Hosting Provided By

debian-changes-digest Digest V2008 #2

From: <debian-changes-digest-request(at)lists.debian.org>
Date: Thu Jan 17 2008 - 03:08:42 EST

Content-Type: text/plain

debian-changes-digest Digest Volume 2008 : Issue 2

Today's Topics:

  Accepted libarchive 1.2.53-2etch1 (s  [ Steffen Joeris  ]
  Accepted syslog-ng 2.0.0-1etch1 (sou  [ Moritz Muehlenhoff  ]
  Accepted fail2ban 0.7.5-2etch1 (sour  [ Yaroslav Halchenko  ]
  Accepted dovecot 1.0.rc15-2etch3 (so  [ Fabio Tranchitella  ]
  Accepted gforge 4.5.14-22etch4 (sour  [ Roland Mas  ]
  Accepted wzdftpd 0.8.1-2etch1 (sourc  [ Steffen Joeris  ]
  Accepted hplip 1.6.10-3etch1 (source  [ Steffen Joeris  ]
  Accepted eggdrop 1.6.18-1etch1 (sour  [ Steffen Joeris  ]

Date: Thu, 17 Jan 2008 07:52:17 +0000
From: Steffen Joeris <white@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted libarchive 1.2.53-2etch1 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Fri, 4 Jan 2008 15:52:20 +0000
Source: libarchive
Binary: libarchive-dev libarchive1 bsdtar Architecture: source i386
Version: 1.2.53-2etch1
Distribution: stable-security
Urgency: high
Maintainer: John Goerzen <jgoerzen@complete.org> Changed-By: Steffen Joeris <white@debian.org> Description:=20
bsdtar - tar(1) from FreeBSD, using libarchive libarchive-dev - Single library to read/write tar, cpio, pax, zip, iso96= 60, etc.
libarchive1 - Single library to read/write tar, cpio, pax, zip, iso9660,= etc.
Changes:=20
libarchive (1.2.53-2etch1) stable-security; urgency=3Dhigh .

Non-maintainer upload by the security team
Fix buffer overflow, NULL pointer reference and DoS in archive_read_support_format_tar.c Fixes: CVE-2007-3641, CVE-2007-3644, CVE-2007-3645 Files:=20 6bd6417d5da3132138dfec988dd0b484 723 libs optional libarchive_1.2.53-2et= ch1.dsc 2e2df461fef05049b3a92e5bedc2de2c 522540 libs optional libarchive_1.2.53.= orig.tar.gz 454b6a56eec392fff05fde2e39b33241 6474 libs optional libarchive_1.2.53-2e= tch1.diff.gz e3e924b9c25d33d9412ab66e5745002b 95600 libdevel optional libarchive-dev_= 1.2.53-2etch1_i386.deb 9ae44a93dbe577fea5a3121b32e00bf5 73122 libs optional libarchive1_1.2.53-= 2etch1_i386.deb 5f52d186b87c77092c092836ad457585 82918 libs optional bsdtar_1.2.53-2etch= 1_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

Do you need help?

iD8DBQFHgAP562zWxYk/rQcRAu97AJ9D2YXx1Mk8n2wQjHPVLO0X/XFJpACeIVkl aYgZBnQMDscYshXxwx4rIyU=3D
=3Dwh1E
-----END PGP SIGNATURE-----
Accepted:
bsdtar_1.2.53-2etch1_i386.deb
  to pool/main/liba/libarchive/bsdtar_1.2.53-2etch1_i386.deb libarchive-dev_1.2.53-2etch1_i386.deb
  to pool/main/liba/libarchive/libarchive-dev_1.2.53-2etch1_i386.deb libarchive1_1.2.53-2etch1_i386.deb
  to pool/main/liba/libarchive/libarchive1_1.2.53-2etch1_i386.deb libarchive_1.2.53-2etch1.diff.gz
  to pool/main/liba/libarchive/libarchive_1.2.53-2etch1.diff.gz libarchive_1.2.53-2etch1.dsc
  to pool/main/liba/libarchive/libarchive_1.2.53-2etch1.dsc

Date: Thu, 17 Jan 2008 07:52:34 +0000
From: Moritz Muehlenhoff <jmm@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted syslog-ng 2.0.0-1etch1 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Sun, 13 Jan 2008 17:22:09 +0000
Source: syslog-ng
Binary: syslog-ng
Architecture: source i386
Version: 2.0.0-1etch1
Distribution: stable-security
Urgency: high
Maintainer: SZALAY Attila <sasa@debian.org> Changed-By: Moritz Muehlenhoff <jmm@debian.org> Description:=20
syslog-ng - Next generation logging daemon Changes:=20
syslog-ng (2.0.0-1etch1) stable-security; urgency=3Dhigh .

