Hosting Provided By

debian-changes-digest Digest V2008 #4

From: <debian-changes-digest-request(at)lists.debian.org>
Date: Fri Jan 18 2008 - 03:05:31 EST

Content-Type: text/plain

debian-changes-digest Digest Volume 2008 : Issue 4

Today's Topics:

  Accepted postgresql-8.1 8.1.10-0etch  [ Martin Pitt  ]
  Accepted ngircd 0.10.0-2etch1 (ia64   [ Andreas Barth  ]
  Accepted postgresql-7.4 1:7.4.19-0et  [ Martin Pitt  ]
  Accepted gforge 3.1-31sarge5 (source  [ Roland Mas  ]
  Accepted loop-aes-utils 2.12p-4sarge  [ Steffen Joeris  ]
  Accepted eggdrop 1.6.17-3sarge1 (sou  [ Steffen Joeris  ]

Date: Thu, 17 Jan 2008 19:52:16 +0000
From: Martin Pitt <mpitt@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted postgresql-8.1 8.1.10-0etch1 (source all i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 04 Jan 2008 13:30:54 +0100
Source: postgresql-8.1

Binary: postgresql-8.1 postgresql-pltcl-8.1 postgresql-plperl-8.1 libpgty=
pes2 libpq-dev libpq4 postgresql-doc-8.1 postgresql-plpython-8.1 libecpg5=
 libecpg-compat2 libecpg-dev postgresql-client-8.1 postgresql-contrib-8.1=

postgresql-server-dev-8.1
Architecture: source all i386
Version: 8.1.10-0etch1
Distribution: stable
Urgency: low
Maintainer: Martin Pitt <mpitt@debian.org> Changed-By: Martin Pitt <mpitt@debian.org> Description:=20
libecpg-compat2 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg5 - run-time library for ECPG programs libpgtypes2 - shared library libpgtypes for PostgreSQL 8.1 libpq-dev - header files for libpq4 (PostgreSQL library) libpq4 - PostgreSQL C client library

 postgresql-8.1 - object-relational SQL database, version 8.1 server
 postgresql-client-8.1 - front-end programs for PostgreSQL 8.1
 postgresql-contrib-8.1 - additional facilities for PostgreSQL
 postgresql-doc-8.1 - documentation for the PostgreSQL database managemen=

t system
postgresql-plperl-8.1 - PL/Perl procedural language for PostgreSQL 8.1 postgresql-plpython-8.1 - PL/Python procedural language for PostgreSQL 8= .1
postgresql-pltcl-8.1 - PL/Tcl procedural language for PostgreSQL 8.1 postgresql-server-dev-8.1 - development files for PostgreSQL 8.1 server-= side programming
Closes: 443360 454637 458927
Changes:=20
postgresql-8.1 (8.1.10-0etch1) stable; urgency=3Dlow .

