Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: lists.debian.org > debian-changes > 08 > 010466.html (Request Expert lists.debian.org Support)

debian-changes-digest Digest V2008 #8

From: <debian-changes-digest-request(at)lists.debian.org>
Date: Thu Jan 24 2008 - 15:05:59 EST


Content-Type: text/plain

debian-changes-digest Digest Volume 2008 : Issue 8

Today's Topics: 

  Accepted scponly 4.6-1etch1 (source   [ Florian Weimer  ]
  Accepted libvorbis 1.1.2.dfsg-1.3 (s  [ Moritz Muehlenhoff  ]
  Accepted xine-lib 1.1.2+dfsg-5 (sour  [ Darren Salt  ]
  Accepted dircproxy 1.0.5-5etch1 (sou  [ Martin Zobel-Helas  ]

Date: Wed, 23 Jan 2008 19:52:12 +0000
From: Florian Weimer <fw@deneb.enyo.de>
To: debian-changes@lists.debian.org
Subject: Accepted scponly 4.6-1etch1 (source amd64) 

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Tue, 25 Dec 2007 14:11:00 +0100
Source: scponly
Binary: scponly
Architecture: source amd64
Version: 4.6-1etch1
Distribution: stable-security
Urgency: high
Maintainer: Thomas Wana <greuff@debian.org> Changed-By: Florian Weimer <fw@deneb.enyo.de> Description:=20
 scponly - Restricts the commands available to scp- and sftp-users Closes: 437148
Changes:=20
 scponly (4.6-1etch1) stable-security; urgency=3Dhigh  .

  • Non-maintainer upload by the Security Team
  • Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148.
  • scp: -o and -F options are dangerous (CVE-2007-6415). Files:=20 c02dfefb7289fcb09e9ac83d7cf78655 890 utils optional scponly_4.6-1etch1.d= sc 0425cb868cadd026851238452f1db907 96578 utils optional scponly_4.6.orig.t= ar.gz a588cb9138820d73f16bc81ffc4f8e20 28528 utils optional scponly_4.6-1etch1= .diff.gz 2bb425113107e4e471c15685333f1a0a 34214 utils optional scponly_4.6-1etch1= _amd64.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

Do you need help?X

iQEVAwUBR3EI5797/wQC1SS+AQLsYAf9FvSLLurAKk42qCXJgjysHinC0iLsKpZp aTVAxPCInbqg7IwX5Rf28gXogQ3OROStMZfduyjxaRXUxnLkgD+pTS/aYKbIueEo LvL2bhHJFyQQuxqZ3wOBLvHndRWAwdsuNWxnpQPDgxWVDzw3jVINp50bk25aVMV8 OMkNxhcJUWjhr71TRv7A1aNfn70z8lnZGTjyBMkqr9MEqiJ2vYr7TPbyhONBqmad 8g6IJj1oJ3aq5wRuoZ88Klwze6kWXfb7TdN6I4grDVZ8JRoBb/AhX5tyXVHo5mZ1 NcgLb/XCLJpLtgI0Lh6/8qErvqE+d5FOYqEKtNLXzng12iPiw4YoNQ=3D=3D =3DeP3R
-----END PGP SIGNATURE-----
 Accepted:
scponly_4.6-1etch1.diff.gz
  to pool/main/s/scponly/scponly_4.6-1etch1.diff.gz scponly_4.6-1etch1.dsc
  to pool/main/s/scponly/scponly_4.6-1etch1.dsc scponly_4.6-1etch1_amd64.deb
  to pool/main/s/scponly/scponly_4.6-1etch1_amd64.deb

Date: Wed, 23 Jan 2008 19:52:16 +0000
From: Moritz Muehlenhoff <jmm@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted libvorbis 1.1.2.dfsg-1.3 (source i386) 

