========================================= Sat, 01 Oct 2011 - Debian 5.0.9 released ========================================= ========================================================================= [Date: Sat, 01 Oct 2011 10:00:50 +0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: libunbound0 | 1.0.2-1+lenny1 | alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by unbound) ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 01 Oct 2011 10:03:42 +0000] [ftpmaster: Archive Administrator] Removed the following packages from oldstable: pixelpost | 1.7.1-5 | source, all Closed bugs: 614888 ------------------- Reason ------------------- RoQA/RoSRM; unmaintained, multiple security issues ---------------------------------------------- ========================================================================= apache2 (2.2.9-10+lenny11) lenny-security; urgency=high * Fix regressions related to range requests introduced by 2.2.9-10+lenny10. Closes: #639825 apache2 (2.2.9-10+lenny10) lenny-security; urgency=high * Fix CVE-2011-3192: DoS by high memory usage for a large number of overlapping ranges. * Fix CVE-2010-1452: Crash in mod_dav. apache2-mpm-itk (2.2.6-02-1+lenny6) lenny-security; urgency=high * Non-maintainer upload by the Security Team. * Rebuild with apache2-src 2.2.9-10+lenny11. apache2-mpm-itk (2.2.6-02-1+lenny5) lenny-security; urgency=high * Non-maintainer upload by the Security Team. * Rebuild with apache2-src 2.2.9-10+lenny10. aptitude (0.4.11.11-1~lenny2) oldstable; urgency=low * Non-maintainer upload. * Backport of 0009-fix-symlink-attack: Fix a potential symlink attack that could occur if a user with no home directory edited and saved the package hierarchy definitions. (Closes: #612034) asterisk (1:1.4.21.2~dfsg-3+lenny5) oldstable-security; urgency=high * Patch AST-2011-008: Use strlen rather than ast_str_len (Closes: #633481). asterisk (1:1.4.21.2~dfsg-3+lenny3) oldstable-security; urgency=high * Patch AST-2011-008 (CVE-2011-2529) - crash on a malformed SIP packet (Closes: 631446). * AST-2011-010 (CVE-2011-2535): crash due to dereferencing a remote pointer (closes: #631448) * AST-2011-011 (CVE-2011-2536): Don't leak SIP username information (closes: #632029) asterisk (1:1.4.21.2~dfsg-3+lenny2.1) oldstable-security; urgency=high * AST-2011-002 (CVE-2011-1147): Multiple crash vulnerabilities in UDPTL code (Closes: #614580). * Patch AST-2011-005 (CVE-2011-1507): Resource exhaustion in Asterisk Manager Interface. * Patch AST-2011-005-p2: Resource exhaustion in chan_skinny and AJAM - second part of the above (Closes: #618790). * Patches AST-2011-003, manager_manager_bugfix_reload - its pre-requirements. * My new @debian.org address asterisk (1:1.4.21.2~dfsg-3+lenny2) oldstable-security; urgency=high [ Tzafrir Cohen ] * AST-2011-001/CVE-2011-0495: Stack buffer overflow in SIP channel driver (Closes: #610487) * Backport a one-liner patch from upstream (ast_uri_validhex) to successfully apply the AST-2011-001 patch. atop (1.23-1+lenny1) oldstable; urgency=high * Non-maintainer upload. * Fix CVE-2011-XXXX: Insecure use of temporary files in rawlog.c and acctproc.c (Closes: #622794) avahi (0.6.23-3lenny3) oldstable-security; urgency=high * debian/patches/17_CVE-2011-1002.patch - Read NULL UDP packets else we end up in an infinite loop using 100% CPU and DoS of Avahi. (Closes: #614785, Fixes: CVE-2011-1002) base-files (5lenny10) oldstable; urgency=low * Bump version in /etc/debian_version to "5.0.9". * Target distribution changed to "oldstable", as stable is now squeeze. bcfg2 (0.9.5.7-1.1+lenny1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream patches to fix several problems of unescaped shell commands leading to remote root compromise (Closes: #640028). bind9 (1:9.6.ESV.R4+dfsg-0+lenny3) lenny-security; urgency=high * Apply patch from ISC BIND 9.6-ESV-R4-P3 to address CVE-2011-2464. bind9 (1:9.6.ESV.R4+dfsg-0+lenny2) lenny-security; urgency=high * Apply patches from 9.6-ESV-R4-P1 to address crasher in negative caching (CVE-2011-1910) and resolution failures in DLV mode. bind9 (1:9.6.ESV.R4+dfsg-0+lenny1) oldstable-security; urgency=low * New upstream version. Prepare for a signed COM TLD, as per: cgiirc (0.5.9-3lenny3) oldstable-security; urgency=low * Non-maintainer upload by the security team. * Fix XSS attack for non-javascript using clients. [CVE-2011-0050]. citadel (7.37-8+lenny1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix billion laughs DoS attack vector against xmpp component by completely disabling entity expansion (CVE-2011-1756). conky (1.6.0-2+lenny1) oldstable; urgency=low * Patch TEMP-0612033-026F3E: security issue in Conky's "eve" module, which causes Conky to be vulnerable to rewriting any user file. cups (1.3.8-1+lenny9) oldstable-security; urgency=high * Non-maintainer upload by Security Team * Fix plenty of security issues cyrus-imapd-2.2 (2.2.13-14+lenny4) oldstable-security; urgency=low * Fix CVE-2011-1926: STARTTLS plaintext command injection vulnerability (VU#555316) * Add gbp.conf to easy future updates dbus (1.2.1-5+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Backport upstream patch to fix a possible call stack overflow and thus denial of service, when processing messages with excessive nested variants. This fix restricts the nesting level to 64 (52-CVE-2010-4352.patch). debian-installer (20090123lenny9) oldstable; urgency=low * Rebuild to incorporate linux-kernel-di packages based upon linux-2.6 2.6.26-27 dhcp3 (3.1.1-6+lenny6) lenny-security; urgency=high * Apply patch from ISC to fix CVE-2011-2748 and CVE-2011-2749. dhcp3 (3.1.1-6+lenny5) oldstable-security; urgency=high * Fix cve-2011-0997: remote code execution vulnerability in dhclient. dokuwiki (0.0.20080505-4+lenny3) oldstable; urgency=low * debian/patches/rss_security.diff: Backport an upstream security fix for an XSS vulnerability in the RSS embedding mechanism. (CERTA-2011-AVI-366) dokuwiki (0.0.20080505-4+lenny2) oldstable; urgency=low * debian/patches/xmlrpc_security.diff: Backport an upstream security fix for an ACL bypass (TEMP-0000000-52FF39). dtc (0.29.17-1+lenny1) lenny-security; urgency=low * Fixes: CVE-2011-0434: SQL injection in bw_per_month.php graph * Fixes: CVE-2011-0435: Bandwidth information disclosure in bw_per_month.php graph. * Fixes: CVE-2011-0436: Passwords being emailed to the admin in clear text (Closes: #614302). * Fixes: CVE-2011-0437: Removed dangerous SQL old unused code for ssh accounts management. ejabberd (2.0.1-6+lenny3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix billion laughs attack DoS attack vector by disabling entity expansion completely (CVE-2011-1753.patch). exim4 (4.69-9+lenny4) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix regression: exim -bf no longer works as untrusted user. Closes: #611572 exim4 (4.69-9+lenny3) stable-security; urgency=low * 80_4.74_CVE-2011-0017.dpatch (Pulled from upstream git): Check return values of setgid/setuid. This is a privilege escalation vulnerability whereby the Exim run-time user can cause root to append content of the attacker's choosing to arbitrary files. * 80_4.74_deliverylogging.dpatch (Pulled from upstream git): If a non-debug daemon was invoked with a non-whitelisted macro, then logs from after attempting delivery would be silently lost, including for successful delivery. This log-loss bug was introduced as part of the security lockdown for fixing CVE-2010-4345. Closes: #610611 ffmpeg-debian (0.svn20080206-18+lenny3) oldstable-security; urgency=high * Fixes: CVE-2010-3429, update provided by upstream (r25223). * Fixes: CVE-2010-4704, integer overflow in the vorbis_residue_decode_internal (r25591). * Fixes: CVE-2010-4705, integer overflow. Port from r24675. * Fixes: TEMP-0570713-FED4BB, input sanitization with backport from the upstream: - r19322, fixes huffyuv avi file parsing. - r19355, makes decode_init fail if the huffman tables are invalid. - r19374, adds extra validation checks to ff_vorbis_len2vlc. - r19333, checks for failed extradata malloca. fontforge (0.0.20080429-1+lenny2) oldstable-security; urgency=low * Non-maintainer upload. * No-changes rebuild because lenny is now oldstable. fontforge (0.0.20080429-1+lenny1) stable-security; urgency=high * Non-maintainer upload during Security Team meeting * CVE-2010-4259 (closes: #605537). freetype (2.3.7-2+lenny6) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2011-0226: Vulnerability in parsing Type 1 fonts freetype (2.3.7-2+lenny5) stable-security; urgency=high * Non-maintainer during Security Team Meeting * CVE-2010-3814 CVE-2010-3855 horde3 (3.2.2+debian0-2+lenny3) oldstable-security; urgency=high * Non-maintainer uploaid by the security team (Closes: #598582) * Fix cross-site scripting via the subdir parameter in util/icon_browser.php Fixes: CVE-2010-3077 * Fix cross-site request forgery via preference forms Fixes: CVE-2010-3694 hplip (2.8.6.b-4+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix CVE-2010-4267 ikiwiki (2.53.6) oldstable-security; urgency=low * meta: Security fix; don't allow alternative stylesheets to be added on pages where the htmlscrubber is enabled. CVE-2011-1401 imp4 (4.2-4lenny3) oldstable-security; urgency=high * Non-maintainer upload by the security team * Fix cross-site scripting via the fm parameters (Closes: #598584) Fixes: CVE-2010-3695 klibc (1.5.12-2lenny1) oldstable; urgency=low * ipconfig: Escape DHCP options. (CVE-2011-1930) libmodplug (1:0.8.4-1+lenny2) oldstable-security; urgency=high * CVE-2011-1574 libsndfile (1.0.17-4+lenny3) oldstable-security; urgency=low * CVE-2011-2696 libvirt (0.4.6-10+lenny2) oldstable-security; urgency=low * [bb53af0] CVE-2011-2511: Fix integer overflow in VirDomainGetVcpus (Closes: #633630) libxfont (1:1.3.3-2) lenny-security; urgency=high * Fix LZW decompression heap corruption (CVE-2011-2895). libxml2 (2.6.32.dfsg-5+lenny4) oldstable-security; urgency=low * xpath.c: Fix some potential problems on reallocation failures. Closes: #628537. linux-2.6 (2.6.26-27) oldstable; urgency=high [ Ben Hutchings ] * dm,md: Deal with merge_bvec_fn in component devices better (Closes: #604457) * rt2x00: Fix memory leak after failing to insert RTS/CTS frame (Closes: #561890) [ dann frazier ] * Include selected backport from 2.6.27.58: - md: fix bug with re-adding of partially recovered device. * Include selected backports from 2.6.27.59: - NFS: fix the return value of nfs_file_fsync() - ptrace: use safer wake up on ptrace_detach() - [x86] mm: avoid possible bogus tlb entries by clearing prev mm_cpumask after switching mm - dm raid1: fail writes if errors are not handled and log fails - [x86] asus_acpi: world-writable procfs files - [x86] acer-wmi: world-writable sysfs threeg file - [x86] tc1100-wmi: world-writable sysfs wireless and jogdial files - NFSD: memory corruption due to writing beyond the stat array - ext2: Fix link count corruption under heavy link+rename load - virtio: set pci bus master enable bit - [s390] keyboard: integer underflow bug - ocfs2_connection_find() returns pointer to bad structure - libsas: fix runaway error handler problem - NFS: Fix "kernel BUG at fs/aio.c:554!" - md: fix regression with re-adding devices to arrays with no metadata - [x86] Flush TLB if PGD entry is changed in i386 PAE mode - ext3: skip orphan cleanup on rocompat fs - cciss: fix lost command issue * cifs: fix an oops that can occur when accessing filenames containing accented characters from a Windows ME server (Closes: #524438) * [hppa] Fix FTBFS caused by CVE-2011-2496 fix linux-2.6 (2.6.26-26lenny3) oldstable-security; urgency=high [ dann frazier ] * net: clear heap allocations for privileged ethtool actions (CVE-2010-4655) * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1 (CVE-2011-0711) * [s390] remove task_show_regs (CVE-2011-0710) * fs/partitions: Validate map_count in Mac partition tables (CVE-2011-1010) * ldm: corrupted partition table can cause kernel oops (CVE-2011-1012) * Bluetooth: sco: fix information leak to userspace (CVE-2011-1078) * Bluetooth: bnep: fix buffer overflow (CVE-2011-1079) * bridge: netfilter: fix information leak (CVE-2011-1080) * nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab (CVE-2011-1090) * dccp: fix oops on Reset after close (CVE-2011-1093) * Fix corrupted OSF partition table parsing (CVE-2011-1163) * netfilter: arp_tables: fix infoleak to userspace (CVE-2011-1170) * netfilter: ip_tables: fix infoleak to userspace (CVE-2011-1171) * ipv6: netfilter: ip6_tables: fix infoleak to userspace (CVE-2011-1172) * econet: 4 byte infoleak to the network (CVE-2011-1173) * irda: validate peer name and attribute lengths (CVE-2011-1180) * RDMA/cma: Fix crash in request handlers (CVE-2011-0695) * IB/cm: Bump reference count on cm_id before invoking callback (CVE-2011-0695) * Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal code (CVE-2011-1182) * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo (CVE-2011-1182) * proc: protect mm start_code/end_code in /proc/pid/stat (CVE-2011-0726) * cifs: Fix cache stuffing issue in the dns_resolver keyring (CVE-2010-2524) * serial: Fix information leak in TIOCGICOUNT ioctl (CVE-2010-4075) * net: ax25: improve information leak to userland fix, a further fix for CVE-2010-3875 * char/tpm: Fix unitialized usage of data buffer (CVE-2011-1160) * ROSE: prevent heap corruption with bad facilities (CVE-2011-1493) * next_pidmap: fix overflow condition (CVE-2011-1593) * can: Add missing socket check in can/bcm release (CVE-2011-1598) * agp: fix arbitrary kernel memory writes (CVE-2011-1745, CVE-2011-2022) * agp: fix OOM and buffer overflow (CVE-2011-1746) * can: Add missing socket check in can/raw release (CVE-2011-1748) * [arm] 6891/1: prevent heap corruption in OABI semtimedop (CVE-2011-1759) * gre: fix netns vs proto registration ordering (CVE-2011-1767) * Validate size of EFI GUID partition entries (CVE-2011-1776) * fs/partitions/ldm.c: fix oops caused by corrupted partition table (CVE-2011-1017) * Improve fix for buffer overflow in ldm_frag_add (CVE-2011-2182) * efi: corrupted GUID partition tables can cause kernel oops (CVE-2011-1577) * tunnels: fix netns vs proto registration ordering [ Ben Hutchings ] * [vserver] Complete fix for CVE-2010-4243 (Closes: #618485) linux-2.6 (2.6.26-26lenny2) stable-security; urgency=high [ dann frazier ] * filter: make sure filters dont read uninitialized memory (CVE-2010-4158) * bio: take care not overflow page count when mapping/copying user data (CVE-2010-4162) * block: check for proper length of iov entries in blk_rq_map_user_iov() (CVE-2010-4163) * bluetooth: Fix missing NULL check (CVE-2010-4242) * posix-cpu-timers: workaround to suppress the problems with mt exec (CVE-2010-4248) * KVM: VMX: fix vmx null pointer dereference on debug register access (CVE-2010-0435) * exec: make argv/envp memory visible to oom-killer (CVE-2010-4243) * af_unix: limit unix_tot_inflight (CVE-2010-4249) * do_exit(): make sure that we run with get_fs() == USER_DS (CVE-2010-4258) * econet: Disable auto-loading as mitigation against local exploits. This module has been shown to be broken, so this risk of this affecting real users is insignificant. * econet: Fix crash in aun_incoming() (CVE-2010-4342) * install_special_mapping skips security_file_mmap check (CVE-2010-4346) * CAN: Use inode instead of kernel address for /proc file (CVE-2010-4565) * IB/uverbs: Handle large number of entries in poll CQ (CVE-2010-4649) * block: check for proper length of iov entries earlier in blk_rq_map_user_iov() (CVE-2010-4668) * av7110: check for negative array offset (CVE-2011-0521) * usb: iowarrior: don't trust report_size for buffer size (CVE-2010-4656) [ Moritz Muehlenhoff ] * blkback/blktap/netback: Fix CVE-2010-3699 * sctp: Fix a race between ICMP protocol unreachable and connect() (CVE-2010-4526) * sound: Prevent buffer overflow in OSS load_mixer_volumes (CVE-2010-4527) * irda: prevent integer underflow in IRLMP_ENUMDEVICES (CVE-2010-4529) linux-kernel-di-alpha-2.6 (0.37lenny10) oldstable; urgency=low * Built against version 2.6.26-27 of linux-2.6. linux-kernel-di-amd64-2.6 (1.53lenny10) oldstable; urgency=low * Built against version 2.6.26-27 of linux-2.6. linux-kernel-di-armel-2.6 (1.32lenny10) oldstable; urgency=low * Built against version 2.6.26-27 of linux-2.6. linux-kernel-di-hppa-2.6 (1.38lenny10) oldstable; urgency=low * Built against version 2.6.26-27 of linux-2.6. linux-kernel-di-i386-2.6 (1.76lenny10) oldstable; urgency=low * Built against version 2.6.26-27 of linux-2.6. linux-kernel-di-ia64-2.6 (1.42lenny10) oldstable; urgency=low * Built against version 2.6.26-27 of linux-2.6. linux-kernel-di-mips-2.6 (1.9lenny10) oldstable; urgency=low * Built against version 2.6.26-27 of linux-2.6. linux-kernel-di-mipsel-2.6 (1.8lenny10) oldstable; urgency=low * Built against version 2.6.26-27 of linux-2.6. linux-kernel-di-powerpc-2.6 (1.48lenny10) oldstable; urgency=low * Built against version 2.6.26-27 of linux-2.6. linux-kernel-di-s390-2.6 (0.37lenny10) oldstable; urgency=low * Built against version 2.6.26-27 of linux-2.6. linux-kernel-di-sparc-2.6 (1.41lenny10) oldstable; urgency=low * Built against version 2.6.26-27 of linux-2.6. logwatch (7.3.6.cvs20080702-2lenny1) oldstable-security; urgency=high * CVE-2011-1018: Remote code execution by combination of - Logfile name by attacker's choice (e.g. samba log files) and - Missing sanitization of logfile names in system() call. - fix by encapsulating logfile names in ' and disallowing '. Taken from upstream. - closes: #615995 magpierss (0.72-5+lenny1) oldstable-proposed-updates; urgency=low * Fixing CVE-2011-0740 (Closes: #611940) Cross-site scripting (XSS) vulnerability in scripts/magpie_slashbox.php and scripts/simple_smarty.php mahara (1.0.4-4+lenny10) oldstable-security; urgency=high * SECURITY UPDATE: fixes to session key validation (CSRF) - debian/patches/CVE-2011-1403.dpatch: upstream patch * SECURITY UPDATE: privilege escalation in admin area - debian/patches/CVE-2011-1402.dpatch: upstream patch * SECURITY UPDATE: information disclosure in AJAX calls - debian/patches/CVE-2011-1404.dpatch: upstream patch * SECURITY UPDATE: https to http downgrade - debian/patches/CVE-2011-1406.dpatch: upstream patch mahara (1.0.4-4+lenny8) oldstable-security; urgency=high * SECURITY UPDATE: cross-site scripting vulnerability - debian/patches/CVE-2011-0439.dpatch: upstream patch - CVE-2011-0439 mahara (1.0.4-4+lenny7) oldstable-security; urgency=high * SECURITY UPDATE: cross-site scripting vulnerability - debian/patches/CVE-2011-0439.dpatch: upstream patch - CVE-2011-0439 mailman (1:2.1.11-11+lenny2) oldstable-security; urgency=high * Upload to lenny-security. * CVE-2010-3089: cross-site scripting (XSS) vulnerabilities which can be exploited by list administrators (Closes: 599833). * CVE-2011-0707: Cross site scripting in subscriber names. mantis (1.1.6+dfsg-2lenny6) oldstable-security; urgency=high * Bump package version to 'lenny6' for another security upload try as requested by Moritz. Previous upload was rejected by dak. Reject Reasons: + md5sum for mantis_1.1.6+dfsg.orig.tar.gz doesn't match + size for mantis_1.1.6+dfsg.orig.tar.gz doesn't match maradns (1.3.07.09-2.1) lenny-security; urgency=high * Non-maintainer upload by the Security Team. * Fix CVE-2011-0520: buffer overflow via large number of labels mediawiki (1:1.12.0-2lenny8) oldstable; urgency=high * Oldstable upload. * CVE-2011-0047: Protect against a CSS injection vulnerability (closes: #611787) moodle (1.8.13-3) oldstable-security; urgency=high * Upgrade bundled CAS to 1.1.3. Cherry picked commits: - 2edb3c6a5c205aed99932a73b2b8d4f6ec262992 - d2bdcac8a917c132d1c86108943c2c9830f3b5f6 - d485928c12f6ebfa3d216b6e52918ade24b54bb8 Addressed vulnerabilities: - CVE-2010-2795 - CVE-2010-2796 - CVE-2010-3690 - CVE-2010-3691 - CVE-2010-3692 * Added note to NEWS about broken user picture - thanks for Victor Martinez (closes: #600043) nbd (1:2.9.11-3lenny1) oldstable-security; urgency=low * Cherry-pick commit 3ef52043861ab16352d49af89e048ba6339d6df8 from upstream git repo to fix buffer size check in nbd-server. Closes: #611187, CVE-2011-0530. nss (3.12.3.1-0lenny6) oldstable-security; urgency=low * mozilla/security/nss/lib/ckfw/builtins/certdata.*: Explicitely distrust various DigiNotar CAs: - DigiNotar Root CA - DigiNotar Services 1024 CA - DigiNotar Cyber CA - DigiNotar Cyber CA 2nd - DigiNotar PKIoverheid - DigiNotar PKIoverheid G2 nss (3.12.3.1-0lenny5) oldstable-security; urgency=low * debian/patches/diginotar.dpatch: Remove DigiNotar Root CA. * debian/patches/00list: Updated accordingly. nss (3.12.3.1-0lenny4) oldstable-security; urgency=low * debian/patches/fraudulent-certs.dpatch: Mark fraudulent Comodo certificates as untrusted. * debian/patches/00list: Updated accordingly. openafs (1.4.7.dfsg1-6+lenny4) oldstable-security; urgency=high * Reupload to oldstable-security since squeeze has now released. openldap (2.4.11-1+lenny2.1) oldstable; urgency=low * Non-maintainer upload. * Backport security fixes: (Closes: #617606) - CVE-2011-1024 Authentication bypass in back-ldap - CVE-2011-1081 DoS in modrdn operation openoffice.org (1:2.4.1+dfsg-1+lenny11) stable-security; urgency=low * ooo-build/patches/src680/security-fixes-from-cws-impress208.diff: fix possible heap overflow when reading manipulated TGA images (CVE-2010-4643) openssl (0.9.8g-15+lenny13) lenny; urgency=low * Non-maintainer upload by the Security Team. * Fix CVE-2011-3210: SSL memory handling for (EC)DH ciphersuites openssl (0.9.8g-15+lenny12) lenny-security; urgency=high * Non-maintainer upload by the Security Team. * debian/rules: prevent the build system from adding noise to the package's .diff file. * Block DigiNotar certificates * Fix CVE-2011-1945: timing attacks against ECDHE_ECDSA makes it easier to determine private keys. oprofile (0.9.3-2+lenny2) oldstable-security; urgency=low * Non-maintainer upload by the Security Team. * Jamie Strandboge noticed an uncomplete fix for CVE-2011-1760 Closes: #624212 oprofile (0.9.3-2+lenny1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Add patches by William Cohen to fix argument sanitation, CVE-2011-1760. This fixes the arbitrary command execution via opcontrol. (Closes: #624212) pam-pgsql (0.6.3-2+lenny1) oldstable-security; urgency=high * add debian/patches/ipaddr-crash_603436.patch: fix crash on long addresses that trigger signedness in "%d", thanks to Kees Cook for the patch (LP: #722386, Closes: 603436). pcsc-lite (1.4.102-1+lenny4) stable-security; urgency=high * Fix CVE-2010-4531: buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) * Closes: #607781 "pcsc-lite: buffer overflow" php5 (5.2.6.dfsg.1-1+lenny13) oldstable-security; urgency=low * Remove stray php_printf from CVE-2010-2531 (Closes: #632194) php5 (5.2.6.dfsg.1-1+lenny12) oldstable-security; urgency=low * Fix CVE-2011-2202: file path injection vulnerability in RFC1867 file upload filename php5 (5.2.6.dfsg.1-1+lenny11) oldstable-security; urgency=low * Fix _zip_name_locate function in zip_name_locate.c (CVE-2011-0421) * Fix integer overflow in the SdnToJulian (has CVE-2011-1466) * Fix incorrect cast on 64-bit platforms in exif.c (CVE-2011-0708) * Fix for integer signedness error in zip_stream.c (CVE-2011-1471) php5 (5.2.6.dfsg.1-1+lenny10) lenny-security; urgency=high [ Ondřej Surý ] * Include upstream's fix for CVE-2010-1128: Weak seed for the Linear Congruential Generator (LCG) * Fix CVE-2010-3709: NULL pointer dereference in ZipArchive::getArchiveComment * Fix CVE-2010-3710: stack consumption when using the FILTER_VALIDATE_EMAIL filter * Fix CVE-2010-3870: incorrect handling of ill-formed subsequences in UTF-8 data * Fix CVE-2010-4150: Double free in imap_do_open * Fix a NULL pointer dereference in the zip extract method [ Raphael Geissert ] * Include a test for CVE-2010-4645 * Fix CVE-2011-0441: arbitrary files removal via cronjob (Closes #618489) phpmyadmin (4:2.11.8.1-5+lenny9) oldstable-security; urgency=high * Upload to oldstable to fix security issues. * CVE-2011-2642: XSS in table Print view. phpmyadmin (4:2.11.8.1-5+lenny8) oldstable-security; urgency=high * Fixes SQL injection (PMASA-2011-2, CVE-2011-0987). pmake (1.111-1+lenny1) oldstable; urgency=low * Non-maintainer upload. * Backport fix for CVE-2011-1920 (symlink attack in bsd.lib.mk (Closes: #626673) postfix (2.5.5-1.1+lenny1) oldstable-security; urgency=high * Correct permissions on /var/spool/postfix/pid (CVE-2009-2939) * Fix data injection in TLS handshaking (CVE-2011-0411) * Don't reuse the SASL handle after authentication failure (CVE-2011-1720) postgresql-8.3 (8.3.14-0lenny1) stable-security; urgency=low * New upstream security/bug fix release: - Fix buffer overrun in "contrib/intarray"'s input function for the query_int type. This bug is a security risk since the function's return address could be overwritten. Thanks to Apple Inc's security team for reporting this issue and supplying the fix. (CVE-2010-4015) - Avoid failures when "EXPLAIN" tries to display a simple-form CASE expression. If the CASE's test expression was a constant, the planner could simplify the CASE into a form that confused the expression-display code, resulting in "unexpected CASE WHEN clause" errors. - Fix assignment to an array slice that is before the existing range of subscripts. If there was a gap between the newly added subscripts and the first pre-existing subscript, the code miscalculated how many entries needed to be copied from the old array's null bitmap, potentially leading to data corruption or crash. - Avoid unexpected conversion overflow in planner for very distant date values. The date type supports a wider range of dates than can be represented by the timestamp types, but the planner assumed it could always convert a date to timestamp with impunity. - Fix pg_restore's text output for large objects (BLOBs) when standard_conforming_strings is on. Although restoring directly to a database worked correctly, string escaping was incorrect if pg_restore was asked for SQL text output and standard_conforming_strings had been enabled in the source database. - Fix erroneous parsing of tsquery values containing ... & !(subexpression) | ... . Queries containing this combination of operators were not executed correctly. The same error existed in "contrib/intarray"'s query_int type and "contrib/ltree"'s ltxtquery type. - Fix bug in "contrib/seg"'s GiST picksplit algorithm. This could result in considerable inefficiency, though not actually incorrect answers, in a GiST index on a seg column. If you have such an index, consider "REINDEX"ing it after installing this update. (This is identical to the bug that was fixed in "contrib/cube" in the previous update.) proftpd-dfsg (1.3.1-17lenny6) oldstable-security; urgency=high * Rebuild for Lenny being oldstable quagga (0.99.10-1lenny5) oldstable-security; urgency=high * Fix crash in Extended Communities handling (CVE-2010-1674) * Remove support for AS_PATHLIMIT (CVE-2010-1675) * Fix format string issue in vty_hello rails (2.1.0-7+lenny1) oldstable-security; urgency=low * Fix SQL Injection Vulnerability in Ruby on Rails (CVE-2011-2930) * Fix parse error in strip_tags vulnerability (CVE-2011-2931) * Fix response splitting vulnerability (CVE-2011-3186) * Adopt the package under DRE rails (2.1.0-7+lenny0.2) oldstable-security; urgency=low [ Ondřej Surý ] * Non-maintainer upload. [ Adam Majer ] * Fix timing attack vulnerability in the Cookie Store [CVE-2009-3086] (closes: #545063) * Fix Cross-site scripting (XSS) vulnerability in the strip_tags function [CVE-2009-4214] (closes: #558685) * Backport an important change to prevent unclosed CDATA section to blow up HTML::Node.parse. [ Micah Anderson ] * Add NEWS entry about CVE-2011-0447 rails (2.1.0-7+lenny0.1) oldstable-security; urgency=low * Non-maintainer upload * Fix XSS Risk in mail_to :encode=>:javascript [CVE-2011-0446] * Fix CSRF Bypass Risk: [CVE-2011-0447] request-tracker3.6 (3.6.7-5+lenny6) oldstable-security; urgency=high * Security fix: fix information leakage in scrips (CVE-2011-1008) * Multiple security fixes for: - Information disclosure via SQL injection (CVE-2011-1686) - Information disclosure via search interface (CVE-2011-1687) - Information disclosure via directory traversal (CVE-2011-1688) - User javascript execution via XSS vulnerability (CVE-2011-1689) - Authentication credentials theft (CVE-2011-1690) - XSS relating to login credentials request-tracker3.6 (3.6.7-5+lenny5) stable-security; urgency=high * Security fix: support salted passwords in database and upgrade unsalted passwords (CVE-2011-0009) samba (2:3.2.5-4lenny15) lenny-security; urgency=medium * Apply patches from Kai Blin to fix CVE-2011-2522, CVE-2011-2694 samba (2:3.2.5-4lenny14) oldstable-security; urgency=high * Security update, fixing the following issue: - CVE-2011-0719: denial of service by memory corruption squid3 (3.0.STABLE8-3+lenny5) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix buffer overflow on long gopher server replies (CVE-2011-3205; Closes: #639755). squirrelmail (2:1.4.15-4+lenny5) oldstable-security; urgency=high * Upload to lenny-security. * Fix regression in patch for CVE-2010-2813 that caused a fatal error when logging in with a password which uses 8 bit characters (closes: #593465). Thanks Micah Anderson and Jan Kontze for their debugging help. * CVE-2011-2023: Messages containing style tags with malicious script attributes were being displayed without being fully sanitized. * CVE-2010-4554: Clickjacking attack wherein the entire application can be loaded in a frame that could overlay other elements on top of SquirrelMail's user interface and possibly expose private user data to an attacker. * CVE-2010-4555 CVE-2011-2752 CVE-2011-2753: An attacker could use one of several small bugs in SquirrelMail to inject malicious script into various pages or alter the contents of user preferences. subversion (1.5.1dfsg1-6) oldstable-security; urgency=high * patches/cve-2011-0715: New patch for CVE-2011-0715, fixing a remotely triggered crash in mod_dav_svn involving lock tokens. sun-java6 (6-26-0lenny1) oldstable; urgency=high [ Sylvestre Ledru ] * New upstream release (Closes: #629852) * SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes: - (CVE-2011-0862): integer overflows in JPEGImageReader and font SunLayoutEngine (2D, 7013519) - (CVE-2011-0873): unspecified vulnerability fixed in 6u26 (2D) - (CVE-2011-0815): FileDialog.show() buffer overflow (AWT, 7012520) - (CVE-2011-0817): unspecified vulnerabilities fixed in 6u26 (Deployment, JRE) - (CVE-2011-0863): unspecified vulnerability fixed in 6u26 (Deployment) - (CVE-2011-0864): JVM memory corruption via certain bytecode (HotSpot, 7020373) - (CVE-2011-0802): unspecified vulnerabilities fixed in 6u26 (Sound) - (CVE-2011-0814): unspecified vulnerabilities fixed in 6u26 (Sound) - (CVE-2011-0871): MediaTracker created Component instances with unnecessary privileges (Swing, 7020198) - (CVE-2011-0786): unspecified vulnerabilities fixed in 6u26 (Deployment, JRE) - (CVE-2011-0788): unspecified vulnerabilities fixed in 6u26 (Deployment, JRE) - (CVE-2011-0866): unspecified vulnerabilities fixed in 6u26 (Deployment, JRE) - (CVE-2011-0868): incorrect numeric type conversion in TransformHelper (2D, 7016495) - (CVE-2011-0872): non-blocking sockets incorrectly selected for reading (NIO, 6213702) - (CVE-2011-0867): NetworkInterface information leak (Networking, 7013969) - (CVE-2011-0869): unprivileged proxy settings change via SOAPConnection (SAAJ, 7013971) - (CVE-2011-0865): Deserialization allows creation of mutable SignedObject (Deserialization, 6618658) [ Torsten Werner ] * Upload to oldstable. sun-java6 (6-24-0lenny1) oldstable; urgency=low * New upstream release (Closes: #613741) * SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes: - (CVE-2010-4476): Java Runtime Environment hangs when converting "2.2250738585072012e-308" to a binary floating-point number. - (CVE-2010-4452): Oracle Java XGetSamplePtrFromSnd Remote Code Execution Vulnerability - (CVE-2010-4454): Vulnerability allows successful unauthenticated network attacks via multiple protocols. - (CVE-2010-4462): XGetSamplePtrFromSnd Remote Code Execution Vulnerability - (CVE-2010-4463): Webstart Trusted JNLP Extension Remote Code Execution Vulnerability - (CVE-2010-4465): Swing timer-based security manager bypass - (CVE-2010-4467): Vulnerability allows successful unauthenticated network attacks via multiple protocols. - (CVE-2010-4469): Hotspot backward jsr heap corruption - (CVE-2010-4473): Vulnerability allows successful unauthenticated network attacks via multiple protocols. - (CVE-2010-4422): Vulnerability allows successful unauthenticated network attacks via multiple protocols. - (CVE-2010-4451): Vulnerability allows successful unauthenticated network attacks via HTTP. - (CVE-2010-4466): Runtime NTLM Authentication Information Leakage Vulnerability - (CVE-2010-4470): JAXP untrusted component state manipulation - (CVE-2010-4471): Java2D font-related system property leak - (CVE-2010-4447): Vulnerability allows successful unauthenticated network attacks via multiple protocols. - (CVE-2010-4475): vulnerability allows successful unauthenticated network attacks via multiple protocols. - (CVE-2010-4468): DNS cache poisoning by untrusted applets - (CVE-2010-4450): Launcher incorrect processing of empty library path entries - (CVE-2010-4448): DNS cache poisoning by untrusted applets - (CVE-2010-4472): Untrusted code allowed to replace DSIG/C14N implementation - (CVE-2010-4474): Easily exploitable vulnerability requiring logon to Operating System. telepathy-gabble (0.7.6-1+lenny1) oldstable-security; urgency=high * debian/patches/00-jingleinfo.diff: Added to ignore google:jingleinfo pushes from contacts which may theoretically allow an attacker to trick Gabble into relaying streamed media through a server of the attacker's choosing, enabling them to intercept, obstruct or modify the user's audio and video calls. tesseract (2.03-2+lenny1) oldstable; urgency=low * Disable xterm-based debug windows (closes: #612032, LP: #607297). Thanks to Kees Cook for the bug report. tiff (3.8.2-11.5) oldstable-security; urgency=high * Redo CVE-2011-0192 to fix a regression. tiff (3.8.2-11.4) oldstable-security; urgency=high * CVE-2011-0191 and CVE-2011-0191 tomcat5.5 (5.5.26-5lenny2) oldstable-security; urgency=high * Rebuild for Lenny being oldstable typo3-src (4.2.5-1+lenny8) oldstable-security; urgency=high [ Christian Welzel ] * Security patch from new upstream release 4.3.12 - fixes: "TYPO3 Security Bulletin TYPO3-CORE-SA-2011-001: Multiple vulnerabilities in TYPO3 Core" (Closes: 635937) tzdata (2011k-0lenny1) oldstable; urgency=low * New upstream release: - Update DST rules for Ukraine. Closes: #642232. - Update DST rules for Belarus. Closes: #641846. tzdata (2011j-1) unstable; urgency=low [ Aurelien Jarno ] * New upstream release. [ Debconf translations ] * Swedish (Martin Bagge / brother). Closes: #640624 * Italian (David Paleino). Closes: #640772 * Catalan; (Jordà Polo). Closes: #640775 * Russian (Yuri Kozlov). Closes: #640820 * Japanese (Kenshi Muto). Closes: #641113 * German (Holger Wansing). Closes: #641220 * Danish (Joe Hansen). Closes: #640833 tzdata (2011j-0lenny1) oldstable; urgency=low * New upstream release. tzdata (2011i-2) unstable; urgency=medium [ Aurelien Jarno ] * OpenJDK-6 changed the path to the java binary without warning. Try both the old and the new path, to avoid adding a versioned dependency on openjdk-6-jre-headless that would prevent migration to testing. Closes: #640276. * Set urgency to medium to avoid delaying too much migration to testing with this upload. [ Debconf translations ] * French updated (Christian Perrier) tzdata (2011i-1) unstable; urgency=low * New upstream version. tzdata (2011h-4) unstable; urgency=low * Add build-arch and build-indep targets. * Remove hardlinks to comply with the policy, by replacing identical files with symlinks. It also reduces the package size by 38% and the installed size by 35%. * Change the source compression format to "xz", .po files in plenty of different languages compress very well. tzdata (2011h-3) unstable; urgency=low * Correctly handle empty debconf values (how is that possible for a select entry?). Closes: #545146, #631878. tzdata (2011h-2) unstable; urgency=low * Ignore debconf errors, return default values in that case. Closes: #631878. tzdata (2011h-1) unstable; urgency=low [ Aurelien Jarno ] * Fix preseeding. Closes: #510908. [ Clint Adams ] * New upstream release. * Bump to Standards-Version 3.9.2. tzdata (2011h-0squeeze1) stable; urgency=low * New upstream release. tzdata (2011h-0lenny1) oldstable; urgency=low * New upstream release. tzdata (2011g-1) unstable; urgency=high * New upstream release. closes: #624154. tzdata (2011f-1) unstable; urgency=low * New upstream release. * Update Danish translation from Joe Dalton. closes: #601231. tzdata (2011e-1) unstable; urgency=high * New upstream release. - Changes Chilean DST yet again. closes: #620288. tzdata (2011d-1) unstable; urgency=high [ Aurelien Jarno ] * debian/control: provides tzdata-wheezy instead of tzdata-squeeze. [ Clint Adams ] * New upstream release. tzdata (2011d-0squeeze1) stable; urgency=low * New upstream release. tzdata (2011d-0lenny1) oldstable; urgency=low * New upstream release . - Contains Turkish DST change. tzdata (2011c-1) unstable; urgency=low * New upstream release. tzdata (2011c-0squeeze1) stable; urgency=low * New upstream release. - Contains Chilean DST change. closes: #617331. tzdata (2011c-0lenny1) oldstable; urgency=low * New upstream release. - Contains Chilean DST change. closes: #617331. tzdata (2011b-2) unstable; urgency=low * Mark tzdata and tzdata-java as Multi-Arch: foreign. closes: #612700. tzdata (2011b-1) unstable; urgency=low * New upstream release. tzdata (2011a-1) unstable; urgency=low * New upstream release. tzdata (2010o-1) unstable; urgency=low * New upstream release. unbound (1.4.6-1~lenny1) oldstable-security; urgency=medium * Rebuild for lenny. * Switch to supplied ldns copy. unbound (1.4.5-1) unstable; urgency=low * New upstream release. * Add dependency on openssl to the unbound binary package; closes: #585808. unbound (1.4.4-1) unstable; urgency=low * New upstream release. unbound (1.4.3-1) unstable; urgency=low * New upstream release. unbound (1.4.2-1) unstable; urgency=low * New upstream release. unbound (1.4.1-2) unstable; urgency=low * Invoke dh_installinit with --restart-after-upgrade; closes: #563033. unbound (1.4.1-1) unstable; urgency=low * New upstream release. * Document copyright status of util/configparser.c, util/configparser.h; closes: #552066. * Enable libev support; closes: #552424. unbound (1.4.0-1) unstable; urgency=low * New upstream release. user-mode-linux (2.6.26-1um-2+27) oldstable; urgency=high * Rebuild against linux-source-2.6.26 (2.6.26-27): * dm,md: Deal with merge_bvec_fn in component devices better (See: #604457) * rt2x00: Fix memory leak after failing to insert RTS/CTS frame (See: #561890) * Include selected backport from 2.6.27.58: - md: fix bug with re-adding of partially recovered device. * Include selected backports from 2.6.27.59: - NFS: fix the return value of nfs_file_fsync() - ptrace: use safer wake up on ptrace_detach() - [x86] mm: avoid possible bogus tlb entries by clearing prev mm_cpumask after switching mm - dm raid1: fail writes if errors are not handled and log fails - [x86] asus_acpi: world-writable procfs files - [x86] acer-wmi: world-writable sysfs threeg file - [x86] tc1100-wmi: world-writable sysfs wireless and jogdial files - NFSD: memory corruption due to writing beyond the stat array - ext2: Fix link count corruption under heavy link+rename load - virtio: set pci bus master enable bit - [s390] keyboard: integer underflow bug - ocfs2_connection_find() returns pointer to bad structure - libsas: fix runaway error handler problem - NFS: Fix "kernel BUG at fs/aio.c:554!" - md: fix regression with re-adding devices to arrays with no metadata - [x86] Flush TLB if PGD entry is changed in i386 PAE mode - ext3: skip orphan cleanup on rocompat fs - cciss: fix lost command issue * cifs: fix an oops that can occur when accessing filenames containing accented characters from a Windows ME server (See: #524438) * [hppa] Fix FTBFS caused by CVE-2011-2496 fix user-mode-linux (2.6.26-1um-2+26lenny3) oldstable-security; urgency=high * Rebuild against linux-source-2.6.26 (2.6.26-26lenny3): * net: clear heap allocations for privileged ethtool actions (CVE-2010-4655) * xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1 (CVE-2011-0711) * [s390] remove task_show_regs (CVE-2011-0710) * fs/partitions: Validate map_count in Mac partition tables (CVE-2011-1010) * ldm: corrupted partition table can cause kernel oops (CVE-2011-1012) * Bluetooth: sco: fix information leak to userspace (CVE-2011-1078) * Bluetooth: bnep: fix buffer overflow (CVE-2011-1079) * bridge: netfilter: fix information leak (CVE-2011-1080) * nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab (CVE-2011-1090) * dccp: fix oops on Reset after close (CVE-2011-1093) * Fix corrupted OSF partition table parsing (CVE-2011-1163) * netfilter: arp_tables: fix infoleak to userspace (CVE-2011-1170) * netfilter: ip_tables: fix infoleak to userspace (CVE-2011-1171) * ipv6: netfilter: ip6_tables: fix infoleak to userspace (CVE-2011-1172) * econet: 4 byte infoleak to the network (CVE-2011-1173) * irda: validate peer name and attribute lengths (CVE-2011-1180) * RDMA/cma: Fix crash in request handlers (CVE-2011-0695) * IB/cm: Bump reference count on cm_id before invoking callback (CVE-2011-0695) * Prevent rt_sigqueueinfo and rt_tgsigqueueinfo from spoofing the signal code (CVE-2011-1182) * Relax si_code check in rt_sigqueueinfo and rt_tgsigqueueinfo (CVE-2011-1182) * proc: protect mm start_code/end_code in /proc/pid/stat (CVE-2011-0726) * cifs: Fix cache stuffing issue in the dns_resolver keyring (CVE-2010-2524) * serial: Fix information leak in TIOCGICOUNT ioctl (CVE-2010-4075) * net: ax25: improve information leak to userland fix, a further fix for CVE-2010-3875 * char/tpm: Fix unitialized usage of data buffer (CVE-2011-1160) * ROSE: prevent heap corruption with bad facilities (CVE-2011-1493) * next_pidmap: fix overflow condition (CVE-2011-1593) * can: Add missing socket check in can/bcm release (CVE-2011-1598) * agp: fix arbitrary kernel memory writes (CVE-2011-1745, CVE-2011-2022) * agp: fix OOM and buffer overflow (CVE-2011-1746) * can: Add missing socket check in can/raw release (CVE-2011-1748) * [arm] 6891/1: prevent heap corruption in OABI semtimedop (CVE-2011-1759) * gre: fix netns vs proto registration ordering (CVE-2011-1767) * Validate size of EFI GUID partition entries (CVE-2011-1776) * fs/partitions/ldm.c: fix oops caused by corrupted partition table (CVE-2011-1017) * Improve fix for buffer overflow in ldm_frag_add (CVE-2011-2182) * efi: corrupted GUID partition tables can cause kernel oops (CVE-2011-1577) * tunnels: fix netns vs proto registration ordering user-mode-linux (2.6.26-1um-2+26lenny2) stable-security; urgency=high * Rebuild against linux-source-2.6.26 (2.6.26-26lenny2): * filter: make sure filters dont read uninitialized memory (CVE-2010-4158) * bio: take care not overflow page count when mapping/copying user data (CVE-2010-4162) * block: check for proper length of iov entries in blk_rq_map_user_iov() (CVE-2010-4163) * bluetooth: Fix missing NULL check (CVE-2010-4242) * posix-cpu-timers: workaround to suppress the problems with mt exec (CVE-2010-4248) * KVM: VMX: fix vmx null pointer dereference on debug register access (CVE-2010-0435) * exec: make argv/envp memory visible to oom-killer (CVE-2010-4243) * af_unix: limit unix_tot_inflight (CVE-2010-4249) * do_exit(): make sure that we run with get_fs() == USER_DS (CVE-2010-4258) * econet: Disable auto-loading as mitigation against local exploits. This module has been shown to be broken, so this risk of this affecting real users is insignificant. * econet: Fix