deb stable/main/binary-sparc/linux-headers-2.6.24-etchnhalf.1-all-sparc_2.6.24-6~etchnhalf.8_sparc.deb stable/main/binary-sparc/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8_sparc.deb stable/main/binary-sparc/linux-image-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.8_sparc.deb stable/main/binary-sparc/linux-headers-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.8_sparc.deb stable/main/binary-sparc/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8_sparc.deb linux-2.6.24 (2.6.24-6~etchnhalf.8) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Martin Michlmayr ] * [arm/ixp4xx, arm/iop32x] Enable USB_ATM (closes: #502182). stable/main/binary-s390/linux-image-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.8_s390.deb stable/main/binary-s390/linux-image-2.6.24-etchnhalf.1-s390-tape_2.6.24-6~etchnhalf.8_s390.deb stable/main/binary-s390/linux-headers-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.8_s390.deb stable/main/binary-s390/linux-image-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.8_s390.deb stable/main/binary-s390/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8_s390.deb stable/main/binary-s390/linux-headers-2.6.24-etchnhalf.1-all-s390_2.6.24-6~etchnhalf.8_s390.deb stable/main/binary-s390/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8_s390.deb stable/main/binary-s390/linux-headers-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.8_s390.deb linux-2.6.24 (2.6.24-6~etchnhalf.8) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Martin Michlmayr ] * [arm/ixp4xx, arm/iop32x] Enable USB_ATM (closes: #502182). stable/main/binary-powerpc/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.8_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.8_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.8_powerpc.deb stable/main/binary-powerpc/linux-image-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.8_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.8_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.24-etchnhalf.1-all-powerpc_2.6.24-6~etchnhalf.8_powerpc.deb stable/main/binary-powerpc/linux-image-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.8_powerpc.deb stable/main/binary-powerpc/linux-image-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.8_powerpc.deb stable/main/binary-powerpc/linux-image-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.8_powerpc.deb linux-2.6.24 (2.6.24-6~etchnhalf.8) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Martin Michlmayr ] * [arm/ixp4xx, arm/iop32x] Enable USB_ATM (closes: #502182). stable/main/binary-mipsel/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.8_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8_mipsel.deb stable/main/binary-mipsel/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8_mipsel.deb stable/main/binary-mipsel/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8_mipsel.deb stable/main/binary-mipsel/linux-image-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.8_mipsel.deb stable/main/binary-mipsel/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.24-etchnhalf.1-all-mipsel_2.6.24-6~etchnhalf.8_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8_mipsel.deb stable/main/binary-mipsel/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8_mipsel.deb linux-2.6.24 (2.6.24-6~etchnhalf.8) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Martin Michlmayr ] * [arm/ixp4xx, arm/iop32x] Enable USB_ATM (closes: #502182). stable/main/binary-mips/linux-headers-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.8_mips.deb stable/main/binary-mips/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8_mips.deb stable/main/binary-mips/linux-headers-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.8_mips.deb stable/main/binary-mips/linux-image-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.8_mips.deb stable/main/binary-mips/linux-image-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.8_mips.deb stable/main/binary-mips/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8_mips.deb stable/main/binary-mips/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8_mips.deb stable/main/binary-mips/linux-headers-2.6.24-etchnhalf.1-all-mips_2.6.24-6~etchnhalf.8_mips.deb stable/main/binary-mips/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8_mips.deb stable/main/binary-mips/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8_mips.deb stable/main/binary-mips/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8_mips.deb stable/main/binary-mips/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8_mips.deb stable/main/binary-mips/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8_mips.deb stable/main/binary-mips/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8_mips.deb stable/main/binary-mips/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8_mips.deb linux-2.6.24 (2.6.24-6~etchnhalf.8) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Martin Michlmayr ] * [arm/ixp4xx, arm/iop32x] Enable USB_ATM (closes: #502182). stable/main/binary-ia64/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8_ia64.deb stable/main/binary-ia64/linux-headers-2.6.24-etchnhalf.1-all-ia64_2.6.24-6~etchnhalf.8_ia64.deb stable/main/binary-ia64/linux-headers-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.8_ia64.deb stable/main/binary-ia64/linux-image-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.8_ia64.deb stable/main/binary-ia64/linux-image-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.8_ia64.deb stable/main/binary-ia64/linux-headers-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.8_ia64.deb stable/main/binary-ia64/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8_ia64.deb linux-2.6.24 (2.6.24-6~etchnhalf.8) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Martin Michlmayr ] * [arm/ixp4xx, arm/iop32x] Enable USB_ATM (closes: #502182). stable/main/binary-i386/linux-headers-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.8_i386.deb stable/main/binary-i386/linux-headers-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.8_i386.deb stable/main/binary-i386/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8_i386.deb stable/main/binary-i386/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8_i386.deb stable/main/binary-i386/linux-image-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.8_i386.deb stable/main/binary-i386/linux-image-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.8_i386.deb stable/main/binary-i386/linux-headers-2.6.24-etchnhalf.1-all-i386_2.6.24-6~etchnhalf.8_i386.deb stable/main/binary-i386/linux-headers-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.8_i386.deb stable/main/binary-i386/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8_i386.deb stable/main/binary-i386/linux-image-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.8_i386.deb stable/main/binary-i386/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8_i386.deb linux-2.6.24 (2.6.24-6~etchnhalf.8) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Martin Michlmayr ] * [arm/ixp4xx, arm/iop32x] Enable USB_ATM (closes: #502182). stable/main/binary-arm/linux-headers-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.8_arm.deb stable/main/binary-arm/linux-headers-2.6.24-etchnhalf.1-all-arm_2.6.24-6~etchnhalf.8_arm.deb stable/main/binary-arm/linux-image-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.8_arm.deb stable/main/binary-arm/linux-headers-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.8_arm.deb stable/main/binary-arm/linux-image-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.8_arm.deb stable/main/binary-arm/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8_arm.deb stable/main/binary-arm/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8_arm.deb stable/main/binary-arm/linux-image-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.8_arm.deb stable/main/binary-arm/linux-headers-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.8_arm.deb linux-2.6.24 (2.6.24-6~etchnhalf.8) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Martin Michlmayr ] * [arm/ixp4xx, arm/iop32x] Enable USB_ATM (closes: #502182). stable/main/binary-amd64/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8_amd64.deb stable/main/binary-amd64/linux-headers-2.6.24-etchnhalf.1-all-amd64_2.6.24-6~etchnhalf.8_amd64.deb stable/main/binary-amd64/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8_amd64.deb stable/main/binary-amd64/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8_amd64.deb stable/main/binary-amd64/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8_amd64.deb linux-2.6.24 (2.6.24-6~etchnhalf.8) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Martin Michlmayr ] * [arm/ixp4xx, arm/iop32x] Enable USB_ATM (closes: #502182). stable/main/binary-alpha/linux-image-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.8_alpha.deb stable/main/binary-alpha/linux-headers-2.6.24-etchnhalf.1-all-alpha_2.6.24-6~etchnhalf.8_alpha.deb stable/main/binary-alpha/linux-headers-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.8_alpha.deb stable/main/binary-alpha/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8_alpha.deb stable/main/binary-alpha/linux-headers-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.8_alpha.deb stable/main/binary-alpha/linux-image-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.8_alpha.deb stable/main/binary-alpha/linux-image-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.8_alpha.deb stable/main/binary-alpha/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8_alpha.deb stable/main/binary-alpha/linux-headers-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.8_alpha.deb linux-2.6.24 (2.6.24-6~etchnhalf.8) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Martin Michlmayr ] * [arm/ixp4xx, arm/iop32x] Enable USB_ATM (closes: #502182). stable/main/binary-hppa/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8_hppa.deb stable/main/binary-all/linux-source-2.6.24_2.6.24-6~etchnhalf.8_all.deb stable/main/binary-hppa/linux-image-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.8_hppa.deb stable/main/binary-all/linux-patch-debian-2.6.24_2.6.24-6~etchnhalf.8_all.deb stable/main/source/linux-2.6.24_2.6.24-6~etchnhalf.8.diff.gz stable/main/binary-hppa/linux-headers-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.8_hppa.deb stable/main/binary-hppa/linux-headers-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.8_hppa.deb stable/main/binary-hppa/linux-image-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.8_hppa.deb stable/main/binary-hppa/linux-image-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.8_hppa.deb stable/main/binary-all/linux-tree-2.6.24_2.6.24-6~etchnhalf.8_all.deb stable/main/binary-hppa/linux-headers-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.8_hppa.deb stable/main/binary-all/linux-manual-2.6.24_2.6.24-6~etchnhalf.8_all.deb stable/main/binary-all/linux-doc-2.6.24_2.6.24-6~etchnhalf.8_all.deb stable/main/binary-hppa/linux-image-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.8_hppa.deb stable/main/binary-all/linux-support-2.6.24-etchnhalf.1_2.6.24-6~etchnhalf.8_all.deb stable/main/binary-hppa/linux-headers-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.8_hppa.deb stable/main/source/linux-2.6.24_2.6.24-6~etchnhalf.8.dsc stable/main/binary-hppa/linux-headers-2.6.24-etchnhalf.1-all-hppa_2.6.24-6~etchnhalf.8_hppa.deb stable/main/binary-hppa/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8_hppa.deb linux-2.6.24 (2.6.24-6~etchnhalf.8) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Martin Michlmayr ] * [arm/ixp4xx, arm/iop32x] Enable USB_ATM (closes: #502182). stable/main/binary-sparc/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24_sparc.deb stable/main/binary-sparc/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24_sparc.deb stable/main/binary-sparc/linux-image-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-24_sparc.deb stable/main/binary-sparc/linux-image-2.6.18-6-sparc64_2.6.18.dfsg.1-24_sparc.deb stable/main/binary-sparc/linux-image-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-24_sparc.deb stable/main/binary-sparc/linux-headers-2.6.18-6-sparc64-smp_2.6.18.dfsg.1-24_sparc.deb stable/main/binary-sparc/linux-image-2.6.18-6-sparc32_2.6.18.dfsg.1-24_sparc.deb stable/main/binary-sparc/linux-headers-2.6.18-6-sparc32_2.6.18.dfsg.1-24_sparc.deb stable/main/binary-sparc/linux-headers-2.6.18-6-sparc64_2.6.18.dfsg.1-24_sparc.deb stable/main/binary-sparc/linux-headers-2.6.18-6-vserver-sparc64_2.6.18.dfsg.1-24_sparc.deb stable/main/binary-sparc/linux-headers-2.6.18-6-all-sparc_2.6.18.dfsg.1-24_sparc.deb stable/main/binary-sparc/linux-headers-2.6.18-6_2.6.18.dfsg.1-24_sparc.deb linux-2.6 (2.6.18.dfsg.1-24) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/binary-s390/linux-image-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-24_s390.deb stable/main/binary-s390/linux-image-2.6.18-6-s390_2.6.18.dfsg.1-24_s390.deb stable/main/binary-s390/linux-headers-2.6.18-6-all-s390_2.6.18.dfsg.1-24_s390.deb stable/main/binary-s390/linux-headers-2.6.18-6-vserver-s390x_2.6.18.dfsg.1-24_s390.deb stable/main/binary-s390/linux-image-2.6.18-6-s390x_2.6.18.dfsg.1-24_s390.deb stable/main/binary-s390/linux-headers-2.6.18-6-s390x_2.6.18.dfsg.1-24_s390.deb stable/main/binary-s390/linux-headers-2.6.18-6_2.6.18.dfsg.1-24_s390.deb stable/main/binary-s390/linux-image-2.6.18-6-s390-tape_2.6.18.dfsg.1-24_s390.deb stable/main/binary-s390/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24_s390.deb stable/main/binary-s390/linux-headers-2.6.18-6-s390_2.6.18.dfsg.1-24_s390.deb stable/main/binary-s390/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24_s390.deb linux-2.6 (2.6.18.dfsg.1-24) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/binary-powerpc/linux-headers-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.18-6-prep_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.18-6-all-powerpc_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-image-2.6.18-6-vserver-powerpc64_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-image-2.6.18-6-powerpc64_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-image-2.6.18-6-vserver-powerpc_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.18-6-powerpc64_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.18-6_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-image-2.6.18-6-powerpc-miboot_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-image-2.6.18-6-powerpc-smp_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-image-2.6.18-6-powerpc_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-image-2.6.18-6-prep_2.6.18.dfsg.1-24_powerpc.deb stable/main/binary-powerpc/linux-headers-2.6.18-6-powerpc_2.6.18.dfsg.1-24_powerpc.deb linux-2.6 (2.6.18.dfsg.1-24) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/binary-mipsel/linux-image-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-24_mipsel.deb stable/main/binary-mipsel/linux-image-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-24_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-24_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.18-6-r4k-kn04_2.6.18.dfsg.1-24_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-24_mipsel.deb stable/main/binary-mipsel/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-24_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.18-6-r3k-kn02_2.6.18.dfsg.1-24_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-24_mipsel.deb stable/main/binary-mipsel/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-24_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.18-6-all-mipsel_2.6.18.dfsg.1-24_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.18-6_2.6.18.dfsg.1-24_mipsel.deb stable/main/binary-mipsel/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-24_mipsel.deb stable/main/binary-mipsel/linux-image-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-24_mipsel.deb stable/main/binary-mipsel/linux-headers-2.6.18-6-r5k-cobalt_2.6.18.dfsg.1-24_mipsel.deb linux-2.6 (2.6.18.dfsg.1-24) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/binary-mips/linux-image-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-24_mips.deb stable/main/binary-mips/linux-image-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-24_mips.deb stable/main/binary-mips/linux-image-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-24_mips.deb stable/main/binary-mips/linux-headers-2.6.18-6-r5k-ip32_2.6.18.dfsg.1-24_mips.deb stable/main/binary-mips/linux-headers-2.6.18-6-all-mips_2.6.18.dfsg.1-24_mips.deb stable/main/binary-mips/linux-headers-2.6.18-6-r4k-ip22_2.6.18.dfsg.1-24_mips.deb stable/main/binary-mips/linux-headers-2.6.18-6-qemu_2.6.18.dfsg.1-24_mips.deb stable/main/binary-mips/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24_mips.deb stable/main/binary-mips/linux-headers-2.6.18-6-sb1a-bcm91480b_2.6.18.dfsg.1-24_mips.deb stable/main/binary-mips/linux-headers-2.6.18-6_2.6.18.dfsg.1-24_mips.deb stable/main/binary-mips/linux-image-2.6.18-6-qemu_2.6.18.dfsg.1-24_mips.deb stable/main/binary-mips/linux-image-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-24_mips.deb stable/main/binary-mips/linux-headers-2.6.18-6-sb1-bcm91250a_2.6.18.dfsg.1-24_mips.deb linux-2.6 (2.6.18.dfsg.1-24) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/binary-ia64/linux-headers-2.6.18-6-itanium_2.6.18.dfsg.1-24_ia64.deb stable/main/binary-ia64/linux-headers-2.6.18-6_2.6.18.dfsg.1-24_ia64.deb stable/main/binary-ia64/linux-headers-2.6.18-6-all-ia64_2.6.18.dfsg.1-24_ia64.deb stable/main/binary-ia64/linux-image-2.6.18-6-itanium_2.6.18.dfsg.1-24_ia64.deb stable/main/binary-ia64/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24_ia64.deb stable/main/binary-ia64/linux-headers-2.6.18-6-mckinley_2.6.18.dfsg.1-24_ia64.deb stable/main/binary-ia64/linux-image-2.6.18-6-mckinley_2.6.18.dfsg.1-24_ia64.deb linux-2.6 (2.6.18.dfsg.1-24) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/binary-i386/linux-image-2.6.18-6-xen-686_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-image-2.6.18-6-k7_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-image-2.6.18-6-vserver-k7_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6-486_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6-vserver-k7_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/xen-linux-system-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6-all-i386_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6-vserver-686_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6-xen-686_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6-k7_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-image-2.6.18-6-686-bigmem_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-image-2.6.18-6-686_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-image-2.6.18-6-vserver-686_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6-686_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-image-2.6.18-6-486_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6-686-bigmem_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/xen-linux-system-2.6.18-6-xen-686_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-image-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-modules-2.6.18-6-xen-686_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-modules-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-24_i386.deb stable/main/binary-i386/linux-headers-2.6.18-6-xen-vserver-686_2.6.18.dfsg.1-24_i386.deb linux-2.6 (2.6.18.dfsg.1-24) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/binary-hppa/linux-headers-2.6.18-6-all-hppa_2.6.18.dfsg.1-24_hppa.deb stable/main/binary-hppa/linux-headers-2.6.18-6-parisc-smp_2.6.18.dfsg.1-24_hppa.deb stable/main/binary-hppa/linux-headers-2.6.18-6-parisc_2.6.18.dfsg.1-24_hppa.deb stable/main/binary-hppa/linux-image-2.6.18-6-parisc_2.6.18.dfsg.1-24_hppa.deb stable/main/binary-hppa/linux-headers-2.6.18-6_2.6.18.dfsg.1-24_hppa.deb stable/main/binary-hppa/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24_hppa.deb stable/main/binary-hppa/linux-headers-2.6.18-6-parisc64_2.6.18.dfsg.1-24_hppa.deb stable/main/binary-hppa/linux-image-2.6.18-6-parisc64_2.6.18.dfsg.1-24_hppa.deb stable/main/binary-hppa/linux-headers-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-24_hppa.deb stable/main/binary-hppa/linux-image-2.6.18-6-parisc-smp_2.6.18.dfsg.1-24_hppa.deb stable/main/binary-hppa/linux-image-2.6.18-6-parisc64-smp_2.6.18.dfsg.1-24_hppa.deb linux-2.6 (2.6.18.dfsg.1-24) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/binary-arm/linux-headers-2.6.18-6-iop32x_2.6.18.dfsg.1-24_arm.deb stable/main/binary-arm/linux-image-2.6.18-6-s3c2410_2.6.18.dfsg.1-24_arm.deb stable/main/binary-arm/linux-headers-2.6.18-6-footbridge_2.6.18.dfsg.1-24_arm.deb stable/main/binary-arm/linux-headers-2.6.18-6-rpc_2.6.18.dfsg.1-24_arm.deb stable/main/binary-arm/linux-headers-2.6.18-6_2.6.18.dfsg.1-24_arm.deb stable/main/binary-arm/linux-image-2.6.18-6-ixp4xx_2.6.18.dfsg.1-24_arm.deb stable/main/binary-arm/linux-headers-2.6.18-6-all-arm_2.6.18.dfsg.1-24_arm.deb stable/main/binary-arm/linux-image-2.6.18-6-footbridge_2.6.18.dfsg.1-24_arm.deb stable/main/binary-arm/linux-image-2.6.18-6-rpc_2.6.18.dfsg.1-24_arm.deb stable/main/binary-arm/linux-image-2.6.18-6-iop32x_2.6.18.dfsg.1-24_arm.deb stable/main/binary-arm/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24_arm.deb stable/main/binary-arm/linux-headers-2.6.18-6-s3c2410_2.6.18.dfsg.1-24_arm.deb stable/main/binary-arm/linux-headers-2.6.18-6-ixp4xx_2.6.18.dfsg.1-24_arm.deb linux-2.6 (2.6.18.dfsg.1-24) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/binary-alpha/linux-image-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-24_alpha.deb stable/main/binary-alpha/linux-image-2.6.18-6-alpha-smp_2.6.18.dfsg.1-24_alpha.deb stable/main/binary-alpha/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24_alpha.deb stable/main/binary-alpha/linux-image-2.6.18-6-alpha-generic_2.6.18.dfsg.1-24_alpha.deb stable/main/binary-alpha/linux-headers-2.6.18-6-alpha-smp_2.6.18.dfsg.1-24_alpha.deb stable/main/binary-alpha/linux-headers-2.6.18-6_2.6.18.dfsg.1-24_alpha.deb stable/main/binary-alpha/linux-headers-2.6.18-6-all-alpha_2.6.18.dfsg.1-24_alpha.deb stable/main/binary-alpha/linux-image-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-24_alpha.deb stable/main/binary-alpha/linux-headers-2.6.18-6-vserver-alpha_2.6.18.dfsg.1-24_alpha.deb stable/main/binary-alpha/linux-headers-2.6.18-6-alpha-generic_2.6.18.dfsg.1-24_alpha.deb stable/main/binary-alpha/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24_alpha.deb stable/main/binary-alpha/linux-headers-2.6.18-6-alpha-legacy_2.6.18.dfsg.1-24_alpha.deb linux-2.6 (2.6.18.dfsg.1-24) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/binary-all/linux-manual-2.6.18_2.6.18.dfsg.1-24_all.deb stable/main/binary-amd64/linux-headers-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-amd64/xen-linux-system-2.6.18-6-xen-amd64_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-all/linux-patch-debian-2.6.18_2.6.18.dfsg.1-24_all.deb stable/main/binary-amd64/linux-image-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-amd64/linux-headers-2.6.18-6-all_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-amd64/linux-image-2.6.18-6-amd64_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-amd64/linux-modules-2.6.18-6-xen-amd64_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-amd64/linux-headers-2.6.18-6-amd64_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-all/linux-doc-2.6.18_2.6.18.dfsg.1-24_all.deb