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Sun, 20 Jan 2008 12:49:01 +0000
Source: libvorbis
Binary: libvorbis0a libvorbis-dev libvorbisenc2 libvorbisfile3 Architecture: source i386
Version: 1.1.2.dfsg-1.3
Distribution: stable-security
Urgency: low
Maintainer: Debian Xiph.org Maintainers <pkg-xiph-maint@lists.alioth.debi= an.org>
Changed-By: Moritz Muehlenhoff <jmm@debian.org> Description:=20
 libvorbis-dev - The Vorbis General Audio Compression Codec (development = files)
 libvorbis0a - The Vorbis General Audio Compression Codec  libvorbisenc2 - The Vorbis General Audio Compression Codec  libvorbisfile3 - The Vorbis General Audio Compression Codec Changes:=20
 libvorbis (1.1.2.dfsg-1.3) stable-security; urgency=3Dlow  .

  • Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 Files:=20 514e1b39b9020ec71b598a86ecd7a98a 787 libs optional libvorbis_1.1.2.dfsg-= 1.3.dsc 44cf09fef7f78e7c6ba7dd63b6137412 1312540 libs optional libvorbis_1.1.2.d= fsg.orig.tar.gz 6d5a52ab761bee984f8a3bf4824c1da2 15113 libs optional libvorbis_1.1.2.dfs= g-1.3.diff.gz 4ff2cbd6cd9acbbee79f14e15d48adc7 97908 libs optional libvorbis0a_1.1.2.d= fsg-1.3_i386.deb 6988a44b88cecade073a6904c493e8b4 75208 libs optional libvorbisenc2_1.1.2= .dfsg-1.3_i386.deb 278dc87b1e3486ea3a991bf0d3abf058 18756 libs optional libvorbisfile3_1.1.= 2.dfsg-1.3_i386.deb 580e82ae5823628b6ee7ecd2a5cc8f7c 446560 libdevel optional libvorbis-dev_= 1.1.2.dfsg-1.3_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHk0RBXm3vHE4uyloRAqKaAKDPUijGhuS2kFzKArjOZqZg3c/cNgCdHkUW NddqQIHL8aQZFP3FrVAU9rU=3D
=3DByKR
-----END PGP SIGNATURE-----
 Accepted:
libvorbis-dev_1.1.2.dfsg-1.3_i386.deb
  to pool/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.3_i386.deb libvorbis0a_1.1.2.dfsg-1.3_i386.deb
  to pool/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.3_i386.deb libvorbis_1.1.2.dfsg-1.3.diff.gz
  to pool/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.3.diff.gz libvorbis_1.1.2.dfsg-1.3.dsc
  to pool/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.3.dsc libvorbisenc2_1.1.2.dfsg-1.3_i386.deb
  to pool/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.3_i386.deb libvorbisfile3_1.1.2.dfsg-1.3_i386.deb
  to pool/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.3_i386.deb

Do you need more help?X

Date: Wed, 23 Jan 2008 19:52:14 +0000
From: Darren Salt <linux@youmustbejoking.demon.co.uk> To: debian-changes@lists.debian.org
Subject: Accepted xine-lib 1.1.2+dfsg-5 (source i386) 

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Fri, 11 Jan 2008 11:37:46 +0000
Source: xine-lib
Binary: libxine1-dbg libxine-dev libxine1 Architecture: source i386
Version: 1.1.2+dfsg-5
Distribution: stable-security
Urgency: low
Maintainer: Siggi Langauf <siggi@debian.org> Changed-By: Darren Salt <linux@youmustbejoking.demon.co.uk> Description:=20
 libxine-dev - the xine video player library, development packages  libxine1 - the xine video/media player library, binary files  libxine1-dbg - the xine video/media player library, debug data Changes:=20
 xine-lib (1.1.2+dfsg-5) stable-security; urgency=3Dlow  .

  • Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225) (backported from xine-lib 1.1.9.1) Files:=20 53abacfee8d02a781fe432ea093f61e9 1536 libs optional xine-lib_1.1.2+dfsg-= 5.dsc ae6525a76280a6e1979c3f4f89fd00f3 6716994 libs optional xine-lib_1.1.2+df= sg.orig.tar.gz 0e4830926b4339d3d2f0887636cc8267 21827 libs optional xine-lib_1.1.2+dfsg=
    -5.diff.gz
    7e7561bb3b9913127c4c147688d6b115 116932 libdevel optional libxine-dev_1.= 1.2+dfsg-5_i386.deb 548e061fb9a63d54fdc19ca022e2bfa8 3317848 libs optional libxine1_1.1.2+df= sg-5_i386.deb 51c0c12f085d80f1b7da7090e5a6270d 3957048 libs extra libxine1-dbg_1.1.2+d= fsg-5_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHkmrdXm3vHE4uyloRAlJNAKCxEfYpPl1jR+QhqdLV+0nFb9dPmgCgwQtx s3bLwkss3+7+1nYWSvkwo4Y=3D
=3DNr6e
-----END PGP SIGNATURE-----
 Accepted:
libxine-dev_1.1.2+dfsg-5_i386.deb
  to pool/main/x/xine-lib/libxine-dev_1.1.2+dfsg-5_i386.deb libxine1-dbg_1.1.2+dfsg-5_i386.deb
  to pool/main/x/xine-lib/libxine1-dbg_1.1.2+dfsg-5_i386.deb libxine1_1.1.2+dfsg-5_i386.deb
  to pool/main/x/xine-lib/libxine1_1.1.2+dfsg-5_i386.deb xine-lib_1.1.2+dfsg-5.diff.gz
  to pool/main/x/xine-lib/xine-lib_1.1.2+dfsg-5.diff.gz xine-lib_1.1.2+dfsg-5.dsc
  to pool/main/x/xine-lib/xine-lib_1.1.2+dfsg-5.dsc

Date: Thu, 24 Jan 2008 19:52:13 +0000
From: Brice Goglin <bgoglin@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted xorg-server 2:1.1.1-21etch4 (source i386) 

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Can we help you?X

Format: 1.7
Date: Thu, 24 Jan 2008 01:13:41 +0100
Source: xorg-server
Binary: xserver-xephyr xserver-xorg-core xvfb xdmx xserver-xorg-dev xdmx-= tools xnest
Architecture: source i386
Version: 2:1.1.1-21etch4
Distribution: stable
Urgency: low
Maintainer: Debian X Strike Force <debian-x@lists.debian.org> Changed-By: Brice Goglin <bgoglin@debian.org> Description:=20 