Fix CVE-2007-6437. Files:=20 0c4d7f9fe291909962a6b5ef92eca5e4 630 admin extra syslog-ng_2.0.0-1etch1.= dsc 6ea55c647dcbd3d58a58b8d90f7ea300 346056 admin extra syslog-ng_2.0.0.orig= .tar.gz a1411ff4c12a79a915ba7e27d9ce79ba 10487 admin extra syslog-ng_2.0.0-1etch= 1.diff.gz cfe45722a293c23a72b6791f1ac30549 177118 admin extra syslog-ng_2.0.0-1etc= h1_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHiknjXm3vHE4uyloRAnXBAJ4wlS/1vpuk6aytykszje+S6QVypgCg1QF7 YCcLT2Ikz6Kf56ewk7Fl4JY=3D
=3DF6Dg
-----END PGP SIGNATURE-----
Accepted:
syslog-ng_2.0.0-1etch1.diff.gz
  to pool/main/s/syslog-ng/syslog-ng_2.0.0-1etch1.diff.gz syslog-ng_2.0.0-1etch1.dsc
  to pool/main/s/syslog-ng/syslog-ng_2.0.0-1etch1.dsc syslog-ng_2.0.0-1etch1_i386.deb
  to pool/main/s/syslog-ng/syslog-ng_2.0.0-1etch1_i386.deb

Do you need more help?

Date: Thu, 17 Jan 2008 07:52:12 +0000
From: Yaroslav Halchenko <debian@onerussian.com> To: debian-changes@lists.debian.org
Subject: Accepted fail2ban 0.7.5-2etch1 (source all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Tue, 01 May 2007 22:18:03 -0400
Source: fail2ban
Binary: fail2ban
Architecture: source all
Version: 0.7.5-2etch1
Distribution: stable-security
Urgency: high
Maintainer: Yaroslav Halchenko <debian@onerussian.com> Changed-By: Yaroslav Halchenko <debian@onerussian.com> Description:=20
fail2ban - bans IPs that cause multiple authentication errors Closes: 421848 434368 439962
Changes:=20
fail2ban (0.7.5-2etch1) stable-security; urgency=3Dhigh .

Propagated fix for asctime pattern from 0.7.8 release (closes: #4218= 48)
Propagated fix for not closed log files from 0.7.8-1 (closes: #439962,434368)
Propagated fix for "reload" bug which is as sever as #439962 and jus= t never was hit by any Debian user yet
Added patch 00_numeric_iptables-L to avoid possible DoS attacks (introduced upstream in 0.7.6)
Propagated "Fixed removal of host in hosts.deny" from 0.7.6, to prev= ent possible DoS
CVE-2007-4321: anchored sshd and vsftpd failregex at the end of line to prevent DoS on those services. This issue was resolved in sid's v= ersion 0.8.0-4 (bugreport 438187). Files:=20 67efd3e859d89b4b2d2e527ff09ac659 704 net optional fail2ban_0.7.5-2etch1.= dsc 36e65b8effcfd4f4a437d214613eb916 46075 net optional fail2ban_0.7.5.orig.= tar.gz c1f185e48d340020de0651962fc34402 21899 net optional fail2ban_0.7.5-2etch= 1.diff.gz afb61355977afe99b2a807a6de03685f 63564 net optional fail2ban_0.7.5-2etch= 1_all.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHglRIjRFFY3XAJMgRAjewAKDWRMBLl0/ja2YmpKQ2/ySj0C9U2wCeJc6S 3NaT2m+1ROBy6Dmc+kY7Ues=3D
=3Dx0q5
-----END PGP SIGNATURE-----
Accepted:
fail2ban_0.7.5-2etch1.diff.gz
  to pool/main/f/fail2ban/fail2ban_0.7.5-2etch1.diff.gz fail2ban_0.7.5-2etch1.dsc
  to pool/main/f/fail2ban/fail2ban_0.7.5-2etch1.dsc fail2ban_0.7.5-2etch1_all.deb
  to pool/main/f/fail2ban/fail2ban_0.7.5-2etch1_all.deb

Date: Thu, 17 Jan 2008 07:52:15 +0000
From: Moritz Muehlenhoff <jmm@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted tomcat5 5.0.30-12etch1 (source all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Can we help you?

