========================================= Sat, 16 Feb 2008 - Debian 4.0r3 released ========================================= stable/non-free/binary-amd64/unace-nonfree_2.5-1etch1_amd64.deb unace-nonfree (2.5-1etch1) stable; urgency=medium * debian/control: + Reduced supported Archs to i386 and amd64 for the time being. * Applied a series of patches courtesy of Michael Karcher : * debian/patches/04-64bit.dpatch: + Replace declare.h by a generic stdint based version (Closes: #449395). * debian/patches/11-possibly-critical.dpatch: + Fixes a possible security issue by initialising a local variable. stable/non-free/binary-i386/unace-nonfree_2.5-1etch1_i386.deb stable/non-free/source/unace-nonfree_2.5-1etch1.diff.gz stable/non-free/source/unace-nonfree_2.5-1etch1.dsc unace-nonfree (2.5-1etch1) stable; urgency=medium * debian/control: + Reduced supported Archs to i386 and amd64 for the time being. * Applied a series of patches courtesy of Michael Karcher : * debian/patches/04-64bit.dpatch: + Replace declare.h by a generic stdint based version (Closes: #449395). * debian/patches/11-possibly-critical.dpatch: + Fixes a possible security issue by initialising a local variable. stable/main/source/zope-cmfplone_2.5.1-4etch3.diff.gz stable/main/source/zope-cmfplone_2.5.1-4etch3.dsc stable/main/binary-all/plone-site_2.5.1-4etch3_all.deb stable/main/binary-all/zope-cmfplone_2.5.1-4etch3_all.deb zope-cmfplone (2.5.1-4etch3) stable-security; urgency=high * Updated hotfix for Plone CVE 2007-5741: http://plone.org/products/plone-hotfix/releases/20071106-2 stable/main/source/yarssr_0.2.2-1etch1.diff.gz stable/main/source/yarssr_0.2.2-1etch1.dsc stable/main/binary-all/yarssr_0.2.2-1etch1_all.deb yarssr (0.2.2-1etch1) stable-security; urgency=high * Fix CVE-2007-5837. stable/main/binary-sparc/libnspr4-0d_1.8.0.15~pre080131b-0etch1_sparc.deb stable/main/binary-sparc/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_sparc.deb stable/main/binary-sparc/python-xpcom_1.8.0.15~pre080131b-0etch1_sparc.deb stable/main/binary-sparc/libnss3-0d_1.8.0.15~pre080131b-0etch1_sparc.deb stable/main/binary-sparc/xulrunner_1.8.0.15~pre080131b-0etch1_sparc.deb stable/main/binary-sparc/libxul0d_1.8.0.15~pre080131b-0etch1_sparc.deb stable/main/binary-sparc/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_sparc.deb stable/main/binary-sparc/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_sparc.deb stable/main/binary-sparc/libmozjs0d_1.8.0.15~pre080131b-0etch1_sparc.deb stable/main/binary-sparc/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_sparc.deb stable/main/binary-sparc/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_sparc.deb stable/main/binary-sparc/libnss3-tools_1.8.0.15~pre080131b-0etch1_sparc.deb stable/main/binary-sparc/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_sparc.deb xulrunner (1.8.0.15~pre080131b-0etch1) stable-security; urgency=critical [ Alexander Sack ] * New security/stability upstream release (backports for v2.0.0.12) * MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption v1.8.1.12 (Browser crashes) * MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption v1.8.1.12 (javascript crashes) * MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke blocking bugs * MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code Execution (JavaScript privilege escalation bugs) * MFSA 2008-04 aka CVE-2008-0417: Stored password corruption * MFSA 2008-05 aka CVE-2008-0418: Directory traversal via chrome: URI * MFSA 2008-06 aka CVE-2008-0419: Web browsing history and forward navigation stealing * MFSA 2008-08 aka CVE-2008-0591: File action dialog tampering * MFSA 2008-09 aka CVE-2008-0592: Mishandling of locally-saved plain text files * MFSA 2008-10 aka CVE-2008-0593: URL token stealing via stylesheet redirect * MFSA 2008-11 aka CVE-2008-0594: Web forgery overwrite with div overlay stable/main/binary-s390/xulrunner_1.8.0.15~pre080131b-0etch1_s390.deb stable/main/binary-s390/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_s390.deb stable/main/binary-s390/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_s390.deb stable/main/binary-s390/libnss3-0d_1.8.0.15~pre080131b-0etch1_s390.deb stable/main/binary-s390/libmozjs0d_1.8.0.15~pre080131b-0etch1_s390.deb stable/main/binary-s390/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_s390.deb stable/main/binary-s390/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_s390.deb stable/main/binary-s390/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_s390.deb stable/main/binary-s390/libnss3-tools_1.8.0.15~pre080131b-0etch1_s390.deb stable/main/binary-s390/python-xpcom_1.8.0.15~pre080131b-0etch1_s390.deb stable/main/binary-s390/libnspr4-0d_1.8.0.15~pre080131b-0etch1_s390.deb stable/main/binary-s390/libxul0d_1.8.0.15~pre080131b-0etch1_s390.deb stable/main/binary-s390/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_s390.deb xulrunner (1.8.0.15~pre080131b-0etch1) stable-security; urgency=critical [ Alexander Sack ] * New security/stability upstream release (backports for v2.0.0.12) * MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption v1.8.1.12 (Browser crashes) * MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption v1.8.1.12 (javascript crashes) * MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke blocking bugs * MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code Execution (JavaScript privilege escalation bugs) * MFSA 2008-04 aka CVE-2008-0417: Stored password corruption * MFSA 2008-05 aka CVE-2008-0418: Directory traversal via chrome: URI * MFSA 2008-06 aka CVE-2008-0419: Web browsing history and forward navigation stealing * MFSA 2008-08 aka CVE-2008-0591: File action dialog tampering * MFSA 2008-09 aka CVE-2008-0592: Mishandling of locally-saved plain text files * MFSA 2008-10 aka CVE-2008-0593: URL token stealing via stylesheet redirect * MFSA 2008-11 aka CVE-2008-0594: Web forgery overwrite with div overlay stable/main/binary-powerpc/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_powerpc.deb stable/main/binary-powerpc/libnss3-tools_1.8.0.15~pre080131b-0etch1_powerpc.deb stable/main/binary-powerpc/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_powerpc.deb stable/main/binary-powerpc/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_powerpc.deb stable/main/binary-powerpc/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_powerpc.deb stable/main/binary-powerpc/libmozjs0d_1.8.0.15~pre080131b-0etch1_powerpc.deb stable/main/binary-powerpc/xulrunner_1.8.0.15~pre080131b-0etch1_powerpc.deb stable/main/binary-powerpc/libnspr4-0d_1.8.0.15~pre080131b-0etch1_powerpc.deb stable/main/binary-powerpc/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_powerpc.deb stable/main/binary-powerpc/libxul0d_1.8.0.15~pre080131b-0etch1_powerpc.deb stable/main/binary-powerpc/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_powerpc.deb stable/main/binary-powerpc/libnss3-0d_1.8.0.15~pre080131b-0etch1_powerpc.deb stable/main/binary-powerpc/python-xpcom_1.8.0.15~pre080131b-0etch1_powerpc.deb xulrunner (1.8.0.15~pre080131b-0etch1) stable-security; urgency=critical [ Alexander Sack ] * New security/stability upstream release (backports for v2.0.0.12) * MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption v1.8.1.12 (Browser crashes) * MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption v1.8.1.12 (javascript crashes) * MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke blocking bugs * MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code Execution (JavaScript privilege escalation bugs) * MFSA 2008-04 aka CVE-2008-0417: Stored password corruption * MFSA 2008-05 aka CVE-2008-0418: Directory traversal via chrome: URI * MFSA 2008-06 aka CVE-2008-0419: Web browsing history and forward navigation stealing * MFSA 2008-08 aka CVE-2008-0591: File action dialog tampering * MFSA 2008-09 aka CVE-2008-0592: Mishandling of locally-saved plain text files * MFSA 2008-10 aka CVE-2008-0593: URL token stealing via stylesheet redirect * MFSA 2008-11 aka CVE-2008-0594: Web forgery overwrite with div overlay stable/main/binary-mipsel/xulrunner_1.8.0.15~pre080131b-0etch1_mipsel.deb stable/main/binary-mipsel/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_mipsel.deb stable/main/binary-mipsel/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_mipsel.deb stable/main/binary-mipsel/libxul0d_1.8.0.15~pre080131b-0etch1_mipsel.deb stable/main/binary-mipsel/libmozjs0d_1.8.0.15~pre080131b-0etch1_mipsel.deb stable/main/binary-mipsel/libnss3-tools_1.8.0.15~pre080131b-0etch1_mipsel.deb stable/main/binary-mipsel/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_mipsel.deb stable/main/binary-mipsel/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_mipsel.deb stable/main/binary-mipsel/python-xpcom_1.8.0.15~pre080131b-0etch1_mipsel.deb stable/main/binary-mipsel/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_mipsel.deb stable/main/binary-mipsel/libnss3-0d_1.8.0.15~pre080131b-0etch1_mipsel.deb stable/main/binary-mipsel/libnspr4-0d_1.8.0.15~pre080131b-0etch1_mipsel.deb stable/main/binary-mipsel/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_mipsel.deb xulrunner (1.8.0.15~pre080131b-0etch1) stable-security; urgency=critical [ Alexander Sack ] * New security/stability upstream release (backports for v2.0.0.12) * MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption v1.8.1.12 (Browser crashes) * MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption v1.8.1.12 (javascript crashes) * MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke blocking bugs * MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code Execution (JavaScript privilege escalation bugs) * MFSA 2008-04 aka CVE-2008-0417: Stored password corruption * MFSA 2008-05 aka CVE-2008-0418: Directory traversal via chrome: URI * MFSA 2008-06 aka CVE-2008-0419: Web browsing history and forward navigation stealing * MFSA 2008-08 aka CVE-2008-0591: File action dialog tampering * MFSA 2008-09 aka CVE-2008-0592: Mishandling of locally-saved plain text files * MFSA 2008-10 aka CVE-2008-0593: URL token stealing via stylesheet redirect * MFSA 2008-11 aka CVE-2008-0594: Web forgery overwrite with div overlay stable/main/binary-mips/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_mips.deb stable/main/binary-mips/libnss3-0d_1.8.0.15~pre080131b-0etch1_mips.deb stable/main/binary-mips/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_mips.deb stable/main/binary-mips/libmozjs0d_1.8.0.15~pre080131b-0etch1_mips.deb stable/main/binary-mips/python-xpcom_1.8.0.15~pre080131b-0etch1_mips.deb stable/main/binary-mips/libnspr4-0d_1.8.0.15~pre080131b-0etch1_mips.deb stable/main/binary-mips/xulrunner_1.8.0.15~pre080131b-0etch1_mips.deb stable/main/binary-mips/libnss3-tools_1.8.0.15~pre080131b-0etch1_mips.deb stable/main/binary-mips/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_mips.deb stable/main/binary-mips/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_mips.deb stable/main/binary-mips/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_mips.deb stable/main/binary-mips/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_mips.deb stable/main/binary-mips/libxul0d_1.8.0.15~pre080131b-0etch1_mips.deb xulrunner (1.8.0.15~pre080131b-0etch1) stable-security; urgency=critical [ Alexander Sack ] * New security/stability upstream release (backports for v2.0.0.12) * MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption v1.8.1.12 (Browser crashes) * MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption v1.8.1.12 (javascript crashes) * MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke blocking bugs * MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code Execution (JavaScript privilege escalation bugs) * MFSA 2008-04 aka CVE-2008-0417: Stored password corruption * MFSA 2008-05 aka CVE-2008-0418: Directory traversal via chrome: URI * MFSA 2008-06 aka CVE-2008-0419: Web browsing history and forward navigation stealing * MFSA 2008-08 aka CVE-2008-0591: File action dialog tampering * MFSA 2008-09 aka CVE-2008-0592: Mishandling of locally-saved plain text files * MFSA 2008-10 aka CVE-2008-0593: URL token stealing via stylesheet redirect * MFSA 2008-11 aka CVE-2008-0594: Web forgery overwrite with div overlay stable/main/binary-ia64/libnspr4-0d_1.8.0.15~pre080131b-0etch1_ia64.deb stable/main/binary-ia64/libmozjs0d_1.8.0.15~pre080131b-0etch1_ia64.deb stable/main/binary-ia64/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_ia64.deb stable/main/binary-ia64/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_ia64.deb stable/main/binary-ia64/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_ia64.deb stable/main/binary-ia64/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_ia64.deb stable/main/binary-ia64/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_ia64.deb stable/main/binary-ia64/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_ia64.deb stable/main/binary-ia64/libnss3-tools_1.8.0.15~pre080131b-0etch1_ia64.deb stable/main/binary-ia64/libxul0d_1.8.0.15~pre080131b-0etch1_ia64.deb stable/main/binary-ia64/libnss3-0d_1.8.0.15~pre080131b-0etch1_ia64.deb stable/main/binary-ia64/xulrunner_1.8.0.15~pre080131b-0etch1_ia64.deb stable/main/binary-ia64/python-xpcom_1.8.0.15~pre080131b-0etch1_ia64.deb xulrunner (1.8.0.15~pre080131b-0etch1) stable-security; urgency=critical [ Alexander Sack ] * New security/stability upstream release (backports for v2.0.0.12) * MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption v1.8.1.12 (Browser crashes) * MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption v1.8.1.12 (javascript crashes) * MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke blocking bugs * MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code Execution (JavaScript privilege escalation bugs) * MFSA 2008-04 aka CVE-2008-0417: Stored password corruption * MFSA 2008-05 aka CVE-2008-0418: Directory traversal via chrome: URI * MFSA 2008-06 aka CVE-2008-0419: Web browsing history and forward navigation stealing * MFSA 2008-08 aka CVE-2008-0591: File action dialog tampering * MFSA 2008-09 aka CVE-2008-0592: Mishandling of locally-saved plain text files * MFSA 2008-10 aka CVE-2008-0593: URL token stealing via