========================================= Sat, 12 Apr 2008 - Debian 3.1r8 released ========================================= oldstable/main/binary-sparc/libxine-dev_1.0.1-1sarge7_sparc.deb oldstable/main/binary-sparc/libxine1_1.0.1-1sarge7_sparc.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-s390/libxine1_1.0.1-1sarge7_s390.deb oldstable/main/binary-s390/libxine-dev_1.0.1-1sarge7_s390.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-powerpc/libxine-dev_1.0.1-1sarge7_powerpc.deb oldstable/main/binary-powerpc/libxine1_1.0.1-1sarge7_powerpc.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-mipsel/libxine1_1.0.1-1sarge7_mipsel.deb oldstable/main/binary-mipsel/libxine-dev_1.0.1-1sarge7_mipsel.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-mips/libxine1_1.0.1-1sarge7_mips.deb oldstable/main/binary-mips/libxine-dev_1.0.1-1sarge7_mips.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-m68k/libxine-dev_1.0.1-1sarge7_m68k.deb oldstable/main/binary-m68k/libxine1_1.0.1-1sarge7_m68k.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-ia64/libxine-dev_1.0.1-1sarge7_ia64.deb oldstable/main/binary-ia64/libxine1_1.0.1-1sarge7_ia64.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-hppa/libxine1_1.0.1-1sarge7_hppa.deb oldstable/main/binary-hppa/libxine-dev_1.0.1-1sarge7_hppa.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-arm/libxine1_1.0.1-1sarge7_arm.deb oldstable/main/binary-arm/libxine-dev_1.0.1-1sarge7_arm.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-amd64/libxine-dev_1.0.1-1sarge7_amd64.deb oldstable/main/binary-amd64/libxine1_1.0.1-1sarge7_amd64.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-alpha/libxine-dev_1.0.1-1sarge7_alpha.deb oldstable/main/binary-alpha/libxine1_1.0.1-1sarge7_alpha.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/source/xine-lib_1.0.1-1sarge7.diff.gz oldstable/main/source/xine-lib_1.0.1-1sarge7.dsc oldstable/main/binary-i386/libxine-dev_1.0.1-1sarge7_i386.deb oldstable/main/binary-i386/libxine1_1.0.1-1sarge7_i386.deb xine-lib (1.0.1-1sarge7) oldstable-security; urgency=high * Security bug fixes: - CVE-2007-1246, CVE-2007-1387: DirectShow video decoder opening functions (used with some Win32 codecs), fail to set biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. - CVE-2008-1161: Buffer overflow which may allow remote attackers to crash the program and/or execute arbitrary code via a crafted Matroska file. - CVE-2008-0073: Array indexing vulnerability in Real SDP parsing. - Not applicable: + CVE-2008-0486: affected code is not present. + CVE-2008-1110: significantly different code. * Backport an SDP parser check for stream identifier before stream count. * Add myself to Uploaders, mainly to keep lintian quiet. oldstable/main/binary-sparc/libxpm4_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libx11-6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xserver-common_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxaw7_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxmuu1_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxext-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libdps-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libx11-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xfs_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xutils_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-dri_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxext6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxi-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxtrap6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxi6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxv1_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxext6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libice6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxtst6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxp6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibosmesa-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/proxymngr_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libsm-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/x-window-system-core_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libice6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxt6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxmu6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/lbxproxy_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libdps1-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xmh_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxmuu-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxmu-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxv-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxp-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/twm_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxtst-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xterm_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxp6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xvfb_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xbase-clients_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libdps1_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa3_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libsm6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxt-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xserver-xfree86_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xdm_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxrandr2_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxaw6-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxft1-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxt6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxft1_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxi6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibosmesa4_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libsm6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxaw6_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxpm-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxaw7-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxv1-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxrandr-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xfwp_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libice-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/x-window-system-dev_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/xnest_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_sparc.deb oldstable/main/binary-sparc/libxtrap-dev_4.3.0.dfsg.1-14sarge7_sparc.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-s390/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libdps-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxv1_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxext-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/x-window-system-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxp-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libdps1_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xbase-clients_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/twm_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxext6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xterm_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxi6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxmu-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/x-window-system-core_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibmesa3_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxmu6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxft1-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxtst6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxpm-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xutils_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libx11-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xmh_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxaw6-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxv1-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xserver-common_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libice6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxp6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxtrap-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libice-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxmuu1_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxpm4_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libsm-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libsm6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxtrap6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxrandr-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxext6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xnest_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxt-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxi6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxaw7_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libdps1-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxtst-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxrandr2_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xvfb_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxp6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxt6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxv-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xfs_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libice6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxt6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xdm_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libsm6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xfwp_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxmuu-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/lbxproxy_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxi-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxft1_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxaw7-dev_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libx11-6_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/proxymngr_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_s390.deb oldstable/main/binary-s390/libxaw6_4.3.0.dfsg.1-14sarge7_s390.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-powerpc/xmh_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxft1-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxmuu1_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/proxymngr_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxmu6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libx11-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xutils_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibosmesa-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/x-window-system-core_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libice-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxaw7-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libdps1-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxrandr-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxpm4_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xnest_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa3_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/x-window-system-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxi6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libsm6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxext6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxrandr2_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxtst-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/lbxproxy_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xdm_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxft1_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xterm_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxpm-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xvfb_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/twm_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxi-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xbase-clients_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxaw6-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xfwp_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libice6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxext6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xfs_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxv1_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxaw6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libsm-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxt-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxv-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-dri_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xserver-common_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxaw7_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libsm6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libx11-6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxp6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxmuu-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxp6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxt6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxtrap6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libdps-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxi6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxp-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxt6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xserver-xfree86_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxtst6_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxv1-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libice6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibosmesa4_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxext-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxtrap-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libdps1_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libxmu-dev_4.3.0.dfsg.1-14sarge7_powerpc.deb oldstable/main/binary-powerpc/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_powerpc.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-mipsel/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxaw6-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xserver-common_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libsm6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxft1-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxpm-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/x-window-system-core_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxft1_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxp6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxpm4_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xmh_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxp-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxmuu-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xfs_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xterm_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libice6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxtrap6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xnest_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libx11-6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libdps1_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xdm_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxrandr-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxext6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libx11-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxi6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xfwp_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxaw7_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxmu6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxv-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xbase-clients_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/twm_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/lbxproxy_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxv1-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxp6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxi6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibmesa3_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xserver-xfree86_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libice6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxtst6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxt-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xutils_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libsm6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxaw6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xvfb_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxi-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxt6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libdps-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/proxymngr_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/x-window-system-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxv1_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxaw7-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxmu-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxt6_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxmuu1_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxtrap-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libice-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libsm-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxrandr2_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxext-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libdps1-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxtst-dev_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_mipsel.deb oldstable/main/binary-mipsel/libxext6-dbg_4.3.0.dfsg.1-14sarge7_mipsel.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-mips/libxmu6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxext-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libdps-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/twm_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xdm_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxmuu-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxp6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxext6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxaw6-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxi6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxt-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxt6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xserver-common_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xbase-clients_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxtst6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxft1-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xmh_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxp-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libice6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/x-window-system-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxv1-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxmuu1_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libx11-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libsm6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxp6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xutils_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libdps1_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xfs_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxi6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xterm_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxv-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxpm-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxft1_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libdps1-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xserver-xfree86_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/proxymngr_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libsm6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxext6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xfwp_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxaw6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/x-window-system-core_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xnest_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxmu-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxrandr-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxaw7-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxv1_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxaw7_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxrandr2_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/lbxproxy_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxt6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libsm-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxtrap-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libice-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libice6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xvfb_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxtrap6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxtst-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libx11-6_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxi-dev_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/libxpm4_4.3.0.dfsg.1-14sarge7_mips.deb oldstable/main/binary-mips/xlibmesa3_4.3.0.dfsg.1-14sarge7_mips.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-m68k/libsm6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/proxymngr_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/x-window-system-core_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libice-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxv1-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxrandr-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xserver-xfree86_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libsm6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxv-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxp6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/twm_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxi6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xbase-clients_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxmuu-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xterm_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxtst-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xserver-common_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xvfb_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibmesa3_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xdm_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxtrap6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xfwp_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxt-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxrandr2_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxmu-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxft1-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libdps1_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxaw7-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxt6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xfs_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxmuu1_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libx11-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/lbxproxy_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxt6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxext6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxp-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libdps-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xutils_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxpm-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libice6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxmu6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxext6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxaw6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libsm-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxaw7_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxp6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxi-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libx11-6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxv1_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/x-window-system-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxext-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxft1_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libice6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxtrap-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxpm4_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxi6-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libdps1-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxaw6-dev_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xmh_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxtst6_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_m68k.deb oldstable/main/binary-m68k/xnest_4.3.0.dfsg.1-14sarge7_m68k.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-ia64/xutils_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxext-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxaw6-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxmuu-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxft1_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxext6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxp6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxp6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libsm-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libdps1-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libdps1_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibosmesa4_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libx11-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xbase-clients_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxi6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-dri_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libdps-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/twm_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xdm_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/x-window-system-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxp-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxaw7-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxext6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxv-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxaw7_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibosmesa-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxtst6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxv1-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libx11-6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxi6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxmu-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxpm-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/x-window-system-core_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xterm_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libice6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libsm6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/lbxproxy_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/proxymngr_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxtrap-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libice-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxrandr2_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxt-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxft1-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxi-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxmuu1_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxpm4_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxrandr-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxv1_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xnest_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libice6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xserver-xfree86_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxmu6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxaw6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxtrap6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xfwp_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxtst-dev_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxt6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xmh_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xvfb_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xlibmesa3_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libxt6_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xserver-common_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/libsm6-dbg_4.3.0.dfsg.1-14sarge7_ia64.deb oldstable/main/binary-ia64/xfs_4.3.0.dfsg.1-14sarge7_ia64.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-hppa/libxi6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxaw7-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxpm4_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xfs_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxft1_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxt-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xterm_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxext6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xmh_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxaw6-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxext6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxi6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxt6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxv-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libsm6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxmuu1_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libsm-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libx11-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xutils_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxp-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxaw7_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxv1_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xdm_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxft1-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxt6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibmesa3_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxp6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxv1-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxmuu-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libx11-6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/x-window-system-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libdps-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxi-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libsm6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/proxymngr_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xserver-xfree86_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxaw6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxext-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xfwp_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxtst6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxtrap6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxmu-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libdps1-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libice6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxp6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxrandr-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxrandr2_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxmu6_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xnest_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libice6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxtrap-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/x-window-system-core_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libice-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxpm-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xserver-common_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libxtst-dev_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xvfb_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/twm_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/lbxproxy_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/libdps1_4.3.0.dfsg.1-14sarge7_hppa.deb oldstable/main/binary-hppa/xbase-clients_4.3.0.dfsg.1-14sarge7_hppa.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-arm/libxi6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxext-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xmh_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxt6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxtst6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libdps1_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxmuu-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/twm_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxext6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibmesa3_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xbase-clients_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxp6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxmuu1_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxv-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xdm_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxaw6-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxv1_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxft1_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxp-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/proxymngr_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxft1-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxtrap6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libx11-6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libsm6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxmu-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/lbxproxy_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xfs_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xnest_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxi6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxrandr-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libdps-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libsm-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xutils_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxaw7_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xserver-xfree86_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libx11-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxi-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxaw6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xvfb_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxaw7-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xfwp_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxtst-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xterm_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libice6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/x-window-system-core_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libdps1-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxp6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxrandr2_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/x-window-system-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libsm6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libice6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxmu6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xserver-common_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxv1-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxpm4_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxt6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxt-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxpm-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxtrap-dev_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libxext6_4.3.0.dfsg.1-14sarge7_arm.deb oldstable/main/binary-arm/libice-dev_4.3.0.dfsg.1-14sarge7_arm.