Hosting Provided By

debian-changes-digest Digest V2008 #49

From: <debian-changes-digest-request(at)lists.debian.org>
Date: Sat Feb 16 2008 - 07:54:38 EST

Content-Type: text/plain

debian-changes-digest Digest Volume 2008 : Issue 49

Today's Topics:

  Accepted tcpreen 1.4.3-0.1etch1 (sou  [ Moritz Muehlenhoff  ]
  Accepted libchipcard2 2.1.9-3 (sourc  [ Micha Lenk  ]
  Accepted libvorbis 1.1.2.dfsg-1.3 (s  [ Moritz Muehlenhoff  ]
  Accepted libarchive 1.2.53-2etch1 (s  [ Steffen Joeris  ]
  Accepted libsndfile 1.0.16-2 (source  [ Moritz Muehlenhoff  ]
  Accepted libexif 0.6.13-5etch2 (sour  [ Moritz Muehlenhoff  ]
  Accepted unace-nonfree 2.5-1etch1 (s  [ Fabian Greffrath  ]

Date: Sat, 16 Feb 2008 12:17:30 +0000
From: Moritz Muehlenhoff <jmm@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted tcpreen 1.4.3-0.1etch1 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Sat, 29 Dec 2007 15:32:14 +0000
Source: tcpreen
Binary: tcpreen
Architecture: source i386
Version: 1.4.3-0.1etch1
Distribution: stable-security
Urgency: high
Maintainer: Oliver Kurth <oku@debian.org> Changed-By: Moritz Muehlenhoff <jmm@debian.org> Description:=20
tcpreen - Simple TCP re-engineering tool Changes:=20
tcpreen (1.4.3-0.1etch1) stable-security; urgency=3Dhigh .

Fix multiple buffer overflows. (CVE-2007-6562) Files:=20 83c33a7131f3191048aba4b610e292ca 579 net optional tcpreen_1.4.3-0.1etch1= .dsc 5600968d012f8353e4e0797d4c330393 232290 net optional tcpreen_1.4.3.orig.= tar.gz b1af9b7571c037713b123f33e5e79721 26016 net optional tcpreen_1.4.3-0.1etc= h1.diff.gz bcd58bac3ae59767861a9fee6653e882 40274 net optional tcpreen_1.4.3-0.1etc= h1_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

Do you need help?

iD8DBQFHdmtBXm3vHE4uyloRAvnMAKCfMC7BzJdYXMYKMrB2bU6L+hessgCgk1Qw Ww+kYRsi0x84dpd56lTC+Ws=3D
=3DdSK0
-----END PGP SIGNATURE-----
Accepted:
tcpreen_1.4.3-0.1etch1.diff.gz
  to pool/main/t/tcpreen/tcpreen_1.4.3-0.1etch1.diff.gz tcpreen_1.4.3-0.1etch1.dsc
  to pool/main/t/tcpreen/tcpreen_1.4.3-0.1etch1.dsc tcpreen_1.4.3-0.1etch1_i386.deb
  to pool/main/t/tcpreen/tcpreen_1.4.3-0.1etch1_i386.deb

Date: Sat, 16 Feb 2008 12:17:12 +0000
From: Micha Lenk <micha@lenk.info>
To: debian-changes@lists.debian.org
Subject: Accepted libchipcard2 2.1.9-3 (source i386 all)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Sat, 5 Jan 2008 17:58:18 +0100
Source: libchipcard2
Binary: libchipcard2-dev libchipcard2-tools libchipcard2-libgwenhywfar38-= plugins libchipcard2-data libchipcard2-0c2 Architecture: source i386 all
Version: 2.1.9-3
Distribution: stable
Urgency: low
Maintainer: Micha Lenk <micha@lenk.info> Changed-By: Micha Lenk <micha@lenk.info> Description:=20

 libchipcard2-0c2 - library for accessing smartcards
 libchipcard2-data - configuration files for libchipcard2-0c2
 libchipcard2-dev - API for smartcard readers
 libchipcard2-libgwenhywfar38-plugins - crypttoken plugin to libgwenhywfa=

r
libchipcard2-tools - tools for libchipcard2 Closes: 457412
Changes:=20
libchipcard2 (2.1.9-3) stable; urgency=3Dlow .