stylesheet redirect * MFSA 2008-11 aka CVE-2008-0594: Web forgery overwrite with div overlay stable/main/binary-i386/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_i386.deb stable/main/binary-i386/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_i386.deb stable/main/binary-i386/libnss3-tools_1.8.0.15~pre080131b-0etch1_i386.deb stable/main/binary-i386/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_i386.deb stable/main/binary-i386/libxul0d_1.8.0.15~pre080131b-0etch1_i386.deb stable/main/binary-i386/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_i386.deb stable/main/binary-i386/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_i386.deb stable/main/binary-i386/python-xpcom_1.8.0.15~pre080131b-0etch1_i386.deb stable/main/binary-i386/xulrunner_1.8.0.15~pre080131b-0etch1_i386.deb stable/main/binary-i386/libnss3-0d_1.8.0.15~pre080131b-0etch1_i386.deb stable/main/binary-i386/libmozjs0d_1.8.0.15~pre080131b-0etch1_i386.deb stable/main/binary-i386/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_i386.deb stable/main/binary-i386/libnspr4-0d_1.8.0.15~pre080131b-0etch1_i386.deb xulrunner (1.8.0.15~pre080131b-0etch1) stable-security; urgency=critical [ Alexander Sack ] * New security/stability upstream release (backports for v2.0.0.12) * MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption v1.8.1.12 (Browser crashes) * MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption v1.8.1.12 (javascript crashes) * MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke blocking bugs * MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code Execution (JavaScript privilege escalation bugs) * MFSA 2008-04 aka CVE-2008-0417: Stored password corruption * MFSA 2008-05 aka CVE-2008-0418: Directory traversal via chrome: URI * MFSA 2008-06 aka CVE-2008-0419: Web browsing history and forward navigation stealing * MFSA 2008-08 aka CVE-2008-0591: File action dialog tampering * MFSA 2008-09 aka CVE-2008-0592: Mishandling of locally-saved plain text files * MFSA 2008-10 aka CVE-2008-0593: URL token stealing via stylesheet redirect * MFSA 2008-11 aka CVE-2008-0594: Web forgery overwrite with div overlay stable/main/binary-hppa/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_hppa.deb stable/main/binary-hppa/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_hppa.deb stable/main/binary-hppa/libnss3-tools_1.8.0.15~pre080131b-0etch1_hppa.deb stable/main/binary-hppa/xulrunner_1.8.0.15~pre080131b-0etch1_hppa.deb stable/main/binary-hppa/libmozjs0d_1.8.0.15~pre080131b-0etch1_hppa.deb stable/main/binary-hppa/libxul0d_1.8.0.15~pre080131b-0etch1_hppa.deb stable/main/binary-hppa/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_hppa.deb stable/main/binary-hppa/python-xpcom_1.8.0.15~pre080131b-0etch1_hppa.deb stable/main/binary-hppa/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_hppa.deb stable/main/binary-hppa/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_hppa.deb stable/main/binary-hppa/libnspr4-0d_1.8.0.15~pre080131b-0etch1_hppa.deb stable/main/binary-hppa/libnss3-0d_1.8.0.15~pre080131b-0etch1_hppa.deb stable/main/binary-hppa/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_hppa.deb xulrunner (1.8.0.15~pre080131b-0etch1) stable-security; urgency=critical [ Alexander Sack ] * New security/stability upstream release (backports for v2.0.0.12) * MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption v1.8.1.12 (Browser crashes) * MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption v1.8.1.12 (javascript crashes) * MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke blocking bugs * MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code Execution (JavaScript privilege escalation bugs) * MFSA 2008-04 aka CVE-2008-0417: Stored password corruption * MFSA 2008-05 aka CVE-2008-0418: Directory traversal via chrome: URI * MFSA 2008-06 aka CVE-2008-0419: Web browsing history and forward navigation stealing * MFSA 2008-08 aka CVE-2008-0591: File action dialog tampering * MFSA 2008-09 aka CVE-2008-0592: Mishandling of locally-saved plain text files * MFSA 2008-10 aka CVE-2008-0593: URL token stealing via stylesheet redirect * MFSA 2008-11 aka CVE-2008-0594: Web forgery overwrite with div overlay stable/main/binary-arm/xulrunner_1.8.0.15~pre080131b-0etch1_arm.deb stable/main/binary-arm/libmozjs0d_1.8.0.15~pre080131b-0etch1_arm.deb stable/main/binary-arm/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_arm.deb stable/main/binary-arm/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_arm.deb stable/main/binary-arm/python-xpcom_1.8.0.15~pre080131b-0etch1_arm.deb stable/main/binary-arm/libnss3-0d_1.8.0.15~pre080131b-0etch1_arm.deb stable/main/binary-arm/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_arm.deb stable/main/binary-arm/libxul0d_1.8.0.15~pre080131b-0etch1_arm.deb stable/main/binary-arm/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_arm.deb stable/main/binary-arm/libnspr4-0d_1.8.0.15~pre080131b-0etch1_arm.deb stable/main/binary-arm/libnss3-tools_1.8.0.15~pre080131b-0etch1_arm.deb stable/main/binary-arm/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_arm.deb stable/main/binary-arm/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_arm.deb xulrunner (1.8.0.15~pre080131b-0etch1) stable-security; urgency=critical [ Alexander Sack ] * New security/stability upstream release (backports for v2.0.0.12) * MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption v1.8.1.12 (Browser crashes) * MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption v1.8.1.12 (javascript crashes) * MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke blocking bugs * MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code Execution (JavaScript privilege escalation bugs) * MFSA 2008-04 aka CVE-2008-0417: Stored password corruption * MFSA 2008-05 aka CVE-2008-0418: Directory traversal via chrome: URI * MFSA 2008-06 aka CVE-2008-0419: Web browsing history and forward navigation stealing * MFSA 2008-08 aka CVE-2008-0591: File action dialog tampering * MFSA 2008-09 aka CVE-2008-0592: Mishandling of locally-saved plain text files * MFSA 2008-10 aka CVE-2008-0593: URL token stealing via stylesheet redirect * MFSA 2008-11 aka CVE-2008-0594: Web forgery overwrite with div overlay stable/main/binary-alpha/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_alpha.deb stable/main/binary-alpha/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_alpha.deb stable/main/binary-alpha/libnss3-0d_1.8.0.15~pre080131b-0etch1_alpha.deb stable/main/binary-alpha/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_alpha.deb stable/main/binary-alpha/xulrunner_1.8.0.15~pre080131b-0etch1_alpha.deb stable/main/binary-alpha/libmozjs0d_1.8.0.15~pre080131b-0etch1_alpha.deb stable/main/binary-alpha/libxul0d_1.8.0.15~pre080131b-0etch1_alpha.deb stable/main/binary-alpha/python-xpcom_1.8.0.15~pre080131b-0etch1_alpha.deb stable/main/binary-alpha/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_alpha.deb stable/main/binary-alpha/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_alpha.deb stable/main/binary-alpha/libnss3-tools_1.8.0.15~pre080131b-0etch1_alpha.deb stable/main/binary-alpha/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_alpha.deb stable/main/binary-alpha/libnspr4-0d_1.8.0.15~pre080131b-0etch1_alpha.deb xulrunner (1.8.0.15~pre080131b-0etch1) stable-security; urgency=critical [ Alexander Sack ] * New security/stability upstream release (backports for v2.0.0.12) * MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption v1.8.1.12 (Browser crashes) * MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption v1.8.1.12 (javascript crashes) * MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke blocking bugs * MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code Execution (JavaScript privilege escalation bugs) * MFSA 2008-04 aka CVE-2008-0417: Stored password corruption * MFSA 2008-05 aka CVE-2008-0418: Directory traversal via chrome: URI * MFSA 2008-06 aka CVE-2008-0419: Web browsing history and forward navigation stealing * MFSA 2008-08 aka CVE-2008-0591: File action dialog tampering * MFSA 2008-09 aka CVE-2008-0592: Mishandling of locally-saved plain text files * MFSA 2008-10 aka CVE-2008-0593: URL token stealing via stylesheet redirect * MFSA 2008-11 aka CVE-2008-0594: Web forgery overwrite with div overlay stable/main/binary-all/libxul-common_1.8.0.15~pre080131b-0etch1_all.deb stable/main/binary-all/libmozjs-dev_1.8.0.15~pre080131b-0etch1_all.deb stable/main/source/xulrunner_1.8.0.15~pre080131b-0etch1.dsc stable/main/binary-all/libxul-dev_1.8.0.15~pre080131b-0etch1_all.deb stable/main/binary-amd64/libnspr4-0d_1.8.0.15~pre080131b-0etch1_amd64.deb stable/main/binary-amd64/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_amd64.deb stable/main/binary-all/libnspr4-dev_1.8.0.15~pre080131b-0etch1_all.deb stable/main/binary-all/libmozillainterfaces-java_1.8.0.15~pre080131b-0etch1_all.deb stable/main/binary-amd64/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_amd64.deb stable/main/source/xulrunner_1.8.0.15~pre080131b.orig.tar.gz stable/main/source/xulrunner_1.8.0.15~pre080131b-0etch1.diff.gz stable/main/binary-amd64/libnss3-0d_1.8.0.15~pre080131b-0etch1_amd64.deb stable/main/binary-all/libnss3-dev_1.8.0.15~pre080131b-0etch1_all.deb stable/main/binary-amd64/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_amd64.deb stable/main/binary-amd64/python-xpcom_1.8.0.15~pre080131b-0etch1_amd64.deb stable/main/binary-all/libsmjs-dev_1.8.0.15~pre080131b-0etch1_all.deb stable/main/binary-amd64/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_amd64.deb stable/main/binary-all/libsmjs1_1.8.0.15~pre080131b-0etch1_all.deb stable/main/binary-amd64/libxul0d_1.8.0.15~pre080131b-0etch1_amd64.deb stable/main/binary-amd64/libnss3-tools_1.8.0.15~pre080131b-0etch1_amd64.deb stable/main/binary-amd64/libmozjs0d_1.8.0.15~pre080131b-0etch1_amd64.deb stable/main/binary-amd64/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_amd64.deb stable/main/binary-amd64/xulrunner_1.8.0.15~pre080131b-0etch1_amd64.deb stable/main/binary-amd64/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_amd64.deb xulrunner (1.8.0.15~pre080131b-0etch1) stable-security; urgency=critical [ Alexander Sack ] * New security/stability upstream release (backports for v2.0.0.12) * MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption v1.8.1.12 (Browser crashes) * MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption v1.8.1.12 (javascript crashes) * MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke blocking bugs * MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code Execution (JavaScript privilege escalation bugs) * MFSA 2008-04 aka CVE-2008-0417: Stored password corruption * MFSA 2008-05 aka CVE-2008-0418: Directory traversal via chrome: URI * MFSA 2008-06 aka CVE-2008-0419: Web browsing history and forward navigation stealing * MFSA 2008-08 aka CVE-2008-0591: File action dialog tampering * MFSA 2008-09 aka CVE-2008-0592: Mishandling of locally-saved plain text files * MFSA 2008-10 aka CVE-2008-0593: URL token stealing via stylesheet redirect * MFSA 2008-11 aka CVE-2008-0594: Web forgery overwrite with div overlay stable/main/binary-sparc/xdmx_1.1.1-21etch4_sparc.deb stable/main/binary-sparc/xnest_1.1.1-21etch4_sparc.deb stable/main/binary-sparc/xvfb_1.1.1-21etch4_sparc.deb stable/main/binary-sparc/xserver-xorg-core_1.1.1-21etch4_sparc.deb stable/main/binary-sparc/xserver-xephyr_1.1.1-21etch4_sparc.deb stable/main/binary-sparc/xdmx-tools_1.1.1-21etch4_sparc.deb stable/main/binary-sparc/xserver-xorg-dev_1.1.1-21etch4_sparc.deb xorg-server (2:1.1.1-21etch4) stable; urgency=low [ Julien Cristau ] * Add patch by Michael Karcher to fix inline asm in fb/fbpict.c. On processors without the cpuid instruction, the X server would get a SIGILL (closes: #353494). [ Brice Goglin ] * Add myself to Uploaders. stable/main/binary-s390/xdmx_1.1.1-21etch4_s390.deb stable/main/binary-s390/xdmx-tools_1.1.1-21etch4_s390.deb stable/main/binary-s390/xvfb_1.1.1-21etch4_s390.deb stable/main/binary-s390/xserver-xorg-core_1.1.1-21etch4_s390.deb stable/main/binary-s390/xserver-xephyr_1.1.1-21etch4_s390.deb stable/main/binary-s390/xserver-xorg-dev_1.1.1-21etch4_s390.deb stable/main/binary-s390/xnest_1.1.1-21etch4_s390.deb xorg-server (2:1.1.1-21etch4) stable; urgency=low [ Julien Cristau ] * Add patch by Michael Karcher to fix inline asm in fb/fbpict.c. On processors without the cpuid instruction, the X server would get a SIGILL (closes: #353494). [ Brice Goglin ] * Add myself to Uploaders. stable/main/binary-powerpc/xvfb_1.1.1-21etch4_powerpc.deb stable/main/binary-powerpc/xdmx_1.1.1-21etch4_powerpc.deb stable/main/binary-powerpc/xserver-xorg-core_1.1.1-21etch4_powerpc.deb stable/main/binary-powerpc/xserver-xorg-dev_1.1.1-21etch4_powerpc.deb stable/main/binary-powerpc/xnest_1.1.1-21etch4_powerpc.deb stable/main/binary-powerpc/xserver-xephyr_1.1.1-21etch4_powerpc.deb stable/main/binary-powerpc/xdmx-tools_1.1.1-21etch4_powerpc.deb xorg-server (2:1.1.1-21etch4) stable; urgency=low [ Julien Cristau ] * Add patch by Michael Karcher to fix inline asm in fb/fbpict.c. On processors without the cpuid instruction, the X server would get a SIGILL (closes: #353494). [ Brice Goglin ] * Add myself to Uploaders. stable/main/binary-mipsel/xserver-xorg-core_1.1.1-21etch4_mipsel.deb stable/main/binary-mipsel/xserver-xorg-dev_1.1.1-21etch4_mipsel.deb stable/main/binary-mipsel/xdmx-tools_1.1.1-21etch4_mipsel.deb stable/main/binary-mipsel/xvfb_1.1.1-21etch4_mipsel.deb stable/main/binary-mipsel/xnest_1.1.1-21etch4_mipsel.deb stable/main/binary-mipsel/xdmx_1.1.1-21etch4_mipsel.deb stable/main/binary-mipsel/xserver-xephyr_1.1.1-21etch4_mipsel.deb xorg-server (2:1.1.1-21etch4) stable; urgency=low [ Julien Cristau ] * Add patch by Michael Karcher to fix inline asm in fb/fbpict.c. On processors without the cpuid instruction, the X server would get a SIGILL (closes: #353494). [ Brice Goglin ] * Add myself to Uploaders. stable/main/binary-mips/xserver-xephyr_1.1.1-21etch4_mips.deb stable/main/binary-mips/xserver-xorg-core_1.1.1-21etch4_mips.deb stable/main/binary-mips/xdmx-tools_1.1.1-21etch4_mips.deb stable/main/binary-mips/xvfb_1.1.1-21etch4_mips.deb