 xdmx       - Distributed Multihead X server
 xdmx-tools - Distributed Multihead X tools
 xnest      - Nested X server
 xserver-xephyr - Next Generation Nested X Server
 xserver-xorg-core - X.Org X server -- core server  xserver-xorg-dev - X.Org X server -- development files  xvfb - Virtual Framebuffer 'fake' X server Closes: 353494
Changes:=20
 xorg-server (2:1.1.1-21etch4) stable; urgency=3Dlow  .
   [ Julien Cristau ]
  • Add patch by Michael Karcher <karcher@physik.fu-berlin.de> to fix in= line asm in fb/fbpict.c. On processors without the cpuid instruction, th= e X server would get a SIGILL (closes: #353494). . [ Brice Goglin ]
  • Add myself to Uploaders. Files:=20 899a7caa34e3ea13e2ae17eacf88da18 2024 x11 optional xorg-server_1.1.1-21e= tch4.dsc 3460388d58ec05824f8335031f5907b1 626691 x11 optional xorg-server_1.1.1-2= 1etch4.diff.gz 9423294e54ca4154eacfe9f3c604ac28 3654946 x11 optional xserver-xorg-core_= 1.1.1-21etch4_i386.deb 5c874fb2299d11a41866ca09fd535e1f 345466 x11 optional xserver-xorg-dev_1.= 1.1-21etch4_i386.deb e578db37b6bb15d409e30c0b7abd8ba2 808174 x11 optional xdmx_1.1.1-21etch4_= i386.deb bada08edd006a2f2ea5946827ef3139b 121716 x11 optional xdmx-tools_1.1.1-21= etch4_i386.deb d0dc6651b7391134ec350379973ba4d0 1388244 x11 optional xnest_1.1.1-21etch= 4_i386.deb 4da9af1bca033abdc31dad95175417dc 1538074 x11 optional xvfb_1.1.1-21etch4= _i386.deb d97fd466f68583a4fbf4bc53fd2ed1b8 1563280 x11 optional xserver-xephyr_1.1= .1-21etch4_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHl99HRh88F8PcWfoRAqeqAJ9CNN3HxT4A2qoo+VZ+nIdeCBmY8gCg40ho fFdZzPxVy7lbb7Groqunik8=3D
=3DpyLp
-----END PGP SIGNATURE-----
 Accepted:
xdmx-tools_1.1.1-21etch4_i386.deb
  to pool/main/x/xorg-server/xdmx-tools_1.1.1-21etch4_i386.deb xdmx_1.1.1-21etch4_i386.deb
  to pool/main/x/xorg-server/xdmx_1.1.1-21etch4_i386.deb xnest_1.1.1-21etch4_i386.deb
  to pool/main/x/xorg-server/xnest_1.1.1-21etch4_i386.deb xorg-server_1.1.1-21etch4.diff.gz
  to pool/main/x/xorg-server/xorg-server_1.1.1-21etch4.diff.gz xorg-server_1.1.1-21etch4.dsc
  to pool/main/x/xorg-server/xorg-server_1.1.1-21etch4.dsc xserver-xephyr_1.1.1-21etch4_i386.deb
  to pool/main/x/xorg-server/xserver-xephyr_1.1.1-21etch4_i386.deb xserver-xorg-core_1.1.1-21etch4_i386.deb   to pool/main/x/xorg-server/xserver-xorg-core_1.1.1-21etch4_i386.deb xserver-xorg-dev_1.1.1-21etch4_i386.deb
  to pool/main/x/xorg-server/xserver-xorg-dev_1.1.1-21etch4_i386.deb xvfb_1.1.1-21etch4_i386.deb
  to pool/main/x/xorg-server/xvfb_1.1.1-21etch4_i386.deb

Date: Thu, 24 Jan 2008 19:52:20 +0000
From: Martin Zobel-Helas <zobel@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted dircproxy 1.0.5-5etch1 (source i386) 

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Thu, 24 Jan 2008 09:11:16 +0100
Source: dircproxy
Binary: dircproxy
Architecture: source i386
Version: 1.0.5-5etch1
Distribution: stable
Urgency: low
Maintainer: Alex Pennace <alex@pennace.org> Changed-By: Martin Zobel-Helas <zobel@debian.org> Description:=20
 dircproxy - IRC proxy for people who use IRC from different workstation= s
Closes: 445883
Changes:=20
 dircproxy (1.0.5-5etch1) stable; urgency=3Dlow  .

  • Non-maintainer upload by SRM
  • Backport upstream patch to fix a NULL pointer reference, which can lead to a DoS (Closes: #445883) Fixes: CVE-2007-5226 Files:=20 567a30ce73ab51456c9c561717f9fbb7 578 net optional dircproxy_1.0.5-5etch1= .dsc 458702fb8f57d35ed431762ebf6f9986 14786 net optional dircproxy_1.0.5-5etc= h1.diff.gz ad5041f7ffbf4bacf7be31f24ac6a5f1 121220 net optional dircproxy_1.0.5-5et= ch1_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