stable/main/binary-amd64/linux-headers-2.6.18-6-all-amd64_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-amd64/linux-headers-2.6.18-6-vserver_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-amd64/linux-headers-2.6.18-6-xen_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-all/linux-support-2.6.18-6_2.6.18.dfsg.1-24_all.deb stable/main/binary-all/linux-tree-2.6.18_2.6.18.dfsg.1-24_all.deb stable/main/binary-amd64/linux-headers-2.6.18-6-xen-vserver_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-amd64/linux-headers-2.6.18-6-vserver-amd64_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-all/linux-source-2.6.18_2.6.18.dfsg.1-24_all.deb stable/main/binary-amd64/linux-headers-2.6.18-6-xen-amd64_2.6.18.dfsg.1-24_amd64.deb stable/main/source/linux-2.6_2.6.18.dfsg.1-24.diff.gz stable/main/source/linux-2.6_2.6.18.dfsg.1-24.dsc stable/main/binary-amd64/linux-image-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-amd64/linux-headers-2.6.18-6_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-amd64/linux-modules-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-amd64/linux-image-2.6.18-6-xen-amd64_2.6.18.dfsg.1-24_amd64.deb stable/main/binary-amd64/xen-linux-system-2.6.18-6-xen-vserver-amd64_2.6.18.dfsg.1-24_amd64.deb linux-2.6 (2.6.18.dfsg.1-24) stable; urgency=high [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/binary-sparc/php4-lasso_0.6.5-3+etch1_sparc.deb stable/main/binary-sparc/liblasso3_0.6.5-3+etch1_sparc.deb stable/main/binary-sparc/liblasso-java_0.6.5-3+etch1_sparc.deb stable/main/binary-sparc/liblasso3-dev_0.6.5-3+etch1_sparc.deb stable/main/binary-sparc/python-lasso_0.6.5-3+etch1_sparc.deb lasso (0.6.5-3+etch1) stable-security; urgency=high * Backported security fixes from 2.2.2 * Correctly check for signature validity (CVE-2009-0050) (Closes: #511262) stable/main/binary-s390/liblasso3-dev_0.6.5-3+etch1_s390.deb stable/main/binary-s390/liblasso-java_0.6.5-3+etch1_s390.deb stable/main/binary-s390/python-lasso_0.6.5-3+etch1_s390.deb stable/main/binary-s390/liblasso3_0.6.5-3+etch1_s390.deb stable/main/binary-s390/php4-lasso_0.6.5-3+etch1_s390.deb lasso (0.6.5-3+etch1) stable-security; urgency=high * Backported security fixes from 2.2.2 * Correctly check for signature validity (CVE-2009-0050) (Closes: #511262) stable/main/binary-powerpc/python-lasso_0.6.5-3+etch1_powerpc.deb stable/main/binary-powerpc/liblasso-java_0.6.5-3+etch1_powerpc.deb stable/main/binary-powerpc/liblasso3_0.6.5-3+etch1_powerpc.deb stable/main/binary-powerpc/liblasso3-dev_0.6.5-3+etch1_powerpc.deb stable/main/binary-powerpc/php4-lasso_0.6.5-3+etch1_powerpc.deb lasso (0.6.5-3+etch1) stable-security; urgency=high * Backported security fixes from 2.2.2 * Correctly check for signature validity (CVE-2009-0050) (Closes: #511262) stable/main/binary-mipsel/liblasso3_0.6.5-3+etch1_mipsel.deb stable/main/binary-mipsel/liblasso3-dev_0.6.5-3+etch1_mipsel.deb stable/main/binary-mipsel/python-lasso_0.6.5-3+etch1_mipsel.deb stable/main/binary-mipsel/php4-lasso_0.6.5-3+etch1_mipsel.deb stable/main/binary-mipsel/liblasso-java_0.6.5-3+etch1_mipsel.deb lasso (0.6.5-3+etch1) stable-security; urgency=high * Backported security fixes from 2.2.2 * Correctly check for signature validity (CVE-2009-0050) (Closes: #511262) stable/main/binary-mips/liblasso3_0.6.5-3+etch1_mips.deb stable/main/binary-mips/liblasso3-dev_0.6.5-3+etch1_mips.deb stable/main/binary-mips/python-lasso_0.6.5-3+etch1_mips.deb stable/main/binary-mips/liblasso-java_0.6.5-3+etch1_mips.deb stable/main/binary-mips/php4-lasso_0.6.5-3+etch1_mips.deb lasso (0.6.5-3+etch1) stable-security; urgency=high * Backported security fixes from 2.2.2 * Correctly check for signature validity (CVE-2009-0050) (Closes: #511262) stable/main/binary-ia64/liblasso3-dev_0.6.5-3+etch1_ia64.deb stable/main/binary-ia64/python-lasso_0.6.5-3+etch1_ia64.deb stable/main/binary-ia64/liblasso3_0.6.5-3+etch1_ia64.deb stable/main/binary-ia64/php4-lasso_0.6.5-3+etch1_ia64.deb stable/main/binary-ia64/liblasso-java_0.6.5-3+etch1_ia64.deb lasso (0.6.5-3+etch1) stable-security; urgency=high * Backported security fixes from 2.2.2 * Correctly check for signature validity (CVE-2009-0050) (Closes: #511262) stable/main/binary-hppa/liblasso3-dev_0.6.5-3+etch1_hppa.deb stable/main/binary-hppa/php4-lasso_0.6.5-3+etch1_hppa.deb stable/main/binary-hppa/liblasso3_0.6.5-3+etch1_hppa.deb stable/main/binary-hppa/liblasso-java_0.6.5-3+etch1_hppa.deb stable/main/binary-hppa/python-lasso_0.6.5-3+etch1_hppa.deb lasso (0.6.5-3+etch1) stable-security; urgency=high * Backported security fixes from 2.2.2 * Correctly check for signature validity (CVE-2009-0050) (Closes: #511262) stable/main/binary-arm/python-lasso_0.6.5-3+etch1_arm.deb stable/main/binary-arm/liblasso3_0.6.5-3+etch1_arm.deb stable/main/binary-arm/liblasso3-dev_0.6.5-3+etch1_arm.deb stable/main/binary-arm/liblasso-java_0.6.5-3+etch1_arm.deb stable/main/binary-arm/php4-lasso_0.6.5-3+etch1_arm.deb lasso (0.6.5-3+etch1) stable-security; urgency=high * Backported security fixes from 2.2.2 * Correctly check for signature validity (CVE-2009-0050) (Closes: #511262) stable/main/binary-amd64/liblasso-java_0.6.5-3+etch1_amd64.deb stable/main/binary-amd64/liblasso3_0.6.5-3+etch1_amd64.deb stable/main/binary-amd64/liblasso3-dev_0.6.5-3+etch1_amd64.deb stable/main/binary-amd64/php4-lasso_0.6.5-3+etch1_amd64.deb stable/main/binary-amd64/python-lasso_0.6.5-3+etch1_amd64.deb lasso (0.6.5-3+etch1) stable-security; urgency=high * Backported security fixes from 2.2.2 * Correctly check for signature validity (CVE-2009-0050) (Closes: #511262) stable/main/binary-alpha/python-lasso_0.6.5-3+etch1_alpha.deb stable/main/binary-alpha/liblasso3_0.6.5-3+etch1_alpha.deb stable/main/binary-alpha/liblasso3-dev_0.6.5-3+etch1_alpha.deb stable/main/binary-alpha/php4-lasso_0.6.5-3+etch1_alpha.deb stable/main/binary-alpha/liblasso-java_0.6.5-3+etch1_alpha.deb lasso (0.6.5-3+etch1) stable-security; urgency=high * Backported security fixes from 2.2.2 * Correctly check for signature validity (CVE-2009-0050) (Closes: #511262) stable/main/binary-i386/python-lasso_0.6.5-3+etch1_i386.deb stable/main/binary-i386/liblasso3-dev_0.6.5-3+etch1_i386.deb stable/main/source/lasso_0.6.5-3+etch1.dsc stable/main/binary-i386/php4-lasso_0.6.5-3+etch1_i386.deb stable/main/source/lasso_0.6.5-3+etch1.diff.gz stable/main/binary-i386/liblasso-java_0.6.5-3+etch1_i386.deb stable/main/binary-i386/liblasso3_0.6.5-3+etch1_i386.deb lasso (0.6.5-3+etch1) stable-security; urgency=high * Backported security fixes from 2.2.2 * Correctly check for signature validity (CVE-2009-0050) (Closes: #511262) stable/main/binary-sparc/iceweasel_2.0.0.19-0etch1_sparc.deb stable/main/binary-sparc/iceweasel-gnome-support_2.0.0.19-0etch1_sparc.deb stable/main/binary-sparc/iceweasel-dbg_2.0.0.19-0etch1_sparc.deb iceweasel (2.0.0.19-0etch1) stable-security; urgency=critical * New upstream security release. * Fixes msfa 2008-60 aka CVE-2008-5500, CVE-2008-5501 and CVE-2008-5502; mfsa 2008-61 aka CVE-2008-5503; mfsa 2008-62 aka CVE-2008-5504; mfsa 2008-64 aka CVE-2008-5506; mfsa 2008-65 aka CVE-2008-5507; mfsa 2008-66 aka CVE-2008-5508; mfsa 2008-67 aka CVE-2008-5510; mfsa 2008-68 aka CVE-2008-5511 and CVE-2008-5512; mfsa 2008-69 aka CVE-2008-5513; (Closes: #510902) stable/main/binary-s390/iceweasel-dbg_2.0.0.19-0etch1_s390.deb stable/main/binary-s390/iceweasel_2.0.0.19-0etch1_s390.deb stable/main/binary-s390/iceweasel-gnome-support_2.0.0.19-0etch1_s390.deb iceweasel (2.0.0.19-0etch1) stable-security; urgency=critical * New upstream security release. * Fixes msfa 2008-60 aka CVE-2008-5500, CVE-2008-5501 and CVE-2008-5502; mfsa 2008-61 aka CVE-2008-5503; mfsa 2008-62 aka CVE-2008-5504; mfsa 2008-64 aka CVE-2008-5506; mfsa 2008-65 aka CVE-2008-5507; mfsa 2008-66 aka CVE-2008-5508; mfsa 2008-67 aka CVE-2008-5510; mfsa 2008-68 aka CVE-2008-5511 and CVE-2008-5512; mfsa 2008-69 aka CVE-2008-5513; (Closes: #510902) stable/main/binary-powerpc/iceweasel-dbg_2.0.0.19-0etch1_powerpc.deb stable/main/binary-powerpc/iceweasel_2.0.0.19-0etch1_powerpc.deb stable/main/binary-powerpc/iceweasel-gnome-support_2.0.0.19-0etch1_powerpc.deb iceweasel (2.0.0.19-0etch1) stable-security; urgency=critical * New upstream security release. * Fixes msfa 2008-60 aka CVE-2008-5500, CVE-2008-5501 and CVE-2008-5502; mfsa 2008-61 aka CVE-2008-5503; mfsa 2008-62 aka CVE-2008-5504; mfsa 2008-64 aka CVE-2008-5506; mfsa 2008-65 aka CVE-2008-5507; mfsa 2008-66 aka CVE-2008-5508; mfsa 2008-67 aka CVE-2008-5510; mfsa 2008-68 aka CVE-2008-5511 and CVE-2008-5512; mfsa 2008-69 aka CVE-2008-5513; (Closes: #510902) stable/main/binary-mipsel/iceweasel-gnome-support_2.0.0.19-0etch1_mipsel.deb stable/main/binary-mipsel/iceweasel-dbg_2.0.0.19-0etch1_mipsel.deb stable/main/binary-mipsel/iceweasel_2.0.0.19-0etch1_mipsel.deb iceweasel (2.0.0.19-0etch1) stable-security; urgency=critical * New upstream security release. * Fixes msfa 2008-60 aka CVE-2008-5500, CVE-2008-5501 and CVE-2008-5502; mfsa 2008-61 aka CVE-2008-5503; mfsa 2008-62 aka CVE-2008-5504; mfsa 2008-64 aka CVE-2008-5506; mfsa 2008-65 aka CVE-2008-5507; mfsa 2008-66 aka CVE-2008-5508; mfsa 2008-67 aka CVE-2008-5510; mfsa 2008-68 aka CVE-2008-5511 and CVE-2008-5512; mfsa 2008-69 aka CVE-2008-5513; (Closes: #510902) stable/main/binary-mips/iceweasel-dbg_2.0.0.19-0etch1_mips.deb stable/main/binary-mips/iceweasel_2.0.0.19-0etch1_mips.deb stable/main/binary-mips/iceweasel-gnome-support_2.0.0.19-0etch1_mips.deb iceweasel (2.0.0.19-0etch1) stable-security; urgency=critical * New upstream security release. * Fixes msfa 2008-60 aka CVE-2008-5500, CVE-2008-5501 and CVE-2008-5502; mfsa 2008-61 aka CVE-2008-5503; mfsa 2008-62 aka CVE-2008-5504; mfsa 2008-64 aka CVE-2008-5506; mfsa 2008-65 aka CVE-2008-5507; mfsa 2008-66 aka CVE-2008-5508; mfsa 2008-67 aka CVE-2008-5510; mfsa 2008-68 aka CVE-2008-5511 and CVE-2008-5512; mfsa 2008-69 aka CVE-2008-5513; (Closes: #510902) stable/main/binary-ia64/iceweasel-dbg_2.0.0.19-0etch1_ia64.deb stable/main/binary-ia64/iceweasel-gnome-support_2.0.0.19-0etch1_ia64.deb stable/main/binary-ia64/iceweasel_2.0.0.19-0etch1_ia64.deb iceweasel (2.0.0.19-0etch1) stable-security; urgency=critical * New upstream security release. * Fixes msfa 2008-60 aka CVE-2008-5500, CVE-2008-5501 and CVE-2008-5502; mfsa 2008-61 aka CVE-2008-5503; mfsa 2008-62 aka CVE-2008-5504; mfsa 2008-64 aka CVE-2008-5506; mfsa 2008-65 aka CVE-2008-5507; mfsa 2008-66 aka CVE-2008-5508; mfsa 2008-67 aka CVE-2008-5510; mfsa 2008-68 aka CVE-2008-5511 and CVE-2008-5512; mfsa 2008-69 aka CVE-2008-5513; (Closes: #510902) stable/main/binary-i386/iceweasel-gnome-support_2.0.0.19-0etch1_i386.deb stable/main/binary-i386/iceweasel_2.0.0.19-0etch1_i386.deb stable/main/binary-i386/iceweasel-dbg_2.0.0.19-0etch1_i386.deb iceweasel (2.0.0.19-0etch1) stable-security; urgency=critical * New upstream security release. * Fixes msfa 2008-60 aka CVE-2008-5500, CVE-2008-5501 and CVE-2008-5502; mfsa 2008-61 aka CVE-2008-5503; mfsa 2008-62 aka CVE-2008-5504; mfsa 2008-64 aka CVE-2008-5506; mfsa 2008-65 aka CVE-2008-5507; mfsa 2008-66 aka CVE-2008-5508; mfsa 2008-67 aka CVE-2008-5510; mfsa 2008-68 aka CVE-2008-5511 and CVE-2008-5512; mfsa 2008-69 aka CVE-2008-5513; (Closes: #510902) stable/main/binary-hppa/iceweasel-dbg_2.0.0.19-0etch1_hppa.deb stable/main/binary-hppa/iceweasel_2.0.0.19-0etch1_hppa.deb stable/main/binary-hppa/iceweasel-gnome-support_2.0.0.19-0etch1_hppa.deb iceweasel (2.0.0.19-0etch1) stable-security; urgency=critical * New upstream security release. * Fixes msfa 2008-60 aka CVE-2008-5500, CVE-2008-5501 and CVE-2008-5502; mfsa 2008-61 aka CVE-2008-5503; mfsa 2008-62 aka CVE-2008-5504; mfsa 2008-64 aka CVE-2008-5506; mfsa 2008-65 aka CVE-2008-5507; mfsa 2008-66 aka CVE-2008-5508; mfsa 2008-67 aka CVE-2008-5510; mfsa 2008-68 aka CVE-2008-5511 and CVE-2008-5512; mfsa 2008-69 aka CVE-2008-5513; (Closes: #510902) stable/main/binary-arm/iceweasel-gnome-support_2.0.0.19-0etch1_arm.deb stable/main/binary-arm/iceweasel_2.0.0.19-0etch1_arm.deb stable/main/binary-arm/iceweasel-dbg_2.0.0.19-0etch1_arm.deb iceweasel (2.0.0.19-0etch1) stable-security; urgency=critical * New upstream security release. * Fixes msfa 2008-60 aka CVE-2008-5500, CVE-2008-5501 and CVE-2008-5502; mfsa 2008-61 aka CVE-2008-5503; mfsa 2008-62 aka CVE-2008-5504; mfsa 2008-64 aka CVE-2008-5506; mfsa 2008-65 aka CVE-2008-5507; mfsa 2008-66 aka CVE-2008-5508; mfsa 2008-67 aka CVE-2008-5510; mfsa 2008-68 aka CVE-2008-5511 and CVE-2008-5512; mfsa 2008-69 aka CVE-2008-5513; (Closes: #510902) stable/main/binary-alpha/iceweasel-dbg_2.0.0.19-0etch1_alpha.deb stable/main/binary-alpha/iceweasel-gnome-support_2.0.0.19-0etch1_alpha.deb stable/main/binary-alpha/iceweasel_2.0.0.19-0etch1_alpha.deb iceweasel (2.0.0.19-0etch1) stable-security; urgency=critical * New upstream security release. * Fixes msfa 2008-60 aka CVE-2008-5500, CVE-2008-5501 and CVE-2008-5502; mfsa 2008-61 aka CVE-2008-5503; mfsa 2008-62 aka CVE-2008-5504; mfsa 2008-64 aka CVE-2008-5506; mfsa 2008-65 aka CVE-2008-5507; mfsa 2008-66 aka CVE-2008-5508; mfsa 2008-67 aka CVE-2008-5510; mfsa 2008-68 aka CVE-2008-5511 and CVE-2008-5512; mfsa 2008-69 aka CVE-2008-5513; (Closes: #510902) stable/main/binary-all/iceweasel-dom-inspector_2.0.0.19-0etch1_all.deb stable/main/binary-all/firefox_2.0.0.19-0etch1_all.deb stable/main/source/iceweasel_2.0.0.19-0etch1.dsc stable/main/binary-all/firefox-gnome-support_2.0.0.19-0etch1_all.deb stable/main/binary-all/firefox-dom-inspector_2.0.0.19-0etch1_all.deb stable/main/binary-all/mozilla-firefox_2.0.0.19-0etch1_all.deb stable/main/source/iceweasel_2.0.0.19.orig.tar.gz stable/main/binary-amd64/iceweasel-gnome-support_2.0.0.19-0etch1_amd64.deb stable/main/source/iceweasel_2.0.0.19-0etch1.diff.gz stable/main/binary-amd64/iceweasel-dbg_2.0.0.19-0etch1_amd64.deb stable/main/binary-all/mozilla-firefox-gnome-support_2.0.0.19-0etch1_all.deb stable/main/binary-all/mozilla-firefox-dom-inspector_2.0.0.19-0etch1_all.deb stable/main/binary-amd64/iceweasel_2.0.0.19-0etch1_amd64.deb iceweasel (2.0.0.19-0etch1) stable-security; urgency=critical * New upstream security release. * Fixes msfa 2008-60 aka CVE-2008-5500, CVE-2008-5501 and CVE-2008-5502; mfsa 2008-61 aka CVE-2008-5503; mfsa 2008-62 aka CVE-2008-5504; mfsa 2008-64 aka CVE-2008-5506; mfsa 2008-65 aka CVE-2008-5507; mfsa 2008-66 aka CVE-2008-5508; mfsa 2008-67 aka CVE-2008-5510; mfsa 2008-68 aka CVE-2008-5511 and CVE-2008-5512; mfsa 2008-69 aka CVE-2008-5513; (Closes: #510902) stable/main/binary-sparc/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_sparc.deb stable/main/binary-sparc/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_sparc.deb stable/main/binary-sparc/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_sparc.deb stable/main/binary-sparc/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_sparc.deb stable/main/binary-sparc/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_sparc.deb stable/main/binary-sparc/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_sparc.deb icedove (1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1) stable-security; urgency=high * Non-maintainer upload by the security team * backports for thunderbird 2.0.0.17 stability/security update * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message * backports for thunderbird 2.0.0.18 stability/security update * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail * backports for thunderbird 2.0.0.19 stability/security update * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/icedove-1.5.0.13+1.5.0.15b+prepatch080614i.tar.bz2 patchset: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz Thanks to Alexander Sack for his cooperation and all the work behind the curtain stable/main/binary-s390/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_s390.deb stable/main/binary-s390/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_s390.deb stable/main/binary-s390/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_s390.deb stable/main/binary-s390/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_s390.deb stable/main/binary-s390/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_s390.deb stable/main/binary-s390/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_s390.deb icedove (1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1) stable-security; urgency=high * Non-maintainer upload by the security team * backports for thunderbird 2.0.0.17 stability/security update * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message * backports for thunderbird 2.0.0.18 stability/security update * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail * backports for thunderbird 2.0.0.19 stability/security update * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/icedove-1.5.0.13+1.5.0.15b+prepatch080614i.tar.bz2 patchset: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz Thanks to Alexander Sack for his cooperation and all the work behind the curtain stable/main/binary-powerpc/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_powerpc.deb stable/main/binary-powerpc/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_powerpc.deb stable/main/binary-powerpc/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_powerpc.deb stable/main/binary-powerpc/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_powerpc.deb stable/main/binary-powerpc/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_powerpc.deb stable/main/binary-powerpc/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_powerpc.deb icedove (1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1) stable-security; urgency=high * Non-maintainer upload by the security team * backports for thunderbird 2.0.0.17 stability/security update * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message * backports for thunderbird 2.0.0.18 stability/security update * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail * backports for thunderbird 2.0.0.19 stability/security update * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/icedove-1.5.0.13+1.5.0.15b+prepatch080614i.tar.bz2 patchset: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz Thanks to Alexander Sack for his cooperation and all the work behind the curtain stable/main/binary-mipsel/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_mipsel.deb stable/main/binary-mipsel/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_mipsel.deb stable/main/binary-mipsel/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_mipsel.deb stable/main/binary-mipsel/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_mipsel.deb stable/main/binary-mipsel/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_mipsel.deb stable/main/binary-mipsel/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_mipsel.deb icedove (1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1) stable-security; urgency=high * Non-maintainer upload by the security team * backports for thunderbird 2.0.0.17 stability/security update * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message * backports for thunderbird 2.0.0.18 stability/security update * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail * backports for thunderbird 2.0.0.19 stability/security update * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/icedove-1.5.0.13+1.5.0.15b+prepatch080614i.tar.bz2 patchset: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz Thanks to Alexander Sack for his cooperation and all the work behind the curtain stable/main/binary-mips/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_mips.deb stable/main/binary-mips/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_mips.deb stable/main/binary-mips/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_mips.deb stable/main/binary-mips/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_mips.deb stable/main/binary-mips/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_mips.deb stable/main/binary-mips/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_mips.deb icedove (1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1) stable-security; urgency=high * Non-maintainer upload by the security team * backports for thunderbird 2.0.0.17 stability/security update * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message * backports for thunderbird 2.0.0.18 stability/security update * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail * backports for thunderbird 2.0.0.19 stability/security update * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/icedove-1.5.0.13+1.5.0.15b+prepatch080614i.tar.bz2 patchset: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz Thanks to Alexander Sack for his cooperation and all the work behind the curtain stable/main/binary-ia64/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_ia64.deb stable/main/binary-ia64/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_ia64.deb stable/main/binary-ia64/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_ia64.deb stable/main/binary-ia64/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_ia64.deb stable/main/binary-ia64/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_ia64.deb stable/main/binary-ia64/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_ia64.deb icedove (1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1) stable-security; urgency=high * Non-maintainer upload by the security team * backports for thunderbird 2.0.0.17 stability/security update * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message * backports for thunderbird 2.0.0.18 stability/security update * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail * backports for thunderbird 2.0.0.19 stability/security update * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/icedove-1.5.0.13+1.5.0.15b+prepatch080614i.tar.bz2 patchset: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz Thanks to Alexander Sack for his cooperation and all the work behind the curtain stable/main/binary-hppa/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_hppa.deb stable/main/binary-hppa/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_hppa.deb stable/main/binary-hppa/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_hppa.deb stable/main/binary-hppa/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_hppa.deb stable/main/binary-hppa/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_hppa.deb stable/main/binary-hppa/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_hppa.deb icedove (1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1) stable-security; urgency=high * Non-maintainer upload by the security team * backports for thunderbird 2.0.0.17 stability/security update * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message * backports for thunderbird 2.0.0.18 stability/security update * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail * backports for thunderbird 2.0.0.19 stability/security update * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/icedove-1.5.0.13+1.5.0.15b+prepatch080614i.tar.bz2 patchset: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz Thanks to Alexander Sack for his cooperation and all the work behind the curtain stable/main/binary-arm/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_arm.deb stable/main/binary-arm/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_arm.deb stable/main/binary-arm/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_arm.deb stable/main/binary-arm/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_arm.deb