crash in aun_incoming() (CVE-2010-4342) * install_special_mapping skips security_file_mmap check (CVE-2010-4346) * CAN: Use inode instead of kernel address for /proc file (CVE-2010-4565) * IB/uverbs: Handle large number of entries in poll CQ (CVE-2010-4649) * block: check for proper length of iov entries earlier in blk_rq_map_user_iov() (CVE-2010-4668) * av7110: check for negative array offset (CVE-2011-0521) * usb: iowarrior: don't trust report_size for buffer size (CVE-2010-4656) * blkback/blktap/netback: Fix CVE-2010-3699 * sctp: Fix a race between ICMP protocol unreachable and connect() (CVE-2010-4526) * sound: Prevent buffer overflow in OSS load_mixer_volumes (CVE-2010-4527) * irda: prevent integer underflow in IRLMP_ENUMDEVICES (CVE-2010-4529) v86d (0.1.5.2-1+lenny1) oldstable; urgency=low * Fix CVE-2011-1070: failure to validate netlink message sender + Adding 02_CVE-2011-1070.patch + Closes: #619404 * Do not include random kernel headers in CFLAGS. + Adding 03_dont-include-kernel.patch + Closes: #525415 vftool (2.0alpha-3+lenny1) oldstable; urgency=medium * Non-maintainer upload. * debian/patch-3: - fix CVE-2011-0433, a buffer overflow in linetoken() in parseAFM.c Closes: #614669 vlc (0.8.6.h-4+lenny3) oldstable-security; urgency=high * CVE-2010-0522 CVE-2010-1441 CVE-2010-1442 * CVE-2010-1443 CVE-2010-3275 CVE-2010-3276 * CVE-2011-0531 wireshark (1.0.2-3+lenny14) oldstable-security; urgency=high * security fixes from Wireshark 1.2.16: - The X.509if dissector could crash. (CVE-2011-1590) * security fixes from Wireshark 1.2.17: - Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Visual Networks file could crash Wireshark. (CVE-2011-2175) - David Maciejak of Fortinet's FortiGuard Labs discovered that malformed compressed capture data could crash Wireshark. (CVE-2011-2174) - Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted snoop file could crash Wireshark. (CVE-2011-1959) - Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Diameter dictionary file could crash Wireshark. (CVE-2011-1958) wireshark (1.0.2-3+lenny13) oldstable-security; urgency=high * security fixes from Wireshark 1.2.15: - add sanity checks to pcapng file parsing code (Closes: #613202) (CVE-2011-0538) - joernchen of Phenoelit discovered that the dissectors could overflow the stack (No assigned CVE number) - Xiaopeng Zhang of Fortinet's Fortiguard Labs discovered that large LDAP Filter strings can consume excessive amounts of memory (No assigned CVE number) * back-port 45_display-FQDN-as-text.dpatch to be able to back-port fix for LDAP and SMB buffet overflow x11-xserver-utils (7.3+6) lenny-security; urgency=high * xrdb: Create shell-escape-safe cpp options in the non-pathetic-cpp case. Fixes CVE-2011-0465. xml-security-c (1.4.0-3+lenny3) oldstable-security; urgency=high * Apply upstream patch to fix buffer overflow when signing or verifying files with big asymmetric keys. (Closes: #632973, CVE-2011-2516) xmlsec1 (1.2.9-5+lenny1) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Apply patch from upstream addressing arbitrary file overwrite (CVE-2011-1425, closes: #620560). xorg-server (2:1.4.2-10.lenny4) lenny; urgency=low * glx: don't crash in SwapBuffers if we don't have a context (closes: #603015). xulrunner (1.9.0.19-13) oldstable-security; urgency=low * Fixes for mfsa2011-30, including: CVE-2011-2982, CVE-2011-2981, CVE-2011-2378, CVE-2011-2984, CVE-2011-2983. * Fixes another cookie regression from the previous cookie regression fix. xulrunner (1.9.0.19-12) oldstable-security; urgency=low * Fixes for mfsa2011-{19,20,22-24}, also known as CVE-2011-2374, CVE-2011-2376, CVE-2011-2373, CVE-2011-2371, CVE-2011-0083, CVE-2011-2363, CVE-2011-0085, CVE-2011-2362. * Fixes cookie regression preventing login on mail.ru. Closes: #627475. xulrunner (1.9.0.19-11) oldstable-security; urgency=low * Fix missing piece in backport of CVE-2011-0067. xulrunner (1.9.0.19-9) oldstable-security; urgency=low * mfsa2011-11: Update to HTTPS certificate blacklist. xulrunner (1.9.0.19-8) oldstable-security; urgency=low * Fixes for mfsa2011-{01-02,05,07-08,10}, also known as CVE-2011-0053, CVE-2011-0051, CVE-2011-0056, CVE-2011-0058, CVE-2010-1585, CVE-2011-0059. zodb (1:3.6.0-2+lenny3) oldstable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix two vulnerabilities in the ZODB ZEO network protocol (closes: #540465) - CVE-2009-0668 Arbitrary Python code execution in ZODB ZEO storage servers - CVE-2009-0669 Authentication bypass in ZODB ZEO storage servers ========================================= Sat, 22 Jan 2011 - Debian 5.0.8 released ========================================= ========================================================================= [Date: Sat, 22 Jan 2011 11:50:33 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: gmailfs | 0.8-5 | source, all Closed bugs: 610035 ------------------- Reason ------------------- RoQA; unusable, dead upstream ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 22 Jan 2011 11:51:05 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: python-libgmail | 0.1.9-2 | source, all Closed bugs: 610029 ------------------- Reason ------------------- RoQA; unusable, dead upstream ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 22 Jan 2011 11:51:34 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: pytris | 0.98 | source, alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc Closed bugs: 608740 ------------------- Reason ------------------- RoM; security issues; abandoned upstream ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 22 Jan 2011 11:51:57 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: clive | 0.4.18-1 | source, all Closed bugs: 608658 ------------------- Reason ------------------- RoM; no longer works with any site ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 22 Jan 2011 11:53:05 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: python-gendoc | 0.73-11 | source, all Closed bugs: 605733 ------------------- Reason ------------------- RoQA; broken with python >=2.5 ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 22 Jan 2011 12:32:31 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: libdns55 | 1:9.6.ESV.R1+dfsg-0+lenny2 | alpha, arm, armel, i386, ia64, mips, mipsel, powerpc, s390, sparc libdns55 | 1:9.6.ESV.R2+dfsg-0+lenny1 | amd64, hppa libisc52 | 1:9.6.ESV.R1+dfsg-0+lenny2 | alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by bind9) ---------------------------------------------- ========================================================================= apache2 (2.2.9-10+lenny9) stable-security; urgency=high * Add the new SSLInsecureRenegotiation directive to configure if clients that have not been patched to support secure renegotiation (RFC 5746) are allowed to connect (CVE-2009-3555). Together with the recent openssl upgrade, this closes: #587037 This upgrade also adds support for the SSL_SECURE_RENEG variable, to allow testing if secure renegotiation is supported by the client. apache2-mpm-itk (2.2.6-02-1+lenny4) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Rebuild with apache2-src 2.2.9-10+lenny9. awstats (6.7.dfsg-5.1+lenny1) stable-security; urgency=high [ Sergey B Kirpichev ] * Apply patch 0009 to fix CVE-2010-4369. * Update patch 1002 to adopt CVE-2010-4368 and CVE-2010-4367 fixes in upstream. base-files (5lenny9) stable; urgency=low * Bump version in /etc/debian_version to "5.0.8". bind9 (1:9.6.ESV.R3+dfsg-0+lenny1) stable-security; urgency=low * v9.6-ESV-R3. Addresses CVE-2010-3613, CVE-2010-3614 - Fix denial of service via ncache entry and a rrsig for the same type (CVE-2010-3613) - answers were incorrectly marked as insecure during key algorithm rollover (CVE-2010-3614) bind9 (1:9.6.ESV.R2+dfsg-0+lenny1) stable-security; urgency=low [Internet Software Consortium, Inc] * v9.6-ESV-R2. Addresses CVE-2010-3762 - Check that named successfully skips NSEC3 records that fail to match the NSEC3PARAM record currently in use. [RT# 21868] - Worked around an apparent race condition in over memory conditions. Without this fix a DNS cache DB or ADB could incorrectly stay in an over memory state, effectively refusing further caching, which subsequently made a BIND 9 caching server unworkable. This fix prevents this problem from happening by polling the state of the memory context, rather than making a copy of the state, which appeared to cause a race. This is a "workaround" in that it doesn't solve the possible race per se, but several experiments proved this change solves the symptom. Also, the polling overhead hasn't been reported to be an issue. This bug should only affect a caching server that specifies a finite max-cache-size. It's also quite likely that the bug happens only when enabling threads, but it's not confirmed yet. [RT #21818] - Named failed to accept uncachable negative responses from insecure zones. [RT# 21555] - The resolver could attempt to destroy a fetch context too soon. [RT #19878] - The placeholder negative caching element was not properly constructed triggering a INSIST in dns_ncache_towire(). [RT #21346] - Handle the introduction of new trusted-keys and DS, DLV RRsets better. [RT #21097] - Fix arguments to dns_keytable_findnextkeynode() call. [RT #20877] - Named could return SERVFAIL for negative responses from unsigned zones. [RT #21131] - Handle broken DNSSEC trust chains better. [RT #15619] [LaMont Jones] * meta: drop verisoned depends from library packages, for less upgrade pain * cleanup libisc version number. It should be libisc50, not libisc52 or libisc53 boxbackup (0.11~rc2-5+lenny1) stable-proposed-updates; urgency=low * bin/bbstored/bbstored-certs: reduce root CA expiration date to avoid Y2k38 overflow. Thanks to Clint Adams for reporting it. Closes: #601506 * Fix shell scripting in the debconf interaction code of the package's postinst script. This should prevent problems like LP: #222999 collectd (4.4.2-3+lenny1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS in RRD file creation (Closes: #605092) Fixes: CVE-2010-4336 Thanks to Florian Forster dpkg (1.14.31) stable-security; urgency=low * Fix multiple security issues with dpkg-source (CVE-2010-1679): - Enhance checks to catch maliciously crafted patches which could modify files outside of the unpacked source package. - Do not consider a top-level symlink like a directory when extracting a tarball. - Exclude .pc while extracting the upstream tarball in 3.0 (quilt) as patch blindly writes in that directory during unpack (and would follow any existing symlink). exim4 (4.69-9+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix SMTP file descriptors being leaked to processes invoked with ${run...} * Fix memory corruption issue in string_format(). CVE-2010-4344 * Fix potential memory pool corruption issue in internal_lsearch_find(). git-core (1:1.5.6.5-3+lenny3.3) stable; urgency=medium * Non-maintainer upload. * debian/diff/0010-CVE-2010-3906.diff: new; gitweb: do not parrot filenames or other arguments given in a request without proper quoting (closes: #607248). glibc (2.7-18lenny7) stable-security; urgency=high * Revert incorrect upstream patch for CVE-2010-3847 and use the correct set of patches. gquilt (0.20-2+lenny1) stable; urgency=high * Fix insecure setting of $PYTHONPATH. (Closes: #605152) hamlib (1.2.7.1-1+lenny1) stable; urgency=high * Fix CVE-2009-3736 local privilege escalation (Closes: #559814): - Use system libltdl not old internal copy - Build-depend on libltdl3-dev - configure, Makefile.am: skip internal libltdl build * New maintainer: Kamal Mostafa (Closes: #556098). ia32-libs (2.7+lenny2) stable; urgency=low * Update packages to their current versions in stable: - attr 2.4.43-1 -> 2.4.43-2 - audiofile 0.2.6-7 -> 0.2.6-7+lenny1 - bzip2 1.0.5-1 -> 1.0.5-1+lenny1 - cairo 1.6.4-6 -> 1.6.4-7 - cups 1.3.8-1 -> 1.3.8-1+lenny8 - cyrus-sasl2 2.1.22.dfsg1-21 -> 2.1.22.dfsg1-23+lenny1 - dbus 1.2.1-3 -> 1.2.1-5+lenny1 - directfb 1.0.1-9 -> 1.0.1-11 - e2fsprogs 1.41.0-3 -> 1.41.3-1 - expat 2.0.1-4 -> 2.0.1-4+lenny3 - fontconfig 2.6.0-1 -> 2.6.0-3 - freetype 2.3.7-2 -> 2.3.7-2+lenny4 - gcc-4.3 4.3.1-9 -> 4.3.2-1.1 - glibc 2.7-13 -> 2.7-18lenny7 - gnutls26 2.4.1-1 -> 2.4.2-6+lenny2 - hal 0.5.11-3 -> 0.5.11-8 - isdnutils 3.9.20060704-3.4 -> 3.9.20060704-3.6 - jack-audio-connection-kit 0.109.2-3 -> 0.109.2-5 - keyutils 1.2-7 -> 1.2-9 - krb5 1.6.dfsg.4~beta1-4 -> 1.6.dfsg.4~beta1-5lenny6 - lcms 1.17.dfsg-1 -> 1.17.dfsg-1+lenny2 - libaio 0.3.106-8 -> 0.3.107-3 - libdrm 2.3.1-1 -> 2.3.1-2 - libnss-ldap 261-2 -> 261-2.1 - libpam-ldap 184-4.1 -> 184-4.2 - libpng 1.2.27-1 -> 1.2.27-2+lenny4 - libselinux 2.0.65-4 -> 2.0.65-5 - libtool 1.5.26-4 -> 1.5.26-4+lenny1 - libusb 0.1.12-12 -> 0.1.12-13 - libwmf 0.2.8.4-6 -> 0.2.8.4-6+lenny1 - libx11 1.1.4-2 -> 1.1.5-2 - libxcb 1.1-1.1 -> 1.1-1.2 - libxext 1.0.4-1 -> 1.0.4-2 - libxi 1.1.3-1 -> 1.1.4-1 - libxml2 2.6.32.dfsg-3 -> 2.6.32.dfsg-5+lenny3 - mesa 7.0.3-5 -> 7.0.3-7 - nas 1.9.1-4 -> 1.9.1-5 - ncurses 5.6+20080804-1 -> 5.7+20081213-1 - openldap 2.4.10-3 -> 2.4.11-1+lenny2 - openssl 0.9.8g-13 -> 0.9.8g-15+lenny11 - pam 1.0.1-4 -> 1.0.1-5+lenny1 - pulseaudio 0.9.10-2 -> 0.9.10-3+lenny2 - sane-backends 1.0.19-17 -> 1.0.19-23 - tiff 3.8.2-11 -> 3.8.2-11.3 - xorg 7.3+15 -> 7.3+20 ia32-libs-gtk (2.7+lenny1) stable; urgency=low * Update included packages to their current versions in stable: - glib2.0 2.16.4-2 -> 2.16.6-3 - gtk+2.0 2.12.11-3 -> 2.12.12-1~lenny2 - gtk2-engines 2.14.3-1 -> 2.14.3-2 - pango1.0 1.20.5-1 -> 1.20.5-6 - qt4-x11 4.4.0-4 ->4.4.3-1+lenny1 krb5 (1.6.dfsg.4~beta1-5lenny6) stable-security; urgency=emergency * MITKRB5-SA-2010-007 * CVE-2010-1323: attackers have a 1/256 chance of being able to produce krb_safe messages that appear to be from legitimate remote sources. Other than use in KDC database copies this may not be a huge issue only because no one actually uses krb_safe messages. Similarly, an attacker can force clients to display challenge/response values of the attacker's choice. ldap-account-manager (2.3.0-1+lenny1) stable-proposed-updates; urgency=low * Fix "package fails to upgrade properly from lenny" Removed password question (Closes: #606794) libapache2-mod-fcgid (1:2.2-1+lenny1) stable-security; urgency=high * Backport fix for CVE-2010-3872 (Closes: #605484); FastCGI application can cause heap corruption by long FCGI header. libcgi-pm-perl (3.38-2lenny3) stable; urgency=low * Slightly amend the previous patch: + drop an incorrect documentation change + drop an unnecessary regexp modifier change libcgi-pm-perl (3.38-2lenny2) stable; urgency=low * [SECURITY] Add a patch with the backported fixes for CVE-2010-2761, CVE-2010-4410, and CVE-2010-4411; thanks to Niko Tyni for preparing the patch (closes: #606370). libcgi-simple-perl (1.105-1lenny1) stable; urgency=low * [SECURITY] CVE-2010-2761 CVE-2010-4410 CVE-2010-4411: backport fixes for MIME boundary and multiline header vulnerabilities (Closes: #606379) libgadu (1:1.8.0+r592-4) stable; urgency=high * Cherry-pick a fix for memory corruption when removing dcc7 sessions libsmi (0.4.7+dfsg-0.2) stable-security; urgency=high * Non-maintainer upload by the Security Team * Fix CVE-2010-2891 libxml2 (2.6.32.dfsg-5+lenny3) stable-security; urgency=high * xpath.c: Fix a double-freeing error in XPath processing code. (CVE-2010-4494). Closes: #607922. libxml2 (2.6.32.dfsg-5+lenny2) stable-security; urgency=high * Backport upstream commits 91d1975 and ea90b89 to better process some malformed XPath expressions (CVE-2010-4008). lighttpd (1.4.19-5+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix bug that made lighttpd fail to start with the upgraded openssl from DSA-2141-1. Closes: #609124 linux-2.6 (2.6.26-26lenny1) stable-security; urgency=high * net sched: fix kernel leak in act_police (CVE-2010-3477) * aio: check for multiplication overflow in do_io_submit (CVE-2010-3067) * cxgb3: prevent reading uninitialized stack memory (CVE-2010-3296) * eql: prevent reading uninitialized stack memory (CVE-2010-3297) * rose: Fix signedness issues wrt. digi count (CVE-2010-3310) * sctp: Do not reset the packet during sctp_packet_config() (CVE-2010-3432) * Fix pktcdvd ioctl dev_minor range check (CVE-2010-3437) * ALSA: prevent heap corruption in snd_ctl_new() (CVE-2010-3442) * thinkpad-acpi: lock down video output state access (CVE-2010-3448) * sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac() (CVE-2010-3705) * setup_arg_pages: diagnose excessive argument size (CVE-2010-3858) * X.25: memory corruption in X.25 facilities parsing (CVE-2010-3873) * sys_semctl: fix kernel stack leakage (CVE-2010-4083) * ALSA: rme9652: prevent reading uninitialized stack memory (CVE-2010-4080, CVE-2010-4081) * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory (CVE-2010-4079) * video/sis: prevent reading uninitialized stack memory (CVE-2010-4078) * X.25: Prevent crashing when parsing bad X.25 facilities (CVE-2010-4164) * v4l1: fix 32-bit compat microcode loading translation (CVE-2010-2963) * net: Mitigate overflow issues - Truncate recvfrom and sendto length to INT_MAX. - Limit socket I/O iovec total length to INT_MAX. - Resolves kernel heap overflow in the TIPC protcol (CVE-2010-3859) * net: ax25: fix information leak to userland (CVE-2010-3875) * can-bcm: fix minor heap overflow (CVE-2010-3874) * net: packet: fix information leak to userland (CVE-2010-3876) * net: tipc: fix information leak to userland (CVE-2010-3877) * inet_diag: Make sure we actually run the same bytecode we audited (CVE-2010-3880) * ipc: shm: fix information leak to userland (CVE-2010-4072) * ipc: initialize structure memory to zero for compat functions (CVE-2010-4073) * USB: serial/mos*: prevent reading uninitialized stack memory (CVE-2010-4074) * [SCSI] gdth: integer overflow in ioctl (CVE-2010-4157) * econet: Avoid stack overflow w/ large msgiovlen (CVE-2010-3848) * econet: disallow NULL remote addr for sendmsg() (CVE-2010-3849) * econet: Add mising CAP_NET_ADMIN check in SIOCSIFADDR (CVE-2010-3850) man-db (2.5.2-5) stable; urgency=low * Backport from 2.5.8: - Warnings about unrecognised locales are now suppressed if the DPKG_RUNNING_VERSION environment variable is set (i.e. man-db is running within a Debian package's maintainer script), since the system locales are often out of sync with the C library in that context. Thanks to the Debian Perl maintainers for the idea (closes: #605790). mediawiki (1:1.12.0-2lenny7) stable; urgency=high * Stable upload. * CVE-2011-0003: Minimise risk of clickjacking by denying framing on all pages except normal page views and a few selected special pages mediawiki (1:1.12.0-2lenny6) stable; urgency=high * Stable upload. Closes: #591382 * Fixed CSRF vulnerability in "e-mail me my password", "create account" and "create by e-mail" features of [[Special:Userlogin]]. CVE-2010-1648 * Fixed XSS vulnerability affecting IE clients only, due to a CSS validation issue. CVE-2010-1647 (Closes: #585918) * Fixed an XSS vulnerability in profileinfo.php for installations with $wgEnableProfileInfo = true (false by default) (Closes: #590669) movabletype-opensource (4.2.3-1+lenny2) stable; urgency=low * Various XSS/SQL security fixes backported from 4.35 (closes: #606311) mumble (1.1.4-4+lenny2) stable-proposed-updates; urgency=high * Change my email address from the deprecated web.de to the debian.de one. * Delete /var/lib/mumble-server on purge. * Do not make /etc/mumble-server.ini world readable. Closes: #609919 mydms (1.7.0-1+lenny1) stable-security; urgency=high * Non-maintainer upload during Security Team Meeting * CVE-2010-2006 mysql-dfsg-5.0 (5.0.51a-24+lenny5) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2010-3677: Incorrect handling of NULL arguments could lead to a crash. * Fixed CVE-2010-3680: The server could crash if there were alternate reads from two indexes on a table using the HANDLER interface. * Fixed CVE-2010-3681: NULL pointer dereference leading to (temporary) server DoS. * Fixed CVE-2010-3682: Assertion failure leading to server abort. * Fixed CVE-2010-3833: crash when KILL_BAD_DATA is returned * Fixed CVE-2010-3834: user variable assignments crash server when used within query * Fixed CVE-2010-3835: crash with user variables, assignments, joins. * Fixed CVE-2010-3836: create view cause Assertion failed (crash) * Fixed CVE-2010-3837: crash when group_concat and 'with rollup' in prepared statements * Fixed CVE-2010-3838: crash with longblob and union or update with subquery * Fixed CVE-2010-3840: crash when loading data into geometry function polyfromwkb nss (3.12.3.1-0lenny3) stable-security; urgency=low * debian/patches/RFC-5746.dpatch: Backport support for RFC 5746, Transport Layer Security (TLS) Renegotiation Indication Extension. * debian/patches/00list: Updated accordingly. opensc (0.11.4-5+lenny1.1) stable; urgency=high * Non-maintainer upload. * CVE-2010-4523: Protect against buffer overflow from rogue cards (closes: #607427) openssl (0.9.8g-15+lenny11) stable-security; urgency=low * Apply TLS version tolerance patch. Upstream cvs commit 19073. * Fix CVE-2010-4180 (Closes: #529221) perl (5.10.0-19lenny3) stable; urgency=low * [SECURITY] CVE-2010-2761 CVE-2010-4410 CVE-2010-4411: fix CGI.pm MIME boundary and multiline header vulnerabilities. (Closes: #606995) * [SECURITY] CVE-2010-1168: Update to Safe-2.25, fixing code injection and execution vulnerabilities. (Closes: #582978) phpmyadmin (4:2.11.8.1-5+lenny7) stable-security; urgency=high * Upload to stable to fix security issues (Closes: #608290). * Fix XSS on search (PMASA-2010-8, CVE-2010-4329). * Fix text/link injection on error (PMASA-2010-9, CVE-2010-4480). * Phpinfo when enabled was worldaccessible (PMASA-2010-10, CVE-2010-4481). pimd (2.1.0-alpha29.17-8.1lenny1) stable-security; urgency=high * Non-maintainer upload by The Security Team. * Avoid the use of unsafe temporary files when writing dumps. [CVE-2011-0007]. postgresql-8.3 (8.3.13-0lenny1) stable; urgency=low * New upstream bug fix release: - Force the default wal_sync_method to be fdatasync on Linux. The default on Linux has actually been fdatasync for many years, but recent kernel changes caused PostgreSQL to choose open_datasync instead. This choice did not result in any performance improvement, and caused outright failures on certain filesystems, notably ext4 with the data=journal mount option. - Fix assorted bugs in WAL replay logic for GIN indexes. This could result in "bad buffer id: 0" failures or corruption of index contents during replication. - Fix recovery from base backup when the starting checkpoint WAL record is not in the same WAL segment as its redo point. - Fix persistent slowdown of autovacuum workers when multiple workers remain active for a long time. The effective vacuum_cost_limit for an autovacuum worker could drop to nearly zero if it processed enough tables, causing it to run extremely slowly. - Add support for detecting register-stack overrun on IA64. The IA64 architecture has two hardware stacks. Full prevention of stack-overrun failures requires checking both. - Add a check for stack overflow in copyObject(). Certain code paths could crash due to stack overflow given a sufficiently complex query. - Fix detection of page splits in temporary GiST indexes. It is possible to have a "concurrent" page split in a temporary index, if for example there is an open cursor scanning the index when an insertion is done. GiST failed to detect this case and hence could deliver wrong results when execution of the cursor continued. - Avoid memory leakage while "ANALYZE"'ing complex index expressions. - Ensure an index that uses a whole-row Var still depends on its table. An index declared like create index i on t (foo(t.-)) would not automatically get dropped when its table was dropped. - Do not "inline" a SQL function with multiple OUT parameters. This avoids a possible crash due to loss of information about the expected result rowtype. - Behave correctly if ORDER BY, LIMIT, FOR UPDATE, or WITH is attached to the VALUES part of INSERT ... VALUES. - Fix constant-folding of COALESCE() expressions. The planner would sometimes attempt to evaluate sub-expressions that in fact could never be reached, possibly leading to unexpected errors. - Fix postmaster crash when connection acceptance (accept() or one of the calls made immediately after it) fails, and the postmaster was compiled with GSSAPI support. - Fix missed unlink of temporary files when log_temp_files is active. If an error occurred while attempting to emit the log message, the unlink was not done, resulting in accumulation of temp files. - Add print functionality for InhRelation nodes. This avoids a failure when debug_print_parse is enabled and certain types of query are executed. - Fix incorrect calculation of distance from a point to a horizontal line segment. This bug affected several different geometric distance-measurement operators. - Fix PL/pgSQL's handling of "simple" expressions to not fail in recursion or error-recovery cases. - Fix PL/Python's handling of set-returning functions. Attempts to call SPI functions within the iterator generating a set result would fail. - Fix bug in "contrib/cube"'s GiST picksplit algorithm. This could result in considerable inefficiency, though not actually incorrect answers, in a GiST index on a cube column. If you have such an index, consider "REINDEX"ing it after installing this update. - Don't emit "identifier will be truncated" notices in "contrib/dblink" except when creating new connections. - Fix potential coredump on missing public key in "contrib/pgcrypto". - Fix memory leak in "contrib/xml2"'s XPath query functions. spamassassin (3.2.5-2+lenny3) stable; urgency=low * Update the list of ARIN netblock delegations in RelayEval (Closes: 609006) splashy (0.3.13-3+lenny1) stable; urgency=medium * Non-maintainer upload. * Add 02_lsb-base-logging.sh_bug512951.diff patch: - This patch makes sure that Splashy's lsb-base-logging.sh script does not get in the way of other service scripts when splashy is removed but not purged. (Closes: #512951) surfraw (2.2.2-3+lenny1) stable; urgency=low * Fix debsec elvi. The debian security tracker has moved to a debian.org host in the mean time. tor (0.2.1.29-1~lenny+1) stable-security; urgency=high * Build tor 0.2.1.29 for lenny security, rather than backport almost all the patches from that version to the 0.2.1.26 currently in stable (which in turn already has most of the patches in .27 and .28). . Tor 0.2.1.29 is a release with several security related fixes, including one for CVE-2011-0427 (heap overflow bug, potential remote code execution), a denial of service involving compression bombs, and zeroing out of cryptographic keys after use to resist cold boot attacks somewhat better. tor (0.2.1.26-6) unstable; urgency=high * Fix a remotely exploitable bug that could be used to crash instances of Tor remotely by overflowing on the heap. Remote-code execution hasn't been confirmed, but can't be ruled out (CVE-2010-1676). * Housekeeping: Update IP address and port of directory authority gabelmoo with data shipped in 0.2.1.28. tor (0.2.1.26-5) unstable; urgency=low * Since the dawn of time (0.0.2pre19-1, January 2004, initial release of the debian package), the postinst script has changed ownership and permissions of various trees like /var/lib/tor, /var/run/tor, and /var/log/tor, sometimes recursively. . It turns out this actually is a security issue, so try to be more conservative when fixing up modes and only chown/chgrp /var/{lib,log,run}/tor directly, never recursively. * Remove /var/run/tor, recursively, on purge. We already do this for /var/lib/tor and /var/log/tor. tor (0.2.1.26-4) unstable; urgency=high * Add debian/patches/15_tlsext_host_name: Work around change in libssl0.9.8 (0.9.8g-15+lenny9 and 0.9.8o-3), taken from 0.2.1.27 (closes: #604198): . Do not set the tlsext_host_name extension on server SSL objects; only on client SSL objects. We set it to immitate a browser, not a vhosting server. This resolves an incompatibility with openssl 0.9.8p and openssl 1.0.0b. Fixes bug 2204; bugfix on 0.2.1.1-alpha. * Also from 0.2.1.27: Add maatuska as eighth v3 directory authority. The directory authority servers are the trusted nodes that sign the directory of all Tor servers. This adds an 8th authority to the existing list, improving robustness. * Change section from comm to net. This change was done in the 0.2.2.x tree in experimental during 0.2.2.9 (April 2010) in response to bug #482801. * If we have a debian/micro-revision.i, replace the one in src/or with our copy so that this will be the revision that ends up in the binary. This is an informational only version string, but it'd be kinda nice if it was (more) accurate nonetheless. (Backported from 0.2.2.2-alpha-1 from September 2009.) tor (0.2.1.26-3) unstable; urgency=low * Make sure the cronjob does not try to access a /var/lib/tor that has already been removed (due to for instance package removal). Thanks to Holger and piuparts for catching this. tor (0.2.1.26-2) unstable; urgency=medium * No longer set ulimit -c to unlimited: Up until now the init script (or actually /etc/default/tor) raised the ulimit for coredumps to unlimited, so that Tor would produce coredumps on assert errors or segfaults. Coredumps however can leak sensitive information, like cryptographic session keys and clients' data should the core files get into the wrong hands. As such it seems prudent to only enable coredumps if the user or operator explicitly asks for them, and knows what to do with them. * Also include a cron.weekly job that removes old coredumps from /var/lib/tor. This action can be disabled in /etc/default/tor. tor (0.2.1.26-1) unstable; urgency=low * New upstream version. * Remove debian/patches/15_testuite-thread-fixes (merged upstream). * tor.postinst: Stop calling stat(1) with its full path. * Add ${misc:Depends} for all three binary packages because debhelper might want to add stuff. tor (0.2.1.26-1~lenny+4) stable-security; urgency=high * Rebuild with bumped version number. user-mode-linux (2.6.26-1um-2+26lenny1) stable-security; urgency=high * Rebuild against linux-source-2.6.26 (2.6.26-26lenny1): * net sched: fix kernel leak in act_police (CVE-2010-3477) * aio: check for multiplication overflow in do_io_submit (CVE-2010-3067) * cxgb3: prevent reading uninitialized stack memory (CVE-2010-3296) * eql: prevent reading uninitialized stack memory (CVE-2010-3297) * rose: Fix signedness issues wrt. digi count (CVE-2010-3310) * sctp: Do not reset the packet during sctp_packet_config() (CVE-2010-3432) * Fix pktcdvd ioctl dev_minor range check (CVE-2010-3437) * ALSA: prevent heap corruption in snd_ctl_new() (CVE-2010-3442) * thinkpad-acpi: lock down video output state access (CVE-2010-3448) * sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac() (CVE-2010-3705) * setup_arg_pages: diagnose excessive argument size (CVE-2010-3858) * X.25: memory corruption in X.25 facilities parsing (CVE-2010-3873) * sys_semctl: fix kernel stack leakage (CVE-2010-4083) * ALSA: rme9652: prevent reading uninitialized stack memory (CVE-2010-4080, CVE-2010-4081) * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory (CVE-2010-4079) * video/sis: prevent reading uninitialized stack memory (CVE-2010-4078) * X.25: Prevent crashing when parsing bad X.25 facilities (CVE-2010-4164) * v4l1: fix 32-bit compat microcode loading translation (CVE-2010-2963) * net: Mitigate overflow issues - Truncate recvfrom and sendto length to INT_MAX. - Limit socket I/O iovec total length to INT_MAX. - Resolves kernel heap overflow in the TIPC protcol (CVE-2010-3859) * net: ax25: fix information leak to userland (CVE-2010-3875) * can-bcm: fix minor heap overflow (CVE-2010-3874) * net: packet: fix information leak to userland (CVE-2010-3876) * net: tipc: fix information leak to userland (CVE-2010-3877) * inet_diag: Make sure we actually run the same bytecode we audited (CVE-2010-3880) * ipc: shm: fix information leak to userland (CVE-2010-4072) * ipc: initialize structure memory to zero for compat functions (CVE-2010-4073) * USB: serial/mos*: prevent reading uninitialized stack memory (CVE-2010-4074) * [SCSI] gdth: integer overflow in ioctl (CVE-2010-4157) * econet: Avoid stack overflow w/ large msgiovlen (CVE-2010-3848) * econet: disallow NULL remote addr for sendmsg() (CVE-2010-3849) * econet: Add mising CAP_NET_ADMIN check in SIOCSIFADDR (CVE-2010-3850) wireshark (1.0.2-3+lenny12) stable-security; urgency=high * Fix an overflow in the ENTTEC dissector (CVE-2010-4538) (Closes: #608990) wireshark (1.0.2-3+lenny11) stable-security; urgency=high * security fixes from Wireshark 1.2.12: - The Penetration Test Team of NCNIPC (China) discovered that the ASN.1 BER dissector was susceptible to a stack overflow (CVE-2010-3445) - fix crash in RPC dissector wordpress (2.5.1-11+lenny4) stable-security; urgency=high * [6f61bff] Fix CVE-2010-4257: SQL injection vulnerability in the do_trackbacks function (Closes: #605603) xdigger (1.0.10-13+lenny1) stable; urgency=low * Team upload. * Paul Wise made xdigger.desktop a valid file by adding ArcadeGame as a category. * Add the buffers patch to guard against lots of buffer overflows, including the one reported in the BTS. Closes: #609096 * Add DEP 3 descriptive headers to the rest of the patches. * Use the quilt patch/unpatch targets in a bit more robust way and add a README.source file describing the use of quilt. xpdf (3.02-1.4+lenny3) stable-security; urgency=high * Non-maintainer upload by the security team. * Fix cve-2010-3702: uninitialized pointer in Gfx.cc. * Fix cve-2010-3704: integer underflow in fofi/FoFiType1.cc. xulrunner (1.9.0.19-7) stable-security; urgency=low * Fixes for mfsa2010-{74-77,79,81-82,84}, also known as CVE-2010-3776, CVE-2010-3778, CVE-2010-3769, CVE-2010-3771, CVE-2010-3772, CVE-2010-3775, CVE-2010-3767, CVE-2010-3773, CVE-2010-3770 * Fix for one more regression from CVE-2010-2769. * debian/libmozjs1d.symbols: Add new symbol. ========================================= Sat, 27 Nov 2010 - Debian 5.0.7 released ========================================= apr-util (1.2.12+dfsg-8+lenny5) stable-security; urgency=high * CVE-2010-1623: Fix denial of service vulnerability through memory consumption in apr_brigade_split_line() barnowl (1.0.1-4+lenny2) stable-security; urgency=high * Non-maintainer upload by the security team. * Check the return code of calls to ZPending and ZReceiveNotice functions in zephyr.c (Closes: #593299). CVE-2010-2725. base-files (5lenny8) stable; urgency=low * Bump version in /etc/debian_version to "5.0.7". bogofilter (1.1.7-1+lenny1) stable; urgency=high * Apply patch from Julius Plenz to prevent possible heap corruption due to a bug in the base64_decode function (CVE-2010-2494, aka bogofilter-SA-2010-01). Setting urgency=high, but uploading to stable because the issue does not warrant a DSA. closes: #588090. * Update maintainer field in debian/control. bzip2 (1.0.5-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2010-0405: Fix integer overflow. couchdb (0.8.0-2+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Remove insecure LD_LIBRARY_PATH setting (Closes: #594412). CVE-2010-2953. cvsnt (2.5.03.2382-3.3+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix branch name ACL vulnerability leading to arbitrary code execution (Closes: #593884). CVE-2010-1326 debian-installer (20090123lenny8) stable; urgency=low * Rebuild to incorporate linux-kernel-di packages based upon linux-2.6 2.6.26-26 dpkg (1.14.30) stable; urgency=low * Fix dpkg to not lose package metadata on filesystems where readdir() returns new files added after the opendir() call, btrfs in particular triggered the problematic behaviour. Closes: #575891 drupal6 (6.6-3lenny6) stable-security; urgency=low [ Luigi Gangitano ] * debian/patches/20_SA-CORE-2010-002 - Fixes multiple XSS vulnerabilities (Closes: #592716) Fixes: SA-CORE-2010-002, CVE-2010-3091, CVE-2010-3092, CVE-2010-3093, CVE-2010-3094 freetype (2.3.7-2+lenny4) stable-security; urgency=high * Non-maintainer upload by the Security Team. * fix CVE-2010-3311: integer overflow which can lead to a heap overflow in libXft freetype (2.3.7-2+lenny3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2010-1797: Multiple stack-based buffer overflows * CVE-2010-2541: Buffer overflow in the ftmulti demo program * CVE-2010-2805: denial of service or possibly execute arbitrary code via a crafted font file * CVE-2010-2806: heap-based buffer overflow * CVE-2010-2807: denial of service or possibly execute arbitrary code via a crafted font file * CVE-2010-2808: Buffer overflow * CVE-2010-3053: denial of service (application crash) via a crafted BDF font file git-core (1:1.5.6.5-3+lenny3.2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix permission problem on i386, a regression introduced by 1:1.5.6.5-3+lenny3.1. Closes: #595728 glibc (2.7-18lenny6) stable-security; urgency=high * Fix CVE-2010-3847 with patches from Andreas Schwab and Kees Cook. imagemagick (7:6.3.7.9.dfsg2-1~lenny4) stable; urgency=medium * Apply upstream patch to fix reading config files from current directory (Closes: #601824). kdegraphics (4:3.5.9-3+lenny3) stable-security; urgency=high * Non-maintainer upload. * CVE-2009-1188 CVE-2009-3603 CVE-2009-3604 CVE-2009-3606 CVE-2009-3608 CVE-2009-3609 kvm (72+dfsg-5~lenny6) stable-proposed-updates; urgency=medium * Non-maintainer upload. * Fix segfault in mmio subpage handling code (CVE-2010-2784) (closes: #594478) lastfm (1:1.5.1.31879.dfsg-1+lenny1) stable; urgency=high * Fix CVE-2010-3362: insecure library loading libapache-authenhook-perl (2.00-04+pristine-1+lenny1) stable; urgency=high * [CVE-2010-3845] Remove passwords from log messages. (Closes: #599712) libgdiplus (1.9-1+lenny1) stable; urgency=high * [b29175e] SECURITY UPDATE: Import upstream commit fa0e3a1d516166c341d5, which closes integer overflows in BMP, JPEG and TIFF handling. (Closes: #594155) (CVE-2010-1526) libvirt (0.4.6-10+lenny1) stable; urgency=low * [dcdab94] CVE-2010-2242: Apply a source port mapping to virtual network masquerading * [ce08070] Fix path to hvmloader. (Closes: #573808) linux-2.6 (2.6.26-26) stable; urgency=high [ Ben Hutchings ] * [alpha,s390,sparc] math-emu: correct test for downshifting fraction in _FP_FROM_INT() (Closes: #593193) * SCSI/mptsas: fix hangs caused by ATA pass-through (Closes: #594690) * xfs: prevent kernel crash due to corrupted inode log format (Closes: #550733) * r6040: Fix various bugs in r6040_multicast_list() (Closes: #600155) linux-2.6 (2.6.26-25lenny1) stable-security; urgency=high * irda: Correctly clean up self->ias_obj on irda_bind() failure. (CVE-2010-2954) * compat: Make compat_alloc_user_space() incorporate the access_ok() (CVE-2010-3081) * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open() (CVE-2010-3080) * xfs: prevent reading uninitialized stack memory (CVE-2010-3078) * ecryptfs: Bugfix for error related to ecryptfs_hash_buckets (CVE-2010-2492) linux-kernel-di-alpha-2.6 (0.37lenny9) stable; urgency=low * Built against version 2.6.26-26 of linux-2.6. linux-kernel-di-alpha-2.6 (0.37lenny8) stable; urgency=low * Built against version 2.6.26-25 of linux-2.6. linux-kernel-di-amd64-2.6 (1.53lenny9) stable; urgency=low * Built against version 2.6.26-26 of linux-2.6. linux-kernel-di-amd64-2.6 (1.53lenny8) stable; urgency=low * Built against version 2.6.26-25 of linux-2.6. linux-kernel-di-arm-2.6 (1.37lenny10) stable; urgency=low * Built against version 2.6.26-26 of linux-2.6. linux-kernel-di-arm-2.6 (1.37lenny9) stable; urgency=low * Built against version 2.6.26-25 of linux-2.6. linux-kernel-di-armel-2.6 (1.32lenny9) stable; urgency=low * Built against version 2.6.26-26 of linux-2.6. linux-kernel-di-armel-2.6 (1.32lenny8) stable; urgency=low * Built against version 2.6.26-25 of linux-2.6. linux-kernel-di-hppa-2.6 (1.38lenny9) stable; urgency=low * Built against version 2.6.26-26 of linux-2.6. linux-kernel-di-i386-2.6 (1.76lenny9) stable; urgency=low * Built against version 2.6.26-26 of linux-2.6. linux-kernel-di-i386-2.6 (1.76lenny8) stable; urgency=low * Built against version 2.6.26-25 of linux-2.6. linux-kernel-di-ia64-2.6 (1.42lenny9) stable; urgency=low * Built against version 2.6.26-26 of linux-2.6. linux-kernel-di-ia64-2.6 (1.42lenny8) stable; urgency=low * Built against version 2.6.26-25 of linux-2.6. linux-kernel-di-mips-2.6 (1.9lenny9) stable; urgency=low * Built against version 2.6.26-26 of linux-2.6. linux-kernel-di-mips-2.6 (1.9lenny8) stable; urgency=low * Built against version 2.6.26-25 of linux-2.6. linux-kernel-di-mipsel-2.6 (1.8lenny9) stable; urgency=low * Built against version 2.6.26-26 of linux-2.6. linux-kernel-di-mipsel-2.6 (1.8lenny8) stable; urgency=low * Built against version 2.6.26-25 of linux-2.6. linux-kernel-di-powerpc-2.6 (1.48lenny9) stable; urgency=low * Built against version 2.6.26-26 of linux-2.6. linux-kernel-di-powerpc-2.6 (1.48lenny8) stable; urgency=low * Built against version 2.6.26-25 of linux-2.6. linux-kernel-di-s390-2.6 (0.37lenny9) stable; urgency=low * Built against version 2.6.26-26 of linux-2.6. linux-kernel-di-s390-2.6 (0.37lenny8) stable; urgency=low * Built against version 2.6.26-25 of linux-2.6. linux-kernel-di-sparc-2.6 (1.41lenny9) stable; urgency=low * Built against version 2.6.26-26 of linux-2.6. linux-kernel-di-sparc-2.6 (1.41lenny8) stable; urgency=low * Built against version 2.6.26-25 of linux-2.6. mantis (1.1.6+dfsg-2lenny4) stable-proposed-updates; urgency=low * debian/patches/07-CVE-2010-3763.diff: Fixes for CVE-2010-3763. mantis (1.1.6+dfsg-2lenny3) stable-proposed-updates; urgency=low * debian/patches/06-CVE-2010-3303-04-and-05.diff: Fixes for CVE-2010-3303 (4) and (5) vulnerabilities. Note: Mantis debian packages (1.1.6 and 1.1.8) are not affected for vulnerabilities described as 1, 2 and 3 at CVE-2010-3303">http://security-tracker.debian.org/tracker/CVE-2010-3303 mantis (1.1.6+dfsg-2lenny2) stable-proposed-updates; urgency=low * debian/patches: + Added 05-CVE-2010-2574.diff: Fix for CVE-2010-2574 XSS vulnerability when deleting categories that have been maliciously named. * debian/control: + Set myself as new maintainer moodle (1.8.13-2) stable-security; urgency=high * Added missing dependency on wwwconfig-common (closes: #599387) moodle (1.8.13-1) stable-security; urgency=low [Tomasz Muras] * Upgrade to new upstream * Dropped all patches * Added new uploader: Tomasz Muras * Added source/format [Francois Marier] * Update maintainer email address * Remove myself from uploaders moodle (1.8.2.dfsg-6.1) unstable; urgency=low * Non-maintainer upload. * Bump debhelper compatibility to 7 * As a consequence, replace "dh_clean -k" calls by "dh_prep" * Fix pending l10n issues. Debconf translations: - Unfuzzy all translations. Closes: #565320, #564916 - German (Martin Eberhard Schauer). Closes: #574403 moodle (1.8.2.dfsg-6) unstable; urgency=low [Penny Leach] [ Cherry picked commits from our other branches ] * Security fixes from lenny ( ca557bfaec1d155e955733686ae6916793e6adc7 ) - MSA-09-0019: SQL injection in update_record - MSA-09-0022: Multiple CSRF vunrabilities (CVE-2009-4297) - MSA-09-0023: User account disclosure in LAMS module (CVE-2009-4298) - MSA-09-0024: Insufficient access control in glossary (CVE-2009-4299) - MSA-09-0026: Invalid application access control in MNET interface (CVE-2009-4301) - MSA-09-0028: Multiple backup/restore related issues (CVE-2009-4303) - MSA-09-0031: SQL injection in SCORM module (CVE-2009-4305) - Closes: #559531 * Swedish translation from unfinished 1.9: da50a5742f4fabf68aa156d81f98e09be34060bc (Closes: #511202) * debconf-updatepo from unfinished 1.9: f525b18d6abd5c796c8cadce6137afd61dd2a4a7 [Hubert Chathi] * move po-debconf to Build-Depends, rather than Build-Depends-Indep (fixes lintian error, regarding policy section 7.7) [ Cherry picked commits from our other branches ] * Another security fix from lenny ( 9604c6d5b191abaf4e3cc47e7b297984a289769f ) - MSA-09-0027: Login information can be sent unsecured even when site is configured to use SSL for logins (CVE-2009-4302) moodle (1.8.2.dfsg-5.1) unstable; urgency=low * Non-maintainer upload. * Changed dependency on yui to the packages new name libjs-yui (Closes: #558043) mt-daapd (0.9~r1696.dfsg-6lenny3) stable-proposed-updates; urgency=low * debian/patches/18_itunes10_fix.dpatch: + Added; handle aeMK tag, mandatory for iTunes 10 (closes: #596250). nss (3.12.3.1-0lenny2) stable-security; urgency=low * debian/patches/99_CVE-2010-3170.dpatch: Fix for CVE-2010-3170 Browser Wildcard Certificate Validation Issue. * debian/patches/99_CVE-2010-3173.dpatch: Fix for CVE-2010-3173 Insecure Diffie-Hellman key exchange. * debian/patches/lower-dhe-priority.dpatch: Upstream patch from bz#583337 to lower DHE priority. * debian/patches/00list: Updated accordingly. openldap (2.4.11-1+lenny2) stable-security; urgency=high * Fixes CVE-2010-0211 and CVE-2010-0212 openldap (2.4.11-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-3767: libraries/libldap/tls_o.c doesn't properly handle NULL character in subject Common Name (Closes: #553432) openscenegraph (2.4.0-1.1+lenny1) stable; urgency=high * A vulnerability (CVE-2010-0280) was detected in OSG's embedded copy of lib3ds. Applying the same patch for lib3ds in Squeeze, since there are few chances for lib3ds to get updated in Lenny (Closes: #601181). openssl (0.9.8g-15+lenny9) stable-security; urgency=low * Fix TLS extension parsing race condition (CVE-2010-3864) perdition (1.17.1-2+lenny2) stable; urgency=low * Resolve 4/8 byte problems raised in bug #597914) - odbc: pass a SQLLEN instead of an SQLINTEGER to SQLBindCol() + This seems problematic on architectures such as amd64 where size_t (SQLLEN) is 8 bytes wide but int (SQLINTEGER) is only 4 bytes wide. + As per upstream patch http://hg.vergenet.net/perdition/perdition/rev/57268f4aaa94 - core: the return value of callbacks to vanessa_socket_pipe_func() should be a ssize_t not an int. + This seems problematic on architectures such as amd64 where ssize_t is 8 bytes wide but int is only 4 bytes wide. + As per upstream patch http://hg.vergenet.net/perdition/perdition/rev/57268f4aaa94 - (closes: #597914) perdition (1.17.1-2+lenny1) stable; urgency=low * Don't call make from perdition prerm script - make may not be installed - unnecessary clean up of user-generated files - Upstream patch: http://hg.vergenet.net/perdition/perdition/rev/5425b7c0637b - (closes: #595432) * ssl: Set session_id - CVE-2009-3555 - Upstream patch: http://hg.vergenet.net/perdition/perdition/rev/6d85be38374c - (closes: #595207) phpmyadmin (4:2.11.8.1-5+lenny6) stable-security; urgency=high * Fixed wrong displaying of number of returned rows. * Actually apply security patches added in previous upload. pidgin (2.4.3-4lenny8) stable-security; urgency=low * Move package VCS to git * Re-enable SILC, SIMPLE, and Yahoo, which have all apparently been disabled since 2.4.3-4lenny6, and which is a grave regression. poppler (0.8.7-4) stable-security; urgency=high * CVE-2010-3702 CVE-2010-3704 postgresql-8.3 (8.3.12-0lenny1) stable-security; urgency=low * New upstream security/bug fix release: - Use a separate interpreter for each calling SQL userid in PL/Perl and PL/Tcl. This change prevents security problems that can be caused by subverting Perl or Tcl code that will be executed later in the same session under another SQL user identity (for example, within a SECURITY DEFINER function). Most scripting languages offer numerous ways that that might be done, such as redefining standard functions or operators called by the target function. Without this change, any SQL user with Perl or Tcl language usage rights can do essentially anything with the SQL privileges of the target function's owner. The cost of this change is that intentional communication among Perl and Tcl functions becomes more difficult. To provide an escape hatch, PL/PerlU and PL/TclU functions continue to use only one interpreter per session. This is not considered a security issue since all such functions execute at the trust level of a database superuser already. It is likely that third-party procedural languages that claim to offer trusted execution have similar security issues. We advise contacting the authors of any PL you are depending on for security-critical purposes. Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433). - Prevent possible crashes in pg_get_expr() by disallowing it from being called with an argument that is not one of the system catalog columns it's intended to be used with. - Fix incorrect usage of non-strict OR joinclauses in Append indexscans. This is a back-patch of an 8.4 fix that was missed in the 8.3 branch. This corrects an error introduced in 8.3.8 that could cause incorrect results for outer joins when the inner relation is an inheritance tree or UNION ALL subquery. - Fix possible duplicate scans of UNION ALL member relations. - Fix "cannot handle unplanned sub-select" error. This occurred when a sub-select contains a join alias reference that expands into an expression containing another sub-select. - Fix failure to mark cached plans as transient. If a plan is prepared while "CREATE INDEX CONCURRENTLY" is in progress for one of the referenced tables, it is supposed to be re-planned once the index is ready for use. This was not happening reliably. - Reduce PANIC to ERROR in some occasionally-reported btree failure cases, and provide additional detail in the resulting error messages. This should improve the system's robustness with corrupted indexes. - Prevent show_session_authorization() from crashing within autovacuum processes. - Defend against functions returning setof record where not all the returned rows are actually of the same rowtype. - Fix possible failure when hashing a pass-by-reference function result. - Improve merge join's handling of NULLs in the join columns. A merge join can now stop entirely upon reaching the first NULL, if the sort order is such that NULLs sort high. - Take care to fsync the contents of lockfiles (both "postmaster.pid" and the socket lockfile) while writing them. This omission could result in corrupted lockfile contents if the machine crashes shortly after postmaster start. That could in turn prevent subsequent attempts to start the postmaster from succeeding, until the lockfile is manually removed. - Avoid recursion while assigning XIDs to heavily-nested subtransactions. The original coding could result in a crash if there was limited stack space. - Avoid holding open old WAL segments in the walwriter process. The previous coding would prevent removal of no-longer-needed segments. - Fix log_line_prefix's %i escape, which could produce junk early in backend startup. - Fix possible data corruption in "ALTER TABLE ... SET TABLESPACE" when archiving is enabled. - Allow "CREATE DATABASE" and "ALTER DATABASE ... SET TABLESPACE" to be interrupted by query-cancel. - Fix "REASSIGN OWNED" to handle operator classes and families. - Fix possible core dump when comparing two empty tsquery values. - Fix LIKE's handling of patterns containing % followed by _. We've fixed this before, but there were still some incorrectly-handled cases. - In PL/Python, defend against null pointer results from PyCObject_AsVoidPtr and PyCObject_FromVoidPtr. - Make psql recognize "DISCARD ALL" as a command that should not be encased in a transaction block in autocommit-off mode. - Fix ecpg to process data from RETURNING clauses correctly. - Improve "contrib/dblink"'s handling of tables containing dropped columns. - Fix connection leak after "duplicate connection name" errors in "contrib/dblink". - Fix "contrib/dblink" to handle connection names longer than 62 bytes correctly. - Add hstore(text, text) function to "contrib/hstore". This function is the recommended substitute for the now-deprecated => operator. It was back-patched so that future-proofed code can be used with older server versions. Note that the patch will be effective only after "contrib/hstore" is installed or reinstalled in a particular database. Users might prefer to execute the "CREATE FUNCTION" command by hand, instead. - Update build infrastructure and documentation to reflect the source code repository's move from CVS to Git. quagga (0.99.10-1lenny3) stable-security; urgency=high * 99_segment_type_check: fix bgpd crash on invalid segment type (CVE-2010-2949) * 99_fix_confederation-1, 99_fix_confederation-2: fix confederations handling in bgpd, addressing a session reset issue * 99_route_refresh: tighten bounds checking in RR ORF msg reader (CVE-2010-2948) samba (2:3.2.5-4lenny13) stable-security; urgency=high [ Christian Perrier ] * Security update, fixing the following issue: - CVE-2019-3069: Buffer overrun vulnerability in sid_parse. Closes: #596891. ser2net (2.5-1+lenny1) stable; urgency=low * add patch from Sebastian Andrzej Siewior. Closes: #535159 smbind (0.4.7-3+lenny1) stable-security; urgency=high * Fix sql injection in src/include.php squid (2.7.STABLE3-4.1lenny1) stable-security; urgency=high * Urgency high due to security fixes * debian/patches/71-CVE-2009-2855 - Fix DoS vuln (Ref: CVE-2009-2855)(Closes: #534982) [Steffen Joeris] * Fix denial of service via invalid DNS header-only packets Fixes: CVE-2010-0308 squid3 (3.0.STABLE8-3+lenny4) stable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS due to wrong string handling (Closes: #596086) Fixes: CVE-2010-3072 subversion (1.5.1dfsg1-5) stable-security; urgency=medium * Fix CVE-2010-3315: mod_dav_svn can give authorized users higher privileges than they are configured for, in rare configurations. sun-java6 (6-22-0lenny1) stable; urgency=low * New upstream release (Closes: #601802) * SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes: - (CVE-2010-3556): JDK unspecified vulnerability in 2D component - (CVE-2010-3562): JDK IndexColorModel double-free - (CVE-2010-3565): JDK JPEG writeImage remote code execution - (CVE-2010-3566): JDK ICC Profile remote code execution - (CVE-2010-3567): Crash in ICU Opentype layout engine due to mismatch in character counts - (CVE-2010-3571): JDK unspecified vulnerability in 2D component - (CVE-2010-3554): JDK corba reflection vulnerabilities - (CVE-2010-3563): JDK unspecified vulnerability in Deployment component - (CVE-2010-3568): JDK Deserialization Race condition - (CVE-2010-3569): JDK Serialization inconsistencies - (CVE-2010-3558): JDK unspecified vulnerability in Java Web Start component - (CVE-2010-3552): JDK unspecified vulnerability in New Java Plugin component - (CVE-2010-3559): JDK unspecified vulnerability in Sound component - (CVE-2010-3572): JDK unspecified vulnerability in Sound component - (CVE-2010-3553): UIDefault.ProxyLazyValue has unsafe reflection usage - (CVE-2010-3555): JDK unspecified vulnerability in Deployment component - (CVE-2010-3550): JDK unspecified vulnerability in Java Web Start component - (CVE-2010-3570): JDK unspecified vulnerability in Deployment Toolkit - (CVE-2010-3561): Privileged ServerSocket.accept allows receiving connections from any host - (CVE-2009-3555): TLS: MITM attacks via session renegotiation - (CVE-2010-1321): krb5: null pointer dereference in GSS-API library leads to DoS - (CVE-2010-3549): HttpURLConnection chunked encoding issue (Http request splitting) - (CVE-2010-3557): JDK Swing mutable static - (CVE-2010-3541): limit setting of some request headers in HttpURLConnection - (CVE-2010-3573): limit HTTP request cookie headers in HttpURLConnection - (CVE-2010-3574): limit use of TRACE method in HttpURLConnection - (CVE-2010-3548): JDK DNS server IP address information leak - (CVE-2010-3551): NetworkInterface reveals local network address to untrusted code - (CVE-2010-3560): JDK unspecified vulnerability in Networking component tor (0.2.1.26-1~lenny+2) stable; urgency=low * Add debian/patches/15_tlsext_host_name: Work around change in libssl0.9.8 (0.9.8g-15+lenny9 and 0.9.8o-3), taken from 0.2.1.27 (closes: #604198): . Do not set the tlsext_host_name extension on server SSL objects; only on client SSL objects. We set it to immitate a browser, not a vhosting server. This resolves an incompatibility with openssl 0.9.8p and openssl 1.0.0b. Fixes bug 2204; bugfix on 0.2.1.1-alpha. * Also from 0.2.1.27: Add maatuska as eighth v3 directory authority. The directory authority servers are the trusted nodes that sign the directory of all Tor servers. This adds an 8th authority to the existing list, improving robustness. * If we have a debian/micro-revision.i, replace the one in src/or with our copy so that this will be the revision that ends up in the binary. This is an informational only version string, but it'd be kinda nice if it was (more) accurate nonetheless. (Backported from 0.2.2.2-alpha-1 from September 2009.) tor (0.2.1.26-1~lenny+1) stable; urgency=low * Upload to stable, since a potential future security upload for openssl will break Tor 0.2.0.35, the version currently in stable. . This libssl update will change how openssl does renegotiation, and Tor 0.2.0.x relies on the old behaviour but does not yet know how to tell openssl to stick to it. The 0.2.1.x tree has special support for newer openssls and sets the proper, new flags so libssl continues to provide the old renegotiation features. . The old-style renegotiation feature is potentially dangerous in some cases, but it is believed that Tor does everything correctly and thus can use it safely. tor (0.2.1.25-3) unstable; urgency=low * Minor bugfixes to make the testsuite work on our new Octeon machines: (taken from upstream's maint-0.2.1 branch) - Testsuite: In the util/threads test no longer free the test_mutex before all worker threads have finished. - Testsuite: The master thread could starve the worker threads quite badly on certain systems, causing them to run only partially in the allowed window. This resulted in test failures. Now the master thread sleeps occasionally for a few microseconds while the two worker-threads compete for the mutex. (both in debian/patches/15_testuite-thread-fixes) tor (0.2.1.25-2) unstable; urgency=low * In /etc/default/tor also source /etc/default/tor.vidalia if it exists and if vidalia is installed. We do this so that the vidalia package can override some of our settings: People who have vidalia installed might not want to run Tor as a system service. The vidalia .deb can ask them that and then set run-daemon to no. tor (0.2.1.25-1) unstable; urgency=low * New upstream version. - Obsoletes patches/15_enable_renegotiation_on_098k. * Change order of recommends from privoxy | polipo to polipo | privoxy. [change done in experimental (0.2.2.x) long ago). tor (0.2.1.23-2) unstable; urgency=low * Enable ssl renegotiation also on 0.9.8k (closes: #570197). tor (0.2.1.23-1) unstable; urgency=low * New upstream version. - We no longer need to build-depend on a recent libssl-dev because Tor now detects whether we need to explicitly turn on autonegotiation at run-time rather than compile time. Good. (This also means we no longer need to conflict with newer libssls when we built against an old one on backports.) tor (0.2.1.22-1) unstable; urgency=medium * New upstream version. - Rotate keys (both v3 identity and relay identity) for moria1 and gabelmoo. [and more] tor (0.2.1.21-1) unstable; urgency=low * New upstream version. * Drop patches/ce0a89e2-work-with-reneg-ssl.dpatch (already in upstream). tor (0.2.1.20-2) unstable; urgency=low * Pick ce0a89e2624471272ffc4950c5069d9b81a7f0b9 from maint-0.2.1 git tree: - work with libssl that has renegotiation disabled by default. (debian/patches/ce0a89e2-work-with-reneg-ssl.dpatch) * Therefore build-depend on libssl-dev >= 0.9.8k-6. If we build against earlier versions we will not work once libssl gets upgraded to a version that disabled renegotiations. tor (0.2.1.20-1) unstable; urgency=low * New upstream version. tor (0.2.1.19-1) unstable; urgency=low * New upstream version. - Make accessing hidden services on 0.2.1.x work right (closes: #538960). [More items are in the upstream changelog.] tor (0.2.1.18-1) unstable; urgency=low * New upstream version. tor (0.2.1.17-rc-1) experimental; urgency=low * New upstream version. * Update upstream URL in debian/copyright. tor (0.2.1.11-alpha-1) experimental; urgency=high * New upstream version: - Fixes a possible remote heap buffer overflow bug. - torify(1) manpage mentions DNS leaks now (closes: #495829). * README.Debian: No longer claim we change the default 'Group' setting when run as debian-user. That setting no longer exists. * Forward port 03_tor_manpage_in_section_8.dpatch. tor (0.2.1.10-alpha-1) experimental; urgency=low * New alpha release. * Forward port 03_tor_manpage_in_section_8.dpatch. ttf-beteckna (0.2-2lenny1) stable-proposed-updates; urgency=low * Team upload * Move package under pkg-fonts team maintenance * Fix "Hints do not match the installed files" by applying patch by Jakob Bohm. Closes: #551506 ttf-okolaks (0.5-2.1lenny2) stable-proposed-updates; urgency=low * Really fix "Hints do not match the installed files" by applying patch by Jakob Bohm. Closes: #551525 typo3-src (4.2.5-1+lenny6) stable-security; urgency=high * Security patch from new upstream release 4.2.15: - fixes: "TYPO3 Security Bulletin TYPO3-SA-2010-020: Multiple vulnerabilities in TYPO3 Core" (Closes: 599334) typo3-src (4.2.5-1+lenny5) stable-security; urgency=high * Added a patch to fix a regression introduced during last security patch. The last patch renders the backend unusable. Thanks to Fabian Ruff (Closes: 595099). tzdata (2010o-0lenny1) stable; urgency=low * New upstream release. * da.po: Danish translation from Joe Hansen. closes: #596143. * pt_BR.po: Brazilian Portuguese translation from Flamarion Jorge. closes: #550846. * sk.po: Slovak translation from Ivan Masár. closes: #534440. tzdata (2010m-1) unstable; urgency=low [ Aurelien Jarno ] * Danish translation (Joe Hansen). Closes: #596143. [ Clint Adams ] * New upstream release. tzdata (2010l-1) unstable; urgency=low * New upstream release. * gl.po: updated Galician translation from Jorge Barreiro. closes: #592814. tzdata (2010k-1) unstable; urgency=low * New upstream release. * Bump to Standards-Version 3.9.1. tzdata (2010j-1) unstable; urgency=low * New upstream version. * en.po: rename "Noronha" to "Fernando de Noronha" and "Ponape" to "Pohnpei". closes: #580745. * de.po: updated German translation from Holger Wansing. closes: #580935. user-mode-linux (2.6.26-1um-2+26) stable; urgency=high * Rebuild against linux-source-2.6.26 (2.6.26-26): [ Ben Hutchings ] * [alpha,s390,sparc] math-emu: correct test for downshifting fraction in _FP_FROM_INT() (See: #593193) * SCSI/mptsas: fix hangs caused by ATA pass-through (See: #594690) * xfs: prevent kernel crash due to corrupted inode log format (See: #550733) * r6040: Fix various bugs in r6040_multicast_list() (See: #600155) user-mode-linux (2.6.26-1um-2+25lenny1) stable-security; urgency=high * Rebuild against linux-source-2.6.26 (2.6.26-25lenny1), including changes from linux-source-2.6.26 (2.6.26-25): * irda: Correctly clean up self->ias_obj on irda_bind() failure. (CVE-2010-2954) * compat: Make compat_alloc_user_space() incorporate the access_ok() (CVE-2010-3081) * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open() (CVE-2010-3080) * xfs: prevent reading uninitialized stack memory (CVE-2010-3078) * ecryptfs: Bugfix for error related to ecryptfs_hash_buckets (CVE-2010-2492) * pid_ns: Ensure that child_reaper is always valid (See: #570350) * [xen] Fix deadlock in timer interrupt, thanks to Zdenek Salvet (See: #534880) * e1000e: Add support for 82567LM-4, 82567LM-3, 82567LF-3 and 82583V controllers (See: #512546) * parport: quickfix the proc registration bug (See: #588672); ignore ABI changes in parport and parport_pc * Add guard page for stacks that grow up, an additional fix for CVE-2010-2240 * mm: make stack guard page logic use vm_prev pointer, an additional fix for CVE-2010-2240 * net sched: fix some kernel memory leaks (CVE-2010-2942) * jfs: don't allow os2 xattr namespace overlap with others (CVE-2010-2946) xen-tools (3.9-4+lenny1) stable; urgency=low * Set umask to 0077 before creating disk images (Closes: #548909) (Cherry-picked dfbf591 from master branch) xorg-server (2:1.4.2-10.lenny3) stable; urgency=low * Cherry-pick patch from upstream to set umask to a sane value in Xorg before opening the log, so we don't create it world-writable (closes: #555308). * Add patch by Olivier Fourdan (Red Hat) to fix the mod() macro in fb and mi. * render: bounds check for nglyphs in ProcRenderAddGlyphs. * fb: make isClipped always reject negative coordinates (closes: #320627) * xvfb-run: don't pass the magic cookie to xauth on the command line (CVE-2009-1573). Thanks, Loïc Minier! xulrunner (1.9.0.19-6) stable-security; urgency=low * Fixes for mfsa2010-{64-69,73}, also known as CVE-2010-3176, CVE-2010-3174, CVE-2010-3179, CVE-2010-3180, CVE-2010-3183, CVE-2010-3177, CVE-2010-3178, CVE-2010-3765. * Fix for mfsa2010-71 aka CVE-2010-3182, which only applies to applications using run-mozilla.sh (e.g. not iceweasel) * Fixes for regressions from CVE-2010-0654 and CVE-2010-2769. xulrunner (1.9.0.19-5) stable-security; urgency=low * Fixes for regressions from CVE-2010-3169 and CVE-2010-2769. xulrunner (1.9.0.19-4) stable-security; urgency=low * Fixes for mfsa2010-{49-51,54-57,60-62}, also known as CVE-2010-3169, CVE-2010-2765, CVE-2010-2767, CVE-2010-2760, CVE-2010-3168, CVE-2010-3167, CVE-2010-2766, CVE-2010-2763, CVE-2010-2768, CVE-2010-2769. ========================================= Sat, 04 Sep 2010 - Debian 5.0.6 released ========================================= ========================================================================= [Date: Sat, 04 Sep 2010 11:34:14 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: libconfig-inetd-perl | 0.25-1.1 | source, all Closed bugs: 594484 ------------------- Reason ------------------- RoSRM: Empty, orphaned package ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 04 Sep 2010 11:37:35 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: liblwres40 | 1:9.5.1.dfsg.P3-1+lenny1 | alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc ------------------- Reason ------------------- [auto-cruft] RoSRM ---------------------------------------------- ========================================================================= avahi (0.6.23-3lenny2) stable-security; urgency=high * CVE-2010-2244 and CVE-2009-0758 base-files (5lenny7) stable; urgency=low * Bump version in /etc/debian_version to "5.0.6". bgoffice (3.0-9+lenny1) stable; urgency=low * QA upload. * debian/aspell-bg.postrm: Delete; harmful during upgrades or package reinstallation (Closes: #589851). * debian/aspell-bg.postinst: Recover from the old erroneous postrm and touch bg{,-en}.rws and bg.compat if the files do not exist. * debian/rules (install): Create an empty var/lib/aspell/bg-en.rws. (binary-common): Pass -Xvar/lib/aspell to dh_md5sums. bind9 (1:9.6.ESV.R1+dfsg-0+lenny2) stable-security; urgency=medium * Use old location of the PID files. Closes: #585004. * Log warning if openssl.cnf is not readable. cabextract (1.2-3+lenny1) stable-security; urgency=high * CVE-2010-2801 debian-archive-keyring (2010.08.28) stable; urgency=low * Team upload. * Add Debian Archive Automatic Signing Key (6.0/squeeze) (ID: 473041FA). * Convert keyring generation to jetring. debian-archive-keyring (2010.08.28~lenny1) stable; urgency=low * Team upload. * Upload to stable. * Use SHA1 checksums instead of SHA256, due to jetring missing support for the stronger ones. debian-archive-keyring (2010.08.15) unstable; urgency=low * Team upload. * Add Squeeze Stable Release Key (ID: B98321F9). (Closes: #540890) * Add a DEBIAN/md5sums file to the non-udeb package. (Closes: #534934) * Move to debian-archive-removed-keys.gpg: - Debian Archive Automatic Signing Key (4.0/etch) - Etch Stable Release Key - Debian-Volatile Archive Automatic Signing Key (4.0/etch) freetype (2.3.7-2+lenny2) stable-security; urgency=high * CVE-2010-2497 freetype integer underflow #30082 #30083 * CVE-2010-2498 freetype invalid free #30106 * CVE-2010-2499 freetype buffer overflow #30248 #30249 * CVE-2010-2500 freetype integer overflow #30263 * CVE-2010-2519 freetype heap buffer overflow #30306 * CVE-2010-2520 freetype invalid realloc #30361 * CVE-2010-XXXX freetype demos buffer overflows #30054 ghostscript (8.62.dfsg.1-3.2lenny5) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-4897: Buffer overflow in gs/psi/iscan.c allows remote attackers to execute arbitrary code or cause a denial of service via a crafted PDF document containing a long name. * Fixed CVE-2010-1628: execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter (Closes: #584516) ghostscript (8.62.dfsg.1-3.2lenny4) stable-security; urgency=low * Rebuild again, there's an old 8.62.dfsg.1-3.2lenny3 build on chopin, which prevents builds from trickling in ghostscript (8.62.dfsg.1-3.2lenny2) stable-security; urgency=low * CVE-2007-6725 CVE-2008-3522 CVE-2008-6679 CVE-2009-0196 CVE-2010-0792 CVE-2009-4270 CVE-2010-1869 git-core (1:1.5.6.5-3+lenny3.1) stable; urgency=high * Non-maintainer upload. * debian/diff/0009-CVE-2010-2542.diff: new; fix stack-based buffer overflow in handling gitdir paths (Closes: #590026). gmime2.2 (2.2.22-2+lenny2) stable-security; urgency=high * I hate patch systems gnupg2 (2.0.9-3.1+lenny1) stable-security; urgency=medium * Apply patch from Werner Koch to fix a use-after-free issue in certificate parsing. ia32-libs (2.7+lenny1) stable; urgency=low * Non-maintainer upload. * Fix ld-linux.so.2 symlink on ia64. (Closes: #563402) * Add ld.so.conf snippet to add `/emul/ia32-linux/{usr/,}lib' to the library search path on ia64. imp4 (4.2-4lenny2) stable; urgency=low * Backport patches from Horde CVS (http://bugs.horde.org/ticket/8836) to turn off DNS prefetching when displaying untrusted content. See CVE-2010-0463 for more information. (Closes: #569661) iputils (3:20071127-1+lenny1) stable; urgency=high * Fix CVE-2010-2529 - resource consumption triggered by specially crafted ICMP echo reply kvirc (2:3.4.0-6) stable-security; urgency=high * Fix another DCC issue, patch by Kai Wasserbaech kvirc (2:3.4.0-5) stable-security; urgency=high * Reupload with Raul's name stripped of special characters, for mysterious reasons dak rejected the previous uploads... lftp (3.7.3-1+lenny1) stable-security; urgency=high * Fix security issue which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header suggesting a malicious filename (CVE-2010-2251). libapache-dbi-perl (1.07-1+lenny2) stable; urgency=low * debian/rules: Correct typo QUILT_STAMPN → QUILT_STAMPFN to apply patches during build. (Closes: #592871) libnss-lwres (0.93-4.2+b2) stable; urgency=low * Binary-only non-maintainer upload for i386; no source changes. * Rebuild against liblwres50 from the bind9 security update libmikmod (3.1.11-6.0.1+lenny1) stable-security; urgency=low * Rebuild to build with a version higher than a previous hppa binmu libmikmod (3.1.11-6+lenny1) stable-security; urgency=high * CVE-2009-3995 CVE-2009-3996 libnet-sftp-foreign-perl (1.42+dfsg-1+lenny1) stable; urgency=low * Add Recommends on libio-pty-perl and libexpect-perl (Closes: #587830). libpng (1.2.27-2+lenny4) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2010-1205: Buffer overflow in pngpread.c (Closes: #587670) * Fixed CVE-2010-2249: Memory leak in pngrutil.c libpoe-component-irc-perl (5.84+dfsg-1+lenny1) stable; urgency=high * Filter out \r and \n in commands to prevent command injection. (Closes: #581194) libtk-filedialog-perl (1.3-2+lenny1) stable; urgency=low * Patch to fix error about making ".filedialog" its own master. (Closes: #544894) libwww-perl (5.813-1+lenny2) stable; urgency=low * CVE-2010-2253: Apply upstream patch to lwp-download to reject downloads to filenames suggested by the server that start with a . (dot) character. commit id of upstream patch: f97f339f552666ef79cdd2cf2a44032cf206bb6e libwww-perl (5.813-1+lenny1) stable; urgency=low * Fix incorrect use of redo. (Closes: #591462) linux-2.6 (2.6.26-25) stable; urgency=high [ Ben Hutchings ] * pid_ns: Ensure that child_reaper is always valid (Closes: #570350) * [xen] Fix deadlock in timer interrupt, thanks to Zdenek Salvet (Closes: #534880) * e1000e: Add support for 82567LM-4, 82567LM-3, 82567LF-3 and 82583V controllers (Closes: #512546) [ Moritz Muehlenhoff ] * parport: quickfix the proc registration bug (Closes: #588672); ignore ABI changes in parport and parport_pc [ dann frazier ] * Add guard page for stacks that grow up, an additional fix for CVE-2010-2240 * mm: make stack guard page logic use vm_prev pointer, an additional fix for CVE-2010-2240 * net sched: fix some kernel memory leaks (CVE-2010-2942) * jfs: don't allow os2 xattr namespace overlap with others (CVE-2010-2946) linux-2.6 (2.6.26-24lenny1) stable-security; urgency=high * cifs: Fix a kernel BUG with remote OS/2 server (CVE-2010-2248) * Fix race in tty_fasync() properly (CVE-2009-4895) * xfs: prevent swapext from operating on write-only files (CVE-2010-2226) * nfsd4: bug in read_buf (CVE-2010-2521) * GFS2: rename causes kernel Oops (CVE-2010-2798) * exec: Fix 'flush_old_exec()/setup_new_exec()' split (Closes: #589179; regression due to fix for CVE-2010-0307) * can: add limit for nframes and clean up signed/unsigned variables (CVE-REQUESTED) * mm: keep a guard page below a grow-down stack segment (CVE-2010-2240) * drm: stop information leak of old kernel stack (CVE-2010-2803) * ext4: fix integer overflows in ext4_ext_{in_cache,get_blocks} (CVE-2010-3015) lvm2 (2.02.39-8) stable-security; urgency=high * CVE-2010-2526: Fix insecure communication between lvm2 and clvmd. (Closes: #591204) lxr-cvs (0.9.5+cvs20071020-1+lenny1) stable-security; urgency=high * Fix several XSS vulnerabilities: CVE-2010-1625, CVE-2010-1738, CVE-2010-1448, CVE-2009-4497. mahara (1.0.4-4+lenny6) stable-security; urgency=high * SECURITY UPDATE: multiple cross-site scripting vulnerabilities - debian/patches/CVE-2010-1667.dpatch: upstream patch - CVE-2010-1667 * SECURITY UPDATE: multiple cross-site request forgery vulnerabilities - debian/patches/CVE-2010-1668.dpatch: upstream patch - CVE-2010-1668 * SECURITY UPDATE: unsafe auth plugins configuration options - debian/patches/CVE-2010-1670.dpatch: upstream patch - CVE-2010-1670 * SECURITY UPDATE: IE-only cross-site scripting bug in HTML Purifier - debian/patches/CVE-2010-2479.dpatch: upstream patch - CVE-2010-2479 makepasswd (1.10-3+lenny1) stable; urgency=low * Backport from unstable: - Use /dev/urandom rather than /dev/random, as the latter is overkill for this and drains entropy too quickly (thanks, Ralf Hildebrandt; closes: #307700). (This is needed in stable because it overlaps with the following security fix.) - Use OpenSSL's random number generator, seeded with 256 bits of entropy from /dev/urandom (CVE-2010-2247; closes: #564559). mapserver (5.0.3-3+lenny5) stable-security; urgency=high * Fix Buffer overflow in msTmpFile function. [http://trac.osgeo.org/mapserver/ticket/3484] * Fix insecure mapserv CGI command-line debug args. [http://trac.osgeo.org/mapserver/ticket/3485] mlmmj (1.2.15-1.1+lenny1) stable-security; urgency=high * Non-maintainer QA upload. * Fixes CVE-2009-4896 mlmmj-php-admin directory traversal (Closes: #588038). moin (1.7.1-3+lenny5) stable-security; urgency=high * Non-maintainer upload. * Fixed XSS in theme.add_msg, CVE-2010-2487 (Closes: #584809) ncompress (4.2.4.2-1+lenny1) stable-security; urgency=high * Apply patch from upstream 4.2.4.3 to fix CVE-2010-0001. okular (0.7-2+lenny1) stable; urgency=low * New patch CVE-2010-2575.diff: + Taken from upstream r1167825 to fix CVE-2010-2575. openoffice.org (1:2.4.1+dfsg-1+lenny8) stable-security; urgency=high * ooo-build/patches/src680/workspace.impress197.diff: fix CVE-2010-2935 and CVE-2010-2936 aka SA40775: two buffer-overflow vulnerabilities in OpenOffice.org Impress openssl (0.9.8g-15+lenny8) stable-security; urgency=low * Fix CVE-2010-2939: Double free using ECDH. (Closes: #594415) pango1.0 (1.20.5-6) stable; urgency=low * Rename CVE-2010-0421.patch to 23_CVE-2010-0421.patch. * 24_harfbuzz_crash.patch: patch from upstream. Fixes a crash when passing invalid Unicode sequences. paste (1.7.1-1+lenny1) stable; urgency=high * Fix XSS bug (security issue) with not found handlers for paste.urlparser.StaticURLParser and paste.urlmap.URLMap (patch backported from version 1.7.4) pastebinit (0.10-2lenny1) stable; urgency=low * backport Ubuntu patch to update to new pastebin.com API (Closes: #592167) * drop rafb.net support which has been offline for a while now pcsc-lite (1.4.102-1+lenny3) stable-security; urgency=low * reupload without the .orig.tar.gz pdf2djvu (0.4.11a-1+lenny1) stable; urgency=low * New maintainer. * Fix crash when using the -i/--indirect option (closes: #582425). php5 (5.2.6.dfsg.1-1+lenny9) stable-security; urgency=high * Fix CVE-2010-1917: stack consumption on the fnmatch() function * Fix CVE-2010-2225: use-after-free in the SplObjectStorage unserializer * Fix MOPS-2010-60: arbitrary session variables injection phpmyadmin (4:2.11.8.1-5+lenny5) stable-security; urgency=high * Upload to stable to fix security issues. * Various XSS issues [CVE-2010-3056]. * Unsafe code generation in setup script [CVE-2010-3055]. python-cjson (1.0.5-1+lenny1) stable-security; urgency=high [ Christian Kastner ] * debian/rules: - Use simple-patchsys from cdbs for patch below * debian/patches: - Include patch 0001-fix-for-CVE-2010-1666 from unstable: Matt Giuca discovered a buffer overflow when encoding wide unicode characters on UCS4 builds. This fix was taken from Ubuntu LP #585274, which he provided. Closes: #587700, Fixes: CVE-2010-1666 quik (2.1-9+lenny1) stable; urgency=low * Apply patch by Lennart Sorensen to fix FTBFS. (Closes: #512429) * Do not prompt user if debconf is running. (Closes: #513182) slim (1.3.0-1+lenny3) stable; urgency=high * CVE-2010-2945: insecure PATH assignment (cf. bug #594414) debian/patches/07_fix_insecure_PATH_assignment.dpatch smarty (2.6.20-1.3) stable-security; urgency=high * Non-maintainer upload by the security team. * Correct patch for CVE-2008-4810 to fix a regression when using single quotes (closes: #559073). socat (1.6.0.1-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2010-2799: Stack overflow by lexical scanning of nested character patterns (closes: #591443) squirrelmail (2:1.4.15-4+lenny3.1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * CSRF fixed (CVE-2009-2964). (Closes: #543818). - Based on Revision 13818 from svn upstream - Revision 13835, 13838 and 13840 included. - Reduced default time security tokens stay valid from 30 days to 2 days (Revision 13947) * Fixed literal processing of 8-bit usernames/passwords during login (CVE-2010-2813). tiff (3.8.2-11.3) stable-security; urgency=high * CVE-2010-1411 ttf-dzongkha (0.3-1lenny2) stable-proposed-updates; urgency=low * Remove watch file that leaked into the hints file. Thanks to Adam Barratt for pointing this. ttf-inconsolata (001.009-1lenny1) stable-proposed-updates; urgency=low * Fix file name in defoma hints file. Closes: #551508 * Fix font width to "Fixed" in defoma hints file as this makes the font unusable otherwise. Closes: LP#245258 typo3-src (4.2.5-1+lenny4) stable-security; urgency=high * Added patches (backported from 4.2.13 and 4.2.14) to fix the security issues from "TYPO3-SA-2010-012: Multiple vulnerabilities in TYPO3 Core" (Closes: 590719). user-mode-linux (2.6.26-1um-2+24lenny1) stable-security; urgency=high * Rebuild against linux-source-2.6.26 (2.6.26-24): * cifs: Fix a kernel BUG with remote OS/2 server (CVE-2010-2248) * Fix race in tty_fasync() properly (CVE-2009-4895) * xfs: prevent swapext from operating on write-only files (CVE-2010-2226) * nfsd4: bug in read_buf (CVE-2010-2521) * GFS2: rename causes kernel Oops (CVE-2010-2798) * exec: Fix 'flush_old_exec()/setup_new_exec()' split (Closes: #589179; regression due to fix for CVE-2010-0307) * can: add limit for nframes and clean up signed/unsigned variables (CVE-REQUESTED) * mm: keep a guard page below a grow-down stack segment (CVE-2010-2240) * drm: stop information leak of old kernel stack (CVE-2010-2803) * ext4: fix integer overflows in ext4_ext_{in_cache,get_blocks} (CVE-2010-3015) w3m (0.5.2-2+lenny1) stable; urgency=high * debian/patches/60_check-null-cn.patch: Patch to check for null bytes in CN/subjAltName, provided by Ludwig Nussel. [CVE-2010-2074] wget (1.11.4-2+lenny2) stable-security; urgency=high * Do not use server-provided file names by default * Fix harmless user-after-free bug in http_atotm() wireshark (1.0.2-3+lenny10) stable-security; urgency=high * security fixes from Wireshark 1.0.15: - The SigComp Universal Decompressor Virtual Machine could overrun a buffer. (CVE-2010-2995) - Due to a regression the ASN.1 BER dissector could overrun the stack. (CVE-2010-2994) wireshark (1.0.2-3+lenny9) stable-security; urgency=high * security fixes from Wireshark 1.0.14: - The SMB dissector could dereference a NULL pointer. (No assigned CVE number.) - J. Oquendo discovered that the ASN.1 BER dissector could overrun the stack. (No assigned CVE number.) - The SMB PIPE dissector could dereference a NULL pointer on some platforms. (No assigned CVE number.) - The SigComp Universal Decompressor Virtual Machine could go into an infinite loop. (No assigned CVE number.) - The SigComp Universal Decompressor Virtual Machine could overrun a buffer. (No assigned CVE number.) xserver-xorg-video-intel (2:2.3.2-2+lenny8) stable; urgency=low * Enable low power render writes on GEN3 hardware. Backported from a kernel fix by Dave Airlie. This should fix a number of issues (hangs in particular) on 915/945-class hw. xulrunner (1.9.0.19-3) stable-security; urgency=low * Fixes for mfsa2010-{24,34-35,37,40-41,45-47}, also known as CVE-2010-0182, CVE-2010-1211, CVE-2010-1208, CVE-2010-1214, CVE-2010-2753, CVE-2010-1205, CVE-2010-2751, CVE-2010-0654, CVE-2010-2754. xulrunner (1.9.0.19-2) stable-security; urgency=low * Fixes for mfsa2010-{25-30,32}, also known as CVE-2010-1121, CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-0183, CVE-2010-1198, CVE-2010-1196, CVE-2010-1199, CVE-2010-1197. znc (0.058-2+lenny4) stable-security; urgency=high * Add patch 05-null-pointer-traffic.dpatch, which fixes an NULL pointer dereference with traffic stats. znc crashs, if someone requests traffic statistics, while there was an unauthenticated connection to znc. Closes: #584929 zope-ldapuserfolder (2.9-1+lenny1) stable-security; urgency=high * Fix authentication bypass problem (Closes: #593466). CVE-2010-2944. ========================================= Sat, 26 Jun 2010 - Debian 5.0.5 released ========================================= ========================================================================= [Date: Sat, 26 Jun 2010 09:08:58 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: eclipse | 3.2.2-6.1 | source, amd64, i386, ia64, powerpc, sparc eclipse-efj | 3.2.2-6.1 | amd64, i386, ia64, powerpc, sparc eclipse-gcj | 3.2.2-6.1 | all eclipse-jdt | 3.2.2-6.1 | amd64, i386, ia64, powerpc, sparc eclipse-jdt-gcj | 3.2.2-6.1 | amd64, i386, ia64, powerpc, sparc eclipse-pde | 3.2.2-6.1 | amd64, i386, ia64, powerpc, sparc eclipse-pde-gcj | 3.2.2-6.1 | amd64, i386, ia64, powerpc, sparc eclipse-platform | 3.2.2-6.1 | amd64, i386, ia64, powerpc, sparc eclipse-platform-gcj | 3.2.2-6.1 | amd64, i386, ia64, powerpc, sparc eclipse-rcp | 3.2.2-6.1 | amd64, i386, ia64, powerpc, sparc eclipse-rcp-gcj | 3.2.2-6.1 | amd64, i386, ia64, powerpc, sparc eclipse-sdk | 3.2.2-6.1 | all eclipse-source | 3.2.2-6.1 | amd64, i386, ia64, powerpc, sparc libswt3.2-gtk-gcj | 3.2.2-6.1 | amd64, i386, ia64, powerpc, sparc libswt3.2-gtk-java | 3.2.2-6.1 | amd64, i386, ia64, powerpc, sparc libswt3.2-gtk-jni | 3.2.2-6.1 | amd64, i386, ia64, powerpc, sparc Closed bugs: 574356 ------------------- Reason ------------------- RM: Request of SRM / Maintainer ---------------------------------------------- ========================================================================= te: Sat, 26 Jun 2010 09:09:22 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: eclipse-cdt | 3.1.2-2 | source, amd64, i386, ia64, powerpc Closed bugs: 586139 ------------------- Reason ------------------- RM: Request of SRM / Maintainer ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Jun 2010 09:09:39 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: eclipse-common-nls | 3.2.1-3 | all eclipse-jdt-nls | 3.2.1-3 | all eclipse-nls | 3.2.1-3 | all eclipse-nls-sdk | 3.2.1-3 | source eclipse-pde-nls | 3.2.1-3 | all eclipse-platform-nls | 3.2.1-3 | all eclipse-rcp-nls | 3.2.1-3 | all eclipse-sdk-nls | 3.2.1-3 | all Closed bugs: 586140 ------------------- Reason ------------------- RM: Request of SRM / Maintainer ---------------------------------------------- ========================================================================= ========================================================================= [Date: Sat, 26 Jun 2010 09:50:58 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: libbind9-40 | 1:9.5.1.dfsg.P3-1+lenny1 | alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc libdns45 | 1:9.5.1.dfsg.P3-1+lenny1 | alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc libisc45 | 1:9.5.1.dfsg.P3-1+lenny1 | alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc libisccc40 | 1:9.5.1.dfsg.P3-1+lenny1 | alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc libisccfg40 | 1:9.5.1.dfsg.P3-1+lenny1 | alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc ------------------- Reason ------------------- [auto-cruft] NBS (no longer built by bind9) ---------------------------------------------- ========================================================================= ajaxterm (0.10-2+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix CVE-2009-1629: session IDs are weak and predictable (Closes: #528938) alien-arena (7.0-1+lenny2) stable-proposed-updates; urgency=high * Non-maintainer upload. * Fix a client buffer overflow vulnerability. * Fix a server denial-of-service issue: clients were able crash the server with a malformed "download" command (closes: #575621). apache2 (2.2.9-10+lenny8) stable; urgency=low * Add missing psmisc dependency for killall used in the init script. Closes: #568542 * Fix potential memory leaks related to the usage of apr_brigade_destroy(). apache2-mpm-itk (2.2.6-02-1+lenny3) stable; urgency=low * 10-handle-waitpid-eintr.patch: New patch, backported from unstable (originally adapted from a patch by Jan Boysen, and later corrected by Dave Cundiff). Fixes an issue where child processes would not be properly reaped on reload, leading to them being stuck in "graceful restart" in the scoreboard and vhosts wrongly hitting the MaxClientsVhost roof after a while. (Closes: #569712) apr (1.2.12-5+lenny2) stable; urgency=low * Set FD_CLOEXEC flag on file descriptors. Not doing so caused Apache httpd modules which do not use the apr API for executing other processes to leak file descriptors to the called processes. In some setups, this could cause security issues and/or problems with Apache failing to restart. This issue affected mod_php (but not mod_cgi). Closes: #366124 apt (0.7.20.2+lenny2) stable; urgency=low [ David Kalnischkies ] * ftparchive/writer.cc: - remove 999 chars Files rewrite limit (Closes: #577759) aria2 (0.14.0-1+lenny2) stable-security; urgency=high * Security upload. * src/FilesMetalinkParserState.cc, src/MetalinkParserController.cc src/Util.cc, src/Util.h + Fixed directory traversal during the download of a metalink file. Many thanks to Tatsuhiro Tsujikawa for patch. CVE-2010-1512 barnowl (1.0.1-4+lenny1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix buffer overflow in message.c (Closes: #574418) Fixes: CVE-2010-0793 base-files (5lenny6) stable; urgency=low * Bump version in /etc/debian_version to "5.0.5". bind9 (1:9.6.ESV.R1+dfsg-0+lenny1) stable-security; urgency=high * New upstream version: BIND 9.6-ESV-R1. * Restore Debian-specific feature patches. cacti (0.8.7b-2.1+lenny3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix unauthenticated sql injection vulnerability due to validating $_REQUEST rather than $_GET (CVE-2010-2092; Closes: #582691). choose-mirror (2.28lenny6) stable; urgency=low * Backport from trunk. - Correctly move progress bar to 100% after reading suites. * Updated mirror list. chrony (1.23-6+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * This update addresses the following security issues: - CVE-2010-0292: chronyd replies to all cmdmon packets from unauthorized hosts with. - CVE-2010-0293: missing memory limit for to keep client information which can lead to memory exhaustion through clients with spoofed IPs - CVE-2010-0294: missing syslog limit could lead to filling up the disc by triggering various log events in a loop. cpio (2.9-13lenny1) stable; urgency=low * Backport fix for rmt_read__ buffer overflow (CVE-2010-0624). cups (1.3.8-1+lenny8) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix loading of localized message string from arbitrary files through exporting the LOCALEDIR environment variable when lppasswd has a setuid bit set (CVE-2010-0393). curl (7.18.2-8lenny4) stable-security; urgency=high * Non-maintainer upload by the security team * Fix possible buffer overflow via callback function Fixes: CVE-2010-0734 debian-installer (20090123lenny7) stable; urgency=low * Rebuild to incorporate linux-kernel-di packages based upon linux-2.6 2.6.26-23 dia2code (0.8.3-3+lenny1) stable; urgency=low * debian/patches/fix_Segfault.patch: fixed segfault (Closes: #550092). dpkg (1.14.29) stable-security; urgency=high * Modify dpkg-source to error out when it would apply patches containing insecure paths (with "/../") and also error out when it would apply a patch through a symlink. Those checks are required as patch will happily modify files outside of the target directory and unpacking a source package should not be able to have any side-effect outside of the target directory. Fixes CVE-2010-0396. * Also error out when the quilt series contains a path with "/../" as this can cause patch to create files outside of the source package due to the -B .pc/$path option that it gets. drbd8 (2:8.0.14-2+lenny1) stable-security; urgency=high * Update for connector API change in linux-2.6_2.6.26-21lenny4 * Restrict netlink calls to users with CAP_SYS_ADMIN (CVE Requested) drupal6 (6.6-3lenny5) stable-security; urgency=high [ Luigi Gangitano ] * debian/patches/19_SA-CORE-2010-001 - Fixes multiple XSS vulnerabilities (Closes: #572439) (Ref: SA-CORE-2010-001, CVE-TBA) dvipng (1.11-1+lenny1) stable-security; urgency=low * Apply upstream patch to fix array index errors leading to denial of service and potential arbitrary code execution (CVE-2010-0829). egroupware (1.4.004-2.dfsg-4.2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix several vulnerabilites, no CVE IDs yet ejabberd (2.0.1-6+lenny2) stable-security; urgency=high [ Konstantin Khomoutov ] * Backport upstream patch for p1_fsm/max_fsm_queue, fixing CVE-2009-0934. * Add support for default value of max_fsm_queue. ffmpeg-debian (0.svn20080206-18+lenny1) stable-security; urgency=high * Fix multiple security issues, update provided by Reinhard Tartler fuse (2.7.4-1.1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-3297: race condition in fusermount (Closes: #567633) git-core (1:1.5.6.5-3+lenny3) stable-security; urgency=high * debian/diff/0008-git-cvsserver-allow-regex-metacharacters-...diff: new; git-cvsserver: allow regex metacharacters in CVSROOT (fixes build/selftest failure if the build directory pathname contains a +). glibc (2.7-18lenny4) stable-security; urgency=low * Add patches/alpha/submitted-rtld-fPIC.diff to fix FTBFS on alpha due to the changes introduced by patches/any/cvs-ld-elf.diff. gtk+2.0 (2.12.12-1~lenny2) stable-proposed-updates; urgency=low * 096_cups_mainloop_events.patch: stolen upstream. Fixes a very nasty bug that prevents printing big documents. GNOME #591846, LP #359975. hybserv (1.9.2-4+lenny2) stable-security; urgency=high * Non-maintainer upload by the security team * Fix DoS via commands with tabs (Closes: #550389) Fixes: CVE-2010-0303 * Add db_stop to hybserv.postinst to make sure it doesn't hang due to the open file descriptors by debconf Thanks to Julien Cristau icedove (2.0.0.24-0lenny1) stable-security; urgency=low * New upstream security/stability update (v2.0.0.23/v2.0.0.24) * MFSA 2009-42 aka CVE-2009-2408: Compromise of SSL-protected communication * MFSA 2009-43 aka CVE-2009-2404: Heap overflow in certificate regexp parsing * MFSA 2009-49 aka CVE-2009-3077: TreeColumns dangling pointer vulnerability * MFSA 2009-59 aka CVE-2009-0689: Heap buffer overflow in string to number conversion * MFSA 2009-62 aka CVE-2009-3376: Download filename spoofing with RTL override * MFSA 2009-68 aka CVE-2009-3983: NTLM reflection vulnerability * MFSA 2010-07 aka - CVE-2009-2463: Integer overflow in a base64 decoding function - CVE-2009-3072: Crash in the BinHex decoder - CVE-2009-3075: Crash in the JavaScript engine - CVE-2010-0163: Crash indexing some messages with attachments * adjust patches for new upstream - update debian/patches/18_kbsd_nspr.dpatch - update debian/patches/autoconf2.13-rerun - update debian/patches/ubuntu-mail-app-xre-name ikiwiki (2.53.5) stable-security; urgency=high * htmlscrubber: Security fix: In data:image/* uris, only allow a few whitelisted image types. No svg. imlib2 (1.4.0-1.2+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix various heap and stack in the argb, bmp, jpeg, lbm, pnm, tga and xpm loaders resulting in arbitrary code execution (CVE-2008-6079). ircd-ratbox (2.2.8.dfsg-2+lenny1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix integer underflow in clean_string() in src/irc_string.c Fixes: CVE-2009-4016 * Fix NULL pointer vulnerability in src/cache.c Fixes: CVE-2010-0300 iscsitarget (0.4.16+svn162-3.1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2010-0743: two format string vulnerabilities fixed in isns.c:302 and isns.c:690, reported by Florent Daigniere. Closes: #574935. jasper (1.900.1-5.1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix code execution via crafted JPEG2000 images (CVE-2007-2721, closes: #528543). Fix was applied in 1.900.1-3 but accidentally dropped in 1.900.1-5.1. * Correct regression in fix for CVE-2008-3521 (Closes: #506739). kdebase (4:3.5.9.dfsg.1-6+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * KDM Local Privilege Escalation Vulnerability [CVE-2010-0436] kdelibs (4:3.5.10.dfsg.1-0lenny4) stable-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2009-0689 kernel-wedge (2.53+lenny3) stable; urgency=high * Add be2net to nic-extra-modules. krb5 (1.6.dfsg.4~beta1-5lenny4) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2010-1321: GSS API null pointer dereference. kvm (72+dfsg-5~lenny5) stable-security; urgency=high * Non-maintainer upload by the Security Team. * KVM: PIT: control word is write-only (CVE-2010-0309) * KVM: emulator privilege escalation (CVE-2010-0298) * KVM: emulator privilege escalation IOPL/CPL level check (CVE-2010-0306) * KVM: Remove mv cs, and far jmp from the emulator (CVE-2010-0419) libapache-dbi-perl (1.07-1+lenny1) stable; urgency=low * Backport fix for loading of Apache::DBI via startup files from 1.08. + add backport_1.08-fix-startup.patch + Closes: #568534 -- Apache::DBI fails to load in startup scripts libapache2-mod-perl2 (2.0.4-5+lenny1) stable; urgency=high * add 100-svn-XSS-Status.patch; fixes XSS in Apache2::Status (CVE-2009-0796) Patch taken from r760926 of upstream SVN. Closes: #567635 libjavascript-perl (1.08-1+lenny1) stable; urgency=low * Steal fix_context_destruction.patch from upstream SVN. Fixes a segfault after calling non-present function. Closes: 564772 * add myself to Uploaders libjson-ruby (1.1.2-1+lenny1) stable-proposed-updates; urgency=low * Security Fix for JSON::Pure::Parser. A specially designed string could cause catastrophic backtracking in one of the parser's regular expressions. (fixed upstream in version 1.1.7) * Use the version of prototype.js from libjs-prototype. The included version had a security issue. (Closes: #555224, #555223) liblog-handler-perl (0.45-1+lenny1) stable; urgency=low * add libuniversal-require-perl to dependencies. Closes: #502853 * add myself to Uploaders libmediawiki-perl (1.13-1+lenny1) stable; urgency=low * Add support for login token. (Closes: #578691) * Remove David Paleino from Uploaders (as in 1.13-1.1). * Add myself to Uploaders. libnamespace-clean-perl (0.08-1+lenny1) stable; urgency=low * Add dependency on libscope-guard-perl (>= 0.02). (Closes: #540398) libnet-smtp-server-perl (1.1-3+lenny1) stable; urgency=low * Add dependency on libnet-dns-perl (closes: #579492). libpng (1.2.27-2+lenny3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-2042: does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file (Closes: 533676) * Fixed CVE-2010-0205: does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file (Closes: #572308) libtheora (1.0~beta3-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the security team (Closes: #572950). * Fixes potential arbitrary code execution vulnerability: CVE-2009-3389. * Fixes two other potential vulnerabilities as applied to xulrunner since version 1.9.1. libxerces2-java (2.9.1-2+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-2625: denial of service (infinite loop and application hang) via malformed XML input (Closes: #548358) libxext (2:1.0.4-2) stable; urgency=low * Cherry-pick two fixes from upstream: - Allocate the right size in XSyncListSystemCounters (http://bugs.freedesktop.org/show_bug.cgi?id=17774) - XAllocID must only be called with the Display lock held (closes: #569104) lighttpd (1.4.19-5+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix denial of service through slow short requests leading to memory exhaustion due to bad memory handling (CVE-2010-0295). linux-2.6 (2.6.26-24) stable; urgency=high [ Ben Hutchings ] * usbhid: Reduce the race condition between disconnect and ioctl (Closes: #511892) * r8169: Fix MDIO timing (Closes: #583139) * [x86] Restore automatic update of LILO on kernel installation, upgrade or removal (Closes: #505609) linux-kernel-di-alpha-2.6 (0.37lenny7) stable; urgency=low * Built against version 2.6.26-23 of linux-2.6. linux-kernel-di-amd64-2.6 (1.53lenny7) stable; urgency=low * Built against version 2.6.26-23 of linux-2.6. linux-kernel-di-arm-2.6 (1.37lenny8) stable; urgency=low * Built against version 2.6.26-23 of linux-2.6. linux-kernel-di-armel-2.6 (1.32lenny7) stable; urgency=low * Built against version 2.6.26-23 of linux-2.6. linux-kernel-di-hppa-2.6 (1.38lenny7) stable; urgency=low * Built against version 2.6.26-23 of linux-2.6. linux-kernel-di-i386-2.6 (1.76lenny7) stable; urgency=low * Built against version 2.6.26-23 of linux-2.6. linux-kernel-di-ia64-2.6 (1.42lenny7) stable; urgency=low * Built against version 2.6.26-23 of linux-2.6. linux-kernel-di-mips-2.6 (1.9lenny7) stable; urgency=low * Built against version 2.6.26-23 of linux-2.6. linux-kernel-di-mipsel-2.6 (1.8lenny7) stable; urgency=low * Built against version 2.6.26-23 of linux-2.6. linux-kernel-di-powerpc-2.6 (1.48lenny7) stable; urgency=low * Built against version 2.6.26-23 of linux-2.6. linux-kernel-di-s390-2.6 (0.37lenny7) stable; urgency=low * Built against version 2.6.26-23 of linux-2.6. linux-kernel-di-sparc-2.6 (1.41lenny7) stable; urgency=low * Built against version 2.6.26-23 of linux-2.6. linux-modules-extra-2.6 (2.6.26-6+lenny3) stable-security; urgency=high * Correct typo in version string mahara (1.0.4-4+lenny5) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix possible sql injection on generating a random user name similar to a desired one (CVE-2010-0400). maildrop (2.0.4-3+lenny3) stable-security; urgency=high * Non-maintainer upload by the security team * Fix regression in programs not invoking maildrop as root, which was introduced by the latest security update mailman (1:2.1.11-11+lenny1) stable-proposed-updates; urgency=low * Disable 32_MIME_fixup.patch. This has meanwhile been addressed differently by upstream, and now has the effect of adding a second Mime-Version header to some types of message. This in turn is a trigger to some SPAM filters to ban the message. (Closes: #581988, #310180). mediawiki (1:1.12.0-2lenny5) stable-security; urgency=high * Security upload. Fixes the following issue (CVE-2010-1150): "MediaWiki was found to be vulnerable to login CSRF. An attacker who controls a user account on the target wiki can force the victim to log in as the attacker, via a script on an external website. If the wiki is configured to allow user scripts, say with "$wgAllowUserJs = true" in LocalSettings.php, then the attacker can proceed to mount a phishing-style attack against the victim to obtain their password. moin (1.7.1-3+lenny4) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2010-0828: XSS in Despam page * TextChas: fix treatment of unknown keys moodle (1.8.2.dfsg-3+lenny3) stable-security; urgency=high [ Dan Poltawski ] * Fix multiple security issues (closes: 559531): - MSA-09-0019: SQL injection in update_record - MSA-09-0022: Multiple CSRF vunrabilities (CVE-2009-4297) - MSA-09-0023: User account disclosure in LAMS module (CVE-2009-4297) - MSA-09-0024: Insufficient access control in glossary (CVE-2009-4299) - MSA-09-0026: Invalid application access control in MNET interface (CVE-2009-4301) - MSA-09-0027: Login information can be sent unsecured even when site is configured to use SSL for logins (CVE-2009-4302) - MSA-09-0028: Multiple backup/restore related issues (CVE-2009-4303) - MSA-09-0031: SQL injection in SCORM module (CVE-2009-4305) - MSA-09-0010: Unzip binary may create symbolic links pointing outside of dataroot on unix/linux servers - MSA-09-0011: Glossary, database and forum ratings are not verified after submission [ Francois Marier ] * Update maintainer email address mpg123 (1.4.3-4lenny1) stable; urgency=medium * src/module.c: Backport upstream patch to fix regression in module loading when a libltdl with a fix for CVE-2009-3736 is in place. Closes: #572920 mplayer (1.0~rc2-17+lenny3.2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Apply upstream patch to fix integer underflow vulnerability in RTSP streaming code mysql-dfsg-5.0 (5.0.51a-24+lenny4) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2010-1626: allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command (Closes: #584400) * Fixed CVE-2010-1848: Multiple insufficient table name checks * Fixed CVE-2010-1849: DoS through oversized packets * Fixed CVE-2010-1850: Table name buffer overflow nano (2.0.7-5) stable; urgency=low * The "No me preocupa nada, como Juan sin miedo, porque nada temo" release. * Backport two minor security fixes from upcoming 2.0.10 and 2.2.4: - CVE-2010-1160: symlink attack. - CVE-2010-1161: change of ownership of arbitrary files. netpbm-free (2:10.0-12+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-4274: Stack-based buffer overflow by processing X PixMap image header fields (Closes: #569060) network-manager-applet (0.6.6-4+lenny1) stable-security; urgency=high * debian/patches/10-CVE-2009-0365.patch - SECURITY: It was discovered that NetworkManager did not properly enforce permissions when responding to dbus requests. A local user could perform dbus queries to view system and user network connection passwords and pre-shared keys. (Closes: #519801) FIXES: CVE-2009-0365 nfs-utils (1:1.1.2-6lenny2) stable; urgency=low * Update maintainers and uploaders to match unstable * Fix test for NFS kernel server support in init script (Closes: #550153) nut (2.2.2-6.5) proposed-updates; urgency=low * debian/rules: change libdir to /lib, and fix side effects (Closes: #530869) open-iscsi (2.0.870~rc3-0.4.1) stable; urgency=low * Fix CVE-2009-1297 (Closes: #547011) - thanks to Colin Watson for the patch openoffice.org (1:2.4.1+dfsg-1+lenny7) stable-security; urgency=high * pyuno.avoid.execution.for.browsing.funcs.legacy.python.diff: avoid execution of python code when browsing macros (CVE-2010-0395) openssl (0.9.8g-15+lenny7) stable-security; urgency=low * Check return type of bn_wexpand(). Fixes CVE-2009-3245 (Closes: #575433) openttd (0.6.2-1+lenny2) stable; urgency=high * Fix three security issues, patches supplied by upstream. See http://security.openttd.org/ for details. - CVE-2010-0401 (Access restriction circumvention, remote crash) - CVE-2010-0402 (Denial of service via improperly validated commands) - CVE-2010-0406 (Denial of service (server) via leaking file descriptors) otrs2 (2.2.7-2lenny3) stable-security; urgency=high * Added patch fix-sql-injection.diff, which adds missing security quoting in SQL statements. Authenticated users may become administrative privileges. This fixes CVE-2010-0438. * Change maintainer also in security upload (for further users questions). pango1.0 (1.20.5-5+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2010-0421: improper input sanitization, leading to array indexing error, in the way Pango font rendering library synthesized Glyph Definition Table (GDEF) from the font's character map and the Unicode property database. (Closes: #574021) partman-partitioning (64lenny1) stable; urgency=low * Fix display of 'BIOS boot area' option for gpt partitions. pcsc-lite (1.4.102-1+lenny1) stable-security; urgency=high * Fix CVE-2010-0407: Buffer overflow in pcscd causing denial of service and root priviledge escalation. php5 (5.2.6.dfsg.1-1+lenny8) stable-security; urgency=high * Fix CVE-2010-0397: null pointer dereference when processing invalid XML-RPC requests (Closes: #573573) phpgroupware (1:0.9.16.012+dfsg-8+lenny2) stable-security; urgency=high * Fix CVE-2010-0403, CVE-2010-0404 (CVE-2010-0403_CVE-2010-0404.diff) * Update 1:0.9.16.012+dfsg-8+lenny1 changelog to add missing CVEs not known at the time of packaging. phpmyadmin (4:2.11.8.1-5+lenny4) stable-security; urgency=high * Upload to stable to fix security issues. * Unserialize called on untrusted data [CVE-2009-4605]. * Predictable temporary file names [CVE-2008-7252]. * May create tempdir with unsafe permissions [CVE-2008-7251]. pidgin (2.4.3-4lenny7) stable-security; urgency=low * I forgot to explicitly enable the zephyr prpl (Closes: #579601) pmount (0.9.18-2+lenny1) stable-security; urgency=high * 02-fix-CVE-2010-2192.dpatch to fix a security hole, referenced as CVE-2010-2192 polipo (1.0.4-1+lenny1) stable-security; urgency=high [ Stefan Fritsch ] * Non-maintainer upload by the Security Team. * Backport various security related bug fixes from upstream git. * Fix segfault when server sends Cache-Control: max-age without a value (closes: #547047, CVE-2009-3305). [ Andreas Kirschbaum ] * Apply upstream commit to fix DoS via overly large "Content-Length" header; fixes CVE-2009-4413 (closes: #560779) poppler (0.8.7-3.1) stable-proposed-updates; urgency=high * Non-maintainer upload by the Security Team. * Fix integer overflow in SplashBitmap::SplashBitmap leading to a heap-based buffer overflow resulting in arbitrary code execution via crafted pdf files (CVE-2009-1188; Closes: #524806). postgresql-8.3 (8.3.11-0lenny1) stable-security; urgency=high * New upstream security/bug fix release: - Enforce restrictions in plperl using an opmask applied to the whole interpreter, instead of using "Safe.pm". Recent developments have convinced us that "Safe.pm" is too insecure to rely on for making plperl trustable. This change removes use of "Safe.pm" altogether, in favor of using a separate interpreter with an opcode mask that is always applied. Pleasant side effects of the change include that it is now possible to use Perl's strict pragma in a natural way in plperl, and that Perl's $a and $b variables work as expected in sort routines, and that function compilation is significantly faster. (CVE-2010-1169) - Prevent PL/Tcl from executing untrustworthy code from pltcl_modules. PL/Tcl's feature for autoloading Tcl code from a database table could be exploited for trojan-horse attacks, because there was no restriction on who could create or insert into that table. This change disables the feature unless pltcl_modules is owned by a superuser. (However, the permissions on the table are not checked, so installations that really need a less-than-secure modules table can still grant suitable privileges to trusted non-superusers.) Also, prevent loading code into the unrestricted "normal" Tcl interpreter unless we are really going to execute a pltclu function. (CVE-2010-1170) - Fix possible crash if a cache reset message is received during rebuild of a relcache entry. This error was introduced in 8.3.10 while fixing a related failure. - Apply per-function GUC settings while running the language validator for the function. This avoids failures if the function's code is invalid without the setting; an example is that SQL functions may not parse if the search_path is not correct. - Do not allow an unprivileged user to reset superuser-only parameter settings. Previously, if an unprivileged user ran ALTER USER ... RESET ALL for himself, or ALTER DATABASE ... RESET ALL for a database he owns, this would remove all special parameter settings for the user or database, even ones that are only supposed to be changeable by a superuser. Now, the "ALTER" will only remove the parameters that the user has permission to change. - Avoid possible crash during backend shutdown if shutdown occurs when a CONTEXT addition would be made to log entries. In some cases the context-printing function would fail because the current transaction had already been rolled back when it came time to print a log message. - Ensure the archiver process responds to changes in archive_command as soon as possible. - Update pl/perl's "ppport.h" for modern Perl versions. - Fix assorted memory leaks in pl/python. - Prevent infinite recursion in psql when expanding a variable that refers to itself. - Fix psql's \copy to not add spaces around a dot within \copy (select ...). Addition of spaces around the decimal point in a numeric literal would result in a syntax error. - Fix unnecessary "GIN indexes do not support whole-index scans" errors for unsatisfiable queries using "contrib/intarray" operators. - Ensure that "contrib/pgstattuple" functions respond to cancel interrupts promptly. pulseaudio (0.9.10-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-1299: insecure temporary file creation. * Added autoconf, automake, and libtool in Build-Depends to regenerate configure and auto* files at build time pyftpd (0.8.4.6+lenny1) stable-security; urgency=high * SECURITY: change default configuration - do not include any default users, disable anonymous access - CVE-2010-2073 (closes: #585776) * SECURITY: change default logging file to /dev/null - CVE-2010-2072 (closes: #585773) python-support (0.8.4lenny2) stable; urgency=low * update-python-modules: + Force umask to 022. Thanks to Matt Kraai for the patch. Closes: #567811. python2.4 (2.4.6-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the security team. * Fix two denial-of-service vulnerabilities: CVE-2009-3560 and CVE-2009-3720. (Closes: #560913) python2.5 (2.5.2-15+lenny1) stable-security; urgency=high * Non-maintainer upload by the security team. * Fix two denial-of-service vulnerabilities: CVE-2009-3560 and CVE-2009-3720. (Closes: #560912) qt4-x11 (4.4.3-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-2700: does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate. (Closes: 545793) * Fixed CVE-2009-0945: Array index error in the insertItemBefore method in WebKit (Closes: #532718) * Fixed CVE-2009-1687: The JavaScript garbage collector in WebKit does not properly handle allocation failures (Closes: #534946) * Fixed CVE-2009-1690: Use-after-free vulnerability in WebKit * Fixed CVE-2009-1698: WebKit does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument. * Fixed CVE-2009-1699: The XSL stylesheet implementation in WebKit does not properly handle XML external entities * Fixed CVE-2009-1711: WebKit does not properly initialize memory for Attr DOM objects * Fixed CVE-2009-1712: WebKit does not prevent remote loading of local Java applets. * Fixed CVE-2009-1713: The XSLT functionality in WebKit does not properly implement the document function. * Fixed CVE-2009-1725: WebKit does not properly handle numeric character references (Closes: #538347) request-tracker3.6 (3.6.7-5+lenny4) stable; urgency=low * Apply patch to possibly fix SelfService repeated login problem introduced in previous security fix samba (2:3.2.5-4lenny11) stable-proposed-updates; urgency=low * Fix memory leaks regarding trustdom passwords. Closes: #538819 sendmail (8.14.3-5+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-4565: incorrect verification of SSL certificate with NUL in name (Closes: #564581) slim (1.3.0-1+lenny2) stable; urgency=high * Fixed CVE-2009-1756 : Patch to set mcookie for xauth through a pipe instead of passing it in the command line (cf. bug #529306). debian/patches/05-xauth-cookie-through-pipe.dpatch * Patch to make the mcookie less predictible (cf. bug #529306). debian/patches/06-lesser-predictible-mcookie.dpatch * Scrot default location to /root. (cf. bug #537604). spamass-milter (0.3.1-8+lenny2) stable-security; urgency=low * Fix zombies which were happening with previous patch to fix -x due to lack of a proper call to waitpid(). (closes: #575019) squid3 (3.0.STABLE8-3+lenny3) stable-security; urgency=low * debian/patches/14-CVE-2009-2855 - Fix DoS with separators different than commas in auth headers (Ref: CVE-2009-2855) [Steffen Joeris] * Fix denial of service via invalid DNS header-only packets Fixes: CVE-2010-0308 squidguard (1.2.0-8.4+lenny1) stable-security; urgency=low * Non-maintainer upload for security issues. * Security: fix buffer overflow in sgLog.c. Fixes: CVE-2009-3700. * Security: fix buffer overflow in sgDiv.c. Fixes: CVE-2009-3700. sudo (1.6.9p17-3) stable-security; urgency=high * Patch from Moritz Muehlenhoff fixing CVE-2010-1646, in which secure path could be circumvented, closes: #585394 sun-java5 (1.5.0-22-0lenny1) stable; urgency=low * New upstream release to fix open security issues. sun-java6 (6-20-0lenny1) stable; urgency=low * New upstream release to fix open security issues. tar (1.20-1+lenny1) stable; urgency=high * back-port security issue from 1.23 as per CVE-2010-0624, that basically amounts to replacing the included rmt source with a fresher version taken from paxutils tdiary (2.2.1-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix XSS issue in tb-send.rb (Closes: #572417) Fixes: CVE-2010-0726 Thanks to Hideki Yamane texlive-bin (2007.dfsg.2-4+lenny3) stable-proposed-updates; urgency=low * Fix CVE-2010-0827: buffer overflow in dvips (virtualfont.c). * Fix CVE-2010-1440: integer overflow in dvips (dospecial.c). (that also fixes CVE-2010-0793) tla (1.3.5+dfsg-14+lenny1) stable; urgency=low * QA upload. * Fix CVE-2009-3560 and CVE-2009-3720 denial-of-services by patching bundled libexpat (closes: #560940). trac-git (0.0.20080710-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Rebuild in stable to fix dependencies. typo3-src (4.2.5-1+lenny3) stable-security; urgency=high * Added patches (backported from 4.2.12) to fix the security issues from "TYPO3-SA-2010-004: Multiple vulnerabilities in TYPO3 Core" (Closes: 571151). tzdata (2010j-0lenny1) stable; urgency=low * New upstream release. - Drop russia-2010.diff. usbutils (0.73-10lenny2) stable; urgency=low * Update usb.ids: - Fix 16c0:05dc entry. Closes: bug#582460. - Add Logitech Nano receiver (046d:c526) and fix 046d:c52b. Closes: bug#573734. * Update README.Debian to reflect the new way to submit new usb.ids entries. user-mode-linux (2.6.26-1um-2+24) stable; urgency=high * Rebuild against linux-source-2.6.26 (2.6.26-24): [Ben Hutchings] * usbhid: Reduce the race condition between disconnect and ioctl (See: #511892) * r8169: Fix MDIO timing (See: #583139) * [x86] Restore automatic update of LILO on kernel installation, upgrade or removal (See: #505609) * [sparc64] Fix definition of VMEMMAP_SIZE (See: #509202) * megaraid_sas: Version and documentation update (See: #547183) * bnx2: Fix lost MSI-X problem on 5709 NICs (See: #581001) * raid456: Fix two bugs in handling of degraded states (See: #581392) - Prevent reshaping of doubly-degraded RAID4 - Enable error-correction on singly-degraded RAID6 * r8169: fix broken register writes (See: #407217, #573007) * [i386] Disable use of NOPL instruction in alternatives (See: #463606) * virtio_blk: don't bounce highmem requests (See: #584217) [ dann frazier ] * x86: check boundary in setup_node_bootmem() (See: 569704) * sunxvr500: Ignore secondary output PCI devices (See: #580422) * sctp: fix append error cause to ERROR chunk correctly (a further fix for CVE-2010-1173) * nsfd: fix vm overcommit crash (CVE-2008-7256, CVE-2010-1643) * GFS2: Fix permissions checking for setflags ioctl() (CVE-2010-1641) * GFS2: Fix writing to non-page aligned gfs2_quota structures (CVE-2010-1436) [ maximilian attems ] * openvz: printk_cpu have to be "cleared" in __vprintk (v2) (see: #573460) * openvz: Fix "Bad throughput of TCP connection after live migration" (see: #500145) * ub: incorrect skb is charged in tcp_send_synack. [ Aurelien Jarno ] * mips/swarm: fix boot from IDE based media (Sebastian Andrzej Siewior) (see: #466977). * backport mips/swarm: fix M3 TLB exception handler. * backport MIPS FPU emulator: allow Cause bits of FCSR to be writeable by ctc1. (see: #580602). wireshark (1.0.2-3+lenny8) stable-security; urgency=high * security fixes from Wireshark 1.0.11: - The SMB and SMB2 dissector could crash. (CVE-2009-4377) - Babi discovered several buffer overflows in the LWRES dissector. wordpress (2.5.1-11+lenny3) stable; urgency=low * [3c05401] Fixed CVE-2009-3622: Strip commas and spaces from charset. xerces-c2 (2.8.0-3+lenny1) stable; urgency=low * Apply patch to correct CVE-2009-1885: DoS attack from nested DTDs. xmonad-contrib (0.7-3) stable; urgency=low * Make xmonad-contrib installable again by relaxing source and binary dependencies for xmonad to allow for 0.7-2 _and_ 0.7-2+b1 (Closes: #567667) xpdf (3.02-1.4+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixes multiple security issues (Closes: #551287): - CVE-2009-1188 and CVE-2009-3603: Integer overflow in SplashBitmap::SplashBitmap which might allow remote attackers to execute arbitrary code or an application crash via a crafted PDF document. - CVE-2009-3604: NULL pointer dereference or heap-based buffer overflow in Splash::drawImage which might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. - CVE-2009-3606: Integer overflow in the PSOutputDev::doImageL1Sep which might allow remote attackers to execute arbitrary code via a crafted PDF document. - CVE-2009-3608: Integer overflow in the ObjectStream::ObjectStream which might allow remote attackers to execute arbitrary code via a crafted PDF document. - CVE-2009-3609: Integer overflow in the ImageStream::ImageStream which might allow remote attackers to cause a denial of service via a crafted PDF document. xserver-xorg-input-elographics (1:1.2.1-2) stable; urgency=low * Apply two fixes from upstream: - WaitForInput before trying to xf86EloGetPacket. - Don't convert coordinates for servers 1.4 and above. This should prevent the X server from getting stuck when using the touchscreen (closes: #523749). xserver-xorg-video-intel (2:2.3.2-2+lenny7) stable; urgency=low * Backport from upstream git support for SDVO LVDS outputs, as found on asus eeetop (ET1602). Thanks to Eric Estievenart for the patch (closes: #520018). xulrunner (1.9.0.19-1) stable-security; urgency=low * New upstream release. * Fixes mfsa-2010-{16-21}, also known as CVE-2010-0174, CVE-2010-0175, CVE-2010-0176, CVE-2010-0177, CVE-2010-0178, CVE-2010-0179. * modules/libpr0n/decoders/png/nsPNGDecoder.cpp: Fix breakage with png decoder update in 1.9.0.19. zonecheck (2.0.4-13lenny1) stable-security; urgency=high * Fixed CVE-2010-2052: XSS security bug in the CGI (Debian bug #583290). ========================================= Fri, 29 Jan 2010 - Debian 5.0.4 released ========================================= ========================================================================= [Date: Fri, 29 Jan 2010 19:52:32 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: destar | 0.2.2-5.2 | source, all Closed bugs: 547358 ------------------- Reason ------------------- RoRT; destar/stable -- security issues, abandoned upstream, unmaintained ---------------------------------------------- ========================================================================= ========================================================================= [Date: Fri, 29 Jan 2010 19:54:14 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: electricsheep | 2.6.8-9 | source, alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc Closed bugs: 554447 ------------------- Reason ------------------- RoRT; electricsheep/stable -- unmaintained and broken in lenny ---------------------------------------------- ========================================================================= ========================================================================= [Date: Fri, 29 Jan 2010 19:55:46 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: gnudip | 2.1.1-4.1 | source, all Closed bugs: 556982 ------------------- Reason ------------------- RoRT; gnudip/stable dead upstream, security-buggy, unmaintained ---------------------------------------------- ========================================================================= ========================================================================= [Date: Fri, 29 Jan 2010 19:56:27 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: kcheckgmail | 0.5.7.7-1 | source, alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc Closed bugs: 566886 ------------------- Reason ------------------- RoRT; kcheckgmail/stable -- broken due to gmail changes ---------------------------------------------- ========================================================================= ========================================================================= [Date: Fri, 29 Jan 2010 19:57:01 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: libgnucrypto-java | 2.1.0-2 | source, all Closed bugs: 566503 ------------------- Reason ------------------- RoRT; libgnucrypto-java/stable -- RoM; security issue, no rdeps, low popcon ---------------------------------------------- ========================================================================= ========================================================================= [Date: Fri, 29 Jan 2010 19:59:07 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: libclass-dbi-loader-relationship-perl | 1.3-1 | source, all libmaypole-perl | 2.11+2.111-2 | all libmaypole-plugin-authentication-usersessioncookie-perl | 1.8-3 | all libmaypole-plugin-upload-perl | 0.02-4 | all maypole | 2.11+2.111-2 | source maypole-authentication-usersessioncookie | 1.8-3 | source maypole-plugin-upload | 0.02-4 | source memories | 1.2-5 | source, all Closed bugs: 566269 ------------------- Reason ------------------- RoRT; libclass-dbi-loader-relationship-perl/stable -- License problems ---------------------------------------------- ========================================================================= mimetex (1.50-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * mimetex.c: replace strcpy with strninit macro that uses strncpy, adjust some buffer sizes. (CVE-2009-1382) * mimetex.c: disable input and counter tags. (CVE-2009-2459) Thanks to Marc Deslauriers (Closes: 537254) acpid (1.0.8-1lenny2) stable-security; urgency=high * Correct permissions that were incorrectly set by very old acpid versions. This fixes CVE-2009-4235. spamassassin (3.2.5-2+lenny2) stable; urgency=high * Fix FH_DATE_PAST_20XX so dates in 2010 aren't considered "grossly in the future" * Fix a bunch of spelling errors the documentation. totem (2.22.2-6) stable; urgency=low * 30_fix_youtube_plugin.patch: update patch according to recent upstream changes. This matches the change on the server side and makes the plugin functional again. wxwidgets2.8 (2.8.7.1-1.1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * debian/patches/CVE-2009-2369.dpatch: Fixed Integer overflow in the wxImage::Create function (CVE-2009-2369) (Closes: #537174) gchempaint (0.8.7-2+lenny1) stable; urgency=low * Upload to stable to fix a segmentation fault. * debian/patches/536080_fix_segmentation_fault.dpatch: Added. - lib/theme.cc: Call g_type_init() in the constructor and fix a segmentation fault (closes: #536080). lintian (1.24.2.1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * checks/{control-files,files,menu-format,menus}: + [RG] Fix CVE-2009-4014: format string vulnerabilities * checks/{fields,patch-systems}: + [RG] Fix CVE-2009-4013: missing control files sanitation * checks/{files,patch-systems}: + [RG] Fix CVE-2009-4015: arbitrary command execution * collection/objdump-info: + [RG] Fix CVE-2009-4015: arbitrary command execution * collection/source-control-file: + [RG] Fix CVE-2009-4013: missing control files sanitation * frontend/lintian: + [RG] Fix CVE-2009-4013: missing control files sanitation + [RG] Fix CVE-2009-4014: format string vulnerabilities * lib/Util: + [RG] Fix CVE-2009-4015: arbitrary command execution * unpack/unpack-{bin,src}pkg-l1: + [RG] Fix CVE-2009-4013: missing control files sanitation iceweasel (3.0.6-3) stable-security; urgency=high * Fixes mfsa-2009-51, also known as CVE-2009-3079. xml-security-c (1.4.0-3+lenny2) stable-security; urgency=high * Bump version number to correct the upload queue. No source changes. mahara (1.0.4-4+lenny4) stable-security; urgency=high * Fix privilege escalation for institution admins (CVE-2009-3298) * Fix XSS vulnerability in the resume blocktype (CVE-2009-3299) wxwidgets2.6 (2.6.3.2.2-3+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed Integer overflow in the wxImage::Create function. (CVE-2009-2369) (Closes: #537174) openttd (0.6.2-1+lenny1) stable; urgency=low * Backport upstream r18462 to fix remote crash vulnerability CVE-2009-4007. camlimages (1:2.2.0-4+lenny3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Expand patch to also cover integer overflows in tiffread.c and update last security patch Fixes: CVE-2009-3296 firebird2.0 (2.0.4.13130-1.ds1-4+lenny1) stable; urgency=high * add patch from upstream CVS fixing denial of service via a malformed op_connect_request message (CVE-2009-2620). Closes: #539477 debian-installer (20090123lenny6) stable; urgency=low [ Frans Pop ] * gen-sources.list.udeb: allow for multiple spaces and tabs in a source line. [ dann frazier ] * Rebuild to incorporate linux-kernel-di packages based upon linux-2.6 2.6.26-21 apache2 (2.2.9-10+lenny6) stable-security; urgency=high * Security: - Reject any client-initiated SSL/TLS renegotiations. This is a partial fix for the TLS renegotiation prefix injection attack (CVE-2009-3555). Any configuration which requires renegotiation for per-directory/location access control or uses "SSLVerifyClient optional" is still vulnerable. user-mode-linux (2.6.26-1um-2+21) stable; urgency=high * Rebuild against linux-source-2.6.26 (2.6.26-21): [ Ben Hutchings ] * Fix false soft lockup reports for the nohz idle loop * nohz: Fix two bugs that can keep a processor idle and lead to a system hang (may fix #496917, #538158 and others) * usbmidi: Fix crash when device is disconnected (Closes: #513050) * r8169: Apply various upstream bug fixes * r8169: Add support for RTL8101e (v2), RTL8102e (v1,v2,v3), RTL8168c/8111c (v3,v4), RTL8168cp/8111cp (v2,v3), RTL8168d (v1) (Closes: #552465; may fix #516187) * Revert patch to sanitise , which introduced different build failures * usbnet: Set link down initially for drivers that update link state (Closes: #444043) * atl1e: Remove broken implementation of TSO for TCP/IPv6 (Closes: #558426) and allow other hardware offloads to be disabled in case they are also buggy [ dann frazier ] * floppy: request and release only the ports we actually use (Closes: #332942) * igb: Add 82576 MAC support (Closes: #522922), backport by Ben Hutchings * [SCSI] gdth: Prevent negative offsets in ioctl (CVE-2009-3080) * NFSv4: Fix a problem whereby a buggy server can oops the kernel (CVE-2009-3726) * [SCSI] megaraid_sas: remove sysfs dbg_lvl world writeable permissions (CVE-2009-3889) * isdn: hfc_usb: Fix read buffer overflow (CVE-2009-4005) * fuse: prevent fuse_put_request on invalid pointer (CVE-2009-4021) * hpilo: new PCI ID (Closes: #559064) * Avoid /proc/$pid/maps visibility during initial setuid ELF loading (CVE-2009-2691) * hfs: fix a potential buffer overflow (CVE-2009-4020) * KVM: x86 emulator: limit instructions to 15 bytes (CVE-2009-4031) * firewire: ohci: handle receive packets with a data length of zero (CVE-2009-4138) * ext4: Avoid null pointer dereference when decoding EROFS w/o a journal (CVE-2009-4308) * s390: dasd diag - add support for read-only minidisks (Closes: #550898) consolekit (0.2.10-5+lenny2) stable-proposed-updates; urgency=low * debian/pam-foreground-compat.ck - Don't create tag files for remote users. (Closes: #547347) gst-plugins-good0.10 (0.10.8-4.1~lenny2) stable-security; urgency=high * Non-maintainer upload by the security team * Fix multiple integer overflows in ext/libpng/gstpngdec.c (Closes: #531631, #532352) Fixes: CVE-2009-1932 strongswan (4.2.4-5+lenny3) stable-security; urgency=high Applied ASN.1 and other security fixes from upstream: * Fixes a Denial-of-Service vulnerability where receiving a malformed IKE_AUTH request with either a missing TSi or TSr traffic selector payload causes a crash of the IKEv2 charon while dereferencing a NULL pointer because the NULL pointer checks of TSi and TSr before destruction were erroneously swapped. * The RDN parser vulnerability discovered by Orange Labs research team was not completely fixed in version 4.2.16. Some more modifications had to be applied to the asn1_length() function. * Applying their fuzzing tool, the Orange Labs vulnerability research team found a Denial-of-Service vulnerability in the parsing of ASN.1 Relative Distinguished Names (RDNs). Malformed X.509 certificate RDNs can cause the pluto and charon IKE daemons to crash and restart. * Applying their fuzzing tool, the Orange Labs vulnerability research team found a Denial-of-Service vulnerability in the parsing of ASN.1 UTCTIME and GENERALIZEDTIME strings. Malformed X.509 certificate time strings can cause the pluto and charon IKE daemons to crash and restart. * Fixes a Denial-of-Service vulnerability where receiving a malformed IKE_SA_INIT request leaves an incomplete state which causes a crash of the IKEv2 charon while dereferencing a NULL pointer if a subsequent CREATE_CHILD_SA is received. linux-kernel-di-hppa-2.6 (1.38lenny6) stable; urgency=low * Built against version 2.6.26-21 of linux-2.6. horde3 (3.2.2+debian0-2+lenny2) stable-security; urgency=high * Non-maintainer upload by the security team * Fix several cross-site scripting vulnerabilities via crafted number preferences or inline MIME text parts when using text/plain as MIME type (horde ticket #8311 and #8399) (Issue was fixed in the previous version, but adjusting the conffile was missing) Fixes: CVE-2009-3237 * Fix cross-site scripting vulnerability via data:text/html values in an HTML email message (horde ticket #8715) Fixes: CVE-2009-4363 * Fix several cross-site scripting vulnerabilities via the PATH_INFO variable due to use of the PHP_SELF variable Fixes: CVE-2009-3701 partman-auto-crypto (11lenny1) stable; urgency=low * Backport from trunk. * Invoke clean_method early so that existing swap partitions get untagged as such to avoid triggering unsafe_swap while preparing LVM. Closes: #564718. killer (0.90-7~lenny1) stable; urgency=low * Upload to stable. linux-kernel-di-armel-2.6 (1.32lenny6) stable; urgency=low * Built against version 2.6.26-21 of linux-2.6. firefox-sage (1.4.2-0.1+lenny1) stable-security; urgency=high * Fix