debian-changes-digest Digest V2007 #87

From: <debian-changes-digest-request(at)lists.debian.org>
Date: Thu Aug 16 2007 - 16:03:28 EDT

Content-Type: text/plain

debian-changes-digest Digest Volume 2007 : Issue 87

Today's Topics:

  Accepted pptpd 1.3.0-2etch1 (source   [ Moritz Muehlenhoff  ]
  Accepted pppconfig 2.3.15.etch1 (sou  [ Luk Claes  ]
  Accepted quagga 0.99.5-5etch2 (sourc  [ Christian Hammers  ]
  Accepted mutt 1.5.13-1.1etch1 (sourc  [ Christoph Berg  ]
  Accepted orbit2 1:2.14.3-0.2 (source  [ Loic Minier  ]
  Accepted mpop 1.0.5-1etch1 (source i  [ Julien Louis  ]
  Accepted mplayer 1.0~rc1-12etch1 (so  [ A Mennucc1  ]
  Accepted mixmaster 3.0b2-4.etch1 (so  [ Peter Palfrader  ]
  Accepted mozilla-traybiff 1.2.2-13et  [ Alan Woodland  ]
  Accepted fireflier 1.1.6-3etch1 (sou  [ Steve Kemp  ]

Date: Wed, 15 Aug 2007 22:39:33 +0000
From: Moritz Muehlenhoff <jmm@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted pptpd 1.3.0-2etch1 (source i386) Message-Id: <E1ILRWX-0005uM-6z@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Wed, 2 May 2007 20:52:58 +0000
Source: pptpd
Binary: bcrelay pptpd
Architecture: source i386
Version: 1.3.0-2etch1
Distribution: stable-security
Urgency: high
Maintainer: Rene Mayrhofer <rmayr@debian.org> Changed-By: Moritz Muehlenhoff <jmm@debian.org> Description:
 bcrelay - Broadcast relay daemon
 pptpd - PoPToP Point to Point Tunneling Server Changes:
 pptpd (1.3.0-2etch1) stable-security; urgency=high  .

• Non-maintainer upload by the Security Team Fix DoS in GRE re-ordering (CVE-2007-0244) Files: 0363621f77d0364e4f58bd834d33b4ad 599 net optional pptpd_1.3.0-2etch1.dsc 75d494e881f7027f4e60b114163f6b67 204099 net optional pptpd_1.3.0.orig.tar.gz 419d853dca942c8a0067f498105cb23e 11297 net optional pptpd_1.3.0-2etch1.diff.gz 942bd5e1e6e928a841f4d95fd7bf71ee 57490 net optional pptpd_1.3.0-2etch1_i386.deb c085606c87a9905a2c72e6dcd7305525 20166 net optional bcrelay_1.3.0-2etch1_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGOPtxXm3vHE4uyloRAkmvAKDNuSDMULlfo7ug75C+6CneiAw/oQCeNwrl VQymsJAX6HYK1aHpfY4U+Bo=
=/cVC
-----END PGP SIGNATURE-----
Accepted:
bcrelay_1.3.0-2etch1_i386.deb
  to pool/main/p/pptpd/bcrelay_1.3.0-2etch1_i386.deb pptpd_1.3.0-2etch1.diff.gz
  to pool/main/p/pptpd/pptpd_1.3.0-2etch1.diff.gz pptpd_1.3.0-2etch1.dsc
  to pool/main/p/pptpd/pptpd_1.3.0-2etch1.dsc pptpd_1.3.0-2etch1_i386.deb
  to pool/main/p/pptpd/pptpd_1.3.0-2etch1_i386.deb

Date: Wed, 15 Aug 2007 22:39:33 +0000
From: Luk Claes <luk@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted pppconfig 2.3.15.etch1 (source all) Message-Id: <E1ILRWX-0005uD-1K@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Wed, 8 Aug 2007 19:25:07 +0200
Source: pppconfig
Binary: pppconfig
Architecture: source all
Version: 2.3.15.etch1
Distribution: proposed-updates
Urgency: low
Maintainer: John Hasler <jhasler@debian.org> Changed-By: Luk Claes <luk@debian.org>
Description:
 pppconfig - A text menu based utility for configuring ppp Closes: 418350
Changes:
 pppconfig (2.3.15.etch1) proposed-updates; urgency=low  .