Let libchipcard2-0c2 depend on libchipcard2-data. Otherwise applicat= ions linking against libchipcard2 suffer from segfaults when libchipcard2=
-data
is not installed (closes: #457412).
Set myself as maintainer. Thanks to Thomas for his contributions so = far. Files:=20 d72fb7c9b285fffdd6c770efa48061a3 773 libs optional libchipcard2_2.1.9-3.= dsc ed04b2a44a61448bb0630fdc949427af 8960 libs optional libchipcard2_2.1.9-3= .diff.gz ece13458673c65e51fa4336a58e1b3b3 54658 devel extra libchipcard2-dev_2.1.= 9-3_all.deb 44e7379b5a673c9bf238ed18981c3468 66578 libs optional libchipcard2-data_2= .1.9-3_all.deb 7b139dac27373df4b1ea91c41bf7ef15 296026 libs optional libchipcard2-0c2_2= .1.9-3_i386.deb 059ab25e381b3ca9069f977fcec820f9 241872 misc optional libchipcard2-tools= _2.1.9-3_i386.deb ed87c1129c3033a9206594daf18c5f33 51566 misc optional libchipcard2-libgwe= nhywfar38-plugins_2.1.9-3_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHh9VpQbn06FtxPfARAuY/AJ93293fkBR301uRNr3j1yJTeaFv+wCfSwuC vTcrg08rcMBYM1Ut8PNjG7M=3D
=3Dkil5
-----END PGP SIGNATURE-----
Accepted:
libchipcard2-0c2_2.1.9-3_i386.deb
  to pool/main/libc/libchipcard2/libchipcard2-0c2_2.1.9-3_i386.deb libchipcard2-data_2.1.9-3_all.deb
  to pool/main/libc/libchipcard2/libchipcard2-data_2.1.9-3_all.deb libchipcard2-dev_2.1.9-3_all.deb
  to pool/main/libc/libchipcard2/libchipcard2-dev_2.1.9-3_all.deb libchipcard2-libgwenhywfar38-plugins_2.1.9-3_i386.deb   to pool/main/libc/libchipcard2/libchipcard2-libgwenhywfar38-plugins_2.1= .9-3_i386.deb
libchipcard2-tools_2.1.9-3_i386.deb
  to pool/main/libc/libchipcard2/libchipcard2-tools_2.1.9-3_i386.deb libchipcard2_2.1.9-3.diff.gz
  to pool/main/libc/libchipcard2/libchipcard2_2.1.9-3.diff.gz libchipcard2_2.1.9-3.dsc
  to pool/main/libc/libchipcard2/libchipcard2_2.1.9-3.dsc

Do you need more help?

Date: Sat, 16 Feb 2008 12:17:13 +0000
From: Moritz Muehlenhoff <jmm@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted libvorbis 1.1.2.dfsg-1.3 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Sun, 20 Jan 2008 12:49:01 +0000
Source: libvorbis
Binary: libvorbis0a libvorbis-dev libvorbisenc2 libvorbisfile3 Architecture: source i386
Version: 1.1.2.dfsg-1.3
Distribution: stable-security
Urgency: low
Maintainer: Debian Xiph.org Maintainers <pkg-xiph-maint@lists.alioth.debi= an.org>
Changed-By: Moritz Muehlenhoff <jmm@debian.org> Description:=20
libvorbis-dev - The Vorbis General Audio Compression Codec (development = files)
libvorbis0a - The Vorbis General Audio Compression Codec libvorbisenc2 - The Vorbis General Audio Compression Codec libvorbisfile3 - The Vorbis General Audio Compression Codec Changes:=20
libvorbis (1.1.2.dfsg-1.3) stable-security; urgency=3Dlow .

Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 Files:=20 514e1b39b9020ec71b598a86ecd7a98a 787 libs optional libvorbis_1.1.2.dfsg-= 1.3.dsc 44cf09fef7f78e7c6ba7dd63b6137412 1312540 libs optional libvorbis_1.1.2.d= fsg.orig.tar.gz 6d5a52ab761bee984f8a3bf4824c1da2 15113 libs optional libvorbis_1.1.2.dfs= g-1.3.diff.gz 4ff2cbd6cd9acbbee79f14e15d48adc7 97908 libs optional libvorbis0a_1.1.2.d= fsg-1.3_i386.deb 6988a44b88cecade073a6904c493e8b4 75208 libs optional libvorbisenc2_1.1.2= .dfsg-1.3_i386.deb 278dc87b1e3486ea3a991bf0d3abf058 18756 libs optional libvorbisfile3_1.1.= 2.dfsg-1.3_i386.deb 580e82ae5823628b6ee7ecd2a5cc8f7c 446560 libdevel optional libvorbis-dev_= 1.1.2.dfsg-1.3_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHk0RBXm3vHE4uyloRAqKaAKDPUijGhuS2kFzKArjOZqZg3c/cNgCdHkUW NddqQIHL8aQZFP3FrVAU9rU=3D
=3DByKR
-----END PGP SIGNATURE-----
Accepted:
libvorbis-dev_1.1.2.dfsg-1.3_i386.deb
  to pool/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.3_i386.deb libvorbis0a_1.1.2.dfsg-1.3_i386.deb
  to pool/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.3_i386.deb libvorbis_1.1.2.dfsg-1.3.diff.gz
  to pool/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.3.diff.gz libvorbis_1.1.2.dfsg-1.3.dsc
  to pool/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.3.dsc libvorbisenc2_1.1.2.dfsg-1.3_i386.deb
  to pool/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.3_i386.deb libvorbisfile3_1.1.2.dfsg-1.3_i386.deb
  to pool/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.3_i386.deb

Date: Sat, 16 Feb 2008 12:17:12 +0000
From: Steffen Joeris <white@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted libarchive 1.2.53-2etch1 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Can we help you?

Format: 1.7
Date: Fri, 4 Jan 2008 15:52:20 +0000
Source: libarchive
Binary: libarchive-dev libarchive1 bsdtar Architecture: source i386
Version: 1.2.53-2etch1
Distribution: stable-security
Urgency: high
Maintainer: John Goerzen <jgoerzen@complete.org> Changed-By: Steffen Joeris <white@debian.org> Description:=20
bsdtar - tar(1) from FreeBSD, using libarchive libarchive-dev - Single library to read/write tar, cpio, pax, zip, iso96= 60, etc.
libarchive1 - Single library to read/write tar, cpio, pax, zip, iso9660,= etc.
Changes:=20
libarchive (1.2.53-2etch1) stable-security; urgency=3Dhigh .