Format: 1.7
Date: Fri, 4 Jan 2008 00:21:12 +0100
Source: tomcat5
Binary: tomcat5-admin tomcat5-webapps tomcat5 libtomcat5-java Architecture: source all
Version: 5.0.30-12etch1
Distribution: stable-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.de= bian.org>
Changed-By: Moritz Muehlenhoff <jmm@debian.org> Description:=20
libtomcat5-java - Java Servlet engine -- core libraries tomcat5 - Java Servlet 2.4 engine with JSP 2.0 support tomcat5-admin - Java Servlet engine -- admin web interfaces tomcat5-webapps - Java Servlet engine -- documentation and example web a= pplications
Changes:=20
tomcat5 (5.0.30-12etch1) stable-security; urgency=3Dhigh .

CVE-2007-3382, CVE-2007-3385, CVE-2007-5461 Files:=20 986018050a2272e753d5ef8db7994524 1343 web optional tomcat5_5.0.30-12etch= 1.dsc 0bf81a5293246aa509a3bfa1afeb3920 3594081 web optional tomcat5_5.0.30.ori= g.tar.gz 4d49cb48fcbd1ffde3e1ab59751ea567 30232 web optional tomcat5_5.0.30-12etc= h1.diff.gz cb4b3ac3e28f621d70fa4a8098e8b1ac 45488 web optional tomcat5_5.0.30-12etc= h1_all.deb f909205ef2d99e1343a2c54e06a40ba4 3662182 web optional libtomcat5-java_5.= 0.30-12etch1_all.deb 14ed52052f9cc573fdf0648162370745 1121936 web optional tomcat5-webapps_5.= 0.30-12etch1_all.deb 4811ece0563a742982ecd7ffe0cd44b1 402176 web optional tomcat5-admin_5.0.3= 0-12etch1_all.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHfsbgXm3vHE4uyloRAlVuAJwIUrCK0s1uRx+QM8aBbyxVU+megACeJpR+ RpC6YgzP/ZT5hgy6mJCctuU=3D
=3D5DgQ
-----END PGP SIGNATURE-----
Accepted:
libtomcat5-java_5.0.30-12etch1_all.deb
  to pool/main/t/tomcat5/libtomcat5-java_5.0.30-12etch1_all.deb tomcat5-admin_5.0.30-12etch1_all.deb
  to pool/main/t/tomcat5/tomcat5-admin_5.0.30-12etch1_all.deb tomcat5-webapps_5.0.30-12etch1_all.deb
  to pool/main/t/tomcat5/tomcat5-webapps_5.0.30-12etch1_all.deb tomcat5_5.0.30-12etch1.diff.gz
  to pool/main/t/tomcat5/tomcat5_5.0.30-12etch1.diff.gz tomcat5_5.0.30-12etch1.dsc
  to pool/main/t/tomcat5/tomcat5_5.0.30-12etch1.dsc tomcat5_5.0.30-12etch1_all.deb
  to pool/main/t/tomcat5/tomcat5_5.0.30-12etch1_all.deb

Date: Thu, 17 Jan 2008 07:52:32 +0000
From: Fabio Tranchitella <kobold@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted dovecot 1.0.rc15-2etch3 (source amd64)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Mon, 07 Jan 2008 10:29:20 +0100
Source: dovecot
Binary: dovecot-common dovecot-pop3d dovecot-imapd Architecture: source amd64
Version: 1.0.rc15-2etch3
Distribution: stable-security
Urgency: low
Maintainer: Dovecot Maintainers <jaldhar-dovecot@debian.org> Changed-By: Fabio Tranchitella <kobold@debian.org> Description:=20
dovecot-common - secure mail server that supports mbox and maildir mailb= oxes
dovecot-imapd - secure IMAP server that supports mbox and maildir mailbo= xes
dovecot-pop3d - secure POP3 server that supports mbox and maildir mailbo= xes
Closes: 458315
Changes:=20
dovecot (1.0.rc15-2etch3) stable-security; urgency=3Dlow .

Rebuilt, incrementing the version number.
Specific LDAP + auth cache configuration may mix up user logins: http://dovecot.org/list/dovecot-news/2007-December/000057.html; Upstream patch: http://hg.dovecot.org/dovecot-1.0/raw-rev/2cedab21cd= 6d (Closes: #458315) Files:=20 5191ee3012a0cc39733193c0a252390b 1007 mail optional dovecot_1.0.rc15-2et= ch3.dsc 0830883bb3ca7c2630997d965de70649 95500 mail optional dovecot_1.0.rc15-2e= tch3.diff.gz e62e69df8289b9faf7dc784aa36653fb 1217440 mail optional dovecot-common_1.= 0.rc15-2etch3_amd64.deb ef8531b8cf9e8bf4ef56e9d3ca856c30 568666 mail optional dovecot-imapd_1.0.= rc15-2etch3_amd64.deb 9c7af4af63a1e8fe9eefec8a47f12823 534094 mail optional dovecot-pop3d_1.0.= rc15-2etch3_amd64.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