• Non-maintainer upload.
• Add Replaces: manpages-fr (<< 2.39.1-5) (Closes: #418350) Files: 17557fead4f455aeebafd8039adf2af9 574 base optional pppconfig_2.3.15.etch1.dsc 84a59ee4825ac505319c97f1c1a5692c 380206 base optional pppconfig_2.3.15.etch1.tar.gz 581a83726f804c8444a3128d85456be4 158710 base optional pppconfig_2.3.15.etch1_all.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFGuf+O5UTeB5t8Mo0RAmTfAJ9YRUZe1k0URAfvv/ZZkpDz9Sz5zgCguQWQ rb7/YCChrW4Nyq95/5bJbb0=
=rIXS
-----END PGP SIGNATURE-----
Accepted:
pppconfig_2.3.15.etch1.dsc
  to pool/main/p/pppconfig/pppconfig_2.3.15.etch1.dsc pppconfig_2.3.15.etch1.tar.gz
  to pool/main/p/pppconfig/pppconfig_2.3.15.etch1.tar.gz pppconfig_2.3.15.etch1_all.deb
  to pool/main/p/pppconfig/pppconfig_2.3.15.etch1_all.deb

Date: Wed, 15 Aug 2007 22:39:33 +0000
From: Christian Hammers <ch@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted quagga 0.99.5-5etch2 (source all amd64) Message-Id: <E1ILRWX-0005uc-U5@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Thu, 12 Apr 2007 23:57:58 +0200
Source: quagga
Binary: quagga quagga-doc
Architecture: source amd64 all
Version: 0.99.5-5etch2
Distribution: stable-security
Urgency: high
Maintainer: Christian Hammers <ch@debian.org> Changed-By: Christian Hammers <ch@debian.org> Description:
 quagga - unoff. successor of the Zebra BGP/OSPF/RIP routing daemon  quagga-doc - documentation files for quagga Closes: 418323
Changes:
 quagga (0.99.5-5etch2) stable-security; urgency=high  .

• SECURITY: The bgpd daemon was vulnerable to a Denial-of-Service. Configured peers could cause a Quagga bgpd to, typically, assert() and abort. The DoS could be triggered by peers by sending an UPDATE message with a crafted, malformed Multi-Protocol reachable/unreachable NLRI attribute. Quagga Bug#354. Closes: #418323 Files: 667f0d6ae4984aa499d912b12d9146b9 762 net optional quagga_0.99.5-5etch2.dsc ac7da5cf6b143338aef2b8c6da3b2b3a 33122 net optional quagga_0.99.5-5etch2.diff.gz 3f9c71aca6faa22a889e2f84ecfd0076 2311140 net optional quagga_0.99.5.orig.tar.gz 01bcc6c571f620c957e1ea2b5cacf9f6 719938 net optional quagga-doc_0.99.5-5etch2_all.deb 6e88dd4c6f56eba87c752369590cf486 1415656 net optional quagga_0.99.5-5etch2_amd64.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGPGCxW5ql+IAeqTIRAhMpAJ9QeQt+J8VL51f5Vl8DWlI/YJSAvACeMkKW Ue26D8UFl96BH27ZH7veLyE=
=HJTe
-----END PGP SIGNATURE-----
Accepted:
quagga-doc_0.99.5-5etch2_all.deb
  to pool/main/q/quagga/quagga-doc_0.99.5-5etch2_all.deb quagga_0.99.5-5etch2.diff.gz
  to pool/main/q/quagga/quagga_0.99.5-5etch2.diff.gz quagga_0.99.5-5etch2.dsc
  to pool/main/q/quagga/quagga_0.99.5-5etch2.dsc quagga_0.99.5-5etch2_amd64.deb
  to pool/main/q/quagga/quagga_0.99.5-5etch2_amd64.deb

Date: Wed, 15 Aug 2007 22:39:23 +0000
From: Christoph Berg <myon@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted mutt 1.5.13-1.1etch1 (source i386) Message-Id: <E1ILRWN-0005sE-VZ@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Tue, 15 May 2007 09:59:24 +0200
Source: mutt
Binary: mutt
Architecture: source i386
Version: 1.5.13-1.1etch1
Distribution: stable
Urgency: low
Maintainer: Adeodato Simó <dato@net.com.org.es> Changed-By: Christoph Berg <myon@debian.org> Description:
 mutt - text-based mailreader supporting MIME, GPG, PGP and threading Closes: 413715
Changes:
 mutt (1.5.13-1.1etch1) stable; urgency=low  .