Non-maintainer upload by the security team
Fix buffer overflow, NULL pointer reference and DoS in archive_read_support_format_tar.c Fixes: CVE-2007-3641, CVE-2007-3644, CVE-2007-3645 Files:=20 6bd6417d5da3132138dfec988dd0b484 723 libs optional libarchive_1.2.53-2et= ch1.dsc 2e2df461fef05049b3a92e5bedc2de2c 522540 libs optional libarchive_1.2.53.= orig.tar.gz 454b6a56eec392fff05fde2e39b33241 6474 libs optional libarchive_1.2.53-2e= tch1.diff.gz e3e924b9c25d33d9412ab66e5745002b 95600 libdevel optional libarchive-dev_= 1.2.53-2etch1_i386.deb 9ae44a93dbe577fea5a3121b32e00bf5 73122 libs optional libarchive1_1.2.53-= 2etch1_i386.deb 5f52d186b87c77092c092836ad457585 82918 libs optional bsdtar_1.2.53-2etch= 1_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHgAP562zWxYk/rQcRAu97AJ9D2YXx1Mk8n2wQjHPVLO0X/XFJpACeIVkl aYgZBnQMDscYshXxwx4rIyU=3D
=3Dwh1E
-----END PGP SIGNATURE-----
Accepted:
bsdtar_1.2.53-2etch1_i386.deb
  to pool/main/liba/libarchive/bsdtar_1.2.53-2etch1_i386.deb libarchive-dev_1.2.53-2etch1_i386.deb
  to pool/main/liba/libarchive/libarchive-dev_1.2.53-2etch1_i386.deb libarchive1_1.2.53-2etch1_i386.deb
  to pool/main/liba/libarchive/libarchive1_1.2.53-2etch1_i386.deb libarchive_1.2.53-2etch1.diff.gz
  to pool/main/liba/libarchive/libarchive_1.2.53-2etch1.diff.gz libarchive_1.2.53-2etch1.dsc
  to pool/main/liba/libarchive/libarchive_1.2.53-2etch1.dsc

Date: Sat, 16 Feb 2008 12:17:13 +0000
From: Moritz Muehlenhoff <jmm@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted libsndfile 1.0.16-2 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Thu, 27 Dec 2007 21:07:10 +0000
Source: libsndfile
Binary: libsndfile1 libsndfile1-dev sndfile-programs Architecture: source i386
Version: 1.0.16-2
Distribution: stable-security
Urgency: high
Maintainer: Anand Kumria <wildfire@progsoc.org> Changed-By: Moritz Muehlenhoff <jmm@debian.org> Description:=20
libsndfile1 - Library for reading/writing audio files libsndfile1-dev - Library for reading/writing audio files sndfile-programs - Sample programs that use libsndfile Changes:=20
libsndfile (1.0.16-2) stable-security; urgency=3Dhigh .

Fix buffer overflow in FLAC code. (CVE-2007-4974) Files:=20 778f77063bf0aee761b5d9f7af793ced 639 devel optional libsndfile_1.0.16-2.= dsc 773b6639672d39b6342030c7fd1e9719 857117 devel optional libsndfile_1.0.16= .orig.tar.gz 3143afa4d8b69fe1ba9d0428d3b5b472 5465 devel optional libsndfile_1.0.16-2= .diff.gz 9fe5127322c613449eb0dde18a27cfb8 319560 libdevel optional libsndfile1-de= v_1.0.16-2_i386.deb e9bc609646a45373a0d365b071950c6a 197498 libs optional libsndfile1_1.0.16=
-2_i386.deb
834537ca8b562a4350d5a9c422f436ca 74262 utils optional sndfile-programs_1= .0.16-2_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

Can't find what you're looking for?

iD8DBQFHdBUaXm3vHE4uyloRAhBjAJ4zgVXpKZtrVxuk/jSD014kjjXfuACeOUm6 +HXHXGXMSs9JS41MoxOfY90=3D
=3DFnEq
-----END PGP SIGNATURE-----
Accepted:
libsndfile1-dev_1.0.16-2_i386.deb
  to pool/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_i386.deb libsndfile1_1.0.16-2_i386.deb
  to pool/main/libs/libsndfile/libsndfile1_1.0.16-2_i386.deb libsndfile_1.0.16-2.diff.gz
  to pool/main/libs/libsndfile/libsndfile_1.0.16-2.diff.gz libsndfile_1.0.16-2.dsc
  to pool/main/libs/libsndfile/libsndfile_1.0.16-2.dsc sndfile-programs_1.0.16-2_i386.deb
  to pool/main/libs/libsndfile/sndfile-programs_1.0.16-2_i386.deb