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-amd64/libxaw6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libice6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xfwp_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xvfb_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxrandr2_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libx11-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xutils_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxmu6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libx11-6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxtst-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-dri_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxv1-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xbase-clients_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxi6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/x-window-system-core_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/twm_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxext6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxft1-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibosmesa-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libsm6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/x-window-system-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxp-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxpm4_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxi6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxft1_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibosmesa4_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xnest_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxext-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxext6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxrandr-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libsm6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libice-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxtrap-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xdm_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libice6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxtrap6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xmh_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libsm-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxv-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxt-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxaw7_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/lbxproxy_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxmuu1_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxaw6-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libdps1-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xserver-common_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxp6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxt6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxt6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxi-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libdps-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxpm-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa3_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxaw7-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xfs_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/proxymngr_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxtst6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxp6_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxmuu-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxv1_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libxmu-dev_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/libdps1_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xterm_4.3.0.dfsg.1-14sarge7_amd64.deb oldstable/main/binary-amd64/xserver-xfree86_4.3.0.dfsg.1-14sarge7_amd64.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-alpha/libxft1-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xnest_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xfwp_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxrandr-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxaw6-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxt6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libdps-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxaw7-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxtst6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xvfb_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libsm6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxtst-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libdps1_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xdm_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xutils_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxext6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libx11-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxv1_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxaw6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xfs_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libx11-6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libice6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libsm-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xterm_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxv1-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libdps1-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxp6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxp6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxrandr2_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libice-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxtrap-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxt-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xbase-clients_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxpm4_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxi-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libice6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxtrap6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/x-window-system-core_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/x-window-system-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibosmesa-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxft1_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxmuu-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/twm_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxi6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxmu-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxext6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxi6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxp-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibosmesa4_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxmu6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxv-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxt6_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xmh_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxext-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxaw7_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/lbxproxy_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xserver-common_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/proxymngr_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libsm6-dbg_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa-dri_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxpm-dev_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xserver-xfree86_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/xlibmesa3_4.3.0.dfsg.1-14sarge7_alpha.deb oldstable/main/binary-alpha/libxmuu1_4.3.0.dfsg.1-14sarge7_alpha.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-i386/libxmuu-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxtst6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libice6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxp6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xfree86-common_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libxtrap6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxtrap6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xlibs_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libsm6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxrandr2_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxmu-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxaw7-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxpm4_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxmuu1-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxv1_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xserver-xfree86_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxv1-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxaw6-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libx11-6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxaw6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxmu6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xfwp_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xfonts-base_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libx11-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xlibmesa3-dbg_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-all/xfonts-75dpi_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/xutils_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/x-window-system_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/proxymngr_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa-gl-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xlibs-dbg_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-all/xfonts-base-transcoded_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libxi-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libdps-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxt6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxrandr2-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxmuu1_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libdps1-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xserver-xfree86-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxp6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xnest_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxext6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xfonts-scalable_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libxt6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxrandr-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxpm-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xlibs-data_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libxi6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxmu6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xdm_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xterm_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa-gl-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/x-dev_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-all/pm-dev_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/xlibmesa-glu-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxaw7_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xlibs-pic_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-all/xfonts-75dpi-transcoded_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/xlibosmesa4_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xfonts-100dpi_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libdps1_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/source/xfree86_4.3.0.dfsg.1-14sarge7.dsc oldstable/main/binary-i386/xlibs-static-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libsm-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libsm6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxv-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libice-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxtrap-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxt-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxpm4-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/lbxproxy_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xmh_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxtst6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xvfb_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/source/xfree86_4.3.0.dfsg.1-14sarge7.diff.gz oldstable/main/binary-i386/libxi6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xspecs_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libx11-6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xbase-clients_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xfs_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa-glu-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxft1_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xserver-common_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xlibs-dev_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/xlibs-static-pic_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxext6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibosmesa-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/twm_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/x-window-system-core_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxft1-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa3_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa-dri-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xfonts-100dpi-transcoded_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libice6_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxaw6-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibosmesa4-dbg_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xfonts-cyrillic_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libxp-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/x-window-system-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxext-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa-gl_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-all/xlibmesa-dev_4.3.0.dfsg.1-14sarge7_all.deb oldstable/main/binary-i386/libxaw7-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/libxtst-dev_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa-glu_4.3.0.dfsg.1-14sarge7_i386.deb oldstable/main/binary-i386/xlibmesa-dri_4.3.0.dfsg.1-14sarge7_i386.deb xfree86 (4.3.0.dfsg.1-14sarge7) oldstable-security; urgency=high * Fix regression introduced in -14sarge6 by the MIT-SHM security patch (closes: #461410). oldstable/main/binary-sparc/wzdftpd-back-mysql_0.5.2-1.1sarge3_sparc.deb oldstable/main/binary-sparc/wzdftpd_0.5.2-1.1sarge3_sparc.deb oldstable/main/binary-sparc/wzdftpd-mod-perl_0.5.2-1.1sarge3_sparc.deb oldstable/main/binary-sparc/wzdftpd-mod-tcl_0.5.2-1.1sarge3_sparc.deb oldstable/main/binary-sparc/wzdftpd-dev_0.5.2-1.1sarge3_sparc.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-s390/wzdftpd-back-mysql_0.5.2-1.1sarge3_s390.deb oldstable/main/binary-s390/wzdftpd-mod-perl_0.5.2-1.1sarge3_s390.deb oldstable/main/binary-s390/wzdftpd-dev_0.5.2-1.1sarge3_s390.deb oldstable/main/binary-s390/wzdftpd-mod-tcl_0.5.2-1.1sarge3_s390.deb oldstable/main/binary-s390/wzdftpd_0.5.2-1.1sarge3_s390.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-powerpc/wzdftpd_0.5.2-1.1sarge3_powerpc.deb oldstable/main/binary-powerpc/wzdftpd-mod-perl_0.5.2-1.1sarge3_powerpc.deb oldstable/main/binary-powerpc/wzdftpd-mod-tcl_0.5.2-1.1sarge3_powerpc.deb oldstable/main/binary-powerpc/wzdftpd-dev_0.5.2-1.1sarge3_powerpc.deb oldstable/main/binary-powerpc/wzdftpd-back-mysql_0.5.2-1.1sarge3_powerpc.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-mipsel/wzdftpd-mod-tcl_0.5.2-1.1sarge3_mipsel.deb oldstable/main/binary-mipsel/wzdftpd-back-mysql_0.5.2-1.1sarge3_mipsel.deb oldstable/main/binary-mipsel/wzdftpd_0.5.2-1.1sarge3_mipsel.deb oldstable/main/binary-mipsel/wzdftpd-dev_0.5.2-1.1sarge3_mipsel.deb oldstable/main/binary-mipsel/wzdftpd-mod-perl_0.5.2-1.1sarge3_mipsel.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-mips/wzdftpd-back-mysql_0.5.2-1.1sarge3_mips.deb oldstable/main/binary-mips/wzdftpd-mod-tcl_0.5.2-1.1sarge3_mips.deb oldstable/main/binary-mips/wzdftpd-mod-perl_0.5.2-1.1sarge3_mips.deb oldstable/main/binary-mips/wzdftpd_0.5.2-1.1sarge3_mips.deb oldstable/main/binary-mips/wzdftpd-dev_0.5.2-1.1sarge3_mips.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-m68k/wzdftpd-back-mysql_0.5.2-1.1sarge3_m68k.deb oldstable/main/binary-m68k/wzdftpd-mod-tcl_0.5.2-1.1sarge3_m68k.deb oldstable/main/binary-m68k/wzdftpd-dev_0.5.2-1.1sarge3_m68k.deb oldstable/main/binary-m68k/wzdftpd_0.5.2-1.1sarge3_m68k.deb oldstable/main/binary-m68k/wzdftpd-mod-perl_0.5.2-1.1sarge3_m68k.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-ia64/wzdftpd-dev_0.5.2-1.1sarge3_ia64.deb oldstable/main/binary-ia64/wzdftpd_0.5.2-1.1sarge3_ia64.deb oldstable/main/binary-ia64/wzdftpd-mod-tcl_0.5.2-1.1sarge3_ia64.deb oldstable/main/binary-ia64/wzdftpd-back-mysql_0.5.2-1.1sarge3_ia64.deb oldstable/main/binary-ia64/wzdftpd-mod-perl_0.5.2-1.1sarge3_ia64.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-hppa/wzdftpd-back-mysql_0.5.2-1.1sarge3_hppa.deb oldstable/main/binary-hppa/wzdftpd-dev_0.5.2-1.1sarge3_hppa.deb oldstable/main/binary-hppa/wzdftpd_0.5.2-1.1sarge3_hppa.deb oldstable/main/binary-hppa/wzdftpd-mod-perl_0.5.2-1.1sarge3_hppa.deb oldstable/main/binary-hppa/wzdftpd-mod-tcl_0.5.2-1.1sarge3_hppa.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-arm/wzdftpd-back-mysql_0.5.2-1.1sarge3_arm.deb oldstable/main/binary-arm/wzdftpd-dev_0.5.2-1.1sarge3_arm.deb oldstable/main/binary-arm/wzdftpd-mod-tcl_0.5.2-1.1sarge3_arm.deb oldstable/main/binary-arm/wzdftpd-mod-perl_0.5.2-1.1sarge3_arm.deb oldstable/main/binary-arm/wzdftpd_0.5.2-1.1sarge3_arm.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-amd64/wzdftpd-mod-perl_0.5.2-1.1sarge3_amd64.deb oldstable/main/binary-amd64/wzdftpd-dev_0.5.2-1.1sarge3_amd64.deb oldstable/main/binary-amd64/wzdftpd_0.5.2-1.1sarge3_amd64.deb oldstable/main/binary-amd64/wzdftpd-mod-tcl_0.5.2-1.1sarge3_amd64.deb oldstable/main/binary-amd64/wzdftpd-back-mysql_0.5.2-1.1sarge3_amd64.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-alpha/wzdftpd-dev_0.5.2-1.1sarge3_alpha.deb oldstable/main/binary-alpha/wzdftpd-back-mysql_0.5.2-1.1sarge3_alpha.deb oldstable/main/binary-alpha/wzdftpd-mod-perl_0.5.2-1.1sarge3_alpha.deb oldstable/main/binary-alpha/wzdftpd_0.5.2-1.1sarge3_alpha.deb oldstable/main/binary-alpha/wzdftpd-mod-tcl_0.5.2-1.1sarge3_alpha.deb wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-i386/wzdftpd_0.5.2-1.1sarge3_i386.deb oldstable/main/source/wzdftpd_0.5.2-1.1sarge3.diff.gz oldstable/main/binary-i386/wzdftpd-mod-tcl_0.5.2-1.1sarge3_i386.deb oldstable/main/binary-i386/wzdftpd-mod-perl_0.5.2-1.1sarge3_i386.deb oldstable/main/binary-i386/wzdftpd-dev_0.5.2-1.1sarge3_i386.deb oldstable/main/binary-i386/wzdftpd-back-mysql_0.5.2-1.1sarge3_i386.deb oldstable/main/source/wzdftpd_0.5.2-1.1sarge3.dsc wzdftpd (0.5.2-1.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport patch to fix off-by-one in wzd_ClientThread.c which leads to a remote denial of service vulnerability Fixes: CVE-2007-5300 oldstable/main/binary-m68k/wesnoth-server_0.9.0-8_m68k.deb oldstable/main/binary-m68k/wesnoth-editor_0.9.0-8_m68k.deb oldstable/main/binary-m68k/wesnoth_0.9.0-8_m68k.deb wesnoth (0.9.0-8) oldstable; urgency=low * Remove WML turn_cmd which can lead to forking yes and through that 100% CPU usage and stdout filling [CVE-2007-6201]. Patch 05_CVE-2007-6201 was pulled from upstream svn (revision 21907). oldstable/main/binary-arm/wesnoth-editor_0.9.0-8_arm.deb oldstable/main/binary-arm/wesnoth_0.9.0-8_arm.deb oldstable/main/binary-arm/wesnoth-server_0.9.0-8_arm.deb wesnoth (0.9.0-8) oldstable; urgency=low * Remove WML turn_cmd which can lead to forking yes and through that 100% CPU usage and stdout filling [CVE-2007-6201]. Patch 05_CVE-2007-6201 was pulled from upstream svn (revision 21907). oldstable/main/binary-sparc/mount_2.12p-4sarge2_sparc.deb oldstable/main/binary-sparc/util-linux_2.12p-4sarge2_sparc.deb oldstable/main/binary-sparc/fdisk-udeb_2.12p-4sarge2_sparc.udeb oldstable/main/binary-sparc/bsdutils_2.12p-4sarge2_sparc.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-s390/util-linux_2.12p-4sarge2_s390.deb oldstable/main/binary-s390/mount_2.12p-4sarge2_s390.deb oldstable/main/binary-s390/fdisk-udeb_2.12p-4sarge2_s390.udeb oldstable/main/binary-s390/bsdutils_2.12p-4sarge2_s390.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-powerpc/mount_2.12p-4sarge2_powerpc.deb oldstable/main/binary-powerpc/fdisk-udeb_2.12p-4sarge2_powerpc.udeb oldstable/main/binary-powerpc/util-linux_2.12p-4sarge2_powerpc.deb oldstable/main/binary-powerpc/bsdutils_2.12p-4sarge2_powerpc.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-mipsel/fdisk-udeb_2.12p-4sarge2_mipsel.udeb oldstable/main/binary-mipsel/mount_2.12p-4sarge2_mipsel.deb oldstable/main/binary-mipsel/util-linux_2.12p-4sarge2_mipsel.deb oldstable/main/binary-mipsel/bsdutils_2.12p-4sarge2_mipsel.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-mips/mount_2.12p-4sarge2_mips.deb oldstable/main/binary-mips/util-linux_2.12p-4sarge2_mips.deb oldstable/main/binary-mips/fdisk-udeb_2.12p-4sarge2_mips.udeb oldstable/main/binary-mips/bsdutils_2.12p-4sarge2_mips.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-m68k/mount_2.12p-4sarge2_m68k.deb oldstable/main/binary-m68k/bsdutils_2.12p-4sarge2_m68k.deb oldstable/main/binary-m68k/util-linux_2.12p-4sarge2_m68k.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-ia64/util-linux_2.12p-4sarge2_ia64.deb oldstable/main/binary-ia64/fdisk-udeb_2.12p-4sarge2_ia64.udeb oldstable/main/binary-ia64/mount_2.12p-4sarge2_ia64.deb oldstable/main/binary-ia64/bsdutils_2.12p-4sarge2_ia64.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-hppa/util-linux_2.12p-4sarge2_hppa.deb oldstable/main/binary-hppa/fdisk-udeb_2.12p-4sarge2_hppa.udeb oldstable/main/binary-hppa/mount_2.12p-4sarge2_hppa.deb oldstable/main/binary-hppa/bsdutils_2.12p-4sarge2_hppa.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-arm/util-linux_2.12p-4sarge2_arm.deb oldstable/main/binary-arm/bsdutils_2.12p-4sarge2_arm.deb oldstable/main/binary-arm/fdisk-udeb_2.12p-4sarge2_arm.udeb oldstable/main/binary-arm/mount_2.12p-4sarge2_arm.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-alpha/util-linux_2.12p-4sarge2_alpha.deb oldstable/main/binary-alpha/mount_2.12p-4sarge2_alpha.deb oldstable/main/binary-alpha/fdisk-udeb_2.12p-4sarge2_alpha.udeb oldstable/main/binary-alpha/bsdutils_2.12p-4sarge2_alpha.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/source/util-linux_2.12p-4sarge2.dsc oldstable/main/binary-i386/fdisk-udeb_2.12p-4sarge2_i386.udeb oldstable/main/binary-i386/util-linux_2.12p-4sarge2_i386.deb oldstable/main/binary-i386/mount_2.12p-4sarge2_i386.deb oldstable/main/source/util-linux_2.12p-4sarge2.diff.gz oldstable/main/binary-i386/bsdutils_2.12p-4sarge2_i386.deb oldstable/main/binary-all/util-linux-locales_2.12p-4sarge2_all.deb util-linux (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-sparc/unzip_5.52-1sarge5_sparc.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-s390/unzip_5.52-1sarge5_s390.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-powerpc/unzip_5.52-1sarge5_powerpc.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-mipsel/unzip_5.52-1sarge5_mipsel.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-mips/unzip_5.52-1sarge5_mips.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-m68k/unzip_5.52-1sarge5_m68k.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-ia64/unzip_5.52-1sarge5_ia64.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-hppa/unzip_5.52-1sarge5_hppa.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-arm/unzip_5.52-1sarge5_arm.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-amd64/unzip_5.52-1sarge5_amd64.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/binary-alpha/unzip_5.52-1sarge5_alpha.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/main/source/unzip_5.52-1sarge5.dsc oldstable/main/source/unzip_5.52-1sarge5.diff.gz oldstable/main/binary-i386/unzip_5.52-1sarge5_i386.deb unzip (5.52-1sarge5) oldstable-security; urgency=high * Apply patch from Tavis Ormandy to address invalid free() calls in the inflate_dynamic() function (CVE-2008-0888). oldstable/non-free/binary-sparc/unrar_3.5.2-0.2_sparc.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-s390/unrar_3.5.2-0.2_s390.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-powerpc/unrar_3.5.2-0.2_powerpc.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-mipsel/unrar_3.5.2-0.2_mipsel.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-mips/unrar_3.5.2-0.2_mips.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-m68k/unrar_3.5.2-0.2_m68k.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-ia64/unrar_3.5.2-0.2_ia64.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-hppa/unrar_3.5.2-0.2_hppa.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-arm/unrar_3.5.2-0.2_arm.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-alpha/unrar_3.5.2-0.2_alpha.deb unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/non-free/binary-i386/unrar_3.5.2-0.2_i386.deb oldstable/non-free/source/unrar-nonfree_3.5.2-0.2.dsc oldstable/non-free/source/unrar-nonfree_3.5.2-0.2.diff.gz unrar-nonfree (1:3.5.2-0.2) oldstable; urgency=low * Non-maintainer upload. * Fix CVE-2007-0855: stack based buffer overflow (Closes: #410580). oldstable/main/source/turba2_2.0.2-1sarge1.dsc oldstable/main/source/turba2_2.0.2-1sarge1.diff.gz oldstable/main/binary-all/turba2_2.0.2-1sarge1_all.deb turba2 (2.0.2-1sarge1) oldstable-security; urgency=high * Fix unchecked access to contacts in the same SQL table, if the unique key of another user's contact can be guessed. See CVE-2008-0807 for more informations. (Closes: #464058) * Fix privilege escalation in Horde API. * Close several XSS vulnerabilities with address book and contact data. oldstable/main/binary-sparc/tk8.4_8.4.9-1sarge2_sparc.deb oldstable/main/binary-sparc/tk8.4-dev_8.4.9-1sarge2_sparc.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-s390/tk8.4-dev_8.4.9-1sarge2_s390.deb oldstable/main/binary-s390/tk8.4_8.4.9-1sarge2_s390.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-powerpc/tk8.4_8.4.9-1sarge2_powerpc.deb oldstable/main/binary-powerpc/tk8.4-dev_8.4.9-1sarge2_powerpc.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-mipsel/tk8.4-dev_8.4.9-1sarge2_mipsel.deb oldstable/main/binary-mipsel/tk8.4_8.4.9-1sarge2_mipsel.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-mips/tk8.4-dev_8.4.9-1sarge2_mips.deb oldstable/main/binary-mips/tk8.4_8.4.9-1sarge2_mips.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-m68k/tk8.4-dev_8.4.9-1sarge2_m68k.deb oldstable/main/binary-m68k/tk8.4_8.4.9-1sarge2_m68k.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-ia64/tk8.4-dev_8.4.9-1sarge2_ia64.deb oldstable/main/binary-ia64/tk8.4_8.4.9-1sarge2_ia64.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-hppa/tk8.4-dev_8.4.9-1sarge2_hppa.deb oldstable/main/binary-hppa/tk8.4_8.4.9-1sarge2_hppa.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-arm/tk8.4-dev_8.4.9-1sarge2_arm.deb oldstable/main/binary-arm/tk8.4_8.4.9-1sarge2_arm.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-amd64/tk8.4-dev_8.4.9-1sarge2_amd64.deb oldstable/main/binary-amd64/tk8.4_8.4.9-1sarge2_amd64.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-alpha/tk8.4-dev_8.4.9-1sarge2_alpha.deb oldstable/main/binary-alpha/tk8.4_8.4.9-1sarge2_alpha.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-all/tk8.4-doc_8.4.9-1sarge2_all.deb oldstable/main/binary-i386/tk8.4_8.4.9-1sarge2_i386.deb oldstable/main/source/tk8.4_8.4.9-1sarge2.dsc oldstable/main/source/tk8.4_8.4.9-1sarge2.diff.gz oldstable/main/binary-i386/tk8.4-dev_8.4.9-1sarge2_i386.deb tk8.4 (8.4.9-1sarge2) oldstable-security; urgency=high * Fix CVE-2008-0553 oldstable/main/binary-sparc/tk8.3_8.3.5-4sarge1_sparc.deb oldstable/main/binary-sparc/tk8.3-dev_8.3.5-4sarge1_sparc.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-s390/tk8.3_8.3.5-4sarge1_s390.deb oldstable/main/binary-s390/tk8.3-dev_8.3.5-4sarge1_s390.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-powerpc/tk8.3_8.3.5-4sarge1_powerpc.deb oldstable/main/binary-powerpc/tk8.3-dev_8.3.5-4sarge1_powerpc.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-mipsel/tk8.3_8.3.5-4sarge1_mipsel.deb oldstable/main/binary-mipsel/tk8.3-dev_8.3.5-4sarge1_mipsel.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-mips/tk8.3-dev_8.3.5-4sarge1_mips.deb oldstable/main/binary-mips/tk8.3_8.3.5-4sarge1_mips.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-m68k/tk8.3-dev_8.3.5-4sarge1_m68k.deb oldstable/main/binary-m68k/tk8.3_8.3.5-4sarge1_m68k.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-ia64/tk8.3-dev_8.3.5-4sarge1_ia64.deb oldstable/main/binary-ia64/tk8.3_8.3.5-4sarge1_ia64.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-hppa/tk8.3_8.3.5-4sarge1_hppa.deb oldstable/main/binary-hppa/tk8.3-dev_8.3.5-4sarge1_hppa.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-arm/tk8.3-dev_8.3.5-4sarge1_arm.deb oldstable/main/binary-arm/tk8.3_8.3.5-4sarge1_arm.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-amd64/tk8.3_8.3.5-4sarge1_amd64.deb oldstable/main/binary-amd64/tk8.3-dev_8.3.5-4sarge1_amd64.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-alpha/tk8.3-dev_8.3.5-4sarge1_alpha.deb oldstable/main/binary-alpha/tk8.3_8.3.5-4sarge1_alpha.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/source/tk8.3_8.3.5-4sarge1.dsc oldstable/main/binary-i386/tk8.3_8.3.5-4sarge1_i386.deb oldstable/main/source/tk8.3_8.3.5-4sarge1.diff.gz oldstable/main/binary-i386/tk8.3-dev_8.3.5-4sarge1_i386.deb oldstable/main/binary-all/tk8.3-doc_8.3.5-4sarge1_all.deb tk8.3 (8.3.5-4sarge1) oldstable-security; urgency=high * Fix CVE-2008-0553. oldstable/main/binary-sparc/tar_1.14-2.4_sparc.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-s390/tar_1.14-2.4_s390.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-powerpc/tar_1.14-2.4_powerpc.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-mipsel/tar_1.14-2.4_mipsel.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-mips/tar_1.14-2.4_mips.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-m68k/tar_1.14-2.4_m68k.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-ia64/tar_1.14-2.4_ia64.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-hppa/tar_1.14-2.4_hppa.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-arm/tar_1.14-2.4_arm.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-amd64/tar_1.14-2.4_amd64.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-alpha/tar_1.14-2.4_alpha.deb tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-i386/tar_1.14-2.4_i386.deb oldstable/main/source/tar_1.14-2.4.dsc oldstable/main/source/tar_1.14-2.4.diff.gz tar (1.14-2.4) oldstable-security; urgency=high * Non-maintainer upload by the security team * Apply patch from Dmitry V. Levin to avoid a stack-based buffer overflow while processing certain file names (CVE-2007-4476). Closes: #441444. * Apply patch from Dmitry V. Levin to fix double-dot recognition in case of duplicate / (CVE-2007-4131). Closes: #439335. oldstable/main/binary-sparc/libsword4_1.5.7-7sarge1_sparc.deb oldstable/main/binary-sparc/libsword-dev_1.5.7-7sarge1_sparc.deb oldstable/main/binary-sparc/diatheke_1.5.7-7sarge1_sparc.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-s390/diatheke_1.5.7-7sarge1_s390.deb oldstable/main/binary-s390/libsword4_1.5.7-7sarge1_s390.deb oldstable/main/binary-s390/libsword-dev_1.5.7-7sarge1_s390.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-powerpc/libsword4_1.5.7-7sarge1_powerpc.deb oldstable/main/binary-powerpc/diatheke_1.5.7-7sarge1_powerpc.deb oldstable/main/binary-powerpc/libsword-dev_1.5.7-7sarge1_powerpc.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-mipsel/diatheke_1.5.7-7sarge1_mipsel.deb oldstable/main/binary-mipsel/libsword4_1.5.7-7sarge1_mipsel.deb oldstable/main/binary-mipsel/libsword-dev_1.5.7-7sarge1_mipsel.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-mips/diatheke_1.5.7-7sarge1_mips.deb oldstable/main/binary-mips/libsword4_1.5.7-7sarge1_mips.deb oldstable/main/binary-mips/libsword-dev_1.5.7-7sarge1_mips.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-m68k/libsword4_1.5.7-7sarge1_m68k.deb oldstable/main/binary-m68k/diatheke_1.5.7-7sarge1_m68k.deb oldstable/main/binary-m68k/libsword-dev_1.5.7-7sarge1_m68k.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-ia64/libsword4_1.5.7-7sarge1_ia64.deb oldstable/main/binary-ia64/diatheke_1.5.7-7sarge1_ia64.deb oldstable/main/binary-ia64/libsword-dev_1.5.7-7sarge1_ia64.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-hppa/diatheke_1.5.7-7sarge1_hppa.deb oldstable/main/binary-hppa/libsword4_1.5.7-7sarge1_hppa.deb oldstable/main/binary-hppa/libsword-dev_1.5.7-7sarge1_hppa.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-arm/diatheke_1.5.7-7sarge1_arm.deb oldstable/main/binary-arm/libsword-dev_1.5.7-7sarge1_arm.deb oldstable/main/binary-arm/libsword4_1.5.7-7sarge1_arm.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-amd64/libsword-dev_1.5.7-7sarge1_amd64.deb oldstable/main/binary-amd64/diatheke_1.5.7-7sarge1_amd64.deb oldstable/main/binary-amd64/libsword4_1.5.7-7sarge1_amd64.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-alpha/libsword-dev_1.5.7-7sarge1_alpha.deb oldstable/main/binary-alpha/libsword4_1.5.7-7sarge1_alpha.deb oldstable/main/binary-alpha/diatheke_1.5.7-7sarge1_alpha.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-i386/libsword-dev_1.5.7-7sarge1_i386.deb oldstable/main/source/sword_1.5.7-7sarge1.dsc oldstable/main/binary-i386/diatheke_1.5.7-7sarge1_i386.deb oldstable/main/source/sword_1.5.7-7sarge1.diff.gz oldstable/main/binary-i386/libsword4_1.5.7-7sarge1_i386.deb sword (1.5.7-7sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix remote command execution in diatheke.pl (Closes: #466449) with maintainer-supplied patch. oldstable/main/binary-sparc/squidclient_2.5.9-10sarge5_sparc.deb oldstable/main/binary-sparc/squid_2.5.9-10sarge5_sparc.deb oldstable/main/binary-sparc/squid-cgi_2.5.9-10sarge5_sparc.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-s390/squidclient_2.5.9-10sarge5_s390.deb oldstable/main/binary-s390/squid_2.5.9-10sarge5_s390.deb oldstable/main/binary-s390/squid-cgi_2.5.9-10sarge5_s390.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-powerpc/squid-cgi_2.5.9-10sarge5_powerpc.deb oldstable/main/binary-powerpc/squidclient_2.5.9-10sarge5_powerpc.deb oldstable/main/binary-powerpc/squid_2.5.9-10sarge5_powerpc.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-mipsel/squid-cgi_2.5.9-10sarge5_mipsel.deb oldstable/main/binary-mipsel/squidclient_2.5.9-10sarge5_mipsel.deb oldstable/main/binary-mipsel/squid_2.5.9-10sarge5_mipsel.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-mips/squidclient_2.5.9-10sarge5_mips.deb oldstable/main/binary-mips/squid_2.5.9-10sarge5_mips.deb oldstable/main/binary-mips/squid-cgi_2.5.9-10sarge5_mips.