Hosting Provided By

debian-changes-digest Digest V2007 #139

From: <debian-changes-digest-request(at)lists.debian.org>
Date: Tue Dec 18 2007 - 03:06:19 EST

Content-Type: text/plain

debian-changes-digest Digest Volume 2007 : Issue 139

Today's Topics:

  Accepted horde3 3.0.4-4sarge6 (sourc  [ Thijs Kinkhorst  ]
  Accepted samba 3.0.14a-3sarge10 (sou  [ Steve Langasek  ]
  Accepted sitebar 3.2.6-7.1sarge1 (so  [ Steffen Joeris  ]
  Accepted gforge 3.1-31sarge4 (source  [ Roland Mas  ]
  Accepted cacti 0.8.6c-7sarge5 (sourc  [ Stephan Hermann  ]
  Accepted horde3 3.0.4-4sarge5 (sourc  [ Gregory Colpart (evolix)  ]
  Accepted wesnoth 0.9.0-7 (source all  [ Gerfried Fuchs  ]

Date: Mon, 17 Dec 2007 19:52:41 +0000
From: Thijs Kinkhorst <thijs@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted horde3 3.0.4-4sarge6 (source all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Fri, 9 Nov 2007 22:25:26 +0100
Source: horde3
Binary: horde3
Architecture: source all
Version: 3.0.4-4sarge6
Distribution: oldstable-security
Urgency: high
Maintainer: Ola Lundqvist <opal@debian.org> Changed-By: Thijs Kinkhorst <thijs@debian.org> Description:=20
horde3 - horde web application framework Closes: 378281 383416
Changes:=20
horde3 (3.0.4-4sarge6) oldstable-security; urgency=3Dhigh .

Non-maintainer upload by the security team.
Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allow= s local users to delete arbitrary files and possibly gain privileges v= ia multiple space-delimited pathnames. (CVE-2007-1474)
services/go.php in Horde Application Framework 3.0.0 through 3.0.10 = and 3.1.0 through 3.1.1 does not properly restrict its image proxy capab= ility, which allows remote attackers to perform "Web tunneling" attacks and= use the server as a proxy via (1) http, (2) https, and (3) ftp URL in th= e url parameter, which is requested from the server. (CVE-2006-3549)
Multiple cross-site scripting (XSS) vulnerabilities in Horde Applica= tion Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 allow remote attackers to inject arbitrary web script or HTML via a (1) javascrip= t URI or an external (2) http, (3) https, or (4) ftp URI in the url parame= ter in services/go.php (aka the dereferrer), (5) a javascript URI in the mo= dule parameter in services/help (aka the help viewer), and (6) the name parameter in services/problem.php (aka the problem reporting screen)= . (CVE-2006-3548)
index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be usef= ul for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS,= but it is different than classic XSS. (CVE-2006-4256)
Closes: 383416, 378281 Files:=20 a829a3791ed40777b0a4995be6727f13 920 web optional horde3_3.0.4-4sarge6.d= sc ab0dc18c4744b21919c154ac81600ad7 13978 web optional horde3_3.0.4-4sarge6= .diff.gz f2cd9a0c7cb7e800d357d206d9f19841 3437942 web optional horde3_3.0.4-4sarg= e6_all.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

Do you need help?

iQEVAwUBRzTRBWz0hbPcukPfAQKmSgf/VjlJap9ERu4xr57MnEUOF+TyCoxJuGFH EEG0tUG8uGA9bz9wU0r1B2qdX6oSXl2DNhQMFYurF1/EXjcxJlauO9/ZSwsMHDuT lwNrP5Z8HEPgjnB6H5wNFMgF+kLPpTw8lP3jw/wAvuwf9HUyPseitWryBkgHg3lP 7PaIJhxaj/JO+wWe1h4nE1bUszUbto1o5nNGyGM9+8EqeqtigpYRHC/SfYjUR6+K 52adRtyVBUMmfbyz7TUnt6NVWeqkYw48bHlhiPDYavYfo5RTqCnKVEuT2rtiL43w PkdMCX3tVkcxOcq0UyJfqf1qdM5GNiFOc/Zoe0Ln+yNSOpfKGBTm6g=3D=3D =3DMEI0
-----END PGP SIGNATURE-----
Accepted:
horde3_3.0.4-4sarge6.diff.gz
  to pool/main/h/horde3/horde3_3.0.4-4sarge6.diff.gz horde3_3.0.4-4sarge6.dsc
  to pool/main/h/horde3/horde3_3.0.4-4sarge6.dsc horde3_3.0.4-4sarge6_all.deb
  to pool/main/h/horde3/horde3_3.0.4-4sarge6_all.deb

