Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: lists.debian.org > debian-changes > 08 > 010477.html (Request Expert lists.debian.org Support)

debian-changes-digest Digest V2008 #11

From: <debian-changes-digest-request(at)lists.debian.org>
Date: Mon Jan 28 2008 - 15:08:06 EST


Content-Type: text/plain

debian-changes-digest Digest Volume 2008 : Issue 11

Today's Topics: 

  Accepted xine-lib 1.0.1-1sarge6 (sou  [ Darren Salt  ]
  Accepted scponly 4.0-1sarge2 (source  [ Florian Weimer  ]
  Accepted libvorbis 1.1.0-2 (source i  [ Moritz Muehlenhoff  ]
  Accepted mantis 0.19.2-5sarge5 (sour  [ Patrick Schoenfeld 

Date: Mon, 28 Jan 2008 19:52:12 +0000


From: Darren Salt <linux@youmustbejoking.demon.co.uk>
To: debian-changes@lists.debian.org


Subject: Accepted xine-lib 1.0.1-1sarge6 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----


Hash: SHA1



Format: 1.7


Date: Sat, 19 Jan 2008 21:59:41 +0000


Source: xine-lib


Binary: libxine-dev libxine1


Architecture: source i386


Version: 1.0.1-1sarge6


Distribution: oldstable-security


Urgency: high


Maintainer: Siggi Langauf <siggi@debian.org>
Changed-By: Darren Salt <linux@youmustbejoking.demon.co.uk>
Description:=20


 libxine-dev - the xine video player library, development packages
 libxine1   - the xine video/media player library, binary files
Closes: 460551


Changes:=20


 xine-lib (1.0.1-1sarge6) oldstable-security; urgency=3Dhigh
 .


  •   Security bug fix:

  
    •   CVE-2008-0225: Heap-based buffer overflow in rmff_dump_cont functi=
on
       which allows remote attacker to execute arbitrary code via a craft=
ed
       SDP Abstract attribute (Closes: #460551).
Files:=20
 a71bea7e3fcfb743bdc7add1c3ad2c3a 1059 libs optional xine-lib_1.0.1-1sarg=
e6.dsc
 cf5b621b9730754647d46865e85d1758 5983 libs optional xine-lib_1.0.1-1sarg=
e6.diff.gz
 f0970164861c2efd8ff11b2f38ebf566 107922 libdevel optional libxine-dev_1.=
0.1-1sarge6_i386.deb
 74a7995d0ddb11d42666e010884c97f0 4206292 libs optional libxine1_1.0.1-1s=
arge6_i386.deb


  
-----BEGIN PGP SIGNATURE-----


Version: GnuPG v1.4.1 (GNU/Linux)


Do you need help?X

iD8DBQFHkzlEXm3vHE4uyloRAhqRAJ4yq+1i5ibaA4CrMCc2wKEXoL9/yACgl84M
Fg8hR6xLH5MqhpvNXok9pew=3D


=3Ddqt2

-----END PGP SIGNATURE-----



Accepted:


libxine-dev_1.0.1-1sarge6_i386.deb


  to pool/main/x/xine-lib/libxine-dev_1.0.1-1sarge6_i386.deb
libxine1_1.0.1-1sarge6_i386.deb


  to pool/main/x/xine-lib/libxine1_1.0.1-1sarge6_i386.deb
xine-lib_1.0.1-1sarge6.diff.gz


  to pool/main/x/xine-lib/xine-lib_1.0.1-1sarge6.diff.gz
xine-lib_1.0.1-1sarge6.dsc


  to pool/main/x/xine-lib/xine-lib_1.0.1-1sarge6.dsc



Date: Mon, 28 Jan 2008 19:52:15 +0000


From: Moritz Muehlenhoff <jmm@debian.org>
To: debian-changes@lists.debian.org


Subject: Accepted flac 1.1.1-5sarge1 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----