Can't find what you're looking for?X

iD8DBQFHmEktST77jl1k+HARAn+uAKDnwEU+Xx5fKwF8RYSFVPN7CP+zwQCgpwZW nBWwilZu1hB6SGzzzwZF3x0=3D
=3DLIs5
-----END PGP SIGNATURE-----
 Accepted:
dircproxy_1.0.5-5etch1.diff.gz
  to pool/main/d/dircproxy/dircproxy_1.0.5-5etch1.diff.gz dircproxy_1.0.5-5etch1.dsc
  to pool/main/d/dircproxy/dircproxy_1.0.5-5etch1.dsc dircproxy_1.0.5-5etch1_i386.deb
  to pool/main/d/dircproxy/dircproxy_1.0.5-5etch1_i386.deb

Date: Thu, 24 Jan 2008 19:52:18 +0000
From: Moritz Muehlenhoff <jmm@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted exiv2 0.10-1.5 (source all i386) 

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Mon, 21 Jan 2008 19:41:07 +0100
Source: exiv2
Binary: exiv2 libexiv2-doc libexiv2-dev libexiv2-0.10 Architecture: source all i386
Version: 0.10-1.5
Distribution: stable-security
Urgency: high
Maintainer: KELEMEN Peter <fuji@debian.org> Changed-By: Moritz Muehlenhoff <jmm@debian.org> Description:=20
 exiv2 - EXIF/IPTC metadata manipulation tool  libexiv2-0.10 - EXIF/IPTC metadata manipulation library  libexiv2-dev - EXIF/IPTC metadata manipulation library - development fil= es
 libexiv2-doc - EXIF/IPTC metadata manipulation library - HTML documentat= ion
Changes:=20
 exiv2 (0.10-1.5) stable-security; urgency=3Dhigh  .

  • Fix integer overflow (CVE-2007-6353). Files:=20 ed1b77214142dfedc6c6d88d475987d9 660 graphics optional exiv2_0.10-1.5.ds= c 5af2256fb9895d9331684e8c1865b956 2053756 graphics optional exiv2_0.10.or= ig.tar.gz ff0fc3ef64872fbb591f7258620f5f0b 31515 graphics optional exiv2_0.10-1.5.= diff.gz 33830c83524ab3ea4fb72ed5fad9889a 75758 graphics optional exiv2_0.10-1.5_= i386.deb 32dc3334472467a5642b3ebf70d73f83 283882 libs optional libexiv2-0.10_0.10=
    -1.5_i386.deb
    5871ee4d12d7833b55434a0bd2c78804 509668 libdevel optional libexiv2-dev_0= .10-1.5_i386.deb ba3233f1b9cf71d3bf45ce0790942af9 1471716 doc optional libexiv2-doc_0.10-= 1.5_all.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHlOqCXm3vHE4uyloRAhozAJ9/uOq6qNd+gK5Djw6slEiPd4DKdACgjPVu cpaaJVihg/YUiujpeYj25Fg=3D
=3DXuF+
-----END PGP SIGNATURE-----
 Accepted:
exiv2_0.10-1.5.diff.gz
  to pool/main/e/exiv2/exiv2_0.10-1.5.diff.gz exiv2_0.10-1.5.dsc
  to pool/main/e/exiv2/exiv2_0.10-1.5.dsc exiv2_0.10-1.5_i386.deb
  to pool/main/e/exiv2/exiv2_0.10-1.5_i386.deb libexiv2-0.10_0.10-1.5_i386.deb
  to pool/main/e/exiv2/libexiv2-0.10_0.10-1.5_i386.deb libexiv2-dev_0.10-1.5_i386.deb
  to pool/main/e/exiv2/libexiv2-dev_0.10-1.5_i386.deb libexiv2-doc_0.10-1.5_all.deb
  to pool/main/e/exiv2/libexiv2-doc_0.10-1.5_all.deb

End of debian-changes-digest Digest V2008 Issue #8

Received on Thu Jan 24 15:07:59 2008
Don't know where to look next?X

This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 07:00:28 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library