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-m68k/squid_2.5.9-10sarge5_m68k.deb oldstable/main/binary-m68k/squidclient_2.5.9-10sarge5_m68k.deb oldstable/main/binary-m68k/squid-cgi_2.5.9-10sarge5_m68k.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-ia64/squidclient_2.5.9-10sarge5_ia64.deb oldstable/main/binary-ia64/squid-cgi_2.5.9-10sarge5_ia64.deb oldstable/main/binary-ia64/squid_2.5.9-10sarge5_ia64.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-hppa/squid_2.5.9-10sarge5_hppa.deb oldstable/main/binary-hppa/squidclient_2.5.9-10sarge5_hppa.deb oldstable/main/binary-hppa/squid-cgi_2.5.9-10sarge5_hppa.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-arm/squid_2.5.9-10sarge5_arm.deb oldstable/main/binary-arm/squid-cgi_2.5.9-10sarge5_arm.deb oldstable/main/binary-arm/squidclient_2.5.9-10sarge5_arm.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-amd64/squid_2.5.9-10sarge5_amd64.deb oldstable/main/binary-amd64/squidclient_2.5.9-10sarge5_amd64.deb oldstable/main/binary-amd64/squid-cgi_2.5.9-10sarge5_amd64.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-alpha/squid_2.5.9-10sarge5_alpha.deb oldstable/main/binary-alpha/squid-cgi_2.5.9-10sarge5_alpha.deb oldstable/main/binary-alpha/squidclient_2.5.9-10sarge5_alpha.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/binary-i386/squid-cgi_2.5.9-10sarge5_i386.deb oldstable/main/source/squid_2.5.9-10sarge5.diff.gz oldstable/main/binary-i386/squid_2.5.9-10sarge5_i386.deb oldstable/main/source/squid_2.5.9-10sarge5.dsc oldstable/main/binary-all/squid-common_2.5.9-10sarge5_all.deb oldstable/main/binary-i386/squidclient_2.5.9-10sarge5_i386.deb squid (2.5.9-10sarge5) oldstable-security; urgency=low * Doh, build for correct suite oldstable/main/source/smarty_2.6.9-1sarge1.dsc oldstable/main/binary-all/smarty_2.6.9-1sarge1_all.deb oldstable/main/source/smarty_2.6.9-1sarge1.diff.gz smarty (2.6.9-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A \0 character in a search string could be abused to call arbitrary PHP functions via templates. CVE-2008-1066, closes: #469492 oldstable/main/binary-sparc/sing_1.1-9sarge1_sparc.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-s390/sing_1.1-9sarge1_s390.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-powerpc/sing_1.1-9sarge1_powerpc.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-mipsel/sing_1.1-9sarge1_mipsel.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-mips/sing_1.1-9sarge1_mips.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-m68k/sing_1.1-9sarge1_m68k.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-ia64/sing_1.1-9sarge1_ia64.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-hppa/sing_1.1-9sarge1_hppa.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-arm/sing_1.1-9sarge1_arm.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-alpha/sing_1.1-9sarge1_alpha.deb sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/source/sing_1.1-9sarge1.dsc oldstable/main/binary-i386/sing_1.1-9sarge1_i386.deb oldstable/main/source/sing_1.1-9sarge1.diff.gz sing (1.1-9sarge1) oldstable; urgency=low * Patched parser.c to drop privileges when opening log file and running sing SUID. (CVE-2007-6211) Thanks a lot to Nico Golde for the patch. (Closes: #454167) oldstable/main/binary-sparc/libsdl-image1.2_1.2.4-1etch1_sparc.deb oldstable/main/binary-sparc/libsdl-image1.2-dev_1.2.4-1etch1_sparc.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-s390/libsdl-image1.2_1.2.4-1etch1_s390.deb oldstable/main/binary-s390/libsdl-image1.2-dev_1.2.4-1etch1_s390.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-powerpc/libsdl-image1.2-dev_1.2.4-1etch1_powerpc.deb oldstable/main/binary-powerpc/libsdl-image1.2_1.2.4-1etch1_powerpc.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-mipsel/libsdl-image1.2-dev_1.2.4-1etch1_mipsel.deb oldstable/main/binary-mipsel/libsdl-image1.2_1.2.4-1etch1_mipsel.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-mips/libsdl-image1.2_1.2.4-1etch1_mips.deb oldstable/main/binary-mips/libsdl-image1.2-dev_1.2.4-1etch1_mips.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-m68k/libsdl-image1.2-dev_1.2.4-1etch1_m68k.deb oldstable/main/binary-m68k/libsdl-image1.2_1.2.4-1etch1_m68k.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-ia64/libsdl-image1.2_1.2.4-1etch1_ia64.deb oldstable/main/binary-ia64/libsdl-image1.2-dev_1.2.4-1etch1_ia64.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-hppa/libsdl-image1.2_1.2.4-1etch1_hppa.deb oldstable/main/binary-hppa/libsdl-image1.2-dev_1.2.4-1etch1_hppa.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-arm/libsdl-image1.2_1.2.4-1etch1_arm.deb oldstable/main/binary-arm/libsdl-image1.2-dev_1.2.4-1etch1_arm.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-amd64/libsdl-image1.2_1.2.4-1etch1_amd64.deb oldstable/main/binary-amd64/libsdl-image1.2-dev_1.2.4-1etch1_amd64.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-alpha/libsdl-image1.2_1.2.4-1etch1_alpha.deb oldstable/main/binary-alpha/libsdl-image1.2-dev_1.2.4-1etch1_alpha.deb sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-i386/libsdl-image1.2-dev_1.2.4-1etch1_i386.deb oldstable/main/source/sdl-image1.2_1.2.4-1etch1.diff.gz oldstable/main/binary-i386/libsdl-image1.2_1.2.4-1etch1_i386.deb oldstable/main/source/sdl-image1.2_1.2.4-1etch1.dsc sdl-image1.2 (1.2.4-1etch1) oldstable-security; urgency=high * CVE-2007-6697: Fix buffer overflow in GIF handling. * CVE-2008-0544: Fix heap based buffer overflow in IMG_LoadLBM_RW. oldstable/main/binary-sparc/scponly_4.0-1sarge2_sparc.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-s390/scponly_4.0-1sarge2_s390.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-powerpc/scponly_4.0-1sarge2_powerpc.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-mipsel/scponly_4.0-1sarge2_mipsel.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-mips/scponly_4.0-1sarge2_mips.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-m68k/scponly_4.0-1sarge2_m68k.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-ia64/scponly_4.0-1sarge2_ia64.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-hppa/scponly_4.0-1sarge2_hppa.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-arm/scponly_4.0-1sarge2_arm.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-amd64/scponly_4.0-1sarge2_amd64.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-alpha/scponly_4.0-1sarge2_alpha.deb scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-i386/scponly_4.0-1sarge2_i386.deb oldstable/main/source/scponly_4.0-1sarge2.dsc oldstable/main/source/scponly_4.0-1sarge2.diff.gz scponly (4.0-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Remove rsync, Subversion and Unison support because it was possible to gain shell access through them (CVE-2007-6350). Closes: #437148. * scp: -o and -F options are dangerous (CVE-2007-6415). oldstable/main/binary-m68k/libpt-dbg_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-plugins-v4l2_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-plugins-alsa_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-1.8.3_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-plugins-avc_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-dev_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-plugins-v4l_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-plugins-oss_1.8.4-1+sarge1.1_m68k.deb oldstable/main/binary-m68k/libpt-plugins-dc_1.8.4-1+sarge1.1_m68k.deb pwlib (1.8.4-1+sarge1.1) oldstable-proposed-updates; urgency=low * Non-maintainer upload. * Fix to build with sudo on the autobuilders. oldstable/main/binary-sparc/postgresql-contrib_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/postgresql-client_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/libecpg4_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/libpgtcl-dev_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/postgresql-dev_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/libpq3_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/libpgtcl_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/postgresql_7.4.7-6sarge6_sparc.deb oldstable/main/binary-sparc/libecpg-dev_7.4.7-6sarge6_sparc.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-s390/libpgtcl-dev_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/postgresql_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/libecpg4_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/libpgtcl_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/postgresql-dev_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/postgresql-client_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/postgresql-contrib_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/libpq3_7.4.7-6sarge6_s390.deb oldstable/main/binary-s390/libecpg-dev_7.4.7-6sarge6_s390.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-powerpc/libpq3_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/libecpg-dev_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/postgresql_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/libpgtcl-dev_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/postgresql-contrib_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/libpgtcl_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/postgresql-dev_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/libecpg4_7.4.7-6sarge6_powerpc.deb oldstable/main/binary-powerpc/postgresql-client_7.4.7-6sarge6_powerpc.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-mipsel/libecpg4_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/postgresql-client_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/postgresql_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/libpgtcl-dev_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/libecpg-dev_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/libpq3_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/libpgtcl_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/postgresql-dev_7.4.7-6sarge6_mipsel.deb oldstable/main/binary-mipsel/postgresql-contrib_7.4.7-6sarge6_mipsel.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-mips/postgresql_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/libecpg-dev_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/libpq3_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/libpgtcl_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/libecpg4_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/libpgtcl-dev_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/postgresql-dev_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/postgresql-contrib_7.4.7-6sarge6_mips.deb oldstable/main/binary-mips/postgresql-client_7.4.7-6sarge6_mips.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-m68k/postgresql-contrib_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/libpgtcl_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/libpq3_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/libecpg4_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/libecpg-dev_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/postgresql_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/libpgtcl-dev_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/postgresql-client_7.4.7-6sarge6_m68k.deb oldstable/main/binary-m68k/postgresql-dev_7.4.7-6sarge6_m68k.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-ia64/libpgtcl-dev_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/libpgtcl_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/postgresql-contrib_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/libecpg4_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/libecpg-dev_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/postgresql_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/libpq3_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/postgresql-client_7.4.7-6sarge6_ia64.deb oldstable/main/binary-ia64/postgresql-dev_7.4.7-6sarge6_ia64.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-hppa/libpq3_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/postgresql-contrib_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/libecpg-dev_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/libpgtcl_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/libecpg4_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/postgresql-dev_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/postgresql_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/libpgtcl-dev_7.4.7-6sarge6_hppa.deb oldstable/main/binary-hppa/postgresql-client_7.4.7-6sarge6_hppa.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-arm/postgresql-client_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/libpq3_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/postgresql_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/libecpg4_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/libpgtcl_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/postgresql-contrib_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/libpgtcl-dev_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/postgresql-dev_7.4.7-6sarge6_arm.deb oldstable/main/binary-arm/libecpg-dev_7.4.7-6sarge6_arm.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-amd64/postgresql_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/postgresql-dev_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/libpgtcl_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/libecpg4_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/postgresql-client_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/libpq3_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/libecpg-dev_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/postgresql-contrib_7.4.7-6sarge6_amd64.deb oldstable/main/binary-amd64/libpgtcl-dev_7.4.7-6sarge6_amd64.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-alpha/postgresql_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/libpq3_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/libpgtcl-dev_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/postgresql-dev_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/libpgtcl_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/libecpg4_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/postgresql-client_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/postgresql-contrib_7.4.7-6sarge6_alpha.deb oldstable/main/binary-alpha/libecpg-dev_7.4.7-6sarge6_alpha.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/binary-i386/postgresql-client_7.4.7-6sarge6_i386.deb oldstable/main/binary-i386/libecpg-dev_7.4.7-6sarge6_i386.deb oldstable/main/binary-i386/postgresql_7.4.7-6sarge6_i386.deb oldstable/main/binary-i386/libpq3_7.4.7-6sarge6_i386.deb oldstable/main/binary-i386/libpgtcl_7.4.7-6sarge6_i386.deb oldstable/main/binary-i386/postgresql-dev_7.4.7-6sarge6_i386.deb oldstable/main/source/postgresql_7.4.7-6sarge6.dsc oldstable/main/source/postgresql_7.4.7-6sarge6.diff.gz oldstable/main/binary-i386/libecpg4_7.4.7-6sarge6_i386.deb oldstable/main/binary-all/postgresql-doc_7.4.7-6sarge6_all.deb oldstable/main/binary-i386/postgresql-contrib_7.4.7-6sarge6_i386.deb oldstable/main/binary-i386/libpgtcl-dev_7.4.7-6sarge6_i386.deb postgresql (7.4.7-6sarge6) oldstable-security; urgency=low * SECURITY UPDATE: User privilege escalation. * Add debian/patches/63dblink_restrictions.patch: - Require non-superusers who use "/contrib/dblink" to use only password authentication, to prevent abusing the postmaster as source for remote attacks with trust or ident authentication. [CVE-2007-3278, CVE-2007-6601] - Patch backported from 7.4.19 CVS: http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.c.diff?r1=1.25.4.4;r2=1.25.4.6 http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/dblink/dblink.sql.in.diff?r1=1.8;r2=1.8.4.1 oldstable/main/source/phpbb2_2.0.13+1-6sarge4.dsc oldstable/main/binary-all/phpbb2_2.0.13-6sarge4_all.deb oldstable/main/binary-all/phpbb2-conf-mysql_2.0.13-6sarge4_all.deb oldstable/main/binary-all/phpbb2-languages_2.0.13-6sarge4_all.deb oldstable/main/source/phpbb2_2.0.13+1-6sarge4.diff.gz phpbb2 (2.0.13+1-6sarge4) oldstable-security; urgency=high * Upload to sarge to address security issues. * CVE-2006-4758: authenticated admin may upload arbitrary files (very minor issue, closes: 388120). * CVE-2006-6839: update criteria for redirection targets. * CVE-2006-6840: fix negative start parameter. * CVE-2006-6508/CVE-2006-6841: fix csrf (closes: 405980). * CVE-2008-0471: fix csrf (closes: 463589). oldstable/main/binary-sparc/libpcre3-dev_4.5+7.4-2_sparc.deb oldstable/main/binary-sparc/libpcre3_4.5+7.4-2_sparc.deb oldstable/main/binary-sparc/pcregrep_4.5+7.4-2_sparc.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-s390/libpcre3_4.5+7.4-2_s390.deb oldstable/main/binary-s390/pcregrep_4.5+7.4-2_s390.deb oldstable/main/binary-s390/libpcre3-dev_4.5+7.4-2_s390.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-powerpc/libpcre3_4.5+7.4-2_powerpc.deb oldstable/main/binary-powerpc/libpcre3-dev_4.5+7.4-2_powerpc.deb oldstable/main/binary-powerpc/pcregrep_4.5+7.4-2_powerpc.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-mipsel/libpcre3-dev_4.5+7.4-2_mipsel.deb oldstable/main/binary-mipsel/libpcre3_4.5+7.4-2_mipsel.deb oldstable/main/binary-mipsel/pcregrep_4.5+7.4-2_mipsel.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-mips/libpcre3_4.5+7.4-2_mips.deb oldstable/main/binary-mips/libpcre3-dev_4.5+7.4-2_mips.deb oldstable/main/binary-mips/pcregrep_4.5+7.4-2_mips.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-m68k/libpcre3_4.5+7.4-2_m68k.deb oldstable/main/binary-m68k/pcregrep_4.5+7.4-2_m68k.deb oldstable/main/binary-m68k/libpcre3-dev_4.5+7.4-2_m68k.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-ia64/libpcre3-dev_4.5+7.4-2_ia64.deb oldstable/main/binary-ia64/libpcre3_4.5+7.4-2_ia64.deb oldstable/main/binary-ia64/pcregrep_4.5+7.4-2_ia64.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-hppa/libpcre3-dev_4.5+7.4-2_hppa.deb oldstable/main/binary-hppa/libpcre3_4.5+7.4-2_hppa.deb oldstable/main/binary-hppa/pcregrep_4.5+7.4-2_hppa.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-arm/libpcre3_4.5+7.4-2_arm.deb oldstable/main/binary-arm/libpcre3-dev_4.5+7.4-2_arm.deb oldstable/main/binary-arm/pcregrep_4.5+7.4-2_arm.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-amd64/libpcre3_4.5+7.4-2_amd64.deb oldstable/main/binary-amd64/libpcre3-dev_4.5+7.4-2_amd64.deb oldstable/main/binary-amd64/pcregrep_4.5+7.4-2_amd64.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-alpha/libpcre3_4.5+7.4-2_alpha.deb oldstable/main/binary-alpha/libpcre3-dev_4.5+7.4-2_alpha.deb oldstable/main/binary-alpha/pcregrep_4.5+7.4-2_alpha.deb pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-i386/libpcre3_4.5+7.4-2_i386.deb oldstable/main/binary-i386/libpcre3-dev_4.5+7.4-2_i386.deb oldstable/main/source/pcre3_4.5+7.4-2.dsc oldstable/main/binary-i386/pcregrep_4.5+7.4-2_i386.deb oldstable/main/binary-all/pgrep_4.5+7.4-2_all.deb oldstable/main/source/pcre3_4.5+7.4-2.diff.gz pcre3 (4.5+7.4-2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * A character class containing a very large number of characters with codepoints greater than 255 caused a buffer overflow. (CVE-2008-0674) oldstable/main/binary-sparc/openafs-kpasswd_1.3.81-3sarge3_sparc.deb oldstable/main/binary-sparc/openafs-dbserver_1.3.81-3sarge3_sparc.deb oldstable/main/binary-sparc/libpam-openafs-kaserver_1.3.81-3sarge3_sparc.deb oldstable/main/binary-sparc/openafs-client_1.3.81-3sarge3_sparc.deb oldstable/main/binary-sparc/libopenafs-dev_1.3.81-3sarge3_sparc.deb oldstable/main/binary-sparc/openafs-fileserver_1.3.81-3sarge3_sparc.deb openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-s390/openafs-dbserver_1.3.81-3sarge3_s390.deb oldstable/main/binary-s390/libpam-openafs-kaserver_1.3.81-3sarge3_s390.deb oldstable/main/binary-s390/openafs-client_1.3.81-3sarge3_s390.deb oldstable/main/binary-s390/libopenafs-dev_1.3.81-3sarge3_s390.deb oldstable/main/binary-s390/openafs-fileserver_1.3.81-3sarge3_s390.deb oldstable/main/binary-s390/openafs-kpasswd_1.3.81-3sarge3_s390.deb openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-powerpc/openafs-dbserver_1.3.81-3sarge3_powerpc.deb oldstable/main/binary-powerpc/openafs-kpasswd_1.3.81-3sarge3_powerpc.deb oldstable/main/binary-powerpc/openafs-client_1.3.81-3sarge3_powerpc.deb oldstable/main/binary-powerpc/openafs-fileserver_1.3.81-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libopenafs-dev_1.3.81-3sarge3_powerpc.deb oldstable/main/binary-powerpc/libpam-openafs-kaserver_1.3.81-3sarge3_powerpc.deb openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-ia64/libopenafs-dev_1.3.81-3sarge3_ia64.deb oldstable/main/binary-ia64/openafs-dbserver_1.3.81-3sarge3_ia64.deb oldstable/main/binary-ia64/openafs-client_1.3.81-3sarge3_ia64.deb oldstable/main/binary-ia64/openafs-kpasswd_1.3.81-3sarge3_ia64.deb oldstable/main/binary-ia64/libpam-openafs-kaserver_1.3.81-3sarge3_ia64.deb oldstable/main/binary-ia64/openafs-fileserver_1.3.81-3sarge3_ia64.deb openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-hppa/libopenafs-dev_1.3.81-3sarge3_hppa.deb oldstable/main/binary-hppa/openafs-kpasswd_1.3.81-3sarge3_hppa.deb oldstable/main/binary-hppa/openafs-fileserver_1.3.81-3sarge3_hppa.deb oldstable/main/binary-hppa/libpam-openafs-kaserver_1.3.81-3sarge3_hppa.deb oldstable/main/binary-hppa/openafs-dbserver_1.3.81-3sarge3_hppa.deb oldstable/main/binary-hppa/openafs-client_1.3.81-3sarge3_hppa.deb openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-amd64/libpam-openafs-kaserver_1.3.81-3sarge3_amd64.deb oldstable/main/binary-amd64/libopenafs-dev_1.3.81-3sarge3_amd64.deb oldstable/main/binary-amd64/openafs-client_1.3.81-3sarge3_amd64.deb oldstable/main/binary-amd64/openafs-fileserver_1.3.81-3sarge3_amd64.deb oldstable/main/binary-amd64/openafs-dbserver_1.3.81-3sarge3_amd64.deb oldstable/main/binary-amd64/openafs-kpasswd_1.3.81-3sarge3_amd64.deb openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-alpha/openafs-fileserver_1.3.81-3sarge3_alpha.deb oldstable/main/binary-alpha/openafs-client_1.3.81-3sarge3_alpha.deb oldstable/main/binary-alpha/libpam-openafs-kaserver_1.3.81-3sarge3_alpha.deb oldstable/main/binary-alpha/libopenafs-dev_1.3.81-3sarge3_alpha.deb oldstable/main/binary-alpha/openafs-dbserver_1.3.81-3sarge3_alpha.deb oldstable/main/binary-alpha/openafs-kpasswd_1.3.81-3sarge3_alpha.deb openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-i386/libpam-openafs-kaserver_1.3.81-3sarge3_i386.deb oldstable/main/binary-all/openafs-modules-source_1.3.81-3sarge3_all.deb oldstable/main/binary-i386/openafs-client_1.3.81-3sarge3_i386.deb oldstable/main/binary-i386/openafs-fileserver_1.3.81-3sarge3_i386.deb oldstable/main/binary-i386/libopenafs-dev_1.3.81-3sarge3_i386.deb oldstable/main/binary-i386/openafs-kpasswd_1.3.81-3sarge3_i386.deb oldstable/main/source/openafs_1.3.81-3sarge3.diff.gz oldstable/main/binary-i386/openafs-dbserver_1.3.81-3sarge3_i386.deb oldstable/main/source/openafs_1.3.81-3sarge3.dsc openafs (1.3.81-3sarge3) oldstable-security; urgency=high * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003) oldstable/main/binary-sparc/nagios-plugins_1.4-6sarge2_sparc.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-s390/nagios-plugins_1.4-6sarge2_s390.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-powerpc/nagios-plugins_1.4-6sarge2_powerpc.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-mipsel/nagios-plugins_1.4-6sarge2_mipsel.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-mips/nagios-plugins_1.4-6sarge2_mips.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-m68k/nagios-plugins_1.4-6sarge2_m68k.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-ia64/nagios-plugins_1.4-6sarge2_ia64.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-hppa/nagios-plugins_1.4-6sarge2_hppa.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-arm/nagios-plugins_1.4-6sarge2_arm.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-amd64/nagios-plugins_1.4-6sarge2_amd64.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-alpha/nagios-plugins_1.4-6sarge2_alpha.deb nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-i386/nagios-plugins_1.4-6sarge2_i386.deb oldstable/main/source/nagios-plugins_1.4-6sarge2.dsc oldstable/main/source/nagios-plugins_1.4-6sarge2.diff.gz nagios-plugins (1.4-6sarge2) oldstable-security; urgency=high * NMU prepared for the security team by the package maintainer. * Fix the following regressions in the previous security upload: - check_procs/check_nagios/check_swap all fail to build correctly unless /proc is mounted, so fail gracefully in that case. closes: #465530 - check_mailq may default to /usr/sbin/mailq instead of /usr/bin/mailq if the the ssmtp package is installed at build-time. closes: #465749. - check_ping may fail to build correctly due to assumptions about host configuration and/or network connectivity. closes: #465854. oldstable/main/binary-sparc/maradns_1.0.27-2_sparc.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-s390/maradns_1.0.27-2_s390.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-powerpc/maradns_1.0.27-2_powerpc.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-mipsel/maradns_1.0.27-2_mipsel.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-mips/maradns_1.0.27-2_mips.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-m68k/maradns_1.0.27-2_m68k.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-ia64/maradns_1.0.27-2_ia64.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-hppa/maradns_1.0.27-2_hppa.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-arm/maradns_1.0.27-2_arm.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-amd64/maradns_1.0.27-2_amd64.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-alpha/maradns_1.0.27-2_alpha.deb maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-i386/maradns_1.0.27-2_i386.deb oldstable/main/source/maradns_1.0.27-2.dsc oldstable/main/source/maradns_1.0.27-2.diff.gz maradns (1.0.27-2) oldstable-security; urgency=high * Fix remote DoS oldstable/main/binary-all/mantis_0.19.2-5sarge5_all.deb oldstable/main/source/mantis_0.19.2-5sarge5.dsc oldstable/main/source/mantis_0.19.2-5sarge5.diff.gz mantis (0.19.2-5sarge5) oldstable-security; urgency=high * Maintainer upload for the security team * Fixed security issue CVE-2007-6611: "Upload File" Script insertion vulnerability by applying the patch from sid. (Closes: #458377) * Fixed security issue CVE-2006-6574: Custom Field Information Disclosure by backporting changes in history_api.php from sid (Closes: #402802) * Fixed security issue: Email notifications bypass security on custom fields * Fixed multiple XSS vulnerabilites by backporting changes from upstream version 1.0.7 oldstable/main/binary-sparc/loop-aes-utils_2.12p-4sarge2_sparc.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-s390/loop-aes-utils_2.12p-4sarge2_s390.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-powerpc/loop-aes-utils_2.12p-4sarge2_powerpc.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-mipsel/loop-aes-utils_2.12p-4sarge2_mipsel.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-mips/loop-aes-utils_2.12p-4sarge2_mips.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-m68k/loop-aes-utils_2.12p-4sarge2_m68k.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-ia64/loop-aes-utils_2.12p-4sarge2_ia64.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-hppa/loop-aes-utils_2.12p-4sarge2_hppa.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-arm/loop-aes-utils_2.12p-4sarge2_arm.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-amd64/loop-aes-utils_2.12p-4sarge2_amd64.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-alpha/loop-aes-utils_2.12p-4sarge2_alpha.deb loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-i386/loop-aes-utils_2.12p-4sarge2_i386.deb oldstable/main/source/loop-aes-utils_2.12p-4sarge2.dsc oldstable/main/source/loop-aes-utils_2.12p-4sarge2.diff.gz loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 oldstable/main/binary-sparc/libxml2-utils_2.6.16-7sarge1_sparc.deb oldstable/main/binary-sparc/libxml2-dev_2.6.16-7sarge1_sparc.deb oldstable/main/binary-sparc/python2.4-libxml2_2.6.16-7sarge1_sparc.deb oldstable/main/binary-sparc/libxml2_2.6.16-7sarge1_sparc.deb oldstable/main/binary-sparc/python2.3-libxml2_2.6.16-7sarge1_sparc.deb oldstable/main/binary-sparc/python2.2-libxml2_2.6.16-7sarge1_sparc.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-s390/python2.4-libxml2_2.6.16-7sarge1_s390.deb oldstable/main/binary-s390/libxml2-dev_2.6.16-7sarge1_s390.deb oldstable/main/binary-s390/python2.3-libxml2_2.6.16-7sarge1_s390.deb oldstable/main/binary-s390/libxml2-utils_2.6.16-7sarge1_s390.deb oldstable/main/binary-s390/libxml2_2.6.16-7sarge1_s390.deb oldstable/main/binary-s390/python2.2-libxml2_2.6.16-7sarge1_s390.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-powerpc/python2.2-libxml2_2.6.16-7sarge1_powerpc.deb oldstable/main/binary-powerpc/libxml2-utils_2.6.16-7sarge1_powerpc.deb oldstable/main/binary-powerpc/python2.4-libxml2_2.6.16-7sarge1_powerpc.deb oldstable/main/binary-powerpc/libxml2-dev_2.6.16-7sarge1_powerpc.deb oldstable/main/binary-powerpc/libxml2_2.6.16-7sarge1_powerpc.deb oldstable/main/binary-powerpc/python2.3-libxml2_2.6.16-7sarge1_powerpc.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-mipsel/libxml2_2.6.16-7sarge1_mipsel.deb oldstable/main/binary-mipsel/libxml2-dev_2.6.16-7sarge1_mipsel.deb oldstable/main/binary-mipsel/python2.3-libxml2_2.6.16-7sarge1_mipsel.deb oldstable/main/binary-mipsel/libxml2-utils_2.6.16-7sarge1_mipsel.deb oldstable/main/binary-mipsel/python2.2-libxml2_2.6.16-7sarge1_mipsel.deb oldstable/main/binary-mipsel/python2.4-libxml2_2.6.16-7sarge1_mipsel.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-mips/libxml2-dev_2.6.16-7sarge1_mips.deb oldstable/main/binary-mips/libxml2_2.6.16-7sarge1_mips.deb oldstable/main/binary-mips/python2.2-libxml2_2.6.16-7sarge1_mips.deb oldstable/main/binary-mips/python2.3-libxml2_2.6.16-7sarge1_mips.deb oldstable/main/binary-mips/python2.4-libxml2_2.6.16-7sarge1_mips.deb oldstable/main/binary-mips/libxml2-utils_2.6.16-7sarge1_mips.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-m68k/libxml2_2.6.16-7sarge1_m68k.deb oldstable/main/binary-m68k/libxml2-dev_2.6.16-7sarge1_m68k.deb oldstable/main/binary-m68k/python2.2-libxml2_2.6.16-7sarge1_m68k.deb oldstable/main/binary-m68k/libxml2-utils_2.6.16-7sarge1_m68k.deb oldstable/main/binary-m68k/python2.4-libxml2_2.6.16-7sarge1_m68k.deb oldstable/main/binary-m68k/python2.3-libxml2_2.6.16-7sarge1_m68k.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-ia64/python2.4-libxml2_2.6.16-7sarge1_ia64.deb oldstable/main/binary-ia64/libxml2_2.6.16-7sarge1_ia64.deb oldstable/main/binary-ia64/python2.2-libxml2_2.6.16-7sarge1_ia64.deb oldstable/main/binary-ia64/libxml2-utils_2.6.16-7sarge1_ia64.deb oldstable/main/binary-ia64/python2.3-libxml2_2.6.16-7sarge1_ia64.deb oldstable/main/binary-ia64/libxml2-dev_2.6.16-7sarge1_ia64.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-hppa/python2.4-libxml2_2.6.16-7sarge1_hppa.deb oldstable/main/binary-hppa/python2.3-libxml2_2.6.16-7sarge1_hppa.deb oldstable/main/binary-hppa/libxml2-dev_2.6.16-7sarge1_hppa.deb oldstable/main/binary-hppa/python2.2-libxml2_2.6.16-7sarge1_hppa.deb oldstable/main/binary-hppa/libxml2_2.6.16-7sarge1_hppa.deb oldstable/main/binary-hppa/libxml2-utils_2.6.16-7sarge1_hppa.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-arm/libxml2-utils_2.6.16-7sarge1_arm.deb oldstable/main/binary-arm/python2.2-libxml2_2.6.16-7sarge1_arm.deb oldstable/main/binary-arm/python2.4-libxml2_2.6.16-7sarge1_arm.deb oldstable/main/binary-arm/python2.3-libxml2_2.6.16-7sarge1_arm.deb oldstable/main/binary-arm/libxml2_2.6.16-7sarge1_arm.deb oldstable/main/binary-arm/libxml2-dev_2.6.16-7sarge1_arm.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-amd64/libxml2-dev_2.6.16-7sarge1_amd64.deb oldstable/main/binary-amd64/libxml2_2.6.16-7sarge1_amd64.deb oldstable/main/binary-amd64/python2.2-libxml2_2.6.16-7sarge1_amd64.deb oldstable/main/binary-amd64/libxml2-utils_2.6.16-7sarge1_amd64.deb oldstable/main/binary-amd64/python2.3-libxml2_2.6.16-7sarge1_amd64.deb oldstable/main/binary-amd64/python2.4-libxml2_2.6.16-7sarge1_amd64.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-alpha/libxml2_2.6.16-7sarge1_alpha.deb oldstable/main/binary-alpha/python2.3-libxml2_2.6.16-7sarge1_alpha.deb oldstable/main/binary-alpha/python2.4-libxml2_2.6.16-7sarge1_alpha.deb oldstable/main/binary-alpha/libxml2-dev_2.6.16-7sarge1_alpha.deb oldstable/main/binary-alpha/python2.2-libxml2_2.6.16-7sarge1_alpha.deb oldstable/main/binary-alpha/libxml2-utils_2.6.16-7sarge1_alpha.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-all/python-libxml2_2.6.16-7sarge1_all.deb oldstable/main/source/libxml2_2.6.16-7sarge1.diff.gz oldstable/main/binary-i386/libxml2-dev_2.6.16-7sarge1_i386.deb oldstable/main/source/libxml2_2.6.16-7sarge1.dsc oldstable/main/binary-all/libxml2-python2.3_2.6.16-7sarge1_all.deb oldstable/main/binary-i386/python2.2-libxml2_2.6.16-7sarge1_i386.deb oldstable/main/binary-i386/python2.3-libxml2_2.6.16-7sarge1_i386.deb oldstable/main/binary-i386/libxml2-utils_2.6.16-7sarge1_i386.deb oldstable/main/binary-i386/python2.4-libxml2_2.6.16-7sarge1_i386.deb oldstable/main/binary-i386/libxml2_2.6.16-7sarge1_i386.deb oldstable/main/binary-all/libxml2-doc_2.6.16-7sarge1_all.deb libxml2 (2.6.16-7sarge1) oldstable-security; urgency=high * Fix CVE-2007-6284. oldstable/main/binary-sparc/libvorbisenc2_1.1.0-2_sparc.deb oldstable/main/binary-sparc/libvorbis0a_1.1.0-2_sparc.deb oldstable/main/binary-sparc/libvorbisfile3_1.1.0-2_sparc.deb oldstable/main/binary-sparc/libvorbis-dev_1.1.0-2_sparc.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-s390/libvorbisfile3_1.1.0-2_s390.deb oldstable/main/binary-s390/libvorbis-dev_1.1.0-2_s390.deb oldstable/main/binary-s390/libvorbis0a_1.1.0-2_s390.deb oldstable/main/binary-s390/libvorbisenc2_1.1.0-2_s390.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-powerpc/libvorbis0a_1.1.0-2_powerpc.deb oldstable/main/binary-powerpc/libvorbisfile3_1.1.0-2_powerpc.deb oldstable/main/binary-powerpc/libvorbisenc2_1.1.0-2_powerpc.deb oldstable/main/binary-powerpc/libvorbis-dev_1.1.0-2_powerpc.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-mipsel/libvorbisenc2_1.1.0-2_mipsel.deb oldstable/main/binary-mipsel/libvorbis-dev_1.1.0-2_mipsel.deb oldstable/main/binary-mipsel/libvorbisfile3_1.1.0-2_mipsel.deb oldstable/main/binary-mipsel/libvorbis0a_1.1.0-2_mipsel.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-mips/libvorbisenc2_1.1.0-2_mips.deb oldstable/main/binary-mips/libvorbisfile3_1.1.0-2_mips.deb oldstable/main/binary-mips/libvorbis0a_1.1.0-2_mips.deb oldstable/main/binary-mips/libvorbis-dev_1.1.0-2_mips.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-m68k/libvorbisenc2_1.1.0-2_m68k.deb oldstable/main/binary-m68k/libvorbisfile3_1.1.0-2_m68k.deb oldstable/main/binary-m68k/libvorbis-dev_1.1.0-2_m68k.deb oldstable/main/binary-m68k/libvorbis0a_1.1.0-2_m68k.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-ia64/libvorbisfile3_1.1.0-2_ia64.deb oldstable/main/binary-ia64/libvorbisenc2_1.1.0-2_ia64.deb oldstable/main/binary-ia64/libvorbis-dev_1.1.0-2_ia64.deb oldstable/main/binary-ia64/libvorbis0a_1.1.0-2_ia64.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-hppa/libvorbisenc2_1.1.0-2_hppa.deb oldstable/main/binary-hppa/libvorbis0a_1.1.0-2_hppa.deb oldstable/main/binary-hppa/libvorbisfile3_1.1.0-2_hppa.deb oldstable/main/binary-hppa/libvorbis-dev_1.1.0-2_hppa.