Hash: SHA1



Format: 1.7


Date: Sat, 19 Jan 2008 14:43:56 +0100


Source: flac


Binary: liboggflac++0c102 libflac++-dev liboggflac-dev libflac-dev libfla=
c++4 xmms-flac libflac6 liboggflac++-dev flac liboggflac1
Architecture: source i386


Version: 1.1.1-5sarge1


Distribution: oldstable-security


Urgency: high


Maintainer: Matt Zimmerman <mdz@debian.org>
Changed-By: Moritz Muehlenhoff <jmm@debian.org>
Description:=20


 flac       - Free Lossless Audio Codec - command line tools
 libflac++-dev - Free Lossless Audio Codec - C++ development library
 libflac++4 - Free Lossless Audio Codec - C++ runtime library
 libflac-dev - Free Lossless Audio Codec - C development library
 libflac6   - Free Lossless Audio Codec - runtime C library
 liboggflac++-dev - Free Lossless Audio Codec - C++ development library (=
ogg)


 liboggflac++0c102 - Free Lossless Audio Codec - C++ runtime library (ogg=
)


 liboggflac-dev - Free Lossless Audio Codec - C development library (ogg)
 liboggflac1 - Free Lossless Audio Codec - runtime C library (ogg)
 xmms-flac  - Free Lossless Audio Codec - XMMS input plugin
Changes:=20


 flac (1.1.1-5sarge1) oldstable-security; urgency=3Dhigh
 .


  •   Fix several vulnerabilities.
Files:=20
 53b3248ea820a22e34004a622ae6effe 782 sound optional flac_1.1.1-5sarge1.d=
sc
 c6ccddccf8ad344065698047c2fc7280 1467204 sound optional flac_1.1.1.orig.=
tar.gz
 271b7342b38091dd7a9ff8c882acff3f 291696 sound optional flac_1.1.1-5sarge=
1.diff.gz
 c2c2d76d67ff17bdc13578cc560d5861 583566 sound optional flac_1.1.1-5sarge=
1_i386.deb
 c72adc70e44e0f567b2c8f318b629bec 98092 libs optional libflac6_1.1.1-5sar=
ge1_i386.deb
 ba4919470c76b9f37d855af4b2a00680 166202 libdevel optional libflac-dev_1.=
1.1-5sarge1_i386.deb
 cdc2382e6b08f6542bee7651f1a6a242 30512 libs optional liboggflac1_1.1.1-5=
sarge1_i386.deb
 48325c416d2668b107a93a0c1a217b31 54854 libdevel optional liboggflac-dev_=
1.1.1-5sarge1_i386.deb
 54b886e0e0c89ada93f7ce127ca0b85c 40098 libs optional libflac++4_1.1.1-5s=
arge1_i386.deb
 606c64dc8d8149d5d9d8a30711bd514d 44162 libdevel optional libflac++-dev_1=
.1.1-5sarge1_i386.deb
 30fc38d49a567508f7314745ae5c78d5 26728 libs optional liboggflac++0c102_1=
.1.1-5sarge1_i386.deb
 ca2fa13d8b6f3134e8d020b2981e8f81 24562 libdevel optional liboggflac++-de=
v_1.1.1-5sarge1_i386.deb
 abf9b7031c2c96ca06f4f2475195b8d5 51278 sound optional xmms-flac_1.1.1-5s=
arge1_i386.deb



-----BEGIN PGP SIGNATURE-----


Version: GnuPG v1.4.1 (GNU/Linux)



iD8DBQFHko6uXm3vHE4uyloRAvw2AJ0dtAyp3YHAF3e/UVXtXjUsMztA1ACgssNp
deqxOnkZ/yL+JjZvb+n+ZDY=3D