two security bugs: - Setting urgency=high, this vulnerability allowed remote exploitation, without any user interaction. - CVE-2009-4102 Cross Domain Scripting vulnerability. Don't trust HTML in titles, descriptions. Don't allow 'strange' (i.e. javascript:, data:) URLs in Links. - CVE-2006-4712 (Regression), some of the old test cases no longer passed due to problem with htmlToText. - Closes: #559267 * Targeted review of a number of other potential weak points. nginx (0.6.32-3+lenny3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix remote denial of service (segmentation fault): Null pointer dereference if request ends on buffer boundary. Closes: #552035 gnome-system-tools (2.22.0-4) stable; urgency=low * Backport a pair of RC bug fixes. + 26_users_home_dir.patch: patch from Ubuntu to allow changing root properties without making /home/root the new home directory. Closes: #488252. + 85_users_fix_add_group.patch: patch from Ubuntu to always allow to create groups. Closes: #488249. cacti (0.8.7b-2.1+lenny1) stable-security; urgency=high * Non-maintainer upload by the securiy team * Fix several cross-site scriptings via different vectors Fixes: CVE-2009-4032 fam (2.7.0-13.3+lenny1) stable; urgency=low * Link famd against librt and libpthread to solve 100% CPU usage problem; suggested by Wil Evers on the fam mailing list (http://oss.sgi.com/projects/fam/mail_archive/200301/msg00011.html). Patch backported from 2.7.0-14 (Closes: #252896, #500387, #501081) shadow (1:4.1.1-6+lenny1) stable-proposed-updates; urgency=low * The "Soumaintrain" release. * debian/patches/306_long_group_lines: Fix handling of long lines in the user or group files. Closes: #552006 pygresql (1:3.8.1-3+lenny1) stable-security; urgency=high * Non-maintainer upload by the security team * Add functions pg_escape_string and pg_escape_bytea for proper escaping Fixes: CVE-2009-2940 pyenchant (1.4.2-3+lenny1) stable; urgency=low * Fix a typo in enchant.checker.add_to_personal() (thanks to Tapio Lehtonen for the patch) nspr (4.7.1-5) stable-security; urgency=low * debian/patches/82_CVE-2009-1563.dpatch: Fix for CVE-2009-1563 aka mfsa-2009-59. * debian/patches/83_CVE-2009-2463.dpatch: Fix for CVE-2009-2463 aka mfsa-2009-34. * debian/patches/84_PR_FormatTime.dpatch: Fixed size buffers used with PR_FormatTime can be too small. * debian/patches/00list: Add these patches. transmission (1.22-1+lenny2) stable-security; urgency=high * Fix CVE-2010-0012 dbus (1.2.1-5+lenny1) stable-security; urgency=high * debian/patches/52-CVE-2009-1189.patch - Security: The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE-2008-3834 Closes: #532720 Fixes: CVE-2009-1189 * Urgency high for the security fix. icu (3.8.1-3+lenny2) stable-security; urgency=high * Apply patch CVE-2009-0153.patch to fix problem handling invalid byte sequences during Unicode conversion. Thanks to Red Hat for backporting the patch to ICU version 3.8.1. Applying this patch to the debian package required pulling in three additional Red Hat patches for tickets 5797, 6001, and 6002 in ICU's issue tracking system as well as adjusting offsets in CVE-2008-1036.patch. (Closes: #534590) libvorbis (1.2.0.dfsg-3.1+lenny1) stable-security; urgency=high [ Peter Samuelson ] * Fix CVE-2009-2663: two bugs in libvorbis that allowed a crafted ogg file to corrupt memory. (Closes: #540958) [ Giuseppe Iuculano ] * Fixed CVE-2009-3379: A crafted ogg file could cause an application using libvorbis to crash or, possibly, execute arbitrary code when opened. aria2 (0.14.0-1+lenny1) stable-security; urgency=high * Security upload. * src/DHTRoutingTableDeserializer.cc, src/array_fun.h: + Fixed buffer overflow which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. Many thanks to Tatsuhiro Tsujikawa for patch and Steffen Joeris for help. CVE-2009-3575 (Closes: #551070) drupal6 (6.6-3lenny4) stable-proposed-updates; urgency=low [ Luigi Gangitano ] * debian/patches/18_SA-CORE-2009-009 - Fix XSS issues in Contact and Menu modules (Closes: #562165) (Ref: SA-CORE-2009-009, CVE-2009-4369, CVE-2009-4370, CVE-2009-4371) linux-2.6 (2.6.26-21) stable; urgency=high [ Ben Hutchings ] * Fix false soft lockup reports for the nohz idle loop * nohz: Fix two bugs that can keep a processor idle and lead to a system hang (may fix #496917, #538158 and others) * usbmidi: Fix crash when device is disconnected (Closes: #513050) * r8169: Apply various upstream bug fixes * r8169: Add support for RTL8101e (v2), RTL8102e (v1,v2,v3), RTL8168c/8111c (v3,v4), RTL8168cp/8111cp (v2,v3), RTL8168d (v1) (Closes: #552465; may fix #516187) * Revert patch to sanitise , which introduced different build failures * usbnet: Set link down initially for drivers that update link state (Closes: #444043) * atl1e: Remove broken implementation of TSO for TCP/IPv6 (Closes: #558426) and allow other hardware offloads to be disabled in case they are also buggy [ dann frazier ] * floppy: request and release only the ports we actually use (Closes: #332942) * igb: Add 82576 MAC support (Closes: #522922), backport by Ben Hutchings * [SCSI] gdth: Prevent negative offsets in ioctl (CVE-2009-3080) * NFSv4: Fix a problem whereby a buggy server can oops the kernel (CVE-2009-3726) * [SCSI] megaraid_sas: remove sysfs dbg_lvl world writeable permissions (CVE-2009-3889) * isdn: hfc_usb: Fix read buffer overflow (CVE-2009-4005) * fuse: prevent fuse_put_request on invalid pointer (CVE-2009-4021) * hpilo: new PCI ID (Closes: #559064) * Avoid /proc/$pid/maps visibility during initial setuid ELF loading (CVE-2009-2691) * hfs: fix a potential buffer overflow (CVE-2009-4020) * KVM: x86 emulator: limit instructions to 15 bytes (CVE-2009-4031) * firewire: ohci: handle receive packets with a data length of zero (CVE-2009-4138) * ext4: Avoid null pointer dereference when decoding EROFS w/o a journal (CVE-2009-4308) * s390: dasd diag - add support for read-only minidisks (Closes: #550898) silc-toolkit (1.1.7-2+lenny1) stable-security; urgency=high * Backport upstream security fixes: - [ebfe5dc] ASN1: Fix stack variable overwrite when encoding OID - [b2b91b0] HTTP: fix stack overwrite due to format string error - [1598b3a] Fixed string format vulnerability in client entry handling - [8cb801c] More string format fixes in silcd and client libary vpb-driver (4.2.38.1-1) stable; urgency=low * Backport the cardcount initialisation fix from 4.2.44 for Lenny. openoffice.org (1:2.4.1+dfsg-1+lenny3) stable-security; urgency=high * rebuild to get correct $LANGPACKISOS in e.g. broffice.org... dokuwiki (0.0.20080505-4+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2010-0287, CVE-2010-0288, CVE-2010-0289 (Closes: #565406) ganeti (1.2.6-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2009-4261: Add missing validation of script name. gdebi (0.3.11debian1+nmu1+lenny1) stable; urgency=low * GDebi/GDebi.py: + Do not pass --always-ask-pass to gksu, this option is not currently supported in Debian gksu package (Closes: #493352). alien-arena (7.0-1+lenny1) stable-proposed-updates; urgency=low * Non-maintainer upload by the security team. * Fixes remote arbitrary code execution, CVE-2009-3637 (closes: #552038). texlive-bin (2007.dfsg.2-4+lenny2) stable-proposed-updates; urgency=low * Patch for CVE-2009-1284 by Karl Berry (Closes: #520920) http://tug.org/mailman/htdig/tex-live/2009-August/021998.html [hilmar-guest] geneweb (5.01-8lenny1) stable-proposed-updates; urgency=low * Better deal with databases containing whitespaces in postinst script. Thanks to Christian Gennerat for reporting this privately. Closes: #562147, #559411 libdbd-pg-perl (2.8.7-1+lenny1) stable; urgency=low * Upload to stable-proposed-updates. * Add patch to fix problem with high bit characters; thanks to Bryce Nesbitt for bug report, tests and the final patch (closes: #554489). fckeditor (1:2.6.2-1lenny1) stable-security; urgency=high * Backporting fix from version 2.6.2.1 for remote file upload vulnerability [CVE 2009-2265] (Closes: #536051) unbound (1.0.2-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix CVE-2009-3602 kolab-cyrus-imapd (2.2.13-5+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * sieve/bc_eval.c: Use snprintf to avoid buffer overruns cyrus-imapd-2.2 (2.2.13-14+lenny3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * sieve/bc_eval.c: Use snprintf to avoid buffer overruns glibc (2.7-18lenny1) stable; urgency=low * patches/any/cvs-realloc.diff: fix bug in realloc() when enlarging a memory allocation. Closes: bug#550625. poppler (0.8.7-3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix CVE-2009-3603 to CVE-2009-3609, CVE-2009-0755. Based on patches by Marc Deslauriers * Fix CVE-2009-3938 backuppc (3.1.0-4lenny3) stable-proposed-updates; urgency=high * Better fix for the "alias" security hole. Closes: #542218 gnutls26 (2.4.2-6+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-2730: a vulnerability related to NUL bytes in X.509 certificate name fields. (Closes: #541439) GNUTLS-SA-2009-4 pdns-recursor (3.1.7-1+lenny1) stable-security; urgency=high * Apply patches by Bert Hubert to fix buffer overflow (CVE-2009-4009) and cache poisoning (CVE-2009-4010). wireshark (1.0.2-3+lenny7) stable-security; urgency=high * security fixes from Wireshark 1.0.10: - The RADIUS dissector could crash. (CVE-CVE-2009-2560) - The DCERPC/NT dissector could crash. (CVE-2009-3550) * security fixes from Wireshark 1.2.2: - Integer overflow in wiretap/erf.c. (CVE-2009-3829) libhtml-parser-perl (3.56-1+lenny1) stable-security; urgency=high * Fix decode_entities which can be confused by trailing incomplete entity and leading to potential DoS attacks - CVE-2009-3627 (Closes: #552531). linux-kernel-di-amd64-2.6 (1.53lenny6) stable; urgency=low * Built against version 2.6.26-21 of linux-2.6. ntp (1:4.2.4p4+dfsg-8lenny3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Do not acknowledge incorrect mode 7 requests or mode 7 error responses anymore as well as adding a wait timer for logging as this might result in severe DoS and request/response ping-pong on spoofed source addresses (CVE-2009-3563). pidgin (2.4.3-4lenny5) stable-security; urgency=medium * Non-maintainer upload by the Security Team. * Fix CVE-2009-3615 clock-setup (0.97lenny1) stable; urgency=low * Merged from trunk. - If the current system date is before the epoch, rdate fails to set it to the date obtained using NTP (#502336). Work around this by setting the date to the epoch (1-1-1970) if the current date is smaller, before calling rdate. Closes: #548128. shibboleth-sp (1.3.1.dfsg1-3+lenny2) stable-security; urgency=high * SECURITY: Fix improper handling of URLs that could be abused for script injection and other cross-site scripting attacks. (CVE-2009-3300) * Fix build dependency to force libxml-security-c-dev 1.3 or later. This is not strictly required for lenny since lenny shipped with 1.4, but helps backports to etch. samba (2:3.2.5-4lenny8) stable-proposed-updates; urgency=low * Fix regression in name mangling. Only short filenames were hashed, not long ones when using "mangling method = hash". Closes: #561545 * Fix mangling of file or directory names that contain dots. This bug was revealed when fixing #561545 qcontrol (0.4.2-1lenny1) stable; urgency=low * udev (0.125-7+lenny3) no longer creates the persistent device needed by qcontrol. Add a custom udev rule to create it. Closes: #545801. planet-venus (0~bzr95-2+lenny1) stable; urgency=high [ Runa Sandvik ] * Added patch from Steve Kemp to escape input feeds (Closes: #546179) [CVE-2009-2937] [ Piotr Ożarowski ] * Upload (as PAPT member) linux-kernel-di-mipsel-2.6 (1.8lenny6) stable; urgency=low * Built against version 2.6.26-21 of linux-2.6. wget (1.11.4-2+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2009-3490: Fixed incorrect verification of SSL certificate with NUL in name (Closes: #549293) xfs (1:1.0.8-2.2+lenny1) stable-proposed-updates; urgency=high * Unsafe /tmp usage fixed in the init script. Closes: #521107. mysql-ocaml (1.0.4-4+lenny1) stable-security; urgency=high * Non-maintainer upload to fix a security bug. * Add a patch to add a binding to mysql_real_escape whose name is real_escape (CVE-2009-2942). roundup (1.4.4-4+lenny1.1) stable; urgency=high * Non-maintainer upload * Fix pagination broken by security fix. Patch by Sebastian Harl (closes: #523516) kazehakase (0.5.4-2.2+lenny1) stable-security; urgency=medium * debian/patches/CVE-2007-1084.dpatch: New; disallow adding bookmarks with data:/javascript: URIs (CVE-2007-1084, Closes: #556271). * debian/patches/00list: Update. postgresql-8.3 (8.3.9-0lenny1) stable-security; urgency=high * New upstream security/bug fix release: - Protect against indirect security threats caused by index functions changing session-local state. This change prevents allegedly-immutable index functions from possibly subverting a superuser's session (CVE-2009-4136). - Reject SSL certificates containing an embedded null byte in the common name (CN) field. This prevents unintended matching of a certificate to a server or client name during SSL validation (CVE-2009-4034). - Fix possible crash during backend-startup-time cache initialization. - Avoid crash on empty thesaurus dictionary. - Prevent signals from interrupting VACUUM at unsafe times. - Fix possible crash due to integer overflow in hash table size calculation. - Fix very rare crash in inet/cidr comparisons. - Ensure that shared tuple-level locks held by prepared transactions are not ignored. - Fix premature drop of temporary files used for a cursor that is accessed within a subtransaction. - Fix memory leak in syslogger process when rotating to a new CSV logfile. - Fix incorrect logic for GiST index page splits, when the split depends on a non-first column of the index. - Don't error out if recycling or removing an old WAL file fails at the end of checkpoint. It's better to treat the problem as non-fatal and allow the checkpoint to complete. Future checkpoints will retry the removal. Such problems are not expected in normal operation, but have been seen to be caused by misdesigned Windows anti-virus and backup software. - Fix PAM password processing to be more robust. - Raise the maximum authentication token (Kerberos ticket) size in GSSAPI and SSPI authentication methods. While the old 2000-byte limit was more than enough for Unix Kerberos implementations, tickets issued by Windows Domain Controllers can be much larger. - Re-enable collection of access statistics for sequences. This used to work but was broken in 8.3. - Fix processing of ownership dependencies during CREATE OR REPLACE FUNCTION. - Fix incorrect handling of WHERE "x"="x" conditions. In some cases these could get ignored as redundant, but they aren't -- they're equivalent to "x" IS NOT NULL. - Make text search parser accept underscores in XML attributes. - Fix encoding handling in xml binary input. If the XML header doesn't specify an encoding, we now assume UTF-8 by default; the previous handling was inconsistent. - Fix bug with calling plperl from plperlu or vice versa. - Fix session-lifespan memory leak when a PL/Perl function is redefined. - Ensure that Perl arrays are properly converted to PostgreSQL arrays when returned by a set-returning PL/Perl function. - Fix rare crash in exception processing in PL/Python. - Make the postmaster ignore any application_name parameter in connection request packets, to improve compatibility with future libpq versions. php-net-ping (2.4.2-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. Fixes: * CVE-2009-4024: Arbitrary command execution vulnerability. * CVE id pending: argument injection vulnerability. openssl (0.9.8g-15+lenny6) stable-security; urgency=low * Clean up zlib state so that it will be reinitialized on next use and not cause a memory leak. (CVE-2009-4355) ghc6 (6.8.2dfsg1-1.1) stable; urgency=low * Non-maintainer upload. * Fix "Jumps up to 100% processor load" Backport patch from GHC 6.10.2 which fix an extremely subtle deadlock bug on x86_64. (Closes: #554069) amarok (1.4.10-2lenny1) stable; urgency=low * Fix Wikipedia tab (patch 22_fix_wikipedia_tab.diff) (Closes: #512847). choose-mirror (2.28lenny5) stable; urgency=low * Fix inconsistency between network- and CD-based installs by always cross-validating Release files to ensure identical behavior during apt-setup. kdegraphics (4:3.5.9-3+lenny2) stable-security; urgency=high * Non-maintainer upload. * Fixed CVE-2009-0945: Null-pointer dereference due to an array index error was found in the KDE KSVG SVGList interface implementation. A remote attacker could create a specially-crafted SVG image, which once opened by an unsuspecting user, would cause memory corruption leading to a denial of service (Konqueror crash). (Closes: #534918) * Fixed CVE-2009-1709: A pointer use-after-free flaw was found in the KDE's KSVG Scalable Vector Graphics (SVG) animation element implementation. A remote attacker could use this flaw to cause a denial of service (konqueror crash) or, potentially, execute arbitrary code, with the privileges of the user running "konqueror" web browser, if the victim was tricked to open a specially-crafted SVG image. (Closes: #534951) movabletype-opensource (4.2.3-1+lenny1) stable; urgency=low * Don't allow any access to mt-wizard.cgi by default as it shouldn't normally be needed and presents an unnecessary security exposure (closes: #537935) postgresql-ocaml (1.7.0-3+lenny1) stable-security; urgency=low * Add connection-aware escaping functions which can access character encoding information and avoid SQL injection attacks based on the choice specific encodings (CVE-2009-2943). openswan (1:2.4.12+dfsg-1.3+lenny2) stable-security; urgency=high Maintainer-prepared security fix, using patch from Giuseppe Iuculano (many thanks for preparing it!): * Fix ASN.1 parser bug that allows remote attackers to cause a DoS via an X.509 certificate with crafted Relative Distinguished Names (RDNs), a crafted UTCTIME string, or a crafted GENERALIZEDTIME string. 04-CVE-2009-2185.dpatch also cherry-picks commit 483f6bfd4a1b9e900cb352bb4214ec1ce20016b7 from the openswan-2 git to complete the CVE fix. Fixes: CVE-2009-2185 Closes: #533837: two denial of service vulnerabilities * Added patch to fix KLIPS compilation for kernel 2.6.26. Thanks to Harald Jenny for providing this patch! Closes: #522112: openswan-modules-source: Fails to build with kernel 2.6.26 libgd2 (2.0.36~rc1~dfsg-3+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-3546: possible buffer overflow or buffer over-read attacks via crafted files (Closes: #552534) phpmyadmin (4:2.11.8.1-5+lenny3) stable-security; urgency=low * Correct some documentation issues of new script. phpmyadmin (4:2.11.8.1-5+lenny2) stable-security; urgency=high * Upload to stable to fix security issues. * Fixes XSS and SQL injection (Closes: #552194). [PMASA-2009-6, CVE-2009-3696, CVE-2009-3697] * Allow saving of configuration from setup script only after explicit action from administrator (Closes: #535044, #543460). xscreensaver (5.05-3+lenny1) stable-proposed-updates; urgency=high * Non-maintainer upload by the security team. * Fix local screen lock bypass vulnerability. (Closes: #539699) tiff (3.8.2-11.2) stable-security; urgency=high * Revised patch for CVE-2009-2347, new patch for CVE-2009-2285 phpldapadmin (1.1.0.5-6+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-4427: Local file inclusion vulnerability (Closes: #561975) smarty (2.6.20-1.2) stable-security; urgency=high * Non-maintainer upload for security issues. * CVE-2008-4810: Expand_quoted_text security bypass (closes: #504328). * CVE-2009-1669: Shell execution via math function (closes: #529810). libwmf (0.2.8.4-6+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix use-after-free in embedded copy of gd enabling an attacker to do DoS attacks or execute arbitrary code via a crafted wmf file (CVE-2009-1364; Closes: #526434). linux-kernel-di-ia64-2.6 (1.42lenny6) stable; urgency=low * Built against version 2.6.26-21 of linux-2.6. linux-kernel-di-mips-2.6 (1.9lenny6) stable; urgency=low * Built against version 2.6.26-21 of linux-2.6. watchdog (5.4-10lenny2) stable-proposed-updates; urgency=high * Also backported fix to other init script, that appears to be used more than expected. linux-kernel-di-i386-2.6 (1.76lenny6) stable; urgency=low * Built against version 2.6.26-21 of linux-2.6. cups (1.3.8-1+lenny7) stable-security; urgency=high * Non-maintainer upload by the security team * Fix several XSS issues in the CUPS admin web interface Fixes: CVE-2009-2820 Thanks to Aaron Sigel and Marc Deslauriers libcgi-pm-perl (3.38-2lenny1) stable; urgency=low * Fix unwanted ISO-8859-1 -> UTF-8 conversion in CGI::Util::escape(). (Closes: #555733) kde4libs (4:4.1.0-3+lenny1) stable-security; urgency=high * Non-maintainer upload. * Fixed CVE-2009-1687: An integer overflow, leading to heap-based buffer overflow was found in the KDE implementation of garbage collector for the JavaScript language (KJS). * Fixed CVE-2009-1690: KDE HTML parser incorrectly handled content, forming the HTML page element. A remote attacker could use this flaw to cause a denial of service (konqueror crash) or, potentially, execute arbitrary code, with the privileges of the user running "konqueror" web browser, if the victim was tricked to open a specially-crafted HTML page. (Closes: #534949) * Fixed CVE-2009-1698: KDE's Cascading Style Sheets (CSS) parser incorrectly handled content, forming the value of CSS "style" attribute. A remote attacker could use this flaw to cause a denial of service (konqueror crash) or potentially execute arbitrary code with the privileges of the user running "konqueror" web browser, if the victim visited a specially-crafted CSS equipped HTML page. (Closes: #534949) tor (0.2.0.35-1~lenny2) stable; urgency=medium * Two of the authority keys 0.2.0.35 ships with got rotated recently. To make sure Tor keeps working, update the list of authorities to the list shipped in 0.2.1.22 and 0.2.2.7-alpha. * Fix race condition that can cause crashes at client or exit relay (closes: #557654). (Backport from 0.2.1.x, original commit id: a89f51c936f8bd3c2aef3e9472d5310c83dc8fa7.) libfinance-quote-perl (1.13-3+lenny1) stable; urgency=low * debian/patches/07_datetime.diff: Added. Closes: #565701. serveez (0.1.5-2.1+lenny1) stable; urgency=high * Applied patch to fix HTTP remote buffer overflow (closes: #540657). linux-kernel-di-s390-2.6 (0.37lenny6) stable; urgency=low * Built against version 2.6.26-21 of linux-2.6. rails (2.1.0-7) stable-security; urgency=high * Fix XSS vulnerability in the escaping code for the form helpers in Ruby on Rails. Attackers who can inject deliberately malformed unicode strings into the form helpers can defeat the escaping checks and inject arbitrary HTML [CVE-2009-3009] tzdata (2010a-0lenny1) stable; urgency=low * New upstream release. - Drop argentinas-dst-2009.diff (obsolete). opensaml (1.1.1-2+lenny1) stable-security; urgency=high * SECURITY: Correctly handle decoding of malformed URLs, closing a possibly exploitable buffer overflow. See linux-kernel-di-powerpc-2.6 (1.48lenny6) stable; urgency=low * Built against version 2.6.26-21 of linux-2.6. bind9 (1:9.5.1.dfsg.P3-1+lenny1) stable-security; urgency=high * Fix cache poisoning through additional section for secure delegations (CVE-2009-4022). Backport of ISC changes between 9.5.2 and 9.5.2-P1. haproxy (1.3.15.2-2+lenny2) stable; urgency=low * Merge critical bug fixes that are fixed upsteam. 0001-BUG-disable-buffer-read-timeout-when-reading-stats.patch 0004-BUG-use_backend-would-not-correctly-consider-unless.patch 0006-BUG-fix-segfault-with-url_param-check_post.patch 0007-BUG-server-timeout-was-not-considered-in-some-circum.patch 0008-BUG-ev_sepoll-closed-file-descriptors-could-persist-.patch 0009-BUG-maintain_proxies-must-not-disable-backends.patch 0013-BUG-do-not-release-the-connection-slot-during-a-retr.patch 0014-BUG-dynamic-connection-throttling-could-return-a-max.patch 0016-BUG-do-not-try-to-pause-backends-during-reload.patch 0017-BUG-ensure-that-listeners-from-disabled-proxies-are-.patch 0018-BUG-acl-related-keywords-are-not-allowed-in-defaults.patch 0021-BUG-cookie-capture-is-declared-in-the-frontend-but-c.patch 0024-BUG-critical-errors-should-be-reported-even-in-daemo.patch 0025-BUG-do-not-dequeue-requests-on-a-dead-server.patch 0026-BUG-do-not-dequeue-the-backend-s-pending-connections.patch 0028-BUG-Fix-listen-more-of-2-couples-ip-port.patch 0030-CRITICAL-fix-server-state-tracking-it-was-O-n-instea.patch 0031-BUG-option-transparent-is-for-backend-not-frontend.patch 0032-BUG-we-must-not-exit-if-protocol-binding-only-return.patch 0033-BUG-inform-the-user-when-root-is-expected-but-not-se.patch 0035-BUG-the-source-keyword-must-first-clear-optional-set.patch 0036-BUG-global.tune.maxaccept-must-be-limited-even-in-mo.patch 0037-BUG-typo-in-timeout-error-reporting-report-res-and-n.patch 0042-BUG-server-check-intervals-must-not-be-null.patch 0043-BUG-check-for-global.maxconn-before-doing-accept.patch 0047-BUG-stats-total-and-lbtot-are-unsigned.patch 0049-MEDIUM-ensure-we-don-t-recursively-call-pool_gc2.patch 0050-CRITICAL-uninitialized-response-field-can-sometimes-.patch 0052-BUG-O-1-pollers-should-check-their-FD-before-closing.patch 0057-BUG-ensure-that-we-correctly-re-start-old-process-in.patch 0059-BUG-stream_sock-don-t-stop-reading-when-the-poller-r.patch advi (1.6.0-13+lenny2) stable-security; urgency=high * Non-maintainer upload by the security team * Rebuild and tighten build-depends against camlimages to get fixes for integer overflows Fixes: CVE-2009-2295 CVE-2009-3296 backup-manager (0.7.7-2) stable; urgency=high * Fix possible MYSQL password leaking to local users by making the .my.cnf file world-unreadable before writing the password to it. * Set myself as maintainer in debian/control. * Remove spurious debian/patches/00list.diff and update 00list. python-django (1.0.2-1+lenny2) stable-security; urgency=high * Add patch to fix remote denial of service by exploiting pathological performance of regular expressions (Closes: #550457) Upstream writes: SECURITY ALERT: Corrected regular expressions for URL and email fields. Certain email addresses/URLs could trigger a catastrophic backtracking situation, causing 100% CPU and server overload. If deliberately triggered, this could be the basis of a denial-of-service attack. fetchmail (6.3.9~rc2-4+lenny2) stable; urgency=low * Do not complain about missing config file when daemon shouldn't start at all (Closes: #540533). * Depend on $syslog in init script (Closes: #541394). * Fix some inconsistencies in init script. opensaml2 (2.0-2+lenny2) stable-security; urgency=high * SECURITY: Partial fix for improper handling of URLs that could be abused for script injection and other cross-site scripting attacks. The complete fix also requires a newer shibboleth-sp2 package. (CVE-2009-3300) mysql-dfsg-5.0 (5.0.51a-24+lenny2+spu1) stable-proposed-updates; urgency=low [ Sean Finney ] * New patch 64_fix-dummy-thread-race-condition.dpatch to back out an unneeded workaround that causes segfaults in libmysqlclient15. Thanks to Martin Koegler for digging up the patch. (closes: #524366, #513204) [ Norbert Tretkowski ] * New patch 65_fix_gis_functions_crash.dpatch from 5.0.82 to fix a server crash with arbitrary data input plus GIS functions. (closes: #477072) python-docutils (0.5-2+lenny1) stable; urgency=high * Fix insecure use of temporary files in the Emacs major mode for reStructuredText (closes: #560755). Thanks to Kumar Appaiah for helping to deal with this bug. dovecot (1:1.0.15-2.3+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix for buffer overflow in SIEVE filtering allowing for privilege escalation (closes: #546656). Thanks to Don Armstrong. webkit (1.0.1-4+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed FTBFS on arm and powerpc: include limits.h for a definition of ULONG_MAX introduced in CVE-2009-1687 patch. webkit (1.0.1-4+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-0945: NULL-pointer dereference in the SVGList interface implementation (Closes: #532724, #532725) * Fixed CVE-2009-1687: Integer overflow in JavaScript garbage collector * Fixed CVE-2009-1690: Incorrect handling element content once the element was removed * Fixed CVE-2009-1698: incorrect handling CSS "style" attribute content * Fixed CVE-2009-1711: denial of service or arbitrary code execution via Attr DOM objects improper memory initialization. (Closes: #534946) * Fixed CVE-2009-1712: arbitrary code execution via remote loading of local java applets. (Closes: #535793) * Fixed CVE-2009-1725: improper handling of numeric character references (Closes: #538346) * Patch based on work done by Marc Deslauriers in Ubuntu, thanks. * Fixed CVE-2009-1714: Cross-site scripting (XSS) vulnerability in Web Inspector * Fixed CVE-2009-1710: Remote attackers can spoof the browser's display of the host name, security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3 hotspot property. * Fixed CVE-2009-1697: CRLF injection vulnerability allows remote attackers to inject HTTP headers and bypass the Same Origin Policy via a crafted HTML document * Fixed CVE-2009-1695: Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via vectors involving access to frame contents after completion of a page transition. * Fixed CVE-2009-1693 and CVE-2009-1694: does not properly handle redirects, which allows remote attackers to read images from arbitrary web sites via vectors involving a CANVAS element and redirection * Fixed CVE-2009-1681: does not prevent web sites from loading third-party content into a subframe, which allows remote attackers to bypass the Same Origin Policy and conduct "clickjacking" attacks via a crafted HTML document. * Fixed CVE-2009-1684: Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via an event handler that triggers script execution in the context of the next loaded document. * Fixed CVE-2009-1692: denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object. dpkg (1.14.28) stable; urgency=low * Another round of updates concerning new source formats: - fix dpkg-source to not complain on binary files that are ignored and are not going to be included in the debian tarball of a "3.0 (quilt)" source package. Closes: #524375 - let dpkg-source fail if several upstream orig.tar files are available (using different compression scheme) since we don't know which one to use. - before accepting to build a 3.0 (quilt) source packages, ensure that debian/patches is a directory (or non-existing) and that debian/patches/series is a file (or non-existing). Closes: #557618 - modify implementation of "3.0 (quilt)" source format to not be behave differently depending on whether quilt is installed or not. The option --without-quilt is thus gone and dpkg-source creates and relies on the .pc directory to know whether patches are applied or not. Closes: #557667 redhat-cluster (2.20081102-1+lenny1) stable-proposed-updates; urgency=low * Non-maintainer upload. * [af1e653] Cherry-pick upstream fix for failing resource failover (Closes: #553166) - thanks a lot to Martin Waite munin (1.2.6-10~lenny2) stable-proposed-updates; urgency=low * Apply patch by Brian De Wolf (taken from upstream trunk r2352 and 1.2.6-14 from Debian squeeze) to fix gaps in graphs of the cpu plugin due to changes in the way the kernel reports cpu usage. (Closes: #535575, #554003) nss-ldapd (0.6.7.2) stable; urgency=high * security upload to proposed-updates * perform case-sensitive filtering for group, netgroup, passwd, protocols, rpc, services and shadow lookups to prevent denial of service in nscd and possibly wrong privileges assigned (closes: #552433) (fix back-ported from 0.6.11) proftpd-dfsg (1.3.1-17lenny4) stable-security; urgency=high * Security: added 3275.dpatch as taken from 1.3.2b branch to fix CVE-2009-3639. typo3-src (4.2.5-1+lenny2) stable-security; urgency=high * Added patches (backported from 4.2.10) to fix the security issues from "TYPO3 Security Bulletin TYPO3-SA-2009-016: Multiple vulnerabilities in TYPO3 Core" with the following CVEs assigned: CVE-2009-3628 TYPO3 Information disclosure CVE-2009-3629 TYPO3 Cross-site scripting CVE-2009-3630 TYPO3 Frame hijacking CVE-2009-3631 TYPO3 Remote shell command execution CVE-2009-3632 TYPO3 SQL injection CVE-2009-3633 TYPO3 API function t3lib_div::quoteJSvalue XSS CVE-2009-3634 TYPO3 Frontend Login Box (felogin) XSS CVE-2009-3635 TYPO3 Insecure Authentication and Session Handling CVE-2009-3636 TYPO3 Install Tool XSS (Closes: 552020). php-mail (1.1.14-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix a command injection vulnerability in sendmail.php (Closes: #557121) libmodplug (1:0.8.4-1+lenny1) stable-security; urgency=high * Fixed "PATinst()" Buffer Overflow Vulnerability in src/load_pat.c (Closes: #526084) (SA34927) * Fixed "CSoundFile::ReadMed()" Integer Overflow in src/load_med.cp (Closes: #526657) (CVE-2009-1438) * Fix build failure: reorder autoconf chain, use --copy/--add-missing, and use aclocal instead of aclocal-1.9. mapserver (5.0.3-3+lenny4) stable-security; urgency=high * Fix paths specified in url vulnerabilities. [http://trac.osgeo.org/mapserver/ticket/1836] zope2.10 (2.10.6-1+lenny1) stable-security; urgency=high * Fix two vulnerabilities in the ZODB ZEO network protocol (closes: #540464) - CVE-2009-0668 Arbitrary Python code execution in ZODB ZEO storage servers - CVE-2009-0669 Authentication bypass in ZODB ZEO storage servers devscripts (2.10.35lenny7) stable-security; urgency=low * uscan: Fix regressions introduced by the previous release: + Track position in global matches to avoid infinite loops and handle zero-width matches. Thanks, Raphael Geissert and Martín Ferrari. + Make download scripts which pass parameters to the called script work again. Thanks, Ryan Niebur. linux-kernel-di-sparc-2.6 (1.41lenny6) stable; urgency=low * Built against version 2.6.26-21 of linux-2.6. krb5 (1.6.dfsg.4~beta1-5lenny2) stable-security; urgency=high * cve-2009-4212, MIT-KRB5-SA-2009-004: Integer underflows in AES and RC4 decriptions. This can definitely lead to a DOS attack and potentially may leae to execution of unexpected code. It's potentially possible that arbitrary code could be executed, although much more likely that permuted heap contents or buffers not under attacker control will be executed. libthai (0.1.9-4+lenny1) stable-security; urgency=high * Fix integer overflow vulnerabilities (CVE-2009-4012). Thanks Tim Starling for the report. silc-client (1.1.4-1+lenny1) stable-security; urgency=high * Backport upstream security fixes: - [ebfe5dc] ASN1: Fix stack variable overwrite when encoding OID - [1598b3a] Fixed string format vulnerability in client entry handling - [8cb801c] More string format fixes in silcd and client libary dhcp3 (3.1.1-6+lenny4) lenny; urgency=low * Add patch from Petter Reinholdtsen to fix SIGPIPE when talking to LDAP server (closes: #559160) * Add patch from Petter Reinholdtsen to fix memory leak in LDAP code (closes: #531050) newt (0.52.2-11.3+lenny1) stable-security; urgency=high * Non-maintainer upload by the security team * Include patch to fix buffer overflow in content processing code Fixes: CVE-2009-2905 expat (2.0.1-4+lenny3) stable-security; urgency=low * Upload to stable to fix regressions in last security fix. * debian/patches/560901_CVE_2009_3560.dpatch: Adjusted. - lib/xmlparse.c (doProlog): Revised patch for CVE-2009-3560 after regressions have been detected (closes: #561658, #562381). Many thanks to Niko Tyni and Karl Waclawek for their help and the fix. changetrack (4.3-3+lenny1) stable-security; urgency=medium * Fix possible local exploit by rejecting filenames with unsafe characters (cf. CVE-2009-3233). Thanks to Marek Grzybowski and Andrzej Lemieszek. (Closes: #546791) xmltooling (1.0-2+lenny1) stable-security; urgency=high * SECURITY: Certificate subject names were incorrectly matched against trusted "key names" when they contained nul characters. This affects only Shibboleth deployments relying on the "PKIX" style of trust validation, used in the absence of explicit certificate information in the SAML metadata provided to the SP and reliance on certificate authorities found in the metadata extension element. See * SECURITY: Correctly handle decoding of malformed URLs, closing a possibly exploitable buffer overflow. See * SECURITY: Correctly honor the "use" attribute of SAML metadata to honor restrictions to signing or encryption. This is a partial fix; the complete fix also requires a new version of the OpenSAML library. See base-files (5lenny5) stable; urgency=low * Bump version in /etc/debian_version to "5.0.4". gnash (0.8.4-3~lenny1) stable-proposed-updates; urgency=low * Non-maintainer upload with maintainer approval. * Reduce amount of messages sent to ~/.xsession-errors, thanks to Petter Reinholdtsen for silent-plugin.patch. (Closes: #497633). nagios3 (3.0.6-4~lenny2) stable-security; urgency=low * Fix Command Injection Vulnerability in statuswml.cgi. This applies for SA35543 and CVE-2009-2288. debmirror (20070123lenny1) stable; urgency=low * The main Debian archive has started to use rsyncable gzip files. Use the --rsyncable flag when compressing Packages/Sources files using gzip after applying pdiffs to ensure the md5sum of the file matches the one in the Release file again. Closes: #560326. This change may cause unnecessary download of the gzipped Packages/Sources files for other archives that provide pdiffs but don't have rsyncable gzipped files. shibboleth-sp2 (2.0.dfsg1-4+lenny2) stable-security; urgency=high * SECURITY: Partial fix for improper handling of URLs that could be abused for script injection and other cross-site scripting attacks. The complete fix also requires a newer opensaml2 package. (Closes: #555608, CVE-2009-3300) request-tracker3.6 (3.6.7-5+lenny3) stable-security; urgency=high * Security fix for session fixation vulnerability (CVE-2009-3585) * In debian/postinst, clarify that any persistent perl process setup needs to be restarted, not just mod_perl phpgroupware (1:0.9.16.012+dfsg-8+lenny1) stable-security; urgency=high * Fix cross site scripting, data exhibition (SA35519) : add Security patch from upstream in addressbook taken from svn rev. 19117 (upstream-security-20090722.diff) ruby1.9 (1.9.0.2-9lenny1) stable-security; urgency=high * added patch: 932_CVE-2009-1904 (ref: #532689) It fixes BigDecimal DoS vulnerability (CVE-2009-1904). (backported from 1.8.7-p172 and 1.8.7-p174) * Add upstream patch to properly check return values of the OCSP_basic_verify function (CVE-2009-0642; Closes: #513528) xulrunner (1.9.0.16-1) stable-security; urgency=low * New upstream release. * Fixes mfsa-2009-{65,68-70}, also known as CVE-2009-3979, CVE-2009-3981, CVE-2009-3983, CVE-2009-3984, CVE-2009-3985, CVE-2009-3986. php5 (5.2.6.dfsg.1-1+lenny4) stable-security; urgency=high * CVE-2009-2687: DoS via malformed JPEG images with invalid offset fields (Closes: #535888) * CVE-2009-2626: remote memory disclosure via ini_* functions (Closes: #540605) * CVE-2009-3292: multiple missing checks processing exif image data * CVE-2009-3291: improper handling of nul character in CommonName fields of X509 certificates * max_file_uploads: prevent, by limiting, temporary files exhaustion DoS * Add an entry to debian/NEWS about the new per-request file uploads limit otrs2 (2.2.7-2lenny2) stable-proposed-updates; urgency=low * QA upload. * Add remove-maxrequestsperchild.diff patch, which removes the MaxRequestsPerChild Apache options from the config files. Closes: #548073 * Add emailsyntax.diff patch, which removes all valid domains from the email address syntax check. Closes: #541309 * Only execute a2enmod, if it is available on the system. Thanks for the patch to Hilmar Preusse . Closes: #524315 * Recommend postgresql-8.3 instead of the non-existing postgresql-8.2. Closes: #535004 gforge (4.7~rc2-7lenny3) stable-security; urgency=high * Fix for symlink attack (CVE-2009-3304). kvm (72+dfsg-5~lenny4) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-3638: Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function (Closes: #562076) * Fixed CVE-2009-3722: denial of service (trap) on the host OS via a crafted application. (Closes: #557739) * Fixed CVE-2009-4031: denial of service (increased scheduling latency) on the host OS via unspecified manipulations related to SMP support. (Closes: #562075) asterisk (1:1.4.21.2~dfsg-3+lenny1) stable-security; urgency=high * Multiple security fixes: - "Information leak in IAX2 authentication", AST-2009-001, CVE-2009-0041. - "Remote Crash Vulnerability in SIP channel driver", AST-2009-002. - "SIP responses expose valid usernames", AST-2009-003, CVE-2008-3903. (Closes: #522528) - "SIP responses expose valid usernames", AST-2009-008, CVE-2009-3727. (Closes: #554487) - Stop shipping old static-http code in examples. Among other things, it includes a vulnerable version of the prototype Javascript library. AST-2009-009, CVE-2008-7220. (Closes: #554486) - "RTP Remote Crash Vulnerability", AST-2009-010, CVE-2009-4055. (Closes: #559103) graphicsmagick (1.1.11-3.2+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2008-3134: Multiple errors within the processing of various formats can be exploited to crash the application (Closes: 491439) * Fixed CVE-2008-6070: Multiple heap-based buffer underflows in the ReadPALMImage function * Fixed CVE-2008-6071: Heap-based buffer overflow in the DecodeImage function * Fixed CVE-2008-6072: Multiple errors within the processing of XCF and CINEON images can be exploited to crash the application. * Fixed CVE-2008-6621: Multiple errors within the processing of DPX images can be exploited to crash the application. * Fixed CVE-2009-1882: Integer overflow in the XMakeImage function (Closes: 530946) linux-kernel-di-arm-2.6 (1.37lenny7) stable; urgency=low * Built against version 2.6.26-21 of linux-2.6. libtool (1.5.26-4+lenny1) stable-security; urgency=high * Non-maintainer upload by the security team. * Fixes local privilege escalation vulnerability: CVE-2009-3736 (closes: #559797). python-xml (0.8.4-10.1+lenny1) stable-proposed-updates; urgency=high * Non-maintainer upload by the security team. * Fix two denial-of-service vulnerabilties: CVE-2009-3560 and CVE-2009-3720. xapian-omega (1.0.7-3+lenny1) stable-security; urgency=high * SECURITY UPDATE: * Fix cross-site scripting vulnerabilities in reporting of exceptions. glib2.0 (2.16.6-3) stable; urgency=low * SECURITY: 13_permissions_CVE-2009-3289.patch: + The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory. + Concatenation of 3 upstream patches, fixes CVE-2009-3289. libdbd-mysql-perl (4.007-1+lenny1) stable; urgency=low * Apply patch from CPAN bug 37027 to stop auto_reconnect option causing segmentation faults. (Closes: #520406) kdelibs (4:3.5.10.dfsg.1-0lenny3) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-2702: KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority (Closes: #546212) usbutils (0.73-10lenny1) stable; urgency=low * Update usb.ids: - Add Logitech Webcam C200 (046d:0802) (closes: bug#564035). - Add Verbatim External Hard Drive (18a5:0216) (closes: bug#563085). - Add eHome Infrared Receiver (147a:e017) Ralink rt2570 802.11g WLAN (14b2:3c05) (closes: bug#531274). - Fix entry about Netgear WG111 (0846:4240) (closes: bug#500706). - Add Hewlett-Packard LaserJet P1005 (03f0:3d17) (closes: bug#525629). - Add Benq X120 Internet Keyboard Pro (0d62:001c) (closes: bug#525628). - Add Dexon Mouse (15d9:0a33) (closes: bug#525582). ircd-hybrid (1:7.2.2.dfsg.2-4+lenny1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix integer underflow in clean_string in src/irc_string.c Fixes: CVE-2009-4016 bugzilla (3.0.4.1-2+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed SQL injection vulnerability in the Bug.create WebService function CVE-2009-3165, Closes: #547132 webauth (3.6.0-1+lenny1) stable-proposed-updates; urgency=high * CVE-2009-2945: When generating a redirect to test for cookie support, be sure not to include a password in the URL. Reject