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-arm/libvorbis-dev_1.1.0-2_arm.deb oldstable/main/binary-arm/libvorbisenc2_1.1.0-2_arm.deb oldstable/main/binary-arm/libvorbis0a_1.1.0-2_arm.deb oldstable/main/binary-arm/libvorbisfile3_1.1.0-2_arm.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-amd64/libvorbis0a_1.1.0-2_amd64.deb oldstable/main/binary-amd64/libvorbis-dev_1.1.0-2_amd64.deb oldstable/main/binary-amd64/libvorbisenc2_1.1.0-2_amd64.deb oldstable/main/binary-amd64/libvorbisfile3_1.1.0-2_amd64.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-alpha/libvorbis-dev_1.1.0-2_alpha.deb oldstable/main/binary-alpha/libvorbisenc2_1.1.0-2_alpha.deb oldstable/main/binary-alpha/libvorbis0a_1.1.0-2_alpha.deb oldstable/main/binary-alpha/libvorbisfile3_1.1.0-2_alpha.deb libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-i386/libvorbisfile3_1.1.0-2_i386.deb oldstable/main/binary-i386/libvorbisenc2_1.1.0-2_i386.deb oldstable/main/binary-i386/libvorbis-dev_1.1.0-2_i386.deb oldstable/main/binary-i386/libvorbis0a_1.1.0-2_i386.deb oldstable/main/source/libvorbis_1.1.0-2.diff.gz oldstable/main/source/libvorbis_1.1.0-2.dsc libvorbis (1.1.0-2) oldstable-security; urgency=low * Fix CVE-2007-3106 CVE-2007-4029 CVE-2007-4065 CVE-2007-4066 oldstable/main/binary-sparc/libnet-dns-perl_0.48-1sarge1_sparc.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-s390/libnet-dns-perl_0.48-1sarge1_s390.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-powerpc/libnet-dns-perl_0.48-1sarge1_powerpc.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-mipsel/libnet-dns-perl_0.48-1sarge1_mipsel.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-mips/libnet-dns-perl_0.48-1sarge1_mips.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-m68k/libnet-dns-perl_0.48-1sarge1_m68k.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-ia64/libnet-dns-perl_0.48-1sarge1_ia64.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-hppa/libnet-dns-perl_0.48-1sarge1_hppa.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-arm/libnet-dns-perl_0.48-1sarge1_arm.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-amd64/libnet-dns-perl_0.48-1sarge1_amd64.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-alpha/libnet-dns-perl_0.48-1sarge1_alpha.deb libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/source/libnet-dns-perl_0.48-1sarge1.diff.gz oldstable/main/binary-i386/libnet-dns-perl_0.48-1sarge1_i386.deb oldstable/main/source/libnet-dns-perl_0.48-1sarge1.dsc libnet-dns-perl (0.48-1sarge1) oldstable-security; urgency=high * Malformed A records could lead to a Perl exception and program crash (CVE-2007-6341). Closes: #457445. * A very weak random number generator was used for transaction IDs (CVE-2007-3377). Perl's rand() is used in the patch against this vulnerability--it is initialized from /dev/urandom, but the underlying LCG has only got 48 bits of state, so at the very least, a brute-force attack is still possible if an attacker has got three subsequently generated transaction IDs. * The Perl implementation of dn_expand could recurse infinitely (CVE-2007-3409). (On Debian systems, the C version is typically used.) oldstable/main/binary-sparc/libexif-dev_0.6.9-6sarge2_sparc.deb oldstable/main/binary-sparc/libexif10_0.6.9-6sarge2_sparc.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-s390/libexif10_0.6.9-6sarge2_s390.deb oldstable/main/binary-s390/libexif-dev_0.6.9-6sarge2_s390.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-powerpc/libexif10_0.6.9-6sarge2_powerpc.deb oldstable/main/binary-powerpc/libexif-dev_0.6.9-6sarge2_powerpc.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-mipsel/libexif-dev_0.6.9-6sarge2_mipsel.deb oldstable/main/binary-mipsel/libexif10_0.6.9-6sarge2_mipsel.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-mips/libexif-dev_0.6.9-6sarge2_mips.deb oldstable/main/binary-mips/libexif10_0.6.9-6sarge2_mips.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-m68k/libexif-dev_0.6.9-6sarge2_m68k.deb oldstable/main/binary-m68k/libexif10_0.6.9-6sarge2_m68k.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-ia64/libexif-dev_0.6.9-6sarge2_ia64.deb oldstable/main/binary-ia64/libexif10_0.6.9-6sarge2_ia64.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-hppa/libexif-dev_0.6.9-6sarge2_hppa.deb oldstable/main/binary-hppa/libexif10_0.6.9-6sarge2_hppa.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-arm/libexif-dev_0.6.9-6sarge2_arm.deb oldstable/main/binary-arm/libexif10_0.6.9-6sarge2_arm.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-amd64/libexif-dev_0.6.9-6sarge2_amd64.deb oldstable/main/binary-amd64/libexif10_0.6.9-6sarge2_amd64.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-alpha/libexif-dev_0.6.9-6sarge2_alpha.deb oldstable/main/binary-alpha/libexif10_0.6.9-6sarge2_alpha.deb libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-i386/libexif10_0.6.9-6sarge2_i386.deb oldstable/main/source/libexif_0.6.9-6sarge2.dsc oldstable/main/binary-i386/libexif-dev_0.6.9-6sarge2_i386.deb oldstable/main/source/libexif_0.6.9-6sarge2.diff.gz libexif (0.6.9-6sarge2) oldstable-security; urgency=high * Fix CVE-2007-2645, CVE-2007-6351, CVE-2007-6352 oldstable/main/binary-sparc/libkrb5-dev_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/krb5-telnetd_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/krb5-ftpd_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/krb5-rsh-server_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/krb5-admin-server_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/libkadm55_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/krb5-kdc_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/krb5-user_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/krb5-clients_1.3.6-2sarge6_sparc.deb oldstable/main/binary-sparc/libkrb53_1.3.6-2sarge6_sparc.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-s390/krb5-clients_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/krb5-user_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/krb5-telnetd_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/krb5-ftpd_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/libkrb5-dev_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/krb5-admin-server_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/libkrb53_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/krb5-rsh-server_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/libkadm55_1.3.6-2sarge6_s390.deb oldstable/main/binary-s390/krb5-kdc_1.3.6-2sarge6_s390.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-powerpc/krb5-rsh-server_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/krb5-clients_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/krb5-admin-server_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/krb5-user_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/krb5-ftpd_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/libkadm55_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/libkrb5-dev_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/libkrb53_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/krb5-telnetd_1.3.6-2sarge6_powerpc.deb oldstable/main/binary-powerpc/krb5-kdc_1.3.6-2sarge6_powerpc.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-mipsel/krb5-user_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/krb5-admin-server_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/krb5-telnetd_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/krb5-clients_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/krb5-rsh-server_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/libkrb53_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/krb5-ftpd_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/krb5-kdc_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/libkadm55_1.3.6-2sarge6_mipsel.deb oldstable/main/binary-mipsel/libkrb5-dev_1.3.6-2sarge6_mipsel.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-mips/krb5-user_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/libkadm55_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/krb5-ftpd_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/libkrb5-dev_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/krb5-kdc_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/krb5-admin-server_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/krb5-clients_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/krb5-rsh-server_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/libkrb53_1.3.6-2sarge6_mips.deb oldstable/main/binary-mips/krb5-telnetd_1.3.6-2sarge6_mips.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-m68k/libkadm55_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/libkrb5-dev_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/krb5-ftpd_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/krb5-kdc_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/krb5-rsh-server_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/libkrb53_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/krb5-user_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/krb5-clients_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/krb5-telnetd_1.3.6-2sarge6_m68k.deb oldstable/main/binary-m68k/krb5-admin-server_1.3.6-2sarge6_m68k.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-ia64/krb5-rsh-server_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/krb5-clients_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/libkrb53_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/krb5-user_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/libkadm55_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/krb5-telnetd_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/krb5-ftpd_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/krb5-admin-server_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/libkrb5-dev_1.3.6-2sarge6_ia64.deb oldstable/main/binary-ia64/krb5-kdc_1.3.6-2sarge6_ia64.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-hppa/krb5-admin-server_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/krb5-telnetd_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/krb5-ftpd_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/libkrb5-dev_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/libkadm55_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/krb5-kdc_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/libkrb53_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/krb5-rsh-server_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/krb5-user_1.3.6-2sarge6_hppa.deb oldstable/main/binary-hppa/krb5-clients_1.3.6-2sarge6_hppa.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-arm/krb5-kdc_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/libkrb5-dev_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/libkadm55_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/krb5-ftpd_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/krb5-telnetd_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/krb5-clients_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/krb5-user_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/krb5-rsh-server_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/libkrb53_1.3.6-2sarge6_arm.deb oldstable/main/binary-arm/krb5-admin-server_1.3.6-2sarge6_arm.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-amd64/krb5-user_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/libkadm55_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/krb5-kdc_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/krb5-admin-server_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/krb5-telnetd_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/libkrb53_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/krb5-rsh-server_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/krb5-ftpd_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/libkrb5-dev_1.3.6-2sarge6_amd64.deb oldstable/main/binary-amd64/krb5-clients_1.3.6-2sarge6_amd64.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-alpha/krb5-admin-server_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/libkrb53_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/libkadm55_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/krb5-ftpd_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/krb5-rsh-server_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/libkrb5-dev_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/krb5-telnetd_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/krb5-user_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/krb5-clients_1.3.6-2sarge6_alpha.deb oldstable/main/binary-alpha/krb5-kdc_1.3.6-2sarge6_alpha.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/source/krb5_1.3.6-2sarge6.diff.gz oldstable/main/binary-i386/krb5-kdc_1.3.6-2sarge6_i386.deb oldstable/main/binary-i386/libkadm55_1.3.6-2sarge6_i386.deb oldstable/main/source/krb5_1.3.6-2sarge6.dsc oldstable/main/binary-i386/krb5-ftpd_1.3.6-2sarge6_i386.deb oldstable/main/binary-all/krb5-doc_1.3.6-2sarge6_all.deb oldstable/main/binary-i386/libkrb53_1.3.6-2sarge6_i386.deb oldstable/main/binary-i386/krb5-user_1.3.6-2sarge6_i386.deb oldstable/main/binary-i386/krb5-admin-server_1.3.6-2sarge6_i386.deb oldstable/main/binary-i386/libkrb5-dev_1.3.6-2sarge6_i386.deb oldstable/main/binary-i386/krb5-clients_1.3.6-2sarge6_i386.deb oldstable/main/binary-i386/krb5-telnetd_1.3.6-2sarge6_i386.deb oldstable/main/binary-i386/krb5-rsh-server_1.3.6-2sarge6_i386.deb krb5 (1.3.6-2sarge6) oldstable-security; urgency=emergency * MITKRB5-SA-2008-001: When Kerberos v4 support is enabled in the KDC, malformed messages may result in NULL pointer use, double-frees, or exposure of information. (CVE-2008-0062, CVE-2008-0063) oldstable/main/binary-all/kernel-source-2.6.8_2.6.8-17sarge1_all.deb oldstable/main/binary-all/kernel-tree-2.6.8_2.6.8-17sarge1_all.deb oldstable/main/source/kernel-source-2.6.8_2.6.8-17sarge1.dsc oldstable/main/binary-all/kernel-patch-debian-2.6.8_2.6.8-17sarge1_all.deb oldstable/main/source/kernel-source-2.6.8_2.6.8-17sarge1.diff.gz oldstable/main/binary-all/kernel-doc-2.6.8_2.6.8-17sarge1_all.deb kernel-source-2.6.8 (2.6.8-17sarge1) oldstable-security; urgency=high * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/source/kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.dsc oldstable/main/binary-powerpc/kernel-headers-2.6.8-4_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb oldstable/main/source/kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.tar.gz oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb kernel-patch-powerpc-2.6.8 (2.6.8-13sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-sparc/kernel-image-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb oldstable/main/binary-sparc/kernel-image-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6.8-4_2.6.8-16sarge1_sparc.deb oldstable/main/binary-sparc/kernel-image-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb oldstable/main/source/kernel-image-2.6.8-sparc_2.6.8-16sarge1.tar.gz oldstable/main/source/kernel-image-2.6.8-sparc_2.6.8-16sarge1.dsc oldstable/main/binary-sparc/kernel-headers-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb oldstable/main/binary-sparc/kernel-build-2.6.8-4_2.6.8-16sarge1_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb kernel-image-2.6.8-sparc (2.6.8-16sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-s390/kernel-image-2.6.8-4-s390x_2.6.8-6sarge1_s390.deb oldstable/main/source/kernel-image-2.6.8-s390_2.6.8-6sarge1.tar.gz oldstable/main/binary-all/kernel-patch-2.6.8-s390_2.6.8-6sarge1_all.deb oldstable/main/binary-s390/kernel-headers-2.6.8-4_2.6.8-6sarge1_s390.deb oldstable/main/source/kernel-image-2.6.8-s390_2.6.8-6sarge1.dsc oldstable/main/binary-s390/kernel-image-2.6.8-4-s390_2.6.8-6sarge1_s390.deb oldstable/main/binary-s390/kernel-image-2.6.8-4-s390-tape_2.6.8-6sarge1_s390.deb kernel-image-2.6.8-s390 (2.6.8-6sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-m68k/kernel-image-2.6.8-sun3_2.6.8-5sarge1_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-mvme16x_2.6.8-5sarge1_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-q40_2.6.8-5sarge1_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-atari_2.6.8-5sarge1_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-amiga_2.6.8-5sarge1_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-hp_2.6.8-5sarge1_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-mvme147_2.6.8-5sarge1_m68k.deb oldstable/main/source/kernel-image-2.6.8-m68k_2.6.8-5sarge1.tar.gz oldstable/main/binary-m68k/kernel-image-2.6.8-bvme6000_2.6.8-5sarge1_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-mac_2.6.8-5sarge1_m68k.deb oldstable/main/source/kernel-image-2.6.8-m68k_2.6.8-5sarge1.dsc kernel-image-2.6.8-m68k (2.6.8-5sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-ia64/kernel-image-2.6.8-4-itanium_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-mckinley-smp_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-mckinley_2.6.8-15sarge1_ia64.deb oldstable/main/source/kernel-image-2.6.8-ia64_2.6.8-15sarge1.dsc oldstable/main/binary-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6-itanium_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-itanium_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-mckinley_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-itanium_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-itanium-smp_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-itanium-smp_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6-itanium-smp_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6-mckinley_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6.8-4-mckinley_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6.8-4-itanium-smp_2.6.8-15sarge1_ia64.deb oldstable/main/source/kernel-image-2.6.8-ia64_2.6.8-15sarge1.tar.gz oldstable/main/binary-ia64/kernel-image-2.6.8-4-mckinley-smp_2.6.8-15sarge1_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-mckinley-smp_2.6.8-15sarge1_ia64.deb kernel-image-2.6.8-ia64 (2.6.8-15sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/source/kernel-image-2.6.8-i386_2.6.8-17sarge1.dsc oldstable/main/binary-i386/kernel-headers-2.6.8-4-k7-smp_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-386_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-k7-smp_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-k7_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-686_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4_2.6.8-17sarge1_i386.deb oldstable/main/source/kernel-image-2.6.8-i386_2.6.8-17sarge1.tar.gz oldstable/main/binary-i386/kernel-image-2.6.8-4-686-smp_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-686_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-386_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-k7_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-686-smp_2.6.8-17sarge1_i386.deb kernel-image-2.6.8-i386 (2.6.8-17sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-hppa/kernel-headers-2.6.8-4_2.6.8-7sarge1_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6.8-4-64_2.6.8-7sarge1_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6.8-4-64-smp_2.6.8-7sarge1_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6.8-4-64-smp_2.6.8-7sarge1_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6.8-4-32-smp_2.6.8-7sarge1_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6.8-4-32-smp_2.6.8-7sarge1_hppa.deb oldstable/main/source/kernel-image-2.6.8-hppa_2.6.8-7sarge1.dsc oldstable/main/binary-hppa/kernel-image-2.6.8-4-32_2.6.8-7sarge1_hppa.deb oldstable/main/source/kernel-image-2.6.8-hppa_2.6.8-7sarge1.tar.gz oldstable/main/binary-hppa/kernel-headers-2.6.8-4-64_2.6.8-7sarge1_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6.8-4-32_2.6.8-7sarge1_hppa.deb kernel-image-2.6.8-hppa (2.6.8-7sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6.8-13_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_amd64.deb kernel-image-2.6.8-amd64 (2.6.8-17sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-i386/kernel-headers-2.6.8-13_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb oldstable/main/source/kernel-image-2.6.8-amd64_2.6.8-17sarge1.tar.gz oldstable/main/source/kernel-image-2.6.8-amd64_2.6.8-17sarge1.dsc kernel-image-2.6.8-amd64 (2.6.8-17sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-alpha/kernel-headers-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb oldstable/main/binary-alpha/kernel-image-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb oldstable/main/source/kernel-image-2.6.8-alpha_2.6.8-17sarge1.tar.gz oldstable/main/binary-alpha/kernel-image-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb oldstable/main/binary-alpha/kernel-headers-2.6.8-4_2.6.8-17sarge1_alpha.deb oldstable/main/source/kernel-image-2.6.8-alpha_2.6.8-17sarge1.dsc oldstable/main/binary-alpha/kernel-headers-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb kernel-image-2.6.8-alpha (2.6.8-17sarge1) oldstable-security; urgency=high * Rebuild against kernel-tree-2.6.8-17sarge1 * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/source/horde3_3.0.4-4sarge7.dsc oldstable/main/binary-all/horde3_3.0.4-4sarge7_all.deb oldstable/main/source/horde3_3.0.4-4sarge7.diff.gz horde3 (3.0.4-4sarge7) oldstable-security; urgency=high * Fix arbitrary file inclusion through abuse of the theme preference (see CVE-2008-1284 for more informations). (Closes: #470640) oldstable/main/binary-sparc/gs-gpl_8.01-6_sparc.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-s390/gs-gpl_8.01-6_s390.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-powerpc/gs-gpl_8.01-6_powerpc.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-mipsel/gs-gpl_8.01-6_mipsel.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-mips/gs-gpl_8.01-6_mips.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-m68k/gs-gpl_8.01-6_m68k.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-ia64/gs-gpl_8.01-6_ia64.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-hppa/gs-gpl_8.01-6_hppa.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-arm/gs-gpl_8.01-6_arm.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-amd64/gs-gpl_8.01-6_amd64.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-alpha/gs-gpl_8.01-6_alpha.deb gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-i386/gs-gpl_8.01-6_i386.deb oldstable/main/source/gs-gpl_8.01-6.diff.gz oldstable/main/binary-all/gs_8.01-6_all.deb oldstable/main/source/gs-gpl_8.01-6.dsc gs-gpl (8.01-6) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-sparc/gs-esp_7.07.1-9sarge1_sparc.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-s390/gs-esp_7.07.1-9sarge1_s390.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-powerpc/gs-esp_7.07.1-9sarge1_powerpc.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-mipsel/gs-esp_7.07.1-9sarge1_mipsel.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-mips/gs-esp_7.07.1-9sarge1_mips.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-m68k/gs-esp_7.07.1-9sarge1_m68k.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-ia64/gs-esp_7.07.1-9sarge1_ia64.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-hppa/gs-esp_7.07.1-9sarge1_hppa.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-arm/gs-esp_7.07.1-9sarge1_arm.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-amd64/gs-esp_7.07.1-9sarge1_amd64.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-alpha/gs-esp_7.07.1-9sarge1_alpha.deb gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-i386/gs-esp_7.07.1-9sarge1_i386.deb oldstable/main/source/gs-esp_7.07.1-9sarge1.dsc oldstable/main/source/gs-esp_7.07.1-9sarge1.diff.gz gs-esp (7.07.1-9sarge1) oldstable-security; urgency=high * Fix CVE-2008-0411 oldstable/main/binary-all/gforge-web-apache_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-lists-mailman_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-ftp-proftpd_3.1-31sarge5_all.deb oldstable/main/source/gforge_3.1-31sarge5.diff.gz oldstable/main/source/gforge_3.1-31sarge5.dsc oldstable/main/binary-all/gforge-sourceforge-transition_3.1-31sarge5_all.deb oldstable/main/binary-all/sourceforge_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-mta-exim4_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-db-postgresql_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-common_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-dns-bind9_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-cvs_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-mta-exim_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-shell-ldap_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-mta-postfix_3.1-31sarge5_all.deb oldstable/main/binary-all/gforge-ldap-openldap_3.1-31sarge5_all.deb gforge (3.1-31sarge5) oldstable-security; urgency=high * Fixed SQL injection vulnerability due to insufficient input sanitizing (CVE-2008-0173). oldstable/main/binary-sparc/libflac6_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/liboggflac++0c102_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/flac_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/libflac++4_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/libflac++-dev_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/xmms-flac_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/liboggflac++-dev_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/liboggflac1_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/liboggflac-dev_1.1.1-5sarge1_sparc.deb oldstable/main/binary-sparc/libflac-dev_1.1.1-5sarge1_sparc.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-s390/liboggflac-dev_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/xmms-flac_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/liboggflac++0c102_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/libflac-dev_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/liboggflac1_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/flac_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/libflac6_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/liboggflac++-dev_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/libflac++-dev_1.1.1-5sarge1_s390.deb oldstable/main/binary-s390/libflac++4_1.1.1-5sarge1_s390.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-powerpc/libflac6_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/libflac-dev_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/flac_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/liboggflac1_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/liboggflac-dev_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/liboggflac++-dev_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/libflac++4_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/xmms-flac_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/liboggflac++0c102_1.1.1-5sarge1_powerpc.deb oldstable/main/binary-powerpc/libflac++-dev_1.1.1-5sarge1_powerpc.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-mipsel/liboggflac-dev_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/liboggflac++0c102_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/liboggflac1_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/libflac++4_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/libflac6_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/libflac-dev_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/liboggflac++-dev_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/libflac++-dev_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/flac_1.1.1-5sarge1_mipsel.deb oldstable/main/binary-mipsel/xmms-flac_1.1.1-5sarge1_mipsel.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-mips/liboggflac++0c102_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/liboggflac1_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/libflac6_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/liboggflac-dev_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/libflac++4_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/xmms-flac_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/flac_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/libflac++-dev_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/libflac-dev_1.1.1-5sarge1_mips.deb oldstable/main/binary-mips/liboggflac++-dev_1.1.1-5sarge1_mips.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-m68k/flac_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/libflac++-dev_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/liboggflac-dev_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/liboggflac1_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/liboggflac++0c102_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/liboggflac++-dev_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/libflac-dev_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/xmms-flac_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/libflac6_1.1.1-5sarge1_m68k.deb oldstable/main/binary-m68k/libflac++4_1.1.1-5sarge1_m68k.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-ia64/libflac6_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/libflac++-dev_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/xmms-flac_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/libflac-dev_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/liboggflac++0c102_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/liboggflac-dev_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/liboggflac1_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/libflac++4_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/liboggflac++-dev_1.1.1-5sarge1_ia64.deb oldstable/main/binary-ia64/flac_1.1.1-5sarge1_ia64.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-hppa/liboggflac-dev_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/libflac-dev_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/liboggflac++-dev_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/libflac++-dev_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/liboggflac++0c102_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/libflac++4_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/liboggflac1_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/libflac6_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/xmms-flac_1.1.1-5sarge1_hppa.deb oldstable/main/binary-hppa/flac_1.1.1-5sarge1_hppa.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-arm/liboggflac++-dev_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/liboggflac1_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/libflac++4_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/flac_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/xmms-flac_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/liboggflac++0c102_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/libflac++-dev_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/liboggflac-dev_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/libflac6_1.1.1-5sarge1_arm.deb oldstable/main/binary-arm/libflac-dev_1.1.1-5sarge1_arm.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-amd64/liboggflac1_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/libflac++4_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/liboggflac++-dev_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/libflac++-dev_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/liboggflac++0c102_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/flac_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/libflac6_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/libflac-dev_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/xmms-flac_1.1.1-5sarge1_amd64.deb oldstable/main/binary-amd64/liboggflac-dev_1.1.1-5sarge1_amd64.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-alpha/xmms-flac_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/liboggflac-dev_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/libflac6_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/liboggflac++0c102_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/liboggflac1_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/flac_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/liboggflac++-dev_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/libflac-dev_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/libflac++4_1.1.1-5sarge1_alpha.deb oldstable/main/binary-alpha/libflac++-dev_1.1.1-5sarge1_alpha.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/binary-i386/liboggflac-dev_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/libflac6_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/libflac-dev_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/flac_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/libflac++4_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/liboggflac++-dev_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/liboggflac1_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/libflac++-dev_1.1.1-5sarge1_i386.deb oldstable/main/source/flac_1.1.1-5sarge1.diff.gz oldstable/main/source/flac_1.1.1-5sarge1.dsc oldstable/main/binary-i386/xmms-flac_1.1.1-5sarge1_i386.deb oldstable/main/binary-i386/liboggflac++0c102_1.1.1-5sarge1_i386.deb flac (1.1.1-5sarge1) oldstable-security; urgency=high * Fix several vulnerabilities. oldstable/main/source/fai-kernels_1.9.1sarge7.1.tar.gz oldstable/main/source/fai-kernels_1.9.1sarge7.1.dsc oldstable/main/binary-i386/fai-kernels_1.9.1sarge7.1_i386.deb fai-kernels (1.9.1sarge7.1) oldstable; urgency=high * Build against kernel-tree-2.6.8-17sarge1: * compat_sys_mount-NULL-data_page.dpatch [SECURITY] Fix oops in compat_sys_mount triggered by NULL data_page See CVE-2006-7203 * pppoe-socket-release-mem-leak.dpatch [SECURITY] fix unpriveleged memory leak when a PPPoE socket is released after connect but before PPPIOCGCHAN ioctl is called upon it See CVE-2007-2525 * dn_fib-out-of-bounds.dpatch, ipv4-fib_props-out-of-bounds.dpatch [SECURITY] Fix out of bounds condition in dn_fib_props[] See CVE-2007-2172 * aacraid-ioctl-perm-check.dpatch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 * reset-pdeathsig-on-suid.dpatch [SECURITY] Fix potential privilege escalation caused by improper clearing of the child process' pdeath signal. See CVE-2007-3848 * bluetooth-l2cap-hci-info-leaks.dpatch [SECURITY] Fix information leaks in setsockopt() implementations See CVE-2007-1353 * coredump-only-to-same-uid.dpatch [SECURITY] Fix an issue where core dumping over a file that already exists retains the ownership of the original file See CVE-2007-6206 * i4l-isdn_ioctl-mem-overrun.dpatch [SECURITY] Fix potential isdn ioctl memory overrun See CVE-2007-6151 * cramfs-check-block-length.dpatch [SECURITY] Add a sanity check of the block length in cramfs_readpage to avoid a potential oops condition See CVE-2006-5823 * ext2-skip-pages-past-num-blocks.dpatch [SECURITY] Add some sanity checking for a corrupted i_size in ext2_find_entry() See CVE-2006-6054 * minixfs-printk-hang.dpatch [SECURITY] Rate-limit printks caused by accessing a corrupted minixfs filesystem that would otherwise cause a system to hang (printk storm) See CVE-2006-6058 * isdn-net-overflow.dpatch [SECURITY] Fix potential overflows in the ISDN subsystem See CVE-2007-6063 * prevent-stack-growth-into-hugetlb-region.dpatch [SECURITY] Prevent OOPS during stack expansion when the VMA crosses into address space reserved for hugetlb pages. See CVE-2007-3739 * cifs-honor-umask.dpatch [SECURITY] Make CIFS honor a process' umask See CVE-2007-3740 * hugetlb-prio_tree-unit-fix.dpatch [SECURITY] Fix misconversion of hugetlb_vmtruncate_list to prio_tree which could be used to trigger a BUG_ON() call in exit_mmap. See CVE-2007-4133 * amd64-zero-extend-32bit-ptrace.dpatch [SECURITY] Zero extend all registers after ptrace in 32-bit entry path. See CVE-2007-4573 * usb-pwc-disconnect-block.dpatch [SECURITY] Fix issue with unplugging webcams that use the pwc driver. If userspace still has the device open it can result, the driver would wait for the device to close, blocking the USB subsystem. See CVE-2007-5093 * powerpc-chrp-null-deref.dpatch [SECURITY][powerpc] Fix NULL pointer dereference if get_property fails on the subarchitecture See CVE-2007-6694 * random-bound-check-ordering.dpatch [SECURITY] Fix stack-based buffer overflow in the random number generator See CVE-2007-3105 * mmap-VM_DONTEXPAND.dpatch [SECURITY] Add VM_DONTEXPAND to vm_flags in drivers that register a fault handler but do not bounds check the offset argument See CVE-2008-0007 oldstable/main/binary-sparc/exiftags_0.98-1.1+0sarge1_sparc.