• Stable update.
• Grab patch from upstream: Add imap_close_connection to fully reset IMAP state (Closes: #413715).
• Add myself to Uploaders, thanks Dato. Files: 5d7f46af3bf3871235e0a80629cb5bbd 789 mail standard mutt_1.5.13-1.1etch1.dsc fffd672fe2d5e43ce760e746c510877d 137088 mail standard mutt_1.5.13-1.1etch1.diff.gz e7f04ca73a0f1000b352762263f7d7e3 1809440 mail standard mutt_1.5.13-1.1etch1_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGSXUdxa93SlhRC1oRAvKcAJ9TAc9eXpvlyAHr1lUQ7qA3sUtjPQCgsrys KRfPDJ8Oxjgw8zfWxIgCzUA=
=Nvzx
-----END PGP SIGNATURE-----
Accepted:
mutt_1.5.13-1.1etch1.diff.gz
  to pool/main/m/mutt/mutt_1.5.13-1.1etch1.diff.gz mutt_1.5.13-1.1etch1.dsc
  to pool/main/m/mutt/mutt_1.5.13-1.1etch1.dsc mutt_1.5.13-1.1etch1_i386.deb
  to pool/main/m/mutt/mutt_1.5.13-1.1etch1_i386.deb

Date: Wed, 15 Aug 2007 22:39:30 +0000
From: Loic Minier <lool@dooz.org>
To: debian-changes@lists.debian.org
Subject: Accepted orbit2 1:2.14.3-0.2 (source i386) Message-Id: <E1ILRWU-0005tU-An@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Wed, 23 May 2007 23:00:36 +0200
Source: orbit2
Binary: liborbit2-dev liborbit2 orbit2 orbit2-nameserver Architecture: source i386
Version: 1:2.14.3-0.2
Distribution: stable
Urgency: low
Maintainer: Sebastian Rittau <srittau@debian.org> Changed-By: Loic Minier <lool@dooz.org>
Description:
 liborbit2 - libraries for ORBit2 - a CORBA ORB  liborbit2-dev - development files for ORBit2 - a CORBA ORB  orbit2 - a CORBA ORB
 orbit2-nameserver - a CORBA name server Closes: 425757
Changes:
 orbit2 (1:2.14.3-0.2) stable; urgency=low  .

• New patch, 600-allow-non-local-ipv4, fixes non-local IPv4 connections; backport of SVN r1962; thanks Daniel Nilsson; closes: #425757. Files: fa8afff0f7540d20f01e1df73e1065e1 724 net optional orbit2_2.14.3-0.2.dsc abc131a2b55096d5e927fd00b5942900 286752 net optional orbit2_2.14.3-0.2.diff.gz 873b199850aea5a43f181bf7f8f59904 236906 libs optional liborbit2_2.14.3-0.2_i386.deb 2423973efa9adbd4ec8904aeca11728a 94862 devel optional orbit2_2.14.3-0.2_i386.deb 90de3f86afd3b24a5145f706692567d6 102418 devel optional orbit2-nameserver_2.14.3-0.2_i386.deb b33756eaec40f6a350b953ebb83a155b 463640 libdevel optional liborbit2-dev_2.14.3-0.2_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGVK044VUX8isJIMARAuEAAJ9Azei2lmqTCQgwy/9IK51qs4QklACgpX4G qdT16oJdH/SmtIbEYNAdUBM=
=652t
-----END PGP SIGNATURE-----
Accepted:
liborbit2-dev_2.14.3-0.2_i386.deb
  to pool/main/o/orbit2/liborbit2-dev_2.14.3-0.2_i386.deb liborbit2_2.14.3-0.2_i386.deb
  to pool/main/o/orbit2/liborbit2_2.14.3-0.2_i386.deb orbit2-nameserver_2.14.3-0.2_i386.deb
  to pool/main/o/orbit2/orbit2-nameserver_2.14.3-0.2_i386.deb orbit2_2.14.3-0.2.diff.gz
  to pool/main/o/orbit2/orbit2_2.14.3-0.2.diff.gz orbit2_2.14.3-0.2.dsc
  to pool/main/o/orbit2/orbit2_2.14.3-0.2.dsc orbit2_2.14.3-0.2_i386.deb
  to pool/main/o/orbit2/orbit2_2.14.3-0.2_i386.deb

Date: Wed, 15 Aug 2007 22:39:23 +0000
From: Julien Louis <ptitlouis@sysif.net> To: debian-changes@lists.debian.org
Subject: Accepted mpop 1.0.5-1etch1 (source i386) Message-Id: <E1ILRWN-0005s8-PQ@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Sun, 27 May 2007 06:14:48 +0000
Source: mpop
Binary: mpop
Architecture: source i386
Version: 1.0.5-1etch1
Distribution: stable-security
Urgency: high
Maintainer: Julien Louis <ptitlouis@sysif.net> Changed-By: Julien Louis <ptitlouis@sysif.net> Description:
 mpop - POP3 mail retriever
Closes: 426077
Changes:
 mpop (1.0.5-1etch1) stable-security; urgency=high  .