stable/main/binary-arm/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_arm.deb stable/main/binary-arm/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_arm.deb icedove (1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1) stable-security; urgency=high * Non-maintainer upload by the security team * backports for thunderbird 2.0.0.17 stability/security update * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message * backports for thunderbird 2.0.0.18 stability/security update * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail * backports for thunderbird 2.0.0.19 stability/security update * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/icedove-1.5.0.13+1.5.0.15b+prepatch080614i.tar.bz2 patchset: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz Thanks to Alexander Sack for his cooperation and all the work behind the curtain stable/main/binary-amd64/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_amd64.deb stable/main/binary-amd64/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_amd64.deb stable/main/binary-amd64/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_amd64.deb stable/main/binary-amd64/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_amd64.deb stable/main/binary-amd64/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_amd64.deb stable/main/binary-amd64/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_amd64.deb icedove (1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1) stable-security; urgency=high * Non-maintainer upload by the security team * backports for thunderbird 2.0.0.17 stability/security update * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message * backports for thunderbird 2.0.0.18 stability/security update * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail * backports for thunderbird 2.0.0.19 stability/security update * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/icedove-1.5.0.13+1.5.0.15b+prepatch080614i.tar.bz2 patchset: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz Thanks to Alexander Sack for his cooperation and all the work behind the curtain stable/main/binary-alpha/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_alpha.deb stable/main/binary-alpha/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_alpha.deb stable/main/binary-alpha/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_alpha.deb stable/main/binary-alpha/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_alpha.deb stable/main/binary-alpha/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_alpha.deb stable/main/binary-alpha/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_alpha.deb icedove (1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1) stable-security; urgency=high * Non-maintainer upload by the security team * backports for thunderbird 2.0.0.17 stability/security update * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message * backports for thunderbird 2.0.0.18 stability/security update * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail * backports for thunderbird 2.0.0.19 stability/security update * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/icedove-1.5.0.13+1.5.0.15b+prepatch080614i.tar.bz2 patchset: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz Thanks to Alexander Sack for his cooperation and all the work behind the curtain stable/main/binary-i386/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb stable/main/binary-all/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb stable/main/binary-all/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb stable/main/binary-all/thunderbird-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb stable/main/binary-all/mozilla-thunderbird_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb stable/main/binary-i386/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb stable/main/source/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i.orig.tar.gz stable/main/binary-all/thunderbird_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb stable/main/binary-all/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb stable/main/binary-i386/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb stable/main/binary-i386/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb stable/main/binary-all/thunderbird-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb stable/main/binary-all/thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb stable/main/binary-i386/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb stable/main/source/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1.dsc stable/main/binary-all/thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb stable/main/binary-i386/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_i386.deb stable/main/source/icedove_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1.diff.gz stable/main/binary-all/thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1_all.deb icedove (1.5.0.13+1.5.0.15b.dfsg1+prepatch080614i-0etch1) stable-security; urgency=high * Non-maintainer upload by the security team * backports for thunderbird 2.0.0.17 stability/security update * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message * backports for thunderbird 2.0.0.18 stability/security update * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail * backports for thunderbird 2.0.0.19 stability/security update * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/icedove-1.5.0.13+1.5.0.15b+prepatch080614i.tar.bz2 patchset: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz Thanks to Alexander Sack for his cooperation and all the work behind the curtain stable/main/binary-sparc/iceape-calendar_1.0.13~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/iceape-mailnews_1.0.13~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/iceape-browser_1.0.13~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/iceape-dom-inspector_1.0.13~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/iceape-gnome-support_1.0.13~pre080614i-0etch1_sparc.deb stable/main/binary-sparc/iceape-dbg_1.0.13~pre080614i-0etch1_sparc.deb iceape (1.0.13~pre080614i-0etch1) stable-security; urgency=low * security/stability update for issues discussed in firefox/thunderbird 2.0.0.15, 2.0.0.16, 2.0.0.17, 2.0.0.18, 2.0.0.19 (details below) - Closes: #505565 - Mozilla SeaMonkey Multiple Vulnerabilities * debian/calendar-1.0.9.tar.bz2.uue,control,rules: add uuencoded calendar/ directory; unpack before patch-stamp in rules; adjust build-deps * debian/patches/99_configure.dpatch: refresh - run autoconf2.13 * debian/patches/{20_visibility,90_bz416282,90_bz419116,90_bz421622, 90_bz425576}.dpatch: drop patches now shipped/superseeded by upstream tarball/patchset * debian/patches/00list: Updated accordingly. Advisory notes: 2.0.0.15: * MFSA 2008-21 (layout) aka CVE-2008-2798 - Crashes with evidence of memory corruption (rv:1.8.1.15) in layout engine * MFSA 2008-21 (javascript) aka CVE-2008-2799 - Crashes with evidence of memory corruption (rv:1.8.1.15) in the javascript engine * MFSA 2008-22 aka CVE-2008-2800 - XSS through JavaScript same-origin violation * MFSA 2008-23 aka CVE-2008-2801 - Signed JAR tampering * MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file * MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() * MFSA 2008-26 aka CVE-2008-0304-followup - Buffer length checks in MIME processing * MFSA 2008-27 aka CVE-2008-2805 - Arbitrary file upload via originalTarget and DOM Range * MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in uninitialized memory being used * MFSA 2008-30 aka CVE-2008-2808 - File location URL in directory listings not escaped properly * MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to spoof * MFSA 2008-32 aka CVE-2008-2810 - Remote site run as local file via Windows URL shortcut * MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block reflow 2.0.0.16: * MFSA 2008-34 aka CVE-2008-2785 - Remote code execution by overflowing CSS reference counter * MFSA 2008-35 aka CVE-2008-2933 - Command-line URLs launch multiple tabs when Firefox not running 2.0.0.17: * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-39 aka CVE-2008-3836 - Privilege escalation using feed preview page and XSS flaw * MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 (Stripped BOM characters) - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-45 aka CVE-2008-4069 - [1.8 branch] XBM appears to draw uninitialized memory * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message 2.0.0.18: * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail 2.0.0.19: * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-s390/iceape-calendar_1.0.13~pre080614i-0etch1_s390.deb stable/main/binary-s390/iceape-gnome-support_1.0.13~pre080614i-0etch1_s390.deb stable/main/binary-s390/iceape-dom-inspector_1.0.13~pre080614i-0etch1_s390.deb stable/main/binary-s390/iceape-browser_1.0.13~pre080614i-0etch1_s390.deb stable/main/binary-s390/iceape-dbg_1.0.13~pre080614i-0etch1_s390.deb stable/main/binary-s390/iceape-mailnews_1.0.13~pre080614i-0etch1_s390.deb iceape (1.0.13~pre080614i-0etch1) stable-security; urgency=low * security/stability update for issues discussed in firefox/thunderbird 2.0.0.15, 2.0.0.16, 2.0.0.17, 2.0.0.18, 2.0.0.19 (details below) - Closes: #505565 - Mozilla SeaMonkey Multiple Vulnerabilities * debian/calendar-1.0.9.tar.bz2.uue,control,rules: add uuencoded calendar/ directory; unpack before patch-stamp in rules; adjust build-deps * debian/patches/99_configure.dpatch: refresh - run autoconf2.13 * debian/patches/{20_visibility,90_bz416282,90_bz419116,90_bz421622, 90_bz425576}.dpatch: drop patches now shipped/superseeded by upstream tarball/patchset * debian/patches/00list: Updated accordingly. Advisory notes: 2.0.0.15: * MFSA 2008-21 (layout) aka CVE-2008-2798 - Crashes with evidence of memory corruption (rv:1.8.1.15) in layout engine * MFSA 2008-21 (javascript) aka CVE-2008-2799 - Crashes with evidence of memory corruption (rv:1.8.1.15) in the javascript engine * MFSA 2008-22 aka CVE-2008-2800 - XSS through JavaScript same-origin violation * MFSA 2008-23 aka CVE-2008-2801 - Signed JAR tampering * MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file * MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() * MFSA 2008-26 aka CVE-2008-0304-followup - Buffer length checks in MIME processing * MFSA 2008-27 aka CVE-2008-2805 - Arbitrary file upload via originalTarget and DOM Range * MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in uninitialized memory being used * MFSA 2008-30 aka CVE-2008-2808 - File location URL in directory listings not escaped properly * MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to spoof * MFSA 2008-32 aka CVE-2008-2810 - Remote site run as local file via Windows URL shortcut * MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block reflow 2.0.0.16: * MFSA 2008-34 aka CVE-2008-2785 - Remote code execution by overflowing CSS reference counter * MFSA 2008-35 aka CVE-2008-2933 - Command-line URLs launch multiple tabs when Firefox not running 2.0.0.17: * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-39 aka CVE-2008-3836 - Privilege escalation using feed preview page and XSS flaw * MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 (Stripped BOM characters) - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-45 aka CVE-2008-4069 - [1.8 branch] XBM appears to draw uninitialized memory * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message 2.0.0.18: * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail 2.0.0.19: * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-powerpc/iceape-dbg_1.0.13~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/iceape-calendar_1.0.13~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/iceape-mailnews_1.0.13~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/iceape-gnome-support_1.0.13~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/iceape-dom-inspector_1.0.13~pre080614i-0etch1_powerpc.deb stable/main/binary-powerpc/iceape-browser_1.0.13~pre080614i-0etch1_powerpc.deb iceape (1.0.13~pre080614i-0etch1) stable-security; urgency=low * security/stability update for issues discussed in firefox/thunderbird 2.0.0.15, 2.0.0.16, 2.0.0.17, 2.0.0.18, 2.0.0.19 (details below) - Closes: #505565 - Mozilla SeaMonkey Multiple Vulnerabilities * debian/calendar-1.0.9.tar.bz2.uue,control,rules: add uuencoded calendar/ directory; unpack before patch-stamp in rules; adjust build-deps * debian/patches/99_configure.dpatch: refresh - run autoconf2.13 * debian/patches/{20_visibility,90_bz416282,90_bz419116,90_bz421622, 90_bz425576}.dpatch: drop patches now shipped/superseeded by upstream tarball/patchset * debian/patches/00list: Updated accordingly. Advisory notes: 2.0.0.15: * MFSA 2008-21 (layout) aka CVE-2008-2798 - Crashes with evidence of memory corruption (rv:1.8.1.15) in layout engine * MFSA 2008-21 (javascript) aka CVE-2008-2799 - Crashes with evidence of memory corruption (rv:1.8.1.15) in the javascript engine * MFSA 2008-22 aka CVE-2008-2800 - XSS through JavaScript same-origin violation * MFSA 2008-23 aka CVE-2008-2801 - Signed JAR tampering * MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file * MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() * MFSA 2008-26 aka CVE-2008-0304-followup - Buffer length checks in MIME processing * MFSA 2008-27 aka CVE-2008-2805 - Arbitrary file upload via originalTarget and DOM Range * MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in uninitialized memory being used * MFSA 2008-30 aka CVE-2008-2808 - File location URL in directory listings not escaped properly * MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to spoof * MFSA 2008-32 aka CVE-2008-2810 - Remote site run as local file via Windows URL shortcut * MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block reflow 2.0.0.16: * MFSA 2008-34 aka CVE-2008-2785 - Remote code execution by overflowing CSS reference counter * MFSA 2008-35 aka CVE-2008-2933 - Command-line URLs launch multiple tabs when Firefox not running 2.0.0.17: * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-39 aka CVE-2008-3836 - Privilege escalation using feed preview page and XSS flaw * MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 (Stripped BOM characters) - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-45 aka CVE-2008-4069 - [1.8 branch] XBM appears to draw uninitialized memory * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message 2.0.0.18: * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail 2.0.0.19: * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-mipsel/iceape-dbg_1.0.13~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/iceape-browser_1.0.13~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/iceape-dom-inspector_1.0.13~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/iceape-calendar_1.0.13~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/iceape-mailnews_1.0.13~pre080614i-0etch1_mipsel.deb stable/main/binary-mipsel/iceape-gnome-support_1.0.13~pre080614i-0etch1_mipsel.deb iceape (1.0.13~pre080614i-0etch1) stable-security; urgency=low * security/stability update for issues discussed in firefox/thunderbird 2.0.0.15, 2.0.0.16, 2.0.0.17, 2.0.0.18, 2.0.0.19 (details below) - Closes: #505565 - Mozilla SeaMonkey Multiple Vulnerabilities * debian/calendar-1.0.9.tar.bz2.uue,control,rules: add uuencoded calendar/ directory; unpack before patch-stamp in rules; adjust build-deps * debian/patches/99_configure.dpatch: refresh - run autoconf2.13 * debian/patches/{20_visibility,90_bz416282,90_bz419116,90_bz421622, 90_bz425576}.dpatch: drop patches now shipped/superseeded by upstream tarball/patchset * debian/patches/00list: Updated accordingly. Advisory notes: 2.0.0.15: * MFSA 2008-21 (layout) aka CVE-2008-2798 - Crashes with evidence of memory corruption (rv:1.8.1.15) in layout engine * MFSA 2008-21 (javascript) aka CVE-2008-2799 - Crashes with evidence of memory corruption (rv:1.8.1.15) in the javascript engine * MFSA 2008-22 aka CVE-2008-2800 - XSS through JavaScript same-origin violation * MFSA 2008-23 aka CVE-2008-2801 - Signed JAR tampering * MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file * MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() * MFSA 2008-26 aka CVE-2008-0304-followup - Buffer length checks in MIME processing * MFSA 2008-27 aka CVE-2008-2805 - Arbitrary file upload via originalTarget and DOM Range * MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in uninitialized memory being used * MFSA 2008-30 aka CVE-2008-2808 - File location URL in directory listings not escaped properly * MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to spoof * MFSA 2008-32 aka CVE-2008-2810 - Remote site run as local file via Windows URL shortcut * MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block reflow 2.0.0.16: * MFSA 2008-34 aka CVE-2008-2785 - Remote code execution by overflowing CSS reference counter * MFSA 2008-35 aka CVE-2008-2933 - Command-line URLs launch multiple tabs when Firefox not running 2.0.0.17: * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-39 aka CVE-2008-3836 - Privilege escalation using feed preview page and XSS flaw * MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 (Stripped BOM characters) - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-45 aka CVE-2008-4069 - [1.8 branch] XBM appears to draw uninitialized memory * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message 2.0.0.18: * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail 2.0.0.19: * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-mips/iceape-browser_1.0.13~pre080614i-0etch1_mips.deb stable/main/binary-mips/iceape-dbg_1.0.13~pre080614i-0etch1_mips.deb stable/main/binary-mips/iceape-calendar_1.0.13~pre080614i-0etch1_mips.deb stable/main/binary-mips/iceape-gnome-support_1.0.13~pre080614i-0etch1_mips.deb stable/main/binary-mips/iceape-dom-inspector_1.0.13~pre080614i-0etch1_mips.deb stable/main/binary-mips/iceape-mailnews_1.0.13~pre080614i-0etch1_mips.deb iceape (1.0.13~pre080614i-0etch1) stable-security; urgency=low * security/stability update for issues discussed in firefox/thunderbird 2.0.0.15, 2.0.0.16, 2.0.0.17, 2.0.0.18, 2.0.0.19 (details below) - Closes: #505565 - Mozilla SeaMonkey Multiple Vulnerabilities * debian/calendar-1.0.9.tar.bz2.uue,control,rules: add uuencoded calendar/ directory; unpack before patch-stamp in rules; adjust build-deps * debian/patches/99_configure.dpatch: refresh - run autoconf2.13 * debian/patches/{20_visibility,90_bz416282,90_bz419116,90_bz421622, 90_bz425576}.dpatch: drop patches now shipped/superseeded by upstream tarball/patchset * debian/patches/00list: Updated accordingly. Advisory notes: 2.0.0.15: * MFSA 2008-21 (layout) aka CVE-2008-2798 - Crashes with evidence of memory corruption (rv:1.8.1.15) in layout engine * MFSA 2008-21 (javascript) aka CVE-2008-2799 - Crashes with evidence of memory corruption (rv:1.8.1.15) in the javascript engine * MFSA 2008-22 aka CVE-2008-2800 - XSS through JavaScript same-origin violation * MFSA 2008-23 aka CVE-2008-2801 - Signed JAR tampering * MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file * MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() * MFSA 2008-26 aka CVE-2008-0304-followup - Buffer length checks in MIME processing * MFSA 2008-27 aka CVE-2008-2805 - Arbitrary file upload via originalTarget and DOM Range * MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in uninitialized memory being used * MFSA 2008-30 aka CVE-2008-2808 - File location URL in directory listings not escaped properly * MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to spoof * MFSA 2008-32 aka CVE-2008-2810 - Remote site run as local file via Windows URL shortcut * MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block reflow 2.0.0.16: * MFSA 2008-34 aka CVE-2008-2785 - Remote code execution by overflowing CSS reference counter * MFSA 2008-35 aka CVE-2008-2933 - Command-line URLs launch multiple tabs when Firefox not running 2.0.0.17: * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-39 aka CVE-2008-3836 - Privilege escalation using feed preview page and XSS flaw * MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 (Stripped BOM characters) - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-45 aka CVE-2008-4069 - [1.8 branch] XBM appears to draw uninitialized memory * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message 2.0.0.18: * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail 2.0.0.19: * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-ia64/iceape-calendar_1.0.13~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/iceape-dbg_1.0.13~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/iceape-dom-inspector_1.0.13~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/iceape-browser_1.0.13~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/iceape-mailnews_1.0.13~pre080614i-0etch1_ia64.deb stable/main/binary-ia64/iceape-gnome-support_1.0.13~pre080614i-0etch1_ia64.deb iceape (1.0.13~pre080614i-0etch1) stable-security; urgency=low * security/stability update for issues discussed in firefox/thunderbird 2.0.0.15, 2.0.0.16, 2.0.0.17, 2.0.0.18, 2.0.0.19 (details below) - Closes: #505565 - Mozilla SeaMonkey Multiple Vulnerabilities * debian/calendar-1.0.9.tar.bz2.uue,control,rules: add uuencoded calendar/ directory; unpack before patch-stamp in rules; adjust build-deps * debian/patches/99_configure.dpatch: refresh - run autoconf2.13 * debian/patches/{20_visibility,90_bz416282,90_bz419116,90_bz421622, 90_bz425576}.dpatch: drop patches now shipped/superseeded by upstream tarball/patchset * debian/patches/00list: Updated accordingly. Advisory notes: 2.0.0.15: * MFSA 2008-21 (layout) aka CVE-2008-2798 - Crashes with evidence of memory corruption (rv:1.8.1.15) in layout engine * MFSA 2008-21 (javascript) aka CVE-2008-2799 - Crashes with evidence of memory corruption (rv:1.8.1.15) in the javascript engine * MFSA 2008-22 aka CVE-2008-2800 - XSS through JavaScript same-origin violation * MFSA 2008-23 aka CVE-2008-2801 - Signed JAR tampering * MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file * MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() * MFSA 2008-26 aka CVE-2008-0304-followup - Buffer length checks in MIME processing * MFSA 2008-27 aka CVE-2008-2805 - Arbitrary file upload via originalTarget and DOM Range * MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in uninitialized memory being used * MFSA 2008-30 aka CVE-2008-2808 - File location URL in directory listings not escaped properly * MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to spoof * MFSA 2008-32 aka CVE-2008-2810 - Remote site run as local file via Windows URL shortcut * MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block reflow 2.0.0.16: * MFSA 2008-34 aka CVE-2008-2785 - Remote code execution by overflowing CSS reference counter * MFSA 2008-35 aka CVE-2008-2933 - Command-line URLs launch multiple tabs when Firefox not running 2.0.0.17: * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-39 aka CVE-2008-3836 - Privilege escalation using feed preview page and XSS flaw * MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 (Stripped BOM characters) - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-45 aka CVE-2008-4069 - [1.8 branch] XBM appears to draw uninitialized memory * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message 2.0.0.18: * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail 2.0.0.19: * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-i386/iceape-mailnews_1.0.13~pre080614i-0etch1_i386.deb stable/main/binary-i386/iceape-gnome-support_1.0.13~pre080614i-0etch1_i386.deb stable/main/binary-i386/iceape-browser_1.0.13~pre080614i-0etch1_i386.deb stable/main/binary-i386/iceape-dom-inspector_1.0.13~pre080614i-0etch1_i386.deb stable/main/binary-i386/iceape-calendar_1.0.13~pre080614i-0etch1_i386.deb stable/main/binary-i386/iceape-dbg_1.0.13~pre080614i-0etch1_i386.deb iceape (1.0.13~pre080614i-0etch1) stable-security; urgency=low * security/stability update for issues discussed in firefox/thunderbird 2.0.0.15, 2.0.0.16, 2.0.0.17, 2.0.0.18, 2.0.0.19 (details below) - Closes: #505565 - Mozilla SeaMonkey Multiple Vulnerabilities * debian/calendar-1.0.9.tar.bz2.uue,control,rules: add uuencoded calendar/ directory; unpack before patch-stamp in rules; adjust build-deps * debian/patches/99_configure.dpatch: refresh - run autoconf2.13 * debian/patches/{20_visibility,90_bz416282,90_bz419116,90_bz421622, 90_bz425576}.dpatch: drop patches now shipped/superseeded by upstream tarball/patchset * debian/patches/00list: Updated accordingly. Advisory notes: 2.0.0.15: * MFSA 2008-21 (layout) aka CVE-2008-2798 - Crashes with evidence of memory corruption (rv:1.8.1.15) in layout engine * MFSA 2008-21 (javascript) aka CVE-2008-2799 - Crashes with evidence of memory corruption (rv:1.8.1.15) in the javascript engine * MFSA 2008-22 aka CVE-2008-2800 - XSS through JavaScript same-origin violation * MFSA 2008-23 aka CVE-2008-2801 - Signed JAR tampering * MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file * MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() * MFSA 2008-26 aka CVE-2008-0304-followup - Buffer length checks in MIME processing * MFSA 2008-27 aka CVE-2008-2805 - Arbitrary file upload via originalTarget and DOM Range * MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in uninitialized memory being used * MFSA 2008-30 aka CVE-2008-2808 - File location URL in directory listings not escaped properly * MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to spoof * MFSA 2008-32 aka CVE-2008-2810 - Remote site run as local file via Windows URL shortcut * MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block reflow 2.0.0.16: * MFSA 2008-34 aka CVE-2008-2785 - Remote code execution by overflowing CSS reference counter * MFSA 2008-35 aka CVE-2008-2933 - Command-line URLs launch multiple tabs when Firefox not running 2.0.0.17: * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-39 aka CVE-2008-3836 - Privilege escalation using feed preview page and XSS flaw * MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 (Stripped BOM characters) - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-45 aka CVE-2008-4069 - [1.8 branch] XBM appears to draw uninitialized memory * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message 2.0.0.18: * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail 2.0.0.19: * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-hppa/iceape-dbg_1.0.13~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/iceape-gnome-support_1.0.13~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/iceape-browser_1.0.13~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/iceape-mailnews_1.0.13~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/iceape-dom-inspector_1.0.13~pre080614i-0etch1_hppa.deb stable/main/binary-hppa/iceape-calendar_1.0.13~pre080614i-0etch1_hppa.deb iceape (1.0.13~pre080614i-0etch1) stable-security; urgency=low * security/stability update for issues discussed in firefox/thunderbird 2.0.0.15, 2.0.0.16, 2.0.0.17, 2.0.0.18, 2.0.0.19 (details below) - Closes: #505565 - Mozilla SeaMonkey Multiple Vulnerabilities * debian/calendar-1.0.9.tar.bz2.uue,control,rules: add uuencoded calendar/ directory; unpack before patch-stamp in rules; adjust build-deps * debian/patches/99_configure.dpatch: refresh - run autoconf2.13 * debian/patches/{20_visibility,90_bz416282,90_bz419116,90_bz421622, 90_bz425576}.dpatch: drop patches now shipped/superseeded by upstream tarball/patchset * debian/patches/00list: Updated accordingly. Advisory notes: 2.0.0.15: * MFSA 2008-21 (layout) aka CVE-2008-2798 - Crashes with evidence of memory corruption (rv:1.8.1.15) in layout engine * MFSA 2008-21 (javascript) aka CVE-2008-2799 - Crashes with evidence of memory corruption (rv:1.8.1.15) in the javascript engine * MFSA 2008-22 aka CVE-2008-2800 - XSS through JavaScript same-origin violation * MFSA 2008-23 aka CVE-2008-2801 - Signed JAR tampering * MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file * MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() * MFSA 2008-26 aka CVE-2008-0304-followup - Buffer length checks in MIME processing * MFSA 2008-27 aka CVE-2008-2805 - Arbitrary file upload via originalTarget and DOM Range * MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in uninitialized memory being used * MFSA 2008-30 aka CVE-2008-2808 - File location URL in directory listings not escaped properly * MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to spoof * MFSA 2008-32 aka CVE-2008-2810 - Remote site run as local file via Windows URL shortcut * MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block reflow 2.0.0.16: * MFSA 2008-34 aka CVE-2008-2785 - Remote code execution by overflowing CSS reference counter * MFSA 2008-35 aka CVE-2008-2933 - Command-line URLs launch multiple tabs when Firefox not running 2.0.0.17: * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-39 aka CVE-2008-3836 - Privilege escalation using feed preview page and XSS flaw * MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 (Stripped BOM characters) - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-45 aka CVE-2008-4069 - [1.8 branch] XBM appears to draw uninitialized memory * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message 2.0.0.18: * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail 2.0.0.19: * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-arm/iceape-mailnews_1.0.13~pre080614i-0etch1_arm.deb stable/main/binary-arm/iceape-browser_1.0.13~pre080614i-0etch1_arm.deb stable/main/binary-arm/iceape-dom-inspector_1.0.13~pre080614i-0etch1_arm.deb stable/main/binary-arm/iceape-dbg_1.0.13~pre080614i-0etch1_arm.deb stable/main/binary-arm/iceape-gnome-support_1.0.13~pre080614i-0etch1_arm.deb stable/main/binary-arm/iceape-calendar_1.0.13~pre080614i-0etch1_arm.deb iceape (1.0.13~pre080614i-0etch1) stable-security; urgency=low * security/stability update for issues discussed in firefox/thunderbird 2.0.0.15, 2.0.0.16, 2.0.0.17, 2.0.0.18, 2.0.0.19 (details below) - Closes: #505565 - Mozilla SeaMonkey Multiple Vulnerabilities * debian/calendar-1.0.9.tar.bz2.uue,control,rules: add uuencoded calendar/ directory; unpack before patch-stamp in rules; adjust build-deps * debian/patches/99_configure.dpatch: refresh - run autoconf2.13 * debian/patches/{20_visibility,90_bz416282,90_bz419116,90_bz421622, 90_bz425576}.dpatch: drop patches now shipped/superseeded by upstream tarball/patchset * debian/patches/00list: Updated accordingly. Advisory notes: 2.0.0.15: * MFSA 2008-21 (layout) aka CVE-2008-2798 - Crashes with evidence of memory corruption (rv:1.8.1.15) in layout engine * MFSA 2008-21 (javascript) aka CVE-2008-2799 - Crashes with evidence of memory corruption (rv:1.8.1.15) in the javascript engine * MFSA 2008-22 aka CVE-2008-2800 - XSS through JavaScript same-origin violation * MFSA 2008-23 aka CVE-2008-2801 - Signed JAR tampering * MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file * MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() * MFSA 2008-26 aka CVE-2008-0304-followup - Buffer length checks in MIME processing * MFSA 2008-27 aka CVE-2008-2805 - Arbitrary file upload via originalTarget and DOM Range * MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in uninitialized memory being used * MFSA 2008-30 aka CVE-2008-2808 - File location URL in directory listings not escaped properly * MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to spoof * MFSA 2008-32 aka CVE-2008-2810 - Remote site run as local file via Windows URL shortcut * MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block reflow 2.0.0.16: * MFSA 2008-34 aka CVE-2008-2785 - Remote code execution by overflowing CSS reference counter * MFSA 2008-35 aka CVE-2008-2933 - Command-line URLs launch multiple tabs when Firefox not running 2.0.0.17: * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-39 aka CVE-2008-3836 - Privilege escalation using feed preview page and XSS flaw * MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 (Stripped BOM characters) - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-45 aka CVE-2008-4069 - [1.8 branch] XBM appears to draw uninitialized memory * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message 2.0.0.18: * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail 2.0.0.19: * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-alpha/iceape-gnome-support_1.0.13~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/iceape-dom-inspector_1.0.13~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/iceape-dbg_1.0.13~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/iceape-browser_1.0.13~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/iceape-mailnews_1.0.13~pre080614i-0etch1_alpha.deb stable/main/binary-alpha/iceape-calendar_1.0.13~pre080614i-0etch1_alpha.deb iceape (1.0.13~pre080614i-0etch1) stable-security; urgency=low * security/stability update for issues discussed in firefox/thunderbird 2.0.0.15, 2.0.0.16, 2.0.0.17, 2.0.0.18, 2.0.0.19 (details below) - Closes: #505565 - Mozilla SeaMonkey Multiple Vulnerabilities * debian/calendar-1.0.9.tar.bz2.uue,control,rules: add uuencoded calendar/ directory; unpack before patch-stamp in rules; adjust build-deps * debian/patches/99_configure.dpatch: refresh - run autoconf2.13 * debian/patches/{20_visibility,90_bz416282,90_bz419116,90_bz421622, 90_bz425576}.dpatch: drop patches now shipped/superseeded by upstream tarball/patchset * debian/patches/00list: Updated accordingly. Advisory notes: 2.0.0.15: * MFSA 2008-21 (layout) aka CVE-2008-2798 - Crashes with evidence of memory corruption (rv:1.8.1.15) in layout engine * MFSA 2008-21 (javascript) aka CVE-2008-2799 - Crashes with evidence of memory corruption (rv:1.8.1.15) in the javascript engine * MFSA 2008-22 aka CVE-2008-2800 - XSS through JavaScript same-origin violation * MFSA 2008-23 aka CVE-2008-2801 - Signed JAR tampering * MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file * MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() * MFSA 2008-26 aka CVE-2008-0304-followup - Buffer length checks in MIME processing * MFSA 2008-27 aka CVE-2008-2805 - Arbitrary file upload via originalTarget and DOM Range * MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in uninitialized memory being used * MFSA 2008-30 aka CVE-2008-2808 - File location URL in directory listings not escaped properly * MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to spoof * MFSA 2008-32 aka CVE-2008-2810 - Remote site run as local file via Windows URL shortcut * MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block reflow 2.0.0.16: * MFSA 2008-34 aka CVE-2008-2785 - Remote code execution by overflowing CSS reference counter * MFSA 2008-35 aka CVE-2008-2933 - Command-line URLs launch multiple tabs when Firefox not running 2.0.0.17: * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-39 aka CVE-2008-3836 - Privilege escalation using feed preview page and XSS flaw * MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 (Stripped BOM characters) - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-45 aka CVE-2008-4069 - [1.8 branch] XBM appears to draw uninitialized memory * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message 2.0.0.18: * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail 2.0.0.19: * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-all/mozilla-mailnews_1.8+1.0.13~pre080614i-0etch1_all.deb stable/main/source/iceape_1.0.13~pre080614i.orig.tar.gz stable/main/binary-amd64/iceape-calendar_1.0.13~pre080614i-0etch1_amd64.deb stable/main/binary-all/mozilla-dev_1.8+1.0.13~pre080614i-0etch1_all.deb stable/main/source/iceape_1.0.13~pre080614i-0etch1.diff.gz stable/main/binary-amd64/iceape-dom-inspector_1.0.13~pre080614i-0etch1_amd64.deb stable/main/binary-all/mozilla_1.8+1.0.13~pre080614i-0etch1_all.deb stable/main/binary-all/mozilla-calendar_1.8+1.0.13~pre080614i-0etch1_all.deb stable/main/binary-all/iceape_1.0.13~pre080614i-0etch1_all.deb stable/main/binary-all/mozilla-chatzilla_1.8+1.0.13~pre080614i-0etch1_all.deb stable/main/binary-all/mozilla-dom-inspector_1.8+1.0.13~pre080614i-0etch1_all.deb stable/main/binary-amd64/iceape-mailnews_1.0.13~pre080614i-0etch1_amd64.deb stable/main/binary-all/mozilla-js-debugger_1.8+1.0.13~pre080614i-0etch1_all.deb stable/main/binary-all/iceape-chatzilla_1.0.13~pre080614i-0etch1_all.deb stable/main/binary-amd64/iceape-browser_1.0.13~pre080614i-0etch1_amd64.deb stable/main/binary-all/mozilla-psm_1.8+1.0.13~pre080614i-0etch1_all.deb stable/main/binary-all/iceape-dev_1.0.13~pre080614i-0etch1_all.deb stable/main/binary-all/mozilla-browser_1.8+1.0.13~pre080614i-0etch1_all.deb stable/main/binary-amd64/iceape-gnome-support_1.0.13~pre080614i-0etch1_amd64.deb stable/main/binary-amd64/iceape-dbg_1.0.13~pre080614i-0etch1_amd64.deb stable/main/source/iceape_1.0.13~pre080614i-0etch1.dsc iceape (1.0.13~pre080614i-0etch1) stable-security; urgency=low * security/stability update for issues discussed in firefox/thunderbird 2.0.0.15, 2.0.0.16, 2.0.0.17, 2.0.0.18, 2.0.0.19 (details below) - Closes: #505565 - Mozilla SeaMonkey Multiple Vulnerabilities * debian/calendar-1.0.9.tar.bz2.uue,control,rules: add uuencoded calendar/ directory; unpack before patch-stamp in rules; adjust build-deps * debian/patches/99_configure.dpatch: refresh - run autoconf2.13 * debian/patches/{20_visibility,90_bz416282,90_bz419116,90_bz421622, 90_bz425576}.dpatch: drop patches now shipped/superseeded by upstream tarball/patchset * debian/patches/00list: Updated accordingly. Advisory notes: 2.0.0.15: * MFSA 2008-21 (layout) aka CVE-2008-2798 - Crashes with evidence of memory corruption (rv:1.8.1.15) in layout engine * MFSA 2008-21 (javascript) aka CVE-2008-2799 - Crashes with evidence of memory corruption (rv:1.8.1.15) in the javascript engine * MFSA 2008-22 aka CVE-2008-2800 - XSS through JavaScript same-origin violation * MFSA 2008-23 aka CVE-2008-2801 - Signed JAR tampering * MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file * MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() * MFSA 2008-26 aka CVE-2008-0304-followup - Buffer length checks in MIME processing * MFSA 2008-27 aka CVE-2008-2805 - Arbitrary file upload via originalTarget and DOM Range * MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in uninitialized memory being used * MFSA 2008-30 aka CVE-2008-2808 - File location URL in directory listings not escaped properly * MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to spoof * MFSA 2008-32 aka CVE-2008-2810 - Remote site run as local file via Windows URL shortcut * MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block reflow 2.0.0.16: * MFSA 2008-34 aka CVE-2008-2785 - Remote code execution by overflowing CSS reference counter * MFSA 2008-35 aka CVE-2008-2933 - Command-line URLs launch multiple tabs when Firefox not running 2.0.0.17: * MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow * MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation * MFSA 2008-39 aka CVE-2008-3836 - Privilege escalation using feed preview page and XSS flaw * MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag * MFSA 2008-41 aka CVE-2008-4058 (XPCnativeWrapper pollution bugs), CVE-2008-4059 (XPCnativeWrapper pollution (Firefox 2)), CVE-2008-4060 (Documents without script handling objects) - Privilege escalation via XPCnativeWrapper pollution * MFSA 2008-42 aka CVE-2008-4061 (1.8 layout), CVE-2008-4062 (1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) * MFSA 2008-43 aka CVE-2008-4065 (Stripped BOM characters) - BOM characters, low surrogates stripped from JavaScript before execution * MFSA 2008-44 aka CVE-2008-4067, CVE-2008-4068 - resource: traversal vulnerabilities * MFSA 2008-45 aka CVE-2008-4069 - [1.8 branch] XBM appears to draw uninitialized memory * MFSA 2008-46 aka CVE-2008-4070 - Heap overflow when canceling newsgroup message 2.0.0.18: * MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect * MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading * MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering * MFSA 2008-52 aka CVE-2008-5017(1.8 layout), CVE-2008-5018(1.8 javascript) - Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) * MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser * MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager * MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation * MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace * MFSA 2008-59 aka CVE-2008-4582 - Script access to .documentURI and .textContent in mail 2.0.0.19: * MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) * MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument * MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure * MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message * MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation stable/main/binary-sparc/gnumeric_1.6.3-5.1+etch2_sparc.deb stable/main/binary-sparc/gnumeric-plugins-extra_1.6.3-5.1+etch2_sparc.deb gnumeric (1.6.3-5.1+etch2) stable-proposed-updates; urgency=medium * [plugins/python-loader/gnm-py-interpreter.c, plugins/python-loader/ChangeLog] Pull in fix from SVN gnumeric-1-6 branch to deal with CVE-2009-0318, an untrusted search path vulnerability which affected the python-loader plugin which is part of the gnumeric-plugins-extra package. (Closes: #513418) stable/main/binary-s390/gnumeric-plugins-extra_1.6.3-5.1+etch2_s390.deb stable/main/binary-s390/gnumeric_1.6.3-5.1+etch2_s390.deb gnumeric (1.6.3-5.1+etch2) stable-proposed-updates; urgency=medium * [plugins/python-loader/gnm-py-interpreter.c, plugins/python-loader/ChangeLog] Pull in fix from SVN gnumeric-1-6 branch to deal with CVE-2009-0318, an untrusted search path vulnerability which affected the python-loader plugin which is part of the gnumeric-plugins-extra package. (Closes: #513418) stable/main/binary-powerpc/gnumeric-plugins-extra_1.6.3-5.1+etch2_powerpc.deb stable/main/binary-powerpc/gnumeric_1.6.3-5.1+etch2_powerpc.deb gnumeric (1.6.3-5.1+etch2) stable-proposed-updates; urgency=medium * [plugins/python-loader/gnm-py-interpreter.c, plugins/python-loader/ChangeLog] Pull in fix from SVN gnumeric-1-6 branch to deal with CVE-2009-0318, an untrusted search path vulnerability which affected the python-loader plugin which is part of the gnumeric-plugins-extra package. (Closes: #513418) stable/main/binary-mipsel/gnumeric-plugins-extra_1.6.3-5.1+etch2_mipsel.deb stable/main/binary-mipsel/gnumeric_1.6.3-5.1+etch2_mipsel.deb gnumeric (1.6.3-5.1+etch2) stable-proposed-updates; urgency=medium * [plugins/python-loader/gnm-py-interpreter.c, plugins/python-loader/ChangeLog] Pull in fix from SVN gnumeric-1-6 branch to deal with CVE-2009-0318, an untrusted search path vulnerability which affected the python-loader plugin which is part of the gnumeric-plugins-extra package. (Closes: #513418) stable/main/binary-mips/gnumeric-plugins-extra_1.6.3-5.1+etch2_mips.deb stable/main/binary-mips/gnumeric_1.6.3-5.1+etch2_mips.deb gnumeric (1.6.3-5.1+etch2) stable-proposed-updates; urgency=medium * [plugins/python-loader/gnm-py-interpreter.c, plugins/python-loader/ChangeLog] Pull in fix from SVN gnumeric-1-6 branch to deal with CVE-2009-0318, an untrusted search path vulnerability which affected the python-loader plugin which is part of the gnumeric-plugins-extra package. (Closes: #513418) stable/main/binary-ia64/gnumeric-plugins-extra_1.6.3-5.1+etch2_ia64.deb stable/main/binary-ia64/gnumeric_1.6.3-5.1+etch2_ia64.deb gnumeric (1.6.3-5.1+etch2) stable-proposed-updates; urgency=medium * [plugins/python-loader/gnm-py-interpreter.c, plugins/python-loader/ChangeLog] Pull in fix from SVN gnumeric-1-6 branch to deal with CVE-2009-0318, an untrusted search path vulnerability which affected the python-loader plugin which is part of the gnumeric-plugins-extra package. (Closes: #513418) stable/main/binary-i386/gnumeric_1.6.3-5.1+etch2_i386.deb stable/main/binary-i386/gnumeric-plugins-extra_1.6.3-5.1+etch2_i386.deb gnumeric (1.6.3-5.1+etch2) stable-proposed-updates; urgency=medium * [plugins/python-loader/gnm-py-interpreter.c, plugins/python-loader/ChangeLog] Pull in fix from SVN gnumeric-1-6 branch to deal with CVE-2009-0318, an untrusted search path vulnerability which affected the python-loader plugin which is part of the gnumeric-plugins-extra package. (Closes: #513418) stable/main/binary-hppa/gnumeric_1.6.3-5.1+etch2_hppa.deb stable/main/binary-hppa/gnumeric-plugins-extra_1.6.3-5.1+etch2_hppa.deb gnumeric (1.6.3-5.1+etch2) stable-proposed-updates; urgency=medium * [plugins/python-loader/gnm-py-interpreter.c, plugins/python-loader/ChangeLog] Pull in fix from SVN gnumeric-1-6 branch to deal with CVE-2009-0318, an untrusted search path vulnerability which affected the python-loader plugin which is part of the gnumeric-plugins-extra package. (Closes: #513418) stable/main/binary-arm/gnumeric_1.6.3-5.1+etch2_arm.deb stable/main/binary-arm/gnumeric-plugins-extra_1.6.3-5.1+etch2_arm.deb gnumeric (1.6.3-5.1+etch2) stable-proposed-updates; urgency=medium * [plugins/python-loader/gnm-py-interpreter.c, plugins/python-loader/ChangeLog] Pull in fix from SVN gnumeric-1-6 branch to deal with CVE-2009-0318, an untrusted search path vulnerability which affected the python-loader plugin which is part of the gnumeric-plugins-extra package. (Closes: #513418) stable/main/binary-alpha/gnumeric-plugins-extra_1.6.3-5.1+etch2_alpha.deb stable/main/binary-alpha/gnumeric_1.6.3-5.1+etch2_alpha.deb gnumeric (1.6.3-5.1+etch2) stable-proposed-updates; urgency=medium * [plugins/python-loader/gnm-py-interpreter.c, plugins/python-loader/ChangeLog] Pull in fix from SVN gnumeric-1-6 branch to deal with CVE-2009-0318, an untrusted search path vulnerability which affected the python-loader plugin which is part of the gnumeric-plugins-extra package. (Closes: #513418) stable/main/source/gnumeric_1.6.3-5.1+etch2.diff.gz stable/main/source/gnumeric_1.6.3-5.1+etch2.dsc stable/main/binary-amd64/gnumeric_1.6.3-5.1+etch2_amd64.deb stable/main/binary-amd64/gnumeric-plugins-extra_1.6.3-5.1+etch2_amd64.deb stable/main/binary-all/gnumeric-common_1.6.3-5.1+etch2_all.deb stable/main/binary-all/gnumeric-doc_1.6.3-5.1+etch2_all.deb gnumeric (1.6.3-5.1+etch2) stable-proposed-updates; urgency=medium * [plugins/python-loader/gnm-py-interpreter.c, plugins/python-loader/ChangeLog] Pull in fix from SVN gnumeric-1-6 branch to deal with CVE-2009-0318, an untrusted search path vulnerability which affected the python-loader plugin which is part of the gnumeric-plugins-extra package. (Closes: #513418) stable/main/source/glpi_0.68.2-1etch0.2.dsc stable/main/binary-all/glpi_0.68.2-1etch0.2_all.deb stable/main/source/glpi_0.68.2-1etch0.2.diff.gz glpi (0.68.2-1etch0.2) stable; urgency=high * Replace domxml-php5-php5.php by a LGPL version (Closes: #496071) * Urgency high because of RC bug stable/main/binary-i386/libc6-dbg_2.3.6.ds1-13etch9+b1_i386.deb stable/main/binary-i386/libc6-dev-amd64_2.3.6.ds1-13etch9+b1_i386.deb