New upstream bugfix release:
- Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure. [CVE-2007-3278, CVE-2007-3280]
- Make "CREATE DOMAIN ... DEFAULT NULL" work properly.
- Allow the interval data type to accept input consisting only of milliseconds or microseconds.
- Speed up rtree index insertion.
- Fix excessive logging of SSL error messages.
- Fix logging so that log messages are never interleaved when using the syslogger process.
- Fix crash when log_min_error_statement logging runs out of memory.
- Fix incorrect handling of some foreign-key corner cases.
- Prevent "REINDEX" and "CLUSTER" from failing due to attempting to process temporary tables of other sessions.
- Update the time zone database rules, particularly New Zealand's upcoming changes. (Closes: #443360)
Drop debian/patches/00upstream-01-polymorphic-functions.patch, upstr= eam now.
Use the timezone database from the system tzdata instead of shipping= our own. (Closes: #458927, #454637)
- debian/patches/04-timezone-symlinks.patch: Drop previous hardlink-to-symlink patch to zic, since that is irrelevant now. Re= place the patch with a Makefile change that just symlinks /usr/share/zon= einfo to where postgresql previously installed its own tzdata copy.
- debian/control: Add tzdata dependency.
- debian/postgresql-8.1.install: Install the 'timezone' symlink, not= the files in the dereferenced directory.
- debian/postgresql-8.1.postinst: Replace the timezone directory wit= h the symlink on upgrades, since dpkg does not do that automatically. Wi= thout this, we'd end up with an empty timezone directory. Files:=20 c169e60ee2254d4fbda84d8638a3475c 1171 misc optional postgresql-8.1_8.1.1= 0-0etch1.dsc f0e310ecf730bed0cceccaea77031a07 34613 misc optional postgresql-8.1_8.1.= 10-0etch1.diff.gz 099057a48c9c642e7a90defc04c95265 1582260 doc optional postgresql-doc-8.1= _8.1.10-0etch1_all.deb 82f07a79d8b964832a5ff8e3ff31c1c2 326596 libdevel optional libpq-dev_8.1.= 10-0etch1_i386.deb feac6ca2fc661c5c32bf636fa51456ea 272346 libs optional libpq4_8.1.10-0etc= h1_i386.deb 9790bd8a7327bed897ed8e995f5590c8 181026 libs optional libecpg5_8.1.10-0e= tch1_i386.deb 8dee9785e6695f180c1426791fb41ac1 344886 libdevel optional libecpg-dev_8.= 1.10-0etch1_i386.deb 3c860a7b32fac9002ec49a3aa649c83a 160938 libs optional libecpg-compat2_8.= 1.10-0etch1_i386.deb 6e122b08bb03491145b50e6ec3171411 182926 libs optional libpgtypes2_8.1.10= -0etch1_i386.deb 81c4bdf841485079be5b88bbaa406759 4281598 misc optional postgresql-8.1_8.= 1.10-0etch1_i386.deb 9e4813ff12c07821ef52ab9805c1977c 1407108 misc optional postgresql-client= -8.1_8.1.10-0etch1_i386.deb d9af4ecef6f6d76d82c733c3f464abb2 607498 libdevel optional postgresql-ser= ver-dev-8.1_8.1.10-0etch1_i386.deb 915529882e3bd013667c9a6293c50f99 601734 misc optional postgresql-contrib= -8.1_8.1.10-0etch1_i386.deb ef811be380de637e1466a98bfb7d5061 176498 misc optional postgresql-plperl-= 8.1_8.1.10-0etch1_i386.deb 50bb819d55fa113f95160e53ab944ae5 169648 misc optional postgresql-plpytho= n-8.1_8.1.10-0etch1_i386.deb fefb8e2d11e737730a089338da3be518 171384 misc optional postgresql-pltcl-8= .1_8.1.10-0etch1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

Do you need help?