• Fix APOP weakness CVE-2007-1558 (Closes: #426077). Files: e5faaf09535abc400cd90ba369ffc117 671 net extra mpop_1.0.5-1etch1.dsc 90b19299e9238742260a6192b93dd46a 3318 net extra mpop_1.0.5-1etch1.diff.gz 5f0c8c3e70c21aa3ebb7f6aa315aa3b0 246308 net extra mpop_1.0.5-1etch1_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGXBrUvGr7W6HudhwRAhK3AKCXmSjxZtEk5kPJqRK+ALOt6OXJZwCeMl86 PXxQKAfzq1nxRDiooaVXVAI=
=v0sA
-----END PGP SIGNATURE-----
Accepted:
mpop_1.0.5-1etch1.diff.gz
  to pool/main/m/mpop/mpop_1.0.5-1etch1.diff.gz mpop_1.0.5-1etch1.dsc
  to pool/main/m/mpop/mpop_1.0.5-1etch1.dsc mpop_1.0.5-1etch1_i386.deb
  to pool/main/m/mpop/mpop_1.0.5-1etch1_i386.deb

Date: Wed, 15 Aug 2007 22:39:23 +0000
From: A Mennucc1 <mennucc1@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted mplayer 1.0~rc1-12etch1 (source all amd64) Message-Id: <E1ILRWN-0005s4-KG@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Wed, 6 Jun 2007 09:46:44 +0200
Source: mplayer
Binary: mplayer-doc mplayer
Architecture: source amd64 all
Version: 1.0~rc1-12etch1
Distribution: stable-security
Urgency: high
Maintainer: A Mennucc1 <mennucc1@debian.org> Changed-By: A Mennucc1 <mennucc1@debian.org> Description:
 mplayer - The Movie Player
 mplayer-doc - documentation for MPlayer Changes:
 mplayer (1.0~rc1-12etch1) stable-security; urgency=high  .

• fix for stack overflow in the code used to handle cddb queries, CVE-2007-2948 and SAID 24302, thanks Stefan Cornelius of Secunia Research Files: 6d0b64ba23476545f12d569535d32b13 1265 graphics optional mplayer_1.0~rc1-12etch1.dsc 815482129b79cb9390904b145c5def6c 10286260 graphics optional mplayer_1.0~rc1.orig.tar.gz 3408d0ce7dd69254e4478bb3131656e5 84073 graphics optional mplayer_1.0~rc1-12etch1.diff.gz 82908ef42c42b0afbcd120f26d979b7d 2048072 graphics optional mplayer-doc_1.0~rc1-12etch1_all.deb d10104203e02ea2dd261175182e2490b 4373766 graphics optional mplayer_1.0~rc1-12etch1_amd64.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGZnLO9B/tjjP8QKQRAhfrAJ9eCCVO+LlGemCOYOvdZ98Ump39CACghsMF 9W0Pr5J4ffXTZcpXZxhYAfU=
=7i6l
-----END PGP SIGNATURE-----
Accepted:
mplayer-doc_1.0~rc1-12etch1_all.deb
  to pool/main/m/mplayer/mplayer-doc_1.0~rc1-12etch1_all.deb mplayer_1.0~rc1-12etch1.diff.gz
  to pool/main/m/mplayer/mplayer_1.0~rc1-12etch1.diff.gz mplayer_1.0~rc1-12etch1.dsc
  to pool/main/m/mplayer/mplayer_1.0~rc1-12etch1.dsc mplayer_1.0~rc1-12etch1_amd64.deb
  to pool/main/m/mplayer/mplayer_1.0~rc1-12etch1_amd64.deb

Date: Wed, 15 Aug 2007 22:39:23 +0000
From: Peter Palfrader <weasel@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted mixmaster 3.0b2-4.etch1 (source i386) Message-Id: <E1ILRWN-0005rn-58@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Mon, 23 Apr 2007 17:14:50 +0200
Source: mixmaster
Binary: mixmaster
Architecture: source i386
Version: 3.0b2-4.etch1
Distribution: stable
Urgency: high
Maintainer: Peter Palfrader <weasel@debian.org> Changed-By: Peter Palfrader <weasel@debian.org> Description:
 mixmaster - Anonymous remailer client and server Closes: 418662
Changes:
 mixmaster (3.0b2-4.etch1) stable; urgency=high  .