Date: Sat, 16 Feb 2008 12:17:13 +0000
From: Moritz Muehlenhoff <jmm@debian.org> To: debian-changes@lists.debian.org
Subject: Accepted libexif 0.6.13-5etch2 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Wed, 6 Feb 2008 00:00:57 +0100
Source: libexif
Binary: libexif12 libexif-dev
Architecture: source i386
Version: 0.6.13-5etch2
Distribution: stable-security
Urgency: high
Maintainer: Frederic Peters <fpeters@debian.org> Changed-By: Moritz Muehlenhoff <jmm@debian.org> Description:=20
libexif-dev - library to parse EXIF files (development files) libexif12 - library to parse EXIF files Changes:=20
libexif (0.6.13-5etch2) stable-security; urgency=3Dhigh .

Fix CVE-2007-2645, CVE-2007-6151, CVE-2007-6253 plus two crash bugs. Files:=20 31d21b75dede8ab7357d68dc10f31b03 611 libs optional libexif_0.6.13-5etch2= .dsc 99a0a91ef86facebe77eb309e84187ee 9821 libs optional libexif_0.6.13-5etch= 2.diff.gz 98478f9f44a8121aaa68173eabb9d045 1008258 libdevel optional libexif-dev_0= .6.13-5etch2_i386.deb 74f55a40478fb3735293b8b20a9b29b9 140088 libs optional libexif12_0.6.13-5= etch2_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHqiWjXm3vHE4uyloRAjgxAKC8UMlycfJmxB0sEZwAeN8xY5+qgQCgkTVx S4Q1qpNeTFPM97lf/hCh/fw=3D
=3DvPV5
-----END PGP SIGNATURE-----
Accepted:
libexif-dev_0.6.13-5etch2_i386.deb
  to pool/main/libe/libexif/libexif-dev_0.6.13-5etch2_i386.deb libexif12_0.6.13-5etch2_i386.deb
  to pool/main/libe/libexif/libexif12_0.6.13-5etch2_i386.deb libexif_0.6.13-5etch2.diff.gz
  to pool/main/libe/libexif/libexif_0.6.13-5etch2.diff.gz libexif_0.6.13-5etch2.dsc
  to pool/main/libe/libexif/libexif_0.6.13-5etch2.dsc

Don't know where to look next?

Date: Sat, 16 Feb 2008 12:32:39 +0000
From: Fabian Greffrath <fabian@debian-unofficial.org> To: debian-changes@lists.debian.org
Subject: Accepted unace-nonfree 2.5-1etch1 (source i386)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Confused? Frustrated? 
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related lists.debian.org Links
debian-announce
debian-apache
debian-arm-changes
debian-beowulf
debian-boot
debian-cd
debian-cd-vendors
debian-changes
debian-changes-digest
debian-isp
debian-kde
debian-laptop
debian-mirrors-announce
debian-news
debian-security
debian-security-announce
debian-testing
debian-user
debian-user-digest
Request more information about Pantek
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Format: 1.7
Date: Fri, 28 Dec 2007 20:37:00 +0100
Source: unace-nonfree
Binary: unace-nonfree
Architecture: source i386
Version: 2.5-1etch1
Distribution: stable
Urgency: medium
Maintainer: Fabian Greffrath <fabian@debian-unofficial.org> Changed-By: Fabian Greffrath <fabian@debian-unofficial.org> Description:=20
unace-nonfree - extract, test and view .ace archives (non-free version) Closes: 449395
Changes:=20
unace-nonfree (2.5-1etch1) stable; urgency=3Dmedium .