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-s390/exiftags_0.98-1.1+0sarge1_s390.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-powerpc/exiftags_0.98-1.1+0sarge1_powerpc.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-mipsel/exiftags_0.98-1.1+0sarge1_mipsel.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-mips/exiftags_0.98-1.1+0sarge1_mips.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-m68k/exiftags_0.98-1.1+0sarge1_m68k.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-ia64/exiftags_0.98-1.1+0sarge1_ia64.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-hppa/exiftags_0.98-1.1+0sarge1_hppa.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-arm/exiftags_0.98-1.1+0sarge1_arm.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-amd64/exiftags_0.98-1.1+0sarge1_amd64.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-alpha/exiftags_0.98-1.1+0sarge1_alpha.deb exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/source/exiftags_0.98-1.1+0sarge1.diff.gz oldstable/main/binary-i386/exiftags_0.98-1.1+0sarge1_i386.deb oldstable/main/source/exiftags_0.98-1.1+0sarge1.dsc exiftags (0.98-1.1+0sarge1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream fixes from v1.01: - CVE-2007-6354, CVE-2007-6355: integer overflow and memory access errors through inadequate EXIF data validation - CVE-2007-6356: recursive IFD references in EXIF data would cause a denial of service via infinite loop oldstable/main/binary-sparc/evolution-dev_2.0.4-2sarge3_sparc.deb oldstable/main/binary-sparc/evolution_2.0.4-2sarge3_sparc.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-s390/evolution-dev_2.0.4-2sarge3_s390.deb oldstable/main/binary-s390/evolution_2.0.4-2sarge3_s390.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-powerpc/evolution-dev_2.0.4-2sarge3_powerpc.deb oldstable/main/binary-powerpc/evolution_2.0.4-2sarge3_powerpc.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-mipsel/evolution_2.0.4-2sarge3_mipsel.deb oldstable/main/binary-mipsel/evolution-dev_2.0.4-2sarge3_mipsel.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-mips/evolution_2.0.4-2sarge3_mips.deb oldstable/main/binary-mips/evolution-dev_2.0.4-2sarge3_mips.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-m68k/evolution-dev_2.0.4-2sarge3_m68k.deb oldstable/main/binary-m68k/evolution_2.0.4-2sarge3_m68k.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-ia64/evolution_2.0.4-2sarge3_ia64.deb oldstable/main/binary-ia64/evolution-dev_2.0.4-2sarge3_ia64.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-hppa/evolution-dev_2.0.4-2sarge3_hppa.deb oldstable/main/binary-hppa/evolution_2.0.4-2sarge3_hppa.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-arm/evolution_2.0.4-2sarge3_arm.deb oldstable/main/binary-arm/evolution-dev_2.0.4-2sarge3_arm.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-amd64/evolution-dev_2.0.4-2sarge3_amd64.deb oldstable/main/binary-amd64/evolution_2.0.4-2sarge3_amd64.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-alpha/evolution-dev_2.0.4-2sarge3_alpha.deb oldstable/main/binary-alpha/evolution_2.0.4-2sarge3_alpha.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/source/evolution_2.0.4-2sarge3.dsc oldstable/main/source/evolution_2.0.4-2sarge3.diff.gz oldstable/main/binary-i386/evolution-dev_2.0.4-2sarge3_i386.deb oldstable/main/binary-i386/evolution_2.0.4-2sarge3_i386.deb evolution (2.0.4-2sarge3) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix Encrypted Message Version Format String Vulnerability (CVE-2008-0072). oldstable/main/binary-sparc/ethereal-common_0.10.10-2sarge11_sparc.deb oldstable/main/binary-sparc/ethereal-dev_0.10.10-2sarge11_sparc.deb oldstable/main/binary-sparc/tethereal_0.10.10-2sarge11_sparc.deb oldstable/main/binary-sparc/ethereal_0.10.10-2sarge11_sparc.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-s390/ethereal-common_0.10.10-2sarge11_s390.deb oldstable/main/binary-s390/ethereal-dev_0.10.10-2sarge11_s390.deb oldstable/main/binary-s390/tethereal_0.10.10-2sarge11_s390.deb oldstable/main/binary-s390/ethereal_0.10.10-2sarge11_s390.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-powerpc/ethereal-common_0.10.10-2sarge11_powerpc.deb oldstable/main/binary-powerpc/ethereal_0.10.10-2sarge11_powerpc.deb oldstable/main/binary-powerpc/tethereal_0.10.10-2sarge11_powerpc.deb oldstable/main/binary-powerpc/ethereal-dev_0.10.10-2sarge11_powerpc.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-mipsel/tethereal_0.10.10-2sarge11_mipsel.deb oldstable/main/binary-mipsel/ethereal-dev_0.10.10-2sarge11_mipsel.deb oldstable/main/binary-mipsel/ethereal_0.10.10-2sarge11_mipsel.deb oldstable/main/binary-mipsel/ethereal-common_0.10.10-2sarge11_mipsel.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-mips/ethereal-common_0.10.10-2sarge11_mips.deb oldstable/main/binary-mips/ethereal_0.10.10-2sarge11_mips.deb oldstable/main/binary-mips/ethereal-dev_0.10.10-2sarge11_mips.deb oldstable/main/binary-mips/tethereal_0.10.10-2sarge11_mips.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-m68k/ethereal_0.10.10-2sarge11_m68k.deb oldstable/main/binary-m68k/ethereal-common_0.10.10-2sarge11_m68k.deb oldstable/main/binary-m68k/tethereal_0.10.10-2sarge11_m68k.deb oldstable/main/binary-m68k/ethereal-dev_0.10.10-2sarge11_m68k.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-ia64/ethereal-dev_0.10.10-2sarge11_ia64.deb oldstable/main/binary-ia64/tethereal_0.10.10-2sarge11_ia64.deb oldstable/main/binary-ia64/ethereal_0.10.10-2sarge11_ia64.deb oldstable/main/binary-ia64/ethereal-common_0.10.10-2sarge11_ia64.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-hppa/ethereal-dev_0.10.10-2sarge11_hppa.deb oldstable/main/binary-hppa/ethereal-common_0.10.10-2sarge11_hppa.deb oldstable/main/binary-hppa/tethereal_0.10.10-2sarge11_hppa.deb oldstable/main/binary-hppa/ethereal_0.10.10-2sarge11_hppa.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-arm/ethereal-common_0.10.10-2sarge11_arm.deb oldstable/main/binary-arm/ethereal-dev_0.10.10-2sarge11_arm.deb oldstable/main/binary-arm/tethereal_0.10.10-2sarge11_arm.deb oldstable/main/binary-arm/ethereal_0.10.10-2sarge11_arm.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-amd64/ethereal_0.10.10-2sarge11_amd64.deb oldstable/main/binary-amd64/ethereal-common_0.10.10-2sarge11_amd64.deb oldstable/main/binary-amd64/tethereal_0.10.10-2sarge11_amd64.deb oldstable/main/binary-amd64/ethereal-dev_0.10.10-2sarge11_amd64.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-alpha/ethereal-common_0.10.10-2sarge11_alpha.deb oldstable/main/binary-alpha/ethereal_0.10.10-2sarge11_alpha.deb oldstable/main/binary-alpha/tethereal_0.10.10-2sarge11_alpha.deb oldstable/main/binary-alpha/ethereal-dev_0.10.10-2sarge11_alpha.deb ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-i386/tethereal_0.10.10-2sarge11_i386.deb oldstable/main/source/ethereal_0.10.10-2sarge11.diff.gz oldstable/main/binary-i386/ethereal-dev_0.10.10-2sarge11_i386.deb oldstable/main/binary-i386/ethereal_0.10.10-2sarge11_i386.deb oldstable/main/binary-i386/ethereal-common_0.10.10-2sarge11_i386.deb oldstable/main/source/ethereal_0.10.10-2sarge11.dsc ethereal (0.10.10-2sarge11) oldstable-security; urgency=high * Backport two further security fixes from 0.99.7 reported later: CVE-2007-6450, CVE-2007-6451 oldstable/main/binary-sparc/eggdrop_1.6.17-3sarge1_sparc.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-s390/eggdrop_1.6.17-3sarge1_s390.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-powerpc/eggdrop_1.6.17-3sarge1_powerpc.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-mipsel/eggdrop_1.6.17-3sarge1_mipsel.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-mips/eggdrop_1.6.17-3sarge1_mips.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-m68k/eggdrop_1.6.17-3sarge1_m68k.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-ia64/eggdrop_1.6.17-3sarge1_ia64.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-hppa/eggdrop_1.6.17-3sarge1_hppa.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-arm/eggdrop_1.6.17-3sarge1_arm.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-amd64/eggdrop_1.6.17-3sarge1_amd64.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-alpha/eggdrop_1.6.17-3sarge1_alpha.deb eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/binary-all/eggdrop-data_1.6.17-3sarge1_all.deb oldstable/main/source/eggdrop_1.6.17-3sarge1.dsc oldstable/main/binary-i386/eggdrop_1.6.17-3sarge1_i386.deb oldstable/main/source/eggdrop_1.6.17-3sarge1.diff.gz eggdrop (1.6.17-3sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix stack based buffer-overflow in mod/server.mod/servrmsg.c, which allows user-assisted, remote IRC servers to execute arbitrary code via a long private message Fixes: CVE-2007-2807 oldstable/main/source/debian-goodies_0.23+sarge1.tar.gz oldstable/main/source/debian-goodies_0.23+sarge1.dsc oldstable/main/binary-all/debian-goodies_0.23+sarge1_all.deb debian-goodies (0.23+sarge1) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix security bug that enables users to generate files in the filesystem with shell metacharacters and have the checkrestart script run external code (as root, since the script will only run as admin). (CVE-2007-3912, closes: 440411) oldstable/main/source/backup-manager_0.5.7-1sarge2.dsc oldstable/main/binary-all/backup-manager_0.5.7-1sarge2_all.deb oldstable/main/source/backup-manager_0.5.7-1sarge2.diff.gz backup-manager (0.5.7-1sarge2) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Fix FTP password disclosure during FTP uploads, based on maintainer-supplied patch. Closes: #439392. CVE-2007-4656 oldstable/main/binary-i386/alsa-modules-2.4-386_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4-686-smp_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4-k7_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4.27-3-k6_1.0.8+2sarge1.1_i386.deb oldstable/main/source/alsa-modules-i386_1.0.8+2sarge1.1.dsc oldstable/main/binary-i386/alsa-modules-2.4.27-3-k7-smp_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4-686_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4.27-3-386_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4-586tsc_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4.27-3-686-smp_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4-k6_1.0.8+2sarge1.1_i386.deb oldstable/main/source/alsa-modules-i386_1.0.8+2sarge1.1.tar.gz oldstable/main/binary-i386/alsa-modules-2.4.27-3-k7_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4-k7-smp_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4.27-3-686_1.0.8+2sarge1.1_i386.deb oldstable/main/binary-i386/alsa-modules-2.4.27-3-586tsc_1.0.8+2sarge1.1_i386.deb alsa-modules-i386 (1.0.8+2sarge1.1) oldstable; urgency=high * Rebuild against alsa-driver_1.0.8-7sarge1: * NMU by the Security Team * 20_snd-page-alloc-leak.dpatch: Fix an issue in the alsa subsystem that allows a local user to read potentially sensitive kernel memory from the proc filesystem. See CVE-2007-4571 oldstable/main/source/alsa-driver_1.0.8-7sarge1.dsc oldstable/main/source/alsa-driver_1.0.8-7sarge1.diff.gz oldstable/main/binary-all/alsa-source_1.0.8-7sarge1_all.deb oldstable/main/binary-all/alsa-base_1.0.8-7sarge1_all.deb oldstable/main/binary-all/alsa-headers_1.0.8-7sarge1_all.deb alsa-driver (1.0.8-7sarge1) oldstable-security; urgency=high * NMU by the Security Team * 20_snd-page-alloc-leak.dpatch: Fix an issue in the alsa subsystem that allows a local user to read potentially sensitive kernel memory from the proc filesystem. See CVE-2007-4571 Removals: flyspray | 0.9.7-2.1 | source, all Closed bugs: 459345 ------------------- Reason ------------------- RoM: security nightmare, unsupported upstream, not in unstable anymore ---------------------------------------------- flashplugin-nonfree | 7.0.25-5 | source, i386 Closed bugs: 473556 ------------------- Reason ------------------- RoSRM; security nightmare ---------------------------------------------- ========================================= Thu, 27 Dec 2007 - Debian 3.1r7 released ========================================= oldstable/main/binary-arm/adesklets_0.4.7-1_arm.deb adesklets (0.4.7-1) unstable; urgency=low * New upstream release. oldstable/main/binary-mipsel/agenda.app_0.1-2_mipsel.deb agenda.app (0.1-2) unstable; urgency=low * Updated debian/control build-depends for GNUstep 0.9.4. * Renamed source package to agenda.app. * Fixed debian/copyright. oldstable/main/binary-arm/libantlr-dev_2.7.2-6_arm.deb antlr (2.7.2-6) unstable; urgency=low * changed debhelper compatibility level to 4 * added versioned dependency on debhelper oldstable/main/binary-alpha/apache2-common_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/apache2-utils_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/apache2-mpm-worker_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/apache2-mpm-perchild_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/apache2-mpm-prefork_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/apache2-prefork-dev_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/apache2-threaded-dev_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/libapr0_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/libapr0-dev_2.0.54-5sarge2_alpha.deb oldstable/main/binary-alpha/apache2_2.0.54-5sarge2_alpha.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-arm/apache2-common_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/apache2-utils_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/apache2-mpm-worker_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/apache2-mpm-perchild_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/apache2-mpm-prefork_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/apache2-prefork-dev_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/apache2-threaded-dev_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/libapr0_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/libapr0-dev_2.0.54-5sarge2_arm.deb oldstable/main/binary-arm/apache2_2.0.54-5sarge2_arm.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-hppa/apache2-common_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/apache2-utils_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/apache2-mpm-worker_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/apache2-mpm-perchild_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/apache2-mpm-prefork_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/apache2-prefork-dev_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/apache2-threaded-dev_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/libapr0_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/libapr0-dev_2.0.54-5sarge2_hppa.deb oldstable/main/binary-hppa/apache2_2.0.54-5sarge2_hppa.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/source/apache2_2.0.54-5sarge2.dsc oldstable/main/source/apache2_2.0.54-5sarge2.diff.gz oldstable/main/binary-all/apache2-mpm-threadpool_2.0.54-5sarge2_all.deb oldstable/main/binary-all/apache2-doc_2.0.54-5sarge2_all.deb oldstable/main/binary-i386/apache2-common_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/apache2-utils_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/apache2-mpm-worker_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/apache2-mpm-perchild_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/apache2-mpm-prefork_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/apache2-prefork-dev_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/apache2-threaded-dev_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/libapr0_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/libapr0-dev_2.0.54-5sarge2_i386.deb oldstable/main/binary-i386/apache2_2.0.54-5sarge2_i386.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-ia64/apache2-common_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/apache2-utils_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/apache2-mpm-worker_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/apache2-mpm-perchild_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/apache2-mpm-prefork_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/apache2-prefork-dev_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/apache2-threaded-dev_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/libapr0_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/libapr0-dev_2.0.54-5sarge2_ia64.deb oldstable/main/binary-ia64/apache2_2.0.54-5sarge2_ia64.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-m68k/apache2-common_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/apache2-utils_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/apache2-mpm-worker_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/apache2-mpm-perchild_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/apache2-mpm-prefork_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/apache2-prefork-dev_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/apache2-threaded-dev_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/libapr0_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/libapr0-dev_2.0.54-5sarge2_m68k.deb oldstable/main/binary-m68k/apache2_2.0.54-5sarge2_m68k.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-mips/apache2-common_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/apache2-utils_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/apache2-mpm-worker_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/apache2-mpm-perchild_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/apache2-mpm-prefork_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/apache2-prefork-dev_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/apache2-threaded-dev_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/libapr0_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/libapr0-dev_2.0.54-5sarge2_mips.deb oldstable/main/binary-mips/apache2_2.0.54-5sarge2_mips.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-mipsel/apache2-common_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/apache2-utils_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/apache2-mpm-worker_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/apache2-mpm-perchild_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/apache2-mpm-prefork_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/apache2-prefork-dev_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/apache2-threaded-dev_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/libapr0_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/libapr0-dev_2.0.54-5sarge2_mipsel.deb oldstable/main/binary-mipsel/apache2_2.0.54-5sarge2_mipsel.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-powerpc/apache2-common_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/apache2-utils_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/apache2-mpm-worker_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/apache2-mpm-perchild_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/apache2-mpm-prefork_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/apache2-prefork-dev_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/apache2-threaded-dev_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/libapr0_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/libapr0-dev_2.0.54-5sarge2_powerpc.deb oldstable/main/binary-powerpc/apache2_2.0.54-5sarge2_powerpc.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-s390/apache2-common_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/apache2-utils_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/apache2-mpm-worker_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/apache2-mpm-perchild_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/apache2-mpm-prefork_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/apache2-prefork-dev_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/apache2-threaded-dev_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/libapr0_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/libapr0-dev_2.0.54-5sarge2_s390.deb oldstable/main/binary-s390/apache2_2.0.54-5sarge2_s390.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-sparc/apache2-common_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/apache2-utils_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/apache2-mpm-worker_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/apache2-mpm-perchild_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/apache2-mpm-prefork_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/apache2-prefork-dev_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/apache2-threaded-dev_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/libapr0_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/libapr0-dev_2.0.54-5sarge2_sparc.deb oldstable/main/binary-sparc/apache2_2.0.54-5sarge2_sparc.deb apache2 (2.0.54-5sarge2) oldstable-proposed-updates; urgency=low * Fix some less critical security issues: * Denial of service for threaded MPMs: - CVE-2005-2970: mpm_worker memory leak - CVE-2005-3357: mod_ssl with custom errorpage - CVE-2007-1863: mod_cache * Cross site scripting: - CVE-2005-3352: mod_imap - CVE-2006-3918: via Expect header - CVE-2006-5752: mod_status * Add check for scoreboard PID protection (CVE-2007-3304) oldstable/main/binary-alpha/asterisk_1.0.7.dfsg.1-2sarge5_alpha.deb oldstable/main/binary-alpha/asterisk-h323_1.0.7.dfsg.1-2sarge5_alpha.deb oldstable/main/binary-alpha/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_alpha.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-amd64/asterisk_1.0.7.dfsg.1-2sarge5_amd64.deb oldstable/main/binary-amd64/asterisk-h323_1.0.7.dfsg.1-2sarge5_amd64.deb oldstable/main/binary-amd64/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_amd64.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-arm/asterisk_1.0.7.dfsg.1-2sarge5_arm.deb oldstable/main/binary-arm/asterisk-h323_1.0.7.dfsg.1-2sarge5_arm.deb oldstable/main/binary-arm/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_arm.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-hppa/asterisk_1.0.7.dfsg.1-2sarge5_hppa.deb oldstable/main/binary-hppa/asterisk-h323_1.0.7.dfsg.1-2sarge5_hppa.deb oldstable/main/binary-hppa/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_hppa.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/source/asterisk_1.0.7.dfsg.1-2sarge5.dsc oldstable/main/source/asterisk_1.0.7.dfsg.1-2sarge5.diff.gz oldstable/main/binary-all/asterisk-doc_1.0.7.dfsg.1-2sarge5_all.deb oldstable/main/binary-all/asterisk-dev_1.0.7.dfsg.1-2sarge5_all.deb oldstable/main/binary-all/asterisk-sounds-main_1.0.7.dfsg.1-2sarge5_all.deb oldstable/main/binary-all/asterisk-web-vmail_1.0.7.dfsg.1-2sarge5_all.deb oldstable/main/binary-all/asterisk-config_1.0.7.dfsg.1-2sarge5_all.deb oldstable/main/binary-i386/asterisk_1.0.7.dfsg.1-2sarge5_i386.deb oldstable/main/binary-i386/asterisk-h323_1.0.7.dfsg.1-2sarge5_i386.deb oldstable/main/binary-i386/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_i386.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-ia64/asterisk_1.0.7.dfsg.1-2sarge5_ia64.deb oldstable/main/binary-ia64/asterisk-h323_1.0.7.dfsg.1-2sarge5_ia64.deb oldstable/main/binary-ia64/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_ia64.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-m68k/asterisk_1.0.7.dfsg.1-2sarge5_m68k.deb oldstable/main/binary-m68k/asterisk-h323_1.0.7.dfsg.1-2sarge5_m68k.deb oldstable/main/binary-m68k/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_m68k.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-mips/asterisk_1.0.7.dfsg.1-2sarge5_mips.deb oldstable/main/binary-mips/asterisk-h323_1.0.7.dfsg.1-2sarge5_mips.deb oldstable/main/binary-mips/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_mips.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-mipsel/asterisk_1.0.7.dfsg.1-2sarge5_mipsel.deb oldstable/main/binary-mipsel/asterisk-h323_1.0.7.dfsg.1-2sarge5_mipsel.deb oldstable/main/binary-mipsel/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_mipsel.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-powerpc/asterisk_1.0.7.dfsg.1-2sarge5_powerpc.deb oldstable/main/binary-powerpc/asterisk-h323_1.0.7.dfsg.1-2sarge5_powerpc.deb oldstable/main/binary-powerpc/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_powerpc.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-s390/asterisk_1.0.7.dfsg.1-2sarge5_s390.deb oldstable/main/binary-s390/asterisk-h323_1.0.7.dfsg.1-2sarge5_s390.deb oldstable/main/binary-s390/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_s390.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-sparc/asterisk_1.0.7.dfsg.1-2sarge5_sparc.deb oldstable/main/binary-sparc/asterisk-h323_1.0.7.dfsg.1-2sarge5_sparc.deb oldstable/main/binary-sparc/asterisk-gtk-console_1.0.7.dfsg.1-2sarge5_sparc.deb asterisk (1:1.0.7.dfsg.1-2sarge5) oldstable-security; urgency=high * Add myself to Uploaders to mark this as a maintainer upload. * Multiple upstream security fixes: - channels/chan_sip.c: Only try to handle a response if it has a response code. (ASA-2007-011, CVE-2007-1594, CVE-2007-2297) - manager.c: Don't crash if a manager connection provides a username that exists in manager.conf but does not have a password, and also requests MD5 authentication. (ASA-2007-012, CVE-2007-2294) - channels/iax2-parser.h, channels/chan_iax2.c, channels/iax2-parser.c: Ensure that when encoding the contents of an ast_frame into an iax_frame, that the size of the destination buffer is known in the iax_frame so that code won't write past the end of the allocated buffer when sending outgoing frames. (ASA-2007-014, CVE-2007-3762) - channels/chan_iax2.c: if a text frame is sent with no terminating NULL through a bridged IAX connection, the remote end will receive garbage characters tacked onto the end. (CVE-2007-2488) - channels/chan_iax2.c: After parsing information elements in IAX frames, set the data length to zero, so that code later on does not think it has data to copy. (ASA-2007-015, CVE-2007-3763) oldstable/main/binary-alpha/asterisk_1.0.7.dfsg.1-2sarge6_alpha.deb oldstable/main/binary-alpha/asterisk-h323_1.0.7.dfsg.1-2sarge6_alpha.deb oldstable/main/binary-alpha/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_alpha.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-amd64/asterisk_1.0.7.dfsg.1-2sarge6_amd64.deb oldstable/main/binary-amd64/asterisk-h323_1.0.7.dfsg.1-2sarge6_amd64.deb oldstable/main/binary-amd64/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_amd64.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-arm/asterisk_1.0.7.dfsg.1-2sarge6_arm.deb oldstable/main/binary-arm/asterisk-h323_1.0.7.dfsg.1-2sarge6_arm.deb oldstable/main/binary-arm/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_arm.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-hppa/asterisk_1.0.7.dfsg.1-2sarge6_hppa.deb oldstable/main/binary-hppa/asterisk-h323_1.0.7.dfsg.1-2sarge6_hppa.deb oldstable/main/binary-hppa/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_hppa.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/source/asterisk_1.0.7.dfsg.1-2sarge6.dsc oldstable/main/source/asterisk_1.0.7.dfsg.1-2sarge6.diff.gz oldstable/main/binary-all/asterisk-doc_1.0.7.dfsg.1-2sarge6_all.deb oldstable/main/binary-all/asterisk-dev_1.0.7.dfsg.1-2sarge6_all.deb oldstable/main/binary-all/asterisk-sounds-main_1.0.7.dfsg.1-2sarge6_all.deb oldstable/main/binary-all/asterisk-web-vmail_1.0.7.dfsg.1-2sarge6_all.deb oldstable/main/binary-all/asterisk-config_1.0.7.dfsg.1-2sarge6_all.deb oldstable/main/binary-i386/asterisk_1.0.7.dfsg.1-2sarge6_i386.deb oldstable/main/binary-i386/asterisk-h323_1.0.7.dfsg.1-2sarge6_i386.deb oldstable/main/binary-i386/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_i386.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-ia64/asterisk_1.0.7.dfsg.1-2sarge6_ia64.deb oldstable/main/binary-ia64/asterisk-h323_1.0.7.dfsg.1-2sarge6_ia64.deb oldstable/main/binary-ia64/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_ia64.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-m68k/asterisk_1.0.7.dfsg.1-2sarge6_m68k.deb oldstable/main/binary-m68k/asterisk-h323_1.0.7.dfsg.1-2sarge6_m68k.deb oldstable/main/binary-m68k/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_m68k.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-mips/asterisk_1.0.7.dfsg.1-2sarge6_mips.deb oldstable/main/binary-mips/asterisk-h323_1.0.7.dfsg.1-2sarge6_mips.deb oldstable/main/binary-mips/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_mips.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-mipsel/asterisk_1.0.7.dfsg.1-2sarge6_mipsel.deb oldstable/main/binary-mipsel/asterisk-h323_1.0.7.dfsg.1-2sarge6_mipsel.deb oldstable/main/binary-mipsel/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_mipsel.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-powerpc/asterisk_1.0.7.dfsg.1-2sarge6_powerpc.deb oldstable/main/binary-powerpc/asterisk-h323_1.0.7.dfsg.1-2sarge6_powerpc.deb oldstable/main/binary-powerpc/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_powerpc.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-s390/asterisk_1.0.7.dfsg.1-2sarge6_s390.deb oldstable/main/binary-s390/asterisk-h323_1.0.7.dfsg.1-2sarge6_s390.deb oldstable/main/binary-s390/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_s390.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-sparc/asterisk_1.0.7.dfsg.1-2sarge6_sparc.deb oldstable/main/binary-sparc/asterisk-h323_1.0.7.dfsg.1-2sarge6_sparc.deb oldstable/main/binary-sparc/asterisk-gtk-console_1.0.7.dfsg.1-2sarge6_sparc.deb asterisk (1:1.0.7.dfsg.1-2sarge6) oldstable-security; urgency=high * cdr/cdr_pgsql.c: properly escape src and dst to avoid SQL injections (AST-2007-026). oldstable/main/binary-alpha/asterisk-app-fax_0.0.20050203-4_alpha.deb oldstable/main/binary-alpha/asterisk-app-dtmftotext_0.0.20050203-4_alpha.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-arm/asterisk-app-fax_0.0.20050203-4_arm.deb oldstable/main/binary-arm/asterisk-app-dtmftotext_0.0.20050203-4_arm.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-hppa/asterisk-app-fax_0.0.20050203-4_hppa.deb oldstable/main/binary-hppa/asterisk-app-dtmftotext_0.0.20050203-4_hppa.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-ia64/asterisk-app-fax_0.0.20050203-4_ia64.deb oldstable/main/binary-ia64/asterisk-app-dtmftotext_0.0.20050203-4_ia64.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-m68k/asterisk-app-fax_0.0.20050203-4_m68k.deb oldstable/main/binary-m68k/asterisk-app-dtmftotext_0.0.20050203-4_m68k.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-mips/asterisk-app-fax_0.0.20050203-4_mips.deb oldstable/main/binary-mips/asterisk-app-dtmftotext_0.0.20050203-4_mips.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-mipsel/asterisk-app-fax_0.0.20050203-4_mipsel.deb oldstable/main/binary-mipsel/asterisk-app-dtmftotext_0.0.20050203-4_mipsel.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-powerpc/asterisk-app-fax_0.0.20050203-4_powerpc.deb oldstable/main/binary-powerpc/asterisk-app-dtmftotext_0.0.20050203-4_powerpc.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-s390/asterisk-app-fax_0.0.20050203-4_s390.deb oldstable/main/binary-s390/asterisk-app-dtmftotext_0.0.20050203-4_s390.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-sparc/asterisk-app-fax_0.0.20050203-4_sparc.deb oldstable/main/binary-sparc/asterisk-app-dtmftotext_0.0.20050203-4_sparc.deb asterisk-spandsp-plugins (0.0.20050203-4) testing; urgency=low * Fix Build-Dependency problem in Sarge. (Closes: #311008) oldstable/main/binary-arm/atomix_1.1.2-1_arm.deb atomix (1.1.2-1) unstable; urgency=medium * New upstream release * debian/copyright: - Fixed plural ("Upstream Author" -> "Upstream Authors") * debian/rules: - Included simple-patchsys.mk from CDBS - Made dh_fixperms ignore /usr/games, in order not to mess with the executable's permissions - Moved creation of scores file to postinst, so that we do not override it on every single upgrade * debian/patches: - 00_amd64_gcc4_ftbfs.patch: apply patch from Andreas Jochens to fix FTBFS on amd64 with gcc 4 (Closes: #301776). Thanks! oldstable/main/source/base-config_2.53.10.3.dsc oldstable/main/source/base-config_2.53.10.3.tar.gz oldstable/main/binary-all/base-config_2.53.10.3_all.deb base-config (2.53.10.3) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Update translations with thanks to translators. * Add myself to uploaders. oldstable/main/base-installer_1.13.4sarge3_alpha.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_arm.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_hppa.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/source/base-installer_1.13.4sarge3.dsc oldstable/main/source/base-installer_1.13.4sarge3.tar.gz oldstable/main/base-installer_1.13.4sarge3_i386.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_ia64.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_m68k.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_mips.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_mipsel.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_powerpc.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_s390.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/base-installer_1.13.4sarge3_sparc.udeb base-installer (1.13.4sarge3) oldstable; urgency=low * Revert hack in last version as rootskel has now been updated for the kernels to be released with Sarge 3.1r7. oldstable/main/binary-arm/bazaar_1.1.1-1_arm.deb bazaar (1.1.1-1) unstable; urgency=low * Initial Debian Release. oldstable/main/binary-alpha/bind9_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/bind9-host_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/libbind-dev_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/libdns16_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/libisc7_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/liblwres1_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/libisccc0_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/libisccfg0_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/dnsutils_9.2.4-1sarge3_alpha.deb oldstable/main/binary-alpha/lwresd_9.2.4-1sarge3_alpha.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-arm/bind9_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/bind9-host_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/libbind-dev_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/libdns16_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/libisc7_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/liblwres1_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/libisccc0_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/libisccfg0_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/dnsutils_9.2.4-1sarge3_arm.deb oldstable/main/binary-arm/lwresd_9.2.4-1sarge3_arm.