stable/main/binary-i386/libc6-dev_2.3.6.ds1-13etch9+b1_i386.deb stable/main/binary-i386/libnss-files-udeb_2.3.6.ds1-13etch9+b1_i386.udeb stable/main/binary-i386/libc6-pic_2.3.6.ds1-13etch9+b1_i386.deb stable/main/binary-i386/libc6-xen_2.3.6.ds1-13etch9+b1_i386.deb stable/main/binary-i386/libc6-i686_2.3.6.ds1-13etch9+b1_i386.deb stable/main/binary-i386/nscd_2.3.6.ds1-13etch9+b1_i386.deb stable/main/binary-i386/locales-all_2.3.6.ds1-13etch9+b1_i386.deb stable/main/binary-i386/libc6-amd64_2.3.6.ds1-13etch9+b1_i386.deb stable/main/binary-i386/libc6_2.3.6.ds1-13etch9+b1_i386.deb stable/main/binary-i386/libc6-prof_2.3.6.ds1-13etch9+b1_i386.deb stable/main/binary-i386/libnss-dns-udeb_2.3.6.ds1-13etch9+b1_i386.udeb stable/main/binary-i386/libc6-udeb_2.3.6.ds1-13etch9+b1_i386.udeb glibc (2.3.6.ds1-13etch9+b1) stable; urgency=low * Binary-only non-maintainer upload for i386; no source changes. * Rebuild to fix nscd dependencies. (Closes: #512070) stable/main/binary-sparc/libc6-dbg_2.3.6.ds1-13etch9_sparc.deb stable/main/binary-sparc/libc6-dev-sparc64_2.3.6.ds1-13etch9_sparc.deb stable/main/binary-sparc/libc6-sparcv9_2.3.6.ds1-13etch9_sparc.deb stable/main/binary-sparc/libnss-files-udeb_2.3.6.ds1-13etch9_sparc.udeb stable/main/binary-sparc/locales-all_2.3.6.ds1-13etch9_sparc.deb stable/main/binary-sparc/nscd_2.3.6.ds1-13etch9_sparc.deb stable/main/binary-sparc/libc6-sparcv9b_2.3.6.ds1-13etch9_sparc.deb stable/main/binary-sparc/libc6_2.3.6.ds1-13etch9_sparc.deb stable/main/binary-sparc/libc6-sparc64_2.3.6.ds1-13etch9_sparc.deb stable/main/binary-sparc/libc6-prof_2.3.6.ds1-13etch9_sparc.deb stable/main/binary-sparc/libc6-dev_2.3.6.ds1-13etch9_sparc.deb stable/main/binary-sparc/libc6-pic_2.3.6.ds1-13etch9_sparc.deb stable/main/binary-sparc/libc6-udeb_2.3.6.ds1-13etch9_sparc.udeb stable/main/binary-sparc/libnss-dns-udeb_2.3.6.ds1-13etch9_sparc.udeb glibc (2.3.6.ds1-13etch9) stable; urgency=low * Backport from unstable: patches/localedata/sk_SK_euro.diff, patches/localedata/sl_SI_euro.diff. Slovenia and Slovakia are now part of the Eurozone. Closes: #510423. stable/main/binary-s390/libnss-files-udeb_2.3.6.ds1-13etch9_s390.udeb stable/main/binary-s390/libc6-pic_2.3.6.ds1-13etch9_s390.deb stable/main/binary-s390/nscd_2.3.6.ds1-13etch9_s390.deb stable/main/binary-s390/libnss-dns-udeb_2.3.6.ds1-13etch9_s390.udeb stable/main/binary-s390/libc6-dev_2.3.6.ds1-13etch9_s390.deb stable/main/binary-s390/locales-all_2.3.6.ds1-13etch9_s390.deb stable/main/binary-s390/libc6-udeb_2.3.6.ds1-13etch9_s390.udeb stable/main/binary-s390/libc6-dbg_2.3.6.ds1-13etch9_s390.deb stable/main/binary-s390/libc6-prof_2.3.6.ds1-13etch9_s390.deb stable/main/binary-s390/libc6-dev-s390x_2.3.6.ds1-13etch9_s390.deb stable/main/binary-s390/libc6-s390x_2.3.6.ds1-13etch9_s390.deb stable/main/binary-s390/libc6_2.3.6.ds1-13etch9_s390.deb glibc (2.3.6.ds1-13etch9) stable; urgency=low * Backport from unstable: patches/localedata/sk_SK_euro.diff, patches/localedata/sl_SI_euro.diff. Slovenia and Slovakia are now part of the Eurozone. Closes: #510423. stable/main/binary-powerpc/libc6-pic_2.3.6.ds1-13etch9_powerpc.deb stable/main/binary-powerpc/libc6-dev_2.3.6.ds1-13etch9_powerpc.deb stable/main/binary-powerpc/libc6-ppc64_2.3.6.ds1-13etch9_powerpc.deb stable/main/binary-powerpc/libc6-udeb_2.3.6.ds1-13etch9_powerpc.udeb stable/main/binary-powerpc/nscd_2.3.6.ds1-13etch9_powerpc.deb stable/main/binary-powerpc/libc6-dev-ppc64_2.3.6.ds1-13etch9_powerpc.deb stable/main/binary-powerpc/libnss-files-udeb_2.3.6.ds1-13etch9_powerpc.udeb stable/main/binary-powerpc/libnss-dns-udeb_2.3.6.ds1-13etch9_powerpc.udeb stable/main/binary-powerpc/libc6_2.3.6.ds1-13etch9_powerpc.deb stable/main/binary-powerpc/locales-all_2.3.6.ds1-13etch9_powerpc.deb stable/main/binary-powerpc/libc6-dbg_2.3.6.ds1-13etch9_powerpc.deb stable/main/binary-powerpc/libc6-prof_2.3.6.ds1-13etch9_powerpc.deb glibc (2.3.6.ds1-13etch9) stable; urgency=low * Backport from unstable: patches/localedata/sk_SK_euro.diff, patches/localedata/sl_SI_euro.diff. Slovenia and Slovakia are now part of the Eurozone. Closes: #510423. stable/main/binary-mipsel/libnss-dns-udeb_2.3.6.ds1-13etch9_mipsel.udeb stable/main/binary-mipsel/nscd_2.3.6.ds1-13etch9_mipsel.deb stable/main/binary-mipsel/libnss-files-udeb_2.3.6.ds1-13etch9_mipsel.udeb stable/main/binary-mipsel/libc6_2.3.6.ds1-13etch9_mipsel.deb stable/main/binary-mipsel/libc6-dev_2.3.6.ds1-13etch9_mipsel.deb stable/main/binary-mipsel/libc6-prof_2.3.6.ds1-13etch9_mipsel.deb stable/main/binary-mipsel/locales-all_2.3.6.ds1-13etch9_mipsel.deb stable/main/binary-mipsel/libc6-dbg_2.3.6.ds1-13etch9_mipsel.deb stable/main/binary-mipsel/libc6-udeb_2.3.6.ds1-13etch9_mipsel.udeb stable/main/binary-mipsel/libc6-pic_2.3.6.ds1-13etch9_mipsel.deb glibc (2.3.6.ds1-13etch9) stable; urgency=low * Backport from unstable: patches/localedata/sk_SK_euro.diff, patches/localedata/sl_SI_euro.diff. Slovenia and Slovakia are now part of the Eurozone. Closes: #510423. stable/main/binary-mips/libc6-udeb_2.3.6.ds1-13etch9_mips.udeb stable/main/binary-mips/locales-all_2.3.6.ds1-13etch9_mips.deb stable/main/binary-mips/libc6_2.3.6.ds1-13etch9_mips.deb stable/main/binary-mips/nscd_2.3.6.ds1-13etch9_mips.deb stable/main/binary-mips/libnss-files-udeb_2.3.6.ds1-13etch9_mips.udeb stable/main/binary-mips/libc6-prof_2.3.6.ds1-13etch9_mips.deb stable/main/binary-mips/libc6-dbg_2.3.6.ds1-13etch9_mips.deb stable/main/binary-mips/libc6-dev_2.3.6.ds1-13etch9_mips.deb stable/main/binary-mips/libc6-pic_2.3.6.ds1-13etch9_mips.deb stable/main/binary-mips/libnss-dns-udeb_2.3.6.ds1-13etch9_mips.udeb glibc (2.3.6.ds1-13etch9) stable; urgency=low * Backport from unstable: patches/localedata/sk_SK_euro.diff, patches/localedata/sl_SI_euro.diff. Slovenia and Slovakia are now part of the Eurozone. Closes: #510423. stable/main/binary-ia64/libc6.1-dev_2.3.6.ds1-13etch9_ia64.deb stable/main/binary-ia64/libnss-dns-udeb_2.3.6.ds1-13etch9_ia64.udeb stable/main/binary-ia64/libc6.1-prof_2.3.6.ds1-13etch9_ia64.deb stable/main/binary-ia64/nscd_2.3.6.ds1-13etch9_ia64.deb stable/main/binary-ia64/libnss-files-udeb_2.3.6.ds1-13etch9_ia64.udeb stable/main/binary-ia64/libc6.1-udeb_2.3.6.ds1-13etch9_ia64.udeb stable/main/binary-ia64/locales-all_2.3.6.ds1-13etch9_ia64.deb stable/main/binary-ia64/libc6.1-pic_2.3.6.ds1-13etch9_ia64.deb stable/main/binary-ia64/libc6.1_2.3.6.ds1-13etch9_ia64.deb stable/main/binary-ia64/libc6.1-dbg_2.3.6.ds1-13etch9_ia64.deb glibc (2.3.6.ds1-13etch9) stable; urgency=low * Backport from unstable: patches/localedata/sk_SK_euro.diff, patches/localedata/sl_SI_euro.diff. Slovenia and Slovakia are now part of the Eurozone. Closes: #510423. stable/main/binary-hppa/libc6-dev_2.3.6.ds1-13etch9_hppa.deb stable/main/binary-hppa/nscd_2.3.6.ds1-13etch9_hppa.deb stable/main/binary-hppa/libnss-dns-udeb_2.3.6.ds1-13etch9_hppa.udeb stable/main/binary-hppa/libc6-dbg_2.3.6.ds1-13etch9_hppa.deb stable/main/binary-hppa/locales-all_2.3.6.ds1-13etch9_hppa.deb stable/main/binary-hppa/libc6-udeb_2.3.6.ds1-13etch9_hppa.udeb stable/main/binary-hppa/libnss-files-udeb_2.3.6.ds1-13etch9_hppa.udeb stable/main/binary-hppa/libc6-prof_2.3.6.ds1-13etch9_hppa.deb stable/main/binary-hppa/libc6_2.3.6.ds1-13etch9_hppa.deb stable/main/binary-hppa/libc6-pic_2.3.6.ds1-13etch9_hppa.deb glibc (2.3.6.ds1-13etch9) stable; urgency=low * Backport from unstable: patches/localedata/sk_SK_euro.diff, patches/localedata/sl_SI_euro.diff. Slovenia and Slovakia are now part of the Eurozone. Closes: #510423. stable/main/binary-arm/libnss-files-udeb_2.3.6.ds1-13etch9_arm.udeb stable/main/binary-arm/libc6-prof_2.3.6.ds1-13etch9_arm.deb stable/main/binary-arm/libc6-pic_2.3.6.ds1-13etch9_arm.deb stable/main/binary-arm/libc6-udeb_2.3.6.ds1-13etch9_arm.udeb stable/main/binary-arm/nscd_2.3.6.ds1-13etch9_arm.deb stable/main/binary-arm/libnss-dns-udeb_2.3.6.ds1-13etch9_arm.udeb stable/main/binary-arm/locales-all_2.3.6.ds1-13etch9_arm.deb stable/main/binary-arm/libc6-dbg_2.3.6.ds1-13etch9_arm.deb stable/main/binary-arm/libc6_2.3.6.ds1-13etch9_arm.deb stable/main/binary-arm/libc6-dev_2.3.6.ds1-13etch9_arm.deb glibc (2.3.6.ds1-13etch9) stable; urgency=low * Backport from unstable: patches/localedata/sk_SK_euro.diff, patches/localedata/sl_SI_euro.diff. Slovenia and Slovakia are now part of the Eurozone. Closes: #510423. stable/main/binary-alpha/libc6.1-udeb_2.3.6.ds1-13etch9_alpha.udeb stable/main/binary-alpha/locales-all_2.3.6.ds1-13etch9_alpha.deb stable/main/binary-alpha/libc6.1_2.3.6.ds1-13etch9_alpha.deb stable/main/binary-alpha/libc6.1-pic_2.3.6.ds1-13etch9_alpha.deb stable/main/binary-alpha/libc6.1-prof_2.3.6.ds1-13etch9_alpha.deb stable/main/binary-alpha/nscd_2.3.6.ds1-13etch9_alpha.deb stable/main/binary-alpha/libnss-files-udeb_2.3.6.ds1-13etch9_alpha.udeb stable/main/binary-alpha/libc6.1-dbg_2.3.6.ds1-13etch9_alpha.deb stable/main/binary-alpha/libc6.1-dev_2.3.6.ds1-13etch9_alpha.deb stable/main/binary-alpha/libnss-dns-udeb_2.3.6.ds1-13etch9_alpha.udeb glibc (2.3.6.ds1-13etch9) stable; urgency=low * Backport from unstable: patches/localedata/sk_SK_euro.diff, patches/localedata/sl_SI_euro.diff. Slovenia and Slovakia are now part of the Eurozone. Closes: #510423. stable/main/binary-amd64/libc6-prof_2.3.6.ds1-13etch9_amd64.deb stable/main/binary-amd64/nscd_2.3.6.ds1-13etch9_amd64.deb stable/main/binary-amd64/libnss-files-udeb_2.3.6.ds1-13etch9_amd64.udeb stable/main/binary-amd64/libc6-dbg_2.3.6.ds1-13etch9_amd64.deb stable/main/binary-amd64/libnss-dns-udeb_2.3.6.ds1-13etch9_amd64.udeb stable/main/binary-amd64/libc6-udeb_2.3.6.ds1-13etch9_amd64.udeb stable/main/binary-amd64/libc6-i386_2.3.6.ds1-13etch9_amd64.deb stable/main/binary-amd64/locales-all_2.3.6.ds1-13etch9_amd64.deb stable/main/binary-amd64/libc6-dev_2.3.6.ds1-13etch9_amd64.deb stable/main/binary-amd64/libc6-dev-i386_2.3.6.ds1-13etch9_amd64.deb stable/main/binary-amd64/libc6_2.3.6.ds1-13etch9_amd64.deb stable/main/source/glibc_2.3.6.ds1-13etch9.diff.gz stable/main/binary-amd64/libc6-pic_2.3.6.ds1-13etch9_amd64.deb stable/main/source/glibc_2.3.6.ds1-13etch9.dsc stable/main/binary-all/glibc-doc_2.3.6.ds1-13etch9_all.deb stable/main/binary-all/locales_2.3.6.ds1-13etch9_all.deb glibc (2.3.6.ds1-13etch9) stable; urgency=low * Backport from unstable: patches/localedata/sk_SK_euro.diff, patches/localedata/sl_SI_euro.diff. Slovenia and Slovakia are now part of the Eurozone. Closes: #510423. stable/main/binary-sparc/git-core_1.4.4.4-4+etch1_sparc.deb git-core (1:1.4.4.4-4+etch1) stable-security; urgency=high * Fix gitweb command injection issues involving diffs, snapshots (CVE-2008-5517) and searches (CVE-2008-5516). stable/main/binary-s390/git-core_1.4.4.4-4+etch1_s390.deb git-core (1:1.4.4.4-4+etch1) stable-security; urgency=high * Fix gitweb command injection issues involving diffs, snapshots (CVE-2008-5517) and searches (CVE-2008-5516). stable/main/binary-powerpc/git-core_1.4.4.4-4+etch1_powerpc.deb git-core (1:1.4.4.4-4+etch1) stable-security; urgency=high * Fix gitweb command injection issues involving diffs, snapshots (CVE-2008-5517) and searches (CVE-2008-5516). stable/main/binary-mipsel/git-core_1.4.4.4-4+etch1_mipsel.deb git-core (1:1.4.4.4-4+etch1) stable-security; urgency=high * Fix gitweb command injection issues involving diffs, snapshots (CVE-2008-5517) and searches (CVE-2008-5516). stable/main/binary-mips/git-core_1.4.4.4-4+etch1_mips.deb git-core (1:1.4.4.4-4+etch1) stable-security; urgency=high * Fix gitweb command injection issues involving diffs, snapshots (CVE-2008-5517) and searches (CVE-2008-5516). stable/main/binary-ia64/git-core_1.4.4.4-4+etch1_ia64.deb git-core (1:1.4.4.4-4+etch1) stable-security; urgency=high * Fix gitweb command injection issues involving diffs, snapshots (CVE-2008-5517) and searches (CVE-2008-5516). stable/main/binary-hppa/git-core_1.4.4.4-4+etch1_hppa.deb git-core (1:1.4.4.4-4+etch1) stable-security; urgency=high * Fix gitweb command injection issues involving diffs, snapshots (CVE-2008-5517) and searches (CVE-2008-5516). stable/main/binary-arm/git-core_1.4.4.4-4+etch1_arm.deb git-core (1:1.4.4.4-4+etch1) stable-security; urgency=high * Fix gitweb command injection issues involving diffs, snapshots (CVE-2008-5517) and searches (CVE-2008-5516). stable/main/binary-amd64/git-core_1.4.4.4-4+etch1_amd64.deb git-core (1:1.4.4.4-4+etch1) stable-security; urgency=high * Fix gitweb command injection issues involving diffs, snapshots (CVE-2008-5517) and searches (CVE-2008-5516). stable/main/binary-alpha/git-core_1.4.4.4-4+etch1_alpha.deb git-core (1:1.4.4.4-4+etch1) stable-security; urgency=high * Fix gitweb command injection issues involving diffs, snapshots (CVE-2008-5517) and searches (CVE-2008-5516). stable/main/source/git-core_1.4.4.4-4+etch1.diff.gz stable/main/binary-all/gitweb_1.4.4.4-4+etch1_all.deb stable/main/binary-all/git-daemon-run_1.4.4.4-4+etch1_all.deb stable/main/binary-all/git-svn_1.4.4.4-4+etch1_all.deb stable/main/binary-i386/git-core_1.4.4.4-4+etch1_i386.deb stable/main/binary-all/gitk_1.4.4.4-4+etch1_all.deb stable/main/binary-all/git-doc_1.4.4.4-4+etch1_all.deb stable/main/binary-all/git-email_1.4.4.4-4+etch1_all.deb stable/main/binary-all/git-arch_1.4.4.4-4+etch1_all.deb stable/main/binary-all/git-cvs_1.4.4.4-4+etch1_all.deb stable/main/source/git-core_1.4.4.4-4+etch1.dsc git-core (1:1.4.4.4-4+etch1) stable-security; urgency=high * Fix gitweb command injection issues involving diffs, snapshots (CVE-2008-5517) and searches (CVE-2008-5516). stable/main/binary-all/gforge_4.5.14-22etch10_all.deb stable/main/binary-all/gforge-web-apache_4.5.14-22etch10_all.deb stable/main/binary-all/gforge-dns-bind9_4.5.14-22etch10_all.deb stable/main/binary-all/gforge-mta-courier_4.5.14-22etch10_all.deb stable/main/source/gforge_4.5.14-22etch10.diff.gz stable/main/source/gforge_4.5.14-22etch10.dsc stable/main/binary-all/gforge-mta-exim4_4.5.14-22etch10_all.deb stable/main/binary-all/gforge-ldap-openldap_4.5.14-22etch10_all.deb stable/main/binary-all/gforge-db-postgresql_4.5.14-22etch10_all.deb stable/main/binary-all/gforge-shell-ldap_4.5.14-22etch10_all.deb stable/main/binary-all/gforge-ftp-proftpd_4.5.14-22etch10_all.deb stable/main/binary-all/gforge-common_4.5.14-22etch10_all.deb stable/main/binary-all/gforge-lists-mailman_4.5.14-22etch10_all.deb stable/main/binary-all/gforge-mta-postfix_4.5.14-22etch10_all.deb stable/main/binary-all/gforge-shell-postgresql_4.5.14-22etch10_all.deb stable/main/binary-all/gforge-mta-exim_4.5.14-22etch10_all.deb gforge (4.5.14-22etch10) stable-security; urgency=high * Fixed yet another SQL injection vulnerability due to insufficient input sanitizing (CVE-2008-2381). stable/main/binary-sparc/ganglia-monitor_2.5.7-3.1etch1_sparc.deb stable/main/binary-sparc/gmetad_2.5.7-3.1etch1_sparc.deb stable/main/binary-sparc/libganglia1-dev_2.5.7-3.1etch1_sparc.deb stable/main/binary-sparc/libganglia1_2.5.7-3.1etch1_sparc.deb ganglia-monitor-core (2.5.7-3.1etch1) stable-security; urgency=high * Fix for buffer overflows, see CVE-2009-0241 and CVE-2009-0242 stable/main/binary-s390/ganglia-monitor_2.5.7-3.1etch1_s390.deb stable/main/binary-s390/libganglia1_2.5.7-3.1etch1_s390.deb stable/main/binary-s390/libganglia1-dev_2.5.7-3.1etch1_s390.deb stable/main/binary-s390/gmetad_2.5.7-3.1etch1_s390.deb ganglia-monitor-core (2.5.7-3.1etch1) stable-security; urgency=high * Fix for buffer overflows, see CVE-2009-0241 and CVE-2009-0242 stable/main/binary-powerpc/ganglia-monitor_2.5.7-3.1etch1_powerpc.deb stable/main/binary-powerpc/libganglia1-dev_2.5.7-3.1etch1_powerpc.deb stable/main/binary-powerpc/libganglia1_2.5.7-3.1etch1_powerpc.deb stable/main/binary-powerpc/gmetad_2.5.7-3.1etch1_powerpc.deb ganglia-monitor-core (2.5.7-3.1etch1) stable-security; urgency=high * Fix for buffer overflows, see CVE-2009-0241 and CVE-2009-0242 stable/main/binary-mipsel/gmetad_2.5.7-3.1etch1_mipsel.deb stable/main/binary-mipsel/libganglia1_2.5.7-3.1etch1_mipsel.deb stable/main/binary-mipsel/ganglia-monitor_2.5.7-3.1etch1_mipsel.deb stable/main/binary-mipsel/libganglia1-dev_2.5.7-3.1etch1_mipsel.deb ganglia-monitor-core (2.5.7-3.1etch1) stable-security; urgency=high * Fix for buffer overflows, see CVE-2009-0241 and CVE-2009-0242 stable/main/binary-mips/ganglia-monitor_2.5.7-3.1etch1_mips.deb stable/main/binary-mips/gmetad_2.5.7-3.1etch1_mips.deb stable/main/binary-mips/libganglia1_2.5.7-3.1etch1_mips.deb stable/main/binary-mips/libganglia1-dev_2.5.7-3.1etch1_mips.deb ganglia-monitor-core (2.5.7-3.1etch1) stable-security; urgency=high * Fix for buffer overflows, see CVE-2009-0241 and CVE-2009-0242 stable/main/binary-ia64/ganglia-monitor_2.5.7-3.1etch1_ia64.deb stable/main/binary-ia64/libganglia1-dev_2.5.7-3.1etch1_ia64.deb stable/main/binary-ia64/libganglia1_2.5.7-3.1etch1_ia64.deb stable/main/binary-ia64/gmetad_2.5.7-3.1etch1_ia64.deb ganglia-monitor-core (2.5.7-3.1etch1) stable-security; urgency=high * Fix for buffer overflows, see CVE-2009-0241 and CVE-2009-0242 stable/main/binary-hppa/gmetad_2.5.7-3.1etch1_hppa.deb stable/main/binary-hppa/libganglia1_2.5.7-3.1etch1_hppa.deb stable/main/binary-hppa/libganglia1-dev_2.5.7-3.1etch1_hppa.deb stable/main/binary-hppa/ganglia-monitor_2.5.7-3.1etch1_hppa.deb ganglia-monitor-core (2.5.7-3.1etch1) stable-security; urgency=high * Fix for buffer overflows, see CVE-2009-0241 and CVE-2009-0242 stable/main/binary-arm/gmetad_2.5.7-3.1etch1_arm.deb stable/main/binary-arm/libganglia1_2.5.7-3.1etch1_arm.deb stable/main/binary-arm/libganglia1-dev_2.5.7-3.1etch1_arm.deb stable/main/binary-arm/ganglia-monitor_2.5.7-3.1etch1_arm.deb ganglia-monitor-core (2.5.7-3.1etch1) stable-security; urgency=high * Fix for buffer overflows, see CVE-2009-0241 and CVE-2009-0242 stable/main/binary-amd64/gmetad_2.5.7-3.1etch1_amd64.deb stable/main/binary-amd64/libganglia1-dev_2.5.7-3.1etch1_amd64.deb stable/main/binary-amd64/libganglia1_2.5.7-3.1etch1_amd64.deb stable/main/binary-amd64/ganglia-monitor_2.5.7-3.1etch1_amd64.deb ganglia-monitor-core (2.5.7-3.1etch1) stable-security; urgency=high * Fix for buffer overflows, see CVE-2009-0241 and CVE-2009-0242 stable/main/binary-alpha/libganglia1-dev_2.5.7-3.1etch1_alpha.deb stable/main/binary-alpha/gmetad_2.5.7-3.1etch1_alpha.deb stable/main/binary-alpha/libganglia1_2.5.7-3.1etch1_alpha.deb stable/main/binary-alpha/ganglia-monitor_2.5.7-3.1etch1_alpha.deb ganglia-monitor-core (2.5.7-3.1etch1) stable-security; urgency=high * Fix for buffer overflows, see CVE-2009-0241 and CVE-2009-0242 stable/main/binary-i386/libganglia1_2.5.7-3.1etch1_i386.deb stable/main/binary-i386/gmetad_2.5.7-3.1etch1_i386.deb stable/main/source/ganglia-monitor-core_2.5.7-3.1etch1.dsc stable/main/binary-i386/ganglia-monitor_2.5.7-3.1etch1_i386.deb stable/main/source/ganglia-monitor-core_2.5.7-3.1etch1.diff.gz stable/main/binary-i386/libganglia1-dev_2.5.7-3.1etch1_i386.deb ganglia-monitor-core (2.5.7-3.1etch1) stable-security; urgency=high * Fix for buffer overflows, see CVE-2009-0241 and CVE-2009-0242 stable/main/binary-powerpc/fai-kernels_1.17+etch.24_powerpc.deb fai-kernels (1.17+etch.24) stable; urgency=high * Rebuild against linux-source-2.6.18_2.6.18.dfsg.1-24: [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/binary-amd64/fai-kernels_1.17+etch.24_amd64.deb fai-kernels (1.17+etch.24) stable; urgency=high * Rebuild against linux-source-2.6.18_2.6.18.dfsg.1-24: [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/source/fai-kernels_1.17+etch.24.tar.gz stable/main/source/fai-kernels_1.17+etch.24.dsc stable/main/binary-i386/fai-kernels_1.17+etch.24_i386.deb fai-kernels (1.17+etch.24) stable; urgency=high * Rebuild against linux-source-2.6.18_2.6.18.dfsg.1-24: [ dann frazier ] * cciss: Add support for new hardware (closes: #502553) - Add PCI ids for P700m, P212, P410, P410i, P411, P812, P711m, p712m - Read the FIFO size from the controller config instead of hardcoding it into the driver * [hppa] disable UP-optimized flush_tlb_mm, fixing thread-related hangs. (closes: #478717) [ Ian Campbell ] * xen: Add softlockup-no-idle-hz.patch to prevent softlockup in xen guest. (closes: #506418) [ Bastian Blank ] * [xen] Remove 4gb segments warning completely. (closes: #391373) * [xen/i386] Fix pseudo hwcap value to match newer kernels. (closes: #506420) stable/main/binary-sparc/devscripts_2.9.26etch2_sparc.deb devscripts (2.9.26etch2) stable; urgency=low * debsign: Use mktemp rather than creating a temporary directory named after the process ID. (Closes: #507482) stable/main/binary-s390/devscripts_2.9.26etch2_s390.deb devscripts (2.9.26etch2) stable; urgency=low * debsign: Use mktemp rather than creating a temporary directory named after the process ID. (Closes: #507482) stable/main/binary-powerpc/devscripts_2.9.26etch2_powerpc.deb devscripts (2.9.26etch2) stable; urgency=low * debsign: Use mktemp rather than creating a temporary directory named after the process ID. (Closes: #507482) stable/main/binary-mipsel/devscripts_2.9.26etch2_mipsel.deb devscripts (2.9.26etch2) stable; urgency=low * debsign: Use mktemp rather than creating a temporary directory named after the process ID. (Closes: #507482) stable/main/binary-mips/devscripts_2.9.26etch2_mips.deb devscripts (2.9.26etch2) stable; urgency=low * debsign: Use mktemp rather than creating a temporary directory named after the process ID. (Closes: #507482) stable/main/binary-ia64/devscripts_2.9.26etch2_ia64.deb devscripts (2.9.26etch2) stable; urgency=low * debsign: Use mktemp rather than creating a temporary directory named after the process ID. (Closes: #507482) stable/main/binary-i386/devscripts_2.9.26etch2_i386.deb devscripts (2.9.26etch2) stable; urgency=low * debsign: Use mktemp rather than creating a temporary directory named after the process ID. (Closes: #507482) stable/main/binary-hppa/devscripts_2.9.26etch2_hppa.deb devscripts (2.9.26etch2) stable; urgency=low * debsign: Use mktemp rather than creating a temporary directory named after the process ID. (Closes: #507482) stable/main/binary-arm/devscripts_2.9.26etch2_arm.deb devscripts (2.9.26etch2) stable; urgency=low * debsign: Use mktemp rather than creating a temporary directory named after the process ID. (Closes: #507482) stable/main/binary-alpha/devscripts_2.9.26etch2_alpha.deb devscripts (2.9.26etch2) stable; urgency=low * debsign: Use mktemp rather than creating a temporary directory named after the process ID. (Closes: #507482) stable/main/source/devscripts_2.9.26etch2.tar.gz stable/main/binary-amd64/devscripts_2.9.26etch2_amd64.deb stable/main/source/devscripts_2.9.26etch2.dsc devscripts (2.9.26etch2) stable; urgency=low * debsign: Use mktemp rather than creating a temporary directory named after the process ID. (Closes: #507482) stable/main/binary-all/crip_3.7-3+etch2_all.deb stable/main/source/crip_3.7-3+etch2.dsc stable/main/source/crip_3.7-3+etch2.diff.gz crip (3.7-3+etch2) stable-proposed-updates; urgency=low * still use tempdir to safely create a temporary directory if the user set cddbsubmitdir (like in the example criprc) crip (3.7-3+etch1) stable-proposed-updates; urgency=low * fix possible symlink attack CVE-2008-5376 (Closes: #509275) stable/main/binary-sparc/courier-authlib-userdb_0.58-4+etch3_sparc.deb stable/main/binary-sparc/courier-authlib-dev_0.58-4+etch3_sparc.deb stable/main/binary-sparc/courier-authdaemon_0.58-4+etch3_sparc.deb stable/main/binary-sparc/courier-authlib_0.58-4+etch3_sparc.deb stable/main/binary-sparc/courier-authlib-pipe_0.58-4+etch3_sparc.deb stable/main/binary-sparc/courier-authlib-mysql_0.58-4+etch3_sparc.deb stable/main/binary-sparc/courier-authlib-ldap_0.58-4+etch3_sparc.deb