Date: Mon, 17 Dec 2007 19:52:52 +0000
From: Steve Langasek <vorlon@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted samba 3.0.14a-3sarge10 (source i386 all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Tue, 27 Nov 2007 23:42:21 -0800
Source: samba
Binary: samba-doc libsmbclient libpam-smbpass swat winbind smbclient samb= a samba-common libsmbclient-dev samba-dbg python2.3-samba smbfs Architecture: source i386 all
Version: 3.0.14a-3sarge10
Distribution: oldstable-security
Urgency: low
Maintainer: Eloy A. Paris <peloy@debian.org> Changed-By: Steve Langasek <vorlon@debian.org> Description:=20
libpam-smbpass - pluggable authentication module for SMB password databa= se
libsmbclient - shared library that allows applications to talk to SMB se= rvers
libsmbclient-dev - libsmbclient static libraries and headers python2.3-samba - Python bindings that allow access to various aspects o= f Samba
samba - a LanManager-like file and printer server for Unix

 samba-common - Samba common files used by both the server and the client
 samba-dbg  - Samba debugging symbols
 samba-doc  - Samba documentation
 smbclient  - a LanManager-like simple client for Unix
 smbfs      - mount and umount commands for the smbfs (for kernels >=3D t=
han 2.2.
 swat       - Samba Web Administration Tool

winbind - service to resolve user and group information from Windows = NT ser
Closes: 453050
Changes:=20
samba (3.0.14a-3sarge10) oldstable-security; urgency=3Dlow .

Fix for yet another regression in the fix for CVE-2007-4572 due to o= ne other missed patch in the 3.0.27a diff. Closes: #453050. Files:=20 0bfa07175e6a85cfb61a3830fb734eb3 1083 net optional samba_3.0.14a-3sarge1= 0.dsc 5ea7188f82fa906546a6662b28af8297 129540 net optional samba_3.0.14a-3sarg= e10.diff.gz 6c204acdb31569e289aadda70c68a654 12117242 doc optional samba-doc_3.0.14a=
-3sarge10_all.deb
87f69479307c45e857582494ec9527e6 2555372 net optional samba_3.0.14a-3sar= ge10_i386.deb 16d1240cbc86e9e47fdba755cbd8937e 2007666 net optional samba-common_3.0.1= 4a-3sarge10_i386.deb 48c8c0c57768f9b426ad6cbb0e2502e1 2567212 net optional smbclient_3.0.14a-= 3sarge10_i386.deb c2736ab39a68c42ae7bb4982dbabeb9a 4059424 net optional swat_3.0.14a-3sarg= e10_i386.deb c7a8f279eacc55b9a7ff7adc0a14d9a0 371222 otherosfs optional smbfs_3.0.14a=
-3sarge10_i386.deb
61a3bccec6015dbe6a99edc2900e707b 347830 admin extra libpam-smbpass_3.0.1= 4a-3sarge10_i386.deb a581c060d8b24c63985a9d586251e6e2 549558 libs extra libsmbclient_3.0.14a-= 3sarge10_i386.deb 902aa13be274a5177586a6370fddf796 737670 libdevel extra libsmbclient-dev_= 3.0.14a-3sarge10_i386.deb 467414f3d5c62eb3577e90ae2ad02a8c 1484426 net optional winbind_3.0.14a-3s= arge10_i386.deb b0ac60692ed13a9c0e1f93a464c5ad01 4745144 python optional python2.3-samba= _3.0.14a-3sarge10_i386.deb 3f985a1ef3e2148d3fbd1715959050e0 6678852 devel optional samba-dbg_3.0.14= a-3sarge10_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHTUCYKN6ufymYLloRAjY2AJ97vQXvDu92QU5QBOR/LDjRVshuugCfXexC 5AXHdcPwHPNiee4CAKU+86c=3D
=3D/bKZ
-----END PGP SIGNATURE-----
Accepted:
libpam-smbpass_3.0.14a-3sarge10_i386.deb   to pool/main/s/samba/libpam-smbpass_3.0.14a-3sarge10_i386.deb libsmbclient-dev_3.0.14a-3sarge10_i386.deb   to pool/main/s/samba/libsmbclient-dev_3.0.14a-3sarge10_i386.deb libsmbclient_3.0.14a-3sarge10_i386.deb
  to pool/main/s/samba/libsmbclient_3.0.14a-3sarge10_i386.deb python2.3-samba_3.0.14a-3sarge10_i386.deb   to pool/main/s/samba/python2.3-samba_3.0.14a-3sarge10_i386.deb samba-common_3.0.14a-3sarge10_i386.deb
  to pool/main/s/samba/samba-common_3.0.14a-3sarge10_i386.deb samba-dbg_3.0.14a-3sarge10_i386.deb
  to pool/main/s/samba/samba-dbg_3.0.14a-3sarge10_i386.deb samba-doc_3.0.14a-3sarge10_all.deb
  to pool/main/s/samba/samba-doc_3.0.14a-3sarge10_all.deb samba_3.0.14a-3sarge10.diff.gz
  to pool/main/s/samba/samba_3.0.14a-3sarge10.diff.gz samba_3.0.14a-3sarge10.dsc
  to pool/main/s/samba/samba_3.0.14a-3sarge10.dsc samba_3.0.14a-3sarge10_i386.deb
  to pool/main/s/samba/samba_3.0.14a-3sarge10_i386.deb smbclient_3.0.14a-3sarge10_i386.deb
  to pool/main/s/samba/smbclient_3.0.14a-3sarge10_i386.deb smbfs_3.0.14a-3sarge10_i386.deb
  to pool/main/s/samba/smbfs_3.0.14a-3sarge10_i386.deb swat_3.0.14a-3sarge10_i386.deb
  to pool/main/s/samba/swat_3.0.14a-3sarge10_i386.deb winbind_3.0.14a-3sarge10_i386.deb
  to pool/main/s/samba/winbind_3.0.14a-3sarge10_i386.deb