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-hppa/bind9_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/bind9-host_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/libbind-dev_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/libdns16_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/libisc7_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/liblwres1_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/libisccc0_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/libisccfg0_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/dnsutils_9.2.4-1sarge3_hppa.deb oldstable/main/binary-hppa/lwresd_9.2.4-1sarge3_hppa.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/source/bind9_9.2.4-1sarge3.dsc oldstable/main/source/bind9_9.2.4-1sarge3.diff.gz oldstable/main/binary-all/bind9-doc_9.2.4-1sarge3_all.deb oldstable/main/binary-i386/bind9_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/bind9-host_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/libbind-dev_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/libdns16_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/libisc7_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/liblwres1_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/libisccc0_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/libisccfg0_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/dnsutils_9.2.4-1sarge3_i386.deb oldstable/main/binary-i386/lwresd_9.2.4-1sarge3_i386.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-ia64/bind9_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/bind9-host_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/libbind-dev_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/libdns16_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/libisc7_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/liblwres1_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/libisccc0_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/libisccfg0_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/dnsutils_9.2.4-1sarge3_ia64.deb oldstable/main/binary-ia64/lwresd_9.2.4-1sarge3_ia64.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-m68k/bind9_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/bind9-host_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/libbind-dev_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/libdns16_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/libisc7_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/liblwres1_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/libisccc0_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/libisccfg0_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/dnsutils_9.2.4-1sarge3_m68k.deb oldstable/main/binary-m68k/lwresd_9.2.4-1sarge3_m68k.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-mips/bind9_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/bind9-host_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/libbind-dev_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/libdns16_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/libisc7_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/liblwres1_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/libisccc0_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/libisccfg0_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/dnsutils_9.2.4-1sarge3_mips.deb oldstable/main/binary-mips/lwresd_9.2.4-1sarge3_mips.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-mipsel/bind9_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/bind9-host_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/libbind-dev_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/libdns16_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/libisc7_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/liblwres1_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/libisccc0_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/libisccfg0_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/dnsutils_9.2.4-1sarge3_mipsel.deb oldstable/main/binary-mipsel/lwresd_9.2.4-1sarge3_mipsel.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-powerpc/bind9_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/bind9-host_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/libbind-dev_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/libdns16_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/libisc7_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/liblwres1_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/libisccc0_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/libisccfg0_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/dnsutils_9.2.4-1sarge3_powerpc.deb oldstable/main/binary-powerpc/lwresd_9.2.4-1sarge3_powerpc.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-s390/bind9_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/bind9-host_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/libbind-dev_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/libdns16_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/libisc7_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/liblwres1_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/libisccc0_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/libisccfg0_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/dnsutils_9.2.4-1sarge3_s390.deb oldstable/main/binary-s390/lwresd_9.2.4-1sarge3_s390.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-sparc/bind9_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/bind9-host_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/libbind-dev_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/libdns16_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/libisc7_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/liblwres1_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/libisccc0_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/libisccfg0_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/dnsutils_9.2.4-1sarge3_sparc.deb oldstable/main/binary-sparc/lwresd_9.2.4-1sarge3_sparc.deb bind9 (1:9.2.4-1sarge3) oldstable-security; urgency=high * Backport fix for CVE-2007-2926 oldstable/main/binary-alpha/bochs_2.1.1+20041109-3sarge1_alpha.deb oldstable/main/binary-alpha/bochs-wx_2.1.1+20041109-3sarge1_alpha.deb oldstable/main/binary-alpha/bochs-sdl_2.1.1+20041109-3sarge1_alpha.deb oldstable/main/binary-alpha/bochs-term_2.1.1+20041109-3sarge1_alpha.deb oldstable/main/binary-alpha/bochs-x_2.1.1+20041109-3sarge1_alpha.deb oldstable/main/binary-alpha/bximage_2.1.1+20041109-3sarge1_alpha.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-arm/bochs_2.1.1+20041109-3sarge1_arm.deb oldstable/main/binary-arm/bochs-wx_2.1.1+20041109-3sarge1_arm.deb oldstable/main/binary-arm/bochs-sdl_2.1.1+20041109-3sarge1_arm.deb oldstable/main/binary-arm/bochs-term_2.1.1+20041109-3sarge1_arm.deb oldstable/main/binary-arm/bochs-x_2.1.1+20041109-3sarge1_arm.deb oldstable/main/binary-arm/bximage_2.1.1+20041109-3sarge1_arm.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-hppa/bochs_2.1.1+20041109-3sarge1_hppa.deb oldstable/main/binary-hppa/bochs-wx_2.1.1+20041109-3sarge1_hppa.deb oldstable/main/binary-hppa/bochs-sdl_2.1.1+20041109-3sarge1_hppa.deb oldstable/main/binary-hppa/bochs-term_2.1.1+20041109-3sarge1_hppa.deb oldstable/main/binary-hppa/bochs-x_2.1.1+20041109-3sarge1_hppa.deb oldstable/main/binary-hppa/bximage_2.1.1+20041109-3sarge1_hppa.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/source/bochs_2.1.1+20041109-3sarge1.dsc oldstable/main/source/bochs_2.1.1+20041109.orig.tar.gz oldstable/main/source/bochs_2.1.1+20041109-3sarge1.diff.gz oldstable/main/binary-i386/bochs_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-i386/bochs-wx_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-i386/bochs-sdl_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-i386/bochs-term_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-i386/bochs-x_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-i386/bochs-svga_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-i386/bximage_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-i386/sb16ctrl-bochs_2.1.1+20041109-3sarge1_i386.deb oldstable/main/binary-all/bochs-doc_2.1.1+20041109-3sarge1_all.deb oldstable/main/binary-all/bochsbios_2.1.1+20041109-3sarge1_all.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-ia64/bochs_2.1.1+20041109-3sarge1_ia64.deb oldstable/main/binary-ia64/bochs-wx_2.1.1+20041109-3sarge1_ia64.deb oldstable/main/binary-ia64/bochs-sdl_2.1.1+20041109-3sarge1_ia64.deb oldstable/main/binary-ia64/bochs-term_2.1.1+20041109-3sarge1_ia64.deb oldstable/main/binary-ia64/bochs-x_2.1.1+20041109-3sarge1_ia64.deb oldstable/main/binary-ia64/bximage_2.1.1+20041109-3sarge1_ia64.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-m68k/bochs_2.1.1+20041109-3sarge1_m68k.deb oldstable/main/binary-m68k/bochs-wx_2.1.1+20041109-3sarge1_m68k.deb oldstable/main/binary-m68k/bochs-sdl_2.1.1+20041109-3sarge1_m68k.deb oldstable/main/binary-m68k/bochs-term_2.1.1+20041109-3sarge1_m68k.deb oldstable/main/binary-m68k/bochs-x_2.1.1+20041109-3sarge1_m68k.deb oldstable/main/binary-m68k/bximage_2.1.1+20041109-3sarge1_m68k.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-mips/bochs_2.1.1+20041109-3sarge1_mips.deb oldstable/main/binary-mips/bochs-wx_2.1.1+20041109-3sarge1_mips.deb oldstable/main/binary-mips/bochs-sdl_2.1.1+20041109-3sarge1_mips.deb oldstable/main/binary-mips/bochs-term_2.1.1+20041109-3sarge1_mips.deb oldstable/main/binary-mips/bochs-x_2.1.1+20041109-3sarge1_mips.deb oldstable/main/binary-mips/bximage_2.1.1+20041109-3sarge1_mips.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-mipsel/bochs_2.1.1+20041109-3sarge1_mipsel.deb oldstable/main/binary-mipsel/bochs-wx_2.1.1+20041109-3sarge1_mipsel.deb oldstable/main/binary-mipsel/bochs-sdl_2.1.1+20041109-3sarge1_mipsel.deb oldstable/main/binary-mipsel/bochs-term_2.1.1+20041109-3sarge1_mipsel.deb oldstable/main/binary-mipsel/bochs-x_2.1.1+20041109-3sarge1_mipsel.deb oldstable/main/binary-mipsel/bximage_2.1.1+20041109-3sarge1_mipsel.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-powerpc/bochs_2.1.1+20041109-3sarge1_powerpc.deb oldstable/main/binary-powerpc/bochs-wx_2.1.1+20041109-3sarge1_powerpc.deb oldstable/main/binary-powerpc/bochs-sdl_2.1.1+20041109-3sarge1_powerpc.deb oldstable/main/binary-powerpc/bochs-term_2.1.1+20041109-3sarge1_powerpc.deb oldstable/main/binary-powerpc/bochs-x_2.1.1+20041109-3sarge1_powerpc.deb oldstable/main/binary-powerpc/bximage_2.1.1+20041109-3sarge1_powerpc.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-s390/bochs_2.1.1+20041109-3sarge1_s390.deb oldstable/main/binary-s390/bochs-wx_2.1.1+20041109-3sarge1_s390.deb oldstable/main/binary-s390/bochs-sdl_2.1.1+20041109-3sarge1_s390.deb oldstable/main/binary-s390/bochs-term_2.1.1+20041109-3sarge1_s390.deb oldstable/main/binary-s390/bochs-x_2.1.1+20041109-3sarge1_s390.deb oldstable/main/binary-s390/bximage_2.1.1+20041109-3sarge1_s390.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/binary-sparc/bochs_2.1.1+20041109-3sarge1_sparc.deb oldstable/main/binary-sparc/bochs-wx_2.1.1+20041109-3sarge1_sparc.deb oldstable/main/binary-sparc/bochs-sdl_2.1.1+20041109-3sarge1_sparc.deb oldstable/main/binary-sparc/bochs-term_2.1.1+20041109-3sarge1_sparc.deb oldstable/main/binary-sparc/bochs-x_2.1.1+20041109-3sarge1_sparc.deb oldstable/main/binary-sparc/bximage_2.1.1+20041109-3sarge1_sparc.deb bochs (2.1.1+20041109-3sarge1) oldstable-security; urgency=high * Fix heap buffer overflow in ne2k emulated driver. (Closes: #427144) CVE-2007-2893 - debian/patches/05_security_ne2k.patch: New file. oldstable/main/source/cacti_0.8.6c-7sarge5.dsc oldstable/main/source/cacti_0.8.6c-7sarge5.diff.gz oldstable/main/binary-all/cacti_0.8.6c-7sarge5_all.deb cacti (0.8.6c-7sarge5) oldstable-security; urgency=high * SECURITY UPDATE: + CVE-2007-6035: SQL injection vulnerability in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via unspecified vectors. * debian/patches/10_CVE-2007-6035.dpatch: applied patch by upstream (Link: http://www.cacti.net/downloads/patches/0.8.6j/sec_sql_injection-0.8.6j.patch) * References: CVE-2007-6035 oldstable/main/binary-ia64/camediaplay_20010211-4_ia64.deb camediaplay (20010211-4) unstable; urgency=low * removed a nonstandard abbreviation in the package description Closes: #124480: Spelling error in description oldstable/main/binary-m68k/camediaplay_20010211-4_m68k.deb camediaplay (20010211-4) unstable; urgency=low * removed a nonstandard abbreviation in the package description Closes: #124480: Spelling error in description oldstable/main/binary-mipsel/camediaplay_20010211-4_mipsel.deb camediaplay (20010211-4) unstable; urgency=low * removed a nonstandard abbreviation in the package description Closes: #124480: Spelling error in description oldstable/main/binary-s390/camediaplay_20010211-4_s390.deb camediaplay (20010211-4) unstable; urgency=low * removed a nonstandard abbreviation in the package description Closes: #124480: Spelling error in description oldstable/main/source/cdrom-detect_1.05sarge1.dsc oldstable/main/source/cdrom-detect_1.05sarge1.tar.gz oldstable/main/cdrom-detect_1.05sarge1_all.udeb cdrom-detect (1.05sarge1) oldstable; urgency=low * Add support for installing oldstable (checking for oldstable in the postinst should not be necessary). * Update translations with thanks to translators. oldstable/main/binary-alpha/centericq-common_4.20.0-1sarge5_alpha.deb oldstable/main/binary-alpha/centericq_4.20.0-1sarge5_alpha.deb oldstable/main/binary-alpha/centericq-utf8_4.20.0-1sarge5_alpha.deb oldstable/main/binary-alpha/centericq-fribidi_4.20.0-1sarge5_alpha.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-amd64/centericq-common_4.20.0-1sarge5_amd64.deb oldstable/main/binary-amd64/centericq_4.20.0-1sarge5_amd64.deb oldstable/main/binary-amd64/centericq-utf8_4.20.0-1sarge5_amd64.deb oldstable/main/binary-amd64/centericq-fribidi_4.20.0-1sarge5_amd64.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-arm/centericq-common_4.20.0-1sarge5_arm.deb oldstable/main/binary-arm/centericq_4.20.0-1sarge5_arm.deb oldstable/main/binary-arm/centericq-utf8_4.20.0-1sarge5_arm.deb oldstable/main/binary-arm/centericq-fribidi_4.20.0-1sarge5_arm.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-hppa/centericq-common_4.20.0-1sarge5_hppa.deb oldstable/main/binary-hppa/centericq_4.20.0-1sarge5_hppa.deb oldstable/main/binary-hppa/centericq-utf8_4.20.0-1sarge5_hppa.deb oldstable/main/binary-hppa/centericq-fribidi_4.20.0-1sarge5_hppa.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/source/centericq_4.20.0-1sarge5.dsc oldstable/main/source/centericq_4.20.0-1sarge5.diff.gz oldstable/main/binary-i386/centericq-common_4.20.0-1sarge5_i386.deb oldstable/main/binary-i386/centericq_4.20.0-1sarge5_i386.deb oldstable/main/binary-i386/centericq-utf8_4.20.0-1sarge5_i386.deb oldstable/main/binary-i386/centericq-fribidi_4.20.0-1sarge5_i386.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-ia64/centericq-common_4.20.0-1sarge5_ia64.deb oldstable/main/binary-ia64/centericq_4.20.0-1sarge5_ia64.deb oldstable/main/binary-ia64/centericq-utf8_4.20.0-1sarge5_ia64.deb oldstable/main/binary-ia64/centericq-fribidi_4.20.0-1sarge5_ia64.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-m68k/centericq-common_4.20.0-1sarge5_m68k.deb oldstable/main/binary-m68k/centericq_4.20.0-1sarge5_m68k.deb oldstable/main/binary-m68k/centericq-utf8_4.20.0-1sarge5_m68k.deb oldstable/main/binary-m68k/centericq-fribidi_4.20.0-1sarge5_m68k.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-mips/centericq-common_4.20.0-1sarge5_mips.deb oldstable/main/binary-mips/centericq_4.20.0-1sarge5_mips.deb oldstable/main/binary-mips/centericq-utf8_4.20.0-1sarge5_mips.deb oldstable/main/binary-mips/centericq-fribidi_4.20.0-1sarge5_mips.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-mipsel/centericq-common_4.20.0-1sarge5_mipsel.deb oldstable/main/binary-mipsel/centericq_4.20.0-1sarge5_mipsel.deb oldstable/main/binary-mipsel/centericq-utf8_4.20.0-1sarge5_mipsel.deb oldstable/main/binary-mipsel/centericq-fribidi_4.20.0-1sarge5_mipsel.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-powerpc/centericq-common_4.20.0-1sarge5_powerpc.deb oldstable/main/binary-powerpc/centericq_4.20.0-1sarge5_powerpc.deb oldstable/main/binary-powerpc/centericq-utf8_4.20.0-1sarge5_powerpc.deb oldstable/main/binary-powerpc/centericq-fribidi_4.20.0-1sarge5_powerpc.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-s390/centericq-common_4.20.0-1sarge5_s390.deb oldstable/main/binary-s390/centericq_4.20.0-1sarge5_s390.deb oldstable/main/binary-s390/centericq-utf8_4.20.0-1sarge5_s390.deb oldstable/main/binary-s390/centericq-fribidi_4.20.0-1sarge5_s390.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/binary-sparc/centericq-common_4.20.0-1sarge5_sparc.deb oldstable/main/binary-sparc/centericq_4.20.0-1sarge5_sparc.deb oldstable/main/binary-sparc/centericq-utf8_4.20.0-1sarge5_sparc.deb oldstable/main/binary-sparc/centericq-fribidi_4.20.0-1sarge5_sparc.deb centericq (4.20.0-1sarge5) oldstable-security; urgency=high * Non-maintainer upload by the security team * Backport upstream patch to fix buffer overflows, which can allow remote attackers to execute arbitrary code Fixes: CVE-2007-3713 oldstable/main/choose-mirror_1.07sarge1_alpha.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_arm.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_hppa.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/source/choose-mirror_1.07sarge1.dsc oldstable/main/source/choose-mirror_1.07sarge1.tar.gz oldstable/main/choose-mirror_1.07sarge1_i386.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_ia64.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_m68k.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_mips.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_mipsel.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_powerpc.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_s390.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/choose-mirror_1.07sarge1_sparc.udeb choose-mirror (1.07sarge1) oldstable; urgency=low * Add support for installing oldstable. * Update mirror list. * Add translations (from iso-codes) for Venezuela for the HTTP country list. * Update translations with thanks to translators. oldstable/main/binary-alpha/libclamav1_0.84-2.sarge.17_alpha.deb oldstable/main/binary-alpha/clamav_0.84-2.sarge.17_alpha.deb oldstable/main/binary-alpha/clamav-daemon_0.84-2.sarge.17_alpha.deb oldstable/main/binary-alpha/clamav-freshclam_0.84-2.sarge.17_alpha.deb oldstable/main/binary-alpha/clamav-milter_0.84-2.sarge.17_alpha.deb oldstable/main/binary-alpha/libclamav-dev_0.84-2.sarge.17_alpha.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-arm/libclamav1_0.84-2.sarge.17_arm.deb oldstable/main/binary-arm/clamav_0.84-2.sarge.17_arm.deb oldstable/main/binary-arm/clamav-daemon_0.84-2.sarge.17_arm.deb oldstable/main/binary-arm/clamav-freshclam_0.84-2.sarge.17_arm.deb oldstable/main/binary-arm/clamav-milter_0.84-2.sarge.17_arm.deb oldstable/main/binary-arm/libclamav-dev_0.84-2.sarge.17_arm.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-hppa/libclamav1_0.84-2.sarge.17_hppa.deb oldstable/main/binary-hppa/clamav_0.84-2.sarge.17_hppa.deb oldstable/main/binary-hppa/clamav-daemon_0.84-2.sarge.17_hppa.deb oldstable/main/binary-hppa/clamav-freshclam_0.84-2.sarge.17_hppa.deb oldstable/main/binary-hppa/clamav-milter_0.84-2.sarge.17_hppa.deb oldstable/main/binary-hppa/libclamav-dev_0.84-2.sarge.17_hppa.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/source/clamav_0.84-2.sarge.17.dsc oldstable/main/source/clamav_0.84-2.sarge.17.diff.gz oldstable/main/binary-all/clamav-base_0.84-2.sarge.17_all.deb oldstable/main/binary-all/clamav-testfiles_0.84-2.sarge.17_all.deb oldstable/main/binary-all/clamav-docs_0.84-2.sarge.17_all.deb oldstable/main/binary-i386/libclamav1_0.84-2.sarge.17_i386.deb oldstable/main/binary-i386/clamav_0.84-2.sarge.17_i386.deb oldstable/main/binary-i386/clamav-daemon_0.84-2.sarge.17_i386.deb oldstable/main/binary-i386/clamav-freshclam_0.84-2.sarge.17_i386.deb oldstable/main/binary-i386/clamav-milter_0.84-2.sarge.17_i386.deb oldstable/main/binary-i386/libclamav-dev_0.84-2.sarge.17_i386.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-ia64/libclamav1_0.84-2.sarge.17_ia64.deb oldstable/main/binary-ia64/clamav_0.84-2.sarge.17_ia64.deb oldstable/main/binary-ia64/clamav-daemon_0.84-2.sarge.17_ia64.deb oldstable/main/binary-ia64/clamav-freshclam_0.84-2.sarge.17_ia64.deb oldstable/main/binary-ia64/clamav-milter_0.84-2.sarge.17_ia64.deb oldstable/main/binary-ia64/libclamav-dev_0.84-2.sarge.17_ia64.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-m68k/libclamav1_0.84-2.sarge.17_m68k.deb oldstable/main/binary-m68k/clamav_0.84-2.sarge.17_m68k.deb oldstable/main/binary-m68k/clamav-daemon_0.84-2.sarge.17_m68k.deb oldstable/main/binary-m68k/clamav-freshclam_0.84-2.sarge.17_m68k.deb oldstable/main/binary-m68k/clamav-milter_0.84-2.sarge.17_m68k.deb oldstable/main/binary-m68k/libclamav-dev_0.84-2.sarge.17_m68k.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-mips/libclamav1_0.84-2.sarge.17_mips.deb oldstable/main/binary-mips/clamav_0.84-2.sarge.17_mips.deb oldstable/main/binary-mips/clamav-daemon_0.84-2.sarge.17_mips.deb oldstable/main/binary-mips/clamav-freshclam_0.84-2.sarge.17_mips.deb oldstable/main/binary-mips/clamav-milter_0.84-2.sarge.17_mips.deb oldstable/main/binary-mips/libclamav-dev_0.84-2.sarge.17_mips.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-mipsel/libclamav1_0.84-2.sarge.17_mipsel.deb oldstable/main/binary-mipsel/clamav_0.84-2.sarge.17_mipsel.deb oldstable/main/binary-mipsel/clamav-daemon_0.84-2.sarge.17_mipsel.deb oldstable/main/binary-mipsel/clamav-freshclam_0.84-2.sarge.17_mipsel.deb oldstable/main/binary-mipsel/clamav-milter_0.84-2.sarge.17_mipsel.deb oldstable/main/binary-mipsel/libclamav-dev_0.84-2.sarge.17_mipsel.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-powerpc/libclamav1_0.84-2.sarge.17_powerpc.deb oldstable/main/binary-powerpc/clamav_0.84-2.sarge.17_powerpc.deb oldstable/main/binary-powerpc/clamav-daemon_0.84-2.sarge.17_powerpc.deb oldstable/main/binary-powerpc/clamav-freshclam_0.84-2.sarge.17_powerpc.deb oldstable/main/binary-powerpc/clamav-milter_0.84-2.sarge.17_powerpc.deb oldstable/main/binary-powerpc/libclamav-dev_0.84-2.sarge.17_powerpc.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-s390/libclamav1_0.84-2.sarge.17_s390.deb oldstable/main/binary-s390/clamav_0.84-2.sarge.17_s390.deb oldstable/main/binary-s390/clamav-daemon_0.84-2.sarge.17_s390.deb oldstable/main/binary-s390/clamav-freshclam_0.84-2.sarge.17_s390.deb oldstable/main/binary-s390/clamav-milter_0.84-2.sarge.17_s390.deb oldstable/main/binary-s390/libclamav-dev_0.84-2.sarge.17_s390.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-sparc/libclamav1_0.84-2.sarge.17_sparc.deb oldstable/main/binary-sparc/clamav_0.84-2.sarge.17_sparc.deb oldstable/main/binary-sparc/clamav-daemon_0.84-2.sarge.17_sparc.deb oldstable/main/binary-sparc/clamav-freshclam_0.84-2.sarge.17_sparc.deb oldstable/main/binary-sparc/clamav-milter_0.84-2.sarge.17_sparc.deb oldstable/main/binary-sparc/libclamav-dev_0.84-2.sarge.17_sparc.deb clamav (0.84-2.sarge.17) oldstable-security; urgency=low * [CVE-2007-2650]: libclamav/ole2_extract.c: detect block list loop oldstable/main/binary-sparc/jsvc_1.0-5_sparc.deb commons-daemon (1.0-5) unstable; urgency=low * upload with the sources. * Build with free tools now, therefore buildable on all architectures and a jsvc binary should be provided (closes: #286871) * Move to main as built with free tools * Shortened and clarified description (closes: #279752) oldstable/main/binary-alpha/debian-installer-manual_20050317sarge2_alpha.deb oldstable/main/source/debian-installer-images_20050317sarge2_alpha.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-arm/debian-installer-manual_20050317sarge2_arm.deb oldstable/main/source/debian-installer-images_20050317sarge2_arm.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-hppa/debian-installer-manual_20050317sarge2_hppa.deb oldstable/main/source/debian-installer-images_20050317sarge2_hppa.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/source/debian-installer_20050317sarge2.dsc oldstable/main/source/debian-installer_20050317sarge2.tar.gz oldstable/main/binary-i386/debian-installer-manual_20050317sarge2_i386.deb oldstable/main/source/debian-installer-images_20050317sarge2_i386.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-ia64/debian-installer-manual_20050317sarge2_ia64.deb oldstable/main/source/debian-installer-images_20050317sarge2_ia64.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-m68k/debian-installer-manual_20050317sarge2_m68k.deb oldstable/main/source/debian-installer-images_20050317sarge2_m68k.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-mips/debian-installer-manual_20050317sarge2_mips.deb oldstable/main/source/debian-installer-images_20050317sarge2_mips.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-mipsel/debian-installer-manual_20050317sarge2_mipsel.deb oldstable/main/source/debian-installer-images_20050317sarge2_mipsel.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-powerpc/debian-installer-manual_20050317sarge2_powerpc.deb oldstable/main/source/debian-installer-images_20050317sarge2_powerpc.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-s390/debian-installer-manual_20050317sarge2_s390.deb oldstable/main/source/debian-installer-images_20050317sarge2_s390.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-sparc/debian-installer-manual_20050317sarge2_sparc.deb oldstable/main/source/debian-installer-images_20050317sarge2_sparc.tar.gz debian-installer (20050317sarge2) oldstable; urgency=low * Change amd64 kernel from 2.6.8-11 to 2.6.8-12. Thanks Kurt Roeckx. * Fix kernel base version for sparc32 2.6 netboot kernel. * Support distribution equal to oldstable. * Update kernel versions for Sarge security updates with ABI change. oldstable/main/binary-hppa/debtags-edit_0.9.2_hppa.deb debtags-edit (0.9.2) unstable; urgency=low * Compiles with gcc 3.4. Closes: bug#264146. Thanks to Andreas Jochens for the patch. oldstable/main/binary-alpha/dhcp_2.0pl5-19.1sarge3_alpha.deb oldstable/main/binary-alpha/dhcp-client_2.0pl5-19.1sarge3_alpha.deb oldstable/main/binary-alpha/dhcp-relay_2.0pl5-19.1sarge3_alpha.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_alpha.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-amd64/dhcp_2.0pl5-19.1sarge3_amd64.deb oldstable/main/binary-amd64/dhcp-client_2.0pl5-19.1sarge3_amd64.deb oldstable/main/binary-amd64/dhcp-relay_2.0pl5-19.1sarge3_amd64.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_amd64.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-arm/dhcp_2.0pl5-19.1sarge3_arm.deb oldstable/main/binary-arm/dhcp-client_2.0pl5-19.1sarge3_arm.deb oldstable/main/binary-arm/dhcp-relay_2.0pl5-19.1sarge3_arm.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_arm.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-hppa/dhcp_2.0pl5-19.1sarge3_hppa.deb oldstable/main/binary-hppa/dhcp-client_2.0pl5-19.1sarge3_hppa.deb oldstable/main/binary-hppa/dhcp-relay_2.0pl5-19.1sarge3_hppa.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_hppa.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/source/dhcp_2.0pl5-19.1sarge3.dsc oldstable/main/source/dhcp_2.0pl5-19.1sarge3.diff.gz oldstable/main/binary-i386/dhcp_2.0pl5-19.1sarge3_i386.deb oldstable/main/binary-i386/dhcp-client_2.0pl5-19.1sarge3_i386.deb oldstable/main/binary-i386/dhcp-relay_2.0pl5-19.1sarge3_i386.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_i386.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-ia64/dhcp_2.0pl5-19.1sarge3_ia64.deb oldstable/main/binary-ia64/dhcp-client_2.0pl5-19.1sarge3_ia64.deb oldstable/main/binary-ia64/dhcp-relay_2.0pl5-19.1sarge3_ia64.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_ia64.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-m68k/dhcp_2.0pl5-19.1sarge3_m68k.deb oldstable/main/binary-m68k/dhcp-client_2.0pl5-19.1sarge3_m68k.deb oldstable/main/binary-m68k/dhcp-relay_2.0pl5-19.1sarge3_m68k.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_m68k.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-mips/dhcp_2.0pl5-19.1sarge3_mips.deb oldstable/main/binary-mips/dhcp-client_2.0pl5-19.1sarge3_mips.deb oldstable/main/binary-mips/dhcp-relay_2.0pl5-19.1sarge3_mips.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_mips.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-mipsel/dhcp_2.0pl5-19.1sarge3_mipsel.deb oldstable/main/binary-mipsel/dhcp-client_2.0pl5-19.1sarge3_mipsel.deb oldstable/main/binary-mipsel/dhcp-relay_2.0pl5-19.1sarge3_mipsel.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_mipsel.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-powerpc/dhcp_2.0pl5-19.1sarge3_powerpc.deb oldstable/main/binary-powerpc/dhcp-client_2.0pl5-19.1sarge3_powerpc.deb oldstable/main/binary-powerpc/dhcp-relay_2.0pl5-19.1sarge3_powerpc.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_powerpc.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-s390/dhcp_2.0pl5-19.1sarge3_s390.deb oldstable/main/binary-s390/dhcp-client_2.0pl5-19.1sarge3_s390.deb oldstable/main/binary-s390/dhcp-relay_2.0pl5-19.1sarge3_s390.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_s390.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-sparc/dhcp_2.0pl5-19.1sarge3_sparc.deb oldstable/main/binary-sparc/dhcp-client_2.0pl5-19.1sarge3_sparc.deb oldstable/main/binary-sparc/dhcp-relay_2.0pl5-19.1sarge3_sparc.deb oldstable/main/dhcp-client-udeb_2.0pl5-19.1sarge3_sparc.udeb dhcp (2.0pl5-19.1sarge3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow in options.c, which allows arbitrary code execution or remote denial of service. Fixes: CVE-2007-5365 oldstable/main/binary-alpha/ekg_1.5+20050411-7_alpha.deb oldstable/main/binary-alpha/libgadu-dev_1.5+20050411-7_alpha.deb oldstable/main/binary-alpha/libgadu3_1.5+20050411-7_alpha.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-arm/ekg_1.5+20050411-7_arm.deb oldstable/main/binary-arm/libgadu-dev_1.5+20050411-7_arm.deb oldstable/main/binary-arm/libgadu3_1.5+20050411-7_arm.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-hppa/ekg_1.5+20050411-7_hppa.deb oldstable/main/binary-hppa/libgadu-dev_1.5+20050411-7_hppa.deb oldstable/main/binary-hppa/libgadu3_1.5+20050411-7_hppa.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/source/ekg_1.5+20050411-7.dsc oldstable/main/source/ekg_1.5+20050411-7.diff.gz oldstable/main/binary-i386/ekg_1.5+20050411-7_i386.deb oldstable/main/binary-i386/libgadu-dev_1.5+20050411-7_i386.deb oldstable/main/binary-i386/libgadu3_1.5+20050411-7_i386.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-ia64/ekg_1.5+20050411-7_ia64.deb oldstable/main/binary-ia64/libgadu-dev_1.5+20050411-7_ia64.deb oldstable/main/binary-ia64/libgadu3_1.5+20050411-7_ia64.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-m68k/ekg_1.5+20050411-7_m68k.deb oldstable/main/binary-m68k/libgadu-dev_1.5+20050411-7_m68k.deb oldstable/main/binary-m68k/libgadu3_1.5+20050411-7_m68k.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-mips/ekg_1.5+20050411-7_mips.deb oldstable/main/binary-mips/libgadu-dev_1.5+20050411-7_mips.deb oldstable/main/binary-mips/libgadu3_1.5+20050411-7_mips.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-mipsel/ekg_1.5+20050411-7_mipsel.deb oldstable/main/binary-mipsel/libgadu-dev_1.5+20050411-7_mipsel.deb oldstable/main/binary-mipsel/libgadu3_1.5+20050411-7_mipsel.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-powerpc/ekg_1.5+20050411-7_powerpc.deb oldstable/main/binary-powerpc/libgadu-dev_1.5+20050411-7_powerpc.deb oldstable/main/binary-powerpc/libgadu3_1.5+20050411-7_powerpc.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-s390/ekg_1.5+20050411-7_s390.deb oldstable/main/binary-s390/libgadu-dev_1.5+20050411-7_s390.deb oldstable/main/binary-s390/libgadu3_1.5+20050411-7_s390.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-sparc/ekg_1.5+20050411-7_sparc.deb oldstable/main/binary-sparc/libgadu-dev_1.5+20050411-7_sparc.deb oldstable/main/binary-sparc/libgadu3_1.5+20050411-7_sparc.deb ekg (1:1.5+20050411-7) oldstable-security; urgency=medium * Security upload, fixing two problems missed when preparing DSA-767: - Using revision -7, as -6 was used for a sarge-volatile upload (-7 does not contain any changes from -6) * Fixes a memory alignment error in libgadu, which could lead to a DoS on some architectures (CAN-2005-2370) * Fixes endianness conversion problems, which could cause invalid behavior on big endian machines (CAN-2005-2448) oldstable/main/binary-alpha/ethereal-common_0.10.10-2sarge10_alpha.deb oldstable/main/binary-alpha/ethereal_0.10.10-2sarge10_alpha.deb oldstable/main/binary-alpha/tethereal_0.10.10-2sarge10_alpha.deb oldstable/main/binary-alpha/ethereal-dev_0.10.10-2sarge10_alpha.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-amd64/ethereal-common_0.10.10-2sarge10_amd64.deb oldstable/main/binary-amd64/ethereal_0.10.10-2sarge10_amd64.deb oldstable/main/binary-amd64/tethereal_0.10.10-2sarge10_amd64.deb oldstable/main/binary-amd64/ethereal-dev_0.10.10-2sarge10_amd64.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-arm/ethereal-common_0.10.10-2sarge10_arm.deb oldstable/main/binary-arm/ethereal_0.10.10-2sarge10_arm.deb oldstable/main/binary-arm/tethereal_0.10.10-2sarge10_arm.deb oldstable/main/binary-arm/ethereal-dev_0.10.10-2sarge10_arm.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-hppa/ethereal-common_0.10.10-2sarge10_hppa.deb oldstable/main/binary-hppa/ethereal_0.10.10-2sarge10_hppa.deb oldstable/main/binary-hppa/tethereal_0.10.10-2sarge10_hppa.deb oldstable/main/binary-hppa/ethereal-dev_0.10.10-2sarge10_hppa.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/source/ethereal_0.10.10-2sarge10.dsc oldstable/main/source/ethereal_0.10.10-2sarge10.diff.gz oldstable/main/binary-i386/ethereal-common_0.10.10-2sarge10_i386.deb oldstable/main/binary-i386/ethereal_0.10.10-2sarge10_i386.deb oldstable/main/binary-i386/tethereal_0.10.10-2sarge10_i386.deb oldstable/main/binary-i386/ethereal-dev_0.10.10-2sarge10_i386.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-ia64/ethereal-common_0.10.10-2sarge10_ia64.deb oldstable/main/binary-ia64/ethereal_0.10.10-2sarge10_ia64.deb oldstable/main/binary-ia64/tethereal_0.10.10-2sarge10_ia64.deb oldstable/main/binary-ia64/ethereal-dev_0.10.10-2sarge10_ia64.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-m68k/ethereal-common_0.10.10-2sarge10_m68k.deb oldstable/main/binary-m68k/ethereal_0.10.10-2sarge10_m68k.deb oldstable/main/binary-m68k/tethereal_0.10.10-2sarge10_m68k.deb oldstable/main/binary-m68k/ethereal-dev_0.10.10-2sarge10_m68k.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-mips/ethereal-common_0.10.10-2sarge10_mips.deb oldstable/main/binary-mips/ethereal_0.10.10-2sarge10_mips.deb oldstable/main/binary-mips/tethereal_0.10.10-2sarge10_mips.deb oldstable/main/binary-mips/ethereal-dev_0.10.10-2sarge10_mips.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-mipsel/ethereal-common_0.10.10-2sarge10_mipsel.deb oldstable/main/binary-mipsel/ethereal_0.10.10-2sarge10_mipsel.deb oldstable/main/binary-mipsel/tethereal_0.10.10-2sarge10_mipsel.deb oldstable/main/binary-mipsel/ethereal-dev_0.10.10-2sarge10_mipsel.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-powerpc/ethereal-common_0.10.10-2sarge10_powerpc.deb oldstable/main/binary-powerpc/ethereal_0.10.10-2sarge10_powerpc.deb oldstable/main/binary-powerpc/tethereal_0.10.10-2sarge10_powerpc.deb oldstable/main/binary-powerpc/ethereal-dev_0.10.10-2sarge10_powerpc.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-s390/ethereal-common_0.10.10-2sarge10_s390.deb oldstable/main/binary-s390/ethereal_0.10.10-2sarge10_s390.deb oldstable/main/binary-s390/tethereal_0.10.10-2sarge10_s390.deb oldstable/main/binary-s390/ethereal-dev_0.10.10-2sarge10_s390.