=3DYa24

-----END PGP SIGNATURE-----



Accepted:


flac_1.1.1-5sarge1.diff.gz


  to pool/main/f/flac/flac_1.1.1-5sarge1.diff.gz
flac_1.1.1-5sarge1.dsc


  to pool/main/f/flac/flac_1.1.1-5sarge1.dsc
flac_1.1.1-5sarge1_i386.deb


  to pool/main/f/flac/flac_1.1.1-5sarge1_i386.deb
libflac++-dev_1.1.1-5sarge1_i386.deb


  to pool/main/f/flac/libflac++-dev_1.1.1-5sarge1_i386.deb
libflac++4_1.1.1-5sarge1_i386.deb


  to pool/main/f/flac/libflac++4_1.1.1-5sarge1_i386.deb
libflac-dev_1.1.1-5sarge1_i386.deb


  to pool/main/f/flac/libflac-dev_1.1.1-5sarge1_i386.deb
libflac6_1.1.1-5sarge1_i386.deb


  to pool/main/f/flac/libflac6_1.1.1-5sarge1_i386.deb
liboggflac++-dev_1.1.1-5sarge1_i386.deb


  to pool/main/f/flac/liboggflac++-dev_1.1.1-5sarge1_i386.deb
liboggflac++0c102_1.1.1-5sarge1_i386.deb
  to pool/main/f/flac/liboggflac++0c102_1.1.1-5sarge1_i386.deb
liboggflac-dev_1.1.1-5sarge1_i386.deb


  to pool/main/f/flac/liboggflac-dev_1.1.1-5sarge1_i386.deb
liboggflac1_1.1.1-5sarge1_i386.deb


  to pool/main/f/flac/liboggflac1_1.1.1-5sarge1_i386.deb
xmms-flac_1.1.1-5sarge1_i386.deb


  to pool/main/f/flac/xmms-flac_1.1.1-5sarge1_i386.deb


Do you need more help?X

Date: Mon, 28 Jan 2008 19:52:18 +0000


From: Florian Weimer <fw@deneb.enyo.de>


To: debian-changes@lists.debian.org


Subject: Accepted scponly 4.0-1sarge2 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----


Hash: SHA1



Format: 1.7


Date: Tue, 25 Dec 2007 13:27:52 +0100


Source: scponly


Binary: scponly


Architecture: source i386


Version: 4.0-1sarge2


Distribution: oldstable-security


Urgency: high


Maintainer: Thomas Wana <greuff@debian.org>
Changed-By: Florian Weimer <fw@deneb.enyo.de>
Description:=20


 scponly    - Restricts the commands available to scp- and sftp-users
Closes: 437148


Changes:=20


 scponly (4.0-1sarge2) oldstable-security; urgency=3Dhigh
 .


  •   Non-maintainer upload by the Security Team
  
  •   Remove rsync, Subversion and Unison support because it was possible
     to gain shell access through them (CVE-2007-6350).  Closes: #437148.
  
  •   scp: -o and -F options are dangerous (CVE-2007-6415).
Files:=20
 f37d3236975bdb6742eba5ac788c40c2 892 utils optional scponly_4.0-1sarge2.=
dsc
 380ea78eb602749989c8031a4f916c79 27490 utils optional scponly_4.0-1sarge=
2.diff.gz
 62413a011d04721bb4b6f9a3d9496e27 29322 utils optional scponly_4.0-1sarge=
2_i386.deb



-----BEGIN PGP SIGNATURE-----


Version: GnuPG v1.4.6 (GNU/Linux)



iQEVAwUBR3EI5L97/wQC1SS+AQIcOgf6AzLvBGObNrYFKRLbZXuC3l5TPr2wiw03
mlwAbDAyvjsb84lsJz69H9u2wmmr0RWHr+JIepkKA5ewoH0on9SCskdjOVDd6cBV
xMS3n0qnUIK7bXsZmxIyYg61neDHLalVlkShPu4+reYEbevE6CLU2p0n+L3esyLn
fbDdWJae/29Pdt3G+xhZHyx0ruPmEkoQI3X96ar4qA7JGVJdQsl9gjLfJH4hY2Ii
RrRzYaIaJVqJfN3eBw8bsVGW2NW9uMya97a9pzyE7Y5uqZO59SwxJl9jdRYGiCbP
J4Y4brNlIyFx0bouwFL+Y4qNVP+aHX0N8hxaux99RRqvdbEHJY1OXw=3D=3D
=3DmZhF