stable/main/binary-sparc/courier-authlib-postgresql_0.58-4+etch3_sparc.deb courier-authlib (0.58-4+etch3) stable-security; urgency=high * Non-maintainer upload by the security team * Fix regression in SQL query, when authenticating with a username and not a mail address Thanks to Micha Lenk for helping me spot this stable/main/binary-s390/courier-authlib-pipe_0.58-4+etch3_s390.deb stable/main/binary-s390/courier-authlib-postgresql_0.58-4+etch3_s390.deb stable/main/binary-s390/courier-authlib-dev_0.58-4+etch3_s390.deb stable/main/binary-s390/courier-authlib-mysql_0.58-4+etch3_s390.deb stable/main/binary-s390/courier-authlib-ldap_0.58-4+etch3_s390.deb stable/main/binary-s390/courier-authdaemon_0.58-4+etch3_s390.deb stable/main/binary-s390/courier-authlib_0.58-4+etch3_s390.deb stable/main/binary-s390/courier-authlib-userdb_0.58-4+etch3_s390.deb courier-authlib (0.58-4+etch3) stable-security; urgency=high * Non-maintainer upload by the security team * Fix regression in SQL query, when authenticating with a username and not a mail address Thanks to Micha Lenk for helping me spot this stable/main/binary-powerpc/courier-authlib_0.58-4+etch3_powerpc.deb stable/main/binary-powerpc/courier-authdaemon_0.58-4+etch3_powerpc.deb stable/main/binary-powerpc/courier-authlib-pipe_0.58-4+etch3_powerpc.deb stable/main/binary-powerpc/courier-authlib-mysql_0.58-4+etch3_powerpc.deb stable/main/binary-powerpc/courier-authlib-userdb_0.58-4+etch3_powerpc.deb stable/main/binary-powerpc/courier-authlib-postgresql_0.58-4+etch3_powerpc.deb stable/main/binary-powerpc/courier-authlib-dev_0.58-4+etch3_powerpc.deb stable/main/binary-powerpc/courier-authlib-ldap_0.58-4+etch3_powerpc.deb courier-authlib (0.58-4+etch3) stable-security; urgency=high * Non-maintainer upload by the security team * Fix regression in SQL query, when authenticating with a username and not a mail address Thanks to Micha Lenk for helping me spot this stable/main/binary-mipsel/courier-authlib-postgresql_0.58-4+etch3_mipsel.deb stable/main/binary-mipsel/courier-authlib-ldap_0.58-4+etch3_mipsel.deb stable/main/binary-mipsel/courier-authlib-dev_0.58-4+etch3_mipsel.deb stable/main/binary-mipsel/courier-authlib_0.58-4+etch3_mipsel.deb stable/main/binary-mipsel/courier-authdaemon_0.58-4+etch3_mipsel.deb stable/main/binary-mipsel/courier-authlib-mysql_0.58-4+etch3_mipsel.deb stable/main/binary-mipsel/courier-authlib-userdb_0.58-4+etch3_mipsel.deb stable/main/binary-mipsel/courier-authlib-pipe_0.58-4+etch3_mipsel.deb courier-authlib (0.58-4+etch3) stable-security; urgency=high * Non-maintainer upload by the security team * Fix regression in SQL query, when authenticating with a username and not a mail address Thanks to Micha Lenk for helping me spot this stable/main/binary-mips/courier-authlib-dev_0.58-4+etch3_mips.deb stable/main/binary-mips/courier-authlib-ldap_0.58-4+etch3_mips.deb stable/main/binary-mips/courier-authlib-pipe_0.58-4+etch3_mips.deb stable/main/binary-mips/courier-authdaemon_0.58-4+etch3_mips.deb stable/main/binary-mips/courier-authlib_0.58-4+etch3_mips.deb stable/main/binary-mips/courier-authlib-postgresql_0.58-4+etch3_mips.deb stable/main/binary-mips/courier-authlib-mysql_0.58-4+etch3_mips.deb stable/main/binary-mips/courier-authlib-userdb_0.58-4+etch3_mips.deb courier-authlib (0.58-4+etch3) stable-security; urgency=high * Non-maintainer upload by the security team * Fix regression in SQL query, when authenticating with a username and not a mail address Thanks to Micha Lenk for helping me spot this stable/main/binary-ia64/courier-authlib_0.58-4+etch3_ia64.deb stable/main/binary-ia64/courier-authlib-ldap_0.58-4+etch3_ia64.deb stable/main/binary-ia64/courier-authlib-postgresql_0.58-4+etch3_ia64.deb stable/main/binary-ia64/courier-authlib-userdb_0.58-4+etch3_ia64.deb stable/main/binary-ia64/courier-authdaemon_0.58-4+etch3_ia64.deb stable/main/binary-ia64/courier-authlib-mysql_0.58-4+etch3_ia64.deb stable/main/binary-ia64/courier-authlib-dev_0.58-4+etch3_ia64.deb stable/main/binary-ia64/courier-authlib-pipe_0.58-4+etch3_ia64.deb courier-authlib (0.58-4+etch3) stable-security; urgency=high * Non-maintainer upload by the security team * Fix regression in SQL query, when authenticating with a username and not a mail address Thanks to Micha Lenk for helping me spot this stable/main/binary-hppa/courier-authdaemon_0.58-4+etch3_hppa.deb stable/main/binary-hppa/courier-authlib-userdb_0.58-4+etch3_hppa.deb stable/main/binary-hppa/courier-authlib-mysql_0.58-4+etch3_hppa.deb stable/main/binary-hppa/courier-authlib-postgresql_0.58-4+etch3_hppa.deb stable/main/binary-hppa/courier-authlib_0.58-4+etch3_hppa.deb stable/main/binary-hppa/courier-authlib-pipe_0.58-4+etch3_hppa.deb stable/main/binary-hppa/courier-authlib-ldap_0.58-4+etch3_hppa.deb stable/main/binary-hppa/courier-authlib-dev_0.58-4+etch3_hppa.deb courier-authlib (0.58-4+etch3) stable-security; urgency=high * Non-maintainer upload by the security team * Fix regression in SQL query, when authenticating with a username and not a mail address Thanks to Micha Lenk for helping me spot this stable/main/binary-arm/courier-authlib-mysql_0.58-4+etch3_arm.deb stable/main/binary-arm/courier-authlib-dev_0.58-4+etch3_arm.deb stable/main/binary-arm/courier-authdaemon_0.58-4+etch3_arm.deb stable/main/binary-arm/courier-authlib-userdb_0.58-4+etch3_arm.deb stable/main/binary-arm/courier-authlib-postgresql_0.58-4+etch3_arm.deb stable/main/binary-arm/courier-authlib-pipe_0.58-4+etch3_arm.deb stable/main/binary-arm/courier-authlib-ldap_0.58-4+etch3_arm.deb stable/main/binary-arm/courier-authlib_0.58-4+etch3_arm.deb courier-authlib (0.58-4+etch3) stable-security; urgency=high * Non-maintainer upload by the security team * Fix regression in SQL query, when authenticating with a username and not a mail address Thanks to Micha Lenk for helping me spot this stable/main/binary-amd64/courier-authlib-dev_0.58-4+etch3_amd64.deb stable/main/binary-amd64/courier-authlib-ldap_0.58-4+etch3_amd64.deb stable/main/binary-amd64/courier-authlib-pipe_0.58-4+etch3_amd64.deb stable/main/binary-amd64/courier-authdaemon_0.58-4+etch3_amd64.deb stable/main/binary-amd64/courier-authlib_0.58-4+etch3_amd64.deb stable/main/binary-amd64/courier-authlib-mysql_0.58-4+etch3_amd64.deb stable/main/binary-amd64/courier-authlib-postgresql_0.58-4+etch3_amd64.deb stable/main/binary-amd64/courier-authlib-userdb_0.58-4+etch3_amd64.deb courier-authlib (0.58-4+etch3) stable-security; urgency=high * Non-maintainer upload by the security team * Fix regression in SQL query, when authenticating with a username and not a mail address Thanks to Micha Lenk for helping me spot this stable/main/binary-alpha/courier-authlib-dev_0.58-4+etch3_alpha.deb stable/main/binary-alpha/courier-authlib_0.58-4+etch3_alpha.deb stable/main/binary-alpha/courier-authlib-pipe_0.58-4+etch3_alpha.deb stable/main/binary-alpha/courier-authlib-postgresql_0.58-4+etch3_alpha.deb stable/main/binary-alpha/courier-authlib-ldap_0.58-4+etch3_alpha.deb stable/main/binary-alpha/courier-authdaemon_0.58-4+etch3_alpha.deb stable/main/binary-alpha/courier-authlib-mysql_0.58-4+etch3_alpha.deb stable/main/binary-alpha/courier-authlib-userdb_0.58-4+etch3_alpha.deb courier-authlib (0.58-4+etch3) stable-security; urgency=high * Non-maintainer upload by the security team * Fix regression in SQL query, when authenticating with a username and not a mail address Thanks to Micha Lenk for helping me spot this stable/main/binary-i386/courier-authlib-mysql_0.58-4+etch3_i386.deb stable/main/binary-i386/courier-authlib-ldap_0.58-4+etch3_i386.deb stable/main/binary-i386/courier-authdaemon_0.58-4+etch3_i386.deb stable/main/source/courier-authlib_0.58-4+etch3.diff.gz stable/main/binary-i386/courier-authlib_0.58-4+etch3_i386.deb stable/main/binary-i386/courier-authlib-postgresql_0.58-4+etch3_i386.deb stable/main/binary-i386/courier-authlib-userdb_0.58-4+etch3_i386.deb stable/main/binary-i386/courier-authlib-pipe_0.58-4+etch3_i386.deb stable/main/source/courier-authlib_0.58-4+etch3.dsc stable/main/binary-i386/courier-authlib-dev_0.58-4+etch3_i386.deb courier-authlib (0.58-4+etch3) stable-security; urgency=high * Non-maintainer upload by the security team * Fix regression in SQL query, when authenticating with a username and not a mail address Thanks to Micha Lenk for helping me spot this stable/main/binary-sparc/dnsutils_9.3.4-2etch4_sparc.deb stable/main/binary-sparc/liblwres9_9.3.4-2etch4_sparc.deb stable/main/binary-sparc/bind9-host_9.3.4-2etch4_sparc.deb stable/main/binary-sparc/libbind-dev_9.3.4-2etch4_sparc.deb stable/main/binary-sparc/libisc11_9.3.4-2etch4_sparc.deb stable/main/binary-sparc/libisccfg1_9.3.4-2etch4_sparc.deb stable/main/binary-sparc/lwresd_9.3.4-2etch4_sparc.deb stable/main/binary-sparc/libdns22_9.3.4-2etch4_sparc.deb stable/main/binary-sparc/libisccc0_9.3.4-2etch4_sparc.deb stable/main/binary-sparc/libbind9-0_9.3.4-2etch4_sparc.deb stable/main/binary-sparc/bind9_9.3.4-2etch4_sparc.deb bind9 (1:9.3.4-2etch4) stable-security; urgency=high * Fix check of DSA_do_verify return value. stable/main/binary-s390/libisccfg1_9.3.4-2etch4_s390.deb stable/main/binary-s390/libbind9-0_9.3.4-2etch4_s390.deb stable/main/binary-s390/libisc11_9.3.4-2etch4_s390.deb stable/main/binary-s390/bind9-host_9.3.4-2etch4_s390.deb stable/main/binary-s390/dnsutils_9.3.4-2etch4_s390.deb stable/main/binary-s390/bind9_9.3.4-2etch4_s390.deb stable/main/binary-s390/libdns22_9.3.4-2etch4_s390.deb stable/main/binary-s390/libbind-dev_9.3.4-2etch4_s390.deb stable/main/binary-s390/liblwres9_9.3.4-2etch4_s390.deb stable/main/binary-s390/libisccc0_9.3.4-2etch4_s390.deb stable/main/binary-s390/lwresd_9.3.4-2etch4_s390.deb bind9 (1:9.3.4-2etch4) stable-security; urgency=high * Fix check of DSA_do_verify return value. stable/main/binary-powerpc/bind9_9.3.4-2etch4_powerpc.deb stable/main/binary-powerpc/dnsutils_9.3.4-2etch4_powerpc.deb stable/main/binary-powerpc/libbind9-0_9.3.4-2etch4_powerpc.deb stable/main/binary-powerpc/libisccc0_9.3.4-2etch4_powerpc.deb stable/main/binary-powerpc/libisc11_9.3.4-2etch4_powerpc.deb stable/main/binary-powerpc/libisccfg1_9.3.4-2etch4_powerpc.deb stable/main/binary-powerpc/bind9-host_9.3.4-2etch4_powerpc.deb stable/main/binary-powerpc/libdns22_9.3.4-2etch4_powerpc.deb stable/main/binary-powerpc/libbind-dev_9.3.4-2etch4_powerpc.deb stable/main/binary-powerpc/lwresd_9.3.4-2etch4_powerpc.deb stable/main/binary-powerpc/liblwres9_9.3.4-2etch4_powerpc.deb bind9 (1:9.3.4-2etch4) stable-security; urgency=high * Fix check of DSA_do_verify return value. stable/main/binary-mipsel/libbind9-0_9.3.4-2etch4_mipsel.deb stable/main/binary-mipsel/dnsutils_9.3.4-2etch4_mipsel.deb stable/main/binary-mipsel/libisccfg1_9.3.4-2etch4_mipsel.deb stable/main/binary-mipsel/bind9-host_9.3.4-2etch4_mipsel.deb stable/main/binary-mipsel/liblwres9_9.3.4-2etch4_mipsel.deb stable/main/binary-mipsel/libisccc0_9.3.4-2etch4_mipsel.deb stable/main/binary-mipsel/libdns22_9.3.4-2etch4_mipsel.deb stable/main/binary-mipsel/lwresd_9.3.4-2etch4_mipsel.deb stable/main/binary-mipsel/libbind-dev_9.3.4-2etch4_mipsel.deb stable/main/binary-mipsel/libisc11_9.3.4-2etch4_mipsel.deb stable/main/binary-mipsel/bind9_9.3.4-2etch4_mipsel.deb bind9 (1:9.3.4-2etch4) stable-security; urgency=high * Fix check of DSA_do_verify return value. stable/main/binary-mips/libisccc0_9.3.4-2etch4_mips.deb stable/main/binary-mips/libbind9-0_9.3.4-2etch4_mips.deb stable/main/binary-mips/liblwres9_9.3.4-2etch4_mips.deb stable/main/binary-mips/lwresd_9.3.4-2etch4_mips.deb stable/main/binary-mips/libisccfg1_9.3.4-2etch4_mips.deb stable/main/binary-mips/dnsutils_9.3.4-2etch4_mips.deb stable/main/binary-mips/libdns22_9.3.4-2etch4_mips.deb stable/main/binary-mips/libbind-dev_9.3.4-2etch4_mips.deb stable/main/binary-mips/bind9_9.3.4-2etch4_mips.deb stable/main/binary-mips/libisc11_9.3.4-2etch4_mips.deb stable/main/binary-mips/bind9-host_9.3.4-2etch4_mips.deb bind9 (1:9.3.4-2etch4) stable-security; urgency=high * Fix check of DSA_do_verify return value. stable/main/binary-ia64/libisccfg1_9.3.4-2etch4_ia64.deb stable/main/binary-ia64/libisccc0_9.3.4-2etch4_ia64.deb stable/main/binary-ia64/libbind-dev_9.3.4-2etch4_ia64.deb stable/main/binary-ia64/dnsutils_9.3.4-2etch4_ia64.deb stable/main/binary-ia64/liblwres9_9.3.4-2etch4_ia64.deb stable/main/binary-ia64/libisc11_9.3.4-2etch4_ia64.deb stable/main/binary-ia64/bind9_9.3.4-2etch4_ia64.deb stable/main/binary-ia64/libbind9-0_9.3.4-2etch4_ia64.deb stable/main/binary-ia64/libdns22_9.3.4-2etch4_ia64.deb stable/main/binary-ia64/lwresd_9.3.4-2etch4_ia64.deb stable/main/binary-ia64/bind9-host_9.3.4-2etch4_ia64.deb bind9 (1:9.3.4-2etch4) stable-security; urgency=high * Fix check of DSA_do_verify return value. stable/main/binary-i386/liblwres9_9.3.4-2etch4_i386.deb stable/main/binary-i386/libbind9-0_9.3.4-2etch4_i386.deb stable/main/binary-i386/lwresd_9.3.4-2etch4_i386.deb stable/main/binary-i386/libdns22_9.3.4-2etch4_i386.deb stable/main/binary-i386/bind9_9.3.4-2etch4_i386.deb stable/main/binary-i386/libisc11_9.3.4-2etch4_i386.deb stable/main/binary-i386/libbind-dev_9.3.4-2etch4_i386.deb stable/main/binary-i386/dnsutils_9.3.4-2etch4_i386.deb stable/main/binary-i386/bind9-host_9.3.4-2etch4_i386.deb stable/main/binary-i386/libisccfg1_9.3.4-2etch4_i386.deb stable/main/binary-i386/libisccc0_9.3.4-2etch4_i386.deb bind9 (1:9.3.4-2etch4) stable-security; urgency=high * Fix check of DSA_do_verify return value. stable/main/binary-hppa/libisccc0_9.3.4-2etch4_hppa.deb stable/main/binary-hppa/lwresd_9.3.4-2etch4_hppa.deb stable/main/binary-hppa/libbind9-0_9.3.4-2etch4_hppa.deb stable/main/binary-hppa/bind9-host_9.3.4-2etch4_hppa.deb stable/main/binary-hppa/libbind-dev_9.3.4-2etch4_hppa.deb stable/main/binary-hppa/libisc11_9.3.4-2etch4_hppa.deb stable/main/binary-hppa/bind9_9.3.4-2etch4_hppa.deb stable/main/binary-hppa/libdns22_9.3.4-2etch4_hppa.deb stable/main/binary-hppa/liblwres9_9.3.4-2etch4_hppa.deb stable/main/binary-hppa/dnsutils_9.3.4-2etch4_hppa.deb stable/main/binary-hppa/libisccfg1_9.3.4-2etch4_hppa.deb bind9 (1:9.3.4-2etch4) stable-security; urgency=high * Fix check of DSA_do_verify return value. stable/main/binary-arm/libisccc0_9.3.4-2etch4_arm.deb stable/main/binary-arm/dnsutils_9.3.4-2etch4_arm.deb stable/main/binary-arm/libdns22_9.3.4-2etch4_arm.deb stable/main/binary-arm/bind9-host_9.3.4-2etch4_arm.deb stable/main/binary-arm/liblwres9_9.3.4-2etch4_arm.deb stable/main/binary-arm/libisccfg1_9.3.4-2etch4_arm.deb stable/main/binary-arm/libisc11_9.3.4-2etch4_arm.deb stable/main/binary-arm/lwresd_9.3.4-2etch4_arm.deb stable/main/binary-arm/bind9_9.3.4-2etch4_arm.deb stable/main/binary-arm/libbind9-0_9.3.4-2etch4_arm.deb stable/main/binary-arm/libbind-dev_9.3.4-2etch4_arm.deb bind9 (1:9.3.4-2etch4) stable-security; urgency=high * Fix check of DSA_do_verify return value. stable/main/binary-alpha/lwresd_9.3.4-2etch4_alpha.deb stable/main/binary-alpha/libbind9-0_9.3.4-2etch4_alpha.deb stable/main/binary-alpha/libisccfg1_9.3.4-2etch4_alpha.deb stable/main/binary-alpha/libisccc0_9.3.4-2etch4_alpha.deb stable/main/binary-alpha/libisc11_9.3.4-2etch4_alpha.deb stable/main/binary-alpha/bind9_9.3.4-2etch4_alpha.deb stable/main/binary-alpha/liblwres9_9.3.4-2etch4_alpha.deb stable/main/binary-alpha/libdns22_9.3.4-2etch4_alpha.deb stable/main/binary-alpha/bind9-host_9.3.4-2etch4_alpha.deb stable/main/binary-alpha/libbind-dev_9.3.4-2etch4_alpha.deb stable/main/binary-alpha/dnsutils_9.3.4-2etch4_alpha.deb bind9 (1:9.3.4-2etch4) stable-security; urgency=high * Fix check of DSA_do_verify return value. stable/main/binary-all/bind9-doc_9.3.4-2etch4_all.deb stable/main/binary-amd64/libbind9-0_9.3.4-2etch4_amd64.deb stable/main/binary-amd64/bind9-host_9.3.4-2etch4_amd64.deb stable/main/binary-amd64/dnsutils_9.3.4-2etch4_amd64.deb stable/main/source/bind9_9.3.4-2etch4.diff.gz stable/main/binary-amd64/libdns22_9.3.4-2etch4_amd64.deb stable/main/binary-amd64/lwresd_9.3.4-2etch4_amd64.deb stable/main/binary-amd64/liblwres9_9.3.4-2etch4_amd64.deb stable/main/binary-amd64/libbind-dev_9.3.4-2etch4_amd64.deb stable/main/binary-amd64/libisc11_9.3.4-2etch4_amd64.deb stable/main/binary-amd64/bind9_9.3.4-2etch4_amd64.deb stable/main/binary-amd64/libisccc0_9.3.4-2etch4_amd64.deb stable/main/source/bind9_9.3.4-2etch4.dsc stable/main/binary-amd64/libisccfg1_9.3.4-2etch4_amd64.deb bind9 (1:9.3.4-2etch4) stable-security; urgency=high * Fix check of DSA_do_verify return value. stable/main/binary-sparc/libavahi-common3_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-glib-dev_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-client3_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-compat-libdnssd1_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/avahi-utils_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/avahi-daemon_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-compat-howl0_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-client-dev_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-qt3-dev_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-core4_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-glib1_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-compat-libdnssd-dev_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-common-data_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/avahi-dnsconfd_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-qt4-1_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-compat-howl-dev_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/avahi-autoipd_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-qt3-1_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-qt4-dev_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-core-dev_0.6.16-3etch2_sparc.deb stable/main/binary-sparc/libavahi-common-dev_0.6.16-3etch2_sparc.deb avahi (0.6.16-3etch2) stable-security; urgency=high * debian/patches/14_CVE-2008-5081.patch - Added. Don't abort on receiving an UDP packet with a source port of zero. Fixes CVE-2008-5081 (Closes: #508700) * debian/patches/15_CVE-2007-3372.patch - Added. Fix an assertion failure in the daemon when trying to register empty TXT records Fixes CVE-2007-3372 stable/main/binary-s390/libavahi-compat-libdnssd-dev_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-compat-libdnssd1_0.6.16-3etch2_s390.deb stable/main/binary-s390/avahi-autoipd_0.6.16-3etch2_s390.deb stable/main/binary-s390/avahi-daemon_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-glib-dev_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-core4_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-common3_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-client3_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-compat-howl-dev_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-qt3-1_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-compat-howl0_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-qt4-dev_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-common-dev_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-common-data_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-client-dev_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-glib1_0.6.16-3etch2_s390.deb stable/main/binary-s390/avahi-dnsconfd_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-core-dev_0.6.16-3etch2_s390.deb stable/main/binary-s390/avahi-utils_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-qt3-dev_0.6.16-3etch2_s390.deb stable/main/binary-s390/libavahi-qt4-1_0.6.16-3etch2_s390.deb avahi (0.6.16-3etch2) stable-security; urgency=high * debian/patches/14_CVE-2008-5081.patch - Added. Don't abort on receiving an UDP packet with a source port of zero. Fixes CVE-2008-5081 (Closes: #508700) * debian/patches/15_CVE-2007-3372.patch - Added. Fix an assertion failure in the daemon when trying to register empty TXT records Fixes CVE-2007-3372 stable/main/binary-powerpc/libavahi-compat-howl-dev_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-client-dev_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-glib-dev_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-common-dev_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/avahi-dnsconfd_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-qt4-dev_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-qt4-1_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-qt3-1_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-compat-libdnssd-dev_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-common-data_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-compat-libdnssd1_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-core4_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-core-dev_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-common3_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-qt3-dev_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/avahi-daemon_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-compat-howl0_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/avahi-autoipd_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/avahi-utils_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-glib1_0.6.16-3etch2_powerpc.deb stable/main/binary-powerpc/libavahi-client3_0.6.16-3etch2_powerpc.deb avahi (0.6.16-3etch2) stable-security; urgency=high * debian/patches/14_CVE-2008-5081.patch - Added. Don't abort on receiving an UDP packet with a source port of zero. Fixes CVE-2008-5081 (Closes: #508700) * debian/patches/15_CVE-2007-3372.patch - Added. Fix an assertion failure in the daemon when trying to register empty TXT records Fixes CVE-2007-3372 stable/main/binary-mipsel/libavahi-qt3-1_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-qt4-1_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-common-data_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-core-dev_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-compat-howl0_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/avahi-daemon_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-glib1_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-common3_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-compat-howl-dev_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/avahi-utils_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-core4_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/avahi-dnsconfd_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-client-dev_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-client3_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/avahi-autoipd_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-qt4-dev_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-glib-dev_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-compat-libdnssd-dev_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-common-dev_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-qt3-dev_0.6.16-3etch2_mipsel.deb stable/main/binary-mipsel/libavahi-compat-libdnssd1_0.6.16-3etch2_mipsel.deb avahi (0.6.16-3etch2) stable-security; urgency=high * debian/patches/14_CVE-2008-5081.patch - Added. Don't abort on receiving an UDP packet with a source port of zero. Fixes CVE-2008-5081 (Closes: #508700) * debian/patches/15_CVE-2007-3372.patch - Added. Fix an assertion failure in the daemon when trying to register empty TXT records Fixes CVE-2007-3372 stable/main/binary-mips/libavahi-common3_0.6.16-3etch2_mips.deb stable/main/binary-mips/avahi-daemon_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-qt3-1_0.6.16-3etch2_mips.deb