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-sparc/ethereal-common_0.10.10-2sarge10_sparc.deb oldstable/main/binary-sparc/ethereal_0.10.10-2sarge10_sparc.deb oldstable/main/binary-sparc/tethereal_0.10.10-2sarge10_sparc.deb oldstable/main/binary-sparc/ethereal-dev_0.10.10-2sarge10_sparc.deb ethereal (0.10.10-2sarge10) oldstable-security; urgency=high * Non-maintainer upload by the Security Team * Backported fixes from 0.99.7 for several vulnerabilities: * Resource exhaustion in MEGAGO dissector * Crasher in RPC dissector oldstable/main/binary-alpha/evolution_2.0.4-2sarge2_alpha.deb oldstable/main/binary-alpha/evolution-dev_2.0.4-2sarge2_alpha.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-arm/evolution_2.0.4-2sarge2_arm.deb oldstable/main/binary-arm/evolution-dev_2.0.4-2sarge2_arm.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-hppa/evolution_2.0.4-2sarge2_hppa.deb oldstable/main/binary-hppa/evolution-dev_2.0.4-2sarge2_hppa.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/source/evolution_2.0.4-2sarge2.dsc oldstable/main/source/evolution_2.0.4-2sarge2.diff.gz oldstable/main/binary-i386/evolution_2.0.4-2sarge2_i386.deb oldstable/main/binary-i386/evolution-dev_2.0.4-2sarge2_i386.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-ia64/evolution_2.0.4-2sarge2_ia64.deb oldstable/main/binary-ia64/evolution-dev_2.0.4-2sarge2_ia64.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-m68k/evolution_2.0.4-2sarge2_m68k.deb oldstable/main/binary-m68k/evolution-dev_2.0.4-2sarge2_m68k.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-mips/evolution_2.0.4-2sarge2_mips.deb oldstable/main/binary-mips/evolution-dev_2.0.4-2sarge2_mips.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-mipsel/evolution_2.0.4-2sarge2_mipsel.deb oldstable/main/binary-mipsel/evolution-dev_2.0.4-2sarge2_mipsel.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-powerpc/evolution_2.0.4-2sarge2_powerpc.deb oldstable/main/binary-powerpc/evolution-dev_2.0.4-2sarge2_powerpc.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-s390/evolution_2.0.4-2sarge2_s390.deb oldstable/main/binary-s390/evolution-dev_2.0.4-2sarge2_s390.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/binary-sparc/evolution_2.0.4-2sarge2_sparc.deb oldstable/main/binary-sparc/evolution-dev_2.0.4-2sarge2_sparc.deb evolution (2.0.4-2sarge2) oldstable-security; urgency=high * SECURITY: New patch, z_10_imap-negative-array-index, fixes potential negative array index usage in IMAP code (remote); FEDORA-2007-0464; GNOME #447414; closes: #429876. oldstable/main/source/fai-kernels_1.9.1sarge7.dsc oldstable/main/source/fai-kernels_1.9.1sarge7.tar.gz oldstable/main/binary-i386/fai-kernels_1.9.1sarge7_i386.deb fai-kernels (1.9.1sarge7) oldstable; urgency=low * Build against kerenl-tree-2.6.8-17 oldstable/main/binary-sparc/fet_3.12.30-1_sparc.deb fet (3.12.30-1) unstable; urgency=low * New upstream release (closes: #298292) (new Catalan translation) oldstable/main/binary-alpha/file_4.12-1sarge2_alpha.deb oldstable/main/binary-alpha/libmagic1_4.12-1sarge2_alpha.deb oldstable/main/binary-alpha/libmagic-dev_4.12-1sarge2_alpha.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-arm/file_4.12-1sarge2_arm.deb oldstable/main/binary-arm/libmagic1_4.12-1sarge2_arm.deb oldstable/main/binary-arm/libmagic-dev_4.12-1sarge2_arm.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-hppa/file_4.12-1sarge2_hppa.deb oldstable/main/binary-hppa/libmagic1_4.12-1sarge2_hppa.deb oldstable/main/binary-hppa/libmagic-dev_4.12-1sarge2_hppa.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/source/file_4.12-1sarge2.dsc oldstable/main/source/file_4.12-1sarge2.diff.gz oldstable/main/binary-i386/file_4.12-1sarge2_i386.deb oldstable/main/binary-i386/libmagic1_4.12-1sarge2_i386.deb oldstable/main/binary-i386/libmagic-dev_4.12-1sarge2_i386.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-ia64/file_4.12-1sarge2_ia64.deb oldstable/main/binary-ia64/libmagic1_4.12-1sarge2_ia64.deb oldstable/main/binary-ia64/libmagic-dev_4.12-1sarge2_ia64.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-m68k/file_4.12-1sarge2_m68k.deb oldstable/main/binary-m68k/libmagic1_4.12-1sarge2_m68k.deb oldstable/main/binary-m68k/libmagic-dev_4.12-1sarge2_m68k.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-mips/file_4.12-1sarge2_mips.deb oldstable/main/binary-mips/libmagic1_4.12-1sarge2_mips.deb oldstable/main/binary-mips/libmagic-dev_4.12-1sarge2_mips.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-mipsel/file_4.12-1sarge2_mipsel.deb oldstable/main/binary-mipsel/libmagic1_4.12-1sarge2_mipsel.deb oldstable/main/binary-mipsel/libmagic-dev_4.12-1sarge2_mipsel.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-powerpc/file_4.12-1sarge2_powerpc.deb oldstable/main/binary-powerpc/libmagic1_4.12-1sarge2_powerpc.deb oldstable/main/binary-powerpc/libmagic-dev_4.12-1sarge2_powerpc.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-s390/file_4.12-1sarge2_s390.deb oldstable/main/binary-s390/libmagic1_4.12-1sarge2_s390.deb oldstable/main/binary-s390/libmagic-dev_4.12-1sarge2_s390.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-sparc/file_4.12-1sarge2_sparc.deb oldstable/main/binary-sparc/libmagic1_4.12-1sarge2_sparc.deb oldstable/main/binary-sparc/libmagic-dev_4.12-1sarge2_sparc.deb file (4.12-1sarge2) oldstable-security; urgency=high * Applied patch from Josh Bressers (also picked up by upstream) to src/funcs.c to fix CVE-2007-2799. The previous security patch was incorrect. oldstable/main/binary-alpha/fireflier-server_1.1.5-1sarge1_alpha.deb oldstable/main/binary-alpha/fireflier-client-qt_1.1.5-1sarge1_alpha.deb oldstable/main/binary-alpha/fireflier-client-kde_1.1.5-1sarge1_alpha.deb oldstable/main/binary-alpha/fireflier-client-gtk_1.1.5-1sarge1_alpha.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-arm/fireflier-server_1.1.5-1sarge1_arm.deb oldstable/main/binary-arm/fireflier-client-qt_1.1.5-1sarge1_arm.deb oldstable/main/binary-arm/fireflier-client-kde_1.1.5-1sarge1_arm.deb oldstable/main/binary-arm/fireflier-client-gtk_1.1.5-1sarge1_arm.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-hppa/fireflier-server_1.1.5-1sarge1_hppa.deb oldstable/main/binary-hppa/fireflier-client-qt_1.1.5-1sarge1_hppa.deb oldstable/main/binary-hppa/fireflier-client-kde_1.1.5-1sarge1_hppa.deb oldstable/main/binary-hppa/fireflier-client-gtk_1.1.5-1sarge1_hppa.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/source/fireflier_1.1.5-1sarge1.dsc oldstable/main/source/fireflier_1.1.5-1sarge1.tar.gz oldstable/main/binary-i386/fireflier-server_1.1.5-1sarge1_i386.deb oldstable/main/binary-i386/fireflier-client-qt_1.1.5-1sarge1_i386.deb oldstable/main/binary-i386/fireflier-client-kde_1.1.5-1sarge1_i386.deb oldstable/main/binary-i386/fireflier-client-gtk_1.1.5-1sarge1_i386.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-ia64/fireflier-server_1.1.5-1sarge1_ia64.deb oldstable/main/binary-ia64/fireflier-client-qt_1.1.5-1sarge1_ia64.deb oldstable/main/binary-ia64/fireflier-client-kde_1.1.5-1sarge1_ia64.deb oldstable/main/binary-ia64/fireflier-client-gtk_1.1.5-1sarge1_ia64.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-m68k/fireflier-server_1.1.5-1sarge1_m68k.deb oldstable/main/binary-m68k/fireflier-client-qt_1.1.5-1sarge1_m68k.deb oldstable/main/binary-m68k/fireflier-client-kde_1.1.5-1sarge1_m68k.deb oldstable/main/binary-m68k/fireflier-client-gtk_1.1.5-1sarge1_m68k.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-mips/fireflier-server_1.1.5-1sarge1_mips.deb oldstable/main/binary-mips/fireflier-client-qt_1.1.5-1sarge1_mips.deb oldstable/main/binary-mips/fireflier-client-kde_1.1.5-1sarge1_mips.deb oldstable/main/binary-mips/fireflier-client-gtk_1.1.5-1sarge1_mips.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-mipsel/fireflier-server_1.1.5-1sarge1_mipsel.deb oldstable/main/binary-mipsel/fireflier-client-qt_1.1.5-1sarge1_mipsel.deb oldstable/main/binary-mipsel/fireflier-client-kde_1.1.5-1sarge1_mipsel.deb oldstable/main/binary-mipsel/fireflier-client-gtk_1.1.5-1sarge1_mipsel.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-powerpc/fireflier-server_1.1.5-1sarge1_powerpc.deb oldstable/main/binary-powerpc/fireflier-client-qt_1.1.5-1sarge1_powerpc.deb oldstable/main/binary-powerpc/fireflier-client-kde_1.1.5-1sarge1_powerpc.deb oldstable/main/binary-powerpc/fireflier-client-gtk_1.1.5-1sarge1_powerpc.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-s390/fireflier-server_1.1.5-1sarge1_s390.deb oldstable/main/binary-s390/fireflier-client-qt_1.1.5-1sarge1_s390.deb oldstable/main/binary-s390/fireflier-client-kde_1.1.5-1sarge1_s390.deb oldstable/main/binary-s390/fireflier-client-gtk_1.1.5-1sarge1_s390.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-sparc/fireflier-server_1.1.5-1sarge1_sparc.deb oldstable/main/binary-sparc/fireflier-client-qt_1.1.5-1sarge1_sparc.deb oldstable/main/binary-sparc/fireflier-client-kde_1.1.5-1sarge1_sparc.deb oldstable/main/binary-sparc/fireflier-client-gtk_1.1.5-1sarge1_sparc.deb fireflier (1.1.5-1sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe usage of temporary files, allowing arbitary file deletion. [CVE-2007-2837] oldstable/main/binary-arm/freepops_0.0.27-1_arm.deb freepops (0.0.27-1) unstable; urgency=low * new upastream release oldstable/main/binary-alpha/libfreetype6_2.1.7-8_alpha.deb oldstable/main/binary-alpha/libfreetype6-dev_2.1.7-8_alpha.deb oldstable/main/binary-alpha/freetype2-demos_2.1.7-8_alpha.deb oldstable/main/libfreetype6-udeb_2.1.7-8_alpha.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-arm/libfreetype6_2.1.7-8_arm.deb oldstable/main/binary-arm/libfreetype6-dev_2.1.7-8_arm.deb oldstable/main/binary-arm/freetype2-demos_2.1.7-8_arm.deb oldstable/main/libfreetype6-udeb_2.1.7-8_arm.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-hppa/libfreetype6_2.1.7-8_hppa.deb oldstable/main/binary-hppa/libfreetype6-dev_2.1.7-8_hppa.deb oldstable/main/binary-hppa/freetype2-demos_2.1.7-8_hppa.deb oldstable/main/libfreetype6-udeb_2.1.7-8_hppa.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/source/freetype_2.1.7-8.dsc oldstable/main/source/freetype_2.1.7-8.diff.gz oldstable/main/binary-i386/libfreetype6_2.1.7-8_i386.deb oldstable/main/binary-i386/libfreetype6-dev_2.1.7-8_i386.deb oldstable/main/binary-i386/freetype2-demos_2.1.7-8_i386.deb oldstable/main/libfreetype6-udeb_2.1.7-8_i386.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-ia64/libfreetype6_2.1.7-8_ia64.deb oldstable/main/binary-ia64/libfreetype6-dev_2.1.7-8_ia64.deb oldstable/main/binary-ia64/freetype2-demos_2.1.7-8_ia64.deb oldstable/main/libfreetype6-udeb_2.1.7-8_ia64.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-m68k/libfreetype6_2.1.7-8_m68k.deb oldstable/main/binary-m68k/libfreetype6-dev_2.1.7-8_m68k.deb oldstable/main/binary-m68k/freetype2-demos_2.1.7-8_m68k.deb oldstable/main/libfreetype6-udeb_2.1.7-8_m68k.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-mips/libfreetype6_2.1.7-8_mips.deb oldstable/main/binary-mips/libfreetype6-dev_2.1.7-8_mips.deb oldstable/main/binary-mips/freetype2-demos_2.1.7-8_mips.deb oldstable/main/libfreetype6-udeb_2.1.7-8_mips.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-mipsel/libfreetype6_2.1.7-8_mipsel.deb oldstable/main/binary-mipsel/libfreetype6-dev_2.1.7-8_mipsel.deb oldstable/main/binary-mipsel/freetype2-demos_2.1.7-8_mipsel.deb oldstable/main/libfreetype6-udeb_2.1.7-8_mipsel.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-powerpc/libfreetype6_2.1.7-8_powerpc.deb oldstable/main/binary-powerpc/libfreetype6-dev_2.1.7-8_powerpc.deb oldstable/main/binary-powerpc/freetype2-demos_2.1.7-8_powerpc.deb oldstable/main/libfreetype6-udeb_2.1.7-8_powerpc.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-s390/libfreetype6_2.1.7-8_s390.deb oldstable/main/binary-s390/libfreetype6-dev_2.1.7-8_s390.deb oldstable/main/binary-s390/freetype2-demos_2.1.7-8_s390.deb oldstable/main/libfreetype6-udeb_2.1.7-8_s390.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-sparc/libfreetype6_2.1.7-8_sparc.deb oldstable/main/binary-sparc/libfreetype6-dev_2.1.7-8_sparc.deb oldstable/main/binary-sparc/freetype2-demos_2.1.7-8_sparc.deb oldstable/main/libfreetype6-udeb_2.1.7-8_sparc.udeb freetype (2.1.7-8) oldstable-security; urgency=high * debian/patches-freetype/500-CVE-2007-2754_ttgfload.diff: address CVE-2007-2754, a bug allowing execution of arbitrary code via a crafted TTF image by way of an integer overflow. Closes: #425625. oldstable/main/binary-arm/gaim-encryption_2.36-3_arm.deb gaim-encryption (2.36-3) unstable; urgency=low * re-compile with new version of Gaim to make the warning go away (while I don't come up with a permanent fix) (closes: #303732) * depend on gaim >= 1.2 (closes: #302838) oldstable/main/binary-alpha/gfax_0.4.2-11sarge1_alpha.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-arm/gfax_0.4.2-11sarge1_arm.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-hppa/gfax_0.4.2-11sarge1_hppa.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/source/gfax_0.4.2-11sarge1.dsc oldstable/main/source/gfax_0.4.2-11sarge1.diff.gz oldstable/main/binary-i386/gfax_0.4.2-11sarge1_i386.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-ia64/gfax_0.4.2-11sarge1_ia64.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-m68k/gfax_0.4.2-11sarge1_m68k.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-mips/gfax_0.4.2-11sarge1_mips.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-mipsel/gfax_0.4.2-11sarge1_mipsel.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-powerpc/gfax_0.4.2-11sarge1_powerpc.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-s390/gfax_0.4.2-11sarge1_s390.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-sparc/gfax_0.4.2-11sarge1_sparc.deb gfax (0.4.2-11sarge1) oldstable-security; urgency=high * Non-maintainer upload by The Security Team. * Fix the unsafe use of temporary files when manipulating the system crontab. [CVE-2007-2839] oldstable/main/binary-arm/gff2aplot_2.0-1_arm.deb gff2aplot (2.0-1) unstable; urgency=low * Initial Release (Closes: #300828) oldstable/main/source/gforge_3.1-31sarge2.dsc oldstable/main/source/gforge_3.1-31sarge2.diff.gz oldstable/main/binary-all/gforge_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-common_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-web-apache_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-db-postgresql_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-mta-exim4_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-mta-exim_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-mta-postfix_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-shell-ldap_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-cvs_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-ftp-proftpd_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-ldap-openldap_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-dns-bind9_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-lists-mailman_3.1-31sarge2_all.deb oldstable/main/binary-all/gforge-sourceforge-transition_3.1-31sarge2_all.deb oldstable/main/binary-all/sourceforge_3.1-31sarge2_all.deb gforge (3.1-31sarge2) oldstable-security; urgency=high * Fixed SQL injection vulnerability due to insufficient input sanitizing (CVE-2007-3913). oldstable/main/source/gforge_3.1-31sarge3.dsc oldstable/main/source/gforge_3.1-31sarge3.diff.gz oldstable/main/binary-all/gforge_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-common_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-web-apache_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-db-postgresql_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-mta-exim4_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-mta-exim_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-mta-postfix_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-shell-ldap_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-cvs_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-ftp-proftpd_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-ldap-openldap_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-dns-bind9_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-lists-mailman_3.1-31sarge3_all.deb oldstable/main/binary-all/gforge-sourceforge-transition_3.1-31sarge3_all.deb oldstable/main/binary-all/sourceforge_3.1-31sarge3_all.deb gforge (3.1-31sarge3) oldstable-security; urgency=high * Fixed cross-site scripting vulnerability (CVE-2007-3918). oldstable/main/source/gforge_3.1-31sarge4.dsc oldstable/main/source/gforge_3.1-31sarge4.diff.gz oldstable/main/binary-all/gforge_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-common_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-web-apache_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-db-postgresql_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-mta-exim4_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-mta-exim_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-mta-postfix_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-shell-ldap_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-cvs_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-ftp-proftpd_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-ldap-openldap_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-dns-bind9_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-lists-mailman_3.1-31sarge4_all.deb oldstable/main/binary-all/gforge-sourceforge-transition_3.1-31sarge4_all.deb oldstable/main/binary-all/sourceforge_3.1-31sarge4_all.deb gforge (3.1-31sarge4) oldstable-security; urgency=high * Fixed file truncation vulnerabilities (CVE-2007-3921) (this version of Gforge isn't vulnerable to the denial of service part of that CVE). oldstable/main/binary-alpha/libgimp2.0_2.2.6-1sarge4_alpha.deb oldstable/main/binary-alpha/gimp-helpbrowser_2.2.6-1sarge4_alpha.deb oldstable/main/binary-alpha/gimp-python_2.2.6-1sarge4_alpha.deb oldstable/main/binary-alpha/gimp-svg_2.2.6-1sarge4_alpha.deb oldstable/main/binary-alpha/gimp_2.2.6-1sarge4_alpha.deb oldstable/main/binary-alpha/libgimp2.0-dev_2.2.6-1sarge4_alpha.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-arm/libgimp2.0_2.2.6-1sarge4_arm.deb oldstable/main/binary-arm/gimp-helpbrowser_2.2.6-1sarge4_arm.deb oldstable/main/binary-arm/gimp-python_2.2.6-1sarge4_arm.deb oldstable/main/binary-arm/gimp-svg_2.2.6-1sarge4_arm.deb oldstable/main/binary-arm/gimp_2.2.6-1sarge4_arm.deb oldstable/main/binary-arm/libgimp2.0-dev_2.2.6-1sarge4_arm.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-hppa/libgimp2.0_2.2.6-1sarge4_hppa.deb oldstable/main/binary-hppa/gimp-helpbrowser_2.2.6-1sarge4_hppa.deb oldstable/main/binary-hppa/gimp-python_2.2.6-1sarge4_hppa.deb oldstable/main/binary-hppa/gimp-svg_2.2.6-1sarge4_hppa.deb oldstable/main/binary-hppa/gimp_2.2.6-1sarge4_hppa.deb oldstable/main/binary-hppa/libgimp2.0-dev_2.2.6-1sarge4_hppa.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/source/gimp_2.2.6-1sarge4.dsc oldstable/main/source/gimp_2.2.6-1sarge4.diff.gz oldstable/main/binary-all/gimp-data_2.2.6-1sarge4_all.deb oldstable/main/binary-all/libgimp2.0-doc_2.2.6-1sarge4_all.deb oldstable/main/binary-all/gimp1.2_2.2.6-1sarge4_all.deb oldstable/main/binary-i386/libgimp2.0_2.2.6-1sarge4_i386.deb oldstable/main/binary-i386/gimp-helpbrowser_2.2.6-1sarge4_i386.deb oldstable/main/binary-i386/gimp-python_2.2.6-1sarge4_i386.deb oldstable/main/binary-i386/gimp-svg_2.2.6-1sarge4_i386.deb oldstable/main/binary-i386/gimp_2.2.6-1sarge4_i386.deb oldstable/main/binary-i386/libgimp2.0-dev_2.2.6-1sarge4_i386.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-ia64/libgimp2.0_2.2.6-1sarge4_ia64.deb oldstable/main/binary-ia64/gimp-helpbrowser_2.2.6-1sarge4_ia64.deb oldstable/main/binary-ia64/gimp-python_2.2.6-1sarge4_ia64.deb oldstable/main/binary-ia64/gimp-svg_2.2.6-1sarge4_ia64.deb oldstable/main/binary-ia64/gimp_2.2.6-1sarge4_ia64.deb oldstable/main/binary-ia64/libgimp2.0-dev_2.2.6-1sarge4_ia64.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-m68k/libgimp2.0_2.2.6-1sarge4_m68k.deb oldstable/main/binary-m68k/gimp-helpbrowser_2.2.6-1sarge4_m68k.deb oldstable/main/binary-m68k/gimp-python_2.2.6-1sarge4_m68k.deb oldstable/main/binary-m68k/gimp-svg_2.2.6-1sarge4_m68k.deb oldstable/main/binary-m68k/gimp_2.2.6-1sarge4_m68k.deb oldstable/main/binary-m68k/libgimp2.0-dev_2.2.6-1sarge4_m68k.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-mips/libgimp2.0_2.2.6-1sarge4_mips.deb oldstable/main/binary-mips/gimp-helpbrowser_2.2.6-1sarge4_mips.deb oldstable/main/binary-mips/gimp-python_2.2.6-1sarge4_mips.deb oldstable/main/binary-mips/gimp-svg_2.2.6-1sarge4_mips.deb oldstable/main/binary-mips/gimp_2.2.6-1sarge4_mips.deb oldstable/main/binary-mips/libgimp2.0-dev_2.2.6-1sarge4_mips.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-mipsel/libgimp2.0_2.2.6-1sarge4_mipsel.deb oldstable/main/binary-mipsel/gimp-helpbrowser_2.2.6-1sarge4_mipsel.deb oldstable/main/binary-mipsel/gimp-python_2.2.6-1sarge4_mipsel.deb oldstable/main/binary-mipsel/gimp-svg_2.2.6-1sarge4_mipsel.deb oldstable/main/binary-mipsel/gimp_2.2.6-1sarge4_mipsel.deb oldstable/main/binary-mipsel/libgimp2.0-dev_2.2.6-1sarge4_mipsel.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-powerpc/libgimp2.0_2.2.6-1sarge4_powerpc.deb oldstable/main/binary-powerpc/gimp-helpbrowser_2.2.6-1sarge4_powerpc.deb oldstable/main/binary-powerpc/gimp-python_2.2.6-1sarge4_powerpc.deb oldstable/main/binary-powerpc/gimp-svg_2.2.6-1sarge4_powerpc.deb oldstable/main/binary-powerpc/gimp_2.2.6-1sarge4_powerpc.deb oldstable/main/binary-powerpc/libgimp2.0-dev_2.2.6-1sarge4_powerpc.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-s390/libgimp2.0_2.2.6-1sarge4_s390.deb oldstable/main/binary-s390/gimp-helpbrowser_2.2.6-1sarge4_s390.deb oldstable/main/binary-s390/gimp-python_2.2.6-1sarge4_s390.deb oldstable/main/binary-s390/gimp-svg_2.2.6-1sarge4_s390.deb oldstable/main/binary-s390/gimp_2.2.6-1sarge4_s390.deb oldstable/main/binary-s390/libgimp2.0-dev_2.2.6-1sarge4_s390.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-sparc/libgimp2.0_2.2.6-1sarge4_sparc.deb oldstable/main/binary-sparc/gimp-helpbrowser_2.2.6-1sarge4_sparc.deb oldstable/main/binary-sparc/gimp-python_2.2.6-1sarge4_sparc.deb oldstable/main/binary-sparc/gimp-svg_2.2.6-1sarge4_sparc.deb oldstable/main/binary-sparc/gimp_2.2.6-1sarge4_sparc.deb oldstable/main/binary-sparc/libgimp2.0-dev_2.2.6-1sarge4_sparc.deb gimp (2.2.6-1sarge4) oldstable-security; urgency=high * Fix regresion in XCF loader oldstable/main/binary-arm/libgnuradio-core0-dev_2.4-2_arm.deb oldstable/main/binary-arm/libgnuradio-core0_2.4-2_arm.deb oldstable/main/binary-arm/gnuradio-doc_2.4-2_arm.deb oldstable/main/binary-arm/python-gnuradio_2.4-2_arm.deb gnuradio-core (2.4-2) unstable; urgency=low * Changed Section of libgnuradio-core0-devel from 'devel' to 'libdevel'. oldstable/main/binary-alpha/gpdf_2.8.2-1.2sarge6_alpha.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-arm/gpdf_2.8.2-1.2sarge6_arm.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-hppa/gpdf_2.8.2-1.2sarge6_hppa.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/source/gpdf_2.8.2-1.2sarge6.dsc oldstable/main/source/gpdf_2.8.2-1.2sarge6.diff.gz oldstable/main/binary-i386/gpdf_2.8.2-1.2sarge6_i386.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-ia64/gpdf_2.8.2-1.2sarge6_ia64.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-m68k/gpdf_2.8.2-1.2sarge6_m68k.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-mips/gpdf_2.8.2-1.2sarge6_mips.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-mipsel/gpdf_2.8.2-1.2sarge6_mipsel.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-powerpc/gpdf_2.8.2-1.2sarge6_powerpc.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-s390/gpdf_2.8.2-1.2sarge6_s390.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-sparc/gpdf_2.8.2-1.2sarge6_sparc.deb gpdf (2.8.2-1.2sarge6) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387) oldstable/main/binary-mips/gr-audio-oss_0.5-3_mips.deb gr-audio-oss (0.5-3) unstable; urgency=low * Added Build-Depends on cppunit, fftw3-dev, libboost-dev. (closes: #302217) oldstable/main/source/horde3_3.0.4-4sarge5.dsc oldstable/main/source/horde3_3.0.4-4sarge5.diff.gz oldstable/main/binary-all/horde3_3.0.4-4sarge5_all.deb horde3 (3.0.4-4sarge5) oldstable-security; urgency=high * Fix XSS vulnerability. See CVE-2007-1473 for more information. (Closes: #434045) oldstable/main/source/horde3_3.0.4-4sarge6.dsc oldstable/main/source/horde3_3.0.4-4sarge6.diff.gz oldstable/main/binary-all/horde3_3.0.4-4sarge6_all.deb horde3 (3.0.4-4sarge6) oldstable-security; urgency=high * Non-maintainer upload by the security team. * Argument injection vulnerability in the cleanup cron script in Horde Project Horde and IMP before Horde Application Framework 3.1.4 allows local users to delete arbitrary files and possibly gain privileges via multiple space-delimited pathnames. (CVE-2007-1474) * services/go.php in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 does not properly restrict its image proxy capability, which allows remote attackers to perform "Web tunneling" attacks and use the server as a proxy via (1) http, (2) https, and (3) ftp URL in the url parameter, which is requested from the server. (CVE-2006-3549) * Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 allow remote attackers to inject arbitrary web script or HTML via a (1) javascript URI or an external (2) http, (3) https, or (4) ftp URI in the url parameter in services/go.php (aka the dereferrer), (5) a javascript URI in the module parameter in services/help (aka the help viewer), and (6) the name parameter in services/problem.php (aka the problem reporting screen). (CVE-2006-3548) * index.php in Horde Application Framework before 3.1.2 allows remote attackers to include web pages from other sites, which could be useful for phishing attacks, via a URL in the url parameter, aka "cross-site referencing." NOTE: some sources have referred to this issue as XSS, but it is different than classic XSS. (CVE-2006-4256) * Closes: 383416, 378281 oldstable/main/source/hostap-modules-i386_0.3.7-1sarge2.dsc oldstable/main/source/hostap-modules-i386_0.3.7-1sarge2.tar.gz oldstable/main/binary-i386/hostap-modules-2.4.27-3-386_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.4.27-3-586tsc_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.4.27-3-686_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.4.27-3-686-smp_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.4.27-3-k6_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.4.27-3-k7_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.4.27-3-k7-smp_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.6.8-4-386_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.6.8-4-686_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.6.8-4-686-smp_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.6.8-4-k7_0.3.7-1sarge2_i386.deb oldstable/main/binary-i386/hostap-modules-2.6.8-4-k7-smp_0.3.7-1sarge2_i386.deb hostap-modules-i386 (1:0.3.7-1sarge2) oldstable-security; urgency=high * Rebuild for 2.6.8-4 ABI oldstable/main/binary-alpha/libid3-3.8.3-dev_3.8.3-4.1sarge1_alpha.deb oldstable/main/binary-alpha/libid3-3.8.3_3.8.3-4.1sarge1_alpha.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-amd64/libid3-3.8.3-dev_3.8.3-4.1sarge1_amd64.deb oldstable/main/binary-amd64/libid3-3.8.3_3.8.3-4.1sarge1_amd64.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-arm/libid3-3.8.3-dev_3.8.3-4.1sarge1_arm.deb oldstable/main/binary-arm/libid3-3.8.3_3.8.3-4.1sarge1_arm.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-hppa/libid3-3.8.3-dev_3.8.3-4.1sarge1_hppa.deb oldstable/main/binary-hppa/libid3-3.8.3_3.8.3-4.1sarge1_hppa.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/source/id3lib3.8.3_3.8.3-4.1sarge1.dsc oldstable/main/source/id3lib3.8.3_3.8.3.orig.tar.gz oldstable/main/source/id3lib3.8.3_3.8.3-4.1sarge1.diff.gz oldstable/main/binary-i386/libid3-3.8.3-dev_3.8.3-4.1sarge1_i386.deb oldstable/main/binary-i386/libid3-3.8.3_3.8.3-4.1sarge1_i386.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-ia64/libid3-3.8.3-dev_3.8.3-4.1sarge1_ia64.deb oldstable/main/binary-ia64/libid3-3.8.3_3.8.3-4.1sarge1_ia64.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-m68k/libid3-3.8.3-dev_3.8.3-4.1sarge1_m68k.deb oldstable/main/binary-m68k/libid3-3.8.3_3.8.3-4.1sarge1_m68k.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-mips/libid3-3.8.3-dev_3.8.3-4.1sarge1_mips.deb oldstable/main/binary-mips/libid3-3.8.3_3.8.3-4.1sarge1_mips.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-mipsel/libid3-3.8.3-dev_3.8.3-4.1sarge1_mipsel.deb oldstable/main/binary-mipsel/libid3-3.8.3_3.8.3-4.1sarge1_mipsel.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-powerpc/libid3-3.8.3-dev_3.8.3-4.1sarge1_powerpc.deb oldstable/main/binary-powerpc/libid3-3.8.3_3.8.3-4.1sarge1_powerpc.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-s390/libid3-3.8.3-dev_3.8.3-4.1sarge1_s390.deb oldstable/main/binary-s390/libid3-3.8.3_3.8.3-4.1sarge1_s390.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-sparc/libid3-3.8.3-dev_3.8.3-4.1sarge1_sparc.deb oldstable/main/binary-sparc/libid3-3.8.3_3.8.3-4.1sarge1_sparc.deb id3lib3.8.3 (3.8.3-4.1sarge1) oldstable-security; urgency=high * Create temp files securely oldstable/main/binary-arm/iroffer_1.4.b02-1_arm.deb iroffer (1.4.b02-1) unstable; urgency=low * New upstream release (Closes: #291941) * Created debian/watch file. oldstable/main/binary-hppa/iroffer_1.4.b02-1_hppa.deb iroffer (1.4.b02-1) unstable; urgency=low * New upstream release (Closes: #291941) * Created debian/watch file. oldstable/main/binary-ia64/iroffer_1.4.b02-1_ia64.deb iroffer (1.4.b02-1) unstable; urgency=low * New upstream release (Closes: #291941) * Created debian/watch file. oldstable/main/binary-m68k/iroffer_1.4.b02-1_m68k.deb iroffer (1.4.b02-1) unstable; urgency=low * New upstream release (Closes: #291941) * Created debian/watch file. oldstable/main/binary-mips/iroffer_1.4.b02-1_mips.deb iroffer (1.4.b02-1) unstable; urgency=low * New upstream release (Closes: #291941) * Created debian/watch file. oldstable/main/binary-mipsel/iroffer_1.4.b02-1_mipsel.deb iroffer (1.4.b02-1) unstable; urgency=low * New upstream release (Closes: #291941) * Created debian/watch file. oldstable/main/binary-s390/iroffer_1.4.b02-1_s390.deb iroffer (1.4.b02-1) unstable; urgency=low * New upstream release (Closes: #291941) * Created debian/watch file. oldstable/main/source/iso-scan_1.04sarge1.dsc oldstable/main/source/iso-scan_1.04sarge1.tar.gz oldstable/main/iso-scan_1.04sarge1_all.udeb oldstable/main/load-iso_1.04sarge1_all.udeb iso-scan (1.04sarge1) oldstable; urgency=low * Matt Kraai - Fix the spelling of "file system". * Frans Pop - Add support for installing oldstable (checking for oldstable in the postinst should not be necessary). - Update translations with thanks to translators. oldstable/main/binary-powerpc/joystick_20010903-2_powerpc.deb joystick (20010903-2) unstable; urgency=low * debian/control: updated Standards-Version. * debian/control: added version number to debhelper Build-Depends. * debian/copyright: improved with more text from the GPL and a description of changes to the package. * debian/template: German translation from Sebastian Feltel . (Closes: Bug#119939) oldstable/main/binary-arm/k3d_0.4.3.0-3_arm.deb oldstable/main/binary-arm/k3d-dev_0.4.3.0-3_arm.deb k3d (0.4.3.0-3) unstable; urgency=low * _Really_ apply patch from #274172 (closes: #274172). Sorry. :-( oldstable/main/binary-alpha/kamera_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kcoloredit_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kdegraphics-dev_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kdegraphics-kfile-plugins_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kdvi_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kfax_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kgamma_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kghostview_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kiconedit_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kmrml_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kolourpaint_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kooka_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kpdf_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kpovmodeler_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kruler_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/ksnapshot_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/ksvg_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kuickshow_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kview_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/kviewshell_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/libkscan-dev_3.3.2-2sarge5_alpha.deb oldstable/main/binary-alpha/libkscan1_3.3.2-2sarge5_alpha.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-arm/kamera_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kcoloredit_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kdegraphics-dev_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kdegraphics-kfile-plugins_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kdvi_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kfax_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kgamma_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kghostview_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kiconedit_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kmrml_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kolourpaint_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kooka_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kpdf_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kpovmodeler_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kruler_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/ksnapshot_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/ksvg_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kuickshow_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kview_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/kviewshell_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/libkscan-dev_3.3.2-2sarge5_arm.deb oldstable/main/binary-arm/libkscan1_3.3.2-2sarge5_arm.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-hppa/kamera_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kcoloredit_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kdegraphics-dev_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kdegraphics-kfile-plugins_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kdvi_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kfax_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kgamma_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kghostview_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kiconedit_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kmrml_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kolourpaint_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kooka_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kpdf_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kpovmodeler_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kruler_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/ksnapshot_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/ksvg_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kuickshow_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kview_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/kviewshell_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/libkscan-dev_3.3.2-2sarge5_hppa.deb oldstable/main/binary-hppa/libkscan1_3.3.2-2sarge5_hppa.