stable/main/binary-mips/xdmx_1.1.1-21etch4_mips.deb stable/main/binary-mips/xserver-xorg-dev_1.1.1-21etch4_mips.deb stable/main/binary-mips/xnest_1.1.1-21etch4_mips.deb xorg-server (2:1.1.1-21etch4) stable; urgency=low [ Julien Cristau ] * Add patch by Michael Karcher to fix inline asm in fb/fbpict.c. On processors without the cpuid instruction, the X server would get a SIGILL (closes: #353494). [ Brice Goglin ] * Add myself to Uploaders. stable/main/binary-ia64/xdmx-tools_1.1.1-21etch4_ia64.deb stable/main/binary-ia64/xdmx_1.1.1-21etch4_ia64.deb stable/main/binary-ia64/xserver-xephyr_1.1.1-21etch4_ia64.deb stable/main/binary-ia64/xserver-xorg-core_1.1.1-21etch4_ia64.deb stable/main/binary-ia64/xserver-xorg-dev_1.1.1-21etch4_ia64.deb stable/main/binary-ia64/xnest_1.1.1-21etch4_ia64.deb stable/main/binary-ia64/xvfb_1.1.1-21etch4_ia64.deb xorg-server (2:1.1.1-21etch4) stable; urgency=low [ Julien Cristau ] * Add patch by Michael Karcher to fix inline asm in fb/fbpict.c. On processors without the cpuid instruction, the X server would get a SIGILL (closes: #353494). [ Brice Goglin ] * Add myself to Uploaders. stable/main/binary-hppa/xvfb_1.1.1-21etch4_hppa.deb stable/main/binary-hppa/xserver-xephyr_1.1.1-21etch4_hppa.deb stable/main/binary-hppa/xdmx-tools_1.1.1-21etch4_hppa.deb stable/main/binary-hppa/xserver-xorg-dev_1.1.1-21etch4_hppa.deb stable/main/binary-hppa/xnest_1.1.1-21etch4_hppa.deb stable/main/binary-hppa/xserver-xorg-core_1.1.1-21etch4_hppa.deb stable/main/binary-hppa/xdmx_1.1.1-21etch4_hppa.deb xorg-server (2:1.1.1-21etch4) stable; urgency=low [ Julien Cristau ] * Add patch by Michael Karcher to fix inline asm in fb/fbpict.c. On processors without the cpuid instruction, the X server would get a SIGILL (closes: #353494). [ Brice Goglin ] * Add myself to Uploaders. stable/main/binary-arm/xvfb_1.1.1-21etch4_arm.deb stable/main/binary-arm/xnest_1.1.1-21etch4_arm.deb stable/main/binary-arm/xserver-xephyr_1.1.1-21etch4_arm.deb stable/main/binary-arm/xserver-xorg-dev_1.1.1-21etch4_arm.deb stable/main/binary-arm/xdmx_1.1.1-21etch4_arm.deb stable/main/binary-arm/xdmx-tools_1.1.1-21etch4_arm.deb stable/main/binary-arm/xserver-xorg-core_1.1.1-21etch4_arm.deb xorg-server (2:1.1.1-21etch4) stable; urgency=low [ Julien Cristau ] * Add patch by Michael Karcher to fix inline asm in fb/fbpict.c. On processors without the cpuid instruction, the X server would get a SIGILL (closes: #353494). [ Brice Goglin ] * Add myself to Uploaders. stable/main/binary-amd64/xserver-xorg-dev_1.1.1-21etch4_amd64.deb stable/main/binary-amd64/xserver-xephyr_1.1.1-21etch4_amd64.deb stable/main/binary-amd64/xdmx_1.1.1-21etch4_amd64.deb stable/main/binary-amd64/xserver-xorg-core_1.1.1-21etch4_amd64.deb stable/main/binary-amd64/xdmx-tools_1.1.1-21etch4_amd64.deb stable/main/binary-amd64/xvfb_1.1.1-21etch4_amd64.deb stable/main/binary-amd64/xnest_1.1.1-21etch4_amd64.deb xorg-server (2:1.1.1-21etch4) stable; urgency=low [ Julien Cristau ] * Add patch by Michael Karcher to fix inline asm in fb/fbpict.c. On processors without the cpuid instruction, the X server would get a SIGILL (closes: #353494). [ Brice Goglin ] * Add myself to Uploaders. stable/main/binary-alpha/xserver-xorg-dev_1.1.1-21etch4_alpha.deb stable/main/binary-alpha/xserver-xorg-core_1.1.1-21etch4_alpha.deb stable/main/binary-alpha/xdmx-tools_1.1.1-21etch4_alpha.deb stable/main/binary-alpha/xdmx_1.1.1-21etch4_alpha.deb stable/main/binary-alpha/xserver-xephyr_1.1.1-21etch4_alpha.deb stable/main/binary-alpha/xvfb_1.1.1-21etch4_alpha.deb stable/main/binary-alpha/xnest_1.1.1-21etch4_alpha.deb xorg-server (2:1.1.1-21etch4) stable; urgency=low [ Julien Cristau ] * Add patch by Michael Karcher to fix inline asm in fb/fbpict.c. On processors without the cpuid instruction, the X server would get a SIGILL (closes: #353494). [ Brice Goglin ] * Add myself to Uploaders. stable/main/binary-i386/xserver-xorg-core_1.1.1-21etch4_i386.deb stable/main/binary-i386/xserver-xorg-dev_1.1.1-21etch4_i386.deb stable/main/binary-i386/xserver-xephyr_1.1.1-21etch4_i386.deb stable/main/source/xorg-server_1.1.1-21etch4.diff.gz stable/main/binary-i386/xdmx_1.1.1-21etch4_i386.deb stable/main/source/xorg-server_1.1.1-21etch4.dsc stable/main/binary-i386/xdmx-tools_1.1.1-21etch4_i386.deb stable/main/binary-i386/xnest_1.1.1-21etch4_i386.deb stable/main/binary-i386/xvfb_1.1.1-21etch4_i386.deb xorg-server (2:1.1.1-21etch4) stable; urgency=low [ Julien Cristau ] * Add patch by Michael Karcher to fix inline asm in fb/fbpict.c. On processors without the cpuid instruction, the X server would get a SIGILL (closes: #353494). [ Brice Goglin ] * Add myself to Uploaders. stable/main/binary-sparc/libxine-dev_1.1.2+dfsg-5_sparc.deb stable/main/binary-sparc/libxine1_1.1.2+dfsg-5_sparc.deb stable/main/binary-sparc/libxine1-dbg_1.1.2+dfsg-5_sparc.deb xine-lib (1.1.2+dfsg-5) stable-security; urgency=low * Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225) (backported from xine-lib 1.1.9.1) stable/main/binary-s390/libxine-dev_1.1.2+dfsg-5_s390.deb stable/main/binary-s390/libxine1_1.1.2+dfsg-5_s390.deb stable/main/binary-s390/libxine1-dbg_1.1.2+dfsg-5_s390.deb xine-lib (1.1.2+dfsg-5) stable-security; urgency=low * Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225) (backported from xine-lib 1.1.9.1) stable/main/binary-powerpc/libxine1-dbg_1.1.2+dfsg-5_powerpc.deb stable/main/binary-powerpc/libxine-dev_1.1.2+dfsg-5_powerpc.deb stable/main/binary-powerpc/libxine1_1.1.2+dfsg-5_powerpc.deb xine-lib (1.1.2+dfsg-5) stable-security; urgency=low * Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225) (backported from xine-lib 1.1.9.1) stable/main/binary-mipsel/libxine-dev_1.1.2+dfsg-5_mipsel.deb stable/main/binary-mipsel/libxine1_1.1.2+dfsg-5_mipsel.deb stable/main/binary-mipsel/libxine1-dbg_1.1.2+dfsg-5_mipsel.deb xine-lib (1.1.2+dfsg-5) stable-security; urgency=low * Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225) (backported from xine-lib 1.1.9.1) stable/main/binary-mips/libxine1_1.1.2+dfsg-5_mips.deb stable/main/binary-mips/libxine-dev_1.1.2+dfsg-5_mips.deb stable/main/binary-mips/libxine1-dbg_1.1.2+dfsg-5_mips.deb xine-lib (1.1.2+dfsg-5) stable-security; urgency=low * Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225) (backported from xine-lib 1.1.9.1) stable/main/binary-ia64/libxine1-dbg_1.1.2+dfsg-5_ia64.deb stable/main/binary-ia64/libxine1_1.1.2+dfsg-5_ia64.deb stable/main/binary-ia64/libxine-dev_1.1.2+dfsg-5_ia64.deb xine-lib (1.1.2+dfsg-5) stable-security; urgency=low * Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225) (backported from xine-lib 1.1.9.1) stable/main/binary-hppa/libxine1_1.1.2+dfsg-5_hppa.deb stable/main/binary-hppa/libxine-dev_1.1.2+dfsg-5_hppa.deb stable/main/binary-hppa/libxine1-dbg_1.1.2+dfsg-5_hppa.deb xine-lib (1.1.2+dfsg-5) stable-security; urgency=low * Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225) (backported from xine-lib 1.1.9.1) stable/main/binary-arm/libxine1_1.1.2+dfsg-5_arm.deb stable/main/binary-arm/libxine-dev_1.1.2+dfsg-5_arm.deb stable/main/binary-arm/libxine1-dbg_1.1.2+dfsg-5_arm.deb xine-lib (1.1.2+dfsg-5) stable-security; urgency=low * Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225) (backported from xine-lib 1.1.9.1) stable/main/binary-amd64/libxine-dev_1.1.2+dfsg-5_amd64.deb stable/main/binary-amd64/libxine1_1.1.2+dfsg-5_amd64.deb stable/main/binary-amd64/libxine1-dbg_1.1.2+dfsg-5_amd64.deb xine-lib (1.1.2+dfsg-5) stable-security; urgency=low * Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225) (backported from xine-lib 1.1.9.1) stable/main/binary-alpha/libxine1_1.1.2+dfsg-5_alpha.deb stable/main/binary-alpha/libxine-dev_1.1.2+dfsg-5_alpha.deb stable/main/binary-alpha/libxine1-dbg_1.1.2+dfsg-5_alpha.deb xine-lib (1.1.2+dfsg-5) stable-security; urgency=low * Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225) (backported from xine-lib 1.1.9.1) stable/main/binary-i386/libxine1_1.1.2+dfsg-5_i386.deb stable/main/source/xine-lib_1.1.2+dfsg-5.dsc stable/main/binary-i386/libxine-dev_1.1.2+dfsg-5_i386.deb stable/main/binary-i386/libxine1-dbg_1.1.2+dfsg-5_i386.deb stable/main/source/xine-lib_1.1.2+dfsg-5.diff.gz xine-lib (1.1.2+dfsg-5) stable-security; urgency=low * Fix a buffer overflow in RTSP header-handling code. (CVE-2008-0225) (backported from xine-lib 1.1.9.1) stable/main/binary-sparc/wzdftpd-back-mysql_0.8.1-2etch1_sparc.deb stable/main/binary-sparc/wzdftpd-mod-tcl_0.8.1-2etch1_sparc.deb stable/main/binary-sparc/wzdftpd-dev_0.8.1-2etch1_sparc.deb stable/main/binary-sparc/wzdftpd-mod-perl_0.8.1-2etch1_sparc.deb stable/main/binary-sparc/wzdftpd_0.8.1-2etch1_sparc.deb stable/main/binary-sparc/wzdftpd-back-pgsql_0.8.1-2etch1_sparc.deb stable/main/binary-sparc/wzdftpd-mod-avahi_0.8.1-2etch1_sparc.deb wzdftpd (0.8.1-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix off-by-one in wzd_login.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 stable/main/binary-s390/wzdftpd-back-pgsql_0.8.1-2etch1_s390.deb stable/main/binary-s390/wzdftpd_0.8.1-2etch1_s390.deb stable/main/binary-s390/wzdftpd-dev_0.8.1-2etch1_s390.deb stable/main/binary-s390/wzdftpd-mod-avahi_0.8.1-2etch1_s390.deb stable/main/binary-s390/wzdftpd-back-mysql_0.8.1-2etch1_s390.deb stable/main/binary-s390/wzdftpd-mod-tcl_0.8.1-2etch1_s390.deb stable/main/binary-s390/wzdftpd-mod-perl_0.8.1-2etch1_s390.deb wzdftpd (0.8.1-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix off-by-one in wzd_login.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 stable/main/binary-powerpc/wzdftpd-back-mysql_0.8.1-2etch1_powerpc.deb stable/main/binary-powerpc/wzdftpd-back-pgsql_0.8.1-2etch1_powerpc.deb stable/main/binary-powerpc/wzdftpd-mod-tcl_0.8.1-2etch1_powerpc.deb stable/main/binary-powerpc/wzdftpd-mod-perl_0.8.1-2etch1_powerpc.deb stable/main/binary-powerpc/wzdftpd-mod-avahi_0.8.1-2etch1_powerpc.deb stable/main/binary-powerpc/wzdftpd-dev_0.8.1-2etch1_powerpc.deb stable/main/binary-powerpc/wzdftpd_0.8.1-2etch1_powerpc.deb wzdftpd (0.8.1-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix off-by-one in wzd_login.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 stable/main/binary-mipsel/wzdftpd-dev_0.8.1-2etch1_mipsel.deb stable/main/binary-mipsel/wzdftpd-back-mysql_0.8.1-2etch1_mipsel.deb stable/main/binary-mipsel/wzdftpd-mod-tcl_0.8.1-2etch1_mipsel.deb stable/main/binary-mipsel/wzdftpd-mod-perl_0.8.1-2etch1_mipsel.deb stable/main/binary-mipsel/wzdftpd-mod-avahi_0.8.1-2etch1_mipsel.deb stable/main/binary-mipsel/wzdftpd-back-pgsql_0.8.1-2etch1_mipsel.deb stable/main/binary-mipsel/wzdftpd_0.8.1-2etch1_mipsel.deb wzdftpd (0.8.1-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix off-by-one in wzd_login.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 stable/main/binary-mips/wzdftpd-back-mysql_0.8.1-2etch1_mips.deb stable/main/binary-mips/wzdftpd-mod-avahi_0.8.1-2etch1_mips.deb stable/main/binary-mips/wzdftpd-back-pgsql_0.8.1-2etch1_mips.deb stable/main/binary-mips/wzdftpd_0.8.1-2etch1_mips.deb stable/main/binary-mips/wzdftpd-mod-perl_0.8.1-2etch1_mips.deb stable/main/binary-mips/wzdftpd-mod-tcl_0.8.1-2etch1_mips.deb stable/main/binary-mips/wzdftpd-dev_0.8.1-2etch1_mips.deb wzdftpd (0.8.1-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix off-by-one in wzd_login.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 stable/main/binary-ia64/wzdftpd-back-pgsql_0.8.1-2etch1_ia64.deb stable/main/binary-ia64/wzdftpd_0.8.1-2etch1_ia64.deb stable/main/binary-ia64/wzdftpd-mod-perl_0.8.1-2etch1_ia64.deb stable/main/binary-ia64/wzdftpd-dev_0.8.1-2etch1_ia64.deb stable/main/binary-ia64/wzdftpd-mod-avahi_0.8.1-2etch1_ia64.deb stable/main/binary-ia64/wzdftpd-back-mysql_0.8.1-2etch1_ia64.deb stable/main/binary-ia64/wzdftpd-mod-tcl_0.8.1-2etch1_ia64.deb wzdftpd (0.8.1-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix off-by-one in wzd_login.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 stable/main/binary-hppa/wzdftpd-mod-perl_0.8.1-2etch1_hppa.deb stable/main/binary-hppa/wzdftpd-mod-tcl_0.8.1-2etch1_hppa.deb stable/main/binary-hppa/wzdftpd-mod-avahi_0.8.1-2etch1_hppa.deb stable/main/binary-hppa/wzdftpd_0.8.1-2etch1_hppa.deb stable/main/binary-hppa/wzdftpd-back-mysql_0.8.1-2etch1_hppa.deb stable/main/binary-hppa/wzdftpd-back-pgsql_0.8.1-2etch1_hppa.deb stable/main/binary-hppa/wzdftpd-dev_0.8.1-2etch1_hppa.deb wzdftpd (0.8.1-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix off-by-one in wzd_login.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 stable/main/binary-arm/wzdftpd_0.8.1-2etch1_arm.deb stable/main/binary-arm/wzdftpd-mod-avahi_0.8.1-2etch1_arm.deb stable/main/binary-arm/wzdftpd-dev_0.8.1-2etch1_arm.deb stable/main/binary-arm/wzdftpd-mod-tcl_0.8.1-2etch1_arm.deb stable/main/binary-arm/wzdftpd-mod-perl_0.8.1-2etch1_arm.deb stable/main/binary-arm/wzdftpd-back-pgsql_0.8.1-2etch1_arm.deb stable/main/binary-arm/wzdftpd-back-mysql_0.8.1-2etch1_arm.deb wzdftpd (0.8.1-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix off-by-one in wzd_login.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 stable/main/binary-amd64/wzdftpd-back-mysql_0.8.1-2etch1_amd64.deb stable/main/binary-amd64/wzdftpd-mod-tcl_0.8.1-2etch1_amd64.deb stable/main/binary-amd64/wzdftpd-dev_0.8.1-2etch1_amd64.deb stable/main/binary-amd64/wzdftpd_0.8.1-2etch1_amd64.deb stable/main/binary-amd64/wzdftpd-mod-avahi_0.8.1-2etch1_amd64.deb stable/main/binary-amd64/wzdftpd-back-pgsql_0.8.1-2etch1_amd64.deb stable/main/binary-amd64/wzdftpd-mod-perl_0.8.1-2etch1_amd64.deb wzdftpd (0.8.1-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix off-by-one in wzd_login.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 stable/main/binary-alpha/wzdftpd-mod-perl_0.8.1-2etch1_alpha.deb stable/main/binary-alpha/wzdftpd-back-pgsql_0.8.1-2etch1_alpha.deb stable/main/binary-alpha/wzdftpd-mod-avahi_0.8.1-2etch1_alpha.deb stable/main/binary-alpha/wzdftpd-back-mysql_0.8.1-2etch1_alpha.deb stable/main/binary-alpha/wzdftpd-dev_0.8.1-2etch1_alpha.deb stable/main/binary-alpha/wzdftpd-mod-tcl_0.8.1-2etch1_alpha.deb stable/main/binary-alpha/wzdftpd_0.8.1-2etch1_alpha.deb wzdftpd (0.8.1-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix off-by-one in wzd_login.