Can't find what you're looking for?

iD8DBQFHgfTeK/juK3+WFWQRAv8wAKCCJzEw9Ihouf/WxDciaFmoPNJ9SgCcDoB4 Ft+F8nb56dXLPzR1hkhM1Rk=3D
=3DCDqH
-----END PGP SIGNATURE-----
Accepted:
dovecot-common_1.0.rc15-2etch3_amd64.deb   to pool/main/d/dovecot/dovecot-common_1.0.rc15-2etch3_amd64.deb dovecot-imapd_1.0.rc15-2etch3_amd64.deb
  to pool/main/d/dovecot/dovecot-imapd_1.0.rc15-2etch3_amd64.deb dovecot-pop3d_1.0.rc15-2etch3_amd64.deb
  to pool/main/d/dovecot/dovecot-pop3d_1.0.rc15-2etch3_amd64.deb dovecot_1.0.rc15-2etch3.diff.gz
  to pool/main/d/dovecot/dovecot_1.0.rc15-2etch3.diff.gz dovecot_1.0.rc15-2etch3.dsc
  to pool/main/d/dovecot/dovecot_1.0.rc15-2etch3.dsc

Date: Thu, 17 Jan 2008 07:52:36 +0000
From: Steve Langasek <vorlon@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted freetype 2.2.1-5+etch2 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Mon, 09 Jul 2007 17:21:11 -0700
Source: freetype
Binary: freetype2-demos libfreetype6-udeb libfreetype6 libfreetype6-dev Architecture: source i386
Version: 2.2.1-5+etch2
Distribution: stable-security
Urgency: high
Maintainer: Steve Langasek <vorlon@debian.org> Changed-By: Steve Langasek <vorlon@debian.org> Description:=20
freetype2-demos - FreeType 2 demonstration programs libfreetype6 - FreeType 2 font engine, shared library files libfreetype6-dev - FreeType 2 font engine, development files libfreetype6-udeb - FreeType 2 font engine for the debian-installer (ude= b)
Closes: 426771
Changes:=20
freetype (2.2.1-5+etch2) stable-security; urgency=3Dhigh .

debian/patches-freetype/CVE-2007-1351_pdf-overflow: address CVE-2007-1351, an integer overflow bug in the handling of BDF fonts. Closes: #426771. Files:=20 53491a8ea88f0a4da770cfd1755f0d85 798 libs optional freetype_2.2.1-5+etch= 2.dsc 06bfc470001d3632ce192263b3ca8d5d 31646 libs optional freetype_2.2.1-5+et= ch2.diff.gz cbe96a1f686ac5abcd657976bc9c6388 341816 libs optional libfreetype6_2.2.1= -5+etch2_i386.deb 3145b7a124c05e5a93a2761c928fcbac 641568 libdevel optional libfreetype6-d= ev_2.2.1-5+etch2_i386.deb dec67a099a07602a703678d834e9bf5f 135260 utils optional freetype2-demos_2= .2.1-5+etch2_i386.deb 127461c37904fd8df3a35c0371b97f8a 235868 debian-installer extra libfreety= pe6-udeb_2.2.1-5+etch2_i386.udeb Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGktcrKN6ufymYLloRAt4yAJ9EQ8ch0e+ePS11KUbUsonUhPd+rACdFss5 9Ya5IOHux/HIAEVmyWHZIcE=3D
=3Dfn0o
-----END PGP SIGNATURE-----
Accepted:
freetype2-demos_2.2.1-5+etch2_i386.deb
  to pool/main/f/freetype/freetype2-demos_2.2.1-5+etch2_i386.deb freetype_2.2.1-5+etch2.diff.gz
  to pool/main/f/freetype/freetype_2.2.1-5+etch2.diff.gz freetype_2.2.1-5+etch2.dsc
  to pool/main/f/freetype/freetype_2.2.1-5+etch2.dsc libfreetype6-dev_2.2.1-5+etch2_i386.deb
  to pool/main/f/freetype/libfreetype6-dev_2.2.1-5+etch2_i386.deb libfreetype6-udeb_2.2.1-5+etch2_i386.udeb   to pool/main/f/freetype/libfreetype6-udeb_2.2.1-5+etch2_i386.udeb libfreetype6_2.2.1-5+etch2_i386.deb
  to pool/main/f/freetype/libfreetype6_2.2.1-5+etch2_i386.deb

Date: Thu, 17 Jan 2008 07:52:37 +0000
From: Roland Mas <lolando@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted gforge 4.5.14-22etch4 (source all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Don't know where to look next?