iD8DBQFHf2TiDecnbV4Fd/IRAr4aAJ4gx7yC42kQnEyY4T7bDbuAZihGgQCeITs2 jTfMcujE+kncXbiLh9nAYFw=3D
=3D5aYM
-----END PGP SIGNATURE----- Accepted:
libecpg-compat2_8.1.10-0etch1_i386.deb
  to pool/main/p/postgresql-8.1/libecpg-compat2_8.1.10-0etch1_i386.deb libecpg-dev_8.1.10-0etch1_i386.deb
  to pool/main/p/postgresql-8.1/libecpg-dev_8.1.10-0etch1_i386.deb libecpg5_8.1.10-0etch1_i386.deb
  to pool/main/p/postgresql-8.1/libecpg5_8.1.10-0etch1_i386.deb libpgtypes2_8.1.10-0etch1_i386.deb
  to pool/main/p/postgresql-8.1/libpgtypes2_8.1.10-0etch1_i386.deb libpq-dev_8.1.10-0etch1_i386.deb
  to pool/main/p/postgresql-8.1/libpq-dev_8.1.10-0etch1_i386.deb libpq4_8.1.10-0etch1_i386.deb
  to pool/main/p/postgresql-8.1/libpq4_8.1.10-0etch1_i386.deb postgresql-8.1_8.1.10-0etch1.diff.gz
  to pool/main/p/postgresql-8.1/postgresql-8.1_8.1.10-0etch1.diff.gz postgresql-8.1_8.1.10-0etch1.dsc
  to pool/main/p/postgresql-8.1/postgresql-8.1_8.1.10-0etch1.dsc postgresql-8.1_8.1.10-0etch1_i386.deb
  to pool/main/p/postgresql-8.1/postgresql-8.1_8.1.10-0etch1_i386.deb postgresql-client-8.1_8.1.10-0etch1_i386.deb   to pool/main/p/postgresql-8.1/postgresql-client-8.1_8.1.10-0etch1_i386.= deb
postgresql-contrib-8.1_8.1.10-0etch1_i386.deb   to pool/main/p/postgresql-8.1/postgresql-contrib-8.1_8.1.10-0etch1_i386= .deb
postgresql-doc-8.1_8.1.10-0etch1_all.deb   to pool/main/p/postgresql-8.1/postgresql-doc-8.1_8.1.10-0etch1_all.deb postgresql-plperl-8.1_8.1.10-0etch1_i386.deb   to pool/main/p/postgresql-8.1/postgresql-plperl-8.1_8.1.10-0etch1_i386.= deb
postgresql-plpython-8.1_8.1.10-0etch1_i386.deb   to pool/main/p/postgresql-8.1/postgresql-plpython-8.1_8.1.10-0etch1_i38= 6.deb
postgresql-pltcl-8.1_8.1.10-0etch1_i386.deb   to pool/main/p/postgresql-8.1/postgresql-pltcl-8.1_8.1.10-0etch1_i386.d= eb
postgresql-server-dev-8.1_8.1.10-0etch1_i386.deb   to pool/main/p/postgresql-8.1/postgresql-server-dev-8.1_8.1.10-0etch1_i= 386.deb

Date: Thu, 17 Jan 2008 19:52:13 +0000
From: Andreas Barth <aba@not.so.argh.org> To: debian-changes@lists.debian.org
Subject: Accepted ngircd 0.10.0-2etch1 (ia64 source)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 5 Jan 2008 13:18:38 +0000
Source: ngircd
Binary: ngircd
Architecture: source ia64
Version: 0.10.0-2etch1
Distribution: stable
Urgency: medium
Maintainer: Mario Iseli <admin@marioiseli.com> Changed-By: Andreas Barth <aba@not.so.argh.org> Description:=20
ngircd - Next generation IRC Server Closes: 451875
Changes:=20
ngircd (0.10.0-2etch1) stable; urgency=3Dmedium .

Security upload fixing CVE-2007-6062: Remote vulnerability in ngircd before 0.10.3. Closes: #451875
Thanks to Sebastian Vesper for finding the issue.
Thanks to Christoph Biedl for noticing, the patch and reminding. Files:=20 5facd147f7f2066620f1525fd468c1e8 594 net optional ngircd_0.10.0-2etch1.d= sc ddbf7cb848354b62d46df5f633b39f17 9043 net optional ngircd_0.10.0-2etch1.= diff.gz 80cab697d97ac450a5b7192bb4afa43a 113692 net optional ngircd_0.10.0-2etch= 1_ia64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFHf4kQmdOZoew2oYURAlNdAJ47cxio0pWV8/nKtDB6vcTlj3b1kgCfYBos RPj3emXBCBzcuFhc4LT7hWg=3D
=3DjfJy
-----END PGP SIGNATURE----- Accepted:
ngircd_0.10.0-2etch1.diff.gz
  to pool/main/n/ngircd/ngircd_0.10.0-2etch1.diff.gz ngircd_0.10.0-2etch1.dsc
  to pool/main/n/ngircd/ngircd_0.10.0-2etch1.dsc ngircd_0.10.0-2etch1_ia64.deb
  to pool/main/n/ngircd/ngircd_0.10.0-2etch1_ia64.deb

Do you need more help?