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 stable/main/binary-i386/wzdftpd-dev_0.8.1-2etch1_i386.deb stable/main/binary-i386/wzdftpd_0.8.1-2etch1_i386.deb stable/main/source/wzdftpd_0.8.1-2etch1.diff.gz stable/main/binary-i386/wzdftpd-mod-perl_0.8.1-2etch1_i386.deb stable/main/binary-i386/wzdftpd-back-pgsql_0.8.1-2etch1_i386.deb stable/main/source/wzdftpd_0.8.1-2etch1.dsc stable/main/binary-i386/wzdftpd-mod-avahi_0.8.1-2etch1_i386.deb stable/main/binary-i386/wzdftpd-mod-tcl_0.8.1-2etch1_i386.deb stable/main/binary-i386/wzdftpd-back-mysql_0.8.1-2etch1_i386.deb wzdftpd (0.8.1-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix off-by-one in wzd_login.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 stable/main/binary-sparc/wml_2.0.11-1etch1_sparc.deb wml (2.0.11-1etch1) stable-security; urgency=high * Non-maintainer upload by security team. * CVE-2008-0665, CVE-2008-0666: Fix insecure temporary file creations in eperl and ipp backends and a similar issue in the wmg.cgi contrib file leading to possible symlink attacks. If you already use wmg.cgi please update your copy (Closes: #463907). Patch by Nico Golde and Frank Lichtenheld. * Add libpng-dev to build-depends since apparently it was previously compiled against it. stable/main/binary-s390/wml_2.0.11-1etch1_s390.deb wml (2.0.11-1etch1) stable-security; urgency=high * Non-maintainer upload by security team. * CVE-2008-0665, CVE-2008-0666: Fix insecure temporary file creations in eperl and ipp backends and a similar issue in the wmg.cgi contrib file leading to possible symlink attacks. If you already use wmg.cgi please update your copy (Closes: #463907). Patch by Nico Golde and Frank Lichtenheld. * Add libpng-dev to build-depends since apparently it was previously compiled against it. stable/main/binary-powerpc/wml_2.0.11-1etch1_powerpc.deb wml (2.0.11-1etch1) stable-security; urgency=high * Non-maintainer upload by security team. * CVE-2008-0665, CVE-2008-0666: Fix insecure temporary file creations in eperl and ipp backends and a similar issue in the wmg.cgi contrib file leading to possible symlink attacks. If you already use wmg.cgi please update your copy (Closes: #463907). Patch by Nico Golde and Frank Lichtenheld. * Add libpng-dev to build-depends since apparently it was previously compiled against it. stable/main/binary-mipsel/wml_2.0.11-1etch1_mipsel.deb wml (2.0.11-1etch1) stable-security; urgency=high * Non-maintainer upload by security team. * CVE-2008-0665, CVE-2008-0666: Fix insecure temporary file creations in eperl and ipp backends and a similar issue in the wmg.cgi contrib file leading to possible symlink attacks. If you already use wmg.cgi please update your copy (Closes: #463907). Patch by Nico Golde and Frank Lichtenheld. * Add libpng-dev to build-depends since apparently it was previously compiled against it. stable/main/binary-mips/wml_2.0.11-1etch1_mips.deb wml (2.0.11-1etch1) stable-security; urgency=high * Non-maintainer upload by security team. * CVE-2008-0665, CVE-2008-0666: Fix insecure temporary file creations in eperl and ipp backends and a similar issue in the wmg.cgi contrib file leading to possible symlink attacks. If you already use wmg.cgi please update your copy (Closes: #463907). Patch by Nico Golde and Frank Lichtenheld. * Add libpng-dev to build-depends since apparently it was previously compiled against it. stable/main/binary-ia64/wml_2.0.11-1etch1_ia64.deb wml (2.0.11-1etch1) stable-security; urgency=high * Non-maintainer upload by security team. * CVE-2008-0665, CVE-2008-0666: Fix insecure temporary file creations in eperl and ipp backends and a similar issue in the wmg.cgi contrib file leading to possible symlink attacks. If you already use wmg.cgi please update your copy (Closes: #463907). Patch by Nico Golde and Frank Lichtenheld. * Add libpng-dev to build-depends since apparently it was previously compiled against it. stable/main/binary-hppa/wml_2.0.11-1etch1_hppa.deb wml (2.0.11-1etch1) stable-security; urgency=high * Non-maintainer upload by security team. * CVE-2008-0665, CVE-2008-0666: Fix insecure temporary file creations in eperl and ipp backends and a similar issue in the wmg.cgi contrib file leading to possible symlink attacks. If you already use wmg.cgi please update your copy (Closes: #463907). Patch by Nico Golde and Frank Lichtenheld. * Add libpng-dev to build-depends since apparently it was previously compiled against it. stable/main/binary-arm/wml_2.0.11-1etch1_arm.deb wml (2.0.11-1etch1) stable-security; urgency=high * Non-maintainer upload by security team. * CVE-2008-0665, CVE-2008-0666: Fix insecure temporary file creations in eperl and ipp backends and a similar issue in the wmg.cgi contrib file leading to possible symlink attacks. If you already use wmg.cgi please update your copy (Closes: #463907). Patch by Nico Golde and Frank Lichtenheld. * Add libpng-dev to build-depends since apparently it was previously compiled against it. stable/main/binary-amd64/wml_2.0.11-1etch1_amd64.deb wml (2.0.11-1etch1) stable-security; urgency=high * Non-maintainer upload by security team. * CVE-2008-0665, CVE-2008-0666: Fix insecure temporary file creations in eperl and ipp backends and a similar issue in the wmg.cgi contrib file leading to possible symlink attacks. If you already use wmg.cgi please update your copy (Closes: #463907). Patch by Nico Golde and Frank Lichtenheld. * Add libpng-dev to build-depends since apparently it was previously compiled against it. stable/main/binary-alpha/wml_2.0.11-1etch1_alpha.deb wml (2.0.11-1etch1) stable-security; urgency=high * Non-maintainer upload by security team. * CVE-2008-0665, CVE-2008-0666: Fix insecure temporary file creations in eperl and ipp backends and a similar issue in the wmg.cgi contrib file leading to possible symlink attacks. If you already use wmg.cgi please update your copy (Closes: #463907). Patch by Nico Golde and Frank Lichtenheld. * Add libpng-dev to build-depends since apparently it was previously compiled against it. stable/main/binary-i386/wml_2.0.11-1etch1_i386.deb stable/main/source/wml_2.0.11-1etch1.dsc stable/main/source/wml_2.0.11-1etch1.diff.gz wml (2.0.11-1etch1) stable-security; urgency=high * Non-maintainer upload by security team. * CVE-2008-0665, CVE-2008-0666: Fix insecure temporary file creations in eperl and ipp backends and a similar issue in the wmg.cgi contrib file leading to possible symlink attacks. If you already use wmg.cgi please update your copy (Closes: #463907). Patch by Nico Golde and Frank Lichtenheld. * Add libpng-dev to build-depends since apparently it was previously compiled against it. stable/main/binary-sparc/ethereal-dev_0.99.4-5.etch.2_sparc.deb stable/main/binary-sparc/ethereal-common_0.99.4-5.etch.2_sparc.deb stable/main/binary-sparc/tshark_0.99.4-5.etch.2_sparc.deb stable/main/binary-sparc/ethereal_0.99.4-5.etch.2_sparc.deb stable/main/binary-sparc/wireshark-common_0.99.4-5.etch.2_sparc.deb stable/main/binary-sparc/wireshark_0.99.4-5.etch.2_sparc.deb stable/main/binary-sparc/tethereal_0.99.4-5.etch.2_sparc.deb stable/main/binary-sparc/wireshark-dev_0.99.4-5.etch.2_sparc.deb wireshark (0.99.4-5.etch.2) stable-security; urgency=high * Backport two further security fixes reported later: CVE-2007-6450, CVE-2007-6451 stable/main/binary-s390/wireshark_0.99.4-5.etch.2_s390.deb stable/main/binary-s390/tshark_0.99.4-5.etch.2_s390.deb stable/main/binary-s390/ethereal-common_0.99.4-5.etch.2_s390.deb stable/main/binary-s390/wireshark-common_0.99.4-5.etch.2_s390.deb stable/main/binary-s390/wireshark-dev_0.99.4-5.etch.2_s390.deb stable/main/binary-s390/ethereal_0.99.4-5.etch.2_s390.deb stable/main/binary-s390/tethereal_0.99.4-5.etch.2_s390.deb stable/main/binary-s390/ethereal-dev_0.99.4-5.etch.2_s390.deb wireshark (0.99.4-5.etch.2) stable-security; urgency=high * Backport two further security fixes reported later: CVE-2007-6450, CVE-2007-6451 stable/main/binary-powerpc/wireshark_0.99.4-5.etch.2_powerpc.deb stable/main/binary-powerpc/tethereal_0.99.4-5.etch.2_powerpc.deb stable/main/binary-powerpc/ethereal_0.99.4-5.etch.2_powerpc.deb stable/main/binary-powerpc/wireshark-dev_0.99.4-5.etch.2_powerpc.deb stable/main/binary-powerpc/wireshark-common_0.99.4-5.etch.2_powerpc.deb stable/main/binary-powerpc/ethereal-dev_0.99.4-5.etch.2_powerpc.deb stable/main/binary-powerpc/ethereal-common_0.99.4-5.etch.2_powerpc.deb stable/main/binary-powerpc/tshark_0.99.4-5.etch.2_powerpc.deb wireshark (0.99.4-5.etch.2) stable-security; urgency=high * Backport two further security fixes reported later: CVE-2007-6450, CVE-2007-6451 stable/main/binary-mipsel/ethereal_0.99.4-5.etch.2_mipsel.deb stable/main/binary-mipsel/tshark_0.99.4-5.etch.2_mipsel.deb stable/main/binary-mipsel/ethereal-common_0.99.4-5.etch.2_mipsel.deb stable/main/binary-mipsel/ethereal-dev_0.99.4-5.etch.2_mipsel.deb stable/main/binary-mipsel/wireshark-common_0.99.4-5.etch.2_mipsel.deb stable/main/binary-mipsel/wireshark_0.99.4-5.etch.2_mipsel.deb stable/main/binary-mipsel/wireshark-dev_0.99.4-5.etch.2_mipsel.deb stable/main/binary-mipsel/tethereal_0.99.4-5.etch.2_mipsel.deb wireshark (0.99.4-5.etch.2) stable-security; urgency=high * Backport two further security fixes reported later: CVE-2007-6450, CVE-2007-6451 stable/main/binary-mips/ethereal-common_0.99.4-5.etch.2_mips.deb stable/main/binary-mips/tethereal_0.99.4-5.etch.2_mips.deb stable/main/binary-mips/tshark_0.99.4-5.etch.2_mips.deb stable/main/binary-mips/wireshark_0.99.4-5.etch.2_mips.deb stable/main/binary-mips/ethereal-dev_0.99.4-5.etch.2_mips.deb stable/main/binary-mips/wireshark-common_0.99.4-5.etch.2_mips.deb stable/main/binary-mips/wireshark-dev_0.99.4-5.etch.2_mips.deb stable/main/binary-mips/ethereal_0.99.4-5.etch.2_mips.deb wireshark (0.99.4-5.etch.2) stable-security; urgency=high * Backport two further security fixes reported later: CVE-2007-6450, CVE-2007-6451 stable/main/binary-ia64/tethereal_0.99.4-5.etch.2_ia64.deb stable/main/binary-ia64/wireshark_0.99.4-5.etch.2_ia64.deb stable/main/binary-ia64/ethereal-common_0.99.4-5.etch.2_ia64.deb stable/main/binary-ia64/wireshark-common_0.99.4-5.etch.2_ia64.deb stable/main/binary-ia64/tshark_0.99.4-5.etch.2_ia64.deb stable/main/binary-ia64/ethereal_0.99.4-5.etch.2_ia64.deb stable/main/binary-ia64/ethereal-dev_0.99.4-5.etch.2_ia64.deb stable/main/binary-ia64/wireshark-dev_0.99.4-5.etch.2_ia64.deb wireshark (0.99.4-5.etch.2) stable-security; urgency=high * Backport two further security fixes reported later: CVE-2007-6450, CVE-2007-6451 stable/main/binary-hppa/wireshark-dev_0.99.4-5.etch.2_hppa.deb stable/main/binary-hppa/tshark_0.99.4-5.etch.2_hppa.deb stable/main/binary-hppa/ethereal-dev_0.99.4-5.etch.2_hppa.deb stable/main/binary-hppa/ethereal_0.99.4-5.etch.2_hppa.deb stable/main/binary-hppa/ethereal-common_0.99.4-5.etch.2_hppa.deb stable/main/binary-hppa/tethereal_0.99.4-5.etch.2_hppa.deb stable/main/binary-hppa/wireshark_0.99.4-5.etch.2_hppa.deb stable/main/binary-hppa/wireshark-common_0.99.4-5.etch.2_hppa.deb wireshark (0.99.4-5.etch.2) stable-security; urgency=high * Backport two further security fixes reported later: CVE-2007-6450, CVE-2007-6451 stable/main/binary-arm/wireshark-dev_0.99.4-5.etch.2_arm.deb stable/main/binary-arm/ethereal_0.99.4-5.etch.2_arm.deb stable/main/binary-arm/tethereal_0.99.4-5.etch.2_arm.deb stable/main/binary-arm/tshark_0.99.4-5.etch.2_arm.deb stable/main/binary-arm/ethereal-common_0.99.4-5.etch.2_arm.deb stable/main/binary-arm/wireshark-common_0.99.4-5.etch.2_arm.deb stable/main/binary-arm/ethereal-dev_0.99.4-5.etch.2_arm.deb stable/main/binary-arm/wireshark_0.99.4-5.etch.2_arm.deb wireshark (0.99.4-5.etch.2) stable-security; urgency=high * Backport two further security fixes reported later: CVE-2007-6450, CVE-2007-6451 stable/main/binary-amd64/ethereal-dev_0.99.4-5.etch.2_amd64.deb stable/main/binary-amd64/tethereal_0.99.4-5.etch.2_amd64.deb stable/main/binary-amd64/wireshark-dev_0.99.4-5.etch.2_amd64.deb stable/main/binary-amd64/tshark_0.99.4-5.etch.2_amd64.deb stable/main/binary-amd64/wireshark-common_0.99.4-5.etch.2_amd64.deb stable/main/binary-amd64/wireshark_0.99.4-5.etch.2_amd64.deb stable/main/binary-amd64/ethereal-common_0.99.4-5.etch.2_amd64.deb stable/main/binary-amd64/ethereal_0.99.4-5.etch.2_amd64.deb wireshark (0.99.4-5.etch.2) stable-security; urgency=high * Backport two further security fixes reported later: CVE-2007-6450, CVE-2007-6451 stable/main/binary-alpha/ethereal-common_0.99.4-5.etch.2_alpha.deb stable/main/binary-alpha/wireshark-common_0.99.4-5.etch.2_alpha.deb stable/main/binary-alpha/wireshark-dev_0.99.4-5.etch.2_alpha.deb stable/main/binary-alpha/ethereal_0.99.4-5.etch.2_alpha.deb stable/main/binary-alpha/tshark_0.99.4-5.etch.2_alpha.deb stable/main/binary-alpha/tethereal_0.99.4-5.etch.2_alpha.deb stable/main/binary-alpha/ethereal-dev_0.99.4-5.etch.2_alpha.deb stable/main/binary-alpha/wireshark_0.99.4-5.etch.2_alpha.deb wireshark (0.99.4-5.etch.2) stable-security; urgency=high * Backport two further security fixes reported later: CVE-2007-6450, CVE-2007-6451 stable/main/binary-i386/ethereal-dev_0.99.4-5.etch.2_i386.deb stable/main/source/wireshark_0.99.4-5.etch.2.diff.gz stable/main/binary-i386/wireshark-dev_0.99.4-5.etch.2_i386.deb stable/main/binary-i386/wireshark-common_0.99.4-5.etch.2_i386.deb stable/main/binary-i386/ethereal_0.99.4-5.etch.2_i386.deb stable/main/binary-i386/tshark_0.99.4-5.etch.2_i386.deb stable/main/binary-i386/ethereal-common_0.99.4-5.etch.2_i386.deb stable/main/source/wireshark_0.99.4-5.etch.2.dsc stable/main/binary-i386/tethereal_0.99.4-5.etch.2_i386.deb stable/main/binary-i386/wireshark_0.99.4-5.etch.2_i386.deb wireshark (0.99.4-5.etch.2) stable-security; urgency=high * Backport two further security fixes reported later: CVE-2007-6450, CVE-2007-6451 stable/main/binary-all/viewcvs-query_0.9.2+cvs.1.0.dev.2004.07.28-4.1etch1_all.deb stable/main/source/viewcvs_0.9.2+cvs.1.0.dev.2004.07.28-4.1etch1.diff.gz stable/main/binary-all/viewcvs_0.9.2+cvs.1.0.dev.2004.07.28-4.1etch1_all.deb stable/main/source/viewcvs_0.9.2+cvs.1.0.dev.2004.07.28-4.1etch1.dsc viewcvs (0.9.2+cvs.1.0.dev.2004.07.28-4.1etch1) stable; urgency=low * No change NMU to bump the version to something suitable for Etch (closes: #372655, #422141) stable/main/binary-sparc/mount_2.12r-19etch1_sparc.deb stable/main/binary-sparc/fdisk-udeb_2.12r-19etch1_sparc.udeb stable/main/binary-sparc/util-linux_2.12r-19etch1_sparc.deb stable/main/binary-sparc/bsdutils_2.12r-19etch1_sparc.deb util-linux (2.12r-19etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 stable/main/binary-s390/mount_2.12r-19etch1_s390.deb stable/main/binary-s390/fdisk-udeb_2.12r-19etch1_s390.udeb stable/main/binary-s390/cfdisk-udeb_2.12r-19etch1_s390.udeb stable/main/binary-s390/util-linux_2.12r-19etch1_s390.deb stable/main/binary-s390/bsdutils_2.12r-19etch1_s390.deb util-linux (2.12r-19etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 stable/main/binary-powerpc/fdisk-udeb_2.12r-19etch1_powerpc.udeb stable/main/binary-powerpc/util-linux_2.12r-19etch1_powerpc.deb stable/main/binary-powerpc/bsdutils_2.12r-19etch1_powerpc.deb stable/main/binary-powerpc/mount_2.12r-19etch1_powerpc.deb stable/main/binary-powerpc/cfdisk-udeb_2.12r-19etch1_powerpc.udeb util-linux (2.12r-19etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 stable/main/binary-mipsel/mount_2.12r-19etch1_mipsel.deb stable/main/binary-mipsel/cfdisk-udeb_2.12r-19etch1_mipsel.udeb stable/main/binary-mipsel/util-linux_2.12r-19etch1_mipsel.deb stable/main/binary-mipsel/fdisk-udeb_2.12r-19etch1_mipsel.udeb stable/main/binary-mipsel/bsdutils_2.12r-19etch1_mipsel.deb util-linux (2.12r-19etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 stable/main/binary-mips/util-linux_2.12r-19etch1_mips.deb stable/main/binary-mips/fdisk-udeb_2.12r-19etch1_mips.udeb stable/main/binary-mips/cfdisk-udeb_2.12r-19etch1_mips.udeb stable/main/binary-mips/bsdutils_2.12r-19etch1_mips.deb stable/main/binary-mips/mount_2.12r-19etch1_mips.deb util-linux (2.12r-19etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 stable/main/binary-ia64/util-linux_2.12r-19etch1_ia64.deb stable/main/binary-ia64/mount_2.12r-19etch1_ia64.deb stable/main/binary-ia64/cfdisk-udeb_2.12r-19etch1_ia64.udeb stable/main/binary-ia64/fdisk-udeb_2.12r-19etch1_ia64.udeb stable/main/binary-ia64/bsdutils_2.12r-19etch1_ia64.deb util-linux (2.12r-19etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 stable/main/binary-hppa/cfdisk-udeb_2.12r-19etch1_hppa.udeb stable/main/binary-hppa/util-linux_2.12r-19etch1_hppa.deb stable/main/binary-hppa/fdisk-udeb_2.12r-19etch1_hppa.udeb stable/main/binary-hppa/mount_2.12r-19etch1_hppa.deb stable/main/binary-hppa/bsdutils_2.12r-19etch1_hppa.deb util-linux (2.12r-19etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 stable/main/binary-arm/cfdisk-udeb_2.12r-19etch1_arm.udeb stable/main/binary-arm/fdisk-udeb_2.12r-19etch1_arm.udeb stable/main/binary-arm/mount_2.12r-19etch1_arm.deb stable/main/binary-arm/bsdutils_2.12r-19etch1_arm.deb stable/main/binary-arm/util-linux_2.12r-19etch1_arm.deb util-linux (2.12r-19etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 stable/main/binary-amd64/mount_2.12r-19etch1_amd64.deb stable/main/binary-amd64/util-linux_2.12r-19etch1_amd64.deb stable/main/binary-amd64/cfdisk-udeb_2.12r-19etch1_amd64.udeb stable/main/binary-amd64/fdisk-udeb_2.12r-19etch1_amd64.udeb stable/main/binary-amd64/bsdutils_2.12r-19etch1_amd64.deb util-linux (2.12r-19etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 stable/main/binary-alpha/cfdisk-udeb_2.12r-19etch1_alpha.udeb stable/main/binary-alpha/bsdutils_2.12r-19etch1_alpha.deb stable/main/binary-alpha/util-linux_2.12r-19etch1_alpha.deb stable/main/binary-alpha/fdisk-udeb_2.12r-19etch1_alpha.udeb stable/main/binary-alpha/mount_2.12r-19etch1_alpha.deb util-linux (2.12r-19etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 stable/main/binary-i386/cfdisk-udeb_2.12r-19etch1_i386.udeb stable/main/binary-all/util-linux-locales_2.12r-19etch1_all.deb stable/main/binary-i386/mount_2.12r-19etch1_i386.deb stable/main/binary-i386/fdisk-udeb_2.12r-19etch1_i386.udeb stable/main/binary-i386/bsdutils_2.12r-19etch1_i386.deb stable/main/source/util-linux_2.12r-19etch1.dsc stable/main/source/util-linux_2.12r-19etch1.diff.gz stable/main/binary-i386/util-linux_2.12r-19etch1_i386.deb util-linux (2.12r-19etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 stable/main/binary-i386/user-mode-linux_2.6.18-1um-2etch.18etch1_i386.deb stable/main/source/user-mode-linux_2.6.18-1um-2etch.18etch1.dsc stable/main/source/user-mode-linux_2.6.18-1um-2etch.18etch1.diff.gz user-mode-linux (2.6.18-1um-2etch.18etch1) stable-security; urgency=high * Rebuild against linux-source-2.6.18 (2.6.18.dfsg.1-18etch1) * bugfix/vmsplice-security.patch [SECURITY] Fix missing access check in vmsplice. See CVE-2008-0010, CVE-2008-0600 * bugfix/all/vserver/proc-link-security.patch [SECURITY][vserver] Fix access checks for the links in /proc/$pid. * Changes from linux-source-2.6.18 (2.6.18.dfsg.1-18) [ Martin Michlmayr ] * [mips] Fix network on Cobalt RaQ1, thanks Thomas Bogendoerfer (closes: #460337). [ dann frazier ] * [ia64] Fix an issue with unaligned accesses and certain floating point instructions that can result in silent user data corruption (closes: #461493). * Update abi reference files for ABI 6 stable/non-free/binary-sparc/unrar_3.5.4-1.1_sparc.deb unrar-nonfree (1:3.5.4-1.1) stable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). stable/non-free/binary-s390/unrar_3.5.4-1.1_s390.deb unrar-nonfree (1:3.5.4-1.1) stable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). stable/non-free/binary-powerpc/unrar_3.5.4-1.1_powerpc.deb unrar-nonfree (1:3.5.4-1.1) stable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). stable/non-free/binary-mipsel/unrar_3.5.4-1.1_mipsel.deb unrar-nonfree (1:3.5.4-1.1) stable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). stable/non-free/binary-mips/unrar_3.5.4-1.1_mips.deb unrar-nonfree (1:3.5.4-1.1) stable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). stable/non-free/binary-ia64/unrar_3.5.4-1.1_ia64.deb unrar-nonfree (1:3.5.4-1.1) stable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). stable/non-free/binary-hppa/unrar_3.5.4-1.1_hppa.deb unrar-nonfree (1:3.5.4-1.1) stable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). stable/non-free/binary-arm/unrar_3.5.4-1.1_arm.deb unrar-nonfree (1:3.5.4-1.1) stable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). stable/non-free/binary-amd64/unrar_3.5.4-1.1_amd64.deb unrar-nonfree (1:3.5.4-1.1) stable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). stable/non-free/binary-alpha/unrar_3.5.4-1.1_alpha.deb unrar-nonfree (1:3.5.4-1.1) stable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). stable/non-free/source/unrar-nonfree_3.5.4-1.1.diff.gz stable/non-free/binary-i386/unrar_3.5.4-1.1_i386.deb stable/non-free/source/unrar-nonfree_3.5.4-1.1.dsc unrar-nonfree (1:3.5.4-1.1) stable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). stable/main/source/typo3-src_4.0.2+debian-4.diff.gz stable/main/source/typo3-src_4.0.2+debian-4.dsc stable/main/binary-all/typo3_4.0.2+debian-4_all.deb stable/main/binary-all/typo3-src-4.0_4.0.2+debian-4_all.deb typo3-src (4.0.2+debian-4) stable-security; urgency=high * Fixed security problem "SQL Injection in system extension indexed_search" (CVE-2007-6381) with patch taken from 4.0.8. (Closes: 457446) stable/main/source/tomcat5.5_5.5.20-2etch2.diff.gz stable/main/binary-all/tomcat5.5-admin_5.5.20-2etch2_all.deb stable/main/source/tomcat5.5_5.5.20-2etch2.dsc stable/main/binary-all/tomcat5.5-webapps_5.5.20-2etch2_all.deb stable/main/binary-all/libtomcat5.5-java_5.5.20-2etch2_all.deb stable/main/binary-all/tomcat5.5_5.5.20-2etch2_all.deb tomcat5.5 (5.5.20-2etch2) stable-security; urgency=high * CVE-2007-2450: Fixed multiple cross-site scripting (XSS) vulnerabilities. * CVE-2008-0128: Fixed issue with single sign-on cookie and https. * Fixed permissions for tomcat5.5-webapps. Closes: #460839. stable/main/binary-all/tomcat5_5.0.30-12etch1_all.deb stable/main/source/tomcat5_5.0.30-12etch1.dsc stable/main/binary-all/tomcat5-admin_5.0.30-12etch1_all.deb stable/main/binary-all/tomcat5-webapps_5.0.30-12etch1_all.deb stable/main/binary-all/libtomcat5-java_5.0.30-12etch1_all.deb stable/main/source/tomcat5_5.0.30-12etch1.diff.gz tomcat5 (5.0.30-12etch1) stable-security; urgency=high * CVE-2007-3382, CVE-2007-3385, CVE-2007-5461 stable/main/binary-sparc/tk8.4_8.4.12-1etch2_sparc.deb stable/main/binary-sparc/tk8.4-dev_8.4.12-1etch2_sparc.deb tk8.4 (8.4.12-1etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-s390/tk8.4_8.4.12-1etch2_s390.deb stable/main/binary-s390/tk8.4-dev_8.4.12-1etch2_s390.deb tk8.4 (8.4.12-1etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-powerpc/tk8.4_8.4.12-1etch2_powerpc.deb stable/main/binary-powerpc/tk8.4-dev_8.4.12-1etch2_powerpc.deb tk8.4 (8.4.12-1etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-mipsel/tk8.4_8.4.12-1etch2_mipsel.deb stable/main/binary-mipsel/tk8.4-dev_8.4.12-1etch2_mipsel.deb tk8.4 (8.4.12-1etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-mips/tk8.4-dev_8.4.12-1etch2_mips.deb stable/main/binary-mips/tk8.4_8.4.12-1etch2_mips.deb tk8.4 (8.4.12-1etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-ia64/tk8.4-dev_8.4.12-1etch2_ia64.deb stable/main/binary-ia64/tk8.4_8.4.12-1etch2_ia64.deb tk8.4 (8.4.12-1etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-hppa/tk8.4_8.4.12-1etch2_hppa.deb stable/main/binary-hppa/tk8.4-dev_8.4.12-1etch2_hppa.deb tk8.4 (8.4.12-1etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-arm/tk8.4-dev_8.4.12-1etch2_arm.deb stable/main/binary-arm/tk8.4_8.4.12-1etch2_arm.deb tk8.4 (8.4.12-1etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-amd64/tk8.4_8.4.12-1etch2_amd64.deb stable/main/binary-amd64/tk8.4-dev_8.4.12-1etch2_amd64.deb tk8.4 (8.4.12-1etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-alpha/tk8.4-dev_8.4.12-1etch2_alpha.deb stable/main/binary-alpha/tk8.4_8.4.12-1etch2_alpha.deb tk8.4 (8.4.12-1etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/source/tk8.4_8.4.12-1etch2.dsc stable/main/binary-i386/tk8.4_8.4.12-1etch2_i386.deb stable/main/source/tk8.4_8.4.12-1etch2.diff.gz stable/main/binary-i386/tk8.4-dev_8.4.12-1etch2_i386.deb stable/main/binary-all/tk8.4-doc_8.4.12-1etch2_all.deb tk8.4 (8.4.12-1etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-sparc/tk8.3-dev_8.3.5-6etch2_sparc.deb stable/main/binary-sparc/tk8.3_8.3.5-6etch2_sparc.deb tk8.3 (8.3.5-6etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-s390/tk8.3_8.3.5-6etch2_s390.deb stable/main/binary-s390/tk8.3-dev_8.3.5-6etch2_s390.deb tk8.3 (8.3.5-6etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-powerpc/tk8.3-dev_8.3.5-6etch2_powerpc.deb stable/main/binary-powerpc/tk8.3_8.3.5-6etch2_powerpc.deb tk8.3 (8.3.5-6etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-mipsel/tk8.3_8.3.5-6etch2_mipsel.deb stable/main/binary-mipsel/tk8.3-dev_8.3.5-6etch2_mipsel.deb tk8.3 (8.3.5-6etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-mips/tk8.3-dev_8.3.5-6etch2_mips.deb stable/main/binary-mips/tk8.3_8.3.5-6etch2_mips.deb tk8.3 (8.3.5-6etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-ia64/tk8.3_8.3.5-6etch2_ia64.deb stable/main/binary-ia64/tk8.3-dev_8.3.5-6etch2_ia64.deb tk8.3 (8.3.5-6etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-hppa/tk8.3_8.3.5-6etch2_hppa.deb stable/main/binary-hppa/tk8.3-dev_8.3.5-6etch2_hppa.deb tk8.3 (8.3.5-6etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-arm/tk8.3_8.3.5-6etch2_arm.deb stable/main/binary-arm/tk8.3-dev_8.3.5-6etch2_arm.deb tk8.3 (8.3.5-6etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-amd64/tk8.3_8.3.5-6etch2_amd64.deb stable/main/binary-amd64/tk8.3-dev_8.3.5-6etch2_amd64.deb tk8.3 (8.3.5-6etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-alpha/tk8.3_8.3.5-6etch2_alpha.deb stable/main/binary-alpha/tk8.3-dev_8.3.5-6etch2_alpha.deb tk8.3 (8.3.5-6etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/source/tk8.3_8.3.5-6etch2.dsc stable/main/source/tk8.3_8.3.5-6etch2.diff.gz stable/main/binary-i386/tk8.3_8.3.5-6etch2_i386.deb stable/main/binary-all/tk8.3-doc_8.3.5-6etch2_all.deb stable/main/binary-i386/tk8.3-dev_8.3.5-6etch2_i386.deb tk8.3 (8.3.5-6etch2) stable-security; urgency=high * Fix CVE-2008-0553. stable/main/binary-sparc/tcpreen_1.4.3-0.1etch1_sparc.deb tcpreen (1.4.3-0.1etch1) stable-security; urgency=high * Fix multiple buffer overflows. (CVE-2007-6562) stable/main/binary-s390/tcpreen_1.4.3-0.1etch1_s390.deb tcpreen (1.4.3-0.1etch1) stable-security; urgency=high * Fix multiple buffer overflows. (CVE-2007-6562) stable/main/binary-powerpc/tcpreen_1.4.3-0.1etch1_powerpc.deb tcpreen (1.4.3-0.1etch1) stable-security; urgency=high * Fix multiple buffer overflows. (CVE-2007-6562) stable/main/binary-mipsel/tcpreen_1.4.3-0.1etch1_mipsel.deb tcpreen (1.4.3-0.1etch1) stable-security; urgency=high * Fix multiple buffer overflows. (CVE-2007-6562) stable/main/binary-mips/tcpreen_1.4.3-0.1etch1_mips.deb tcpreen (1.4.3-0.1etch1) stable-security; urgency=high * Fix multiple buffer overflows. (CVE-2007-6562) stable/main/binary-ia64/tcpreen_1.4.3-0.1etch1_ia64.deb tcpreen (1.4.3-0.1etch1) stable-security; urgency=high * Fix multiple buffer overflows. (CVE-2007-6562) stable/main/binary-hppa/tcpreen_1.4.3-0.1etch1_hppa.deb tcpreen (1.4.3-0.1etch1) stable-security; urgency=high * Fix multiple buffer overflows. (CVE-2007-6562) stable/main/binary-arm/tcpreen_1.4.3-0.1etch1_arm.deb tcpreen (1.4.3-0.1etch1) stable-security; urgency=high * Fix multiple buffer overflows. (CVE-2007-6562) stable/main/binary-amd64/tcpreen_1.4.3-0.1etch1_amd64.deb tcpreen (1.4.3-0.1etch1) stable-security; urgency=high * Fix multiple buffer overflows. (CVE-2007-6562) stable/main/binary-alpha/tcpreen_1.4.3-0.1etch1_alpha.deb tcpreen (1.4.3-0.1etch1) stable-security; urgency=high * Fix multiple buffer overflows. (CVE-2007-6562) stable/main/source/tcpreen_1.4.3-0.1etch1.dsc stable/main/binary-i386/tcpreen_1.4.3-0.1etch1_i386.deb stable/main/source/tcpreen_1.4.3-0.1etch1.diff.gz tcpreen (1.4.3-0.1etch1) stable-security; urgency=high * Fix multiple buffer overflows. (CVE-2007-6562) stable/main/binary-sparc/tar_1.16-2etch1_sparc.deb tar (1.16-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. * Update the autoconf scripts to the etch version (no functional