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Wed, 09 Jan 2008 20:34:21 +0100
Source: gforge

Binary: gforge-lists-mailman gforge-db-postgresql gforge-mta-postfix gfor=
Confused? Frustrated? 
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related lists.debian.org Links
debian-announce
debian-apache
debian-arm-changes
debian-beowulf
debian-boot
debian-cd
debian-cd-vendors
debian-changes
debian-changes-digest
debian-isp
debian-kde
debian-laptop
debian-mirrors-announce
debian-news
debian-security
debian-security-announce
debian-testing
debian-user
debian-user-digest
Request more information about Pantek
ge-shell-ldap gforge gforge-common gforge-web-apache gforge-mta-exim gfor=
ge-mta-courier gforge-ftp-proftpd gforge-shell-postgresql gforge-mta-exim=

4 gforge-dns-bind9 gforge-ldap-openldap
Architecture: source all
Version: 4.5.14-22etch4
Distribution: stable-security
Urgency: high
Maintainer: Roland Mas <lolando@debian.org> Changed-By: Roland Mas <lolando@debian.org> Description:=20
gforge - collaborative development tool - meta-package gforge-common - collaborative development tool - shared files gforge-db-postgresql - collaborative development tool - database (using = PostgreSQL)
gforge-dns-bind9 - collaborative development tool - DNS management (usin= g Bind9)
gforge-ftp-proftpd - collaborative development tool - FTP management (us= ing ProFTPd)
gforge-ldap-openldap - collaborative development tool - LDAP directory (= using OpenLDAP)
gforge-lists-mailman - collaborative development tool - mailing-lists (u= sing Mailman)
gforge-mta-courier - collaborative development tool - mail tools (using = Courier)
gforge-mta-exim - collaborative development tool - mail tools (using Exi= m)
gforge-mta-exim4 - collaborative development tool - mail tools (using Ex= im 4)
gforge-mta-postfix - collaborative development tool - mail tools (using = Postfix)
gforge-shell-ldap - collaborative development tool - shell accounts (usi= ng LDAP)
gforge-shell-postgresql - collaborative development tool - shell account= s (using PostgreSQL
gforge-web-apache - collaborative development tool - web part (using Apa= che)
Changes:=20
gforge (4.5.14-22etch4) stable-security; urgency=3Dhigh .

Made locking mechanism more robust in cron_utils.php.
Fixed SQL injection vulnerability due to insufficient input sanitizi= ng (CVE-2008-0173). Files:=20 b36ce450f342c604fd12549450fff6ae 950 devel optional gforge_4.5.14-22etch= 4.dsc a00eedb23b776476b9a42618487d89b1 197311 devel optional gforge_4.5.14-22e= tch4.diff.gz fb3df49a34571c38a43e625e73f1a124 80056 devel optional gforge_4.5.14-22et= ch4_all.deb cfafa0c6c1b5ba02a0d665cbe76b11cb 1010552 devel optional gforge-common_4.= 5.14-22etch4_all.deb 162e04520f993c85af6aac6565b01e90 704634 devel optional gforge-web-apache= _4.5.14-22etch4_all.deb 4cc28fdcf336a60bba2a89072683a5f9 212334 devel optional gforge-db-postgre= sql_4.5.14-22etch4_all.deb 0e657fdc22f4e1f14a63e3c583bc2dcb 88914 devel optional gforge-mta-exim4_4= .5.14-22etch4_all.deb ba2c15b2bdd2f67a8abd3dd0bf9a326e 88404 devel optional gforge-mta-exim_4.= 5.14-22etch4_all.deb 4290daefda537d4f1f2127ee9eaabe49 88306 devel optional gforge-mta-postfix= _4.5.14-22etch4_all.deb 81c7219391d9fac23d6df62be3ab8bf5 75870 devel optional gforge-mta-courier= _4.5.14-22etch4_all.deb 71dce38865bdf01366a992336ae403d3 86126 devel optional gforge-shell-ldap_= 4.5.14-22etch4_all.deb ea3e49b38459636b14ba4346bc045cf0 86934 devel optional gforge-shell-postg= resql_4.5.14-22etch4_all.deb 4f38f483e13b4c9b5fcbbd379ff841f4 85838 devel optional gforge-ftp-proftpd= _4.5.14-22etch4_all.deb aa8716e4240606526fc633ba8c02b74a 95388 devel optional gforge-ldap-openld= ap_4.5.14-22etch4_all.deb beacacca088438618b23477f568f08e0 103548 devel optional gforge-dns-bind9_= 4.5.14-22etch4_all.deb 986a88180ea39ec6969f6b3f72006818 81878 devel optional gforge-lists-mailm= an_4.5.14-22etch4_all.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHhShoDqdWtRRIQ/URAh+YAJ9g01MD02UXyfk8VrWSjd/o0gSckACfSb92 kQj/hh2LWVZQidK1ERuGM30=3D
=3D0IeO
-----END PGP SIGNATURE-----
Accepted:
gforge-common_4.5.14-22etch4_all.deb
  to pool/main/g/gforge/gforge-common_4.5.14-22etch4_all.deb gforge-db-postgresql_4.5.14-22etch4_all.deb   to pool/main/g/gforge/gforge-db-postgresql_4.5.14-22etch4_all.deb gforge-dns-bind9_4.5.14-22etch4_all.deb
  to pool/main/g/gforge/gforge-dns-bind9_4.5.14-22etch4_all.deb gforge-ftp-proftpd_4.5.14-22etch4_all.deb   to pool/main/g/gforge/gforge-ftp-proftpd_4.5.14-22etch4_all.deb gforge-ldap-openldap_4.5.14-22etch4_all.deb   to pool/main/g/gforge/gforge-ldap-openldap_4.5.14-22etch4_all.deb gforge-lists-mailman_4.5.14-22etch4_all.deb   to pool/main/g/gforge/gforge-lists-mailman_4.5.14-22etch4_all.deb gforge-mta-courier_4.5.14-22etch4_all.deb   to pool/main/g/gforge/gforge-mta-courier_4.5.14-22etch4_all.deb gforge-mta-exim4_4.5.14-22etch4_all.deb
  to pool/main/g/gforge/gforge-mta-exim4_4.5.14-22etch4_all.deb gforge-mta-exim_4.5.14-22etch4_all.deb
  to pool/main/g/gforge/gforge-mta-exim_4.5.14-22etch4_all.deb gforge-mta-postfix_4.5.14-22etch4_all.deb   to pool/main/g/gforge/gforge-mta-postfix_4.5.14-22etch4_all.deb gforge-shell-ldap_4.5.14-22etch4_all.deb