debian/control: + Reduced supported Archs to i386 and amd64 for the time being. .
Applied a series of patches courtesy of Michael Karcher <debian@mkarcher.dialup.fu-berlin.de>:
debian/patches/04-64bit.dpatch: + Replace declare.h by a generic stdint based version (Closes: #4493= 95).
debian/patches/11-possibly-critical.dpatch: + Fixes a possible security issue by initialising a local variable. Files:=20 a6a1d3098efd8ae6a3edc2d92c5e5fab 687 non-free/utils optional unace-nonfr= ee_2.5-1etch1.dsc fc03f3fc13eeba5c5496383cd1c31fc6 4748 non-free/utils optional unace-nonf= ree_2.5-1etch1.diff.gz 37e5b16fe1203f887e3d863df80e79dd 54016 non-free/utils optional unace-non= free_2.5-1etch1_i386.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHdYg45UTeB5t8Mo0RAj2vAJ96t99B/BHkMaV6EUeYd349Rah3dwCePXvD c8LT6KGaL+r2otM0/ylPDG8=3D
=3DQjKC
-----END PGP SIGNATURE-----
Accepted:
unace-nonfree_2.5-1etch1.diff.gz
  to pool/non-free/u/unace-nonfree/unace-nonfree_2.5-1etch1.diff.gz unace-nonfree_2.5-1etch1.dsc
  to pool/non-free/u/unace-nonfree/unace-nonfree_2.5-1etch1.dsc unace-nonfree_2.5-1etch1_i386.deb
  to pool/non-free/u/unace-nonfree/unace-nonfree_2.5-1etch1_i386.deb

Date: Sat, 16 Feb 2008 12:17:09 +0000
From: Alexander Sack <asac@debian.org>
To: debian-changes@lists.debian.org
Subject: Accepted icedove 1.5.0.13+1.5.0.15b.dfsg1-0etch1 (source all amd64)

Message-Id: 
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

Format: 1.7
Date: Fri, 08 Feb 2008 10:52:28 +0100
Source: icedove

Binary: icedove-inspector icedove-dev thunderbird-dbg thunderbird-inspect=
or icedove-typeaheadfind mozilla-thunderbird-typeaheadfind icedove-dbg th=
underbird-gnome-support thunderbird-typeaheadfind icedove mozilla-thunder=
bird-inspector icedove-gnome-support thunderbird mozilla-thunderbird-dev =

thunderbird-dev mozilla-thunderbird
Architecture: source amd64 all
Version: 1.5.0.13+1.5.0.15b.dfsg1-0etch1 Distribution: stable-security
Urgency: low
Maintainer: Alexander Sack <asac@debian.org> Changed-By: Alexander Sack <asac@debian.org> Description:=20
icedove - free/unbranded thunderbird mail client

 icedove-dbg - debugging symbols for icedove/thunderbird
 icedove-dev - development files for icedove/thunderbird
 icedove-gnome-support - GNOME support package for icedove/thunderbird
 icedove-inspector - DOM inspector extension for icedove/thunderbird
 icedove-typeaheadfind - typeaheadfind extension for icedove/thunderbird
 mozilla-thunderbird - Transition package for icedove rename
 mozilla-thunderbird-dev - Transition package for icedove-dev rename
 mozilla-thunderbird-inspector - Transition package for icedove-inspector=

rename
mozilla-thunderbird-typeaheadfind - Transition package for icedove-typea= headfind rename
thunderbird - Transition package for icedove rename

 thunderbird-dbg - Transition package for icedove-dbg rename
 thunderbird-dev - Transition package for icedove-dev rename
 thunderbird-gnome-support - Transition package for icedove-gnome-support=

rename
thunderbird-inspector - Transition package for icedove-inspector rename thunderbird-typeaheadfind - Transition package for icedove-typeaheadfind= rename
Changes:=20
icedove (1.5.0.13+1.5.0.15b.dfsg1-0etch1) stable-security; urgency=3Dlow .
[ Alexander Sack ]