username/password logins via methods other than POST. * If the user submits the login form via POST without the test cookie, assume the browser supports cookies and don't probe. system-tools-backends (2.6.0-2lenny4) stable; urgency=low * Non-maintainer upload. * Added 61_fix-debian-var.patch to fix debian definitions so it can actually interact with the system. Thanks to Aldo Vizcaino y Fernando Lopez . Closes: #545358. gzip (1.3.12-6+lenny1) stable-security; urgency=high * Non-maintainer upload by the security team * Fix integer underflow in decompression of LZW formats Fixes: CVE-2010-0001 * Fix missing input sanitation related to the dynamic Huffman codes Fixes: CVE-2009-2624 * Fix packaging issue to make sure manpages are installed into the right path, thanks to Julien Cristau linux-kernel-di-alpha-2.6 (0.37lenny6) stable; urgency=low * Built against version 2.6.26-21 of linux-2.6. audiofile (0.2.6-7+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2008-5824: Fix buffer overflow when decompressing MS ADPCM .wav files (closes: #510205). ========================================= Fri, 04 Sept 2009 - Debian 5.0.3 released ========================================= ========================================================================= [Date: Fri, 04 Sep 2009 18:35:43 +0000] [ftpmaster: Archive Administrator] Removed the following packages from stable: sabayon | 2.22.0-1 | source, alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc Closed bugs: 534941 ------------------- Reason ------------------- RoM; almost completly broken ---------------------------------------------- ========================================================================= stable/main/binary-sparc/znc_0.058-2+lenny3_sparc.deb znc (0.058-2+lenny3) stable-security; urgency=high * Fixes an high-impact directory traversal bug, where unprivileged users can save about DCC SEND files on the server with the rights of the znc process. The attacker could also use the exploit to get a shell on the server. Closes: #537977 stable/main/binary-s390/znc_0.058-2+lenny3_s390.deb znc (0.058-2+lenny3) stable-security; urgency=high * Fixes an high-impact directory traversal bug, where unprivileged users can save about DCC SEND files on the server with the rights of the znc process. The attacker could also use the exploit to get a shell on the server. Closes: #537977 stable/main/binary-powerpc/znc_0.058-2+lenny3_powerpc.deb znc (0.058-2+lenny3) stable-security; urgency=high * Fixes an high-impact directory traversal bug, where unprivileged users can save about DCC SEND files on the server with the rights of the znc process. The attacker could also use the exploit to get a shell on the server. Closes: #537977 stable/main/binary-mipsel/znc_0.058-2+lenny3_mipsel.deb znc (0.058-2+lenny3) stable-security; urgency=high * Fixes an high-impact directory traversal bug, where unprivileged users can save about DCC SEND files on the server with the rights of the znc process. The attacker could also use the exploit to get a shell on the server. Closes: #537977 stable/main/binary-mips/znc_0.058-2+lenny3_mips.deb znc (0.058-2+lenny3) stable-security; urgency=high * Fixes an high-impact directory traversal bug, where unprivileged users can save about DCC SEND files on the server with the rights of the znc process. The attacker could also use the exploit to get a shell on the server. Closes: #537977 stable/main/binary-ia64/znc_0.058-2+lenny3_ia64.deb znc (0.058-2+lenny3) stable-security; urgency=high * Fixes an high-impact directory traversal bug, where unprivileged users can save about DCC SEND files on the server with the rights of the znc process. The attacker could also use the exploit to get a shell on the server. Closes: #537977 stable/main/binary-i386/znc_0.058-2+lenny3_i386.deb znc (0.058-2+lenny3) stable-security; urgency=high * Fixes an high-impact directory traversal bug, where unprivileged users can save about DCC SEND files on the server with the rights of the znc process. The attacker could also use the exploit to get a shell on the server. Closes: #537977 stable/main/binary-hppa/znc_0.058-2+lenny3_hppa.deb znc (0.058-2+lenny3) stable-security; urgency=high * Fixes an high-impact directory traversal bug, where unprivileged users can save about DCC SEND files on the server with the rights of the znc process. The attacker could also use the exploit to get a shell on the server. Closes: #537977 stable/main/binary-armel/znc_0.058-2+lenny3_armel.deb znc (0.058-2+lenny3) stable-security; urgency=high * Fixes an high-impact directory traversal bug, where unprivileged users can save about DCC SEND files on the server with the rights of the znc process. The attacker could also use the exploit to get a shell on the server. Closes: #537977 stable/main/binary-arm/znc_0.058-2+lenny3_arm.deb znc (0.058-2+lenny3) stable-security; urgency=high * Fixes an high-impact directory traversal bug, where unprivileged users can save about DCC SEND files on the server with the rights of the znc process. The attacker could also use the exploit to get a shell on the server. Closes: #537977 stable/main/binary-alpha/znc_0.058-2+lenny3_alpha.deb znc (0.058-2+lenny3) stable-security; urgency=high * Fixes an high-impact directory traversal bug, where unprivileged users can save about DCC SEND files on the server with the rights of the znc process. The attacker could also use the exploit to get a shell on the server. Closes: #537977 stable/main/source/znc_0.058-2+lenny3.diff.gz stable/main/binary-amd64/znc_0.058-2+lenny3_amd64.deb stable/main/source/znc_0.058-2+lenny3.dsc znc (0.058-2+lenny3) stable-security; urgency=high * Fixes an high-impact directory traversal bug, where unprivileged users can save about DCC SEND files on the server with the rights of the znc process. The attacker could also use the exploit to get a shell on the server. Closes: #537977 stable/main/binary-sparc/xulrunner-dev_1.9.0.13-0lenny1_sparc.deb stable/main/binary-sparc/xulrunner-1.9-dbg_1.9.0.13-0lenny1_sparc.deb stable/main/binary-sparc/libmozjs1d_1.9.0.13-0lenny1_sparc.deb stable/main/binary-sparc/libmozjs-dev_1.9.0.13-0lenny1_sparc.deb stable/main/binary-sparc/xulrunner-1.9-gnome-support_1.9.0.13-0lenny1_sparc.deb stable/main/binary-sparc/spidermonkey-bin_1.9.0.13-0lenny1_sparc.deb stable/main/binary-sparc/xulrunner-1.9_1.9.0.13-0lenny1_sparc.deb stable/main/binary-sparc/python-xpcom_1.9.0.13-0lenny1_sparc.deb stable/main/binary-sparc/libmozjs1d-dbg_1.9.0.13-0lenny1_sparc.deb xulrunner (1.9.0.13-0lenny1) stable-security; urgency=high * New upstream release. * Fixes mfsa-2009-44, also known as CVE-2009-2654. * security/manager/ssl/src/nsNSSCallbacks.{h,cpp}, security/manager/ssl/src/nsNSSComponent.cpp: Leave out OCSP responders, as they require latest nss which we don't have in Lenny. * security/manager/ssl/src/nsNSSCertHelper.cpp: Define CERT_RFC1485_EscapeAndQuote function when it is not defined in nss headers. stable/main/binary-s390/xulrunner-1.9-gnome-support_1.9.0.13-0lenny1_s390.deb stable/main/binary-s390/xulrunner-1.9-dbg_1.9.0.13-0lenny1_s390.deb stable/main/binary-s390/xulrunner-1.9_1.9.0.13-0lenny1_s390.deb stable/main/binary-s390/python-xpcom_1.9.0.13-0lenny1_s390.deb stable/main/binary-s390/libmozjs1d-dbg_1.9.0.13-0lenny1_s390.deb stable/main/binary-s390/xulrunner-dev_1.9.0.13-0lenny1_s390.deb stable/main/binary-s390/spidermonkey-bin_1.9.0.13-0lenny1_s390.deb stable/main/binary-s390/libmozjs1d_1.9.0.13-0lenny1_s390.deb stable/main/binary-s390/libmozjs-dev_1.9.0.13-0lenny1_s390.deb xulrunner (1.9.0.13-0lenny1) stable-security; urgency=high * New upstream release. * Fixes mfsa-2009-44, also known as CVE-2009-2654. * security/manager/ssl/src/nsNSSCallbacks.{h,cpp}, security/manager/ssl/src/nsNSSComponent.cpp: Leave out OCSP responders, as they require latest nss which we don't have in Lenny. * security/manager/ssl/src/nsNSSCertHelper.cpp: Define CERT_RFC1485_EscapeAndQuote function when it is not defined in nss headers. stable/main/binary-powerpc/xulrunner-1.9-gnome-support_1.9.0.13-0lenny1_powerpc.deb stable/main/binary-powerpc/libmozjs-dev_1.9.0.13-0lenny1_powerpc.deb stable/main/binary-powerpc/libmozjs1d-dbg_1.9.0.13-0lenny1_powerpc.deb stable/main/binary-powerpc/xulrunner-1.9_1.9.0.13-0lenny1_powerpc.deb stable/main/binary-powerpc/libmozjs1d_1.9.0.13-0lenny1_powerpc.deb stable/main/binary-powerpc/python-xpcom_1.9.0.13-0lenny1_powerpc.deb stable/main/binary-powerpc/xulrunner-1.9-dbg_1.9.0.13-0lenny1_powerpc.deb stable/main/binary-powerpc/spidermonkey-bin_1.9.0.13-0lenny1_powerpc.deb stable/main/binary-powerpc/xulrunner-dev_1.9.0.13-0lenny1_powerpc.deb xulrunner (1.9.0.13-0lenny1) stable-security; urgency=high * New upstream release. * Fixes mfsa-2009-44, also known as CVE-2009-2654. * security/manager/ssl/src/nsNSSCallbacks.{h,cpp}, security/manager/ssl/src/nsNSSComponent.cpp: Leave out OCSP responders, as they require latest nss which we don't have in Lenny. * security/manager/ssl/src/nsNSSCertHelper.cpp: Define CERT_RFC1485_EscapeAndQuote function when it is not defined in nss headers. stable/main/binary-mipsel/libmozjs1d_1.9.0.13-0lenny1_mipsel.deb stable/main/binary-mipsel/xulrunner-1.9-dbg_1.9.0.13-0lenny1_mipsel.deb stable/main/binary-mipsel/xulrunner-1.9-gnome-support_1.9.0.13-0lenny1_mipsel.deb stable/main/binary-mipsel/xulrunner-1.9_1.9.0.13-0lenny1_mipsel.deb stable/main/binary-mipsel/libmozjs-dev_1.9.0.13-0lenny1_mipsel.deb stable/main/binary-mipsel/xulrunner-dev_1.9.0.13-0lenny1_mipsel.deb stable/main/binary-mipsel/spidermonkey-bin_1.9.0.13-0lenny1_mipsel.deb stable/main/binary-mipsel/libmozjs1d-dbg_1.9.0.13-0lenny1_mipsel.deb stable/main/binary-mipsel/python-xpcom_1.9.0.13-0lenny1_mipsel.deb xulrunner (1.9.0.13-0lenny1) stable-security; urgency=high * New upstream release. * Fixes mfsa-2009-44, also known as CVE-2009-2654. * security/manager/ssl/src/nsNSSCallbacks.{h,cpp}, security/manager/ssl/src/nsNSSComponent.cpp: Leave out OCSP responders, as they require latest nss which we don't have in Lenny. * security/manager/ssl/src/nsNSSCertHelper.cpp: Define CERT_RFC1485_EscapeAndQuote function when it is not defined in nss headers. stable/main/binary-mips/xulrunner-1.9-gnome-support_1.9.0.13-0lenny1_mips.deb stable/main/binary-mips/python-xpcom_1.9.0.13-0lenny1_mips.deb stable/main/binary-mips/libmozjs1d_1.9.0.13-0lenny1_mips.deb stable/main/binary-mips/xulrunner-1.9-dbg_1.9.0.13-0lenny1_mips.deb stable/main/binary-mips/libmozjs1d-dbg_1.9.0.13-0lenny1_mips.deb stable/main/binary-mips/xulrunner-1.9_1.9.0.13-0lenny1_mips.deb stable/main/binary-mips/libmozjs-dev_1.9.0.13-0lenny1_mips.deb stable/main/binary-mips/spidermonkey-bin_1.9.0.13-0lenny1_mips.deb stable/main/binary-mips/xulrunner-dev_1.9.0.13-0lenny1_mips.deb xulrunner (1.9.0.13-0lenny1) stable-security; urgency=high * New upstream release. * Fixes mfsa-2009-44, also known as CVE-2009-2654. * security/manager/ssl/src/nsNSSCallbacks.{h,cpp}, security/manager/ssl/src/nsNSSComponent.cpp: Leave out OCSP responders, as they require latest nss which we don't have in Lenny. * security/manager/ssl/src/nsNSSCertHelper.cpp: Define CERT_RFC1485_EscapeAndQuote function when it is not defined in nss headers. stable/main/binary-ia64/python-xpcom_1.9.0.13-0lenny1_ia64.deb stable/main/binary-ia64/spidermonkey-bin_1.9.0.13-0lenny1_ia64.deb stable/main/binary-ia64/libmozjs1d-dbg_1.9.0.13-0lenny1_ia64.deb stable/main/binary-ia64/xulrunner-1.9-gnome-support_1.9.0.13-0lenny1_ia64.deb stable/main/binary-ia64/xulrunner-dev_1.9.0.13-0lenny1_ia64.deb stable/main/binary-ia64/xulrunner-1.9_1.9.0.13-0lenny1_ia64.deb stable/main/binary-ia64/xulrunner-1.9-dbg_1.9.0.13-0lenny1_ia64.deb stable/main/binary-ia64/libmozjs-dev_1.9.0.13-0lenny1_ia64.deb stable/main/binary-ia64/libmozjs1d_1.9.0.13-0lenny1_ia64.deb xulrunner (1.9.0.13-0lenny1) stable-security; urgency=high * New upstream release. * Fixes mfsa-2009-44, also known as CVE-2009-2654. * security/manager/ssl/src/nsNSSCallbacks.{h,cpp}, security/manager/ssl/src/nsNSSComponent.cpp: Leave out OCSP responders, as they require latest nss which we don't have in Lenny. * security/manager/ssl/src/nsNSSCertHelper.cpp: Define CERT_RFC1485_EscapeAndQuote function when it is not defined in nss headers. stable/main/binary-i386/xulrunner-1.9-gnome-support_1.9.0.13-0lenny1_i386.deb stable/main/binary-i386/spidermonkey-bin_1.9.0.13-0lenny1_i386.deb stable/main/binary-i386/libmozjs-dev_1.9.0.13-0lenny1_i386.deb stable/main/binary-i386/libmozjs1d_1.9.0.13-0lenny1_i386.deb stable/main/binary-i386/libmozjs1d-dbg_1.9.0.13-0lenny1_i386.deb stable/main/binary-i386/xulrunner-dev_1.9.0.13-0lenny1_i386.deb stable/main/binary-i386/xulrunner-1.9-dbg_1.9.0.13-0lenny1_i386.deb stable/main/binary-i386/python-xpcom_1.9.0.13-0lenny1_i386.deb stable/main/binary-i386/xulrunner-1.9_1.9.0.13-0lenny1_i386.deb xulrunner (1.9.0.13-0lenny1) stable-security; urgency=high * New upstream release. * Fixes mfsa-2009-44, also known as CVE-2009-2654. * security/manager/ssl/src/nsNSSCallbacks.{h,cpp}, security/manager/ssl/src/nsNSSComponent.cpp: Leave out OCSP responders, as they require latest nss which we don't have in Lenny. * security/manager/ssl/src/nsNSSCertHelper.cpp: Define CERT_RFC1485_EscapeAndQuote function when it is not defined in nss headers. stable/main/binary-hppa/python-xpcom_1.9.0.13-0lenny1_hppa.deb stable/main/binary-hppa/xulrunner-1.9-dbg_1.9.0.13-0lenny1_hppa.deb stable/main/binary-hppa/spidermonkey-bin_1.9.0.13-0lenny1_hppa.deb stable/main/binary-hppa/xulrunner-1.9_1.9.0.13-0lenny1_hppa.deb stable/main/binary-hppa/libmozjs-dev_1.9.0.13-0lenny1_hppa.deb stable/main/binary-hppa/xulrunner-dev_1.9.0.13-0lenny1_hppa.deb stable/main/binary-hppa/libmozjs1d-dbg_1.9.0.13-0lenny1_hppa.deb stable/main/binary-hppa/libmozjs1d_1.9.0.13-0lenny1_hppa.deb stable/main/binary-hppa/xulrunner-1.9-gnome-support_1.9.0.13-0lenny1_hppa.deb xulrunner (1.9.0.13-0lenny1) stable-security; urgency=high * New upstream release. * Fixes mfsa-2009-44, also known as CVE-2009-2654. * security/manager/ssl/src/nsNSSCallbacks.{h,cpp}, security/manager/ssl/src/nsNSSComponent.cpp: Leave out OCSP responders, as they require latest nss which we don't have in Lenny. * security/manager/ssl/src/nsNSSCertHelper.cpp: Define CERT_RFC1485_EscapeAndQuote function when it is not defined in nss headers. stable/main/binary-armel/libmozjs-dev_1.9.0.13-0lenny1_armel.deb stable/main/binary-armel/libmozjs1d-dbg_1.9.0.13-0lenny1_armel.deb stable/main/binary-armel/xulrunner-dev_1.9.0.13-0lenny1_armel.deb stable/main/binary-armel/xulrunner-1.9-gnome-support_1.9.0.13-0lenny1_armel.deb stable/main/binary-armel/spidermonkey-bin_1.9.0.13-0lenny1_armel.deb stable/main/binary-armel/libmozjs1d_1.9.0.13-0lenny1_armel.deb stable/main/binary-armel/python-xpcom_1.9.0.13-0lenny1_armel.deb stable/main/binary-armel/xulrunner-1.9-dbg_1.9.0.13-0lenny1_armel.deb stable/main/binary-armel/xulrunner-1.9_1.9.0.13-0lenny1_armel.deb xulrunner (1.9.0.13-0lenny1) stable-security; urgency=high * New upstream release. * Fixes mfsa-2009-44, also known as CVE-2009-2654. * security/manager/ssl/src/nsNSSCallbacks.{h,cpp}, security/manager/ssl/src/nsNSSComponent.cpp: Leave out OCSP responders, as they require latest nss which we don't have in Lenny. * security/manager/ssl/src/nsNSSCertHelper.cpp: Define CERT_RFC1485_EscapeAndQuote function when it is not defined in nss headers. stable/main/binary-arm/spidermonkey-bin_1.9.0.13-0lenny1_arm.deb stable/main/binary-arm/libmozjs-dev_1.9.0.13-0lenny1_arm.deb stable/main/binary-arm/xulrunner-1.9-gnome-support_1.9.0.13-0lenny1_arm.deb stable/main/binary-arm/libmozjs1d_1.9.0.13-0lenny1_arm.deb stable/main/binary-arm/python-xpcom_1.9.0.13-0lenny1_arm.deb stable/main/binary-arm/xulrunner-1.9_1.9.0.13-0lenny1_arm.deb stable/main/binary-arm/libmozjs1d-dbg_1.9.0.13-0lenny1_arm.deb stable/main/binary-arm/xulrunner-1.9-dbg_1.9.0.13-0lenny1_arm.deb stable/main/binary-arm/xulrunner-dev_1.9.0.13-0lenny1_arm.deb xulrunner (1.9.0.13-0lenny1) stable-security; urgency=high * New upstream release. * Fixes mfsa-2009-44, also known as CVE-2009-2654. * security/manager/ssl/src/nsNSSCallbacks.{h,cpp}, security/manager/ssl/src/nsNSSComponent.cpp: Leave out OCSP responders, as they require latest nss which we don't have in Lenny. * security/manager/ssl/src/nsNSSCertHelper.cpp: Define CERT_RFC1485_EscapeAndQuote function when it is not defined in nss headers. stable/main/binary-alpha/xulrunner-dev_1.9.0.13-0lenny1_alpha.deb stable/main/binary-alpha/xulrunner-1.9-dbg_1.9.0.13-0lenny1_alpha.deb stable/main/binary-alpha/xulrunner-1.9-gnome-support_1.9.0.13-0lenny1_alpha.deb stable/main/binary-alpha/xulrunner-1.9_1.9.0.13-0lenny1_alpha.deb stable/main/binary-alpha/python-xpcom_1.9.0.13-0lenny1_alpha.deb stable/main/binary-alpha/libmozjs1d-dbg_1.9.0.13-0lenny1_alpha.deb stable/main/binary-alpha/libmozjs-dev_1.9.0.13-0lenny1_alpha.deb stable/main/binary-alpha/libmozjs1d_1.9.0.13-0lenny1_alpha.deb stable/main/binary-alpha/spidermonkey-bin_1.9.0.13-0lenny1_alpha.deb xulrunner (1.9.0.13-0lenny1) stable-security; urgency=high * New upstream release. * Fixes mfsa-2009-44, also known as CVE-2009-2654. * security/manager/ssl/src/nsNSSCallbacks.{h,cpp}, security/manager/ssl/src/nsNSSComponent.cpp: Leave out OCSP responders, as they require latest nss which we don't have in Lenny. * security/manager/ssl/src/nsNSSCertHelper.cpp: Define CERT_RFC1485_EscapeAndQuote function when it is not defined in nss headers. stable/main/binary-amd64/python-xpcom_1.9.0.13-0lenny1_amd64.deb stable/main/binary-amd64/libmozjs1d_1.9.0.13-0lenny1_amd64.deb stable/main/source/xulrunner_1.9.0.13-0lenny1.diff.gz stable/main/binary-amd64/xulrunner-1.9-gnome-support_1.9.0.13-0lenny1_amd64.deb stable/main/binary-amd64/xulrunner-dev_1.9.0.13-0lenny1_amd64.deb stable/main/source/xulrunner_1.9.0.13-0lenny1.dsc stable/main/binary-amd64/xulrunner-1.9_1.9.0.13-0lenny1_amd64.deb stable/main/binary-amd64/spidermonkey-bin_1.9.0.13-0lenny1_amd64.deb stable/main/binary-amd64/libmozjs-dev_1.9.0.13-0lenny1_amd64.deb stable/main/binary-amd64/libmozjs1d-dbg_1.9.0.13-0lenny1_amd64.deb stable/main/binary-all/libmozillainterfaces-java_1.9.0.13-0lenny1_all.deb stable/main/binary-amd64/xulrunner-1.9-dbg_1.9.0.13-0lenny1_amd64.deb xulrunner (1.9.0.13-0lenny1) stable-security; urgency=high * New upstream release. * Fixes mfsa-2009-44, also known as CVE-2009-2654. * security/manager/ssl/src/nsNSSCallbacks.{h,cpp}, security/manager/ssl/src/nsNSSComponent.cpp: Leave out OCSP responders, as they require latest nss which we don't have in Lenny. * security/manager/ssl/src/nsNSSCertHelper.cpp: Define CERT_RFC1485_EscapeAndQuote function when it is not defined in nss headers. stable/main/binary-sparc/xserver-xorg_7.3+20_sparc.deb stable/main/binary-sparc/xserver-xorg-input-all_7.3+20_sparc.deb stable/main/binary-sparc/xorg_7.3+20_sparc.deb stable/main/binary-sparc/xserver-xorg-video-all_7.3+20_sparc.deb xorg (1:7.3+20) stable; urgency=low * Non-maintainer upload, supervised by Julien Cristau. * xserver-xorg.postinst: fix for the previous patch. Closes: #535624 stable/main/binary-s390/xserver-xorg_7.3+20_s390.deb stable/main/binary-s390/xserver-xorg-input-all_7.3+20_s390.deb stable/main/binary-s390/xorg_7.3+20_s390.deb stable/main/binary-s390/xserver-xorg-video-all_7.3+20_s390.deb xorg (1:7.3+20) stable; urgency=low * Non-maintainer upload, supervised by Julien Cristau. * xserver-xorg.postinst: fix for the previous patch. Closes: #535624 stable/main/binary-powerpc/xserver-xorg_7.3+20_powerpc.deb stable/main/binary-powerpc/xserver-xorg-video-all_7.3+20_powerpc.deb stable/main/binary-powerpc/xserver-xorg-input-all_7.3+20_powerpc.deb stable/main/binary-powerpc/xorg_7.3+20_powerpc.deb xorg (1:7.3+20) stable; urgency=low * Non-maintainer upload, supervised by Julien Cristau. * xserver-xorg.postinst: fix for the previous patch. Closes: #535624 stable/main/binary-mipsel/xserver-xorg_7.3+20_mipsel.deb stable/main/binary-mipsel/xorg_7.3+20_mipsel.deb stable/main/binary-mipsel/xserver-xorg-video-all_7.3+20_mipsel.deb stable/main/binary-mipsel/xserver-xorg-input-all_7.3+20_mipsel.deb xorg (1:7.3+20) stable; urgency=low * Non-maintainer upload, supervised by Julien Cristau. * xserver-xorg.postinst: fix for the previous patch. Closes: #535624 stable/main/binary-mips/xorg_7.3+20_mips.deb stable/main/binary-mips/xserver-xorg_7.3+20_mips.deb stable/main/binary-mips/xserver-xorg-input-all_7.3+20_mips.deb stable/main/binary-mips/xserver-xorg-video-all_7.3+20_mips.deb xorg (1:7.3+20) stable; urgency=low * Non-maintainer upload, supervised by Julien Cristau. * xserver-xorg.postinst: fix for the previous patch. Closes: #535624 stable/main/binary-ia64/xserver-xorg_7.3+20_ia64.deb stable/main/binary-ia64/xorg_7.3+20_ia64.deb stable/main/binary-ia64/xserver-xorg-video-all_7.3+20_ia64.deb stable/main/binary-ia64/xserver-xorg-input-all_7.3+20_ia64.deb xorg (1:7.3+20) stable; urgency=low * Non-maintainer upload, supervised by Julien Cristau. * xserver-xorg.postinst: fix for the previous patch. Closes: #535624 stable/main/binary-hppa/xserver-xorg_7.3+20_hppa.deb stable/main/binary-hppa/xorg_7.3+20_hppa.deb stable/main/binary-hppa/xserver-xorg-input-all_7.3+20_hppa.deb stable/main/binary-hppa/xserver-xorg-video-all_7.3+20_hppa.deb xorg (1:7.3+20) stable; urgency=low * Non-maintainer upload, supervised by Julien Cristau. * xserver-xorg.postinst: fix for the previous patch. Closes: #535624 stable/main/binary-armel/xserver-xorg-video-all_7.3+20_armel.deb stable/main/binary-armel/xorg_7.3+20_armel.deb stable/main/binary-armel/xserver-xorg_7.3+20_armel.deb stable/main/binary-armel/xserver-xorg-input-all_7.3+20_armel.deb xorg (1:7.3+20) stable; urgency=low * Non-maintainer upload, supervised by Julien Cristau. * xserver-xorg.postinst: fix for the previous patch. Closes: #535624 stable/main/binary-arm/xorg_7.3+20_arm.deb stable/main/binary-arm/xserver-xorg-input-all_7.3+20_arm.deb stable/main/binary-arm/xserver-xorg-video-all_7.3+20_arm.deb stable/main/binary-arm/xserver-xorg_7.3+20_arm.deb xorg (1:7.3+20) stable; urgency=low * Non-maintainer upload, supervised by Julien Cristau. * xserver-xorg.postinst: fix for the previous patch. Closes: #535624 stable/main/binary-amd64/xorg_7.3+20_amd64.deb stable/main/binary-amd64/xserver-xorg-video-all_7.3+20_amd64.deb stable/main/binary-amd64/xserver-xorg-input-all_7.3+20_amd64.deb stable/main/binary-amd64/xserver-xorg_7.3+20_amd64.deb xorg (1:7.3+20) stable; urgency=low * Non-maintainer upload, supervised by Julien Cristau. * xserver-xorg.postinst: fix for the previous patch. Closes: #535624 stable/main/binary-alpha/xorg_7.3+20_alpha.deb stable/main/binary-alpha/xserver-xorg_7.3+20_alpha.deb stable/main/binary-alpha/xserver-xorg-video-all_7.3+20_alpha.deb stable/main/binary-alpha/xserver-xorg-input-all_7.3+20_alpha.deb xorg (1:7.3+20) stable; urgency=low * Non-maintainer upload, supervised by Julien Cristau. * xserver-xorg.postinst: fix for the previous patch. Closes: #535624 stable/main/binary-i386/xserver-xorg-input-all_7.3+20_i386.deb stable/main/binary-all/xlibmesa-gl_7.3+20_all.deb stable/main/binary-i386/xserver-xorg-video-all_7.3+20_i386.deb stable/main/binary-all/libglu1-xorg_7.3+20_all.deb stable/main/source/xorg_7.3+20.dsc stable/main/binary-i386/xserver-xorg_7.3+20_i386.deb stable/main/binary-all/xbase-clients_7.3+20_all.deb stable/main/source/xorg_7.3+20.tar.gz stable/main/binary-all/xlibmesa-glu_7.3+20_all.deb stable/main/binary-all/libglu1-xorg-dev_7.3+20_all.deb stable/main/binary-all/xorg-dev_7.3+20_all.deb stable/main/binary-i386/xorg_7.3+20_i386.deb stable/main/binary-all/xutils_7.3+20_all.deb stable/main/binary-all/xlibmesa-gl-dev_7.3+20_all.deb stable/main/binary-all/x11-common_7.3+20_all.deb xorg (1:7.3+20) stable; urgency=low * Non-maintainer upload, supervised by Julien Cristau. * xserver-xorg.postinst: fix for the previous patch. Closes: #535624 stable/main/binary-sparc/xfce4-weather-plugin_0.6.2-1+lenny1_sparc.deb xfce4-weather-plugin (0.6.2-1+lenny1) stable; urgency=low * debian/patches: - 01_add-weather.com-api-key added: use the xfce4-weather-plugin API key so weather.com gives us the weather. closes: #536289 stable/main/binary-s390/xfce4-weather-plugin_0.6.2-1+lenny1_s390.deb xfce4-weather-plugin (0.6.2-1+lenny1) stable; urgency=low * debian/patches: - 01_add-weather.com-api-key added: use the xfce4-weather-plugin API key so weather.com gives us the weather. closes: #536289 stable/main/binary-powerpc/xfce4-weather-plugin_0.6.2-1+lenny1_powerpc.deb xfce4-weather-plugin (0.6.2-1+lenny1) stable; urgency=low * debian/patches: - 01_add-weather.com-api-key added: use the xfce4-weather-plugin API key so weather.com gives us the weather. closes: #536289 stable/main/binary-mipsel/xfce4-weather-plugin_0.6.2-1+lenny1_mipsel.deb xfce4-weather-plugin (0.6.2-1+lenny1) stable; urgency=low * debian/patches: - 01_add-weather.com-api-key added: use the xfce4-weather-plugin API key so weather.com gives us the weather. closes: #536289 stable/main/binary-mips/xfce4-weather-plugin_0.6.2-1+lenny1_mips.deb xfce4-weather-plugin (0.6.2-1+lenny1) stable; urgency=low * debian/patches: - 01_add-weather.com-api-key added: use the xfce4-weather-plugin API key so weather.com gives us the weather. closes: #536289 stable/main/binary-ia64/xfce4-weather-plugin_0.6.2-1+lenny1_ia64.deb xfce4-weather-plugin (0.6.2-1+lenny1) stable; urgency=low * debian/patches: - 01_add-weather.com-api-key added: use the xfce4-weather-plugin API key so weather.com gives us the weather. closes: #536289 stable/main/binary-i386/xfce4-weather-plugin_0.6.2-1+lenny1_i386.deb xfce4-weather-plugin (0.6.2-1+lenny1) stable; urgency=low * debian/patches: - 01_add-weather.com-api-key added: use the xfce4-weather-plugin API key so weather.com gives us the weather. closes: #536289 stable/main/binary-hppa/xfce4-weather-plugin_0.6.2-1+lenny1_hppa.deb xfce4-weather-plugin (0.6.2-1+lenny1) stable; urgency=low * debian/patches: - 01_add-weather.com-api-key added: use the xfce4-weather-plugin API key so weather.com gives us the weather. closes: #536289 stable/main/binary-armel/xfce4-weather-plugin_0.6.2-1+lenny1_armel.deb xfce4-weather-plugin (0.6.2-1+lenny1) stable; urgency=low * debian/patches: - 01_add-weather.com-api-key added: use the xfce4-weather-plugin API key so weather.com gives us the weather. closes: #536289 stable/main/binary-arm/xfce4-weather-plugin_0.6.2-1+lenny1_arm.deb xfce4-weather-plugin (0.6.2-1+lenny1) stable; urgency=low * debian/patches: - 01_add-weather.com-api-key added: use the xfce4-weather-plugin API key so weather.com gives us the weather. closes: #536289 stable/main/binary-alpha/xfce4-weather-plugin_0.6.2-1+lenny1_alpha.deb xfce4-weather-plugin (0.6.2-1+lenny1) stable; urgency=low * debian/patches: - 01_add-weather.com-api-key added: use the xfce4-weather-plugin API key so weather.com gives us the weather. closes: #536289 stable/main/source/xfce4-weather-plugin_0.6.2-1+lenny1.dsc stable/main/source/xfce4-weather-plugin_0.6.2-1+lenny1.diff.gz stable/main/binary-amd64/xfce4-weather-plugin_0.6.2-1+lenny1_amd64.deb xfce4-weather-plugin (0.6.2-1+lenny1) stable; urgency=low * debian/patches: - 01_add-weather.com-api-key added: use the xfce4-weather-plugin API key so weather.com gives us the weather. closes: #536289 stable/main/binary-sparc/xfce4-dict_0.4.0-2+lenny1_sparc.deb xfce4-dict (0.4.0-2+lenny1) stable-proposed-updates; urgency=low * debian/patches: - 01_fix-zombie-process added, prevent run process to become zombies. (Xfce #4615, r6101) closes: #518305 * debian/control: - add build-dep on quilt. * debian/rules: - add patch rules. stable/main/binary-s390/xfce4-dict_0.4.0-2+lenny1_s390.deb xfce4-dict (0.4.0-2+lenny1) stable-proposed-updates; urgency=low * debian/patches: - 01_fix-zombie-process added, prevent run process to become zombies. (Xfce #4615, r6101) closes: #518305 * debian/control: - add build-dep on quilt. * debian/rules: - add patch rules. stable/main/binary-powerpc/xfce4-dict_0.4.0-2+lenny1_powerpc.deb xfce4-dict (0.4.0-2+lenny1) stable-proposed-updates; urgency=low * debian/patches: - 01_fix-zombie-process added, prevent run process to become zombies. (Xfce #4615, r6101) closes: #518305 * debian/control: - add build-dep on quilt. * debian/rules: - add patch rules. stable/main/binary-mipsel/xfce4-dict_0.4.0-2+lenny1_mipsel.deb xfce4-dict (0.4.0-2+lenny1) stable-proposed-updates; urgency=low * debian/patches: - 01_fix-zombie-process added, prevent run process to become zombies. (Xfce #4615, r6101) closes: #518305 * debian/control: - add build-dep on quilt. * debian/rules: - add patch rules. stable/main/binary-mips/xfce4-dict_0.4.0-2+lenny1_mips.deb xfce4-dict (0.4.0-2+lenny1) stable-proposed-updates; urgency=low * debian/patches: - 01_fix-zombie-process added, prevent run process to become zombies. (Xfce #4615, r6101) closes: #518305 * debian/control: - add build-dep on quilt. * debian/rules: - add patch rules. stable/main/binary-ia64/xfce4-dict_0.4.0-2+lenny1_ia64.deb xfce4-dict (0.4.0-2+lenny1) stable-proposed-updates; urgency=low * debian/patches: - 01_fix-zombie-process added, prevent run process to become zombies. (Xfce #4615, r6101) closes: #518305 * debian/control: - add build-dep on quilt. * debian/rules: - add patch rules. stable/main/binary-i386/xfce4-dict_0.4.0-2+lenny1_i386.deb xfce4-dict (0.4.0-2+lenny1) stable-proposed-updates; urgency=low * debian/patches: - 01_fix-zombie-process added, prevent run process to become zombies. (Xfce #4615, r6101) closes: #518305 * debian/control: - add build-dep on quilt. * debian/rules: - add patch rules. stable/main/binary-hppa/xfce4-dict_0.4.0-2+lenny1_hppa.deb xfce4-dict (0.4.0-2+lenny1) stable-proposed-updates; urgency=low * debian/patches: - 01_fix-zombie-process added, prevent run process to become zombies. (Xfce #4615, r6101) closes: #518305 * debian/control: - add build-dep on quilt. * debian/rules: - add patch rules. stable/main/binary-armel/xfce4-dict_0.4.0-2+lenny1_armel.deb xfce4-dict (0.4.0-2+lenny1) stable-proposed-updates; urgency=low * debian/patches: - 01_fix-zombie-process added, prevent run process to become zombies. (Xfce #4615, r6101) closes: #518305 * debian/control: - add build-dep on quilt. * debian/rules: - add patch rules. stable/main/binary-arm/xfce4-dict_0.4.0-2+lenny1_arm.deb xfce4-dict (0.4.0-2+lenny1) stable-proposed-updates; urgency=low * debian/patches: - 01_fix-zombie-process added, prevent run process to become zombies. (Xfce #4615, r6101) closes: #518305 * debian/control: - add build-dep on quilt. * debian/rules: - add patch rules. stable/main/binary-alpha/xfce4-dict_0.4.0-2+lenny1_alpha.deb xfce4-dict (0.4.0-2+lenny1) stable-proposed-updates; urgency=low * debian/patches: - 01_fix-zombie-process added, prevent run process to become zombies. (Xfce #4615, r6101) closes: #518305 * debian/control: - add build-dep on quilt. * debian/rules: - add patch rules. stable/main/binary-all/xfce4-dict-plugin_0.4.0-2+lenny1_all.deb stable/main/source/xfce4-dict_0.4.0-2+lenny1.diff.gz stable/main/binary-amd64/xfce4-dict_0.4.0-2+lenny1_amd64.deb stable/main/source/xfce4-dict_0.4.0-2+lenny1.dsc xfce4-dict (0.4.0-2+lenny1) stable-proposed-updates; urgency=low * debian/patches: - 01_fix-zombie-process added, prevent run process to become zombies. (Xfce #4615, r6101) closes: #518305 * debian/control: - add build-dep on quilt. * debian/rules: - add patch rules. stable/main/binary-sparc/xcftools_1.0.4-1+lenny1_sparc.deb xcftools (1.0.4-1+lenny1) stable; urgency=high * QA upload. * Fix "'xcf2pnm -C ... layer' crashes on some valid XCF files", thanks Henning Makholm (upstream) (Closes: #533361, CVE-2009-2175) stable/main/binary-s390/xcftools_1.0.4-1+lenny1_s390.deb xcftools (1.0.4-1+lenny1) stable; urgency=high * QA upload. * Fix "'xcf2pnm -C ... layer' crashes on some valid XCF files", thanks Henning Makholm (upstream) (Closes: #533361, CVE-2009-2175) stable/main/binary-powerpc/xcftools_1.0.4-1+lenny1_powerpc.deb xcftools (1.0.4-1+lenny1) stable; urgency=high * QA upload. * Fix "'xcf2pnm -C ... layer' crashes on some valid XCF files", thanks Henning Makholm (upstream) (Closes: #533361, CVE-2009-2175) stable/main/binary-mipsel/xcftools_1.0.4-1+lenny1_mipsel.deb xcftools (1.0.4-1+lenny1) stable; urgency=high * QA upload. * Fix "'xcf2pnm -C ... layer' crashes on some valid XCF files", thanks Henning Makholm (upstream) (Closes: #533361, CVE-2009-2175) stable/main/binary-mips/xcftools_1.0.4-1+lenny1_mips.deb xcftools (1.0.4-1+lenny1) stable; urgency=high * QA upload. * Fix "'xcf2pnm -C ... layer' crashes on some valid XCF files", thanks Henning Makholm (upstream) (Closes: #533361, CVE-2009-2175) stable/main/binary-ia64/xcftools_1.0.4-1+lenny1_ia64.deb xcftools (1.0.4-1+lenny1) stable; urgency=high * QA upload. * Fix "'xcf2pnm -C ... layer' crashes on some valid XCF files", thanks Henning Makholm (upstream) (Closes: #533361, CVE-2009-2175) stable/main/binary-i386/xcftools_1.0.4-1+lenny1_i386.deb xcftools (1.0.4-1+lenny1) stable; urgency=high * QA upload. * Fix "'xcf2pnm -C ... layer' crashes on some valid XCF files", thanks Henning Makholm (upstream) (Closes: #533361, CVE-2009-2175) stable/main/binary-hppa/xcftools_1.0.4-1+lenny1_hppa.deb xcftools (1.0.4-1+lenny1) stable; urgency=high * QA upload. * Fix "'xcf2pnm -C ... layer' crashes on some valid XCF files", thanks Henning Makholm (upstream) (Closes: #533361, CVE-2009-2175) stable/main/binary-armel/xcftools_1.0.4-1+lenny1_armel.deb xcftools (1.0.4-1+lenny1) stable; urgency=high * QA upload. * Fix "'xcf2pnm -C ... layer' crashes on some valid XCF files", thanks Henning Makholm (upstream) (Closes: #533361, CVE-2009-2175) stable/main/binary-arm/xcftools_1.0.4-1+lenny1_arm.deb xcftools (1.0.4-1+lenny1) stable; urgency=high * QA upload. * Fix "'xcf2pnm -C ... layer' crashes on some valid XCF files", thanks Henning Makholm (upstream) (Closes: #533361, CVE-2009-2175) stable/main/binary-alpha/xcftools_1.0.4-1+lenny1_alpha.deb xcftools (1.0.4-1+lenny1) stable; urgency=high * QA upload. * Fix "'xcf2pnm -C ... layer' crashes on some valid XCF files", thanks Henning Makholm (upstream) (Closes: #533361, CVE-2009-2175) stable/main/source/xcftools_1.0.4-1+lenny1.diff.gz stable/main/source/xcftools_1.0.4-1+lenny1.dsc stable/main/binary-amd64/xcftools_1.0.4-1+lenny1_amd64.deb xcftools (1.0.4-1+lenny1) stable; urgency=high * QA upload. * Fix "'xcf2pnm -C ... layer' crashes on some valid XCF files", thanks Henning Makholm (upstream) (Closes: #533361, CVE-2009-2175) stable/main/source/wordpress_2.5.1-11+lenny2.dsc stable/main/binary-all/wordpress_2.5.1-11+lenny2_all.deb stable/main/source/wordpress_2.5.1-11+lenny2.diff.gz wordpress (2.5.1-11+lenny2) stable; urgency=low * [1dd14e6] Fixed a bug in the password reset procedure, users are now able to reset their passwords (Closes: #519798) stable/main/binary-amd64/user-mode-linux_2.6.26-1um-2+19_amd64.deb user-mode-linux (2.6.26-1um-2+19) stable; urgency=high * Rebuild against linux-source-2.6.26 (2.6.26-18) stable/main/source/user-mode-linux_2.6.26-1um-2+19.dsc stable/main/source/user-mode-linux_2.6.26-1um-2+19.diff.gz stable/main/binary-i386/user-mode-linux_2.6.26-1um-2+19_i386.deb user-mode-linux (2.6.26-1um-2+19) stable; urgency=high * Rebuild against linux-source-2.6.26 (2.6.26-18) stable/main/binary-sparc/libvolume-id0_0.125-7+lenny3_sparc.deb stable/main/binary-sparc/udev_0.125-7+lenny3_sparc.deb stable/main/binary-sparc/libvolume-id-dev_0.125-7+lenny3_sparc.deb stable/main/binary-sparc/udev-udeb_0.125-7+lenny3_sparc.udeb udev (0.125-7+lenny3) stable; urgency=high * Stable update: backported many fixes and rules updates from unstable. * Run modprobe scsi_wait_scan in the initramfs before udevadm settle. * Support kernel-specific firmware directories. (Closes: #504928) * /etc/modprobe.d/blacklist: added hpwdt, it8712f_wdt, iTCO_wdt, pc87413_wdt, sbc7240_wdt, sbc_epx_c3, smsc37b787_wdt, w83697hf_wdt. (Closes: #504107) * Set all devices created in d-i to mode 666. (Closes: #517389) * postinst: do not try to start the daemon when run by debootstrap --second-stage because start-stop-daemon is not functional. (Closes: 520742) * postinst: do not use /proc/sys/kernel/hotplug to allow installation (disabled) in OpenVZ VEs. * postinst: restart rsyslogd too on the first install. * Added patch fix-path_id-bashism. (Closes: #530213) * Added patch cdrom_id_fix: improve support for some broken fake drives. * Added patch bp_rules_generators: backported some fixes related to persistent rules. * udev.rules: added block/MAJ:MIN and char/MAJ:MIN links. * udev.rules: create the rtc link only for rtc_cmos devices. * udev.rules, permissions.rules: added uat and ucma group rdma. * udev.rules: make sr* the device names and scd* the compatibility links. * permissions.rules: added mISDNtimer group dialout. (Closes: #521845) * permissions.rules: correctly ignore the removable flag for aacraid devices. (Closes: #462655) * permissions.rules: added pmu group video. * permissions.rules: added mwave, hvc* and hvsi* group dialout. * permissions.rules: added cpu[0-9]* mode 444. * permissions.rules: added rfkill mode 644. * persistent-input.rules: exclude digitizers from the joystick class. * persistent-storage.rules: fixed matching of cciss non-partition devices. (Closes: #523019) * persistent-storage.rules: ignore mtd[0-9]* and mtdblock[0-9]* devices. * persistent-storage.rules: ignore btibm* devices. * persistent-storage.rules: do not probe optical drivers which do not have a media inserted. (Closes: #512442) * persistent-storage.rules: run edd_id on cciss devices. (Closes: #524906) * persistent-storage-tape.rules: do not add a second -nst suffix. * persistent-net-generator.rules: whitelist some MAC addresses which violate the local/global scheme. * drivers.rules: always use modprobe -b. * drivers.rules: added workaround to load the drivers for Sparc VIO devices. (Closes: #526621) stable/main/binary-s390/udev_0.125-7+lenny3_s390.deb stable/main/binary-s390/libvolume-id0_0.125-7+lenny3_s390.deb stable/main/binary-s390/udev-udeb_0.125-7+lenny3_s390.udeb stable/main/binary-s390/libvolume-id-dev_0.125-7+lenny3_s390.deb udev (0.125-7+lenny3) stable; urgency=high * Stable update: backported many fixes and rules updates from unstable. * Run modprobe scsi_wait_scan in the initramfs before udevadm settle. * Support kernel-specific firmware directories. (Closes: #504928) * /etc/modprobe.d/blacklist: added hpwdt, it8712f_wdt, iTCO_wdt, pc87413_wdt, sbc7240_wdt, sbc_epx_c3, smsc37b787_wdt, w83697hf_wdt. (Closes: #504107) * Set all devices created in d-i to mode 666. (Closes: #517389) * postinst: do not try to start the daemon when run by debootstrap --second-stage because start-stop-daemon is not functional. (Closes: 520742) * postinst: do not use /proc/sys/kernel/hotplug to allow installation (disabled) in OpenVZ VEs. * postinst: restart rsyslogd too on the first install. * Added patch fix-path_id-bashism. (Closes: #530213) * Added patch cdrom_id_fix: improve support for some broken fake drives. * Added patch bp_rules_generators: backported some fixes related to persistent rules. * udev.rules: added block/MAJ:MIN and char/MAJ:MIN links. * udev.rules: create the rtc link only for rtc_cmos devices. * udev.rules, permissions.rules: added uat and ucma group rdma. * udev.rules: make sr* the device names and scd* the compatibility links. * permissions.rules: added mISDNtimer group dialout. (Closes: #521845) * permissions.rules: correctly ignore the removable flag for aacraid devices. (Closes: #462655) * permissions.rules: added pmu group video. * permissions.rules: added mwave, hvc* and hvsi* group dialout. * permissions.rules: added cpu[0-9]* mode 444. * permissions.rules: added rfkill mode 644. * persistent-input.rules: exclude digitizers from the joystick class. * persistent-storage.rules: fixed matching of cciss non-partition devices. (Closes: #523019) * persistent-storage.rules: ignore mtd[0-9]* and mtdblock[0-9]* devices. * persistent-storage.rules: ignore btibm* devices. * persistent-storage.rules: do not probe optical drivers which do not have a media inserted. (Closes: #512442) * persistent-storage.rules: run edd_id on cciss devices. (Closes: #524906) * persistent-storage-tape.rules: do not add a second -nst suffix. * persistent-net-generator.rules: whitelist some MAC addresses which violate the local/global scheme. * drivers.rules: always use modprobe -b. * drivers.rules: added workaround to load the drivers for Sparc VIO devices. (Closes: #526621) stable/main/binary-powerpc/udev-udeb_0.125-7+lenny3_powerpc.udeb stable/main/binary-powerpc/udev_0.125-7+lenny3_powerpc.deb stable/main/binary-powerpc/libvolume-id0_0.125-7+lenny3_powerpc.deb stable/main/binary-powerpc/libvolume-id-dev_0.125-7+lenny3_powerpc.deb udev (0.125-7+lenny3) stable; urgency=high * Stable update: backported many fixes and rules updates from unstable. * Run modprobe scsi_wait_scan in the initramfs before udevadm settle. * Support kernel-specific firmware directories. (Closes: #504928) * /etc/modprobe.d/blacklist: added hpwdt, it8712f_wdt, iTCO_wdt, pc87413_wdt, sbc7240_wdt, sbc_epx_c3, smsc37b787_wdt, w83697hf_wdt. (Closes: #504107) * Set all devices created in d-i to mode 666. (Closes: #517389) * postinst: do not try to start the daemon when run by debootstrap --second-stage because start-stop-daemon is not functional. (Closes: 520742) * postinst: do not use /proc/sys/kernel/hotplug to allow installation (disabled) in OpenVZ VEs. * postinst: restart rsyslogd too on the first install. * Added patch fix-path_id-bashism. (Closes: #530213) * Added patch cdrom_id_fix: improve support for some broken fake drives. * Added patch bp_rules_generators: backported some fixes related to persistent rules. * udev.rules: added block/MAJ:MIN and char/MAJ:MIN links. * udev.rules: create the rtc link only for rtc_cmos devices. * udev.rules, permissions.rules: added uat and ucma group rdma. * udev.rules: make sr* the device names and scd* the compatibility links. * permissions.rules: added mISDNtimer group dialout. (Closes: #521845) * permissions.rules: correctly ignore the removable flag for aacraid devices. (Closes: #462655) * permissions.rules: added pmu group video. * permissions.rules: added mwave, hvc* and hvsi* group dialout. * permissions.rules: added cpu[0-9]* mode 444. * permissions.rules: added rfkill mode 644. * persistent-input.rules: exclude digitizers from the joystick class. * persistent-storage.rules: fixed matching of cciss non-partition devices. (Closes: #523019) * persistent-storage.rules: ignore mtd[0-9]* and mtdblock[0-9]* devices. * persistent-storage.rules: ignore btibm* devices. * persistent-storage.rules: do not probe optical drivers which do not have a media inserted. (Closes: #512442) * persistent-storage.rules: run edd_id on cciss devices. (Closes: #524906) * persistent-storage-tape.rules: do not add a second -nst suffix. * persistent-net-generator.rules: whitelist some MAC addresses which violate the local/global scheme. * drivers.rules: always use modprobe -b. * drivers.rules: added workaround to load the drivers for Sparc VIO devices. (Closes: #526621) stable/main/binary-mipsel/udev_0.125-7+lenny3_mipsel.deb stable/main/binary-mipsel/libvolume-id-dev_0.125-7+lenny3_mipsel.deb stable/main/binary-mipsel/udev-udeb_0.125-7+lenny3_mipsel.udeb stable/main/binary-mipsel/libvolume-id0_0.125-7+lenny3_mipsel.deb udev (0.125-7+lenny3) stable; urgency=high * Stable update: backported many fixes and rules updates from unstable. * Run modprobe scsi_wait_scan in the initramfs before udevadm settle. * Support kernel-specific firmware directories. (Closes: #504928) * /etc/modprobe.d/blacklist: added hpwdt, it8712f_wdt, iTCO_wdt, pc87413_wdt, sbc7240_wdt, sbc_epx_c3, smsc37b787_wdt, w83697hf_wdt. (Closes: #504107) * Set all devices created in d-i to mode 666. (Closes: #517389) * postinst: do not try to start the daemon when run by debootstrap --second-stage because start-stop-daemon is not functional. (Closes: 520742) * postinst: do not use /proc/sys/kernel/hotplug to allow installation (disabled) in OpenVZ VEs. * postinst: restart