  to pool/main/g/gforge/gforge-shell-ldap_4.5.14-22etch4_all.deb
gforge-shell-postgresql_4.5.14-22etch4_all.deb
  to pool/main/g/gforge/gforge-shell-postgresql_4.5.14-22etch4_all.deb

gforge-web-apache_4.5.14-22etch4_all.deb   to pool/main/g/gforge/gforge-web-apache_4.5.14-22etch4_all.deb gforge_4.5.14-22etch4.diff.gz
  to pool/main/g/gforge/gforge_4.5.14-22etch4.diff.gz gforge_4.5.14-22etch4.dsc
  to pool/main/g/gforge/gforge_4.5.14-22etch4.dsc gforge_4.5.14-22etch4_all.deb
  to pool/main/g/gforge/gforge_4.5.14-22etch4_all.deb

Date: Thu, 17 Jan 2008 07:52:16 +0000
From: Steffen Joeris <white@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted wzdftpd 0.8.1-2etch1 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Thu, 13 Dec 2007 10:15:28 +0000
Source: wzdftpd
Binary: wzdftpd-mod-perl wzdftpd-back-mysql wzdftpd-dev wzdftpd-mod-avahi= wzdftpd-back-pgsql wzdftpd wzdftpd-mod-tcl Architecture: source i386
Version: 0.8.1-2etch1
Distribution: stable-security
Urgency: high
Maintainer: Pierre Chifflier <chifflier@inl.fr> Changed-By: Steffen Joeris <white@debian.org> Description:=20
wzdftpd - A portable, modular, small and efficient ftp server

 wzdftpd-back-mysql - MySQL backend for wzdftpd
 wzdftpd-back-pgsql - PostgreSQL backend for wzdftpd
 wzdftpd-dev - Development files for wzdftpd
 wzdftpd-mod-avahi - Zeroconf module for wzdftpd
 wzdftpd-mod-perl - Perl module for wzdftpd
 wzdftpd-mod-tcl - TCL module for wzdftpd

Changes:=20
wzdftpd (0.8.1-2etch1) stable-security; urgency=3Dhigh .