Date: Thu, 17 Jan 2008 19:52:18 +0000
From: Martin Pitt <mpitt@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted postgresql-7.4 1:7.4.19-0etch1 (source i386 all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 04 Jan 2008 15:31:29 +0100
Source: postgresql-7.4
Binary: postgresql-plpython-7.4 postgresql-client-7.4 postgresql-7.4 post= gresql-contrib-7.4 postgresql-doc-7.4 postgresql-plperl-7.4 postgresql-se= rver-dev-7.4 postgresql-pltcl-7.4
Architecture: source i386 all
Version: 1:7.4.19-0etch1
Distribution: stable-security
Urgency: low
Maintainer: Martin Pitt <mpitt@debian.org> Changed-By: Martin Pitt <mpitt@debian.org> Description:=20

 postgresql-7.4 - object-relational SQL database, version 7.4 server
 postgresql-client-7.4 - front-end programs for PostgreSQL 7.4
 postgresql-contrib-7.4 - additional facilities for PostgreSQL
 postgresql-doc-7.4 - documentation for the PostgreSQL database managemen=

t system
postgresql-plperl-7.4 - PL/Perl procedural language for PostgreSQL 7.4 postgresql-plpython-7.4 - PL/Python procedural language for PostgreSQL 7= .4
postgresql-pltcl-7.4 - PL/Tcl procedural language for PostgreSQL 7.4 postgresql-server-dev-7.4 - development files for PostgreSQL 7.4 server-= side programming
Changes:=20
postgresql-7.4 (1:7.4.19-0etch1) stable-security; urgency=3Dlow .