• Backport a fix from upstream: In two functions in keymgt.c we had allocated a buffer of 33 bytes when if fact we were using one more - 34 - bytes. This buffer overflow is exposed when building with gcc 4.x, it never was exposed with previous compilers because they apparently layed out the stack differently. The result of this buffer overflow is that a single 0-byte will be written at the end of the buffer. At that position on the stack there is (at least in the previous build) a saved local variable from a calling function. This local variable is a pointer to a BUFFER struct and this pointer has its least significant byte set to zero. This prevents mixmaster from properly decrypting incoming type2 messages. It's not likely that this can be exploited to execute arbitrary code, tho evidence or argument to the contrary are of course welcome. Upstream patch: http://svn.noreply.org/cgi-bin/viewcvs.cgi/trunk/Mix/Src/keymgt.c?rev=929&r1=766&r2=929 Closes: #418662 Thanks to Hauke Lampe and Colin Tuckley. Files: 182afe3dc74d9e42b50ed17c19f12598 659 mail optional mixmaster_3.0b2-4.etch1.dsc c2e8f9a416dd3cfa3212a64ce3e379ce 36923 mail optional mixmaster_3.0b2-4.etch1.diff.gz c238304be3f333d3b6fa89889ee3f8ca 241782 mail optional mixmaster_3.0b2-4.etch1_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGLjXoz/ccs6+kS90RAto9AJ9CPopB4+Qhd/Adi/Je1iN5hJf8MACeOHHa S1mZUrzv4No/19a7sJ2o1aY=
=BlLt
-----END PGP SIGNATURE-----
Accepted:
mixmaster_3.0b2-4.etch1.diff.gz
  to pool/main/m/mixmaster/mixmaster_3.0b2-4.etch1.diff.gz mixmaster_3.0b2-4.etch1.dsc
  to pool/main/m/mixmaster/mixmaster_3.0b2-4.etch1.dsc mixmaster_3.0b2-4.etch1_i386.deb
  to pool/main/m/mixmaster/mixmaster_3.0b2-4.etch1_i386.deb

Date: Wed, 15 Aug 2007 22:39:23 +0000
From: Alan Woodland <awoodland@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted mozilla-traybiff 1.2.2-13etch1 (source i386 all) Message-Id: <E1ILRWN-0005rw-Cw@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Thu, 14 Jun 2007 16:36:08 +0100
Source: mozilla-traybiff
Binary: thunderbird-traybiff icedove-traybiff Architecture: source i386 all
Version: 1.2.2-13etch1
Distribution: stable
Urgency: low
Maintainer: Alan Woodland <awoodland@debian.org> Changed-By: Alan Woodland <awoodland@debian.org> Description:
 icedove-traybiff - traybiff - new mail alert for Icedove  thunderbird-traybiff - Transition package for icedove-traybiff rename Closes: 428767 428779
Changes:
 mozilla-traybiff (1.2.2-13etch1) stable; urgency=low  .

• Updated for new version of icedove in Etch. (Closes: #428779, #428767)
• Fixed dependencies to better handle future icedove updates Files: 587106b1107d6ea7a063edf2c646f9d7 772 mail optional mozilla-traybiff_1.2.2-13etch1.dsc 65be6737a00c036f24649447ec80fd3c 14209 mail optional mozilla-traybiff_1.2.2-13etch1.diff.gz 2f02e6e9414b58c92b88a366329d2de6 50416 mail optional icedove-traybiff_1.2.2-13etch1_i386.deb b38dc7ab84ba2ffd5656aeaf0fe1bf31 12694 mail optional thunderbird-traybiff_1.2.2-13etch1_all.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGcWWC1FNW1LDdr0IRArthAJ0U1AG0uWsCZV7o02NN+P5wRv+YHgCfSDtD ZbjD7e+04HTN41feyUOGRgw=
=BB1O
-----END PGP SIGNATURE-----
Accepted:
icedove-traybiff_1.2.2-13etch1_i386.deb
  to pool/main/m/mozilla-traybiff/icedove-traybiff_1.2.2-13etch1_i386.deb mozilla-traybiff_1.2.2-13etch1.diff.gz
  to pool/main/m/mozilla-traybiff/mozilla-traybiff_1.2.2-13etch1.diff.gz mozilla-traybiff_1.2.2-13etch1.dsc
  to pool/main/m/mozilla-traybiff/mozilla-traybiff_1.2.2-13etch1.dsc thunderbird-traybiff_1.2.2-13etch1_all.deb   to pool/main/m/mozilla-traybiff/thunderbird-traybiff_1.2.2-13etch1_all.deb