-----END PGP SIGNATURE-----



Accepted:


scponly_4.0-1sarge2.diff.gz


  to pool/main/s/scponly/scponly_4.0-1sarge2.diff.gz
scponly_4.0-1sarge2.dsc


  to pool/main/s/scponly/scponly_4.0-1sarge2.dsc
scponly_4.0-1sarge2_i386.deb


  to pool/main/s/scponly/scponly_4.0-1sarge2_i386.deb



Date: Mon, 28 Jan 2008 19:52:59 +0000


From: Moritz Muehlenhoff <jmm@debian.org>
To: debian-changes@lists.debian.org


Subject: Accepted libvorbis 1.1.0-2 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----


Hash: SHA1


Can we help you?X

Format: 1.7


Date: Sun, 20 Jan 2008 13:08:36 +0000


Source: libvorbis


Binary: libvorbis0a libvorbis-dev libvorbisenc2 libvorbisfile3
Architecture: source i386


Version: 1.1.0-2


Distribution: oldstable-security


Urgency: low


Maintainer: Christopher L Cheney <ccheney@debian.org>
Changed-By: Moritz Muehlenhoff <jmm@debian.org>
Description:=20


 libvorbis-dev - The Vorbis General Audio Compression Codec (development =
files)


 libvorbis0a - The Vorbis General Audio Compression Codec
 libvorbisenc2 - The Vorbis General Audio Compression Codec
 libvorbisfile3 - The Vorbis General Audio Compression Codec
Changes:=20


 libvorbis (1.1.0-2) oldstable-security; urgency=3Dlow
 .


  •   Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066
Files:=20
 b5ec6d8d0c0ff4685c78590293477e4b 680 libs optional libvorbis_1.1.0-2.dsc
 bb764aeabde613d1a424a29b1f15e7e6 1312404 libs optional libvorbis_1.1.0.o=
rig.tar.gz
 29d9172717dad2dec0c9cc19ba17ea1e 10367 libs optional libvorbis_1.1.0-2.d=
iff.gz
 e3e0b031eee3ca107d74babc72582dbe 95384 libs optional libvorbis0a_1.1.0-2=
_i386.deb
 a356e52746d5c2d5208173620a2842f0 81508 libs optional libvorbisenc2_1.1.0=
-2_i386.deb
 9e699a221a3fb782bae0ae3fc917537f 19048 libs optional libvorbisfile3_1.1.=
0-2_i386.deb
 342adc98e7c2b0e9f3983a706f6a221a 467764 libdevel optional libvorbis-dev_=
1.1.0-2_i386.deb



-----BEGIN PGP SIGNATURE-----


Version: GnuPG v1.4.1 (GNU/Linux)



iD8DBQFHk0hdXm3vHE4uyloRAiO+AJ9n37SXLbWvaEtn/Ex1jspmQUicjACfSV8W
LbzpzNTZKUe24EA1uDBUs+E=3D


=3DYggr

-----END PGP SIGNATURE-----



Accepted:


libvorbis-dev_1.1.0-2_i386.deb


  to pool/main/libv/libvorbis/libvorbis-dev_1.1.0-2_i386.deb
libvorbis0a_1.1.0-2_i386.deb


  to pool/main/libv/libvorbis/libvorbis0a_1.1.0-2_i386.deb
libvorbis_1.1.0-2.diff.gz


  to pool/main/libv/libvorbis/libvorbis_1.1.0-2.diff.gz
libvorbis_1.1.0-2.dsc


  to pool/main/libv/libvorbis/libvorbis_1.1.0-2.dsc
libvorbisenc2_1.1.0-2_i386.deb


  to pool/main/libv/libvorbis/libvorbisenc2_1.1.0-2_i386.deb
libvorbisfile3_1.1.0-2_i386.deb


  to pool/main/libv/libvorbis/libvorbisfile3_1.1.0-2_i386.deb



Date: Mon, 28 Jan 2008 19:52:17 +0000


From: Patrick Schoenfeld <schoenfeld@in-medias-res.com>
To: debian-changes@lists.debian.org