New upstream bugfix release 7.4.18:
- Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure. [CVE-2007-3278, CVE-2007-3280]
- Make "CREATE DOMAIN ... DEFAULT NULL" work properly.
- Fix excessive logging of SSL error messages.
- Fix crash when log_min_error_statement logging runs out of memory.
- Prevent "CLUSTER" from failing due to attempting to process temporary tables of other sessions.
New upstream security/bugfix release 7.4.19:
- Prevent functions in indexes from executing with the privileges of the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbi= dden within a SECURITY DEFINER context. [CVE-2007-6600]
- Suitably crafted regular-expression patterns could cause crashes, infinite or near-infinite looping, and/or massive memory consumption, all of which pose denial-of-service hazards for applications that accept regex search patterns from untrustworthy sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067]
- Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure. The fix that appeared for this in 8.2.5 was incomplete, as it plugged the hole for only some "dblink" functions. [CVE-2007-6601, CVE-2007-3278]
- Fix planner failure in some cases of WHERE false AND var IN (SELEC= T ...).
- Fix potential crash in translate() when using a multibyte database encoding.
- Fix PL/Python to not crash on long exception messages.
- ecpg parser fixes.
- Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a category in its own right, rather than crashing.
- Fix tsvector and tsquery output routines to escape backslashes correctly.
- Fix crash of to_tsvector() on huge input strings.
debian/patches/21_krb5_check_hostname.patch: Adapt to new upstream release. Files:=20 7ee8eddca94332da692274ba8cfe7c32 1126 misc optional postgresql-7.4_7.4.1= 9-0etch1.dsc b2b5c751263ddbe930f968f27681c862 10031202 misc optional postgresql-7.4_7= .4.19.orig.tar.gz ad11d2450a6067420202adc76be2f3ca 33402 misc optional postgresql-7.4_7.4.= 19-0etch1.diff.gz cd876c31c255ffd93961a8b7648fd1ce 1282356 doc optional postgresql-doc-7.4= _7.4.19-0etch1_all.deb a2c72ce7fec9195113d71cda830583b4 525244 libdevel optional postgresql-ser= ver-dev-7.4_7.4.19-0etch1_all.deb 5cac69d1baa16515d9bc144400683643 3382724 misc optional postgresql-7.4_7.= 4.19-0etch1_i386.deb c5223d3a56a48fb86728a5f0e034e6e4 1110108 misc optional postgresql-client= -7.4_7.4.19-0etch1_i386.deb d0f1dcad3e13a6130cb467116a40ee1b 571698 misc optional postgresql-contrib= -7.4_7.4.19-0etch1_i386.deb 812343b3e8d4ffb11584ff8f671d568d 121542 misc optional postgresql-plperl-= 7.4_7.4.19-0etch1_i386.deb ed3cc8ed8a76701355a7264dad818f01 123904 misc optional postgresql-plpytho= n-7.4_7.4.19-0etch1_i386.deb 92dd9cd7a1fbbb8656d700723689775d 125898 misc optional postgresql-pltcl-7= .4_7.4.19-0etch1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHh5qeDecnbV4Fd/IRAtjGAKDrrtj1QsHT+Sh9t+C209f3W55oqQCfZbeP Lrup4Dm8TZtX8AE0XKwPoP8=3D
=3DSDgT
-----END PGP SIGNATURE----- Accepted:
postgresql-7.4_7.4.19-0etch1.diff.gz
  to pool/main/p/postgresql-7.4/postgresql-7.4_7.4.19-0etch1.diff.gz postgresql-7.4_7.4.19-0etch1.dsc
  to pool/main/p/postgresql-7.4/postgresql-7.4_7.4.19-0etch1.dsc postgresql-7.4_7.4.19-0etch1_i386.deb
  to pool/main/p/postgresql-7.4/postgresql-7.4_7.4.19-0etch1_i386.deb postgresql-7.4_7.4.19.orig.tar.gz
  to pool/main/p/postgresql-7.4/postgresql-7.4_7.4.19.orig.tar.gz postgresql-client-7.4_7.4.19-0etch1_i386.deb   to pool/main/p/postgresql-7.4/postgresql-client-7.4_7.4.19-0etch1_i386.= deb
postgresql-contrib-7.4_7.4.19-0etch1_i386.deb   to pool/main/p/postgresql-7.4/postgresql-contrib-7.4_7.4.19-0etch1_i386= .deb
postgresql-doc-7.4_7.4.19-0etch1_all.deb   to pool/main/p/postgresql-7.4/postgresql-doc-7.4_7.4.19-0etch1_all.deb postgresql-plperl-7.4_7.4.19-0etch1_i386.deb   to pool/main/p/postgresql-7.4/postgresql-plperl-7.4_7.4.19-0etch1_i386.= deb
postgresql-plpython-7.4_7.4.19-0etch1_i386.deb   to pool/main/p/postgresql-7.4/postgresql-plpython-7.4_7.4.19-0etch1_i38= 6.deb
postgresql-pltcl-7.4_7.4.19-0etch1_i386.deb   to pool/main/p/postgresql-7.4/postgresql-pltcl-7.4_7.4.19-0etch1_i386.d= eb
postgresql-server-dev-7.4_7.4.19-0etch1_all.deb   to pool/main/p/postgresql-7.4/postgresql-server-dev-7.4_7.4.19-0etch1_a= ll.deb

Date: Thu, 17 Jan 2008 19:52:27 +0000
From: Roland Mas <lolando@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted gforge 3.1-31sarge5 (source all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Can we help you? 
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related lists.debian.org Links
debian-announce
debian-apache
debian-arm-changes
debian-beowulf
debian-boot
debian-cd
debian-cd-vendors
debian-changes
debian-changes-digest
debian-isp
debian-kde
debian-laptop
debian-mirrors-announce
debian-news
debian-security
debian-security-announce
debian-testing
debian-user
debian-user-digest
Request more information about Pantek

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Can't find what you're looking for?