Date: Thu, 16 Aug 2007 19:57:09 +0000
From: Mike Hommey <glandium@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted iceape 1.0.10~pre070720-0etch1 (source all i386) Message-Id: <E1ILlSv-0008Ii-Hw@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Fri, 20 Jul 2007 23:20:01 +0200
Source: iceape
Binary: mozilla iceape-browser mozilla-calendar mozilla-js-debugger iceape iceape-calendar iceape-dom-inspector mozilla-psm mozilla-chatzilla mozilla-mailnews iceape-dbg iceape-gnome-support mozilla-dom-inspector iceape-dev iceape-chatzilla mozilla-browser iceape-mailnews mozilla-dev Architecture: source all i386
Version: 1.0.10~pre070720-0etch1
Distribution: stable-security
Urgency: low
Maintainer: Maintainers of Mozilla-related packages <pkg-mozilla-maintainers@lists.alioth.debian.org> Changed-By: Mike Hommey <glandium@debian.org> Description:
 iceape - The Iceape Internet Suite

 iceape-browser - Iceape Navigator (Internet browser) and Composer
 iceape-calendar - Iceape Calendar
 iceape-chatzilla - Iceape Chatzilla IRC client
 iceape-dbg - Debugging symbols for the Iceape Internet Suite
 iceape-dev - Development files for the Iceape Internet Suite
 iceape-dom-inspector - DOM inspector for the Iceape Internet Suite
 iceape-gnome-support - Gnome support for the Iceape Internet Suite
 iceape-mailnews - Iceape Mail & Newsgroups and Address Book

 mozilla - Transition package for the Iceape Internet Suite

 mozilla-browser - Transition package for Iceape Navigator and Composer
 mozilla-calendar - Transition package for Iceape Calendar
 mozilla-chatzilla - Transition package for Iceape Chatzilla IRC client
 mozilla-dev - Transition package for development file for the Iceape Internet S
 mozilla-dom-inspector - Transition package for the DOM Inspector for the Iceape Internet 
 mozilla-js-debugger - Transition package for venkman
 mozilla-mailnews - Transition package for Iceape Mail & Newsgroups and Address Book
Do you need help?
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:
Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related lists.debian.org Links
debian-announce
debian-apache
debian-arm-changes
debian-beowulf
debian-boot
debian-cd
debian-cd-vendors
debian-changes
debian-changes-digest
debian-isp
debian-kde
debian-laptop
debian-mirrors-announce
debian-news
debian-security
debian-security-announce
debian-testing
debian-user
debian-user-digest
Request more information about Pantek
 mozilla-psm - Transition package for Iceape Navigator

Changes:
 iceape (1.0.10~pre070720-0etch1) stable-security; urgency=low  .