Do you need more help?

Date: Mon, 17 Dec 2007 19:53:04 +0000
From: Steffen Joeris <white@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted sitebar 3.2.6-7.1sarge1 (source all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Wed, 5 Dec 2007 20:58:46 +0000
Source: sitebar
Binary: sitebar
Architecture: source all
Version: 3.2.6-7.1sarge1
Distribution: oldstable-security
Urgency: high
Maintainer: S. Zachariah Sprackett <zacs@debian.org> Changed-By: Steffen Joeris <white@debian.org> Description:=20
sitebar - A web based bookmark manager written in PHP Changes:=20
sitebar (3.2.6-7.1sarge1) oldstable-security; urgency=3Dhigh .

Non-maintainer upload by the security team
Fix multiple cross-site scripting vulnerabilities in command.php and translator.php Fixes: CVE-2007-5692
Fix possible redirect via the forward parameter Fixes: CVE-2007-5695 Files:=20 7654849ce1ea822b9b70c52a98def837 580 web optional sitebar_3.2.6-7.1sarge= 1.dsc c38ed9e586c8b07b23349588f2be23b2 12821 web optional sitebar_3.2.6-7.1sar= ge1.diff.gz 6e106cf5dddb0ee63f29efdcf93d8d74 341570 web optional sitebar_3.2.6-7.1sa= rge1_all.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHVxKB62zWxYk/rQcRAgWlAKCZ4As81riQ62mO1BwIxImZcrfmjgCfbvaH mY1jgKDuHK/bjeD3ZjsOM0A=3D
=3D46AX
-----END PGP SIGNATURE-----
Accepted:
sitebar_3.2.6-7.1sarge1.diff.gz
  to pool/main/s/sitebar/sitebar_3.2.6-7.1sarge1.diff.gz sitebar_3.2.6-7.1sarge1.dsc
  to pool/main/s/sitebar/sitebar_3.2.6-7.1sarge1.dsc sitebar_3.2.6-7.1sarge1_all.deb
  to pool/main/s/sitebar/sitebar_3.2.6-7.1sarge1_all.deb

Date: Mon, 17 Dec 2007 19:52:45 +0000
From: Roland Mas <lolando@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted gforge 3.1-31sarge4 (source all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Can we help you?

Format: 1.7
Date: Mon, 05 Nov 2007 10:29:43 +0100
Source: gforge

Binary: gforge-lists-mailman gforge-db-postgresql sourceforge gforge-mta-=
postfix gforge-sourceforge-transition gforge-shell-ldap gforge gforge-com=
mon gforge-web-apache gforge-mta-exim gforge-cvs gforge-ftp-proftpd gforg=

e-mta-exim4 gforge-dns-bind9 gforge-ldap-openldap Architecture: source all
Version: 3.1-31sarge4
Distribution: oldstable-security
Urgency: high
Maintainer: Roland Mas <lolando@debian.org> Changed-By: Roland Mas <lolando@debian.org> Description:=20
gforge - Collaborative development tool - meta-package

 gforge-common - Collaborative development tool - shared files
Can't find what you're looking for? 
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related lists.debian.org Links
debian-announce
debian-apache
debian-arm-changes
debian-beowulf
debian-boot
debian-cd
debian-cd-vendors
debian-changes
debian-changes-digest
debian-isp
debian-kde
debian-laptop
debian-mirrors-announce
debian-news
debian-security
debian-security-announce
debian-testing
debian-user
debian-user-digest
Request more information about Pantek
 gforge-cvs - Collaborative development tool - CVS management
 gforge-db-postgresql - Collaborative development tool - database (using =