Format: 1.7
Date: Wed, 09 Jan 2008 18:31:35 +0100
Source: gforge

Binary: gforge-lists-mailman gforge-db-postgresql sourceforge gforge-mta-=
postfix gforge-sourceforge-transition gforge-shell-ldap gforge gforge-com=
mon gforge-web-apache gforge-mta-exim gforge-cvs gforge-ftp-proftpd gforg=

e-mta-exim4 gforge-dns-bind9 gforge-ldap-openldap Architecture: source all
Version: 3.1-31sarge5
Distribution: oldstable-security
Urgency: high
Maintainer: Roland Mas <lolando@debian.org> Changed-By: Roland Mas <lolando@debian.org> Description:=20
gforge - Collaborative development tool - meta-package

 gforge-common - Collaborative development tool - shared files
 gforge-cvs - Collaborative development tool - CVS management
 gforge-db-postgresql - Collaborative development tool - database (using =

PostgreSQL)
gforge-dns-bind9 - Collaborative development tool - DNS management (usin= g Bind9)
gforge-ftp-proftpd - Collaborative development tool - FTP management (us= ing ProFTPd)
gforge-ldap-openldap - Collaborative development tool - LDAP directory (= using OpenLDAP)
gforge-lists-mailman - Collaborative development tool - mailing-lists (u= sing Mailman)
gforge-mta-exim - Collaborative development tool - mail tools (using Exi= m)
gforge-mta-exim4 - Collaborative development tool - mail tools (using Ex= im 4)
gforge-mta-postfix - Collaborative development tool - mail tools (using = Postfix)
gforge-shell-ldap - Collaborative development tool - shell accounts (usi= ng LDAP)
gforge-sourceforge-transition - Sourceforge to Gforge data transition gforge-web-apache - Collaborative development tool - web part (using Apa= che)
sourceforge - Empty package to help with Sourceforge to Gforge transitio= n
Changes:=20
gforge (3.1-31sarge5) oldstable-security; urgency=3Dhigh .