• New security/stability upstream prerelease (v1.0.10pre070720)
• Fixes mfsa-2007-{18-22}, mfsa-2007-{24-25}, alsa known as CVE-2007-3089, CVE-2007-3285, CVE-2007-3656, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738. Files: a5ddcea94b97d0eb7d88da94a72ca627 1436 net optional iceape_1.0.10~pre070720-0etch1.dsc 245a8a7774ff47ef91177724130f8ea4 43473332 net optional iceape_1.0.10~pre070720.orig.tar.gz 018274eb404a0e83606ce0d21e87ad01 267008 net optional iceape_1.0.10~pre070720-0etch1.diff.gz 7b7b835dae8ca15c7ec1592ff702ebb6 27756 web optional iceape_1.0.10~pre070720-0etch1_all.deb 4bea22fd5361596b66969d7858dd3ad4 3707920 devel optional iceape-dev_1.0.10~pre070720-0etch1_all.deb ee0d7c0bf576089522f4e9f72c8c3add 278618 net optional iceape-chatzilla_1.0.10~pre070720-0etch1_all.deb ce97b31d46e18455189a03940aa72b92 26346 web optional mozilla_1.8+1.0.10~pre070720-0etch1_all.deb 0cc3f8a430af60e0dbcb83576879689e 27278 web optional mozilla-browser_1.8+1.0.10~pre070720-0etch1_all.deb 4ca53a0ad06db0acb0b879fadfdd4fd5 26486 devel optional mozilla-dev_1.8+1.0.10~pre070720-0etch1_all.deb 84203bd26fc8360bbb82535d81a823eb 26374 mail optional mozilla-mailnews_1.8+1.0.10~pre070720-0etch1_all.deb ff123607a7884ee5a3865464c76021ea 26364 net optional mozilla-chatzilla_1.8+1.0.10~pre070720-0etch1_all.deb 440d3f62c74c42ffcbb5ad73f2069e5c 26362 web optional mozilla-psm_1.8+1.0.10~pre070720-0etch1_all.deb 2420778740bf3e57de6ecd5d343d65dd 26390 web optional mozilla-dom-inspector_1.8+1.0.10~pre070720-0etch1_all.deb f6fb1d696a8fbd326204419b73ab98e1 26390 devel optional mozilla-js-debugger_1.8+1.0.10~pre070720-0etch1_all.deb d33b0ec877535b4fa4bf1aa07350f932 26354 misc optional mozilla-calendar_1.8+1.0.10~pre070720-0etch1_all.deb deab48630b8aeb248bfa9397e88fd489 10477338 web optional iceape-browser_1.0.10~pre070720-0etch1_i386.deb a85d86cd967b44370ec1b3329b9728a5 47678 web optional iceape-gnome-support_1.0.10~pre070720-0etch1_i386.deb 8e26e07fc8e55d38cde9091093e8ff08 58688874 devel extra iceape-dbg_1.0.10~pre070720-0etch1_i386.deb 66d798529d1f56ce668f8d7eda66abd6 1889676 mail optional iceape-mailnews_1.0.10~pre070720-0etch1_i386.deb 2f19c0f151b456a0c0e84b0812cb0dc6 587938 misc optional iceape-calendar_1.0.10~pre070720-0etch1_i386.deb 2b399a919d4ee6ee8c5cf22db90e741c 188700 web optional iceape-dom-inspector_1.0.10~pre070720-0etch1_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGobAc3kvaLFT9KlgRAjuzAKCPx4fuszkWS//K8S5KbuJnHqxEtgCePsbp PFtGnbN1vo3FI2dlrU2DhqA=
=rZqn
-----END PGP SIGNATURE-----
Accepted:
iceape-browser_1.0.10~pre070720-0etch1_i386.deb   to pool/main/i/iceape/iceape-browser_1.0.10~pre070720-0etch1_i386.deb iceape-calendar_1.0.10~pre070720-0etch1_i386.deb   to pool/main/i/iceape/iceape-calendar_1.0.10~pre070720-0etch1_i386.deb iceape-chatzilla_1.0.10~pre070720-0etch1_all.deb   to pool/main/i/iceape/iceape-chatzilla_1.0.10~pre070720-0etch1_all.deb

iceape-dbg_1.0.10~pre070720-0etch1_i386.deb
  to pool/main/i/iceape/iceape-dbg_1.0.10~pre070720-0etch1_i386.deb
iceape-dev_1.0.10~pre070720-0etch1_all.deb
  to pool/main/i/iceape/iceape-dev_1.0.10~pre070720-0etch1_all.deb
iceape-dom-inspector_1.0.10~pre070720-0etch1_i386.deb
  to pool/main/i/iceape/iceape-dom-inspector_1.0.10~pre070720-0etch1_i386.deb

iceape-gnome-support_1.0.10~pre070720-0etch1_i386.deb   to pool/main/i/iceape/iceape-gnome-support_1.0.10~pre070720-0etch1_i386.deb iceape-mailnews_1.0.10~pre070720-0etch1_i386.deb   to pool/main/i/iceape/iceape-mailnews_1.0.10~pre070720-0etch1_i386.deb iceape_1.0.10~pre070720-0etch1.diff.gz
  to pool/main/i/iceape/iceape_1.0.10~pre070720-0etch1.diff.gz iceape_1.0.10~pre070720-0etch1.dsc

  to pool/main/i/iceape/iceape_1.0.10~pre070720-0etch1.dsc
iceape_1.0.10~pre070720-0etch1_all.deb
  to pool/main/i/iceape/iceape_1.0.10~pre070720-0etch1_all.deb

iceape_1.0.10~pre070720.orig.tar.gz

  to pool/main/i/iceape/iceape_1.0.10~pre070720.orig.tar.gz
mozilla-browser_1.8+1.0.10~pre070720-0etch1_all.deb
  to pool/main/i/iceape/mozilla-browser_1.8+1.0.10~pre070720-0etch1_all.deb

mozilla-calendar_1.8+1.0.10~pre070720-0etch1_all.deb   to pool/main/i/iceape/mozilla-calendar_1.8+1.0.10~pre070720-0etch1_all.deb mozilla-chatzilla_1.8+1.0.10~pre070720-0etch1_all.deb