Non-maintainer upload by the security team
Fix off-by-one in wzd_login.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 Files:=20 68399e61898a27e00c5b79eb77c5eada 863 net optional wzdftpd_0.8.1-2etch1.d= sc adc0b6ec5b373d0ae9bcb79947dcdc34 916176 net optional wzdftpd_0.8.1.orig.= tar.gz 32c647651b80a26a3bb933c1abeb0c3b 12393 net optional wzdftpd_0.8.1-2etch1= .diff.gz 4a9e2a8bb840497e49e067247beff4a6 258984 net optional wzdftpd_0.8.1-2etch= 1_i386.deb 1bf0337e5d353f7395c2e908ee66df43 39382 net optional wzdftpd-back-mysql_0= .8.1-2etch1_i386.deb f4674503b34fc02517e3291718c25d78 39746 net optional wzdftpd-back-pgsql_0= .8.1-2etch1_i386.deb 0a1c9f4eeee4aac5a6a319edc5ff5d41 31010 net optional wzdftpd-mod-avahi_0.= 8.1-2etch1_i386.deb 6d7b3d899bbae284744de1aba20dca40 35228 net optional wzdftpd-mod-tcl_0.8.= 1-2etch1_i386.deb cfe147b51da8533a652593ac7095f906 51974 net optional wzdftpd-mod-perl_0.8= .1-2etch1_i386.deb 461bfb0f5ea1d4395662d759d6fc8e01 255404 libdevel optional wzdftpd-dev_0.= 8.1-2etch1_i386.deb

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHanbB62zWxYk/rQcRApvAAKCbLnzRZ6Pep4JD8Iut3HSbXFdPjgCePwUs +3ivZEznHk4Pu4uq+USchOQ=3D
=3DcGS4
-----END PGP SIGNATURE-----
Accepted:
wzdftpd-back-mysql_0.8.1-2etch1_i386.deb   to pool/main/w/wzdftpd/wzdftpd-back-mysql_0.8.1-2etch1_i386.deb wzdftpd-back-pgsql_0.8.1-2etch1_i386.deb   to pool/main/w/wzdftpd/wzdftpd-back-pgsql_0.8.1-2etch1_i386.deb wzdftpd-dev_0.8.1-2etch1_i386.deb
  to pool/main/w/wzdftpd/wzdftpd-dev_0.8.1-2etch1_i386.deb wzdftpd-mod-avahi_0.8.1-2etch1_i386.deb
  to pool/main/w/wzdftpd/wzdftpd-mod-avahi_0.8.1-2etch1_i386.deb wzdftpd-mod-perl_0.8.1-2etch1_i386.deb
  to pool/main/w/wzdftpd/wzdftpd-mod-perl_0.8.1-2etch1_i386.deb wzdftpd-mod-tcl_0.8.1-2etch1_i386.deb
  to pool/main/w/wzdftpd/wzdftpd-mod-tcl_0.8.1-2etch1_i386.deb wzdftpd_0.8.1-2etch1.diff.gz
  to pool/main/w/wzdftpd/wzdftpd_0.8.1-2etch1.diff.gz wzdftpd_0.8.1-2etch1.dsc
  to pool/main/w/wzdftpd/wzdftpd_0.8.1-2etch1.dsc wzdftpd_0.8.1-2etch1_i386.deb
  to pool/main/w/wzdftpd/wzdftpd_0.8.1-2etch1_i386.deb

Date: Thu, 17 Jan 2008 07:52:29 +0000
From: Steffen Joeris <white@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted hplip 1.6.10-3etch1 (source all i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Mon, 24 Dec 2007 13:23:12 +0000
Source: hplip
Binary: hpijs hplip-data hpijs-ppds hplip hplip-doc hplip-dbg Architecture: source all i386
Version: 1.6.10-3etch1
Distribution: stable-security
Urgency: high
Maintainer: Henrique de Moraes Holschuh <hmh@debian.org> Changed-By: Steffen Joeris <white@debian.org> Description:=20

 hpijs      - HP Linux Printing and Imaging - gs IJS driver (hpijs)
 hpijs-ppds - HP Linux Printing and Imaging - HPIJS PPD files
 hplip      - HP Linux Printing and Imaging System (HPLIP)
 hplip-data - HP Linux Printing and Imaging - data files
 hplip-dbg  - HP Linux Printing and Imaging - debugging information
 hplip-doc  - HP Linux Printing and Imaging - documentation

Changes:=20
hplip (1.6.10-3etch1) stable-security; urgency=3Dhigh .