Fixed SQL injection vulnerability due to insufficient input sanitizi= ng (CVE-2008-0173). Files:=20 336e19234bd80dd1856259700146978a 868 devel optional gforge_3.1-31sarge5.= dsc fd78915a83bd2c0ebf907adb10369846 298148 devel optional gforge_3.1-31sarg= e5.diff.gz 2b16eefa372e82788db9d8628f689763 56466 devel optional gforge_3.1-31sarge= 5_all.deb 8b3b2651d9c87db5001a3207174f0620 93948 devel optional gforge-common_3.1-= 31sarge5_all.deb 36e222e23527c67affc8d103bc483351 1108124 devel optional gforge-web-apach= e_3.1-31sarge5_all.deb c4eeb3e6b1fb6d1d5d8b7a5dcbdc2b5a 148510 devel optional gforge-db-postgre= sql_3.1-31sarge5_all.deb b9e32d3ccfa6a1de77393da4563e5fb2 65220 devel optional gforge-mta-exim4_3= .1-31sarge5_all.deb 552a93aa07b144e643dfbcc97cb84064 64758 devel optional gforge-mta-exim_3.= 1-31sarge5_all.deb efd816ced0348fa8b56f4c3e5256a840 64858 devel optional gforge-mta-postfix= _3.1-31sarge5_all.deb 3374d78c0cef648a6aad1725a1e6cb1a 61078 devel optional gforge-shell-ldap_= 3.1-31sarge5_all.deb 63cd91f21d6c1c8070cab36e8c116b57 99274 devel optional gforge-cvs_3.1-31s= arge5_all.deb 1201c29fe43d659ba1fa1ec8d1c97dcb 59936 devel optional gforge-ftp-proftpd= _3.1-31sarge5_all.deb f699bb5444a9b7bb8e096c44e3cd0650 70838 devel optional gforge-ldap-openld= ap_3.1-31sarge5_all.deb 3c46ebf2c9c7790913b4138fda70abf7 72540 devel optional gforge-dns-bind9_3= .1-31sarge5_all.deb 639ec6b4b363a4526d6d459858b230ce 58324 devel optional gforge-lists-mailm= an_3.1-31sarge5_all.deb 6ad709e90b0071acf6b002824c99a996 59412 devel optional gforge-sourceforge= -transition_3.1-31sarge5_all.deb bfc08b5a188699a7b524ca8849d123db 55908 devel extra sourceforge_3.1-31sar= ge5_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHhShNDqdWtRRIQ/URAqFSAJ0ShphTR2f/8JsVSKuztc5/yz1gbwCgoaCr LgjkUaeRD8Ln8O+oXAnLZVM=3D
=3DFhni
-----END PGP SIGNATURE----- Accepted:
gforge-common_3.1-31sarge5_all.deb
  to pool/main/g/gforge/gforge-common_3.1-31sarge5_all.deb gforge-cvs_3.1-31sarge5_all.deb
  to pool/main/g/gforge/gforge-cvs_3.1-31sarge5_all.deb gforge-db-postgresql_3.1-31sarge5_all.deb   to pool/main/g/gforge/gforge-db-postgresql_3.1-31sarge5_all.deb gforge-dns-bind9_3.1-31sarge5_all.deb
  to pool/main/g/gforge/gforge-dns-bind9_3.1-31sarge5_all.deb gforge-ftp-proftpd_3.1-31sarge5_all.deb
  to pool/main/g/gforge/gforge-ftp-proftpd_3.1-31sarge5_all.deb gforge-ldap-openldap_3.1-31sarge5_all.deb   to pool/main/g/gforge/gforge-ldap-openldap_3.1-31sarge5_all.deb gforge-lists-mailman_3.1-31sarge5_all.deb   to pool/main/g/gforge/gforge-lists-mailman_3.1-31sarge5_all.deb gforge-mta-exim4_3.1-31sarge5_all.deb
  to pool/main/g/gforge/gforge-mta-exim4_3.1-31sarge5_all.deb gforge-mta-exim_3.1-31sarge5_all.deb
  to pool/main/g/gforge/gforge-mta-exim_3.1-31sarge5_all.deb gforge-mta-postfix_3.1-31sarge5_all.deb
  to pool/main/g/gforge/gforge-mta-postfix_3.1-31sarge5_all.deb gforge-shell-ldap_3.1-31sarge5_all.deb
  to pool/main/g/gforge/gforge-shell-ldap_3.1-31sarge5_all.deb gforge-sourceforge-transition_3.1-31sarge5_all.deb   to pool/main/g/gforge/gforge-sourceforge-transition_3.1-31sarge5_all.de= b
gforge-web-apache_3.1-31sarge5_all.deb
  to pool/main/g/gforge/gforge-web-apache_3.1-31sarge5_all.deb gforge_3.1-31sarge5.diff.gz
  to pool/main/g/gforge/gforge_3.1-31sarge5.diff.gz gforge_3.1-31sarge5.dsc
  to pool/main/g/gforge/gforge_3.1-31sarge5.dsc gforge_3.1-31sarge5_all.deb
  to pool/main/g/gforge/gforge_3.1-31sarge5_all.deb sourceforge_3.1-31sarge5_all.deb
  to pool/main/g/gforge/sourceforge_3.1-31sarge5_all.deb

Date: Thu, 17 Jan 2008 19:52:30 +0000
From: Steffen Joeris <white@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted loop-aes-utils 2.12p-4sarge2 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 22 Dec 2007 14:04:14 +0000
Source: loop-aes-utils
Binary: loop-aes-utils
Architecture: source i386
Version: 2.12p-4sarge2
Distribution: oldstable-security
Urgency: high
Maintainer: Max Vozeler <xam@debian.org> Changed-By: Steffen Joeris <white@debian.org> Description:=20
loop-aes-utils - Tools for mounting and manipulating filesystems Changes:=20
loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=3Dhigh .