PostgreSQL)
gforge-dns-bind9 - Collaborative development tool - DNS management (usin= g Bind9)
gforge-ftp-proftpd - Collaborative development tool - FTP management (us= ing ProFTPd)
gforge-ldap-openldap - Collaborative development tool - LDAP directory (= using OpenLDAP)
gforge-lists-mailman - Collaborative development tool - mailing-lists (u= sing Mailman)
gforge-mta-exim - Collaborative development tool - mail tools (using Exi= m)
gforge-mta-exim4 - Collaborative development tool - mail tools (using Ex= im 4)
gforge-mta-postfix - Collaborative development tool - mail tools (using = Postfix)
gforge-shell-ldap - Collaborative development tool - shell accounts (usi= ng LDAP)
gforge-sourceforge-transition - Sourceforge to Gforge data transition gforge-web-apache - Collaborative development tool - web part (using Apa= che)
sourceforge - Empty package to help with Sourceforge to Gforge transitio= n
Changes:=20
gforge (3.1-31sarge4) oldstable-security; urgency=3Dhigh .

Fixed file truncation vulnerabilities (CVE-2007-3921) (this version = of Gforge isn't vulnerable to the denial of service part of that CVE). Files:=20 4005b2a103656a62f38e1786a227b1d0 868 devel optional gforge_3.1-31sarge4.= dsc 8fd56957c8fbab462ac619339c2f00d3 297962 devel optional gforge_3.1-31sarg= e4.diff.gz fc8ee68a79928b0833e2a183228a3493 56432 devel optional gforge_3.1-31sarge= 4_all.deb 12005d816bb895cb93c3add804d137bf 93924 devel optional gforge-common_3.1-= 31sarge4_all.deb f812bd185a9dede06dec099e9abaa335 1108056 devel optional gforge-web-apach= e_3.1-31sarge4_all.deb e22948a815a5ffa5b4c829b926f04d8c 148476 devel optional gforge-db-postgre= sql_3.1-31sarge4_all.deb b17e85bb88554d2e083d9dcb799e6da7 65198 devel optional gforge-mta-exim4_3= .1-31sarge4_all.deb 941c0d9bc65f37e3e8860adf3181a3fc 64732 devel optional gforge-mta-exim_3.= 1-31sarge4_all.deb bea186826f61ae4b1d473d45d2821538 64834 devel optional gforge-mta-postfix= _3.1-31sarge4_all.deb 7b10ab898c539af9aa118b38fcd77843 61044 devel optional gforge-shell-ldap_= 3.1-31sarge4_all.deb 6fb788e20a56a3b39688723a1c285680 99248 devel optional gforge-cvs_3.1-31s= arge4_all.deb 79c5932a61e0382017da8e1893307e66 59914 devel optional gforge-ftp-proftpd= _3.1-31sarge4_all.deb 967a22a70e3ee974962073ab74cfb980 70804 devel optional gforge-ldap-openld= ap_3.1-31sarge4_all.deb 7ad6f5e0672cbb256fd12f270130adc6 72508 devel optional gforge-dns-bind9_3= .1-31sarge4_all.deb c3abd99679008d3919d59e373589d8cd 58298 devel optional gforge-lists-mailm= an_3.1-31sarge4_all.deb d0db9082a30227f4b9b60491d58a8c78 59388 devel optional gforge-sourceforge=
-transition_3.1-31sarge4_all.deb
f4b7e0aee840e3574a0febf1615070be 55884 devel extra sourceforge_3.1-31sar= ge4_all.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHLuxCDqdWtRRIQ/URAtnVAJ9oBJHbHXYBpDszbw06P5Cfoiu4JgCfdjL7 7Byk5eWWr2/ZOUzu83RUkeE=3D
=3DTFSe
-----END PGP SIGNATURE-----
Accepted:
gforge-common_3.1-31sarge4_all.deb
  to pool/main/g/gforge/gforge-common_3.1-31sarge4_all.deb gforge-cvs_3.1-31sarge4_all.deb
  to pool/main/g/gforge/gforge-cvs_3.1-31sarge4_all.deb gforge-db-postgresql_3.1-31sarge4_all.deb   to pool/main/g/gforge/gforge-db-postgresql_3.1-31sarge4_all.deb gforge-dns-bind9_3.1-31sarge4_all.deb
  to pool/main/g/gforge/gforge-dns-bind9_3.1-31sarge4_all.deb gforge-ftp-proftpd_3.1-31sarge4_all.deb
  to pool/main/g/gforge/gforge-ftp-proftpd_3.1-31sarge4_all.deb gforge-ldap-openldap_3.1-31sarge4_all.deb   to pool/main/g/gforge/gforge-ldap-openldap_3.1-31sarge4_all.deb gforge-lists-mailman_3.1-31sarge4_all.deb   to pool/main/g/gforge/gforge-lists-mailman_3.1-31sarge4_all.deb gforge-mta-exim4_3.1-31sarge4_all.deb
  to pool/main/g/gforge/gforge-mta-exim4_3.1-31sarge4_all.deb gforge-mta-exim_3.1-31sarge4_all.deb
  to pool/main/g/gforge/gforge-mta-exim_3.1-31sarge4_all.deb gforge-mta-postfix_3.1-31sarge4_all.deb
  to pool/main/g/gforge/gforge-mta-postfix_3.1-31sarge4_all.deb gforge-shell-ldap_3.1-31sarge4_all.deb
  to pool/main/g/gforge/gforge-shell-ldap_3.1-31sarge4_all.deb gforge-sourceforge-transition_3.1-31sarge4_all.deb   to pool/main/g/gforge/gforge-sourceforge-transition_3.1-31sarge4_all.de= b
gforge-web-apache_3.1-31sarge4_all.deb
  to pool/main/g/gforge/gforge-web-apache_3.1-31sarge4_all.deb gforge_3.1-31sarge4.diff.gz
  to pool/main/g/gforge/gforge_3.1-31sarge4.diff.gz gforge_3.1-31sarge4.dsc
  to pool/main/g/gforge/gforge_3.1-31sarge4.dsc gforge_3.1-31sarge4_all.deb
  to pool/main/g/gforge/gforge_3.1-31sarge4_all.deb sourceforge_3.1-31sarge4_all.deb
  to pool/main/g/gforge/sourceforge_3.1-31sarge4_all.deb