stable/main/binary-mips/avahi-dnsconfd_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-qt3-dev_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-compat-howl-dev_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-common-data_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-glib-dev_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-client-dev_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-client3_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-glib1_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-core-dev_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-compat-libdnssd1_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-qt4-dev_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-common-dev_0.6.16-3etch2_mips.deb stable/main/binary-mips/avahi-autoipd_0.6.16-3etch2_mips.deb stable/main/binary-mips/avahi-utils_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-qt4-1_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-compat-libdnssd-dev_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-core4_0.6.16-3etch2_mips.deb stable/main/binary-mips/libavahi-compat-howl0_0.6.16-3etch2_mips.deb avahi (0.6.16-3etch2) stable-security; urgency=high * debian/patches/14_CVE-2008-5081.patch - Added. Don't abort on receiving an UDP packet with a source port of zero. Fixes CVE-2008-5081 (Closes: #508700) * debian/patches/15_CVE-2007-3372.patch - Added. Fix an assertion failure in the daemon when trying to register empty TXT records Fixes CVE-2007-3372 stable/main/binary-ia64/libavahi-compat-libdnssd-dev_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-qt3-dev_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/avahi-daemon_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-client-dev_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/avahi-dnsconfd_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-core4_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-glib1_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-compat-howl-dev_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-common3_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-compat-libdnssd1_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-common-dev_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-core-dev_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-qt4-dev_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-qt3-1_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-compat-howl0_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/avahi-autoipd_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-common-data_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/avahi-utils_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-qt4-1_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-client3_0.6.16-3etch2_ia64.deb stable/main/binary-ia64/libavahi-glib-dev_0.6.16-3etch2_ia64.deb avahi (0.6.16-3etch2) stable-security; urgency=high * debian/patches/14_CVE-2008-5081.patch - Added. Don't abort on receiving an UDP packet with a source port of zero. Fixes CVE-2008-5081 (Closes: #508700) * debian/patches/15_CVE-2007-3372.patch - Added. Fix an assertion failure in the daemon when trying to register empty TXT records Fixes CVE-2007-3372 stable/main/binary-i386/libavahi-qt3-1_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-common3_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-qt3-dev_0.6.16-3etch2_i386.deb stable/main/binary-i386/avahi-daemon_0.6.16-3etch2_i386.deb stable/main/binary-i386/avahi-dnsconfd_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-glib1_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-core-dev_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-qt4-dev_0.6.16-3etch2_i386.deb stable/main/binary-i386/avahi-autoipd_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-common-dev_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-compat-howl-dev_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-qt4-1_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-client-dev_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-glib-dev_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-client3_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-common-data_0.6.16-3etch2_i386.deb stable/main/binary-i386/avahi-utils_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-compat-libdnssd1_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-compat-howl0_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-core4_0.6.16-3etch2_i386.deb stable/main/binary-i386/libavahi-compat-libdnssd-dev_0.6.16-3etch2_i386.deb avahi (0.6.16-3etch2) stable-security; urgency=high * debian/patches/14_CVE-2008-5081.patch - Added. Don't abort on receiving an UDP packet with a source port of zero. Fixes CVE-2008-5081 (Closes: #508700) * debian/patches/15_CVE-2007-3372.patch - Added. Fix an assertion failure in the daemon when trying to register empty TXT records Fixes CVE-2007-3372 stable/main/binary-hppa/libavahi-glib1_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-compat-howl0_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-common-data_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-compat-libdnssd1_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-core-dev_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/avahi-daemon_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-qt3-dev_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/avahi-dnsconfd_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-qt3-1_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-core4_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-qt4-1_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-qt4-dev_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/avahi-utils_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-common-dev_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-common3_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-client3_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/avahi-autoipd_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-glib-dev_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-compat-libdnssd-dev_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-compat-howl-dev_0.6.16-3etch2_hppa.deb stable/main/binary-hppa/libavahi-client-dev_0.6.16-3etch2_hppa.deb avahi (0.6.16-3etch2) stable-security; urgency=high * debian/patches/14_CVE-2008-5081.patch - Added. Don't abort on receiving an UDP packet with a source port of zero. Fixes CVE-2008-5081 (Closes: #508700) * debian/patches/15_CVE-2007-3372.patch - Added. Fix an assertion failure in the daemon when trying to register empty TXT records Fixes CVE-2007-3372 stable/main/binary-arm/libavahi-qt3-dev_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-glib-dev_0.6.16-3etch2_arm.deb stable/main/binary-arm/avahi-dnsconfd_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-client3_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-common-dev_0.6.16-3etch2_arm.deb stable/main/binary-arm/avahi-utils_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-compat-libdnssd1_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-qt4-1_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-compat-howl-dev_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-compat-libdnssd-dev_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-compat-howl0_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-common3_0.6.16-3etch2_arm.deb stable/main/binary-arm/avahi-daemon_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-glib1_0.6.16-3etch2_arm.deb stable/main/binary-arm/avahi-autoipd_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-qt4-dev_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-common-data_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-core4_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-core-dev_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-client-dev_0.6.16-3etch2_arm.deb stable/main/binary-arm/libavahi-qt3-1_0.6.16-3etch2_arm.deb avahi (0.6.16-3etch2) stable-security; urgency=high * debian/patches/14_CVE-2008-5081.patch - Added. Don't abort on receiving an UDP packet with a source port of zero. Fixes CVE-2008-5081 (Closes: #508700) * debian/patches/15_CVE-2007-3372.patch - Added. Fix an assertion failure in the daemon when trying to register empty TXT records Fixes CVE-2007-3372 stable/main/binary-alpha/libavahi-common-data_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-qt3-1_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/avahi-dnsconfd_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-common3_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/avahi-daemon_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-client3_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-compat-libdnssd1_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-glib-dev_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-core4_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-compat-howl0_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/avahi-autoipd_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-core-dev_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-compat-libdnssd-dev_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/avahi-utils_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-glib1_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-client-dev_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-qt3-dev_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-qt4-dev_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-qt4-1_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-compat-howl-dev_0.6.16-3etch2_alpha.deb stable/main/binary-alpha/libavahi-common-dev_0.6.16-3etch2_alpha.deb avahi (0.6.16-3etch2) stable-security; urgency=high * debian/patches/14_CVE-2008-5081.patch - Added. Don't abort on receiving an UDP packet with a source port of zero. Fixes CVE-2008-5081 (Closes: #508700) * debian/patches/15_CVE-2007-3372.patch - Added. Fix an assertion failure in the daemon when trying to register empty TXT records Fixes CVE-2007-3372 stable/main/binary-amd64/libavahi-qt4-1_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-core-dev_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-compat-libdnssd1_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/avahi-daemon_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-client3_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-qt3-dev_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/avahi-utils_0.6.16-3etch2_amd64.deb stable/main/binary-all/python-avahi_0.6.16-3etch2_all.deb stable/main/binary-amd64/libavahi-qt4-dev_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-client-dev_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-compat-howl0_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-compat-libdnssd-dev_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-glib1_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-qt3-1_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-common3_0.6.16-3etch2_amd64.deb stable/main/source/avahi_0.6.16-3etch2.diff.gz stable/main/binary-amd64/avahi-autoipd_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-common-dev_0.6.16-3etch2_amd64.deb stable/main/binary-all/avahi-discover_0.6.16-3etch2_all.deb stable/main/source/avahi_0.6.16-3etch2.dsc stable/main/binary-amd64/avahi-dnsconfd_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-core4_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-glib-dev_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-common-data_0.6.16-3etch2_amd64.deb stable/main/binary-amd64/libavahi-compat-howl-dev_0.6.16-3etch2_amd64.deb avahi (0.6.16-3etch2) stable-security; urgency=high * debian/patches/14_CVE-2008-5081.patch - Added. Don't abort on receiving an UDP packet with a source port of zero. Fixes CVE-2008-5081 (Closes: #508700) * debian/patches/15_CVE-2007-3372.patch - Added. Fix an assertion failure in the daemon when trying to register empty TXT records Fixes CVE-2007-3372 stable/main/binary-sparc/amarok_1.4.4-4etch1_sparc.deb stable/main/binary-sparc/amarok-xine_1.4.4-4etch1_sparc.deb stable/main/binary-sparc/amarok-engines_1.4.4-4etch1_sparc.deb amarok (1.4.4-4etch1) stable-security; urgency=high * Add security_audible_tags.diff patch to fix integer overflow while reading audible aa file tags. stable/main/binary-s390/amarok-engines_1.4.4-4etch1_s390.deb stable/main/binary-s390/amarok_1.4.4-4etch1_s390.deb stable/main/binary-s390/amarok-xine_1.4.4-4etch1_s390.deb amarok (1.4.4-4etch1) stable-security; urgency=high * Add security_audible_tags.diff patch to fix integer overflow while reading audible aa file tags. stable/main/binary-powerpc/amarok_1.4.4-4etch1_powerpc.deb stable/main/binary-powerpc/amarok-xine_1.4.4-4etch1_powerpc.deb stable/main/binary-powerpc/amarok-engines_1.4.4-4etch1_powerpc.deb amarok (1.4.4-4etch1) stable-security; urgency=high * Add security_audible_tags.diff patch to fix integer overflow while reading audible aa file tags. stable/main/binary-mipsel/amarok-xine_1.4.4-4etch1_mipsel.deb stable/main/binary-mipsel/amarok-engines_1.4.4-4etch1_mipsel.deb stable/main/binary-mipsel/amarok_1.4.4-4etch1_mipsel.deb amarok (1.4.4-4etch1) stable-security; urgency=high * Add security_audible_tags.diff patch to fix integer overflow while reading audible aa file tags. stable/main/binary-mips/amarok-engines_1.4.4-4etch1_mips.deb stable/main/binary-mips/amarok_1.4.4-4etch1_mips.deb stable/main/binary-mips/amarok-xine_1.4.4-4etch1_mips.deb amarok (1.4.4-4etch1) stable-security; urgency=high * Add security_audible_tags.diff patch to fix integer overflow while reading audible aa file tags. stable/main/binary-ia64/amarok-engines_1.4.4-4etch1_ia64.deb stable/main/binary-ia64/amarok-xine_1.4.4-4etch1_ia64.deb stable/main/binary-ia64/amarok_1.4.4-4etch1_ia64.deb amarok (1.4.4-4etch1) stable-security; urgency=high * Add security_audible_tags.diff patch to fix integer overflow while reading audible aa file tags. stable/main/binary-hppa/amarok-engines_1.4.4-4etch1_hppa.deb stable/main/binary-hppa/amarok_1.4.4-4etch1_hppa.deb stable/main/binary-hppa/amarok-xine_1.4.4-4etch1_hppa.deb amarok (1.4.4-4etch1) stable-security; urgency=high * Add security_audible_tags.diff patch to fix integer overflow while reading audible aa file tags. stable/main/binary-arm/amarok-engines_1.4.4-4etch1_arm.deb stable/main/binary-arm/amarok_1.4.4-4etch1_arm.deb stable/main/binary-arm/amarok-xine_1.4.4-4etch1_arm.deb amarok (1.4.4-4etch1) stable-security; urgency=high * Add security_audible_tags.diff patch to fix integer overflow while reading audible aa file tags. stable/main/binary-amd64/amarok-engines_1.4.4-4etch1_amd64.deb stable/main/binary-amd64/amarok_1.4.4-4etch1_amd64.deb stable/main/binary-amd64/amarok-xine_1.4.4-4etch1_amd64.deb amarok (1.4.4-4etch1) stable-security; urgency=high * Add security_audible_tags.diff patch to fix integer overflow while reading audible aa file tags. stable/main/binary-alpha/amarok-engines_1.4.4-4etch1_alpha.deb stable/main/binary-alpha/amarok_1.4.4-4etch1_alpha.deb stable/main/binary-alpha/amarok-xine_1.4.4-4etch1_alpha.deb amarok (1.4.4-4etch1) stable-security; urgency=high * Add security_audible_tags.diff patch to fix integer overflow while reading audible aa file tags. stable/main/binary-i386/amarok_1.4.4-4etch1_i386.deb stable/main/binary-i386/amarok-xine_1.4.4-4etch1_i386.deb stable/main/source/amarok_1.4.4-4etch1.dsc stable/main/source/amarok_1.4.4-4etch1.diff.gz stable/main/binary-i386/amarok-engines_1.4.4-4etch1_i386.deb amarok (1.4.4-4etch1) stable-security; urgency=high * Add security_audible_tags.diff patch to fix integer overflow while reading audible aa file tags. ========================================= Wed, 17 Dec 2008 - Debian 4.0r6 released ========================================= ======================================================================== [Date: Wed, 17 Dec 2008 21:11:19 +0000] [ftpmaster: Joerg Jaspert] Removed the following packages from stable: fp-compiler | 2.0.0-4 | amd64, i386, powerpc, sparc fp-docs | 2.0.0-4 | all fp-ide | 2.0.0-4 | amd64, i386, powerpc, sparc fp-units-base | 2.0.0-4 | amd64, i386, powerpc, sparc fp-units-db | 2.0.0-4 | amd64, i386, powerpc, sparc fp-units-fcl | 2.0.0-4 | amd64, i386, powerpc, sparc fp-units-fv | 2.0.0-4 | amd64, i386, powerpc, sparc fp-units-gfx | 2.0.0-4 | amd64, i386, powerpc, sparc fp-units-gnome1 | 2.0.0-4 | amd64, i386, powerpc, sparc fp-units-gtk | 2.0.0-4 | amd64, i386, powerpc, sparc fp-units-gtk2 | 2.0.0-4 | amd64, i386, powerpc, sparc fp-units-misc | 2.0.0-4 | amd64, i386, powerpc, sparc fp-units-net | 2.0.0-4 | amd64, i386, powerpc, sparc fp-units-rtl | 2.0.0-4 | amd64, i386, powerpc, sparc fp-utils | 2.0.0-4 | amd64, i386, powerpc, sparc fpc | 2.0.0-4 | source gearhead | 1.010-1 | source, amd64, i386, powerpc, sparc gearhead-data | 1.010-1 | all imapcopy | 1.01+20060420-1 | source, amd64, i386, powerpc, sparc Closed bugs: 506977 ------------------- Reason ------------------- RoST; copyright infringement in pre 2.2.2 sources ---------------------------------------------- ========================================================================= [Date: Wed, 17 Dec 2008 21:14:49 +0000] [ftpmaster: Joerg Jaspert] Removed the following packages from stable: astrolog | 5.40-3 | source, alpha, i386 Closed bugs: 507239 ------------------- Reason ------------------- RoST; RoQA; orphaned long time, non-free, contains potentially undistributable code ---------------------------------------------- ========================================================================= ========================================================================= [Date: Wed, 17 Dec 2008 21:15:21 +0000] [ftpmaster: Joerg Jaspert] Removed the following packages from stable: youtube-dl | 2006.11.12-1 | source, all Closed bugs: 439363 ------------------- Reason ------------------- RoST; RoQA; broken ---------------------------------------------- ========================================================================= ======================================================================== stable/main/binary-sparc/libnss3-0d_1.8.0.15~pre080614h-0etch1_sparc.deb stable/main/binary-sparc/libmozjs0d-dbg_1.8.0.15~pre080614h-0etch1_sparc.deb stable/main/binary-sparc/xulrunner-gnome-support_1.8.0.15~pre080614h-0etch1_sparc.deb stable/main/binary-sparc/spidermonkey-bin_1.8.0.15~pre080614h-0etch1_sparc.deb stable/main/binary-sparc/libnss3-tools_1.8.0.15~pre080614h-0etch1_sparc.deb stable/main/binary-sparc/libnspr4-0d-dbg_1.8.0.15~pre080614h-0etch1_sparc.deb stable/main/binary-sparc/libxul0d_1.8.0.15~pre080614h-0etch1_sparc.deb stable/main/binary-sparc/libmozjs0d_1.8.0.15~pre080614h-0etch1_sparc.deb stable/main/binary-sparc/libnss3-0d-dbg_1.8.0.15~pre080614h-0etch1_sparc.deb stable/main/binary-sparc/libnspr4-0d_1.8.0.15~pre080614h-0etch1_sparc.deb stable/main/binary-sparc/python-xpcom_1.8.0.15~pre080614h-0etch1_sparc.deb stable/main/binary-sparc/libxul0d-dbg_1.8.0.15~pre080614h-0etch1_sparc.deb stable/main/binary-sparc/xulrunner_1.8.0.15~pre080614h-0etch1_sparc.deb xulrunner (1.8.0.15~pre080614h-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.17 + 2.0.0.18) * Upstream advisories (v2.0.0.17): MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag MFSA 2008-41 aka CVE-2008-4058 - XPCnativeWrapper pollution MFSA 2008-41 aka CVE-2008-4059 - XPCnativeWrapper pollution (Firefox 2) MFSA 2008-41 aka CVE-2008-4060 - Documents without script handling objects MFSA 2008-42 aka CVE-2008-4061 - Crashes with evidence of corruption; layout (rv:1.8.1.17) MFSA 2008-42 aka CVE-2008-4062 - Crashes with evidence of corruption; javascript (rv:1.8.1.17) MFSA 2008-43 aka CVE-2008-4065 - Stripped BOM characters MFSA 2008-43 aka CVE-2008-4066 - HTML escaped low surrogates bug MFSA 2008-44 aka CVE-2008-4067 - resource: traversal vulnerabilities (a) MFSA 2008-44 aka CVE-2008-4068 - resource: traversal vulnerabilities (b) MFSA 2008-45 aka CVE-2008-4069 - XBM image uninitialized memory reading * Upstream advisories (v2.0.0.18): MFSA 2008-47 aka CVE-2008-4582 - Information stealing via local shortcut files MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering MFSA 2008-52 aka CVE-2008-5017 - browser engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-52 aka CVE-2008-5018 - javascript engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation MFSA 2008-57 aka CVE-2008-5023 - -moz-binding property bypasses security checks on codebase principals MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace stable/main/binary-s390/libmozjs0d_1.8.0.15~pre080614h-0etch1_s390.deb stable/main/binary-s390/xulrunner_1.8.0.15~pre080614h-0etch1_s390.deb stable/main/binary-s390/python-xpcom_1.8.0.15~pre080614h-0etch1_s390.deb stable/main/binary-s390/libnss3-tools_1.8.0.15~pre080614h-0etch1_s390.deb stable/main/binary-s390/libxul0d_1.8.0.15~pre080614h-0etch1_s390.deb stable/main/binary-s390/libnss3-0d-dbg_1.8.0.15~pre080614h-0etch1_s390.deb stable/main/binary-s390/spidermonkey-bin_1.8.0.15~pre080614h-0etch1_s390.deb stable/main/binary-s390/libmozjs0d-dbg_1.8.0.15~pre080614h-0etch1_s390.deb stable/main/binary-s390/xulrunner-gnome-support_1.8.0.15~pre080614h-0etch1_s390.deb stable/main/binary-s390/libnspr4-0d-dbg_1.8.0.15~pre080614h-0etch1_s390.deb stable/main/binary-s390/libnss3-0d_1.8.0.15~pre080614h-0etch1_s390.deb stable/main/binary-s390/libnspr4-0d_1.8.0.15~pre080614h-0etch1_s390.deb stable/main/binary-s390/libxul0d-dbg_1.8.0.15~pre080614h-0etch1_s390.deb xulrunner (1.8.0.15~pre080614h-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.17 + 2.0.0.18) * Upstream advisories (v2.0.0.17): MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag MFSA 2008-41 aka CVE-2008-4058 - XPCnativeWrapper pollution MFSA 2008-41 aka CVE-2008-4059 - XPCnativeWrapper pollution (Firefox 2) MFSA 2008-41 aka CVE-2008-4060 - Documents without script handling objects MFSA 2008-42 aka CVE-2008-4061 - Crashes with evidence of corruption; layout (rv:1.8.1.17) MFSA 2008-42 aka CVE-2008-4062 - Crashes with evidence of corruption; javascript (rv:1.8.1.17) MFSA 2008-43 aka CVE-2008-4065 - Stripped BOM characters MFSA 2008-43 aka CVE-2008-4066 - HTML escaped low surrogates bug MFSA 2008-44 aka CVE-2008-4067 - resource: traversal vulnerabilities (a) MFSA 2008-44 aka CVE-2008-4068 - resource: traversal vulnerabilities (b) MFSA 2008-45 aka CVE-2008-4069 - XBM image uninitialized memory reading * Upstream advisories (v2.0.0.18): MFSA 2008-47 aka CVE-2008-4582 - Information stealing via local shortcut files MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering MFSA 2008-52 aka CVE-2008-5017 - browser engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-52 aka CVE-2008-5018 - javascript engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation MFSA 2008-57 aka CVE-2008-5023 - -moz-binding property bypasses security checks on codebase principals MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace stable/main/binary-powerpc/python-xpcom_1.8.0.15~pre080614h-0etch1_powerpc.deb stable/main/binary-powerpc/libnss3-0d_1.8.0.15~pre080614h-0etch1_powerpc.deb stable/main/binary-powerpc/libxul0d-dbg_1.8.0.15~pre080614h-0etch1_powerpc.deb stable/main/binary-powerpc/libnss3-0d-dbg_1.8.0.15~pre080614h-0etch1_powerpc.deb stable/main/binary-powerpc/spidermonkey-bin_1.8.0.15~pre080614h-0etch1_powerpc.deb stable/main/binary-powerpc/libnspr4-0d_1.8.0.15~pre080614h-0etch1_powerpc.deb stable/main/binary-powerpc/xulrunner_1.8.0.15~pre080614h-0etch1_powerpc.deb stable/main/binary-powerpc/libmozjs0d_1.8.0.15~pre080614h-0etch1_powerpc.deb