Non-maintainer upload by the security team
Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 Files:=20 df895a3729db10a19896a9251d4af5b2 684 admin optional loop-aes-utils_2.12p= -4sarge2.dsc c9e24c3959fbac7e69f4d3ac1c6e672b 69885 admin optional loop-aes-utils_2.1= 2p-4sarge2.diff.gz caa1aa50c22e9de3beb71ee7ab40df94 142336 admin optional loop-aes-utils_2.= 12p-4sarge2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

Don't know where to look next?

iD8DBQFHbRsn62zWxYk/rQcRAgUzAJ4kri3bFzKUTLgQmaE8TFUSi+5InACgzxT7 zYdTTaMDVJfSYESpb0cG+6U=3D
=3Da72P
-----END PGP SIGNATURE----- Accepted:
loop-aes-utils_2.12p-4sarge2.diff.gz
  to pool/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge2.diff.gz loop-aes-utils_2.12p-4sarge2.dsc
  to pool/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge2.dsc loop-aes-utils_2.12p-4sarge2_i386.deb
  to pool/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge2_i386.deb

Date: Thu, 17 Jan 2008 19:52:29 +0000
From: Steffen Joeris <white@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted eggdrop 1.6.17-3sarge1 (source i386 all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 22 Dec 2007 18:49:05 +0000
Source: eggdrop
Binary: eggdrop-data eggdrop
Architecture: source i386 all
Version: 1.6.17-3sarge1
Distribution: oldstable-security
Urgency: high
Maintainer: Guilherme de S. Pastore <gpastore@colband.com.br> Changed-By: Steffen Joeris <white@debian.org> Description:=20
eggdrop - Advanced IRC Robot
eggdrop-data - Architecture independent files for eggdrop Changes:=20
eggdrop (1.6.17-3sarge1) oldstable-security; urgency=3Dhigh .

Non-maintainer upload by the security team
Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 Files:=20 b3522add4d8a7d6ca05072fa2e733509 651 net extra eggdrop_1.6.17-3sarge1.ds= c a0f9befca240072e45cd57908bb819d0 1030413 net extra eggdrop_1.6.17.orig.t= ar.gz cfaa50371d39bd8e2994e37fecc6ff86 36928 net extra eggdrop_1.6.17-3sarge1.= diff.gz bb84e646defd5d2f29eef07a4bcddc35 410510 net extra eggdrop-data_1.6.17-3s= arge1_all.deb f3a8dde2d859cbd72cfa8a50ef7c500d 470438 net extra eggdrop_1.6.17-3sarge1= _i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHb3Th62zWxYk/rQcRAv/9AKCDTfr0FyPDku2vGB+tBuKtWZw/VQCeOVGW A8fz8gQmkC5Kr6nzX4KlbBo=3D
=3DU2Ko
-----END PGP SIGNATURE----- Accepted:
eggdrop-data_1.6.17-3sarge1_all.deb
  to pool/main/e/eggdrop/eggdrop-data_1.6.17-3sarge1_all.deb eggdrop_1.6.17-3sarge1.diff.gz
  to pool/main/e/eggdrop/eggdrop_1.6.17-3sarge1.diff.gz eggdrop_1.6.17-3sarge1.dsc
  to pool/main/e/eggdrop/eggdrop_1.6.17-3sarge1.dsc eggdrop_1.6.17-3sarge1_i386.deb
  to pool/main/e/eggdrop/eggdrop_1.6.17-3sarge1_i386.deb

End of debian-changes-digest Digest V2008 Issue #4

Received on Fri Jan 18 03:06:12 2008

Confused? Frustrated?

This message: [ Message body ]
Next message: Julien Cristau: "Accepted libxfont 1:1.2.2-2.etch1 (source i386)"
Previous message: Martin Pitt: "Accepted postgresql-8.1 8.1.11-0etch1 (source i386 all)"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 07:00:22 EDT