Non-maintainer upload by the security team
Included CVE-2007-5208.dpatch to fix arbitrary command execution in hpssd via crafted from address because of missing sanitization (CVE-2007-5208) Files:=20 d7045ceab044d91ae541bda2ea59bc00 909 utils optional hplip_1.6.10-3etch1.= dsc 1a0df06890cce015d0ff0c1cebb47b33 256240 utils optional hplip_1.6.10-3etc= h1.diff.gz f9fe84711c29f7c909b01e1d37974fc4 1768320 utils optional hpijs-ppds_2.6.1= 0+1.6.10-3etch1_all.deb 4c8c872e73cf39a608be688247e9a075 6294792 utils optional hplip-data_1.6.1= 0-3etch1_all.deb a19ce96589c54dc339440d79639bfd3b 1621540 doc optional hplip-doc_1.6.10-3= etch1_all.deb c4a59d79282d7fe21153772571e08a07 349776 text optional hpijs_2.6.10+1.6.1= 0-3etch1_i386.deb 0178b5c6b2fb076349d8a1c7a1d6f401 570118 utils optional hplip_1.6.10-3etc= h1_i386.deb d3c88672245243b5f50345d0f9f43ca1 828908 utils extra hplip-dbg_1.6.10-3et= ch1_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHfVe+62zWxYk/rQcRAhshAKDPPhKLjH2ZHmTwyyR5UkKu7RNjNwCghIzD hpEzhYfDJ21E/+Clwh1EsO0=3D
=3DxQoU
-----END PGP SIGNATURE-----
Accepted:
hpijs-ppds_2.6.10+1.6.10-3etch1_all.deb
  to pool/main/h/hplip/hpijs-ppds_2.6.10+1.6.10-3etch1_all.deb hpijs_2.6.10+1.6.10-3etch1_i386.deb
  to pool/main/h/hplip/hpijs_2.6.10+1.6.10-3etch1_i386.deb hplip-data_1.6.10-3etch1_all.deb
  to pool/main/h/hplip/hplip-data_1.6.10-3etch1_all.deb hplip-dbg_1.6.10-3etch1_i386.deb
  to pool/main/h/hplip/hplip-dbg_1.6.10-3etch1_i386.deb hplip-doc_1.6.10-3etch1_all.deb
  to pool/main/h/hplip/hplip-doc_1.6.10-3etch1_all.deb hplip_1.6.10-3etch1.diff.gz
  to pool/main/h/hplip/hplip_1.6.10-3etch1.diff.gz hplip_1.6.10-3etch1.dsc
  to pool/main/h/hplip/hplip_1.6.10-3etch1.dsc hplip_1.6.10-3etch1_i386.deb
  to pool/main/h/hplip/hplip_1.6.10-3etch1_i386.deb

Do you need help?

Date: Thu, 17 Jan 2008 07:52:13 +0000
From: Steffen Joeris <white@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted eggdrop 1.6.18-1etch1 (source i386 all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Sat, 22 Dec 2007 18:31:09 +0000
Source: eggdrop
Binary: eggdrop-data eggdrop
Architecture: source i386 all
Version: 1.6.18-1etch1
Distribution: stable-security
Urgency: high
Maintainer: Guilherme de S. Pastore <gpastore@debian.org> Changed-By: Steffen Joeris <white@debian.org> Description:=20
eggdrop - Advanced IRC Robot
eggdrop-data - Architecture independent files for eggdrop Changes:=20
eggdrop (1.6.18-1etch1) stable-security; urgency=3Dhigh .

Non-maintainer upload
Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 Files:=20 51a806bb57b49ad48aaf33de7ee68a22 642 net extra eggdrop_1.6.18-1etch1.dsc c2734a51926bdf0380d8bb53f5a7b2ee 1025608 net extra eggdrop_1.6.18.orig.t= ar.gz 1a4235a0c37b8ceda4f9a6c7d959caac 7735 net extra eggdrop_1.6.18-1etch1.di= ff.gz 68732ebe9e8a2acc3c0f6d014c40117d 412462 net extra eggdrop-data_1.6.18-1e= tch1_all.deb cd53f77bd94f508fe22891368c7733a5 476308 net extra eggdrop_1.6.18-1etch1_= i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHb3UV62zWxYk/rQcRAsBAAJ0cfJs/KwXyzKM3mGGrvsPHI/tCiwCff1YC ccdJyVpEqDPG1V3CLx2Oxl0=3D
=3DHzqW
-----END PGP SIGNATURE-----
Accepted:
eggdrop-data_1.6.18-1etch1_all.deb
  to pool/main/e/eggdrop/eggdrop-data_1.6.18-1etch1_all.deb eggdrop_1.6.18-1etch1.diff.gz
  to pool/main/e/eggdrop/eggdrop_1.6.18-1etch1.diff.gz eggdrop_1.6.18-1etch1.dsc
  to pool/main/e/eggdrop/eggdrop_1.6.18-1etch1.dsc eggdrop_1.6.18-1etch1_i386.deb
  to pool/main/e/eggdrop/eggdrop_1.6.18-1etch1_i386.deb

End of debian-changes-digest Digest V2008 Issue #2

Received on Thu Jan 17 03:10:57 2008

This message: [ Message body ]
Next message: Micha Lenk: "Accepted libchipcard2 2.1.9-3 (source i386 all)"
Previous message: Norbert Tretkowski: "Accepted mysql-dfsg-5.0 5.0.32-7etch4 (source all i386)"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 07:00:18 EDT

Do you need more help?