security/stability update 1.5.0.13 + 1.5.0.15 (prepatch backports fo= r v2.0.0.12)
MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corr= uption v1.8.1.12 (Browser crashes)
MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corr= uption v1.8.1.12 (javascript crashes)
MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke blocking bugs
MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Co= de Execution (JavaScript privilege escalation bugs)
MFSA 2008-04 aka CVE-2008-0417: Stored password corruption
MFSA 2008-05 aka CVE-2008-0418: Directory traversal via chrome: URI
MFSA 2008-06 aka CVE-2008-0419: Web browsing history and forward navigation stealing
MFSA 2008-08 aka CVE-2008-0591: File action dialog tampering
MFSA 2008-09 aka CVE-2008-0592: Mishandling of locally-saved plain t= ext files
MFSA 2008-10 aka CVE-2008-0593: URL token stealing via stylesheet re= direct
MFSA 2008-11 aka CVE-2008-0594: Web forgery overwrite with div overl= ay Files:=20 47d17cda0ae1ec315855f996e37a0ee2 1934 mail optional icedove_1.5.0.13+1.5= .0.15b.dfsg1-0etch1.dsc b1a02873d5e320b1a208dbffc256baee 35174191 mail optional icedove_1.5.0.13= +1.5.0.15b.dfsg1.orig.tar.gz c8a2dd2880fd468314e00a3dcdc9713a 640166 mail optional icedove_1.5.0.13+1= .5.0.15b.dfsg1-0etch1.diff.gz 2ccb02753ddc07f672554b7cb0fcfc86 12176086 mail optional icedove_1.5.0.13= +1.5.0.15b.dfsg1-0etch1_amd64.deb ff2443c7df9dff331f9f54050c191a88 196082 mail optional icedove-inspector_= 1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb 63a6d9b1e0d24dd0c19ba12472a353df 52482 mail optional icedove-gnome-suppo= rt_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb 70d41408a7964be8d214b83c52f873d8 29066 mail optional thunderbird-gnome-s= upport_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb 7a29b7ebb0148d1dc10cf3184791de68 61508 mail optional icedove-typeaheadfi= nd_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb 7f2501ff09f24d2a4fa384d531969897 3678346 mail optional icedove-dev_1.5.0= .13+1.5.0.15b.dfsg1-0etch1_amd64.deb f56252c61054eae347480d45fb3e845f 51479136 mail optional icedove-dbg_1.5.= 0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb 620536610d06e9062eb8760cde3d990c 29042 mail optional thunderbird-dbg_1.5= .0.13+1.5.0.15b.dfsg1-0etch1_all.deb 32015cf440db3318d6459f6c60a17792 29032 mail optional thunderbird_1.5.0.1= 3+1.5.0.15b.dfsg1-0etch1_all.deb ce479eb792bfef00ae3161fd0d157a61 29050 mail optional mozilla-thunderbird= _1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb 3d934b7f3583e3a04a0bd193e45a3fa6 29070 mail optional mozilla-thunderbird=
-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb
75b83c322479e095016108453ff7e862 29054 mail optional thunderbird-inspect= or_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb b98a074d7074c155a6ba1df263419376 29074 mail optional mozilla-thunderbird=
-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb
cbae212a095f4aac3b30443328b5ad85 29072 mail optional thunderbird-typeahe= adfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb 6665f3ce45a1c320dd55891bceb16f14 29048 mail optional thunderbird-dev_1.5= .0.13+1.5.0.15b.dfsg1-0etch1_all.deb 156f796fe78bbebda0b7e25fcf5dbe54 29060 mail optional mozilla-thunderbird=
-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.6 (GNU/Linux)