rsyslogd too on the first install. * Added patch fix-path_id-bashism. (Closes: #530213) * Added patch cdrom_id_fix: improve support for some broken fake drives. * Added patch bp_rules_generators: backported some fixes related to persistent rules. * udev.rules: added block/MAJ:MIN and char/MAJ:MIN links. * udev.rules: create the rtc link only for rtc_cmos devices. * udev.rules, permissions.rules: added uat and ucma group rdma. * udev.rules: make sr* the device names and scd* the compatibility links. * permissions.rules: added mISDNtimer group dialout. (Closes: #521845) * permissions.rules: correctly ignore the removable flag for aacraid devices. (Closes: #462655) * permissions.rules: added pmu group video. * permissions.rules: added mwave, hvc* and hvsi* group dialout. * permissions.rules: added cpu[0-9]* mode 444. * permissions.rules: added rfkill mode 644. * persistent-input.rules: exclude digitizers from the joystick class. * persistent-storage.rules: fixed matching of cciss non-partition devices. (Closes: #523019) * persistent-storage.rules: ignore mtd[0-9]* and mtdblock[0-9]* devices. * persistent-storage.rules: ignore btibm* devices. * persistent-storage.rules: do not probe optical drivers which do not have a media inserted. (Closes: #512442) * persistent-storage.rules: run edd_id on cciss devices. (Closes: #524906) * persistent-storage-tape.rules: do not add a second -nst suffix. * persistent-net-generator.rules: whitelist some MAC addresses which violate the local/global scheme. * drivers.rules: always use modprobe -b. * drivers.rules: added workaround to load the drivers for Sparc VIO devices. (Closes: #526621) stable/main/binary-mips/libvolume-id0_0.125-7+lenny3_mips.deb stable/main/binary-mips/udev_0.125-7+lenny3_mips.deb stable/main/binary-mips/udev-udeb_0.125-7+lenny3_mips.udeb stable/main/binary-mips/libvolume-id-dev_0.125-7+lenny3_mips.deb udev (0.125-7+lenny3) stable; urgency=high * Stable update: backported many fixes and rules updates from unstable. * Run modprobe scsi_wait_scan in the initramfs before udevadm settle. * Support kernel-specific firmware directories. (Closes: #504928) * /etc/modprobe.d/blacklist: added hpwdt, it8712f_wdt, iTCO_wdt, pc87413_wdt, sbc7240_wdt, sbc_epx_c3, smsc37b787_wdt, w83697hf_wdt. (Closes: #504107) * Set all devices created in d-i to mode 666. (Closes: #517389) * postinst: do not try to start the daemon when run by debootstrap --second-stage because start-stop-daemon is not functional. (Closes: 520742) * postinst: do not use /proc/sys/kernel/hotplug to allow installation (disabled) in OpenVZ VEs. * postinst: restart rsyslogd too on the first install. * Added patch fix-path_id-bashism. (Closes: #530213) * Added patch cdrom_id_fix: improve support for some broken fake drives. * Added patch bp_rules_generators: backported some fixes related to persistent rules. * udev.rules: added block/MAJ:MIN and char/MAJ:MIN links. * udev.rules: create the rtc link only for rtc_cmos devices. * udev.rules, permissions.rules: added uat and ucma group rdma. * udev.rules: make sr* the device names and scd* the compatibility links. * permissions.rules: added mISDNtimer group dialout. (Closes: #521845) * permissions.rules: correctly ignore the removable flag for aacraid devices. (Closes: #462655) * permissions.rules: added pmu group video. * permissions.rules: added mwave, hvc* and hvsi* group dialout. * permissions.rules: added cpu[0-9]* mode 444. * permissions.rules: added rfkill mode 644. * persistent-input.rules: exclude digitizers from the joystick class. * persistent-storage.rules: fixed matching of cciss non-partition devices. (Closes: #523019) * persistent-storage.rules: ignore mtd[0-9]* and mtdblock[0-9]* devices. * persistent-storage.rules: ignore btibm* devices. * persistent-storage.rules: do not probe optical drivers which do not have a media inserted. (Closes: #512442) * persistent-storage.rules: run edd_id on cciss devices. (Closes: #524906) * persistent-storage-tape.rules: do not add a second -nst suffix. * persistent-net-generator.rules: whitelist some MAC addresses which violate the local/global scheme. * drivers.rules: always use modprobe -b. * drivers.rules: added workaround to load the drivers for Sparc VIO devices. (Closes: #526621) stable/main/binary-ia64/udev-udeb_0.125-7+lenny3_ia64.udeb stable/main/binary-ia64/libvolume-id-dev_0.125-7+lenny3_ia64.deb stable/main/binary-ia64/udev_0.125-7+lenny3_ia64.deb stable/main/binary-ia64/libvolume-id0_0.125-7+lenny3_ia64.deb udev (0.125-7+lenny3) stable; urgency=high * Stable update: backported many fixes and rules updates from unstable. * Run modprobe scsi_wait_scan in the initramfs before udevadm settle. * Support kernel-specific firmware directories. (Closes: #504928) * /etc/modprobe.d/blacklist: added hpwdt, it8712f_wdt, iTCO_wdt, pc87413_wdt, sbc7240_wdt, sbc_epx_c3, smsc37b787_wdt, w83697hf_wdt. (Closes: #504107) * Set all devices created in d-i to mode 666. (Closes: #517389) * postinst: do not try to start the daemon when run by debootstrap --second-stage because start-stop-daemon is not functional. (Closes: 520742) * postinst: do not use /proc/sys/kernel/hotplug to allow installation (disabled) in OpenVZ VEs. * postinst: restart rsyslogd too on the first install. * Added patch fix-path_id-bashism. (Closes: #530213) * Added patch cdrom_id_fix: improve support for some broken fake drives. * Added patch bp_rules_generators: backported some fixes related to persistent rules. * udev.rules: added block/MAJ:MIN and char/MAJ:MIN links. * udev.rules: create the rtc link only for rtc_cmos devices. * udev.rules, permissions.rules: added uat and ucma group rdma. * udev.rules: make sr* the device names and scd* the compatibility links. * permissions.rules: added mISDNtimer group dialout. (Closes: #521845) * permissions.rules: correctly ignore the removable flag for aacraid devices. (Closes: #462655) * permissions.rules: added pmu group video. * permissions.rules: added mwave, hvc* and hvsi* group dialout. * permissions.rules: added cpu[0-9]* mode 444. * permissions.rules: added rfkill mode 644. * persistent-input.rules: exclude digitizers from the joystick class. * persistent-storage.rules: fixed matching of cciss non-partition devices. (Closes: #523019) * persistent-storage.rules: ignore mtd[0-9]* and mtdblock[0-9]* devices. * persistent-storage.rules: ignore btibm* devices. * persistent-storage.rules: do not probe optical drivers which do not have a media inserted. (Closes: #512442) * persistent-storage.rules: run edd_id on cciss devices. (Closes: #524906) * persistent-storage-tape.rules: do not add a second -nst suffix. * persistent-net-generator.rules: whitelist some MAC addresses which violate the local/global scheme. * drivers.rules: always use modprobe -b. * drivers.rules: added workaround to load the drivers for Sparc VIO devices. (Closes: #526621) stable/main/binary-hppa/libvolume-id0_0.125-7+lenny3_hppa.deb stable/main/binary-hppa/udev_0.125-7+lenny3_hppa.deb stable/main/binary-hppa/udev-udeb_0.125-7+lenny3_hppa.udeb stable/main/binary-hppa/libvolume-id-dev_0.125-7+lenny3_hppa.deb udev (0.125-7+lenny3) stable; urgency=high * Stable update: backported many fixes and rules updates from unstable. * Run modprobe scsi_wait_scan in the initramfs before udevadm settle. * Support kernel-specific firmware directories. (Closes: #504928) * /etc/modprobe.d/blacklist: added hpwdt, it8712f_wdt, iTCO_wdt, pc87413_wdt, sbc7240_wdt, sbc_epx_c3, smsc37b787_wdt, w83697hf_wdt. (Closes: #504107) * Set all devices created in d-i to mode 666. (Closes: #517389) * postinst: do not try to start the daemon when run by debootstrap --second-stage because start-stop-daemon is not functional. (Closes: 520742) * postinst: do not use /proc/sys/kernel/hotplug to allow installation (disabled) in OpenVZ VEs. * postinst: restart rsyslogd too on the first install. * Added patch fix-path_id-bashism. (Closes: #530213) * Added patch cdrom_id_fix: improve support for some broken fake drives. * Added patch bp_rules_generators: backported some fixes related to persistent rules. * udev.rules: added block/MAJ:MIN and char/MAJ:MIN links. * udev.rules: create the rtc link only for rtc_cmos devices. * udev.rules, permissions.rules: added uat and ucma group rdma. * udev.rules: make sr* the device names and scd* the compatibility links. * permissions.rules: added mISDNtimer group dialout. (Closes: #521845) * permissions.rules: correctly ignore the removable flag for aacraid devices. (Closes: #462655) * permissions.rules: added pmu group video. * permissions.rules: added mwave, hvc* and hvsi* group dialout. * permissions.rules: added cpu[0-9]* mode 444. * permissions.rules: added rfkill mode 644. * persistent-input.rules: exclude digitizers from the joystick class. * persistent-storage.rules: fixed matching of cciss non-partition devices. (Closes: #523019) * persistent-storage.rules: ignore mtd[0-9]* and mtdblock[0-9]* devices. * persistent-storage.rules: ignore btibm* devices. * persistent-storage.rules: do not probe optical drivers which do not have a media inserted. (Closes: #512442) * persistent-storage.rules: run edd_id on cciss devices. (Closes: #524906) * persistent-storage-tape.rules: do not add a second -nst suffix. * persistent-net-generator.rules: whitelist some MAC addresses which violate the local/global scheme. * drivers.rules: always use modprobe -b. * drivers.rules: added workaround to load the drivers for Sparc VIO devices. (Closes: #526621) stable/main/binary-armel/libvolume-id0_0.125-7+lenny3_armel.deb stable/main/binary-armel/libvolume-id-dev_0.125-7+lenny3_armel.deb stable/main/binary-armel/udev_0.125-7+lenny3_armel.deb stable/main/binary-armel/udev-udeb_0.125-7+lenny3_armel.udeb udev (0.125-7+lenny3) stable; urgency=high * Stable update: backported many fixes and rules updates from unstable. * Run modprobe scsi_wait_scan in the initramfs before udevadm settle. * Support kernel-specific firmware directories. (Closes: #504928) * /etc/modprobe.d/blacklist: added hpwdt, it8712f_wdt, iTCO_wdt, pc87413_wdt, sbc7240_wdt, sbc_epx_c3, smsc37b787_wdt, w83697hf_wdt. (Closes: #504107) * Set all devices created in d-i to mode 666. (Closes: #517389) * postinst: do not try to start the daemon when run by debootstrap --second-stage because start-stop-daemon is not functional. (Closes: 520742) * postinst: do not use /proc/sys/kernel/hotplug to allow installation (disabled) in OpenVZ VEs. * postinst: restart rsyslogd too on the first install. * Added patch fix-path_id-bashism. (Closes: #530213) * Added patch cdrom_id_fix: improve support for some broken fake drives. * Added patch bp_rules_generators: backported some fixes related to persistent rules. * udev.rules: added block/MAJ:MIN and char/MAJ:MIN links. * udev.rules: create the rtc link only for rtc_cmos devices. * udev.rules, permissions.rules: added uat and ucma group rdma. * udev.rules: make sr* the device names and scd* the compatibility links. * permissions.rules: added mISDNtimer group dialout. (Closes: #521845) * permissions.rules: correctly ignore the removable flag for aacraid devices. (Closes: #462655) * permissions.rules: added pmu group video. * permissions.rules: added mwave, hvc* and hvsi* group dialout. * permissions.rules: added cpu[0-9]* mode 444. * permissions.rules: added rfkill mode 644. * persistent-input.rules: exclude digitizers from the joystick class. * persistent-storage.rules: fixed matching of cciss non-partition devices. (Closes: #523019) * persistent-storage.rules: ignore mtd[0-9]* and mtdblock[0-9]* devices. * persistent-storage.rules: ignore btibm* devices. * persistent-storage.rules: do not probe optical drivers which do not have a media inserted. (Closes: #512442) * persistent-storage.rules: run edd_id on cciss devices. (Closes: #524906) * persistent-storage-tape.rules: do not add a second -nst suffix. * persistent-net-generator.rules: whitelist some MAC addresses which violate the local/global scheme. * drivers.rules: always use modprobe -b. * drivers.rules: added workaround to load the drivers for Sparc VIO devices. (Closes: #526621) stable/main/binary-arm/libvolume-id-dev_0.125-7+lenny3_arm.deb stable/main/binary-arm/libvolume-id0_0.125-7+lenny3_arm.deb stable/main/binary-arm/udev_0.125-7+lenny3_arm.deb stable/main/binary-arm/udev-udeb_0.125-7+lenny3_arm.udeb udev (0.125-7+lenny3) stable; urgency=high * Stable update: backported many fixes and rules updates from unstable. * Run modprobe scsi_wait_scan in the initramfs before udevadm settle. * Support kernel-specific firmware directories. (Closes: #504928) * /etc/modprobe.d/blacklist: added hpwdt, it8712f_wdt, iTCO_wdt, pc87413_wdt, sbc7240_wdt, sbc_epx_c3, smsc37b787_wdt, w83697hf_wdt. (Closes: #504107) * Set all devices created in d-i to mode 666. (Closes: #517389) * postinst: do not try to start the daemon when run by debootstrap --second-stage because start-stop-daemon is not functional. (Closes: 520742) * postinst: do not use /proc/sys/kernel/hotplug to allow installation (disabled) in OpenVZ VEs. * postinst: restart rsyslogd too on the first install. * Added patch fix-path_id-bashism. (Closes: #530213) * Added patch cdrom_id_fix: improve support for some broken fake drives. * Added patch bp_rules_generators: backported some fixes related to persistent rules. * udev.rules: added block/MAJ:MIN and char/MAJ:MIN links. * udev.rules: create the rtc link only for rtc_cmos devices. * udev.rules, permissions.rules: added uat and ucma group rdma. * udev.rules: make sr* the device names and scd* the compatibility links. * permissions.rules: added mISDNtimer group dialout. (Closes: #521845) * permissions.rules: correctly ignore the removable flag for aacraid devices. (Closes: #462655) * permissions.rules: added pmu group video. * permissions.rules: added mwave, hvc* and hvsi* group dialout. * permissions.rules: added cpu[0-9]* mode 444. * permissions.rules: added rfkill mode 644. * persistent-input.rules: exclude digitizers from the joystick class. * persistent-storage.rules: fixed matching of cciss non-partition devices. (Closes: #523019) * persistent-storage.rules: ignore mtd[0-9]* and mtdblock[0-9]* devices. * persistent-storage.rules: ignore btibm* devices. * persistent-storage.rules: do not probe optical drivers which do not have a media inserted. (Closes: #512442) * persistent-storage.rules: run edd_id on cciss devices. (Closes: #524906) * persistent-storage-tape.rules: do not add a second -nst suffix. * persistent-net-generator.rules: whitelist some MAC addresses which violate the local/global scheme. * drivers.rules: always use modprobe -b. * drivers.rules: added workaround to load the drivers for Sparc VIO devices. (Closes: #526621) stable/main/binary-amd64/libvolume-id0_0.125-7+lenny3_amd64.deb stable/main/binary-amd64/udev_0.125-7+lenny3_amd64.deb stable/main/binary-amd64/libvolume-id-dev_0.125-7+lenny3_amd64.deb stable/main/binary-amd64/udev-udeb_0.125-7+lenny3_amd64.udeb udev (0.125-7+lenny3) stable; urgency=high * Stable update: backported many fixes and rules updates from unstable. * Run modprobe scsi_wait_scan in the initramfs before udevadm settle. * Support kernel-specific firmware directories. (Closes: #504928) * /etc/modprobe.d/blacklist: added hpwdt, it8712f_wdt, iTCO_wdt, pc87413_wdt, sbc7240_wdt, sbc_epx_c3, smsc37b787_wdt, w83697hf_wdt. (Closes: #504107) * Set all devices created in d-i to mode 666. (Closes: #517389) * postinst: do not try to start the daemon when run by debootstrap --second-stage because start-stop-daemon is not functional. (Closes: 520742) * postinst: do not use /proc/sys/kernel/hotplug to allow installation (disabled) in OpenVZ VEs. * postinst: restart rsyslogd too on the first install. * Added patch fix-path_id-bashism. (Closes: #530213) * Added patch cdrom_id_fix: improve support for some broken fake drives. * Added patch bp_rules_generators: backported some fixes related to persistent rules. * udev.rules: added block/MAJ:MIN and char/MAJ:MIN links. * udev.rules: create the rtc link only for rtc_cmos devices. * udev.rules, permissions.rules: added uat and ucma group rdma. * udev.rules: make sr* the device names and scd* the compatibility links. * permissions.rules: added mISDNtimer group dialout. (Closes: #521845) * permissions.rules: correctly ignore the removable flag for aacraid devices. (Closes: #462655) * permissions.rules: added pmu group video. * permissions.rules: added mwave, hvc* and hvsi* group dialout. * permissions.rules: added cpu[0-9]* mode 444. * permissions.rules: added rfkill mode 644. * persistent-input.rules: exclude digitizers from the joystick class. * persistent-storage.rules: fixed matching of cciss non-partition devices. (Closes: #523019) * persistent-storage.rules: ignore mtd[0-9]* and mtdblock[0-9]* devices. * persistent-storage.rules: ignore btibm* devices. * persistent-storage.rules: do not probe optical drivers which do not have a media inserted. (Closes: #512442) * persistent-storage.rules: run edd_id on cciss devices. (Closes: #524906) * persistent-storage-tape.rules: do not add a second -nst suffix. * persistent-net-generator.rules: whitelist some MAC addresses which violate the local/global scheme. * drivers.rules: always use modprobe -b. * drivers.rules: added workaround to load the drivers for Sparc VIO devices. (Closes: #526621) stable/main/binary-alpha/udev-udeb_0.125-7+lenny3_alpha.udeb stable/main/binary-alpha/udev_0.125-7+lenny3_alpha.deb stable/main/binary-alpha/libvolume-id0_0.125-7+lenny3_alpha.deb stable/main/binary-alpha/libvolume-id-dev_0.125-7+lenny3_alpha.deb udev (0.125-7+lenny3) stable; urgency=high * Stable update: backported many fixes and rules updates from unstable. * Run modprobe scsi_wait_scan in the initramfs before udevadm settle. * Support kernel-specific firmware directories. (Closes: #504928) * /etc/modprobe.d/blacklist: added hpwdt, it8712f_wdt, iTCO_wdt, pc87413_wdt, sbc7240_wdt, sbc_epx_c3, smsc37b787_wdt, w83697hf_wdt. (Closes: #504107) * Set all devices created in d-i to mode 666. (Closes: #517389) * postinst: do not try to start the daemon when run by debootstrap --second-stage because start-stop-daemon is not functional. (Closes: 520742) * postinst: do not use /proc/sys/kernel/hotplug to allow installation (disabled) in OpenVZ VEs. * postinst: restart rsyslogd too on the first install. * Added patch fix-path_id-bashism. (Closes: #530213) * Added patch cdrom_id_fix: improve support for some broken fake drives. * Added patch bp_rules_generators: backported some fixes related to persistent rules. * udev.rules: added block/MAJ:MIN and char/MAJ:MIN links. * udev.rules: create the rtc link only for rtc_cmos devices. * udev.rules, permissions.rules: added uat and ucma group rdma. * udev.rules: make sr* the device names and scd* the compatibility links. * permissions.rules: added mISDNtimer group dialout. (Closes: #521845) * permissions.rules: correctly ignore the removable flag for aacraid devices. (Closes: #462655) * permissions.rules: added pmu group video. * permissions.rules: added mwave, hvc* and hvsi* group dialout. * permissions.rules: added cpu[0-9]* mode 444. * permissions.rules: added rfkill mode 644. * persistent-input.rules: exclude digitizers from the joystick class. * persistent-storage.rules: fixed matching of cciss non-partition devices. (Closes: #523019) * persistent-storage.rules: ignore mtd[0-9]* and mtdblock[0-9]* devices. * persistent-storage.rules: ignore btibm* devices. * persistent-storage.rules: do not probe optical drivers which do not have a media inserted. (Closes: #512442) * persistent-storage.rules: run edd_id on cciss devices. (Closes: #524906) * persistent-storage-tape.rules: do not add a second -nst suffix. * persistent-net-generator.rules: whitelist some MAC addresses which violate the local/global scheme. * drivers.rules: always use modprobe -b. * drivers.rules: added workaround to load the drivers for Sparc VIO devices. (Closes: #526621) stable/main/binary-i386/libvolume-id-dev_0.125-7+lenny3_i386.deb stable/main/binary-i386/udev_0.125-7+lenny3_i386.deb stable/main/binary-i386/libvolume-id0_0.125-7+lenny3_i386.deb stable/main/binary-i386/udev-udeb_0.125-7+lenny3_i386.udeb stable/main/source/udev_0.125-7+lenny3.dsc stable/main/source/udev_0.125-7+lenny3.diff.gz udev (0.125-7+lenny3) stable; urgency=high * Stable update: backported many fixes and rules updates from unstable. * Run modprobe scsi_wait_scan in the initramfs before udevadm settle. * Support kernel-specific firmware directories. (Closes: #504928) * /etc/modprobe.d/blacklist: added hpwdt, it8712f_wdt, iTCO_wdt, pc87413_wdt, sbc7240_wdt, sbc_epx_c3, smsc37b787_wdt, w83697hf_wdt. (Closes: #504107) * Set all devices created in d-i to mode 666. (Closes: #517389) * postinst: do not try to start the daemon when run by debootstrap --second-stage because start-stop-daemon is not functional. (Closes: 520742) * postinst: do not use /proc/sys/kernel/hotplug to allow installation (disabled) in OpenVZ VEs. * postinst: restart rsyslogd too on the first install. * Added patch fix-path_id-bashism. (Closes: #530213) * Added patch cdrom_id_fix: improve support for some broken fake drives. * Added patch bp_rules_generators: backported some fixes related to persistent rules. * udev.rules: added block/MAJ:MIN and char/MAJ:MIN links. * udev.rules: create the rtc link only for rtc_cmos devices. * udev.rules, permissions.rules: added uat and ucma group rdma. * udev.rules: make sr* the device names and scd* the compatibility links. * permissions.rules: added mISDNtimer group dialout. (Closes: #521845) * permissions.rules: correctly ignore the removable flag for aacraid devices. (Closes: #462655) * permissions.rules: added pmu group video. * permissions.rules: added mwave, hvc* and hvsi* group dialout. * permissions.rules: added cpu[0-9]* mode 444. * permissions.rules: added rfkill mode 644. * persistent-input.rules: exclude digitizers from the joystick class. * persistent-storage.rules: fixed matching of cciss non-partition devices. (Closes: #523019) * persistent-storage.rules: ignore mtd[0-9]* and mtdblock[0-9]* devices. * persistent-storage.rules: ignore btibm* devices. * persistent-storage.rules: do not probe optical drivers which do not have a media inserted. (Closes: #512442) * persistent-storage.rules: run edd_id on cciss devices. (Closes: #524906) * persistent-storage-tape.rules: do not add a second -nst suffix. * persistent-net-generator.rules: whitelist some MAC addresses which violate the local/global scheme. * drivers.rules: always use modprobe -b. * drivers.rules: added workaround to load the drivers for Sparc VIO devices. (Closes: #526621) stable/main/binary-all/tzdata-java_2009l-0lenny1_all.deb stable/main/source/tzdata_2009l-0lenny1.diff.gz stable/main/binary-all/tzdata_2009l-0lenny1_all.deb stable/main/source/tzdata_2009l-0lenny1.dsc tzdata (2009l-0lenny1) stable; urgency=low * New upstream release. - Updates Cairo DST for Ramadan. closes: #543139. * Remove Katmandu from all debconf templates. stable/main/binary-sparc/transmission-cli_1.22-1+lenny1_sparc.deb stable/main/binary-sparc/transmission-gtk_1.22-1+lenny1_sparc.deb transmission (1.22-1+lenny1) stable-proposed-updates; urgency=low * debian/patches: - remove_spurious_slash.patch (closes: #533609) - cli_handle_lacking_announce_url.patch (closes: #533628) * debian/{control,rules}: add quilt build-deps and rules hooks * debian/control: add real alternatives to build-deps on the meta libcurl-dev stable/main/binary-s390/transmission-gtk_1.22-1+lenny1_s390.deb stable/main/binary-s390/transmission-cli_1.22-1+lenny1_s390.deb transmission (1.22-1+lenny1) stable-proposed-updates; urgency=low * debian/patches: - remove_spurious_slash.patch (closes: #533609) - cli_handle_lacking_announce_url.patch (closes: #533628) * debian/{control,rules}: add quilt build-deps and rules hooks * debian/control: add real alternatives to build-deps on the meta libcurl-dev stable/main/binary-powerpc/transmission-cli_1.22-1+lenny1_powerpc.deb stable/main/binary-powerpc/transmission-gtk_1.22-1+lenny1_powerpc.deb transmission (1.22-1+lenny1) stable-proposed-updates; urgency=low * debian/patches: - remove_spurious_slash.patch (closes: #533609) - cli_handle_lacking_announce_url.patch (closes: #533628) * debian/{control,rules}: add quilt build-deps and rules hooks * debian/control: add real alternatives to build-deps on the meta libcurl-dev stable/main/binary-mipsel/transmission-cli_1.22-1+lenny1_mipsel.deb stable/main/binary-mipsel/transmission-gtk_1.22-1+lenny1_mipsel.deb transmission (1.22-1+lenny1) stable-proposed-updates; urgency=low * debian/patches: - remove_spurious_slash.patch (closes: #533609) - cli_handle_lacking_announce_url.patch (closes: #533628) * debian/{control,rules}: add quilt build-deps and rules hooks * debian/control: add real alternatives to build-deps on the meta libcurl-dev stable/main/binary-mips/transmission-cli_1.22-1+lenny1_mips.deb stable/main/binary-mips/transmission-gtk_1.22-1+lenny1_mips.deb transmission (1.22-1+lenny1) stable-proposed-updates; urgency=low * debian/patches: - remove_spurious_slash.patch (closes: #533609) - cli_handle_lacking_announce_url.patch (closes: #533628) * debian/{control,rules}: add quilt build-deps and rules hooks * debian/control: add real alternatives to build-deps on the meta libcurl-dev stable/main/binary-ia64/transmission-cli_1.22-1+lenny1_ia64.deb stable/main/binary-ia64/transmission-gtk_1.22-1+lenny1_ia64.deb transmission (1.22-1+lenny1) stable-proposed-updates; urgency=low * debian/patches: - remove_spurious_slash.patch (closes: #533609) - cli_handle_lacking_announce_url.patch (closes: #533628) * debian/{control,rules}: add quilt build-deps and rules hooks * debian/control: add real alternatives to build-deps on the meta libcurl-dev stable/main/binary-i386/transmission-gtk_1.22-1+lenny1_i386.deb stable/main/binary-i386/transmission-cli_1.22-1+lenny1_i386.deb transmission (1.22-1+lenny1) stable-proposed-updates; urgency=low * debian/patches: - remove_spurious_slash.patch (closes: #533609) - cli_handle_lacking_announce_url.patch (closes: #533628) * debian/{control,rules}: add quilt build-deps and rules hooks * debian/control: add real alternatives to build-deps on the meta libcurl-dev stable/main/binary-hppa/transmission-cli_1.22-1+lenny1_hppa.deb stable/main/binary-hppa/transmission-gtk_1.22-1+lenny1_hppa.deb transmission (1.22-1+lenny1) stable-proposed-updates; urgency=low * debian/patches: - remove_spurious_slash.patch (closes: #533609) - cli_handle_lacking_announce_url.patch (closes: #533628) * debian/{control,rules}: add quilt build-deps and rules hooks * debian/control: add real alternatives to build-deps on the meta libcurl-dev stable/main/binary-armel/transmission-gtk_1.22-1+lenny1_armel.deb stable/main/binary-armel/transmission-cli_1.22-1+lenny1_armel.deb transmission (1.22-1+lenny1) stable-proposed-updates; urgency=low * debian/patches: - remove_spurious_slash.patch (closes: #533609) - cli_handle_lacking_announce_url.patch (closes: #533628) * debian/{control,rules}: add quilt build-deps and rules hooks * debian/control: add real alternatives to build-deps on the meta libcurl-dev stable/main/binary-arm/transmission-gtk_1.22-1+lenny1_arm.deb stable/main/binary-arm/transmission-cli_1.22-1+lenny1_arm.deb transmission (1.22-1+lenny1) stable-proposed-updates; urgency=low * debian/patches: - remove_spurious_slash.patch (closes: #533609) - cli_handle_lacking_announce_url.patch (closes: #533628) * debian/{control,rules}: add quilt build-deps and rules hooks * debian/control: add real alternatives to build-deps on the meta libcurl-dev stable/main/binary-alpha/transmission-gtk_1.22-1+lenny1_alpha.deb stable/main/binary-alpha/transmission-cli_1.22-1+lenny1_alpha.deb transmission (1.22-1+lenny1) stable-proposed-updates; urgency=low * debian/patches: - remove_spurious_slash.patch (closes: #533609) - cli_handle_lacking_announce_url.patch (closes: #533628) * debian/{control,rules}: add quilt build-deps and rules hooks * debian/control: add real alternatives to build-deps on the meta libcurl-dev stable/main/binary-amd64/transmission-gtk_1.22-1+lenny1_amd64.deb stable/main/source/transmission_1.22-1+lenny1.diff.gz stable/main/source/transmission_1.22-1+lenny1.dsc stable/main/binary-all/transmission_1.22-1+lenny1_all.deb stable/main/binary-all/transmission-common_1.22-1+lenny1_all.deb stable/main/binary-amd64/transmission-cli_1.22-1+lenny1_amd64.deb transmission (1.22-1+lenny1) stable-proposed-updates; urgency=low * debian/patches: - remove_spurious_slash.patch (closes: #533609) - cli_handle_lacking_announce_url.patch (closes: #533628) * debian/{control,rules}: add quilt build-deps and rules hooks * debian/control: add real alternatives to build-deps on the meta libcurl-dev stable/main/binary-sparc/tor-dbg_0.2.0.35-1~lenny1_sparc.deb stable/main/binary-sparc/tor_0.2.0.35-1~lenny1_sparc.deb tor (0.2.0.35-1~lenny1) stable; urgency=low * Upload to stable in coordination with SRM (luk). * New upstream version: o security fixes: - Avoid crashing in the presence of certain malformed descriptors (CVE-2009-2425). - Fix an edge case where a malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address (CVE-2009-2426). - closes: #537148 (both issues above). o bugfixes: - Finally fix the bug where dynamic-IP relays disappear when their IP address changes. - Fix a DNS-related crash bug (apparently depending on everything but the phase of the moon). - Fix a memory leak when starting with a cache over a few days old - Hidden service clients didn't use a cached service descriptor that was older than 15 minutes, but wouldn't fetch a new one either. [More details are in the upstream changelog.] stable/main/binary-s390/tor_0.2.0.35-1~lenny1_s390.deb stable/main/binary-s390/tor-dbg_0.2.0.35-1~lenny1_s390.deb tor (0.2.0.35-1~lenny1) stable; urgency=low * Upload to stable in coordination with SRM (luk). * New upstream version: o security fixes: - Avoid crashing in the presence of certain malformed descriptors (CVE-2009-2425). - Fix an edge case where a malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address (CVE-2009-2426). - closes: #537148 (both issues above). o bugfixes: - Finally fix the bug where dynamic-IP relays disappear when their IP address changes. - Fix a DNS-related crash bug (apparently depending on everything but the phase of the moon). - Fix a memory leak when starting with a cache over a few days old - Hidden service clients didn't use a cached service descriptor that was older than 15 minutes, but wouldn't fetch a new one either. [More details are in the upstream changelog.] stable/main/binary-powerpc/tor_0.2.0.35-1~lenny1_powerpc.deb stable/main/binary-powerpc/tor-dbg_0.2.0.35-1~lenny1_powerpc.deb tor (0.2.0.35-1~lenny1) stable; urgency=low * Upload to stable in coordination with SRM (luk). * New upstream version: o security fixes: - Avoid crashing in the presence of certain malformed descriptors (CVE-2009-2425). - Fix an edge case where a malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address (CVE-2009-2426). - closes: #537148 (both issues above). o bugfixes: - Finally fix the bug where dynamic-IP relays disappear when their IP address changes. - Fix a DNS-related crash bug (apparently depending on everything but the phase of the moon). - Fix a memory leak when starting with a cache over a few days old - Hidden service clients didn't use a cached service descriptor that was older than 15 minutes, but wouldn't fetch a new one either. [More details are in the upstream changelog.] stable/main/binary-mipsel/tor_0.2.0.35-1~lenny1_mipsel.deb stable/main/binary-mipsel/tor-dbg_0.2.0.35-1~lenny1_mipsel.deb tor (0.2.0.35-1~lenny1) stable; urgency=low * Upload to stable in coordination with SRM (luk). * New upstream version: o security fixes: - Avoid crashing in the presence of certain malformed descriptors (CVE-2009-2425). - Fix an edge case where a malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address (CVE-2009-2426). - closes: #537148 (both issues above). o bugfixes: - Finally fix the bug where dynamic-IP relays disappear when their IP address changes. - Fix a DNS-related crash bug (apparently depending on everything but the phase of the moon). - Fix a memory leak when starting with a cache over a few days old - Hidden service clients didn't use a cached service descriptor that was older than 15 minutes, but wouldn't fetch a new one either. [More details are in the upstream changelog.] stable/main/binary-mips/tor_0.2.0.35-1~lenny1_mips.deb stable/main/binary-mips/tor-dbg_0.2.0.35-1~lenny1_mips.deb tor (0.2.0.35-1~lenny1) stable; urgency=low * Upload to stable in coordination with SRM (luk). * New upstream version: o security fixes: - Avoid crashing in the presence of certain malformed descriptors (CVE-2009-2425). - Fix an edge case where a malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address (CVE-2009-2426). - closes: #537148 (both issues above). o bugfixes: - Finally fix the bug where dynamic-IP relays disappear when their IP address changes. - Fix a DNS-related crash bug (apparently depending on everything but the phase of the moon). - Fix a memory leak when starting with a cache over a few days old - Hidden service clients didn't use a cached service descriptor that was older than 15 minutes, but wouldn't fetch a new one either. [More details are in the upstream changelog.] stable/main/binary-ia64/tor_0.2.0.35-1~lenny1_ia64.deb stable/main/binary-ia64/tor-dbg_0.2.0.35-1~lenny1_ia64.deb tor (0.2.0.35-1~lenny1) stable; urgency=low * Upload to stable in coordination with SRM (luk). * New upstream version: o security fixes: - Avoid crashing in the presence of certain malformed descriptors (CVE-2009-2425). - Fix an edge case where a malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address (CVE-2009-2426). - closes: #537148 (both issues above). o bugfixes: - Finally fix the bug where dynamic-IP relays disappear when their IP address changes. - Fix a DNS-related crash bug (apparently depending on everything but the phase of the moon). - Fix a memory leak when starting with a cache over a few days old - Hidden service clients didn't use a cached service descriptor that was older than 15 minutes, but wouldn't fetch a new one either. [More details are in the upstream changelog.] stable/main/binary-hppa/tor_0.2.0.35-1~lenny1_hppa.deb stable/main/binary-hppa/tor-dbg_0.2.0.35-1~lenny1_hppa.deb tor (0.2.0.35-1~lenny1) stable; urgency=low * Upload to stable in coordination with SRM (luk). * New upstream version: o security fixes: - Avoid crashing in the presence of certain malformed descriptors (CVE-2009-2425). - Fix an edge case where a malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address (CVE-2009-2426). - closes: #537148 (both issues above). o bugfixes: - Finally fix the bug where dynamic-IP relays disappear when their IP address changes. - Fix a DNS-related crash bug (apparently depending on everything but the phase of the moon). - Fix a memory leak when starting with a cache over a few days old - Hidden service clients didn't use a cached service descriptor that was older than 15 minutes, but wouldn't fetch a new one either. [More details are in the upstream changelog.] stable/main/binary-armel/tor_0.2.0.35-1~lenny1_armel.deb stable/main/binary-armel/tor-dbg_0.2.0.35-1~lenny1_armel.deb tor (0.2.0.35-1~lenny1) stable; urgency=low * Upload to stable in coordination with SRM (luk). * New upstream version: o security fixes: - Avoid crashing in the presence of certain malformed descriptors (CVE-2009-2425). - Fix an edge case where a malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address (CVE-2009-2426). - closes: #537148 (both issues above). o bugfixes: - Finally fix the bug where dynamic-IP relays disappear when their IP address changes. - Fix a DNS-related crash bug (apparently depending on everything but the phase of the moon). - Fix a memory leak when starting with a cache over a few days old - Hidden service clients didn't use a cached service descriptor that was older than 15 minutes, but wouldn't fetch a new one either. [More details are in the upstream changelog.] stable/main/binary-arm/tor-dbg_0.2.0.35-1~lenny1_arm.deb stable/main/binary-arm/tor_0.2.0.35-1~lenny1_arm.deb tor (0.2.0.35-1~lenny1) stable; urgency=low * Upload to stable in coordination with SRM (luk). * New upstream version: o security fixes: - Avoid crashing in the presence of certain malformed descriptors (CVE-2009-2425). - Fix an edge case where a malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address (CVE-2009-2426). - closes: #537148 (both issues above). o bugfixes: - Finally fix the bug where dynamic-IP relays disappear when their IP address changes. - Fix a DNS-related crash bug (apparently depending on everything but the phase of the moon). - Fix a memory leak when starting with a cache over a few days old - Hidden service clients didn't use a cached service descriptor that was older than 15 minutes, but wouldn't fetch a new one either. [More details are in the upstream changelog.] stable/main/binary-amd64/tor_0.2.0.35-1~lenny1_amd64.deb stable/main/binary-amd64/tor-dbg_0.2.0.35-1~lenny1_amd64.deb tor (0.2.0.35-1~lenny1) stable; urgency=low * Upload to stable in coordination with SRM (luk). * New upstream version: o security fixes: - Avoid crashing in the presence of certain malformed descriptors (CVE-2009-2425). - Fix an edge case where a malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address (CVE-2009-2426). - closes: #537148 (both issues above). o bugfixes: - Finally fix the bug where dynamic-IP relays disappear when their IP address changes. - Fix a DNS-related crash bug (apparently depending on everything but the phase of the moon). - Fix a memory leak when starting with a cache over a few days old - Hidden service clients didn't use a cached service descriptor that was older than 15 minutes, but wouldn't fetch a new one either. [More details are in the upstream changelog.] stable/main/binary-alpha/tor_0.2.0.35-1~lenny1_alpha.deb stable/main/binary-alpha/tor-dbg_0.2.0.35-1~lenny1_alpha.deb tor (0.2.0.35-1~lenny1) stable; urgency=low * Upload to stable in coordination with SRM (luk). * New upstream version: o security fixes: - Avoid crashing in the presence of certain malformed descriptors (CVE-2009-2425). - Fix an edge case where a malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address (CVE-2009-2426). - closes: #537148 (both issues above). o bugfixes: - Finally fix the bug where dynamic-IP relays disappear when their IP address changes. - Fix a DNS-related crash bug (apparently depending on everything but the phase of the moon). - Fix a memory leak when starting with a cache over a few days old - Hidden service clients didn't use a cached service descriptor that was older than 15 minutes, but wouldn't fetch a new one either. [More details are in the upstream changelog.] stable/main/binary-i386/tor-dbg_0.2.0.35-1~lenny1_i386.deb stable/main/source/tor_0.2.0.35-1~lenny1.diff.gz stable/main/source/tor_0.2.0.35-1~lenny1.dsc stable/main/binary-all/tor-geoipdb_0.2.0.35-1~lenny1_all.deb stable/main/binary-i386/tor_0.2.0.35-1~lenny1_i386.deb tor (0.2.0.35-1~lenny1) stable; urgency=low * Upload to stable in coordination with SRM (luk). * New upstream version: o security fixes: - Avoid crashing in the presence of certain malformed descriptors (CVE-2009-2425). - Fix an edge case where a malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address (CVE-2009-2426). - closes: #537148 (both issues above). o bugfixes: - Finally fix the bug where dynamic-IP relays disappear when their IP address changes. - Fix a DNS-related crash bug (apparently depending on everything but the phase of the moon). - Fix a memory leak when starting with a cache over a few days old - Hidden service clients didn't use a cached service descriptor that was older than 15 minutes, but wouldn't fetch a new one either. [More details are in the upstream changelog.] stable/main/binary-all/texlive-lang-swedish_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-tibetan_2007.dfsg.4-1+lenny1_all.deb stable/main/source/texlive-lang_2007.dfsg.4-1+lenny1.diff.gz stable/main/source/texlive-lang_2007.dfsg.4-1+lenny1.dsc stable/main/binary-all/texlive-lang-vietnamese_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-italian_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-polish_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-all_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-danish_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-german_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-african_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-other_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-greek_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-arab_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-manju_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-armenian_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-hungarian_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-portuguese_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-latin_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-finnish_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-norwegian_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-cyrillic_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-ukenglish_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-french_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-croatian_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-czechslovak_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-hebrew_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-mongolian_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-spanish_2007.dfsg.4-1+lenny1_all.deb stable/main/binary-all/texlive-lang-dutch_2007.dfsg.4-1+lenny1_all.deb texlive-lang (2007.dfsg.4-1+lenny1) stable-proposed-updates; urgency=low * add \scrollmode to cslatex.ini (Closes: #534428) stable/main/binary-all/texlive-latex-extra_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-latex-extra-doc_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-humanities_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-generic-extra_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-science-doc_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-bibtex-extra_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-fonts-extra-doc_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-humanities-doc_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-formats-extra_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-fonts-extra_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-games_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-publishers-doc_2007.dfsg.17-1~lenny02_all.deb stable/main/source/texlive-extra_2007.dfsg.17-1~lenny02.diff.gz stable/main/binary-all/texlive-publishers_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-plain-extra_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-science_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-pstricks-doc_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-latex3_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-pstricks_2007.dfsg.17-1~lenny02_all.deb stable/main/binary-all/texlive-math-extra_2007.dfsg.17-1~lenny02_all.deb stable/main/source/texlive-extra_2007.dfsg.17-1~lenny02.dsc texlive-extra (2007.dfsg.17-1~lenny02) stable-proposed-updates; urgency=low * add scrollmode to mllatex.ini (shipped in debian/texlive-formats-extra.root) (Closes: #534199) stable/main/binary-sparc/texlive-base-bin_2007.dfsg.2-4+lenny1_sparc.deb stable/main/binary-sparc/texlive-metapost-doc_2007.dfsg.2-4+lenny1_sparc.deb stable/main/binary-sparc/texlive-metapost_2007.dfsg.2-4+lenny1_sparc.deb stable/main/binary-sparc/texlive-xetex_2007.dfsg.2-4+lenny1_sparc.deb stable/main/binary-sparc/texlive-base-bin-doc_2007.dfsg.2-4+lenny1_sparc.deb stable/main/binary-sparc/texlive-font-utils_2007.dfsg.2-4+lenny1_sparc.deb stable/main/binary-sparc/texlive-lang-indic_2007.dfsg.2-4+lenny1_sparc.deb