Date: Mon, 17 Dec 2007 19:52:40 +0000
From: Stephan Hermann <sh@sourcecode.de> To: debian-changes@lists.debian.org
Subject: Accepted cacti 0.8.6c-7sarge5 (source all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Tue, 20 Nov 2007 17:34:00 +0100
Source: cacti
Binary: cacti
Architecture: source all
Version: 0.8.6c-7sarge5
Distribution: oldstable-security
Urgency: high
Maintainer: sean finney <seanius@debian.org> Changed-By: Stephan Hermann <sh@sourcecode.de> Description:=20
cacti - Frontend to rrdtool for monitoring systems and services Changes:=20
cacti (0.8.6c-7sarge5) oldstable-security; urgency=3Dhigh .

SECURITY UPDATE: + CVE-2007-6035: SQL injection vulnerability in Cacti before 0.8.7a = allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
debian/patches/10_CVE-2007-6035.dpatch: applied patch by upstream (Link: http://www.cacti.net/downloads/patches/0.8.6j/sec_sql_injecti= on-0.8.6j.patch)
References: CVE-2007-6035 Files:=20 8bfbdff5df7b79d6b8500cc9b859ac04 887 web extra cacti_0.8.6c-7sarge5.dsc cbd167e3cdd2711ce2910c3a47dd6d45 56568 web extra cacti_0.8.6c-7sarge5.di= ff.gz fbf23e7c7829a8461dc30217f4f926bc 1059858 web extra cacti_0.8.6c-7sarge5_= all.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

Don't know where to look next?

iQEVAwUBR0dAEGz0hbPcukPfAQJcpwf/X+W47OWKleY/1GlzxKUd0Cm1a+d1EfTh TwYG6I+HnqunadK1U70pW/JEbz65Q3PV+aDGSAXWgcUddKH4M7JsH5aaWEkSjqIu LQ+XPxHpLXe918iyGIzBwG7PQG+eOllBMYBcOb/I7H2ahDBJ5zTZpknKfZMnKXdO 68RM5cTXwlepUB/PyFbiIZ7rn8+QRCd4WJ6522aVKVdULMrbmLwV1d6Ns2CHWZhw /yJaPyDFcKB7lHTunbIowMHngOitzXSRYAbIot3edVkEwk4WXDzEfW7QE6mwpk1B bWfYGQSTAOfWajsVUeHwwOVr4sjU5UPEmxSKfsaOXqm+WP+3W7qITA=3D=3D =3D1Pzx
-----END PGP SIGNATURE-----
Accepted:
cacti_0.8.6c-7sarge5.diff.gz
  to pool/main/c/cacti/cacti_0.8.6c-7sarge5.diff.gz cacti_0.8.6c-7sarge5.dsc
  to pool/main/c/cacti/cacti_0.8.6c-7sarge5.dsc cacti_0.8.6c-7sarge5_all.deb
  to pool/main/c/cacti/cacti_0.8.6c-7sarge5_all.deb

Date: Mon, 17 Dec 2007 19:52:46 +0000
From: Gregory Colpart (evolix) <reg@evolix.fr> To: debian-changes@lists.debian.org
Subject: Accepted horde3 3.0.4-4sarge5 (source all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Sun, 22 Jul 2007 06:29:12 +0200
Source: horde3
Binary: horde3
Architecture: source all
Version: 3.0.4-4sarge5
Distribution: oldstable-security
Urgency: high
Maintainer: Ola Lundqvist <opal@debian.org> Changed-By: Gregory Colpart (evolix) <reg@evolix.fr> Description:=20
horde3 - horde web application framework Closes: 434045
Changes:=20
horde3 (3.0.4-4sarge5) oldstable-security; urgency=3Dhigh .