iQIVAwUBR6xLPaBE/gcUDGZkAQIBhQ//aZzsa1i0nJOe7g19xNYBS3BVLJgFtgM0 yqVDaSaGOX6SqZg5zt5wl0jjolK8e3SOu5fGBTPOoUPwSMbuYgY73S8ObWogtOuz fxFjYSKEN6COhJRY5tAJBIK6pfo44j71g11LFjIfbrqi+1rXtQEN9fb63XvOg54G yifGq6NAlAghkpKwtRTJJ5N7HeZirvRw57Yu+70VTGIXlBqqcxZ/gPjDQF9nwan2 SHgAZF4GAI2rehvufeXhi4uW7oT1W2wuBsoQkWSIDmDws3QPRsgSD4rJ4058Zchr tJoMjYbC1+EjjfLHh10nloJH1PdywG4s4o6kF2k+zWiSLyv+5ymaHAYfeB+CBuwt U6cwWXQhOq9ranokKwmz6ZZG6aysiIcdpCGxrPvW+FP+dD++A9T/KmT/30+2Mx7n 3AaFEYYZzsxYWH76QJLZdKANLljFqgUoQfoLVDPJVgmImsOu61A5bLCp8Vs0bgZT iW5zj3ZCMZ+cM2l0y+3Ib8ghWbpreqmIv10auRvbtnNKGeZM7J047OvH6dI2n8cm f+dMJUgqxhpfFWjC1YY8ZzaCkJZbvKxu4gN+JYGDdTTZvndECijHjU5ntjs0z+Kt P1hWa/vye3aN/ujhLLpWrrmaBAkx8vA6V77fTe88q6LRLvQNBTX1BIuv7f0Pmebw gwuU5xGuVEg=3D
=3D3U7y
-----END PGP SIGNATURE-----
Accepted:
icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb   to pool/main/i/icedove/icedove-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd6= 4.deb
icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb   to pool/main/i/icedove/icedove-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd6= 4.deb
icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb   to pool/main/i/icedove/icedove-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0= etch1_amd64.deb
icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb   to pool/main/i/icedove/icedove-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch= 1_amd64.deb
icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb   to pool/main/i/icedove/icedove-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0= etch1_amd64.deb
icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1.diff.gz   to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1.diff.gz icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1.dsc

  to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1.dsc
icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.deb
  to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1-0etch1_amd64.de=

b
icedove_1.5.0.13+1.5.0.15b.dfsg1.orig.tar.gz   to pool/main/i/icedove/icedove_1.5.0.13+1.5.0.15b.dfsg1.orig.tar.gz mozilla-thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb   to pool/main/i/icedove/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1=
-0etch1_all.deb

mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb   to pool/main/i/icedove/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15b= .dfsg1-0etch1_all.deb
mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb   to pool/main/i/icedove/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0= .15b.dfsg1-0etch1_all.deb
mozilla-thunderbird_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb   to pool/main/i/icedove/mozilla-thunderbird_1.5.0.13+1.5.0.15b.dfsg1-0et= ch1_all.deb
thunderbird-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb   to pool/main/i/icedove/thunderbird-dbg_1.5.0.13+1.5.0.15b.dfsg1-0etch1_= all.deb
thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb   to pool/main/i/icedove/thunderbird-dev_1.5.0.13+1.5.0.15b.dfsg1-0etch1_= all.deb
thunderbird-gnome-support_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb   to pool/main/i/icedove/thunderbird-gnome-support_1.5.0.13+1.5.0.15b.dfs= g1-0etch1_all.deb
thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb   to pool/main/i/icedove/thunderbird-inspector_1.5.0.13+1.5.0.15b.dfsg1-0= etch1_all.deb
thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb   to pool/main/i/icedove/thunderbird-typeaheadfind_1.5.0.13+1.5.0.15b.dfs= g1-0etch1_all.deb
thunderbird_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.deb   to pool/main/i/icedove/thunderbird_1.5.0.13+1.5.0.15b.dfsg1-0etch1_all.= deb

End of debian-changes-digest Digest V2008 Issue #49

Received on Sat Feb 16 10:52:24 2008

This message: [ Message body ]
Next message: debian-changes-digest-request(at)lists.debian.org: "debian-changes-digest Digest V2008 #53"
Previous message: Moritz Muehlenhoff: "Accepted wireshark 0.99.4-5.etch.2 (source i386)"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Mar 19 2008 - 07:01:49 EDT