changes, hopefully). stable/main/binary-s390/tar_1.16-2etch1_s390.deb tar (1.16-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. * Update the autoconf scripts to the etch version (no functional changes, hopefully). stable/main/binary-powerpc/tar_1.16-2etch1_powerpc.deb tar (1.16-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. * Update the autoconf scripts to the etch version (no functional changes, hopefully). stable/main/binary-mipsel/tar_1.16-2etch1_mipsel.deb tar (1.16-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. * Update the autoconf scripts to the etch version (no functional changes, hopefully). stable/main/binary-mips/tar_1.16-2etch1_mips.deb tar (1.16-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. * Update the autoconf scripts to the etch version (no functional changes, hopefully). stable/main/binary-ia64/tar_1.16-2etch1_ia64.deb tar (1.16-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. * Update the autoconf scripts to the etch version (no functional changes, hopefully). stable/main/binary-i386/tar_1.16-2etch1_i386.deb tar (1.16-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. * Update the autoconf scripts to the etch version (no functional changes, hopefully). stable/main/binary-hppa/tar_1.16-2etch1_hppa.deb tar (1.16-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. * Update the autoconf scripts to the etch version (no functional changes, hopefully). stable/main/binary-arm/tar_1.16-2etch1_arm.deb tar (1.16-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. * Update the autoconf scripts to the etch version (no functional changes, hopefully). stable/main/binary-alpha/tar_1.16-2etch1_alpha.deb tar (1.16-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. * Update the autoconf scripts to the etch version (no functional changes, hopefully). stable/main/binary-amd64/tar_1.16-2etch1_amd64.deb stable/main/source/tar_1.16-2etch1.diff.gz stable/main/source/tar_1.16-2etch1.dsc tar (1.16-2etch1) stable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. * Update the autoconf scripts to the etch version (no functional changes, hopefully). stable/main/binary-sparc/syslog-ng_2.0.0-1etch1_sparc.deb syslog-ng (2.0.0-1etch1) stable-security; urgency=high * Fix CVE-2007-6437. stable/main/binary-s390/syslog-ng_2.0.0-1etch1_s390.deb syslog-ng (2.0.0-1etch1) stable-security; urgency=high * Fix CVE-2007-6437. stable/main/binary-powerpc/syslog-ng_2.0.0-1etch1_powerpc.deb syslog-ng (2.0.0-1etch1) stable-security; urgency=high * Fix CVE-2007-6437. stable/main/binary-mipsel/syslog-ng_2.0.0-1etch1_mipsel.deb syslog-ng (2.0.0-1etch1) stable-security; urgency=high * Fix CVE-2007-6437. stable/main/binary-mips/syslog-ng_2.0.0-1etch1_mips.deb syslog-ng (2.0.0-1etch1) stable-security; urgency=high * Fix CVE-2007-6437. stable/main/binary-ia64/syslog-ng_2.0.0-1etch1_ia64.deb syslog-ng (2.0.0-1etch1) stable-security; urgency=high * Fix CVE-2007-6437. stable/main/binary-hppa/syslog-ng_2.0.0-1etch1_hppa.deb syslog-ng (2.0.0-1etch1) stable-security; urgency=high * Fix CVE-2007-6437. stable/main/binary-arm/syslog-ng_2.0.0-1etch1_arm.deb syslog-ng (2.0.0-1etch1) stable-security; urgency=high * Fix CVE-2007-6437. stable/main/binary-amd64/syslog-ng_2.0.0-1etch1_amd64.deb syslog-ng (2.0.0-1etch1) stable-security; urgency=high * Fix CVE-2007-6437. stable/main/binary-alpha/syslog-ng_2.0.0-1etch1_alpha.deb syslog-ng (2.0.0-1etch1) stable-security; urgency=high * Fix CVE-2007-6437. stable/main/source/syslog-ng_2.0.0-1etch1.dsc stable/main/binary-i386/syslog-ng_2.0.0-1etch1_i386.deb stable/main/source/syslog-ng_2.0.0-1etch1.diff.gz syslog-ng (2.0.0-1etch1) stable-security; urgency=high * Fix CVE-2007-6437. stable/non-free/binary-i386/sun-java5-plugin_1.5.0-14-1etch1_i386.deb stable/non-free/binary-amd64/sun-java5-bin_1.5.0-14-1etch1_amd64.deb stable/non-free/binary-amd64/sun-java5-jdk_1.5.0-14-1etch1_amd64.deb stable/non-free/binary-amd64/ia32-sun-java5-bin_1.5.0-14-1etch1_amd64.deb stable/non-free/binary-i386/sun-java5-jdk_1.5.0-14-1etch1_i386.deb stable/non-free/binary-all/sun-java5-doc_1.5.0-14-1etch1_all.deb stable/non-free/binary-all/sun-java5-fonts_1.5.0-14-1etch1_all.deb stable/non-free/binary-i386/sun-java5-bin_1.5.0-14-1etch1_i386.deb stable/non-free/source/sun-java5_1.5.0-14-1etch1.diff.gz stable/non-free/binary-i386/sun-java5-demo_1.5.0-14-1etch1_i386.deb stable/non-free/binary-all/sun-java5-source_1.5.0-14-1etch1_all.deb stable/non-free/source/sun-java5_1.5.0-14-1etch1.dsc stable/non-free/binary-amd64/sun-java5-demo_1.5.0-14-1etch1_amd64.deb stable/non-free/binary-ia64/ia32-sun-java5-bin_1.5.0-14-1etch1_ia64.deb stable/non-free/binary-all/sun-java5-jre_1.5.0-14-1etch1_all.deb sun-java5 (1.5.0-14-1etch1) stable; urgency=low * Upload to etch-updates. * New upstream bug fix release. For a list of changes see http://java.sun.com/j2se/1.5.0/ReleaseNotes.html. * Fixes among other: - Do not allow unauthorized remote arbitrary code execution (CVE-2007-5689). Closes: #463501. stable/main/binary-sparc/squid_2.6.5-6etch1_sparc.deb stable/main/binary-sparc/squidclient_2.6.5-6etch1_sparc.deb stable/main/binary-sparc/squid-cgi_2.6.5-6etch1_sparc.deb squid (2.6.5-6etch1) stable-security; urgency=high * debian/patches/58-dos-cache-update - Added upstream patch to fix potential DoS during some cache update reply processing (Ref: CVE-2007-6239, SQUID-2007:2) (Update prepared by Luigi Gangitano) stable/main/binary-s390/squid-cgi_2.6.5-6etch1_s390.deb stable/main/binary-s390/squidclient_2.6.5-6etch1_s390.deb stable/main/binary-s390/squid_2.6.5-6etch1_s390.deb squid (2.6.5-6etch1) stable-security; urgency=high * debian/patches/58-dos-cache-update - Added upstream patch to fix potential DoS during some cache update reply processing (Ref: CVE-2007-6239, SQUID-2007:2) (Update prepared by Luigi Gangitano) stable/main/binary-powerpc/squid_2.6.5-6etch1_powerpc.deb stable/main/binary-powerpc/squidclient_2.6.5-6etch1_powerpc.deb stable/main/binary-powerpc/squid-cgi_2.6.5-6etch1_powerpc.deb squid (2.6.5-6etch1) stable-security; urgency=high * debian/patches/58-dos-cache-update - Added upstream patch to fix potential DoS during some cache update reply processing (Ref: CVE-2007-6239, SQUID-2007:2) (Update prepared by Luigi Gangitano) stable/main/binary-mipsel/squid-cgi_2.6.5-6etch1_mipsel.deb stable/main/binary-mipsel/squidclient_2.6.5-6etch1_mipsel.deb stable/main/binary-mipsel/squid_2.6.5-6etch1_mipsel.deb squid (2.6.5-6etch1) stable-security; urgency=high * debian/patches/58-dos-cache-update - Added upstream patch to fix potential DoS during some cache update reply processing (Ref: CVE-2007-6239, SQUID-2007:2) (Update prepared by Luigi Gangitano) stable/main/binary-mips/squid-cgi_2.6.5-6etch1_mips.deb stable/main/binary-mips/squidclient_2.6.5-6etch1_mips.deb stable/main/binary-mips/squid_2.6.5-6etch1_mips.deb squid (2.6.5-6etch1) stable-security; urgency=high * debian/patches/58-dos-cache-update - Added upstream patch to fix potential DoS during some cache update reply processing (Ref: CVE-2007-6239, SQUID-2007:2) (Update prepared by Luigi Gangitano) stable/main/binary-ia64/squid_2.6.5-6etch1_ia64.deb stable/main/binary-ia64/squidclient_2.6.5-6etch1_ia64.deb stable/main/binary-ia64/squid-cgi_2.6.5-6etch1_ia64.deb squid (2.6.5-6etch1) stable-security; urgency=high * debian/patches/58-dos-cache-update - Added upstream patch to fix potential DoS during some cache update reply processing (Ref: CVE-2007-6239, SQUID-2007:2) (Update prepared by Luigi Gangitano) stable/main/binary-hppa/squid-cgi_2.6.5-6etch1_hppa.deb stable/main/binary-hppa/squid_2.6.5-6etch1_hppa.deb stable/main/binary-hppa/squidclient_2.6.5-6etch1_hppa.deb squid (2.6.5-6etch1) stable-security; urgency=high * debian/patches/58-dos-cache-update - Added upstream patch to fix potential DoS during some cache update reply processing (Ref: CVE-2007-6239, SQUID-2007:2) (Update prepared by Luigi Gangitano) stable/main/binary-arm/squid-cgi_2.6.5-6etch1_arm.deb stable/main/binary-arm/squid_2.6.5-6etch1_arm.deb stable/main/binary-arm/squidclient_2.6.5-6etch1_arm.deb squid (2.6.5-6etch1) stable-security; urgency=high * debian/patches/58-dos-cache-update - Added upstream patch to fix potential DoS during some cache update reply processing (Ref: CVE-2007-6239, SQUID-2007:2) (Update prepared by Luigi Gangitano) stable/main/binary-amd64/squid_2.6.5-6etch1_amd64.deb stable/main/binary-amd64/squid-cgi_2.6.5-6etch1_amd64.deb stable/main/binary-amd64/squidclient_2.6.5-6etch1_amd64.deb squid (2.6.5-6etch1) stable-security; urgency=high * debian/patches/58-dos-cache-update - Added upstream patch to fix potential DoS during some cache update reply processing (Ref: CVE-2007-6239, SQUID-2007:2) (Update prepared by Luigi Gangitano) stable/main/binary-alpha/squid_2.6.5-6etch1_alpha.deb stable/main/binary-alpha/squidclient_2.6.5-6etch1_alpha.deb stable/main/binary-alpha/squid-cgi_2.6.5-6etch1_alpha.deb squid (2.6.5-6etch1) stable-security; urgency=high * debian/patches/58-dos-cache-update - Added upstream patch to fix potential DoS during some cache update reply processing (Ref: CVE-2007-6239, SQUID-2007:2) (Update prepared by Luigi Gangitano) stable/main/source/squid_2.6.5-6etch1.dsc stable/main/binary-i386/squidclient_2.6.5-6etch1_i386.deb stable/main/binary-i386/squid-cgi_2.6.5-6etch1_i386.deb stable/main/binary-all/squid-common_2.6.5-6etch1_all.deb stable/main/binary-i386/squid_2.6.5-6etch1_i386.deb stable/main/source/squid_2.6.5-6etch1.diff.gz squid (2.6.5-6etch1) stable-security; urgency=high * debian/patches/58-dos-cache-update - Added upstream patch to fix potential DoS during some cache update reply processing (Ref: CVE-2007-6239, SQUID-2007:2) (Update prepared by Luigi Gangitano) stable/main/binary-sparc/sing_1.1-13etch1_sparc.deb sing (1.1-13etch1) stable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) stable/main/binary-s390/sing_1.1-13etch1_s390.deb sing (1.1-13etch1) stable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) stable/main/binary-powerpc/sing_1.1-13etch1_powerpc.deb sing (1.1-13etch1) stable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) stable/main/binary-mipsel/sing_1.1-13etch1_mipsel.deb sing (1.1-13etch1) stable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) stable/main/binary-mips/sing_1.1-13etch1_mips.deb sing (1.1-13etch1) stable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) stable/main/binary-ia64/sing_1.1-13etch1_ia64.deb sing (1.1-13etch1) stable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) stable/main/binary-hppa/sing_1.1-13etch1_hppa.deb sing (1.1-13etch1) stable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) stable/main/binary-arm/sing_1.1-13etch1_arm.deb sing (1.1-13etch1) stable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) stable/main/binary-amd64/sing_1.1-13etch1_amd64.deb sing (1.1-13etch1) stable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) stable/main/binary-alpha/sing_1.1-13etch1_alpha.deb sing (1.1-13etch1) stable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) stable/main/source/sing_1.1-13etch1.diff.gz stable/main/binary-i386/sing_1.1-13etch1_i386.deb stable/main/source/sing_1.1-13etch1.dsc sing (1.1-13etch1) stable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) stable/main/binary-sparc/libsdl-image1.2-dev_1.2.5-2etch1_sparc.deb stable/main/binary-sparc/libsdl-image1.2_1.2.5-2etch1_sparc.deb sdl-image1.2 (1.2.5-2etch1) stable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. stable/main/binary-s390/libsdl-image1.2-dev_1.2.5-2etch1_s390.deb stable/main/binary-s390/libsdl-image1.2_1.2.5-2etch1_s390.deb sdl-image1.2 (1.2.5-2etch1) stable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. stable/main/binary-powerpc/libsdl-image1.2_1.2.5-2etch1_powerpc.deb stable/main/binary-powerpc/libsdl-image1.2-dev_1.2.5-2etch1_powerpc.deb sdl-image1.2 (1.2.5-2etch1) stable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. stable/main/binary-mipsel/libsdl-image1.2_1.2.5-2etch1_mipsel.deb stable/main/binary-mipsel/libsdl-image1.2-dev_1.2.5-2etch1_mipsel.deb sdl-image1.2 (1.2.5-2etch1) stable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. stable/main/binary-mips/libsdl-image1.2-dev_1.2.5-2etch1_mips.deb stable/main/binary-mips/libsdl-image1.2_1.2.5-2etch1_mips.deb sdl-image1.2 (1.2.5-2etch1) stable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. stable/main/binary-ia64/libsdl-image1.2-dev_1.2.5-2etch1_ia64.deb stable/main/binary-ia64/libsdl-image1.2_1.2.5-2etch1_ia64.deb sdl-image1.2 (1.2.5-2etch1) stable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. stable/main/binary-hppa/libsdl-image1.2-dev_1.2.5-2etch1_hppa.deb stable/main/binary-hppa/libsdl-image1.2_1.2.5-2etch1_hppa.deb sdl-image1.2 (1.2.5-2etch1) stable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. stable/main/binary-arm/libsdl-image1.2-dev_1.2.5-2etch1_arm.deb stable/main/binary-arm/libsdl-image1.2_1.2.5-2etch1_arm.deb sdl-image1.2 (1.2.5-2etch1) stable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. stable/main/binary-amd64/libsdl-image1.2-dev_1.2.5-2etch1_amd64.deb stable/main/binary-amd64/libsdl-image1.2_1.2.5-2etch1_amd64.deb sdl-image1.2 (1.2.5-2etch1) stable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. stable/main/binary-alpha/libsdl-image1.2-dev_1.2.5-2etch1_alpha.deb stable/main/binary-alpha/libsdl-image1.2_1.2.5-2etch1_alpha.deb sdl-image1.2 (1.2.5-2etch1) stable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. stable/main/source/sdl-image1.2_1.2.5-2etch1.dsc stable/main/source/sdl-image1.2_1.2.5-2etch1.diff.gz stable/main/binary-i386/libsdl-image1.2-dev_1.2.5-2etch1_i386.deb stable/main/binary-i386/libsdl-image1.2_1.2.5-2etch1_i386.deb sdl-image1.2 (1.2.5-2etch1) stable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. stable/main/binary-sparc/scponly_4.6-1etch1_sparc.deb scponly (4.6-1etch1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). stable/main/binary-s390/scponly_4.6-1etch1_s390.deb scponly (4.6-1etch1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). stable/main/binary-powerpc/scponly_4.6-1etch1_powerpc.deb scponly (4.6-1etch1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). stable/main/binary-mipsel/scponly_4.6-1etch1_mipsel.deb