Fix XSS vulnerability. See CVE-2007-1473 for more information. (Closes: #434045) Files:=20 bf4441c4e366ceedb7cb7dd5e38fd9c5 920 web optional horde3_3.0.4-4sarge5.d= sc 7b8ff47dcc0e0caf0187947f30f335b5 12423 web optional horde3_3.0.4-4sarge5= .diff.gz a18955b79597d93bc5e012e444181177 3436914 web optional horde3_3.0.4-4sarg= e5_all.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBRzHGNGz0hbPcukPfAQJOJQgAhG4OEjGdXQJJb6s8M3vuhyGV4MtIvv4r 1RZ3EVvsGm5UJ2heF5H0ToLmetVzGuqEjAwCvym1NZsloVg9Y1k7Y9pEe4WdGV0g JQU2b5iw1B9FvNeQznTuxq5F4VCpMipvfv2+kMurt54DfR29BpO79rp0Bh1hauR1 tFYDnur1LYK5BYFJSP0LNbf4U+JfwfP0CIlB0j9N6HJGdn3VzCN12Srw8tNBfjxC NWZlsmbKZcELoGuKcaKy+uBo/zSplXxA9s5h4Q/rc84gKTCeMhfqXDP6Vqauk+OU i3GU24HRCMMg9ktOs7OEkjyeNMD/bzWZEyvQtlfCBPE4Nyrzg9WwWw=3D=3D =3Daxap
-----END PGP SIGNATURE-----
Accepted:
horde3_3.0.4-4sarge5.diff.gz
  to pool/main/h/horde3/horde3_3.0.4-4sarge5.diff.gz horde3_3.0.4-4sarge5.dsc
  to pool/main/h/horde3/horde3_3.0.4-4sarge5.dsc horde3_3.0.4-4sarge5_all.deb
  to pool/main/h/horde3/horde3_3.0.4-4sarge5_all.deb

Confused? Frustrated?

Date: Mon, 17 Dec 2007 19:52:19 +0000
From: Steve Langasek <vorlon@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted samba 3.0.14a-3sarge9 (source i386 all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Sat, 24 Nov 2007 02:27:26 -0800
Source: samba
Binary: samba-doc libsmbclient libpam-smbpass swat winbind smbclient samb= a samba-common libsmbclient-dev samba-dbg python2.3-samba smbfs Architecture: source i386 all
Version: 3.0.14a-3sarge9
Distribution: oldstable-security
Urgency: low
Maintainer: Eloy A. Paris <peloy@debian.org> Changed-By: Steve Langasek <vorlon@debian.org> Description:=20
libpam-smbpass - pluggable authentication module for SMB password databa= se
libsmbclient - shared library that allows applications to talk to SMB se= rvers
libsmbclient-dev - libsmbclient static libraries and headers python2.3-samba - Python bindings that allow access to various aspects o= f Samba
samba - a LanManager-like file and printer server for Unix

 samba-common - Samba common files used by both the server and the client
 samba-dbg  - Samba debugging symbols
 samba-doc  - Samba documentation
 smbclient  - a LanManager-like simple client for Unix
 smbfs      - mount and umount commands for the smbfs (for kernels >=3D t=
han 2.2.
 swat       - Samba Web Administration Tool

winbind - service to resolve user and group information from Windows = NT ser
Changes:=20
samba (3.0.14a-3sarge9) oldstable-security; urgency=3Dlow .