stable/main/binary-powerpc/libmozjs0d-dbg_1.8.0.15~pre080614h-0etch1_powerpc.deb stable/main/binary-powerpc/libnss3-tools_1.8.0.15~pre080614h-0etch1_powerpc.deb stable/main/binary-powerpc/xulrunner-gnome-support_1.8.0.15~pre080614h-0etch1_powerpc.deb stable/main/binary-powerpc/libxul0d_1.8.0.15~pre080614h-0etch1_powerpc.deb stable/main/binary-powerpc/libnspr4-0d-dbg_1.8.0.15~pre080614h-0etch1_powerpc.deb xulrunner (1.8.0.15~pre080614h-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.17 + 2.0.0.18) * Upstream advisories (v2.0.0.17): MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag MFSA 2008-41 aka CVE-2008-4058 - XPCnativeWrapper pollution MFSA 2008-41 aka CVE-2008-4059 - XPCnativeWrapper pollution (Firefox 2) MFSA 2008-41 aka CVE-2008-4060 - Documents without script handling objects MFSA 2008-42 aka CVE-2008-4061 - Crashes with evidence of corruption; layout (rv:1.8.1.17) MFSA 2008-42 aka CVE-2008-4062 - Crashes with evidence of corruption; javascript (rv:1.8.1.17) MFSA 2008-43 aka CVE-2008-4065 - Stripped BOM characters MFSA 2008-43 aka CVE-2008-4066 - HTML escaped low surrogates bug MFSA 2008-44 aka CVE-2008-4067 - resource: traversal vulnerabilities (a) MFSA 2008-44 aka CVE-2008-4068 - resource: traversal vulnerabilities (b) MFSA 2008-45 aka CVE-2008-4069 - XBM image uninitialized memory reading * Upstream advisories (v2.0.0.18): MFSA 2008-47 aka CVE-2008-4582 - Information stealing via local shortcut files MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering MFSA 2008-52 aka CVE-2008-5017 - browser engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-52 aka CVE-2008-5018 - javascript engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation MFSA 2008-57 aka CVE-2008-5023 - -moz-binding property bypasses security checks on codebase principals MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace stable/main/binary-mipsel/xulrunner_1.8.0.15~pre080614h-0etch1_mipsel.deb stable/main/binary-mipsel/xulrunner-gnome-support_1.8.0.15~pre080614h-0etch1_mipsel.deb stable/main/binary-mipsel/libnss3-0d_1.8.0.15~pre080614h-0etch1_mipsel.deb stable/main/binary-mipsel/libmozjs0d_1.8.0.15~pre080614h-0etch1_mipsel.deb stable/main/binary-mipsel/libnss3-0d-dbg_1.8.0.15~pre080614h-0etch1_mipsel.deb stable/main/binary-mipsel/spidermonkey-bin_1.8.0.15~pre080614h-0etch1_mipsel.deb stable/main/binary-mipsel/python-xpcom_1.8.0.15~pre080614h-0etch1_mipsel.deb stable/main/binary-mipsel/libxul0d_1.8.0.15~pre080614h-0etch1_mipsel.deb stable/main/binary-mipsel/libnss3-tools_1.8.0.15~pre080614h-0etch1_mipsel.deb stable/main/binary-mipsel/libnspr4-0d-dbg_1.8.0.15~pre080614h-0etch1_mipsel.deb stable/main/binary-mipsel/libxul0d-dbg_1.8.0.15~pre080614h-0etch1_mipsel.deb stable/main/binary-mipsel/libmozjs0d-dbg_1.8.0.15~pre080614h-0etch1_mipsel.deb stable/main/binary-mipsel/libnspr4-0d_1.8.0.15~pre080614h-0etch1_mipsel.deb xulrunner (1.8.0.15~pre080614h-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.17 + 2.0.0.18) * Upstream advisories (v2.0.0.17): MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag MFSA 2008-41 aka CVE-2008-4058 - XPCnativeWrapper pollution MFSA 2008-41 aka CVE-2008-4059 - XPCnativeWrapper pollution (Firefox 2) MFSA 2008-41 aka CVE-2008-4060 - Documents without script handling objects MFSA 2008-42 aka CVE-2008-4061 - Crashes with evidence of corruption; layout (rv:1.8.1.17) MFSA 2008-42 aka CVE-2008-4062 - Crashes with evidence of corruption; javascript (rv:1.8.1.17) MFSA 2008-43 aka CVE-2008-4065 - Stripped BOM characters MFSA 2008-43 aka CVE-2008-4066 - HTML escaped low surrogates bug MFSA 2008-44 aka CVE-2008-4067 - resource: traversal vulnerabilities (a) MFSA 2008-44 aka CVE-2008-4068 - resource: traversal vulnerabilities (b) MFSA 2008-45 aka CVE-2008-4069 - XBM image uninitialized memory reading * Upstream advisories (v2.0.0.18): MFSA 2008-47 aka CVE-2008-4582 - Information stealing via local shortcut files MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering MFSA 2008-52 aka CVE-2008-5017 - browser engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-52 aka CVE-2008-5018 - javascript engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation MFSA 2008-57 aka CVE-2008-5023 - -moz-binding property bypasses security checks on codebase principals MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace stable/main/binary-mips/libnspr4-0d_1.8.0.15~pre080614h-0etch1_mips.deb stable/main/binary-mips/xulrunner-gnome-support_1.8.0.15~pre080614h-0etch1_mips.deb stable/main/binary-mips/python-xpcom_1.8.0.15~pre080614h-0etch1_mips.deb stable/main/binary-mips/libmozjs0d_1.8.0.15~pre080614h-0etch1_mips.deb stable/main/binary-mips/xulrunner_1.8.0.15~pre080614h-0etch1_mips.deb stable/main/binary-mips/libnspr4-0d-dbg_1.8.0.15~pre080614h-0etch1_mips.deb stable/main/binary-mips/libxul0d_1.8.0.15~pre080614h-0etch1_mips.deb stable/main/binary-mips/libxul0d-dbg_1.8.0.15~pre080614h-0etch1_mips.deb stable/main/binary-mips/libnss3-tools_1.8.0.15~pre080614h-0etch1_mips.deb stable/main/binary-mips/libmozjs0d-dbg_1.8.0.15~pre080614h-0etch1_mips.deb stable/main/binary-mips/libnss3-0d-dbg_1.8.0.15~pre080614h-0etch1_mips.deb stable/main/binary-mips/libnss3-0d_1.8.0.15~pre080614h-0etch1_mips.deb stable/main/binary-mips/spidermonkey-bin_1.8.0.15~pre080614h-0etch1_mips.deb xulrunner (1.8.0.15~pre080614h-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.17 + 2.0.0.18) * Upstream advisories (v2.0.0.17): MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag MFSA 2008-41 aka CVE-2008-4058 - XPCnativeWrapper pollution MFSA 2008-41 aka CVE-2008-4059 - XPCnativeWrapper pollution (Firefox 2) MFSA 2008-41 aka CVE-2008-4060 - Documents without script handling objects MFSA 2008-42 aka CVE-2008-4061 - Crashes with evidence of corruption; layout (rv:1.8.1.17) MFSA 2008-42 aka CVE-2008-4062 - Crashes with evidence of corruption; javascript (rv:1.8.1.17) MFSA 2008-43 aka CVE-2008-4065 - Stripped BOM characters MFSA 2008-43 aka CVE-2008-4066 - HTML escaped low surrogates bug MFSA 2008-44 aka CVE-2008-4067 - resource: traversal vulnerabilities (a) MFSA 2008-44 aka CVE-2008-4068 - resource: traversal vulnerabilities (b) MFSA 2008-45 aka CVE-2008-4069 - XBM image uninitialized memory reading * Upstream advisories (v2.0.0.18): MFSA 2008-47 aka CVE-2008-4582 - Information stealing via local shortcut files MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering MFSA 2008-52 aka CVE-2008-5017 - browser engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-52 aka CVE-2008-5018 - javascript engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation MFSA 2008-57 aka CVE-2008-5023 - -moz-binding property bypasses security checks on codebase principals MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace stable/main/binary-ia64/python-xpcom_1.8.0.15~pre080614h-0etch1_ia64.deb stable/main/binary-ia64/libnspr4-0d-dbg_1.8.0.15~pre080614h-0etch1_ia64.deb stable/main/binary-ia64/libmozjs0d_1.8.0.15~pre080614h-0etch1_ia64.deb stable/main/binary-ia64/xulrunner_1.8.0.15~pre080614h-0etch1_ia64.deb stable/main/binary-ia64/libxul0d_1.8.0.15~pre080614h-0etch1_ia64.deb stable/main/binary-ia64/libmozjs0d-dbg_1.8.0.15~pre080614h-0etch1_ia64.deb stable/main/binary-ia64/libxul0d-dbg_1.8.0.15~pre080614h-0etch1_ia64.deb stable/main/binary-ia64/libnss3-0d_1.8.0.15~pre080614h-0etch1_ia64.deb stable/main/binary-ia64/xulrunner-gnome-support_1.8.0.15~pre080614h-0etch1_ia64.deb stable/main/binary-ia64/spidermonkey-bin_1.8.0.15~pre080614h-0etch1_ia64.deb stable/main/binary-ia64/libnss3-0d-dbg_1.8.0.15~pre080614h-0etch1_ia64.deb stable/main/binary-ia64/libnspr4-0d_1.8.0.15~pre080614h-0etch1_ia64.deb stable/main/binary-ia64/libnss3-tools_1.8.0.15~pre080614h-0etch1_ia64.deb xulrunner (1.8.0.15~pre080614h-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.17 + 2.0.0.18) * Upstream advisories (v2.0.0.17): MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag MFSA 2008-41 aka CVE-2008-4058 - XPCnativeWrapper pollution MFSA 2008-41 aka CVE-2008-4059 - XPCnativeWrapper pollution (Firefox 2) MFSA 2008-41 aka CVE-2008-4060 - Documents without script handling objects MFSA 2008-42 aka CVE-2008-4061 - Crashes with evidence of corruption; layout (rv:1.8.1.17) MFSA 2008-42 aka CVE-2008-4062 - Crashes with evidence of corruption; javascript (rv:1.8.1.17) MFSA 2008-43 aka CVE-2008-4065 - Stripped BOM characters MFSA 2008-43 aka CVE-2008-4066 - HTML escaped low surrogates bug MFSA 2008-44 aka CVE-2008-4067 - resource: traversal vulnerabilities (a) MFSA 2008-44 aka CVE-2008-4068 - resource: traversal vulnerabilities (b) MFSA 2008-45 aka CVE-2008-4069 - XBM image uninitialized memory reading * Upstream advisories (v2.0.0.18): MFSA 2008-47 aka CVE-2008-4582 - Information stealing via local shortcut files MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering MFSA 2008-52 aka CVE-2008-5017 - browser engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-52 aka CVE-2008-5018 - javascript engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation MFSA 2008-57 aka CVE-2008-5023 - -moz-binding property bypasses security checks on codebase principals MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace stable/main/binary-i386/libnspr4-0d_1.8.0.15~pre080614h-0etch1_i386.deb stable/main/binary-i386/xulrunner-gnome-support_1.8.0.15~pre080614h-0etch1_i386.deb stable/main/binary-i386/libxul0d-dbg_1.8.0.15~pre080614h-0etch1_i386.deb stable/main/binary-i386/libmozjs0d-dbg_1.8.0.15~pre080614h-0etch1_i386.deb stable/main/binary-i386/libnspr4-0d-dbg_1.8.0.15~pre080614h-0etch1_i386.deb stable/main/binary-i386/libxul0d_1.8.0.15~pre080614h-0etch1_i386.deb stable/main/binary-i386/libnss3-0d-dbg_1.8.0.15~pre080614h-0etch1_i386.deb stable/main/binary-i386/libmozjs0d_1.8.0.15~pre080614h-0etch1_i386.deb stable/main/binary-i386/spidermonkey-bin_1.8.0.15~pre080614h-0etch1_i386.deb stable/main/binary-i386/libnss3-0d_1.8.0.15~pre080614h-0etch1_i386.deb stable/main/binary-i386/python-xpcom_1.8.0.15~pre080614h-0etch1_i386.deb stable/main/binary-i386/xulrunner_1.8.0.15~pre080614h-0etch1_i386.deb stable/main/binary-i386/libnss3-tools_1.8.0.15~pre080614h-0etch1_i386.deb xulrunner (1.8.0.15~pre080614h-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.17 + 2.0.0.18) * Upstream advisories (v2.0.0.17): MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag MFSA 2008-41 aka CVE-2008-4058 - XPCnativeWrapper pollution MFSA 2008-41 aka CVE-2008-4059 - XPCnativeWrapper pollution (Firefox 2) MFSA 2008-41 aka CVE-2008-4060 - Documents without script handling objects MFSA 2008-42 aka CVE-2008-4061 - Crashes with evidence of corruption; layout (rv:1.8.1.17) MFSA 2008-42 aka CVE-2008-4062 - Crashes with evidence of corruption; javascript (rv:1.8.1.17) MFSA 2008-43 aka CVE-2008-4065 - Stripped BOM characters MFSA 2008-43 aka CVE-2008-4066 - HTML escaped low surrogates bug MFSA 2008-44 aka CVE-2008-4067 - resource: traversal vulnerabilities (a) MFSA 2008-44 aka CVE-2008-4068 - resource: traversal vulnerabilities (b) MFSA 2008-45 aka CVE-2008-4069 - XBM image uninitialized memory reading * Upstream advisories (v2.0.0.18): MFSA 2008-47 aka CVE-2008-4582 - Information stealing via local shortcut files MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering MFSA 2008-52 aka CVE-2008-5017 - browser engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-52 aka CVE-2008-5018 - javascript engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation MFSA 2008-57 aka CVE-2008-5023 - -moz-binding property bypasses security checks on codebase principals MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace stable/main/binary-hppa/libnspr4-0d-dbg_1.8.0.15~pre080614h-0etch1_hppa.deb stable/main/binary-hppa/libnss3-tools_1.8.0.15~pre080614h-0etch1_hppa.deb stable/main/binary-hppa/libxul0d-dbg_1.8.0.15~pre080614h-0etch1_hppa.deb stable/main/binary-hppa/libnspr4-0d_1.8.0.15~pre080614h-0etch1_hppa.deb stable/main/binary-hppa/libmozjs0d_1.8.0.15~pre080614h-0etch1_hppa.deb stable/main/binary-hppa/spidermonkey-bin_1.8.0.15~pre080614h-0etch1_hppa.deb stable/main/binary-hppa/libxul0d_1.8.0.15~pre080614h-0etch1_hppa.deb stable/main/binary-hppa/python-xpcom_1.8.0.15~pre080614h-0etch1_hppa.deb stable/main/binary-hppa/libmozjs0d-dbg_1.8.0.15~pre080614h-0etch1_hppa.deb stable/main/binary-hppa/xulrunner_1.8.0.15~pre080614h-0etch1_hppa.deb stable/main/binary-hppa/libnss3-0d-dbg_1.8.0.15~pre080614h-0etch1_hppa.deb stable/main/binary-hppa/xulrunner-gnome-support_1.8.0.15~pre080614h-0etch1_hppa.deb stable/main/binary-hppa/libnss3-0d_1.8.0.15~pre080614h-0etch1_hppa.deb xulrunner (1.8.0.15~pre080614h-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.17 + 2.0.0.18) * Upstream advisories (v2.0.0.17): MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag MFSA 2008-41 aka CVE-2008-4058 - XPCnativeWrapper pollution MFSA 2008-41 aka CVE-2008-4059 - XPCnativeWrapper pollution (Firefox 2) MFSA 2008-41 aka CVE-2008-4060 - Documents without script handling objects MFSA 2008-42 aka CVE-2008-4061 - Crashes with evidence of corruption; layout (rv:1.8.1.17) MFSA 2008-42 aka CVE-2008-4062 - Crashes with evidence of corruption; javascript (rv:1.8.1.17) MFSA 2008-43 aka CVE-2008-4065 - Stripped BOM characters MFSA 2008-43 aka CVE-2008-4066 - HTML escaped low surrogates bug MFSA 2008-44 aka CVE-2008-4067 - resource: traversal vulnerabilities (a) MFSA 2008-44 aka CVE-2008-4068 - resource: traversal vulnerabilities (b) MFSA 2008-45 aka CVE-2008-4069 - XBM image uninitialized memory reading * Upstream advisories (v2.0.0.18): MFSA 2008-47 aka CVE-2008-4582 - Information stealing via local shortcut files MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering MFSA 2008-52 aka CVE-2008-5017 - browser engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-52 aka CVE-2008-5018 - javascript engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation MFSA 2008-57 aka CVE-2008-5023 - -moz-binding property bypasses security checks on codebase principals MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace stable/main/binary-arm/spidermonkey-bin_1.8.0.15~pre080614h-0etch1_arm.deb stable/main/binary-arm/libnss3-0d_1.8.0.15~pre080614h-0etch1_arm.deb stable/main/binary-arm/libxul0d-dbg_1.8.0.15~pre080614h-0etch1_arm.deb stable/main/binary-arm/libxul0d_1.8.0.15~pre080614h-0etch1_arm.deb stable/main/binary-arm/libnspr4-0d-dbg_1.8.0.15~pre080614h-0etch1_arm.deb stable/main/binary-arm/xulrunner-gnome-support_1.8.0.15~pre080614h-0etch1_arm.deb stable/main/binary-arm/libnss3-tools_1.8.0.15~pre080614h-0etch1_arm.deb stable/main/binary-arm/libnss3-0d-dbg_1.8.0.15~pre080614h-0etch1_arm.deb stable/main/binary-arm/python-xpcom_1.8.0.15~pre080614h-0etch1_arm.deb stable/main/binary-arm/libnspr4-0d_1.8.0.15~pre080614h-0etch1_arm.deb stable/main/binary-arm/libmozjs0d_1.8.0.15~pre080614h-0etch1_arm.deb stable/main/binary-arm/xulrunner_1.8.0.15~pre080614h-0etch1_arm.deb stable/main/binary-arm/libmozjs0d-dbg_1.8.0.15~pre080614h-0etch1_arm.deb xulrunner (1.8.0.15~pre080614h-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.17 + 2.0.0.18) * Upstream advisories (v2.0.0.17): MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag MFSA 2008-41 aka CVE-2008-4058 - XPCnativeWrapper pollution MFSA 2008-41 aka CVE-2008-4059 - XPCnativeWrapper pollution (Firefox 2) MFSA 2008-41 aka CVE-2008-4060 - Documents without script handling objects MFSA 2008-42 aka CVE-2008-4061 - Crashes with evidence of corruption; layout (rv:1.8.1.17) MFSA 2008-42 aka CVE-2008-4062 - Crashes with evidence of corruption; javascript (rv:1.8.1.17) MFSA 2008-43 aka CVE-2008-4065 - Stripped BOM characters MFSA 2008-43 aka CVE-2008-4066 - HTML escaped low surrogates bug MFSA 2008-44 aka CVE-2008-4067 - resource: traversal vulnerabilities (a) MFSA 2008-44 aka CVE-2008-4068 - resource: traversal vulnerabilities (b) MFSA 2008-45 aka CVE-2008-4069 - XBM image uninitialized memory reading * Upstream advisories (v2.0.0.18): MFSA 2008-47 aka CVE-2008-4582 - Information stealing via local shortcut files MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering MFSA 2008-52 aka CVE-2008-5017 - browser engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-52 aka CVE-2008-5018 - javascript engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation MFSA 2008-57 aka CVE-2008-5023 - -moz-binding property bypasses security checks on codebase principals MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace stable/main/binary-alpha/xulrunner_1.8.0.15~pre080614h-0etch1_alpha.deb stable/main/binary-alpha/libmozjs0d_1.8.0.15~pre080614h-0etch1_alpha.deb stable/main/binary-alpha/libxul0d_1.8.0.15~pre080614h-0etch1_alpha.deb stable/main/binary-alpha/libmozjs0d-dbg_1.8.0.15~pre080614h-0etch1_alpha.deb stable/main/binary-alpha/libnss3-tools_1.8.0.15~pre080614h-0etch1_alpha.deb stable/main/binary-alpha/libnss3-0d-dbg_1.8.0.15~pre080614h-0etch1_alpha.deb stable/main/binary-alpha/spidermonkey-bin_1.8.0.15~pre080614h-0etch1_alpha.deb stable/main/binary-alpha/xulrunner-gnome-support_1.8.0.15~pre080614h-0etch1_alpha.deb stable/main/binary-alpha/libnspr4-0d-dbg_1.8.0.15~pre080614h-0etch1_alpha.deb stable/main/binary-alpha/libnspr4-0d_1.8.0.15~pre080614h-0etch1_alpha.deb stable/main/binary-alpha/python-xpcom_1.8.0.15~pre080614h-0etch1_alpha.deb stable/main/binary-alpha/libnss3-0d_1.8.0.15~pre080614h-0etch1_alpha.deb stable/main/binary-alpha/libxul0d-dbg_1.8.0.15~pre080614h-0etch1_alpha.deb xulrunner (1.8.0.15~pre080614h-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.17 + 2.0.0.18) * Upstream advisories (v2.0.0.17): MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag MFSA 2008-41 aka CVE-2008-4058 - XPCnativeWrapper pollution MFSA 2008-41 aka CVE-2008-4059 - XPCnativeWrapper pollution (Firefox 2) MFSA 2008-41 aka CVE-2008-4060 - Documents without script handling objects MFSA 2008-42 aka CVE-2008-4061 - Crashes with evidence of corruption; layout (rv:1.8.1.17) MFSA 2008-42 aka CVE-2008-4062 - Crashes with evidence of corruption; javascript (rv:1.8.1.17) MFSA 2008-43 aka CVE-2008-4065 - Stripped BOM characters MFSA 2008-43 aka CVE-2008-4066 - HTML escaped low surrogates bug MFSA 2008-44 aka CVE-2008-4067 - resource: traversal vulnerabilities (a) MFSA 2008-44 aka CVE-2008-4068 - resource: traversal vulnerabilities (b) MFSA 2008-45 aka CVE-2008-4069 - XBM image uninitialized memory reading * Upstream advisories (v2.0.0.18): MFSA 2008-47 aka CVE-2008-4582 - Information stealing via local shortcut files MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering MFSA 2008-52 aka CVE-2008-5017 - browser engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-52 aka CVE-2008-5018 - javascript engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation MFSA 2008-57 aka CVE-2008-5023 - -moz-binding property bypasses security checks on codebase principals MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace stable/main/binary-amd64/libnss3-0d-dbg_1.8.0.15~pre080614h-0etch1_amd64.deb stable/main/binary-amd64/libnspr4-0d_1.8.0.15~pre080614h-0etch1_amd64.deb stable/main/binary-amd64/libnss3-0d_1.8.0.15~pre080614h-0etch1_amd64.deb stable/main/binary-all/libsmjs-dev_1.8.0.15~pre080614h-0etch1_all.deb stable/main/binary-amd64/xulrunner-gnome-support_1.8.0.15~pre080614h-0etch1_amd64.deb stable/main/binary-amd64/libmozjs0d-dbg_1.8.0.15~pre080614h-0etch1_amd64.deb stable/main/source/xulrunner_1.8.0.15~pre080614h-0etch1.diff.gz stable/main/binary-amd64/xulrunner_1.8.0.15~pre080614h-0etch1_amd64.deb stable/main/source/xulrunner_1.8.0.15~pre080614h.orig.tar.gz stable/main/binary-amd64/libxul0d_1.8.0.15~pre080614h-0etch1_amd64.deb stable/main/binary-amd64/libnss3-tools_1.8.0.15~pre080614h-0etch1_amd64.deb stable/main/binary-amd64/libxul0d-dbg_1.8.0.15~pre080614h-0etch1_amd64.deb stable/main/binary-all/libnspr4-dev_1.8.0.15~pre080614h-0etch1_all.deb stable/main/binary-amd64/libnspr4-0d-dbg_1.8.0.15~pre080614h-0etch1_amd64.deb stable/main/binary-all/libnss3-dev_1.8.0.15~pre080614h-0etch1_all.deb stable/main/binary-all/libxul-common_1.8.0.15~pre080614h-0etch1_all.deb stable/main/binary-all/libsmjs1_1.8.0.15~pre080614h-0etch1_all.deb stable/main/binary-all/libxul-dev_1.8.0.15~pre080614h-0etch1_all.deb stable/main/binary-amd64/spidermonkey-bin_1.8.0.15~pre080614h-0etch1_amd64.deb stable/main/binary-all/libmozjs-dev_1.8.0.15~pre080614h-0etch1_all.deb stable/main/binary-all/libmozillainterfaces-java_1.8.0.15~pre080614h-0etch1_all.deb stable/main/binary-amd64/libmozjs0d_1.8.0.15~pre080614h-0etch1_amd64.deb stable/main/source/xulrunner_1.8.0.15~pre080614h-0etch1.dsc stable/main/binary-amd64/python-xpcom_1.8.0.15~pre080614h-0etch1_amd64.deb xulrunner (1.8.0.15~pre080614h-0etch1) stable-security; urgency=low [ Alexander Sack ] * New security/stability upstream release (backports for 2.0.0.17 + 2.0.0.18) * Upstream advisories (v2.0.0.17): MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag MFSA 2008-41 aka CVE-2008-4058 - XPCnativeWrapper pollution MFSA 2008-41 aka CVE-2008-4059 - XPCnativeWrapper pollution (Firefox 2) MFSA 2008-41 aka CVE-2008-4060 - Documents without script handling objects MFSA 2008-42 aka CVE-2008-4061 - Crashes with evidence of corruption; layout (rv:1.8.1.17) MFSA 2008-42 aka CVE-2008-4062 - Crashes with evidence of corruption; javascript (rv:1.8.1.17) MFSA 2008-43 aka CVE-2008-4065 - Stripped BOM characters MFSA 2008-43 aka CVE-2008-4066 - HTML escaped low surrogates bug MFSA 2008-44 aka CVE-2008-4067 - resource: traversal vulnerabilities (a) MFSA 2008-44 aka CVE-2008-4068 - resource: traversal vulnerabilities (b) MFSA 2008-45 aka CVE-2008-4069 - XBM image uninitialized memory reading * Upstream advisories (v2.0.0.18): MFSA 2008-47 aka CVE-2008-4582 - Information stealing via local shortcut files MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering MFSA 2008-52 aka CVE-2008-5017 - browser engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-52 aka CVE-2008-5018 - javascript engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation MFSA 2008-57 aka CVE-2008-5023 - -moz-binding property bypasses security checks on codebase principals MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace stable/main/binary-sparc/tethereal_0.99.4-5.etch.3_sparc.deb stable/main/binary-sparc/ethereal_0.99.4-5.etch.3_sparc.deb stable/main/binary-sparc/tshark_0.99.4-5.etch.3_sparc.deb stable/main/binary-sparc/wireshark_0.99.4-5.etch.3_sparc.deb stable/main/binary-sparc/wireshark-dev_0.99.4-5.etch.3_sparc.deb stable/main/binary-sparc/ethereal-common_0.99.4-5.etch.3_sparc.deb stable/main/binary-sparc/ethereal-dev_0.99.4-5.etch.3_sparc.deb stable/main/binary-sparc/wireshark-common_0.99.4-5.etch.3_sparc.deb wireshark (0.99.4-5.etch.3) stable-security; urgency=high * Backport further security fixes: * CVE-2008-4683, CVE-2008-4684, CVE-2008-4685 and a backport of have_postdissector(), which is needed for the fixes * CVE-2008-3933 * CVE-2008-3145 * CVE-2008-3141 * CVE-2008-3138 * CVE-2008-3137 stable/main/binary-s390/ethereal-common_0.99.4-5.etch.3_s390.deb stable/main/binary-s390/ethereal-dev_0.99.4-5.etch.3_s390.deb stable/main/binary-s390/tshark_0.99.4-5.etch.3_s390.deb stable/main/binary-s390/wireshark-common_0.99.4-5.etch.3_s390.deb stable/main/binary-s390/tethereal_0.99.4-5.etch.3_s390.deb stable/main/binary-s390/ethereal_0.99.4-5.etch.3_s390.deb stable/main/binary-s390/wireshark_0.99.4-5.etch.3_s390.deb stable/main/binary-s390/wireshark-dev_0.99.4-5.etch.3_s390.deb wireshark (0.99.4-5.etch.3) stable-security; urgency=high * Backport further security fixes: * CVE-2008-4683, CVE-2008-468