scponly (4.6-1etch1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). stable/main/binary-mips/scponly_4.6-1etch1_mips.deb scponly (4.6-1etch1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). stable/main/binary-ia64/scponly_4.6-1etch1_ia64.deb scponly (4.6-1etch1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). stable/main/binary-i386/scponly_4.6-1etch1_i386.deb scponly (4.6-1etch1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). stable/main/binary-hppa/scponly_4.6-1etch1_hppa.deb scponly (4.6-1etch1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). stable/main/binary-arm/scponly_4.6-1etch1_arm.deb scponly (4.6-1etch1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). stable/main/binary-alpha/scponly_4.6-1etch1_alpha.deb scponly (4.6-1etch1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). stable/main/source/scponly_4.6-1etch1.diff.gz stable/main/source/scponly_4.6-1etch1.dsc stable/main/binary-amd64/scponly_4.6-1etch1_amd64.deb scponly (4.6-1etch1) stable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). stable/main/source/python-cherrypy_2.2.1-3etch1.dsc stable/main/binary-all/python-cherrypy_2.2.1-3etch1_all.deb stable/main/source/python-cherrypy_2.2.1-3etch1.diff.gz python-cherrypy (2.2.1-3etch1) stable-security; urgency=high * Fix directory traversal (CVE-2008-0252). stable/main/binary-sparc/libpulse-mainloop-glib0_0.9.5-5etch1_sparc.deb stable/main/binary-sparc/pulseaudio-module-lirc_0.9.5-5etch1_sparc.deb stable/main/binary-sparc/pulseaudio-module-gconf_0.9.5-5etch1_sparc.deb stable/main/binary-sparc/libpulse-dev_0.9.5-5etch1_sparc.deb stable/main/binary-sparc/pulseaudio-module-zeroconf_0.9.5-5etch1_sparc.deb stable/main/binary-sparc/pulseaudio_0.9.5-5etch1_sparc.deb stable/main/binary-sparc/libpulse-browse0_0.9.5-5etch1_sparc.deb stable/main/binary-sparc/libpulse0_0.9.5-5etch1_sparc.deb stable/main/binary-sparc/pulseaudio-module-x11_0.9.5-5etch1_sparc.deb stable/main/binary-sparc/pulseaudio-module-jack_0.9.5-5etch1_sparc.deb stable/main/binary-sparc/pulseaudio-utils_0.9.5-5etch1_sparc.deb stable/main/binary-sparc/pulseaudio-module-hal_0.9.5-5etch1_sparc.deb stable/main/binary-sparc/pulseaudio-esound-compat_0.9.5-5etch1_sparc.deb pulseaudio (0.9.5-5etch1) stable-security; urgency=low * debian/paches/06_pa-CVE-2008-0008-pa0.9.5.dpatch: + Added. Assert that dropping permissions succeeds. stable/main/binary-s390/pulseaudio-esound-compat_0.9.5-5etch1_s390.deb stable/main/binary-s390/pulseaudio-module-x11_0.9.5-5etch1_s390.deb stable/main/binary-s390/pulseaudio-module-zeroconf_0.9.5-5etch1_s390.deb stable/main/binary-s390/pulseaudio-module-gconf_0.9.5-5etch1_s390.deb stable/main/binary-s390/pulseaudio-module-jack_0.9.5-5etch1_s390.deb stable/main/binary-s390/libpulse-browse0_0.9.5-5etch1_s390.deb stable/main/binary-s390/pulseaudio-utils_0.9.5-5etch1_s390.deb stable/main/binary-s390/pulseaudio_0.9.5-5etch1_s390.deb stable/main/binary-s390/pulseaudio-module-lirc_0.9.5-5etch1_s390.deb stable/main/binary-s390/libpulse0_0.9.5-5etch1_s390.deb stable/main/binary-s390/libpulse-mainloop-glib0_0.9.5-5etch1_s390.deb stable/main/binary-s390/pulseaudio-module-hal_0.9.5-5etch1_s390.deb stable/main/binary-s390/libpulse-dev_0.9.5-5etch1_s390.deb pulseaudio (0.9.5-5etch1) stable-security; urgency=low * debian/paches/06_pa-CVE-2008-0008-pa0.9.5.dpatch: + Added. Assert that dropping permissions succeeds. stable/main/binary-powerpc/pulseaudio-module-x11_0.9.5-5etch1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-jack_0.9.5-5etch1_powerpc.deb stable/main/binary-powerpc/libpulse-mainloop-glib0_0.9.5-5etch1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-gconf_0.9.5-5etch1_powerpc.deb stable/main/binary-powerpc/libpulse-browse0_0.9.5-5etch1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-zeroconf_0.9.5-5etch1_powerpc.deb stable/main/binary-powerpc/pulseaudio_0.9.5-5etch1_powerpc.deb stable/main/binary-powerpc/pulseaudio-esound-compat_0.9.5-5etch1_powerpc.deb stable/main/binary-powerpc/libpulse0_0.9.5-5etch1_powerpc.deb stable/main/binary-powerpc/pulseaudio-utils_0.9.5-5etch1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-hal_0.9.5-5etch1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-lirc_0.9.5-5etch1_powerpc.deb stable/main/binary-powerpc/libpulse-dev_0.9.5-5etch1_powerpc.deb pulseaudio (0.9.5-5etch1) stable-security; urgency=low * debian/paches/06_pa-CVE-2008-0008-pa0.9.5.dpatch: + Added. Assert that dropping permissions succeeds. stable/main/binary-mipsel/pulseaudio_0.9.5-5etch1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-zeroconf_0.9.5-5etch1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-lirc_0.9.5-5etch1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-hal_0.9.5-5etch1_mipsel.deb stable/main/binary-mipsel/libpulse0_0.9.5-5etch1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-gconf_0.9.5-5etch1_mipsel.deb stable/main/binary-mipsel/libpulse-dev_0.9.5-5etch1_mipsel.deb stable/main/binary-mipsel/libpulse-mainloop-glib0_0.9.5-5etch1_mipsel.deb stable/main/binary-mipsel/libpulse-browse0_0.9.5-5etch1_mipsel.deb stable/main/binary-mipsel/pulseaudio-utils_0.9.5-5etch1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-x11_0.9.5-5etch1_mipsel.deb stable/main/binary-mipsel/pulseaudio-esound-compat_0.9.5-5etch1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-jack_0.9.5-5etch1_mipsel.deb pulseaudio (0.9.5-5etch1) stable-security; urgency=low * debian/paches/06_pa-CVE-2008-0008-pa0.9.5.dpatch: + Added. Assert that dropping permissions succeeds. stable/main/binary-mips/libpulse0_0.9.5-5etch1_mips.deb stable/main/binary-mips/pulseaudio-module-hal_0.9.5-5etch1_mips.deb stable/main/binary-mips/pulseaudio-module-zeroconf_0.9.5-5etch1_mips.deb stable/main/binary-mips/pulseaudio-module-lirc_0.9.5-5etch1_mips.deb stable/main/binary-mips/pulseaudio-module-x11_0.9.5-5etch1_mips.deb stable/main/binary-mips/pulseaudio-utils_0.9.5-5etch1_mips.deb stable/main/binary-mips/pulseaudio-esound-compat_0.9.5-5etch1_mips.deb stable/main/binary-mips/pulseaudio-module-jack_0.9.5-5etch1_mips.deb stable/main/binary-mips/libpulse-dev_0.9.5-5etch1_mips.deb stable/main/binary-mips/libpulse-browse0_0.9.5-5etch1_mips.deb stable/main/binary-mips/pulseaudio_0.9.5-5etch1_mips.deb stable/main/binary-mips/libpulse-mainloop-glib0_0.9.5-5etch1_mips.deb stable/main/binary-mips/pulseaudio-module-gconf_0.9.5-5etch1_mips.deb pulseaudio (0.9.5-5etch1) stable-security; urgency=low * debian/paches/06_pa-CVE-2008-0008-pa0.9.5.dpatch: + Added. Assert that dropping permissions succeeds. stable/main/binary-ia64/pulseaudio-module-x11_0.9.5-5etch1_ia64.deb stable/main/binary-ia64/pulseaudio-module-hal_0.9.5-5etch1_ia64.deb stable/main/binary-ia64/libpulse0_0.9.5-5etch1_ia64.deb stable/main/binary-ia64/pulseaudio-module-gconf_0.9.5-5etch1_ia64.deb stable/main/binary-ia64/pulseaudio-utils_0.9.5-5etch1_ia64.deb stable/main/binary-ia64/libpulse-browse0_0.9.5-5etch1_ia64.deb stable/main/binary-ia64/pulseaudio-module-lirc_0.9.5-5etch1_ia64.deb stable/main/binary-ia64/pulseaudio-esound-compat_0.9.5-5etch1_ia64.deb stable/main/binary-ia64/libpulse-mainloop-glib0_0.9.5-5etch1_ia64.deb stable/main/binary-ia64/pulseaudio-module-jack_0.9.5-5etch1_ia64.deb stable/main/binary-ia64/pulseaudio-module-zeroconf_0.9.5-5etch1_ia64.deb stable/main/binary-ia64/pulseaudio_0.9.5-5etch1_ia64.deb stable/main/binary-ia64/libpulse-dev_0.9.5-5etch1_ia64.deb pulseaudio (0.9.5-5etch1) stable-security; urgency=low * debian/paches/06_pa-CVE-2008-0008-pa0.9.5.dpatch: + Added. Assert that dropping permissions succeeds. stable/main/binary-hppa/libpulse0_0.9.5-5etch1_hppa.deb stable/main/binary-hppa/libpulse-browse0_0.9.5-5etch1_hppa.deb stable/main/binary-hppa/pulseaudio-utils_0.9.5-5etch1_hppa.deb stable/main/binary-hppa/pulseaudio-module-hal_0.9.5-5etch1_hppa.deb stable/main/binary-hppa/pulseaudio-module-zeroconf_0.9.5-5etch1_hppa.deb stable/main/binary-hppa/pulseaudio-module-x11_0.9.5-5etch1_hppa.deb stable/main/binary-hppa/libpulse-dev_0.9.5-5etch1_hppa.deb stable/main/binary-hppa/pulseaudio-module-lirc_0.9.5-5etch1_hppa.deb stable/main/binary-hppa/pulseaudio-module-jack_0.9.5-5etch1_hppa.deb stable/main/binary-hppa/pulseaudio-esound-compat_0.9.5-5etch1_hppa.deb stable/main/binary-hppa/pulseaudio-module-gconf_0.9.5-5etch1_hppa.deb stable/main/binary-hppa/pulseaudio_0.9.5-5etch1_hppa.deb stable/main/binary-hppa/libpulse-mainloop-glib0_0.9.5-5etch1_hppa.deb pulseaudio (0.9.5-5etch1) stable-security; urgency=low * debian/paches/06_pa-CVE-2008-0008-pa0.9.5.dpatch: + Added. Assert that dropping permissions succeeds. stable/main/binary-arm/pulseaudio-module-gconf_0.9.5-5etch1_arm.deb stable/main/binary-arm/libpulse0_0.9.5-5etch1_arm.deb stable/main/binary-arm/libpulse-mainloop-glib0_0.9.5-5etch1_arm.deb stable/main/binary-arm/pulseaudio-module-hal_0.9.5-5etch1_arm.deb stable/main/binary-arm/pulseaudio-module-zeroconf_0.9.5-5etch1_arm.deb stable/main/binary-arm/pulseaudio-module-x11_0.9.5-5etch1_arm.deb stable/main/binary-arm/libpulse-browse0_0.9.5-5etch1_arm.deb stable/main/binary-arm/pulseaudio-esound-compat_0.9.5-5etch1_arm.deb stable/main/binary-arm/pulseaudio-module-jack_0.9.5-5etch1_arm.deb stable/main/binary-arm/pulseaudio-utils_0.9.5-5etch1_arm.deb stable/main/binary-arm/pulseaudio_0.9.5-5etch1_arm.deb stable/main/binary-arm/pulseaudio-module-lirc_0.9.5-5etch1_arm.deb stable/main/binary-arm/libpulse-dev_0.9.5-5etch1_arm.deb pulseaudio (0.9.5-5etch1) stable-security; urgency=low * debian/paches/06_pa-CVE-2008-0008-pa0.9.5.dpatch: + Added. Assert that dropping permissions succeeds. stable/main/binary-amd64/pulseaudio-module-hal_0.9.5-5etch1_amd64.deb stable/main/binary-amd64/pulseaudio-utils_0.9.5-5etch1_amd64.deb stable/main/binary-amd64/pulseaudio-module-gconf_0.9.5-5etch1_amd64.deb stable/main/binary-amd64/libpulse-mainloop-glib0_0.9.5-5etch1_amd64.deb stable/main/binary-amd64/pulseaudio-module-zeroconf_0.9.5-5etch1_amd64.deb stable/main/binary-amd64/pulseaudio-esound-compat_0.9.5-5etch1_amd64.deb stable/main/binary-amd64/libpulse-browse0_0.9.5-5etch1_amd64.deb stable/main/binary-amd64/libpulse-dev_0.9.5-5etch1_amd64.deb stable/main/binary-amd64/pulseaudio-module-lirc_0.9.5-5etch1_amd64.deb stable/main/binary-amd64/pulseaudio_0.9.5-5etch1_amd64.deb stable/main/binary-amd64/pulseaudio-module-jack_0.9.5-5etch1_amd64.deb stable/main/binary-amd64/pulseaudio-module-x11_0.9.5-5etch1_amd64.deb stable/main/binary-amd64/libpulse0_0.9.5-5etch1_amd64.deb pulseaudio (0.9.5-5etch1) stable-security; urgency=low * debian/paches/06_pa-CVE-2008-0008-pa0.9.5.dpatch: + Added. Assert that dropping permissions succeeds. stable/main/binary-alpha/pulseaudio-esound-compat_0.9.5-5etch1_alpha.deb stable/main/binary-alpha/pulseaudio-module-gconf_0.9.5-5etch1_alpha.deb stable/main/binary-alpha/pulseaudio-utils_0.9.5-5etch1_alpha.deb stable/main/binary-alpha/libpulse0_0.9.5-5etch1_alpha.deb stable/main/binary-alpha/libpulse-dev_0.9.5-5etch1_alpha.deb stable/main/binary-alpha/pulseaudio-module-zeroconf_0.9.5-5etch1_alpha.deb stable/main/binary-alpha/pulseaudio-module-x11_0.9.5-5etch1_alpha.deb stable/main/binary-alpha/pulseaudio-module-jack_0.9.5-5etch1_alpha.deb stable/main/binary-alpha/libpulse-browse0_0.9.5-5etch1_alpha.deb stable/main/binary-alpha/pulseaudio-module-lirc_0.9.5-5etch1_alpha.deb stable/main/binary-alpha/pulseaudio_0.9.5-5etch1_alpha.deb stable/main/binary-alpha/pulseaudio-module-hal_0.9.5-5etch1_alpha.deb stable/main/binary-alpha/libpulse-mainloop-glib0_0.9.5-5etch1_alpha.deb pulseaudio (0.9.5-5etch1) stable-security; urgency=low * debian/paches/06_pa-CVE-2008-0008-pa0.9.5.dpatch: + Added. Assert that dropping permissions succeeds. stable/main/binary-i386/pulseaudio_0.9.5-5etch1_i386.deb stable/main/source/pulseaudio_0.9.5-5etch1.diff.gz stable/main/binary-i386/pulseaudio-esound-compat_0.9.5-5etch1_i386.deb stable/main/source/pulseaudio_0.9.5-5etch1.dsc stable/main/binary-i386/pulseaudio-module-jack_0.9.5-5etch1_i386.deb stable/main/binary-i386/pulseaudio-module-lirc_0.9.5-5etch1_i386.deb stable/main/binary-i386/pulseaudio-module-gconf_0.9.5-5etch1_i386.deb stable/main/binary-i386/libpulse-browse0_0.9.5-5etch1_i386.deb stable/main/binary-i386/pulseaudio-utils_0.9.5-5etch1_i386.deb stable/main/binary-i386/pulseaudio-module-zeroconf_0.9.5-5etch1_i386.deb stable/main/binary-i386/libpulse-mainloop-glib0_0.9.5-5etch1_i386.deb stable/main/binary-i386/pulseaudio-module-hal_0.9.5-5etch1_i386.deb stable/main/binary-i386/libpulse-dev_0.9.5-5etch1_i386.deb stable/main/binary-i386/pulseaudio-module-x11_0.9.5-5etch1_i386.deb stable/main/binary-i386/libpulse0_0.9.5-5etch1_i386.deb pulseaudio (0.9.5-5etch1) stable-security; urgency=low * debian/paches/06_pa-CVE-2008-0008-pa0.9.5.dpatch: + Added. Assert that dropping permissions succeeds. stable/main/binary-sparc/postgresql-server-dev-8.1_8.1.11-0etch1_sparc.deb stable/main/binary-sparc/libecpg-compat2_8.1.11-0etch1_sparc.deb stable/main/binary-sparc/postgresql-plperl-8.1_8.1.11-0etch1_sparc.deb stable/main/binary-sparc/libpq4_8.1.11-0etch1_sparc.deb stable/main/binary-sparc/postgresql-client-8.1_8.1.11-0etch1_sparc.deb stable/main/binary-sparc/postgresql-8.1_8.1.11-0etch1_sparc.deb stable/main/binary-sparc/libecpg-dev_8.1.11-0etch1_sparc.deb stable/main/binary-sparc/postgresql-contrib-8.1_8.1.11-0etch1_sparc.deb stable/main/binary-sparc/libpq-dev_8.1.11-0etch1_sparc.deb stable/main/binary-sparc/postgresql-plpython-8.1_8.1.11-0etch1_sparc.deb stable/main/binary-sparc/libecpg5_8.1.11-0etch1_sparc.deb stable/main/binary-sparc/postgresql-pltcl-8.1_8.1.11-0etch1_sparc.deb stable/main/binary-sparc/libpgtypes2_8.1.11-0etch1_sparc.deb postgresql-8.1 (8.1.11-0etch1) stable-security; urgency=low * New upstream security/bugfix release: - Prevent functions in indexes from executing with the privileges of the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden within a SECURITY DEFINER context. [CVE-2007-6600] - Suitably crafted regular-expression patterns could cause crashes, infinite or near-infinite looping, and/or massive memory consumption, all of which pose denial-of-service hazards for applications that accept regex search patterns from untrustworthy sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067] - Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure. The fix that appeared for this in 8.2.5 was incomplete, as it plugged the hole for only some "dblink" functions. [CVE-2007-6601, CVE-2007-3278] - Fix bugs in WAL replay for GIN indexes. - Fix GIN index build to work properly when maintenance_work_mem is 4GB or more. - Improve planner's handling of LIKE/regex estimation in non-C locales. - Fix planning-speed problem for deep outer-join nests, as well as possible poor choice of join order. - Fix planner failure in some cases of WHERE false AND var IN (SELECT ...). - Make "CREATE TABLE ... SERIAL" and "ALTER SEQUENCE ... OWNED BY" not change the currval() state of the sequence. - Preserve the tablespace and storage parameters of indexes that are rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE". - Make archive recovery always start a new WAL timeline, rather than only when a recovery stop time was used. This avoids a corner-case risk of trying to overwrite an existing archived copy of the last WAL segment, and seems simpler and cleaner than the original definition. - Make "VACUUM" not use all of maintenance_work_mem when the table is too small for it to be useful. - Fix potential crash in translate() when using a multibyte database encoding. - Make corr() return the correct result for negative correlation values. - Fix overflow in extract(epoch from interval) for intervals exceeding 68 years. - Fix PL/Perl to not fail when a UTF-8 regular expression is used in a trusted function. - Fix PL/Python to work correctly with Python 2.5 on 64-bit machines (Marko Kreen) - Fix PL/Python to not crash on long exception messages. - Fix pg_dump to correctly handle inheritance child tables that have default expressions different from their parent's. - Fix libpq crash when PGPASSFILE refers to a file that is not a plain file. - ecpg parser fixes. - Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a category in its own right, rather than crashing. - Fix tsvector and tsquery output routines to escape backslashes correctly. - Fix crash of to_tsvector() on huge input strings. stable/main/binary-s390/postgresql-contrib-8.1_8.1.11-0etch1_s390.deb stable/main/binary-s390/libecpg5_8.1.11-0etch1_s390.deb stable/main/binary-s390/postgresql-pltcl-8.1_8.1.11-0etch1_s390.deb stable/main/binary-s390/postgresql-plpython-8.1_8.1.11-0etch1_s390.deb stable/main/binary-s390/libecpg-dev_8.1.11-0etch1_s390.deb stable/main/binary-s390/postgresql-server-dev-8.1_8.1.11-0etch1_s390.deb stable/main/binary-s390/libpgtypes2_8.1.11-0etch1_s390.deb stable/main/binary-s390/postgresql-plperl-8.1_8.1.11-0etch1_s390.deb stable/main/binary-s390/libpq4_8.1.11-0etch1_s390.deb stable/main/binary-s390/postgresql-8.1_8.1.11-0etch1_s390.deb stable/main/binary-s390/libpq-dev_8.1.11-0etch1_s390.deb stable/main/binary-s390/libecpg-compat2_8.1.11-0etch1_s390.deb stable/main/binary-s390/postgresql-client-8.1_8.1.11-0etch1_s390.deb postgresql-8.1 (8.1.11-0etch1) stable-security; urgency=low * New upstream security/bugfix release: - Prevent functions in indexes from executing with the privileges of the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden within a SECURITY DEFINER context. [CVE-2007-6600] - Suitably crafted regular-expression patterns could cause crashes, infinite or near-infinite looping, and/or massive memory consumption, all of which pose denial-of-service hazards for applications that accept regex search patterns from untrustworthy sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067] - Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure. The fix that appeared for this in 8.2.5 was incomplete, as it plugged the hole for only some "dblink" functions. [CVE-2007-6601, CVE-2007-3278] - Fix bugs in WAL replay for GIN indexes. - Fix GIN index build to work properly when maintenance_work_mem is 4GB or more. - Improve planner's handling of LIKE/regex estimation in non-C locales. - Fix planning-speed problem for deep outer-join nests, as well as possible poor choice of join order. - Fix planner failure in some cases of WHERE false AND var IN (SELECT ...). - Make "CREATE TABLE ... SERIAL" and "ALTER SEQUENCE ... OWNED BY" not change the currval() state of the sequence. - Preserve the tablespace and storage parameters of indexes that are rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE". - Make archive recovery always start a new WAL timeline, rather than only when a recovery stop time was used. This avoids a corner-case risk of trying to overwrite an existing archived copy of the last WAL segment, and seems simpler and cleaner than the original definition. - Make "VACUUM" not use all of maintenance_work_mem when the table is too small for it to be useful. - Fix potential crash in translate() when using a multibyte database encoding. - Make corr() return the correct result for negative correlation values. - Fix overflow in extract(epoch from interval) for intervals exceeding 68 years. - Fix PL/Perl to not fail when a UTF-8 regular expression is used in a trusted function. - Fix PL/Python to work correctly with Python 2.5 on 64-bit machines (Marko Kreen) - Fix PL/Python to not crash on long exception messages. - Fix pg_dump to correctly handle inheritance child tables that have default expressions different from their parent's. - Fix libpq crash when PGPASSFILE refers to a file that is not a plain file. - ecpg parser fixes. - Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a category in its own right, rather than crashing. - Fix tsvector and tsquery output routines to escape backslashes correctly. - Fix crash of to_tsvector() on huge input strings. stable/main/binary-powerpc/postgresql-pltcl-8.1_8.1.11-0etch1_powerpc.deb stable/main/binary-powerpc/libecpg-compat2_8.1.11-0etch1_powerpc.deb stable/main/binary-powerpc/postgresql-plpython-8.1_8.1.11-0etch1_powerpc.deb stable/main/binary-powerpc/libecpg-dev_8.1.11-0etch1_powerpc.deb stable/main/binary-powerpc/libecpg5_8.1.11-0etch1_powerpc.deb stable/main/binary-powerpc/postgresql-server-dev-8.1_8.1.11-0etch1_powerpc.deb stable/main/binary-powerpc/libpq-dev_8.1.11-0etch1_powerpc.deb stable/main/binary-powerpc/postgresql-contrib-8.1_8.1.11-0etch1_powerpc.deb stable/main/binary-powerpc/libpq4_8.1.11-0etch1_powerpc.deb stable/main/binary-powerpc/postgresql-client-8.1_8.1.11-0etch1_powerpc.deb stable/main/binary-powerpc/postgresql-8.1_8.1.11-0etch1_powerpc.deb stable/main/binary-powerpc/libpgtypes2_8.1.11-0etch1_powerpc.deb stable/main/binary-powerpc/postgresql-plperl-8.1_8.1.11-0etch1_powerpc.deb postgresql-8.1 (8.1.11-0etch1) stable-security; urgency=low * New upstream security/bugfix release: - Prevent functions in indexes from executing with the privileges of the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden within a SECURITY DEFINER context. [CVE-2007-6600] - Suitably crafted regular-expression patterns could cause crashes, infinite or near-infinite looping, and/or massive memory consumption, all of which pose denial-of-service hazards for applications that accept regex search patterns from untrustworthy sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067] - Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure. The fix that appeared for this in 8.2.5 was incomplete, as it plugged the hole for only some "dblink" functions. [CVE-2007-6601, CVE-2007-3278] - Fix bugs in WAL replay for GIN indexes. - Fix GIN index build to work properly when maintenance_work_mem is 4GB or more. - Improve planner's handling of LIKE/regex estimation in non-C locales. - Fix planning-speed problem for deep outer-join nests, as well as possible poor choice of join order. - Fix planner failure in some cases of WHERE false AND var IN (SELECT ...). - Make "CREATE TABLE ... SERIAL" and "ALTER SEQUENCE ... OWNED BY" not change the currval() state of the sequence. - Preserve the tablespace and storage parameters of indexes that are rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE". - Make archive recovery always start a new WAL timeline, rather than only when a recovery stop time was used. This avoids a corner-case risk of trying to overwrite an existing archived copy of the last WAL segment, and seems simpler and cleaner than the original definition. - Make "VACUUM" not use all of maintenance_work_mem when the table is too small for it to be useful. - Fix potential crash in translate() when using a multibyte database encoding. - Make corr() return the correct result for negative correlation values. - Fix overflow in extract(epoch from interval) for intervals exceeding 68 years. - Fix PL/Perl to not fail when a UTF-8 regular expression is used in a trusted function. - Fix PL/Python to work correctly with Python 2.5 on 64-bit machines (Marko Kreen) - Fix PL/Python to not crash on long exception messages. - Fix pg_dump to correctly handle inheritance child tables that have default expressions different from their parent's. - Fix libpq crash when PGPASSFILE refers to a file that is not a plain file. - ecpg parser fixes. - Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a category in its own right, rather than crashing. - Fix tsvector and tsquery output routines to escape backslashes correctly. - Fix crash of to_tsvector() on huge input strings. stable/main/binary-mipsel/libpq4_8.1.11-0etch1_mipsel.deb stable/main/binary-mipsel/libecpg-dev_8.1.11-0etch1_mipsel.deb stable/main/binary-mipsel/postgresql-plperl-8.1_8.1.11-0etch1_mipsel.deb stable/main/binary-mipsel/libecpg-compat2_8.1.11-0etch1_mipsel.deb stable/main/binary-mipsel/postgresql-8.1_8.1.11-0etch1_mipsel.deb stable/main/binary-mipsel/libpgtypes2_8.1.11-0etch1_mipsel.deb stable/main/binary-mipsel/libecpg5_8.1.11-0etch1_mipsel.deb stable/main/binary-mipsel/postgresql-contrib-8.1_8.1.11-0etch1_mipsel.deb stable/main/binary-mipsel/postgresql-plpython-8.1_8.1.11-0etch1_mipsel.deb stable/main/binary-mipsel/postgresql-client-8.1_8.1.11-0etch1_mipsel.deb stable/main/binary-mipsel/postgresql-pltcl-8.1_8.1.11-0etch1_mipsel.deb stable/main/binary-mipsel/postgresql-server-dev-8.1_8.1.11-0etch1_mipsel.deb stable/main/binary-mipsel/libpq-dev_8.1.11-0etch1_mipsel.deb postgresql-8.1 (8.1.11-0etch1) stable-security; urgency=low * New upstream security/bugfix release: - Prevent functions in indexes from executing with the privileges of the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden within a SECURITY DEFINER context. [CVE-2007-6600] - Suitably crafted regular-expression patterns could cause crashes, infinite or near-infinite looping, and/or massive memory consumption, all of which pose denial-of-service hazards for applications that accept regex search patterns from untrustworthy sources. [CVE-2007-4769, CVE-2007-4772, CVE-2007-6067] - Require non-superusers who use "/contrib/dblink" to use only password authentication, as a security measure. The fix that appeared for this in 8.2.5 was incomplete, as it plugged the hole for only some "dblink" functions. [CVE-2007-6601, CVE-2007-3278] - Fix bugs in WAL replay for GIN indexes. - Fix GIN index build to work properly when maintenance_work_mem is 4GB or more. - Improve planner's handling of LIKE/regex estimation in non-C locales. - Fix planning-speed problem for deep outer-join nests, as well as possible poor choice of join order. - Fix planner failure in some cases of WHERE false AND var IN (SELECT ...). - Make "CREATE TABLE ... SERIAL" and "ALTER SEQUENCE ... OWNED BY" not change the currval() state of the sequence. - Preserve the tablespace and storage parameters of indexes that are rebuilt by "ALTER TABLE ... ALTER COLUMN TYPE". - Make archive recovery always start a new WAL timeline, rather than only when a recovery stop time was used. This avoids a corner-case risk of trying to overwrite an existing archived copy of the last WAL segment, and seems simpler and cleaner than the original definition. - Make "VACUUM" not use all of maintenance_work_mem when the table is too small for it to be useful. - Fix potential crash in translate() when using a multibyte database encoding. - Make corr() return the correct result for negative correlation values. - Fix overflow in extract(epoch from interval) for intervals exceeding 68 years. - Fix PL/Perl to not fail when a UTF-8 regular expression is used in a trusted function. - Fix PL/Python to work correctly with Python 2.5 on 64-bit machines (Marko Kreen) - Fix PL/Python to not crash on long exception messages. - Fix pg_dump to correctly handle inheritance child tables that have default expressions different from their parent's. - Fix libpq crash when PGPASSFILE refers to a file that is not a plain file. - ecpg parser fixes. - Make "contrib/tablefunc"'s crosstab() handle NULL rowid as a category in its own right, rather than crashing. - Fix tsvector and tsquery output routines to escape backslashes correctly. - Fix crash of to_tsvector() on huge input strings. stable/main/binary-mips/postgresql-8.1_8.1.11-0etch1_mips.deb stable/main/binary-mips/libecpg-dev_8.1.11-0etch1_mips.deb stable/main/binary-mips/postgresql-plpython-8.1_8.1.11-0etch1_mips.deb stable/main/binary-mips/postgresql-pltcl-8.1_8.1.11-0etch1_mips.deb stable/main/binary-mips/libpq-dev_8.1.11-0etch1_mips.deb stable/main/binary-mips/libecpg-compat2_8.1.11-0etch1_mips.deb stable/main/binary-mips/libpq4_8.1.11-0etch1_mips.deb stable/main/binary-mips/libecpg5_8.1.11-0etch1_mips.deb stable/main/binary-mips/postgresql-plperl-8.1_8.1.11-0etch1_mips.deb stable/main/binary-mips/postgresql-contrib-8.1_8.1.11-0etch1_mips.deb stable/main/binary-mips/postgresql-server-dev-8.1_8.1.11-0etch1_mips.deb stable/main/binary-mips/libpgtypes2_8.1.11-0etch1_mips.deb stable/main/binary-mips/postgresql-client-8.1_8.1.11-0etch1_mips.deb postgresql-8.1 (8.1.11-0etch1) stable-security; urgency=low * New upstream security/bugfix release: - Prevent functions in indexes from executing with the privileges of the user running "VACUUM", "ANALYZE", etc. "SET ROLE" is now forbidden within a SECURITY DEFINER context. [CVE-2007-6600] - Suitably crafted regular-expression patterns could cause crashes, infinite or near-infinite looping, and/or massive memory consumption, all of which pose denial-of-service hazards for applications th