Fix for one final regression related to the fix for CVE-2007-4572, pulled from upstream. Thanks to Santiago Garcia Mantinan <manty@debian.org> for catching this. Files:=20 f2bd424bc431d249b9f04843a67a9b1d 1081 net optional samba_3.0.14a-3sarge9= .dsc 98c7c8134087743f45d05b9fcb5f1f1b 127722 net optional samba_3.0.14a-3sarg= e9.diff.gz d6a86a56e2be89c94a658c420b98c53e 12117160 doc optional samba-doc_3.0.14a=
-3sarge9_all.deb
db129496966288d36b09ff85b3aefd1e 2555236 net optional samba_3.0.14a-3sar= ge9_i386.deb b1651f3a27fcfeb20b6c48911320e244 2007618 net optional samba-common_3.0.1= 4a-3sarge9_i386.deb 091feca5f24f674cdfa2536bc9ea6687 2567118 net optional smbclient_3.0.14a-= 3sarge9_i386.deb 19d5f93a57daf1ae5c2af9c6188af7d1 4059326 net optional swat_3.0.14a-3sarg= e9_i386.deb 44fbbb0f491d5da5da6447e72b6dba0c 371160 otherosfs optional smbfs_3.0.14a=
-3sarge9_i386.deb
9d0cb11943e522805fc38d3cd77bf4f0 347742 admin extra libpam-smbpass_3.0.1= 4a-3sarge9_i386.deb 4acd52fd83424d63aee3a59bac931bf6 549488 libs extra libsmbclient_3.0.14a-= 3sarge9_i386.deb d179dcacd0a9378f0eb3367f5cb22ec4 737592 libdevel extra libsmbclient-dev_= 3.0.14a-3sarge9_i386.deb 019bafa9f0dc8f884c6755203477b020 1484444 net optional winbind_3.0.14a-3s= arge9_i386.deb 29ef6dfa65eb3c5bfe1194ad49398445 4744996 python optional python2.3-samba= _3.0.14a-3sarge9_i386.deb 4d26e91f2d13e24d7f94a25fa5fa032d 6678830 devel optional samba-dbg_3.0.14= a-3sarge9_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFHSAHIKN6ufymYLloRAiyJAJ9ESCisgEo6eIlXSsYfF0Q4iz4gBACfZAN0 hpXrY2+Txf2LE3mLoERLX6Y=3D
=3DJp/t
-----END PGP SIGNATURE-----
Accepted:
libpam-smbpass_3.0.14a-3sarge9_i386.deb
  to pool/main/s/samba/libpam-smbpass_3.0.14a-3sarge9_i386.deb libsmbclient-dev_3.0.14a-3sarge9_i386.deb   to pool/main/s/samba/libsmbclient-dev_3.0.14a-3sarge9_i386.deb libsmbclient_3.0.14a-3sarge9_i386.deb
  to pool/main/s/samba/libsmbclient_3.0.14a-3sarge9_i386.deb python2.3-samba_3.0.14a-3sarge9_i386.deb   to pool/main/s/samba/python2.3-samba_3.0.14a-3sarge9_i386.deb samba-common_3.0.14a-3sarge9_i386.deb
  to pool/main/s/samba/samba-common_3.0.14a-3sarge9_i386.deb samba-dbg_3.0.14a-3sarge9_i386.deb
  to pool/main/s/samba/samba-dbg_3.0.14a-3sarge9_i386.deb samba-doc_3.0.14a-3sarge9_all.deb
  to pool/main/s/samba/samba-doc_3.0.14a-3sarge9_all.deb samba_3.0.14a-3sarge9.diff.gz
  to pool/main/s/samba/samba_3.0.14a-3sarge9.diff.gz samba_3.0.14a-3sarge9.dsc
  to pool/main/s/samba/samba_3.0.14a-3sarge9.dsc samba_3.0.14a-3sarge9_i386.deb
  to pool/main/s/samba/samba_3.0.14a-3sarge9_i386.deb smbclient_3.0.14a-3sarge9_i386.deb
  to pool/main/s/samba/smbclient_3.0.14a-3sarge9_i386.deb smbfs_3.0.14a-3sarge9_i386.deb
  to pool/main/s/samba/smbfs_3.0.14a-3sarge9_i386.deb swat_3.0.14a-3sarge9_i386.deb
  to pool/main/s/samba/swat_3.0.14a-3sarge9_i386.deb winbind_3.0.14a-3sarge9_i386.deb
  to pool/main/s/samba/winbind_3.0.14a-3sarge9_i386.deb

Date: Mon, 17 Dec 2007 19:52:15 +0000
From: Gerfried Fuchs <rhonda@debian.at>
To: debian-changes@lists.debian.org
Subject: Accepted wesnoth 0.9.0-7 (source all powerpc)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

Format: 1.7
Date: Wed, 28 Nov 2007 15:03:11 +0100
Source: wesnoth
Binary: wesnoth-sotbe wesnoth-httt wesnoth-tdh wesnoth-data wesnoth wesno= th-server wesnoth-editor wesnoth-trow wesnoth-music wesnoth-ei Architecture: source all powerpc
Version: 0.9.0-7
Distribution: oldstable-security
Urgency: medium
Maintainer: Isaac Clerencia <isaac@debian.org> Changed-By: Gerfried Fuchs <rhonda@debian.at> Description:=20
wesnoth - fantasy turn-based strategy game

 wesnoth-data - data files for Wesnoth
 wesnoth-editor - map editor for Wesnoth
 wesnoth-ei - Eastern Invasion campaign for Wesnoth
 wesnoth-httt - Heir to the Throne campaign for Wesnoth
 wesnoth-music - music files for Wesnoth
 wesnoth-server - multiplayer network server for Wesnoth
 wesnoth-sotbe - Son of the Black Eye campaign for Wesnoth
 wesnoth-tdh - The Dark Hordes campaign for Wesnoth
 wesnoth-trow - The Rise of Wesnoth campaign for Wesnoth

Changes:=20
wesnoth (0.9.0-7) oldstable-security; urgency=3Dmedium .