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/source/kdegraphics_3.3.2-2sarge5.dsc oldstable/main/source/kdegraphics_3.3.2-2sarge5.diff.gz oldstable/main/binary-i386/kamera_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kcoloredit_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kdegraphics-dev_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kdegraphics-kfile-plugins_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kdvi_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kfax_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kgamma_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kghostview_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kiconedit_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kmrml_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kolourpaint_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kooka_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kpdf_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kpovmodeler_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kruler_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/ksnapshot_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/ksvg_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kuickshow_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kview_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/kviewshell_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/libkscan-dev_3.3.2-2sarge5_i386.deb oldstable/main/binary-i386/libkscan1_3.3.2-2sarge5_i386.deb oldstable/main/binary-all/kdegraphics_3.3.2-2sarge5_all.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-ia64/kamera_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kcoloredit_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kdegraphics-dev_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kdegraphics-kfile-plugins_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kdvi_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kfax_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kgamma_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kghostview_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kiconedit_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kmrml_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kolourpaint_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kooka_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kpdf_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kpovmodeler_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kruler_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/ksnapshot_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/ksvg_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kuickshow_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kview_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/kviewshell_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/libkscan-dev_3.3.2-2sarge5_ia64.deb oldstable/main/binary-ia64/libkscan1_3.3.2-2sarge5_ia64.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-m68k/kamera_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kcoloredit_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kdegraphics-dev_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kdegraphics-kfile-plugins_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kdvi_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kfax_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kgamma_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kghostview_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kiconedit_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kmrml_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kolourpaint_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kooka_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kpdf_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kpovmodeler_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kruler_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/ksnapshot_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/ksvg_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kuickshow_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kview_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/kviewshell_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/libkscan-dev_3.3.2-2sarge5_m68k.deb oldstable/main/binary-m68k/libkscan1_3.3.2-2sarge5_m68k.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-mips/kamera_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kcoloredit_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kdegraphics-dev_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kdegraphics-kfile-plugins_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kdvi_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kfax_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kgamma_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kghostview_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kiconedit_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kmrml_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kolourpaint_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kooka_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kpdf_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kpovmodeler_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kruler_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/ksnapshot_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/ksvg_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kuickshow_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kview_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/kviewshell_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/libkscan-dev_3.3.2-2sarge5_mips.deb oldstable/main/binary-mips/libkscan1_3.3.2-2sarge5_mips.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-mipsel/kamera_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kcoloredit_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kdegraphics-dev_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kdegraphics-kfile-plugins_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kdvi_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kfax_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kgamma_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kghostview_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kiconedit_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kmrml_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kolourpaint_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kooka_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kpdf_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kpovmodeler_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kruler_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/ksnapshot_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/ksvg_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kuickshow_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kview_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/kviewshell_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/libkscan-dev_3.3.2-2sarge5_mipsel.deb oldstable/main/binary-mipsel/libkscan1_3.3.2-2sarge5_mipsel.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-powerpc/kamera_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kcoloredit_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kdegraphics-dev_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kdegraphics-kfile-plugins_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kdvi_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kfax_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kgamma_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kghostview_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kiconedit_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kmrml_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kolourpaint_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kooka_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kpdf_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kpovmodeler_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kruler_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/ksnapshot_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/ksvg_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kuickshow_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kview_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/kviewshell_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/libkscan-dev_3.3.2-2sarge5_powerpc.deb oldstable/main/binary-powerpc/libkscan1_3.3.2-2sarge5_powerpc.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-s390/kamera_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kcoloredit_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kdegraphics-dev_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kdegraphics-kfile-plugins_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kdvi_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kfax_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kgamma_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kghostview_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kiconedit_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kmrml_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kolourpaint_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kooka_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kpdf_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kpovmodeler_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kruler_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/ksnapshot_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/ksvg_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kuickshow_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kview_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/kviewshell_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/libkscan-dev_3.3.2-2sarge5_s390.deb oldstable/main/binary-s390/libkscan1_3.3.2-2sarge5_s390.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-sparc/kamera_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kcoloredit_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kdegraphics-dev_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kdegraphics-kfile-plugins_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kdvi_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kfax_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kgamma_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kghostview_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kiconedit_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kmrml_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kolourpaint_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kooka_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kpdf_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kpovmodeler_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kruler_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/ksnapshot_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/ksvg_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kuickshow_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kview_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/kviewshell_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/libkscan-dev_3.3.2-2sarge5_sparc.deb oldstable/main/binary-sparc/libkscan1_3.3.2-2sarge5_sparc.deb kdegraphics (4:3.3.2-2sarge5) oldstable-security; urgency=high * Fix integer overflow in stream predictor (CVE-2007-3387). oldstable/main/binary-arm/kdissert_0.3.8-1_arm.deb kdissert (0.3.8-1) unstable; urgency=low * New upstream release * Converted to CDBS * Do not compress .docbook files (closes: #302109) oldstable/main/source/kernel-image-2.6.8-alpha_2.6.8-17.dsc oldstable/main/source/kernel-image-2.6.8-alpha_2.6.8-17.tar.gz oldstable/main/binary-alpha/kernel-headers-2.6.8-4_2.6.8-17_alpha.deb oldstable/main/binary-alpha/kernel-headers-2.6.8-4-smp_2.6.8-17_alpha.deb oldstable/main/binary-alpha/kernel-image-2.6.8-4-smp_2.6.8-17_alpha.deb oldstable/main/binary-alpha/kernel-headers-2.6.8-4-generic_2.6.8-17_alpha.deb oldstable/main/binary-alpha/kernel-image-2.6.8-4-generic_2.6.8-17_alpha.deb kernel-image-2.6.8-alpha (2.6.8-17) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-image-2.6.8-amd64_2.6.8-17.dsc oldstable/main/source/kernel-image-2.6.8-amd64_2.6.8-17.tar.gz oldstable/main/binary-i386/kernel-headers-2.6.8-13_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-amd64-k8_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-amd64-generic_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-em64t-p4_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17_i386.deb kernel-image-2.6.8-amd64 (2.6.8-17) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-image-2.6.8-hppa_2.6.8-7.dsc oldstable/main/source/kernel-image-2.6.8-hppa_2.6.8-7.tar.gz oldstable/main/binary-hppa/kernel-headers-2.6.8-4_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6.8-4-32-smp_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6.8-4-32-smp_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6.8-4-64_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6.8-4-64_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6.8-4-32_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6.8-4-32_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6.8-4-64-smp_2.6.8-7_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6.8-4-64-smp_2.6.8-7_hppa.deb kernel-image-2.6.8-hppa (2.6.8-7) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-image-2.6.8-i386_2.6.8-17.dsc oldstable/main/source/kernel-image-2.6.8-i386_2.6.8-17.tar.gz oldstable/main/binary-i386/kernel-headers-2.6.8-4_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-686_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-686_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-k7-smp_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-k7-smp_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-686-smp_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-686-smp_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-k7_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-k7_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-headers-2.6.8-4-386_2.6.8-17_i386.deb oldstable/main/binary-i386/kernel-image-2.6.8-4-386_2.6.8-17_i386.deb kernel-image-2.6.8-i386 (2.6.8-17) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-image-2.6.8-ia64_2.6.8-15.dsc oldstable/main/source/kernel-image-2.6.8-ia64_2.6.8-15.tar.gz oldstable/main/binary-ia64/kernel-headers-2.6.8-4_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6-itanium-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-itanium-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-itanium-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6.8-4-itanium-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-mckinley-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-mckinley-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6.8-4-mckinley-smp_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6-itanium_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-itanium_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-itanium_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6.8-4-itanium_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6-mckinley_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6-mckinley_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-headers-2.6.8-4-mckinley_2.6.8-15_ia64.deb oldstable/main/binary-ia64/kernel-image-2.6.8-4-mckinley_2.6.8-15_ia64.deb kernel-image-2.6.8-ia64 (2.6.8-15) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-image-2.6.8-m68k_2.6.8-5.dsc oldstable/main/source/kernel-image-2.6.8-m68k_2.6.8-5.tar.gz oldstable/main/binary-m68k/kernel-image-2.6.8-sun3_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-bvme6000_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-atari_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-mvme16x_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-mac_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-amiga_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-mvme147_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-q40_2.6.8-5_m68k.deb oldstable/main/binary-m68k/kernel-image-2.6.8-hp_2.6.8-5_m68k.deb kernel-image-2.6.8-m68k (2.6.8-5) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-image-2.6.8-s390_2.6.8-6.dsc oldstable/main/source/kernel-image-2.6.8-s390_2.6.8-6.tar.gz oldstable/main/binary-all/kernel-patch-2.6.8-s390_2.6.8-6_all.deb oldstable/main/binary-s390/kernel-headers-2.6.8-4_2.6.8-6_s390.deb oldstable/main/binary-s390/kernel-image-2.6.8-4-s390_2.6.8-6_s390.deb oldstable/main/binary-s390/kernel-image-2.6.8-4-s390x_2.6.8-6_s390.deb oldstable/main/binary-s390/kernel-image-2.6.8-4-s390-tape_2.6.8-6_s390.deb kernel-image-2.6.8-s390 (2.6.8-6) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-image-2.6.8-sparc_2.6.8-16.dsc oldstable/main/source/kernel-image-2.6.8-sparc_2.6.8-16.tar.gz oldstable/main/binary-sparc/kernel-headers-2.6.8-4_2.6.8-16_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6.8-4-sparc32_2.6.8-16_sparc.deb oldstable/main/binary-sparc/kernel-image-2.6.8-4-sparc32_2.6.8-16_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6.8-4-sparc64_2.6.8-16_sparc.deb oldstable/main/binary-sparc/kernel-image-2.6.8-4-sparc64_2.6.8-16_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6.8-4-sparc64-smp_2.6.8-16_sparc.deb oldstable/main/binary-sparc/kernel-image-2.6.8-4-sparc64-smp_2.6.8-16_sparc.deb oldstable/main/binary-sparc/kernel-build-2.6.8-4_2.6.8-16_sparc.deb kernel-image-2.6.8-sparc (2.6.8-16) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17: [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-latest-2.6-alpha_101sarge2.dsc oldstable/main/source/kernel-latest-2.6-alpha_101sarge2.tar.gz oldstable/main/binary-alpha/kernel-image-2.6-generic_101sarge2_alpha.deb oldstable/main/binary-alpha/kernel-headers-2.6-generic_101sarge2_alpha.deb oldstable/main/binary-alpha/kernel-image-2.6-smp_101sarge2_alpha.deb oldstable/main/binary-alpha/kernel-headers-2.6-smp_101sarge2_alpha.deb kernel-latest-2.6-alpha (101sarge2) oldstable-security; urgency=high * Update for the -4 ABI oldstable/main/binary-i386/kernel-headers-2.6-em64t-p4-smp_103sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-amd64-k8-smp_103sarge2_i386.deb oldstable/main/binary-i386/kernel-image-2.6-amd64-k8-smp_103sarge2_i386.deb oldstable/main/binary-amd64/kernel-headers-2.6-amd64-generic_103sarge2_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6-amd64-generic_103sarge2_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6-em64t-p4_103sarge2_amd64.deb oldstable/main/source/kernel-latest-2.6-amd64_103sarge2.tar.gz oldstable/main/binary-amd64/kernel-image-2.6-amd64-k8-smp_103sarge2_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6-em64t-p4-smp_103sarge2_amd64.deb oldstable/main/binary-i386/kernel-image-2.6-amd64-k8_103sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-amd64-generic_103sarge2_i386.deb oldstable/main/binary-i386/kernel-image-2.6-em64t-p4_103sarge2_i386.deb oldstable/main/binary-amd64/kernel-image-2.6-amd64-k8_103sarge2_amd64.deb oldstable/main/binary-i386/kernel-image-2.6-amd64-generic_103sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-amd64-k8_103sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-em64t-p4_103sarge2_i386.deb oldstable/main/binary-amd64/kernel-headers-2.6-em64t-p4_103sarge2_amd64.deb oldstable/main/binary-amd64/kernel-image-2.6-em64t-p4-smp_103sarge2_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6-amd64-k8_103sarge2_amd64.deb oldstable/main/binary-amd64/kernel-headers-2.6-amd64-k8-smp_103sarge2_amd64.deb oldstable/main/binary-i386/kernel-image-2.6-em64t-p4-smp_103sarge2_i386.deb oldstable/main/source/kernel-latest-2.6-amd64_103sarge2.dsc kernel-latest-2.6-amd64 (103sarge2) oldstable-security; urgency=high * Update for the -13 ABI oldstable/main/source/kernel-latest-2.6-hppa_2.6.8-1sarge2.dsc oldstable/main/source/kernel-latest-2.6-hppa_2.6.8-1sarge2.tar.gz oldstable/main/binary-hppa/kernel-headers-2.6_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6-32_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6-32_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6-32-smp_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6-32-smp_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6-64_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6-64_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-headers-2.6-64-smp_2.6.8-1sarge2_hppa.deb oldstable/main/binary-hppa/kernel-image-2.6-64-smp_2.6.8-1sarge2_hppa.deb kernel-latest-2.6-hppa (2.6.8-1sarge2) oldstable-security; urgency=high * Update for the -4 ABI oldstable/main/source/kernel-latest-2.6-i386_101sarge2.dsc oldstable/main/source/kernel-latest-2.6-i386_101sarge2.tar.gz oldstable/main/binary-i386/kernel-headers-2.6-386_101sarge2_i386.deb oldstable/main/binary-i386/kernel-image-2.6-386_101sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-686_101sarge2_i386.deb oldstable/main/binary-i386/kernel-image-2.6-686_101sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-686-smp_101sarge2_i386.deb oldstable/main/binary-i386/kernel-image-2.6-686-smp_101sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-k7_101sarge2_i386.deb oldstable/main/binary-i386/kernel-image-2.6-k7_101sarge2_i386.deb oldstable/main/binary-i386/kernel-headers-2.6-k7-smp_101sarge2_i386.deb oldstable/main/binary-i386/kernel-image-2.6-k7-smp_101sarge2_i386.deb kernel-latest-2.6-i386 (101sarge2) oldstable-security; urgency=high * Update for the -4 ABI oldstable/main/source/kernel-latest-2.6-sparc_101sarge2.dsc oldstable/main/source/kernel-latest-2.6-sparc_101sarge2.tar.gz oldstable/main/binary-sparc/kernel-image-2.6-sparc32_101sarge2_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6-sparc32_101sarge2_sparc.deb oldstable/main/binary-sparc/kernel-image-2.6-sparc64_101sarge2_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6-sparc64_101sarge2_sparc.deb oldstable/main/binary-sparc/kernel-image-2.6-sparc64-smp_101sarge2_sparc.deb oldstable/main/binary-sparc/kernel-headers-2.6-sparc64-smp_101sarge2_sparc.deb kernel-latest-2.6-sparc (101sarge2) oldstable-security; urgency=high * Update for the -4 ABI oldstable/main/source/kernel-latest-powerpc_102sarge2.dsc oldstable/main/source/kernel-latest-powerpc_102sarge2.tar.gz oldstable/main/binary-powerpc/kernel-headers-2.6_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-headers_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6-powerpc_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-powerpc_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6-powerpc-smp_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-powerpc-smp_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6-power3_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-power3_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6-power3-smp_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-power3-smp_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6-power4_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-power4_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6-power4-smp_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-power4-smp_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-headers-2.4_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.4-powerpc_102sarge2_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.4-powerpc-smp_102sarge2_powerpc.deb kernel-latest-powerpc (102sarge2) oldstable-security; urgency=high * Update 2.6 dependencies for the -4 ABI. oldstable/main/source/kernel-patch-powerpc-2.6.8_2.6.8-13.dsc oldstable/main/source/kernel-patch-powerpc-2.6.8_2.6.8-13.tar.gz oldstable/main/binary-powerpc/kernel-headers-2.6.8-4_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power3_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power3_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power3-smp_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power3-smp_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power4_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power4_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-power4-smp_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-power4-smp_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-powerpc_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-powerpc_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-image-2.6.8-4-powerpc-smp_2.6.8-13_powerpc.deb oldstable/main/binary-powerpc/kernel-build-2.6.8-4-powerpc-smp_2.6.8-13_powerpc.deb kernel-patch-powerpc-2.6.8 (2.6.8-13) oldstable; urgency=high * Rebuild against kernel-tree-2.6.8-17 [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/source/kernel-source-2.6.8_2.6.8-17.dsc oldstable/main/source/kernel-source-2.6.8_2.6.8-17.diff.gz oldstable/main/binary-all/kernel-patch-debian-2.6.8_2.6.8-17_all.deb oldstable/main/binary-all/kernel-source-2.6.8_2.6.8-17_all.deb oldstable/main/binary-all/kernel-tree-2.6.8_2.6.8-17_all.deb oldstable/main/binary-all/kernel-doc-2.6.8_2.6.8-17_all.deb kernel-source-2.6.8 (2.6.8-17) oldstable; urgency=high [ Simon Horman ] * drivers-net-via-rhine-wol-oops.dpatch (removed): This patch breaks the via-rhine driver and 2.6.8 and is completely bogus for this version of the kernel (closes: #311357) * drivers-media-vidio-bttv-vc100xp-detect.dpatch Allow Leadtek WinFast VC100 XP cards to work. * fs-jbd-checkpoint-assertion.dpatch Fix possible false assertion failure in log_do_checkpoint(). We might fail to detect that we actually made a progress when cleaning up the checkpoint lists if we don't retry after writing something to disk. * mm-rmap-out-of-bounds-pte.dpatch Stop try_to_unmap_cluster() passing out-of-bounds pte to pte_unmap() * net-ipv4-netfilter-ip_queue-deadlock.dpatch Fix deadlock with ip_queue and tcp local input path. * asm-i386-mem-clobber.dpatch: Make sure gcc doesn't reorder memory accesses in strncmp and friends on i386. * drivers-acpi-pci_irq-elcr.dpatch: Make sure we call acpi_register_gsi() even for default PCI interrupt assignment. That's the part that keeps track of the ELCR register, and we want to make sure that the PCI interrupts are properly marked level/low. [ dann frazier ] * Merge in applicable fixes from 2.6.12.4 - netfilter-deadlock-ip6_queue.dpatch - rocket_c-fix-ldisc-ref-count.dpatch - early-vlan-fix.dpatch [ Simon Horman ] * drivers-sata-promise-sataii_tx2_tx4.dpatch Add SATAII TX2 and TX2/TX4 support to sata promise driver (Closes: #317286) * module-per-cpu-alignment-fix.dpatch Module per-cpu alignment cannot always be met From 2.6.12.5 * genelink-usbnet-skb-typo.dpatch fix gl_skb/skb type error in genelink driver in usbnet Backported From 2.6.12.6 * drivers-ide-ppp-pmac-build.dpatch Make sure BLK_DEV_IDEDMA_PCI is defined for pmac ide driver builds (closes: #321442) * fs-ext3-nfs-parent-fix.dpatch ext3 file systems mounted over nfs may lookup .. in dx directories causing an oops. (closes: #323557) * sparc-request_irq-in-RTC-fix.dpatch Use SA_SHIRQ in sparc specific code. From 2.6.13.1 * forcedeth-init-link-settings-in-nv_open.patch forcedeth: Initialize link settings in every nv_open() From 2.6.13.2 * fix-MPOL_F_VERIFY.patch Fix MPOL_F_VERIFY From 2.6.13.2 * fix-more-byte-to-dword-writes-to-PCI_ROM_ADDRESS-config-word.patch Fix up more strange byte writes to the PCI_ROM_ADDRESS config word From 2.6.13.2 * yenta-oops-fix.patch yenta oops fix From 2.6.13.3 * fix-de_thread-BUG_ON.patch Fix fs/exec.c:788 (de_thread()) BUG_ON From 2.6.13.3 * ipv6-fix-per-socket-multicast-filtering.patch fix IPv6 per-socket multicast filtering in exact-match case From 2.6.13.3 * ipvs-ip_vs_ftp-breaks-connections.patch ipvs: ip_vs_ftp breaks connections using persistence From 2.6.13.3 * ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.dpatch ieee1394/sbp2: fixes for hot-unplug and module unloading From 2.6.13.4 * fix-sparc64-fpu-register-corruption.dpatch [SPARC64]: Fix userland FPU state corruption. From 2.6.13.4 [ dann frazier ] * drivers-block-raw-ioctl2.dpatch, drivers-block-ioctl-enotty.dpatch: Fix a bug in the block layer that causes a bootloader installation error under certain conditions - breaks installation on cciss devices. (closes: #354493) * Fix data corruption with dm-crypt over RAID5 (closes: #336153) * Fix VLAN support for 3c59x/90x series hardware (closes: #349774) * Fix erroneous calculation of 'len' parameter to NLMSG_PUT resulting in bogus 'error during NLMSG_PUT' messages (closes: #372621) * hp-diva-rmp3.dpatch, hp-diva-hurricane.dpatch: Add PCI IDs for newer Diva console ports oldstable/main/binary-arm/kexi_0.1cvs20050408-1_arm.deb oldstable/main/binary-arm/kexi-postgresql-driver_0.1cvs20050408-1_arm.deb oldstable/main/binary-arm/kexi-mysql-driver_0.1cvs20050408-1_arm.deb oldstable/main/binary-arm/libkexi-dev_0.1cvs20050408-1_arm.deb kexi (0.1cvs20050408-1) unstable; urgency=low * New CVS Snapshot * new upload packages do not have missing files more and closes all the related bugs (Closes: #303525, #260613, #298172) oldstable/main/binary-ia64/kimdaba_2.0-4_ia64.deb kimdaba (2.0-4) unstable; urgency=low * Broken i386 package on Sid, unnecessary dependency on kdelibs 4:4.3.0 removed (closes: #309752). * Upstream KDE-help documentation is only in Docbook format. Only HTML, DebianDoc-SGML or Text are acceptable. Removed debian/kimdaba.doc-base (closes: #308985). oldstable/main/binary-alpha/libkadm55_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/libkrb53_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/krb5-user_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/krb5-clients_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/krb5-rsh-server_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/krb5-ftpd_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/krb5-telnetd_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/krb5-kdc_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/krb5-admin-server_1.3.6-2sarge5_alpha.deb oldstable/main/binary-alpha/libkrb5-dev_1.3.6-2sarge5_alpha.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-arm/libkadm55_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/libkrb53_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/krb5-user_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/krb5-clients_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/krb5-rsh-server_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/krb5-ftpd_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/krb5-telnetd_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/krb5-kdc_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/krb5-admin-server_1.3.6-2sarge5_arm.deb oldstable/main/binary-arm/libkrb5-dev_1.3.6-2sarge5_arm.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-hppa/libkadm55_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/libkrb53_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/krb5-user_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/krb5-clients_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/krb5-rsh-server_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/krb5-ftpd_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/krb5-telnetd_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/krb5-kdc_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/krb5-admin-server_1.3.6-2sarge5_hppa.deb oldstable/main/binary-hppa/libkrb5-dev_1.3.6-2sarge5_hppa.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/source/krb5_1.3.6-2sarge5.dsc oldstable/main/source/krb5_1.3.6-2sarge5.diff.gz oldstable/main/binary-all/krb5-doc_1.3.6-2sarge5_all.deb oldstable/main/binary-i386/libkadm55_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/libkrb53_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/krb5-user_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/krb5-clients_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/krb5-rsh-server_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/krb5-ftpd_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/krb5-telnetd_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/krb5-kdc_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/krb5-admin-server_1.3.6-2sarge5_i386.deb oldstable/main/binary-i386/libkrb5-dev_1.3.6-2sarge5_i386.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-ia64/libkadm55_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/libkrb53_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/krb5-user_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/krb5-clients_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/krb5-rsh-server_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/krb5-ftpd_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/krb5-telnetd_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/krb5-kdc_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/krb5-admin-server_1.3.6-2sarge5_ia64.deb oldstable/main/binary-ia64/libkrb5-dev_1.3.6-2sarge5_ia64.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-m68k/libkadm55_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/libkrb53_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/krb5-user_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/krb5-clients_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/krb5-rsh-server_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/krb5-ftpd_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/krb5-telnetd_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/krb5-kdc_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/krb5-admin-server_1.3.6-2sarge5_m68k.deb oldstable/main/binary-m68k/libkrb5-dev_1.3.6-2sarge5_m68k.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-mips/libkadm55_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/libkrb53_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/krb5-user_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/krb5-clients_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/krb5-rsh-server_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/krb5-ftpd_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/krb5-telnetd_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/krb5-kdc_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/krb5-admin-server_1.3.6-2sarge5_mips.deb oldstable/main/binary-mips/libkrb5-dev_1.3.6-2sarge5_mips.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-mipsel/libkadm55_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/libkrb53_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/krb5-user_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/krb5-clients_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/krb5-rsh-server_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/krb5-ftpd_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/krb5-telnetd_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/krb5-kdc_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/krb5-admin-server_1.3.6-2sarge5_mipsel.deb oldstable/main/binary-mipsel/libkrb5-dev_1.3.6-2sarge5_mipsel.deb krb5 (1.3.6-2sarge5) oldstable-security; urgency=emergency * MIT-SA-2007-4: The kadmin RPC library can free an uninitialized pointer or write past the end of a stack buffer. This may lead to execution of arbitrary code. (CVE-2007-2442, CVE-2007-2443) * MIT-SA-2007-5: kadmind is vulnerable to a stack buffer overflow that may lead to execution of arbitrary code. (CVE-2007-2798) oldstable/main/binary-powerpc/libkadm55_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/libkrb53_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/krb5-user_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/krb5-clients_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/krb5-rsh-server_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/krb5-ftpd_1.3.6-2sarge5_powerpc.deb oldstable/main/binary-powerpc/krb5-telnetd_1.3.6-2sarge