  to pool/main/i/iceape/mozilla-chatzilla_1.8+1.0.10~pre070720-0etch1_all.deb
mozilla-dev_1.8+1.0.10~pre070720-0etch1_all.deb
  to pool/main/i/iceape/mozilla-dev_1.8+1.0.10~pre070720-0etch1_all.deb

mozilla-dom-inspector_1.8+1.0.10~pre070720-0etch1_all.deb

  to pool/main/i/iceape/mozilla-dom-inspector_1.8+1.0.10~pre070720-0etch1_all.deb
mozilla-js-debugger_1.8+1.0.10~pre070720-0etch1_all.deb
  to pool/main/i/iceape/mozilla-js-debugger_1.8+1.0.10~pre070720-0etch1_all.deb

mozilla-mailnews_1.8+1.0.10~pre070720-0etch1_all.deb   to pool/main/i/iceape/mozilla-mailnews_1.8+1.0.10~pre070720-0etch1_all.deb mozilla-psm_1.8+1.0.10~pre070720-0etch1_all.deb   to pool/main/i/iceape/mozilla-psm_1.8+1.0.10~pre070720-0etch1_all.deb mozilla_1.8+1.0.10~pre070720-0etch1_all.deb   to pool/main/i/iceape/mozilla_1.8+1.0.10~pre070720-0etch1_all.deb

Date: Thu, 16 Aug 2007 19:56:45 +0000
From: Steve Kemp <skx@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted fireflier 1.1.6-3etch1 (source amd64) Message-Id: <E1ILlSX-0008FW-41@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Wed, 27 Jun 2007 18:40:03 +0000
Source: fireflier
Binary: fireflier-client-gtk fireflier-client-kde fireflier-client-qt fireflier-server Architecture: source amd64
Version: 1.1.6-3etch1
Distribution: stable-security
Urgency: high
Maintainer: Martin Maurer <fireflier@gibraltar.at> Changed-By: Steve Kemp <skx@debian.org>
Description:

 fireflier-client-gtk - Interactive firewall rule creation tool - GTK client
 fireflier-client-kde - Interactive firewall rule creation tool - QT client
 fireflier-client-qt - Interactive firewall rule creation tool - QT client
 fireflier-server - Interactive firewall rule creation tool - server

Changes:
 fireflier (1.1.6-3etch1) stable-security; urgency=high  .

• Non-maintainer upload by The Security Team.
• Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] Files: 8ec24268cc89bb1472dcd4f023109a55 719 net optional fireflier_1.1.6-3etch1.dsc 7db5f641d31cf389baf0882f2f2288ef 615953 net optional fireflier_1.1.6-3etch1.tar.gz 698f016cb66f731fda7b87b1f192709e 47430 net optional fireflier-server_1.1.6-3etch1_amd64.deb 9c1c112e4535e71ea86154c861e0b688 68414 net optional fireflier-client-qt_1.1.6-3etch1_amd64.deb 84d8735acffe2567fc8c9739788f0fea 67766 net optional fireflier-client-kde_1.1.6-3etch1_amd64.deb bdf7ba3b1cce5e9b4a0563c77dc9bd38 121268 net optional fireflier-client-gtk_1.1.6-3etch1_amd64.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGgqUSwM/Gs81MDZ0RAoDDAJ9A+FU/PHgbOh5GmyyMD5vry9kLuACdF8hU sOP7/MC+9Rkqu567XjehVdo=
=oFTO
-----END PGP SIGNATURE-----
Accepted:
fireflier-client-gtk_1.1.6-3etch1_amd64.deb   to pool/main/f/fireflier/fireflier-client-gtk_1.1.6-3etch1_amd64.deb fireflier-client-kde_1.1.6-3etch1_amd64.deb   to pool/main/f/fireflier/fireflier-client-kde_1.1.6-3etch1_amd64.deb fireflier-client-qt_1.1.6-3etch1_amd64.deb   to pool/main/f/fireflier/fireflier-client-qt_1.1.6-3etch1_amd64.deb fireflier-server_1.1.6-3etch1_amd64.deb
  to pool/main/f/fireflier/fireflier-server_1.1.6-3etch1_amd64.deb fireflier_1.1.6-3etch1.dsc
  to pool/main/f/fireflier/fireflier_1.1.6-3etch1.dsc fireflier_1.1.6-3etch1.tar.gz
  to pool/main/f/fireflier/fireflier_1.1.6-3etch1.tar.gz

End of debian-changes-digest Digest V2007 Issue #87

---

Received on Thu Aug 16 16:00:15 2007