Subject: Accepted mantis 0.19.2-5sarge5 (source all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----


Hash: SHA1



Format: 1.7


Date: Wed, 09 Jan 2008 10:24:53 +0100


Source: mantis


Binary: mantis


Architecture: source all


Version: 0.19.2-5sarge5


Distribution: oldstable-security


Urgency: high


Maintainer: Igor Genibel <igenibel@debian.org>
Changed-By: Patrick Schoenfeld <schoenfeld@in-medias-res.com>
Description:=20


 mantis     - web-based bug tracking system
Closes: 402802 458377


Changes:=20


 mantis (0.19.2-5sarge5) oldstable-security; urgency=3Dhigh
 .


  •   Maintainer upload for the security team
  
  •   Fixed security issue CVE-2007-6611: "Upload File" Script
     insertion vulnerability by applying the patch from sid.
     (Closes: #458377)
  
  •   Fixed security issue CVE-2006-6574: Custom Field Information Disclos=
ure by
     backporting changes in history_api.php from sid
     (Closes: #402802)
  
  •   Fixed security issue: Email notifications bypass security on custom =
fields
  
  •   Fixed multiple XSS vulnerabilites by backporting changes from upstre=
am
     version 1.0.7
Files:=20
 176c95ad5f1142fcb9364540fd19eeea 874 web optional mantis_0.19.2-5sarge5.=
dsc
 b1c5f077e0046c5b33d77e99a2b4ffe5 46292 web optional mantis_0.19.2-5sarge=
5.diff.gz
 5708305cbd20cde4825b3adb7d72d3a1 898014 web optional mantis_0.19.2-5sarg=
e5_all.deb



-----BEGIN PGP SIGNATURE-----


Version: GnuPG v1.4.6 (GNU/Linux)


Can't find what you're looking for?X

iQEVAwUBR4sVoWz0hbPcukPfAQJqMQf/QuiGvAL5OS//Vg5H8YmnYUHujP+I9qe7
eYaTODpsm6N8XhrUYYeiPO92bDYF8IfPJF+Novb2n/2qVoo/q5mV/UcYxeA3m2sw
p0/JdTZIFexifKN5Z/dsK36JH3UOQxSbTzJB5NrNMtypKS9wAkemk0M8EJynKWb+
Te6qdnQNDDAGkNBUBog99xaRz3cqhUCx+Um3pbEO60igzwwoEMb2d4yi1XEqJiKF
qR0HQtu8DnYrMyZ832QOY+56Ju4qY6xfn+RxCqqyu6LmeEI1cUY72VI2t7IuWNKA
Dr2WdF10Eutg958hb1tXCkpgXz1xfxNMDw/YQ8AHQliSJ0UkHun/FA=3D=3D
=3Dkp5F

-----END PGP SIGNATURE-----



Accepted:


mantis_0.19.2-5sarge5.diff.gz


  to pool/main/m/mantis/mantis_0.19.2-5sarge5.diff.gz
mantis_0.19.2-5sarge5.dsc


  to pool/main/m/mantis/mantis_0.19.2-5sarge5.dsc
mantis_0.19.2-5sarge5_all.deb


  to pool/main/m/mantis/mantis_0.19.2-5sarge5_all.deb



End of debian-changes-digest Digest V2008 Issue #11

Received on Mon Jan 28 15:09:51 2008

This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 07:00:31 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library