Ignore filenames that contain .. to not send arbitrary files around = in multiplayer missions [CVE-2007-5742]. Patch 04_CVE-2007-5742 was pul= led from upstream svn (revision 21904). Files:=20 7a32bba9f1bc498c9f18d7f0b4e8bcc5 850 games optional wesnoth_0.9.0-7.dsc e48f022ba672f368468bd0963777177d 35737 games optional wesnoth_0.9.0-7.di= ff.gz e5fa396da0eb9fedf05e80481cf3a121 14743278 games optional wesnoth-data_0.= 9.0-7_all.deb fe113db1873e90f3be255d52d9a64a93 9936932 games optional wesnoth-music_0.= 9.0-7_all.deb 9e71e1b72c91d74e743e5935bd8fcf6f 4373916 games optional wesnoth-httt_0.9= .0-7_all.deb 3ff81c9b863d6c7f74a96da7faab214b 1717880 games optional wesnoth-trow_0.9= .0-7_all.deb 1324d16d02fd1e3c7f8daebba19846e7 66066 games optional wesnoth-tdh_0.9.0-= 7_all.deb 39ba40eb63b14b756c8c847627ae070e 681980 games optional wesnoth-ei_0.9.0-= 7_all.deb f3addc9fa6529f2e01074f3505042055 1844840 games optional wesnoth-sotbe_0.= 9.0-7_all.deb 540a8124db338c6d842a9714c0f7eeb8 1572314 games optional wesnoth_0.9.0-7_= powerpc.deb e982493cc54fe3c83d2e973f46bd775a 205306 games optional wesnoth-server_0.= 9.0-7_powerpc.deb 0b8764a2c2033fcdf5a379fdf7947419 1257314 games optional wesnoth-editor_0= .9.0-7_powerpc.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD4DBQFHTtx8ELuA/Ba9d8YRAnOnAJdoxAT1r4M2glkSe0ntQN6r8AQ5AJ9+ZfZC zuEZ+chgOqoICgCqJgM5MQ=3D=3D
=3DFq5k
-----END PGP SIGNATURE-----
Accepted:
wesnoth-data_0.9.0-7_all.deb
  to pool/main/w/wesnoth/wesnoth-data_0.9.0-7_all.deb wesnoth-editor_0.9.0-7_powerpc.deb
  to pool/main/w/wesnoth/wesnoth-editor_0.9.0-7_powerpc.deb wesnoth-ei_0.9.0-7_all.deb
  to pool/main/w/wesnoth/wesnoth-ei_0.9.0-7_all.deb wesnoth-httt_0.9.0-7_all.deb
  to pool/main/w/wesnoth/wesnoth-httt_0.9.0-7_all.deb wesnoth-music_0.9.0-7_all.deb
  to pool/main/w/wesnoth/wesnoth-music_0.9.0-7_all.deb wesnoth-server_0.9.0-7_powerpc.deb
  to pool/main/w/wesnoth/wesnoth-server_0.9.0-7_powerpc.deb wesnoth-sotbe_0.9.0-7_all.deb
  to pool/main/w/wesnoth/wesnoth-sotbe_0.9.0-7_all.deb wesnoth-tdh_0.9.0-7_all.deb
  to pool/main/w/wesnoth/wesnoth-tdh_0.9.0-7_all.deb wesnoth-trow_0.9.0-7_all.deb
  to pool/main/w/wesnoth/wesnoth-trow_0.9.0-7_all.deb wesnoth_0.9.0-7.diff.gz
  to pool/main/w/wesnoth/wesnoth_0.9.0-7.diff.gz wesnoth_0.9.0-7.dsc
  to pool/main/w/wesnoth/wesnoth_0.9.0-7.dsc wesnoth_0.9.0-7_powerpc.deb
  to pool/main/w/wesnoth/wesnoth_0.9.0-7_powerpc.deb

End of debian-changes-digest Digest V2007 Issue #139

Received on Tue Dec 18 03:07:48 2007

This message: [ Message body ]
Next message: debian-changes-digest-request(at)lists.debian.org: "debian-changes-digest Digest V2007 #140"
Previous message: debian-changes-digest-request(at)lists.debian.org: "debian-changes-digest Digest V2007 #129"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 07:01:56 EDT