stable/main/binary-sparc/texlive-music_2007.dfsg.2-4+lenny1_sparc.deb stable/main/binary-sparc/libkpathsea4_2007.dfsg.2-4+lenny1_sparc.deb stable/main/binary-sparc/texlive-omega_2007.dfsg.2-4+lenny1_sparc.deb stable/main/binary-sparc/texlive-extra-utils_2007.dfsg.2-4+lenny1_sparc.deb stable/main/binary-sparc/libkpathsea-dev_2007.dfsg.2-4+lenny1_sparc.deb texlive-bin (2007.dfsg.2-4+lenny1) stable-proposed-updates; urgency=low * add a patch to fmtutil that make warnings not exit fmtutil non-0 exit code. This is needed to fix the 5-years is too old bug. (Closes: #531569, #531595) stable/main/binary-s390/libkpathsea4_2007.dfsg.2-4+lenny1_s390.deb stable/main/binary-s390/texlive-omega_2007.dfsg.2-4+lenny1_s390.deb stable/main/binary-s390/libkpathsea-dev_2007.dfsg.2-4+lenny1_s390.deb stable/main/binary-s390/texlive-metapost_2007.dfsg.2-4+lenny1_s390.deb stable/main/binary-s390/texlive-xetex_2007.dfsg.2-4+lenny1_s390.deb stable/main/binary-s390/texlive-base-bin_2007.dfsg.2-4+lenny1_s390.deb stable/main/binary-s390/texlive-metapost-doc_2007.dfsg.2-4+lenny1_s390.deb stable/main/binary-s390/texlive-font-utils_2007.dfsg.2-4+lenny1_s390.deb stable/main/binary-s390/texlive-lang-indic_2007.dfsg.2-4+lenny1_s390.deb stable/main/binary-s390/texlive-extra-utils_2007.dfsg.2-4+lenny1_s390.deb stable/main/binary-s390/texlive-base-bin-doc_2007.dfsg.2-4+lenny1_s390.deb stable/main/binary-s390/texlive-music_2007.dfsg.2-4+lenny1_s390.deb texlive-bin (2007.dfsg.2-4+lenny1) stable-proposed-updates; urgency=low * add a patch to fmtutil that make warnings not exit fmtutil non-0 exit code. This is needed to fix the 5-years is too old bug. (Closes: #531569, #531595) stable/main/binary-powerpc/texlive-omega_2007.dfsg.2-4+lenny1_powerpc.deb stable/main/binary-powerpc/texlive-base-bin_2007.dfsg.2-4+lenny1_powerpc.deb stable/main/binary-powerpc/texlive-xetex_2007.dfsg.2-4+lenny1_powerpc.deb stable/main/binary-powerpc/texlive-music_2007.dfsg.2-4+lenny1_powerpc.deb stable/main/binary-powerpc/texlive-metapost_2007.dfsg.2-4+lenny1_powerpc.deb stable/main/binary-powerpc/libkpathsea4_2007.dfsg.2-4+lenny1_powerpc.deb stable/main/binary-powerpc/texlive-lang-indic_2007.dfsg.2-4+lenny1_powerpc.deb stable/main/binary-powerpc/texlive-metapost-doc_2007.dfsg.2-4+lenny1_powerpc.deb stable/main/binary-powerpc/texlive-base-bin-doc_2007.dfsg.2-4+lenny1_powerpc.deb stable/main/binary-powerpc/texlive-font-utils_2007.dfsg.2-4+lenny1_powerpc.deb stable/main/binary-powerpc/libkpathsea-dev_2007.dfsg.2-4+lenny1_powerpc.deb stable/main/binary-powerpc/texlive-extra-utils_2007.dfsg.2-4+lenny1_powerpc.deb texlive-bin (2007.dfsg.2-4+lenny1) stable-proposed-updates; urgency=low * add a patch to fmtutil that make warnings not exit fmtutil non-0 exit code. This is needed to fix the 5-years is too old bug. (Closes: #531569, #531595) stable/main/binary-mipsel/texlive-base-bin-doc_2007.dfsg.2-4+lenny1_mipsel.deb stable/main/binary-mipsel/texlive-music_2007.dfsg.2-4+lenny1_mipsel.deb stable/main/binary-mipsel/texlive-metapost_2007.dfsg.2-4+lenny1_mipsel.deb stable/main/binary-mipsel/texlive-xetex_2007.dfsg.2-4+lenny1_mipsel.deb stable/main/binary-mipsel/texlive-omega_2007.dfsg.2-4+lenny1_mipsel.deb stable/main/binary-mipsel/texlive-lang-indic_2007.dfsg.2-4+lenny1_mipsel.deb stable/main/binary-mipsel/texlive-font-utils_2007.dfsg.2-4+lenny1_mipsel.deb stable/main/binary-mipsel/texlive-base-bin_2007.dfsg.2-4+lenny1_mipsel.deb stable/main/binary-mipsel/texlive-extra-utils_2007.dfsg.2-4+lenny1_mipsel.deb stable/main/binary-mipsel/texlive-metapost-doc_2007.dfsg.2-4+lenny1_mipsel.deb stable/main/binary-mipsel/libkpathsea-dev_2007.dfsg.2-4+lenny1_mipsel.deb stable/main/binary-mipsel/libkpathsea4_2007.dfsg.2-4+lenny1_mipsel.deb texlive-bin (2007.dfsg.2-4+lenny1) stable-proposed-updates; urgency=low * add a patch to fmtutil that make warnings not exit fmtutil non-0 exit code. This is needed to fix the 5-years is too old bug. (Closes: #531569, #531595) stable/main/binary-mips/texlive-base-bin-doc_2007.dfsg.2-4+lenny1_mips.deb stable/main/binary-mips/texlive-metapost-doc_2007.dfsg.2-4+lenny1_mips.deb stable/main/binary-mips/libkpathsea4_2007.dfsg.2-4+lenny1_mips.deb stable/main/binary-mips/texlive-metapost_2007.dfsg.2-4+lenny1_mips.deb stable/main/binary-mips/texlive-base-bin_2007.dfsg.2-4+lenny1_mips.deb stable/main/binary-mips/texlive-omega_2007.dfsg.2-4+lenny1_mips.deb stable/main/binary-mips/texlive-extra-utils_2007.dfsg.2-4+lenny1_mips.deb stable/main/binary-mips/libkpathsea-dev_2007.dfsg.2-4+lenny1_mips.deb stable/main/binary-mips/texlive-lang-indic_2007.dfsg.2-4+lenny1_mips.deb stable/main/binary-mips/texlive-music_2007.dfsg.2-4+lenny1_mips.deb stable/main/binary-mips/texlive-font-utils_2007.dfsg.2-4+lenny1_mips.deb stable/main/binary-mips/texlive-xetex_2007.dfsg.2-4+lenny1_mips.deb texlive-bin (2007.dfsg.2-4+lenny1) stable-proposed-updates; urgency=low * add a patch to fmtutil that make warnings not exit fmtutil non-0 exit code. This is needed to fix the 5-years is too old bug. (Closes: #531569, #531595) stable/main/binary-ia64/libkpathsea-dev_2007.dfsg.2-4+lenny1_ia64.deb stable/main/binary-ia64/texlive-extra-utils_2007.dfsg.2-4+lenny1_ia64.deb stable/main/binary-ia64/texlive-omega_2007.dfsg.2-4+lenny1_ia64.deb stable/main/binary-ia64/texlive-metapost_2007.dfsg.2-4+lenny1_ia64.deb stable/main/binary-ia64/libkpathsea4_2007.dfsg.2-4+lenny1_ia64.deb stable/main/binary-ia64/texlive-xetex_2007.dfsg.2-4+lenny1_ia64.deb stable/main/binary-ia64/texlive-metapost-doc_2007.dfsg.2-4+lenny1_ia64.deb stable/main/binary-ia64/texlive-base-bin-doc_2007.dfsg.2-4+lenny1_ia64.deb stable/main/binary-ia64/texlive-font-utils_2007.dfsg.2-4+lenny1_ia64.deb stable/main/binary-ia64/texlive-base-bin_2007.dfsg.2-4+lenny1_ia64.deb stable/main/binary-ia64/texlive-lang-indic_2007.dfsg.2-4+lenny1_ia64.deb stable/main/binary-ia64/texlive-music_2007.dfsg.2-4+lenny1_ia64.deb texlive-bin (2007.dfsg.2-4+lenny1) stable-proposed-updates; urgency=low * add a patch to fmtutil that make warnings not exit fmtutil non-0 exit code. This is needed to fix the 5-years is too old bug. (Closes: #531569, #531595) stable/main/binary-i386/libkpathsea-dev_2007.dfsg.2-4+lenny1_i386.deb stable/main/binary-i386/texlive-omega_2007.dfsg.2-4+lenny1_i386.deb stable/main/binary-i386/texlive-base-bin_2007.dfsg.2-4+lenny1_i386.deb stable/main/binary-i386/texlive-base-bin-doc_2007.dfsg.2-4+lenny1_i386.deb stable/main/binary-i386/texlive-extra-utils_2007.dfsg.2-4+lenny1_i386.deb stable/main/binary-i386/texlive-metapost-doc_2007.dfsg.2-4+lenny1_i386.deb stable/main/binary-i386/texlive-music_2007.dfsg.2-4+lenny1_i386.deb stable/main/binary-i386/texlive-xetex_2007.dfsg.2-4+lenny1_i386.deb stable/main/binary-i386/texlive-font-utils_2007.dfsg.2-4+lenny1_i386.deb stable/main/binary-i386/texlive-lang-indic_2007.dfsg.2-4+lenny1_i386.deb stable/main/binary-i386/texlive-metapost_2007.dfsg.2-4+lenny1_i386.deb stable/main/binary-i386/libkpathsea4_2007.dfsg.2-4+lenny1_i386.deb texlive-bin (2007.dfsg.2-4+lenny1) stable-proposed-updates; urgency=low * add a patch to fmtutil that make warnings not exit fmtutil non-0 exit code. This is needed to fix the 5-years is too old bug. (Closes: #531569, #531595) stable/main/binary-hppa/texlive-extra-utils_2007.dfsg.2-4+lenny1_hppa.deb stable/main/binary-hppa/texlive-omega_2007.dfsg.2-4+lenny1_hppa.deb stable/main/binary-hppa/texlive-music_2007.dfsg.2-4+lenny1_hppa.deb stable/main/binary-hppa/texlive-font-utils_2007.dfsg.2-4+lenny1_hppa.deb stable/main/binary-hppa/texlive-metapost-doc_2007.dfsg.2-4+lenny1_hppa.deb stable/main/binary-hppa/texlive-lang-indic_2007.dfsg.2-4+lenny1_hppa.deb stable/main/binary-hppa/texlive-base-bin-doc_2007.dfsg.2-4+lenny1_hppa.deb stable/main/binary-hppa/libkpathsea4_2007.dfsg.2-4+lenny1_hppa.deb stable/main/binary-hppa/libkpathsea-dev_2007.dfsg.2-4+lenny1_hppa.deb stable/main/binary-hppa/texlive-base-bin_2007.dfsg.2-4+lenny1_hppa.deb stable/main/binary-hppa/texlive-metapost_2007.dfsg.2-4+lenny1_hppa.deb stable/main/binary-hppa/texlive-xetex_2007.dfsg.2-4+lenny1_hppa.deb texlive-bin (2007.dfsg.2-4+lenny1) stable-proposed-updates; urgency=low * add a patch to fmtutil that make warnings not exit fmtutil non-0 exit code. This is needed to fix the 5-years is too old bug. (Closes: #531569, #531595) stable/main/binary-armel/libkpathsea-dev_2007.dfsg.2-4+lenny1_armel.deb stable/main/binary-armel/texlive-lang-indic_2007.dfsg.2-4+lenny1_armel.deb stable/main/binary-armel/texlive-xetex_2007.dfsg.2-4+lenny1_armel.deb stable/main/binary-armel/texlive-base-bin_2007.dfsg.2-4+lenny1_armel.deb stable/main/binary-armel/texlive-music_2007.dfsg.2-4+lenny1_armel.deb stable/main/binary-armel/texlive-font-utils_2007.dfsg.2-4+lenny1_armel.deb stable/main/binary-armel/texlive-omega_2007.dfsg.2-4+lenny1_armel.deb stable/main/binary-armel/texlive-extra-utils_2007.dfsg.2-4+lenny1_armel.deb stable/main/binary-armel/texlive-metapost-doc_2007.dfsg.2-4+lenny1_armel.deb stable/main/binary-armel/texlive-metapost_2007.dfsg.2-4+lenny1_armel.deb stable/main/binary-armel/texlive-base-bin-doc_2007.dfsg.2-4+lenny1_armel.deb stable/main/binary-armel/libkpathsea4_2007.dfsg.2-4+lenny1_armel.deb texlive-bin (2007.dfsg.2-4+lenny1) stable-proposed-updates; urgency=low * add a patch to fmtutil that make warnings not exit fmtutil non-0 exit code. This is needed to fix the 5-years is too old bug. (Closes: #531569, #531595) stable/main/binary-arm/texlive-metapost_2007.dfsg.2-4+lenny1_arm.deb stable/main/binary-arm/texlive-font-utils_2007.dfsg.2-4+lenny1_arm.deb stable/main/binary-arm/libkpathsea-dev_2007.dfsg.2-4+lenny1_arm.deb stable/main/binary-arm/texlive-extra-utils_2007.dfsg.2-4+lenny1_arm.deb stable/main/binary-arm/texlive-metapost-doc_2007.dfsg.2-4+lenny1_arm.deb stable/main/binary-arm/texlive-base-bin_2007.dfsg.2-4+lenny1_arm.deb stable/main/binary-arm/texlive-omega_2007.dfsg.2-4+lenny1_arm.deb stable/main/binary-arm/texlive-lang-indic_2007.dfsg.2-4+lenny1_arm.deb stable/main/binary-arm/texlive-music_2007.dfsg.2-4+lenny1_arm.deb stable/main/binary-arm/texlive-xetex_2007.dfsg.2-4+lenny1_arm.deb stable/main/binary-arm/libkpathsea4_2007.dfsg.2-4+lenny1_arm.deb stable/main/binary-arm/texlive-base-bin-doc_2007.dfsg.2-4+lenny1_arm.deb texlive-bin (2007.dfsg.2-4+lenny1) stable-proposed-updates; urgency=low * add a patch to fmtutil that make warnings not exit fmtutil non-0 exit code. This is needed to fix the 5-years is too old bug. (Closes: #531569, #531595) stable/main/binary-alpha/texlive-metapost_2007.dfsg.2-4+lenny1_alpha.deb stable/main/binary-alpha/libkpathsea-dev_2007.dfsg.2-4+lenny1_alpha.deb stable/main/binary-alpha/libkpathsea4_2007.dfsg.2-4+lenny1_alpha.deb stable/main/binary-alpha/texlive-lang-indic_2007.dfsg.2-4+lenny1_alpha.deb stable/main/binary-alpha/texlive-font-utils_2007.dfsg.2-4+lenny1_alpha.deb stable/main/binary-alpha/texlive-music_2007.dfsg.2-4+lenny1_alpha.deb stable/main/binary-alpha/texlive-base-bin_2007.dfsg.2-4+lenny1_alpha.deb stable/main/binary-alpha/texlive-extra-utils_2007.dfsg.2-4+lenny1_alpha.deb stable/main/binary-alpha/texlive-base-bin-doc_2007.dfsg.2-4+lenny1_alpha.deb stable/main/binary-alpha/texlive-xetex_2007.dfsg.2-4+lenny1_alpha.deb stable/main/binary-alpha/texlive-omega_2007.dfsg.2-4+lenny1_alpha.deb stable/main/binary-alpha/texlive-metapost-doc_2007.dfsg.2-4+lenny1_alpha.deb texlive-bin (2007.dfsg.2-4+lenny1) stable-proposed-updates; urgency=low * add a patch to fmtutil that make warnings not exit fmtutil non-0 exit code. This is needed to fix the 5-years is too old bug. (Closes: #531569, #531595) stable/main/binary-amd64/texlive-base-bin-doc_2007.dfsg.2-4+lenny1_amd64.deb stable/main/binary-amd64/texlive-metapost_2007.dfsg.2-4+lenny1_amd64.deb stable/main/binary-amd64/texlive-lang-indic_2007.dfsg.2-4+lenny1_amd64.deb stable/main/binary-amd64/texlive-base-bin_2007.dfsg.2-4+lenny1_amd64.deb stable/main/source/texlive-bin_2007.dfsg.2-4+lenny1.dsc stable/main/binary-amd64/texlive-omega_2007.dfsg.2-4+lenny1_amd64.deb stable/main/binary-amd64/texlive-font-utils_2007.dfsg.2-4+lenny1_amd64.deb stable/main/binary-amd64/texlive-extra-utils_2007.dfsg.2-4+lenny1_amd64.deb stable/main/binary-amd64/libkpathsea4_2007.dfsg.2-4+lenny1_amd64.deb stable/main/binary-amd64/texlive-music_2007.dfsg.2-4+lenny1_amd64.deb stable/main/binary-amd64/libkpathsea-dev_2007.dfsg.2-4+lenny1_amd64.deb stable/main/binary-amd64/texlive-xetex_2007.dfsg.2-4+lenny1_amd64.deb stable/main/source/texlive-bin_2007.dfsg.2-4+lenny1.diff.gz stable/main/binary-amd64/texlive-metapost-doc_2007.dfsg.2-4+lenny1_amd64.deb texlive-bin (2007.dfsg.2-4+lenny1) stable-proposed-updates; urgency=low * add a patch to fmtutil that make warnings not exit fmtutil non-0 exit code. This is needed to fix the 5-years is too old bug. (Closes: #531569, #531595) stable/main/binary-all/texlive_2007.dfsg.2-1~lenny2_all.deb stable/main/binary-all/texlive-base_2007.dfsg.2-1~lenny2_all.deb stable/main/binary-all/tetex-bin_2007.dfsg.2-1~lenny2_all.deb stable/main/binary-all/tetex-extra_2007.dfsg.2-1~lenny2_all.deb stable/main/binary-all/texlive-common_2007.dfsg.2-1~lenny2_all.deb stable/main/binary-all/texlive-pictures-doc_2007.dfsg.2-1~lenny2_all.deb stable/main/binary-all/texlive-latex-recommended-doc_2007.dfsg.2-1~lenny2_all.deb stable/main/binary-all/texlive-full_2007.dfsg.2-1~lenny2_all.deb stable/main/binary-all/texlive-latex-recommended_2007.dfsg.2-1~lenny2_all.deb stable/main/binary-all/tetex-base_2007.dfsg.2-1~lenny2_all.deb stable/main/binary-all/texlive-latex-base_2007.dfsg.2-1~lenny2_all.deb stable/main/source/texlive-base_2007.dfsg.2-1~lenny2.dsc stable/main/binary-all/texlive-fonts-recommended_2007.dfsg.2-1~lenny2_all.deb stable/main/binary-all/texlive-pictures_2007.dfsg.2-1~lenny2_all.deb stable/main/binary-all/texlive-generic-recommended_2007.dfsg.2-1~lenny2_all.deb stable/main/binary-all/texlive-fonts-recommended-doc_2007.dfsg.2-1~lenny2_all.deb stable/main/binary-all/texlive-latex-base-doc_2007.dfsg.2-1~lenny2_all.deb stable/main/source/texlive-base_2007.dfsg.2-1~lenny2.diff.gz texlive-base (2007.dfsg.2-1~lenny2) stable-proposed-updates; urgency=low * add scrollmode to xelatex.ini (Closes: #534427) stable/main/binary-sparc/libsvn-perl_1.5.1dfsg1-4_sparc.deb stable/main/binary-sparc/libsvn-dev_1.5.1dfsg1-4_sparc.deb stable/main/binary-sparc/python-subversion_1.5.1dfsg1-4_sparc.deb stable/main/binary-sparc/libapache2-svn_1.5.1dfsg1-4_sparc.deb stable/main/binary-sparc/libsvn-java_1.5.1dfsg1-4_sparc.deb stable/main/binary-sparc/libsvn-ruby1.8_1.5.1dfsg1-4_sparc.deb stable/main/binary-sparc/subversion_1.5.1dfsg1-4_sparc.deb stable/main/binary-sparc/libsvn1_1.5.1dfsg1-4_sparc.deb subversion (1.5.1dfsg1-4) stable-security; urgency=high * Fix CVE-2009-2411, heap overflows in svndiff stream parsing. stable/main/binary-s390/libsvn1_1.5.1dfsg1-4_s390.deb stable/main/binary-s390/libsvn-dev_1.5.1dfsg1-4_s390.deb stable/main/binary-s390/libapache2-svn_1.5.1dfsg1-4_s390.deb stable/main/binary-s390/libsvn-java_1.5.1dfsg1-4_s390.deb stable/main/binary-s390/subversion_1.5.1dfsg1-4_s390.deb stable/main/binary-s390/libsvn-perl_1.5.1dfsg1-4_s390.deb stable/main/binary-s390/python-subversion_1.5.1dfsg1-4_s390.deb stable/main/binary-s390/libsvn-ruby1.8_1.5.1dfsg1-4_s390.deb subversion (1.5.1dfsg1-4) stable-security; urgency=high * Fix CVE-2009-2411, heap overflows in svndiff stream parsing. stable/main/binary-powerpc/libsvn-java_1.5.1dfsg1-4_powerpc.deb stable/main/binary-powerpc/subversion_1.5.1dfsg1-4_powerpc.deb stable/main/binary-powerpc/libapache2-svn_1.5.1dfsg1-4_powerpc.deb stable/main/binary-powerpc/libsvn1_1.5.1dfsg1-4_powerpc.deb stable/main/binary-powerpc/python-subversion_1.5.1dfsg1-4_powerpc.deb stable/main/binary-powerpc/libsvn-ruby1.8_1.5.1dfsg1-4_powerpc.deb stable/main/binary-powerpc/libsvn-perl_1.5.1dfsg1-4_powerpc.deb stable/main/binary-powerpc/libsvn-dev_1.5.1dfsg1-4_powerpc.deb subversion (1.5.1dfsg1-4) stable-security; urgency=high * Fix CVE-2009-2411, heap overflows in svndiff stream parsing. stable/main/binary-mipsel/libsvn-perl_1.5.1dfsg1-4_mipsel.deb stable/main/binary-mipsel/libsvn1_1.5.1dfsg1-4_mipsel.deb stable/main/binary-mipsel/libapache2-svn_1.5.1dfsg1-4_mipsel.deb stable/main/binary-mipsel/subversion_1.5.1dfsg1-4_mipsel.deb stable/main/binary-mipsel/python-subversion_1.5.1dfsg1-4_mipsel.deb stable/main/binary-mipsel/libsvn-dev_1.5.1dfsg1-4_mipsel.deb stable/main/binary-mipsel/libsvn-ruby1.8_1.5.1dfsg1-4_mipsel.deb subversion (1.5.1dfsg1-4) stable-security; urgency=high * Fix CVE-2009-2411, heap overflows in svndiff stream parsing. stable/main/binary-mips/libsvn-perl_1.5.1dfsg1-4_mips.deb stable/main/binary-mips/libsvn1_1.5.1dfsg1-4_mips.deb stable/main/binary-mips/python-subversion_1.5.1dfsg1-4_mips.deb stable/main/binary-mips/subversion_1.5.1dfsg1-4_mips.deb stable/main/binary-mips/libapache2-svn_1.5.1dfsg1-4_mips.deb stable/main/binary-mips/libsvn-dev_1.5.1dfsg1-4_mips.deb stable/main/binary-mips/libsvn-ruby1.8_1.5.1dfsg1-4_mips.deb subversion (1.5.1dfsg1-4) stable-security; urgency=high * Fix CVE-2009-2411, heap overflows in svndiff stream parsing. stable/main/binary-ia64/libsvn-dev_1.5.1dfsg1-4_ia64.deb stable/main/binary-ia64/libsvn-ruby1.8_1.5.1dfsg1-4_ia64.deb stable/main/binary-ia64/libsvn1_1.5.1dfsg1-4_ia64.deb stable/main/binary-ia64/libsvn-java_1.5.1dfsg1-4_ia64.deb stable/main/binary-ia64/subversion_1.5.1dfsg1-4_ia64.deb stable/main/binary-ia64/libapache2-svn_1.5.1dfsg1-4_ia64.deb stable/main/binary-ia64/python-subversion_1.5.1dfsg1-4_ia64.deb stable/main/binary-ia64/libsvn-perl_1.5.1dfsg1-4_ia64.deb subversion (1.5.1dfsg1-4) stable-security; urgency=high * Fix CVE-2009-2411, heap overflows in svndiff stream parsing. stable/main/binary-i386/python-subversion_1.5.1dfsg1-4_i386.deb stable/main/binary-i386/subversion_1.5.1dfsg1-4_i386.deb stable/main/binary-i386/libapache2-svn_1.5.1dfsg1-4_i386.deb stable/main/binary-i386/libsvn-ruby1.8_1.5.1dfsg1-4_i386.deb stable/main/binary-i386/libsvn-java_1.5.1dfsg1-4_i386.deb stable/main/binary-i386/libsvn-dev_1.5.1dfsg1-4_i386.deb stable/main/binary-i386/libsvn1_1.5.1dfsg1-4_i386.deb stable/main/binary-i386/libsvn-perl_1.5.1dfsg1-4_i386.deb subversion (1.5.1dfsg1-4) stable-security; urgency=high * Fix CVE-2009-2411, heap overflows in svndiff stream parsing. stable/main/binary-hppa/libapache2-svn_1.5.1dfsg1-4_hppa.deb stable/main/binary-hppa/python-subversion_1.5.1dfsg1-4_hppa.deb stable/main/binary-hppa/subversion_1.5.1dfsg1-4_hppa.deb stable/main/binary-hppa/libsvn-ruby1.8_1.5.1dfsg1-4_hppa.deb stable/main/binary-hppa/libsvn1_1.5.1dfsg1-4_hppa.deb stable/main/binary-hppa/libsvn-perl_1.5.1dfsg1-4_hppa.deb stable/main/binary-hppa/libsvn-dev_1.5.1dfsg1-4_hppa.deb subversion (1.5.1dfsg1-4) stable-security; urgency=high * Fix CVE-2009-2411, heap overflows in svndiff stream parsing. stable/main/binary-armel/libapache2-svn_1.5.1dfsg1-4_armel.deb stable/main/binary-armel/subversion_1.5.1dfsg1-4_armel.deb stable/main/binary-armel/libsvn-ruby1.8_1.5.1dfsg1-4_armel.deb stable/main/binary-armel/libsvn-perl_1.5.1dfsg1-4_armel.deb stable/main/binary-armel/libsvn-dev_1.5.1dfsg1-4_armel.deb stable/main/binary-armel/libsvn-java_1.5.1dfsg1-4_armel.deb stable/main/binary-armel/python-subversion_1.5.1dfsg1-4_armel.deb stable/main/binary-armel/libsvn1_1.5.1dfsg1-4_armel.deb subversion (1.5.1dfsg1-4) stable-security; urgency=high * Fix CVE-2009-2411, heap overflows in svndiff stream parsing. stable/main/binary-arm/libapache2-svn_1.5.1dfsg1-4_arm.deb stable/main/binary-arm/libsvn-ruby1.8_1.5.1dfsg1-4_arm.deb stable/main/binary-arm/subversion_1.5.1dfsg1-4_arm.deb stable/main/binary-arm/libsvn-perl_1.5.1dfsg1-4_arm.deb stable/main/binary-arm/python-subversion_1.5.1dfsg1-4_arm.deb stable/main/binary-arm/libsvn-dev_1.5.1dfsg1-4_arm.deb stable/main/binary-arm/libsvn1_1.5.1dfsg1-4_arm.deb subversion (1.5.1dfsg1-4) stable-security; urgency=high * Fix CVE-2009-2411, heap overflows in svndiff stream parsing. stable/main/binary-alpha/libapache2-svn_1.5.1dfsg1-4_alpha.deb stable/main/binary-alpha/libsvn1_1.5.1dfsg1-4_alpha.deb stable/main/binary-alpha/python-subversion_1.5.1dfsg1-4_alpha.deb stable/main/binary-alpha/libsvn-perl_1.5.1dfsg1-4_alpha.deb stable/main/binary-alpha/subversion_1.5.1dfsg1-4_alpha.deb stable/main/binary-alpha/libsvn-ruby1.8_1.5.1dfsg1-4_alpha.deb stable/main/binary-alpha/libsvn-dev_1.5.1dfsg1-4_alpha.deb subversion (1.5.1dfsg1-4) stable-security; urgency=high * Fix CVE-2009-2411, heap overflows in svndiff stream parsing. stable/main/binary-amd64/libapache2-svn_1.5.1dfsg1-4_amd64.deb stable/main/source/subversion_1.5.1dfsg1-4.diff.gz stable/main/binary-all/libsvn-doc_1.5.1dfsg1-4_all.deb stable/main/binary-all/libsvn-ruby_1.5.1dfsg1-4_all.deb stable/main/source/subversion_1.5.1dfsg1-4.dsc stable/main/binary-all/subversion-tools_1.5.1dfsg1-4_all.deb stable/main/binary-amd64/libsvn1_1.5.1dfsg1-4_amd64.deb stable/main/binary-amd64/python-subversion_1.5.1dfsg1-4_amd64.deb stable/main/binary-amd64/libsvn-perl_1.5.1dfsg1-4_amd64.deb stable/main/binary-amd64/libsvn-dev_1.5.1dfsg1-4_amd64.deb stable/main/binary-amd64/libsvn-java_1.5.1dfsg1-4_amd64.deb stable/main/binary-amd64/subversion_1.5.1dfsg1-4_amd64.deb stable/main/binary-amd64/libsvn-ruby1.8_1.5.1dfsg1-4_amd64.deb subversion (1.5.1dfsg1-4) stable-security; urgency=high * Fix CVE-2009-2411, heap overflows in svndiff stream parsing. stable/main/binary-sparc/stardict-plugin-festival_3.0.1-4+lenny1_sparc.deb stable/main/binary-sparc/stardict-plugin-spell_3.0.1-4+lenny1_sparc.deb stable/main/binary-sparc/stardict-gtk_3.0.1-4+lenny1_sparc.deb stable/main/binary-sparc/stardict-plugin-espeak_3.0.1-4+lenny1_sparc.deb stable/main/binary-sparc/stardict-plugin-gucharmap_3.0.1-4+lenny1_sparc.deb stable/main/binary-sparc/stardict-plugin_3.0.1-4+lenny1_sparc.deb stable/main/binary-sparc/stardict-gnome_3.0.1-4+lenny1_sparc.deb stardict (3.0.1-4+lenny1) stable-proposed-updates; urgency=low * Applied 07_disable_netdict.dpatch: (Closes:#534731) CVE-2009-2260 - disable netdict by default - giving warning message * Added --disable-dictdotcn option for CVE-2009-2260 stable/main/binary-s390/stardict-gnome_3.0.1-4+lenny1_s390.deb stable/main/binary-s390/stardict-plugin-festival_3.0.1-4+lenny1_s390.deb stable/main/binary-s390/stardict-plugin-espeak_3.0.1-4+lenny1_s390.deb stable/main/binary-s390/stardict-plugin-gucharmap_3.0.1-4+lenny1_s390.deb stable/main/binary-s390/stardict-gtk_3.0.1-4+lenny1_s390.deb stable/main/binary-s390/stardict-plugin_3.0.1-4+lenny1_s390.deb stable/main/binary-s390/stardict-plugin-spell_3.0.1-4+lenny1_s390.deb stardict (3.0.1-4+lenny1) stable-proposed-updates; urgency=low * Applied 07_disable_netdict.dpatch: (Closes:#534731) CVE-2009-2260 - disable netdict by default - giving warning message * Added --disable-dictdotcn option for CVE-2009-2260 stable/main/binary-powerpc/stardict-gtk_3.0.1-4+lenny1_powerpc.deb stable/main/binary-powerpc/stardict-plugin-spell_3.0.1-4+lenny1_powerpc.deb stable/main/binary-powerpc/stardict-gnome_3.0.1-4+lenny1_powerpc.deb stable/main/binary-powerpc/stardict-plugin_3.0.1-4+lenny1_powerpc.deb stable/main/binary-powerpc/stardict-plugin-gucharmap_3.0.1-4+lenny1_powerpc.deb stable/main/binary-powerpc/stardict-plugin-festival_3.0.1-4+lenny1_powerpc.deb stable/main/binary-powerpc/stardict-plugin-espeak_3.0.1-4+lenny1_powerpc.deb stardict (3.0.1-4+lenny1) stable-proposed-updates; urgency=low * Applied 07_disable_netdict.dpatch: (Closes:#534731) CVE-2009-2260 - disable netdict by default - giving warning message * Added --disable-dictdotcn option for CVE-2009-2260 stable/main/binary-mipsel/stardict-plugin-espeak_3.0.1-4+lenny1_mipsel.deb stable/main/binary-mipsel/stardict-plugin-spell_3.0.1-4+lenny1_mipsel.deb stable/main/binary-mipsel/stardict-plugin-gucharmap_3.0.1-4+lenny1_mipsel.deb stable/main/binary-mipsel/stardict-plugin-festival_3.0.1-4+lenny1_mipsel.deb stable/main/binary-mipsel/stardict-plugin_3.0.1-4+lenny1_mipsel.deb stable/main/binary-mipsel/stardict-gnome_3.0.1-4+lenny1_mipsel.deb stable/main/binary-mipsel/stardict-gtk_3.0.1-4+lenny1_mipsel.deb stardict (3.0.1-4+lenny1) stable-proposed-updates; urgency=low * Applied 07_disable_netdict.dpatch: (Closes:#534731) CVE-2009-2260 - disable netdict by default - giving warning message * Added --disable-dictdotcn option for CVE-2009-2260 stable/main/binary-mips/stardict-gnome_3.0.1-4+lenny1_mips.deb stable/main/binary-mips/stardict-plugin-gucharmap_3.0.1-4+lenny1_mips.deb stable/main/binary-mips/stardict-plugin-festival_3.0.1-4+lenny1_mips.deb stable/main/binary-mips/stardict-plugin_3.0.1-4+lenny1_mips.deb stable/main/binary-mips/stardict-plugin-spell_3.0.1-4+lenny1_mips.deb stable/main/binary-mips/stardict-gtk_3.0.1-4+lenny1_mips.deb stable/main/binary-mips/stardict-plugin-espeak_3.0.1-4+lenny1_mips.deb stardict (3.0.1-4+lenny1) stable-proposed-updates; urgency=low * Applied 07_disable_netdict.dpatch: (Closes:#534731) CVE-2009-2260 - disable netdict by default - giving warning message * Added --disable-dictdotcn option for CVE-2009-2260 stable/main/binary-ia64/stardict-gnome_3.0.1-4+lenny1_ia64.deb stable/main/binary-ia64/stardict-plugin-espeak_3.0.1-4+lenny1_ia64.deb stable/main/binary-ia64/stardict-plugin-festival_3.0.1-4+lenny1_ia64.deb stable/main/binary-ia64/stardict-gtk_3.0.1-4+lenny1_ia64.deb stable/main/binary-ia64/stardict-plugin-spell_3.0.1-4+lenny1_ia64.deb stable/main/binary-ia64/stardict-plugin-gucharmap_3.0.1-4+lenny1_ia64.deb stable/main/binary-ia64/stardict-plugin_3.0.1-4+lenny1_ia64.deb stardict (3.0.1-4+lenny1) stable-proposed-updates; urgency=low * Applied 07_disable_netdict.dpatch: (Closes:#534731) CVE-2009-2260 - disable netdict by default - giving warning message * Added --disable-dictdotcn option for CVE-2009-2260 stable/main/binary-hppa/stardict-plugin-gucharmap_3.0.1-4+lenny1_hppa.deb stable/main/binary-hppa/stardict-plugin-espeak_3.0.1-4+lenny1_hppa.deb stable/main/binary-hppa/stardict-gnome_3.0.1-4+lenny1_hppa.deb stable/main/binary-hppa/stardict-plugin-spell_3.0.1-4+lenny1_hppa.deb stable/main/binary-hppa/stardict-gtk_3.0.1-4+lenny1_hppa.deb stable/main/binary-hppa/stardict-plugin-festival_3.0.1-4+lenny1_hppa.deb stable/main/binary-hppa/stardict-plugin_3.0.1-4+lenny1_hppa.deb stardict (3.0.1-4+lenny1) stable-proposed-updates; urgency=low * Applied 07_disable_netdict.dpatch: (Closes:#534731) CVE-2009-2260 - disable netdict by default - giving warning message * Added --disable-dictdotcn option for CVE-2009-2260 stable/main/binary-armel/stardict-plugin-gucharmap_3.0.1-4+lenny1_armel.deb stable/main/binary-armel/stardict-plugin-spell_3.0.1-4+lenny1_armel.deb stable/main/binary-armel/stardict-plugin_3.0.1-4+lenny1_armel.deb stable/main/binary-armel/stardict-plugin-espeak_3.0.1-4+lenny1_armel.deb stable/main/binary-armel/stardict-gtk_3.0.1-4+lenny1_armel.deb stable/main/binary-armel/stardict-plugin-festival_3.0.1-4+lenny1_armel.deb stable/main/binary-armel/stardict-gnome_3.0.1-4+lenny1_armel.deb stardict (3.0.1-4+lenny1) stable-proposed-updates; urgency=low * Applied 07_disable_netdict.dpatch: (Closes:#534731) CVE-2009-2260 - disable netdict by default - giving warning message * Added --disable-dictdotcn option for CVE-2009-2260 stable/main/binary-arm/stardict-plugin_3.0.1-4+lenny1_arm.deb stable/main/binary-arm/stardict-plugin-festival_3.0.1-4+lenny1_arm.deb stable/main/binary-arm/stardict-gtk_3.0.1-4+lenny1_arm.deb stable/main/binary-arm/stardict-plugin-spell_3.0.1-4+lenny1_arm.deb stable/main/binary-arm/stardict-plugin-espeak_3.0.1-4+lenny1_arm.deb stable/main/binary-arm/stardict-gnome_3.0.1-4+lenny1_arm.deb stable/main/binary-arm/stardict-plugin-gucharmap_3.0.1-4+lenny1_arm.deb stardict (3.0.1-4+lenny1) stable-proposed-updates; urgency=low * Applied 07_disable_netdict.dpatch: (Closes:#534731) CVE-2009-2260 - disable netdict by default - giving warning message * Added --disable-dictdotcn option for CVE-2009-2260 stable/main/binary-amd64/stardict-plugin-spell_3.0.1-4+lenny1_amd64.deb stable/main/binary-amd64/stardict-gnome_3.0.1-4+lenny1_amd64.deb stable/main/binary-amd64/stardict-plugin_3.0.1-4+lenny1_amd64.deb stable/main/binary-amd64/stardict-plugin-gucharmap_3.0.1-4+lenny1_amd64.deb stable/main/binary-amd64/stardict-plugin-festival_3.0.1-4+lenny1_amd64.deb stable/main/binary-amd64/stardict-gtk_3.0.1-4+lenny1_amd64.deb stable/main/binary-amd64/stardict-plugin-espeak_3.0.1-4+lenny1_amd64.deb stardict (3.0.1-4+lenny1) stable-proposed-updates; urgency=low * Applied 07_disable_netdict.dpatch: (Closes:#534731) CVE-2009-2260 - disable netdict by default - giving warning message * Added --disable-dictdotcn option for CVE-2009-2260 stable/main/binary-alpha/stardict-gnome_3.0.1-4+lenny1_alpha.deb stable/main/binary-alpha/stardict-plugin-gucharmap_3.0.1-4+lenny1_alpha.deb stable/main/binary-alpha/stardict-gtk_3.0.1-4+lenny1_alpha.deb stable/main/binary-alpha/stardict-plugin-spell_3.0.1-4+lenny1_alpha.deb stable/main/binary-alpha/stardict-plugin-espeak_3.0.1-4+lenny1_alpha.deb stable/main/binary-alpha/stardict-plugin-festival_3.0.1-4+lenny1_alpha.deb stable/main/binary-alpha/stardict-plugin_3.0.1-4+lenny1_alpha.deb stardict (3.0.1-4+lenny1) stable-proposed-updates; urgency=low * Applied 07_disable_netdict.dpatch: (Closes:#534731) CVE-2009-2260 - disable netdict by default - giving warning message * Added --disable-dictdotcn option for CVE-2009-2260 stable/main/binary-i386/stardict-gnome_3.0.1-4+lenny1_i386.deb stable/main/binary-i386/stardict-plugin-gucharmap_3.0.1-4+lenny1_i386.deb stable/main/binary-i386/stardict-gtk_3.0.1-4+lenny1_i386.deb stable/main/binary-all/stardict-common_3.0.1-4+lenny1_all.deb stable/main/source/stardict_3.0.1-4+lenny1.diff.gz stable/main/binary-i386/stardict-plugin-espeak_3.0.1-4+lenny1_i386.deb stable/main/binary-i386/stardict-plugin-spell_3.0.1-4+lenny1_i386.deb stable/main/binary-i386/stardict-plugin_3.0.1-4+lenny1_i386.deb stable/main/binary-all/stardict_3.0.1-4+lenny1_all.deb stable/main/binary-i386/stardict-plugin-festival_3.0.1-4+lenny1_i386.deb stable/main/source/stardict_3.0.1-4+lenny1.dsc stardict (3.0.1-4+lenny1) stable-proposed-updates; urgency=low * Applied 07_disable_netdict.dpatch: (Closes:#534731) CVE-2009-2260 - disable netdict by default - giving warning message * Added --disable-dictdotcn option for CVE-2009-2260 stable/main/binary-sparc/squidclient_3.0.STABLE8-3+lenny2_sparc.deb stable/main/binary-sparc/squid3_3.0.STABLE8-3+lenny2_sparc.deb stable/main/binary-sparc/squid3-cgi_3.0.STABLE8-3+lenny2_sparc.deb squid3 (3.0.STABLE8-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Update patchset for 12-SQUID-2009_2, add more debugging and also add checks for HTTP_STATUS_NONE as this could also lead to denial of service otherwise (CVE-2009-2622; CVE-2009-2621). stable/main/binary-s390/squid3_3.0.STABLE8-3+lenny2_s390.deb stable/main/binary-s390/squid3-cgi_3.0.STABLE8-3+lenny2_s390.deb stable/main/binary-s390/squidclient_3.0.STABLE8-3+lenny2_s390.deb squid3 (3.0.STABLE8-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Update patchset for 12-SQUID-2009_2, add more debugging and also add checks for HTTP_STATUS_NONE as this could also lead to denial of service otherwise (CVE-2009-2622; CVE-2009-2621). stable/main/binary-powerpc/squid3_3.0.STABLE8-3+lenny2_powerpc.deb stable/main/binary-powerpc/squid3-cgi_3.0.STABLE8-3+lenny2_powerpc.deb stable/main/binary-powerpc/squidclient_3.0.STABLE8-3+lenny2_powerpc.deb squid3 (3.0.STABLE8-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Update patchset for 12-SQUID-2009_2, add more debugging and also add checks for HTTP_STATUS_NONE as this could also lead to denial of service otherwise (CVE-2009-2622; CVE-2009-2621). stable/main/binary-mipsel/squid3_3.0.STABLE8-3+lenny2_mipsel.deb stable/main/binary-mipsel/squidclient_3.0.STABLE8-3+lenny2_mipsel.deb stable/main/binary-mipsel/squid3-cgi_3.0.STABLE8-3+lenny2_mipsel.deb squid3 (3.0.STABLE8-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Update patchset for 12-SQUID-2009_2, add more debugging and also add checks for HTTP_STATUS_NONE as this could also lead to denial of service otherwise (CVE-2009-2622; CVE-2009-2621). stable/main/binary-mips/squid3_3.0.STABLE8-3+lenny2_mips.deb stable/main/binary-mips/squid3-cgi_3.0.STABLE8-3+lenny2_mips.deb stable/main/binary-mips/squidclient_3.0.STABLE8-3+lenny2_mips.deb squid3 (3.0.STABLE8-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Update patchset for 12-SQUID-2009_2, add more debugging and also add checks for HTTP_STATUS_NONE as this could also lead to denial of service otherwise (CVE-2009-2622; CVE-2009-2621). stable/main/binary-ia64/squid3_3.0.STABLE8-3+lenny2_ia64.deb stable/main/binary-ia64/squidclient_3.0.STABLE8-3+lenny2_ia64.deb stable/main/binary-ia64/squid3-cgi_3.0.STABLE8-3+lenny2_ia64.deb squid3 (3.0.STABLE8-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Update patchset for 12-SQUID-2009_2, add more debugging and also add checks for HTTP_STATUS_NONE as this could also lead to denial of service otherwise (CVE-2009-2622; CVE-2009-2621). stable/main/binary-i386/squidclient_3.0.STABLE8-3+lenny2_i386.deb stable/main/binary-i386/squid3_3.0.STABLE8-3+lenny2_i386.deb stable/main/binary-i386/squid3-cgi_3.0.STABLE8-3+lenny2_i386.deb squid3 (3.0.STABLE8-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Update patchset for 12-SQUID-2009_2, add more debugging and also add checks for HTTP_STATUS_NONE as this could also lead to denial of service otherwise (CVE-2009-2622; CVE-2009-2621). stable/main/binary-hppa/squid3_3.0.STABLE8-3+lenny2_hppa.deb stable/main/binary-hppa/squidclient_3.0.STABLE8-3+lenny2_hppa.deb stable/main/binary-hppa/squid3-cgi_3.0.STABLE8-3+lenny2_hppa.deb squid3 (3.0.STABLE8-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Update patchset for 12-SQUID-2009_2, add more debugging and also add checks for HTTP_STATUS_NONE as this could also lead to denial of service otherwise (CVE-2009-2622; CVE-2009-2621). stable/main/binary-armel/squidclient_3.0.STABLE8-3+lenny2_armel.deb stable/main/binary-armel/squid3_3.0.STABLE8-3+lenny2_armel.deb stable/main/binary-armel/squid3-cgi_3.0.STABLE8-3+lenny2_armel.deb squid3 (3.0.STABLE8-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Update patchset for 12-SQUID-2009_2, add more debugging and also add checks for HTTP_STATUS_NONE as this could also lead to denial of service otherwise (CVE-2009-2622; CVE-2009-2621). stable/main/binary-arm/squidclient_3.0.STABLE8-3+lenny2_arm.deb stable/main/binary-arm/squid3_3.0.STABLE8-3+lenny2_arm.deb stable/main/binary-arm/squid3-cgi_3.0.STABLE8-3+lenny2_arm.deb squid3 (3.0.STABLE8-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Update patchset for 12-SQUID-2009_2, add more debugging and also add checks for HTTP_STATUS_NONE as this could also lead to denial of service otherwise (CVE-2009-2622; CVE-2009-2621). stable/main/binary-alpha/squid3_3.0.STABLE8-3+lenny2_alpha.deb stable/main/binary-alpha/squid3-cgi_3.0.STABLE8-3+lenny2_alpha.deb stable/main/binary-alpha/squidclient_3.0.STABLE8-3+lenny2_alpha.deb squid3 (3.0.STABLE8-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Update patchset for 12-SQUID-2009_2, add more debugging and also add checks for HTTP_STATUS_NONE as this could also lead to denial of service otherwise (CVE-2009-2622; CVE-2009-2621). stable/main/source/squid3_3.0.STABLE8-3+lenny2.dsc stable/main/binary-amd64/squidclient_3.0.STABLE8-3+lenny2_amd64.deb stable/main/binary-amd64/squid3-cgi_3.0.STABLE8-3+lenny2_amd64.deb stable/main/binary-all/squid3-common_3.0.STABLE8-3+lenny2_all.deb stable/main/binary-amd64/squid3_3.0.STABLE8-3+lenny2_amd64.deb stable/main/source/squid3_3.0.STABLE8-3+lenny2.diff.gz squid3 (3.0.STABLE8-3+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Update patchset for 12-SQUID-2009_2, add more debugging and also add checks for HTTP_STATUS_NONE as this could also lead to denial of service otherwise (CVE-2009-2622; CVE-2009-2621). stable/main/binary-sparc/spamc_3.2.5-2+lenny1_sparc.deb spamassassin (3.2.5-2+lenny1) stable; urgency=low * Remove open-whois.org as it is cybersquatted (Closes: #537477) * Fix numerous perl pod errors that caused warnings to be embedded in several manpages. * Fix man page formatting so as not to break whatis. * Update debian/control to list the right Maintainer value. stable/main/binary-s390/spamc_3.2.5-2+lenny1_s390.deb spamassassin (3.2.5-2+lenny1) stable; urgency=low * Remove open-whois.org as it is cybersquatted (Closes: #537477) * Fix numerous perl pod errors that caused warnings to be embedded in several manpages. * Fix man page formatting so as not to break whatis. * Update debian/control to list the right Maintainer value. stable/main/binary-powerpc/spamc_3.2.5-2+lenny1_powerpc.deb spamassassin (3.2.5-2+lenny1) stable; urgency=low * Remove open-whois.org as it is cybersquatted (Closes: #537477) * Fix numerous perl pod errors that caused warnings to be embedded in several manpages. * Fix man page formatting so as not to break whatis. * Update debian/control to list the right Maintainer value. stable/main/binary-mipsel/spamc_3.2.5-2+lenny1_mipsel.deb spamassassin (3.2.5-2+lenny1) stable; urgency=low * Remove open-whois.org as it is cybersquatted (Closes: #537477) * Fix numerous perl pod errors that caused warnings to be embedded in several manpages. * Fix man page formatting so as not to break whatis. * Update debian/control to list the right Maintainer value. stable/main/binary-mips/spamc_3.2.5-2+lenny1_mips.deb spamassassin (3.2.5-2+lenny1) stable; urgency=low * Remove open-whois.org as it is cybersquatted (Closes: #537477) * Fix numerous perl pod errors that caused warnings to be embedded in several manpages. * Fix man page formatting so as not to break whatis. * Update debian/control to list the right Maintainer value. stable/main/binary-ia64/spamc_3.2.5-2+lenny1_ia64.deb spamassassin (3.2.5-2+lenny1) stable; urgency=low * Remove open-whois.org as it is cybersquatted (Closes: #537477) * Fix numerous perl pod errors that caused warnings to be embedded in several manpages. * Fix man page formatting so as not to break whatis. * Update debian/control to list the right Maintainer value. stable/main/binary-hppa/spamc_3.2.5-2+lenny1_hppa.deb spamassassin (3.2.5-2+lenny1) stable; urgency=low * Remove open-whois.org as it is cybersquatted (Closes: #537477) * Fix numerous perl pod errors that caused warnings to be embedded in several manpages. * Fix man page formatting so as not to break whatis. * Update debian/control to list the right Maintainer value. stable/main/binary-armel/spamc_3.2.5-2+lenny1_armel.deb spamassassin (3.2.5-2+lenny1) stable; urgency=low * Remove open-whois.org as it is cybersquatted (Closes: #537477) * Fix numerous perl pod errors that caused warnings to be embedded in several manpages. * Fix man page formatting so as not to break whatis. * Update debian/control to list the right Maintainer value. stable/main/binary-arm/spamc_3.2.5-2+lenny1_arm.deb spamassassin (3.2.5-2+lenny1) stable; urgency=low * Remove open-whois.org as it is cybersquatted (Closes: #537477) * Fix numerous perl pod errors that caused warnings to be embedded in several manpages. * Fix man page formatting so as not to break whatis. * Update debian/control to list the right Maintainer value. stable/main/binary-amd64/spamc_3.2.5-2+lenny1_amd64.deb spamassassin (3.2.5-2+lenny1) stable; urgency=low * Remove open-whois.org as it is cybersquatted (Closes: #537477) * Fix numerous perl pod errors that caused warnings to be embedded in several manpages. * Fix man page formatting so as not to break whatis. * Update debian/control to list the right Maintainer value. stable/main/binary-alpha/spamc_3.2.5-2+lenny1_alpha.deb spamassassin (3.2.5-2+lenny1) stable; urgency=low * Remove open-whois.org as it is cybersquatted (Closes: #537477) * Fix numerous perl pod errors that caused warnings to be embedded in several manpages. * Fix man page formatting so as not to break whatis. * Update debian/control to list the right Maintainer value. stable/main/binary-all/spamassassin_3.2.5-2+lenny1_all.deb stable/main/source/spamassassin_3.2.5-2+lenny1.dsc stable/main/binary-i386/spamc_3.2.5-2+lenny1_i386.deb stable/main/source/spamassassin_3.2.5-2+lenny1.diff.gz spamassassin (3.2.5-2+lenny1) stable; urgency=low * Remove open-whois.org as it is cybersquatted (Closes: #537477) * Fix numerous perl pod errors that caused warnings to be embedded in several manpages. * Fix man page formatting so as not to break whatis. * Update debian/control to list the right Maintainer value. stable/main/source/sork-passwd-h3_3.0-2+lenny2.dsc stable/main/source/sork-passwd-h3_3.0-2+lenny2.diff.gz stable/main/binary-all/sork-passwd-h3_3.0-2+lenny2_all.deb sork-passwd-h3 (3.0-2+lenny2) stable-security; urgency=high * Non-maintainer upload by the security team * Fix regression introduced in main.php by last update stable/main/binary-sparc/libtcltk-ruby1.8_1.8.7.72-3lenny1_sparc.deb stable/main/binary-sparc/libruby1.8-dbg_1.8.7.72-3lenny1_sparc.deb stable/main/binary-sparc/libopenssl-ruby1.8_1.8.7.72-3lenny1_sparc.deb stable/main/binary-sparc/libreadline-ruby1.8_1.8.7.72-3lenny1_sparc.deb stable/main/binary-sparc/libruby1.8_1.8.7.72-3lenny1_sparc.deb stable/main/binary-sparc/libdbm-ruby1.8_1.8.7.72-3lenny1_sparc.deb stable/main/binary-sparc/ruby1.8-dev_1.8.7.72-3lenny1_sparc.deb stable/main/binary-sparc/ruby1.8_1.8.7.72-3lenny1_sparc.deb stable/main/binary-sparc/libgdbm-ruby1.8_1.8.7.72-3lenny1_sparc.deb ruby1.8 (1.8.7.72-3lenny1) stable-security; urgency=high * added patch: 932_CVE-2009-1904 (closes: #532689) It fixes BigDecimal DoS vulnerability (CVE-2009-1904). (backported from 1.8.7-p172 and 1.8.7-p174) * Add upstream patch to properly check return values of the OCSP_basic_verify function (CVE-2009-0642; Closes: #513528) stable/main/binary-s390/libruby1.8_1.8.7.72-3lenny1_s390.deb stable/main/binary-s390/libgdbm-ruby1.8_1.8.7.72-3lenny1_s390.deb stable/main/binary-s390/ruby1.8-dev_1.8.7.72-3lenny1_s390.deb stable/main/binary-s390/ruby1.8_1.8.7.72-3lenny1_s390.deb stable/main/binary-s390/libtcltk-ruby1.8_1.8.7.72-3lenny1_s390.deb stable/main/binary-s390/libdbm-ruby1.8_1.8.7.72-3lenny1_s390.deb stable/main/binary-s390/libreadline-ruby1.8_1.8.7.72-3lenny1_s390.deb stable/main/binary-s390/libopenssl-ruby1.8_1.8.7.72-3lenny1_s390.deb stable/main/binary-s390/libruby1.8-dbg_1.8.7.72-3lenny1_s390.deb ruby1.8 (1.8.7.72-3lenny1) stable-security; urgency=high * added patch: 932_CVE-2009-1904 (closes: #532689) It fixes BigDecimal DoS vulnerability (CVE-2009-1904). (backported from 1.8.7-p172 and 1.8.7-p174) * Add upstream patch to properly check return values of the OCSP_basic_verify function (CVE-2009-0642; Closes: #513528) stable/main/binary-powerpc/ruby1.8_1.8.7.72-3lenny1_powerpc.deb stable/main/binary-powerpc/libdbm-ruby1.8_1.8.7.72-3lenny1_powerpc.deb stable/main/binary-powerpc/libruby1.8_1.8.7.72-3lenny1_powerpc.deb stable/main/binary-powerpc/libgdbm-ruby1.8_1.8.7.72-3lenny1_powerpc.deb stable/main/binary-powerpc/libopenssl-ruby1.8_1.8.7.72-3lenny1_powerpc.deb stable/main/binary-powerpc/libruby1.8-dbg_1.8.7.72-3lenny1_powerpc.deb stable/main/binary-powerpc/ruby1.8-dev_1.8.7.72-3lenny1_powerpc.deb stable/main/binary-powerpc/libreadline-ruby1.8_1.8.7.72-3lenny1_powerpc.deb stable/main/binary-powerpc/libtcltk-ruby1.8_1.8.7.72-3lenny1_powerpc.deb ruby1.8 (1.8.7.72-3lenny1) stable-security; urgency=high * added patch: 932_CVE-2009-1904 (closes: #532689) It fixes BigDecimal DoS vulnerability (CVE-2009-1904). (backported from 1.8.7-p172 and 1.8.7-p174) * Add upstream patch to properly check return values of the OCSP_basic_verify function (CVE-2009-0642; Closes: #513528) stable/main/binary-mipsel/libruby1.8-dbg_1.8.7.72-3lenny1_mipsel.deb stable/main/binary-mipsel/libopenssl-ruby1.8_1.8.7.72-3lenny1_mipsel.deb stable/main/binary-mipsel/libreadline-ruby1.8_1.8.7.72-3lenny1_mipsel.deb stable/main/binary-mipsel/libruby1.8_1.8.7.72-3lenny1_mipsel.deb stable/main/binary-mipsel/ruby1.8-dev_1.8.7.72-3lenny1_mipsel.deb stable/main/binary-mipsel/libgdbm-ruby1.8_1.8.7.72-3lenny1_mipsel.deb stable/main/binary-mipsel/libdbm-ruby1.8_1.8.7.72-3lenny1_mipsel.deb stable/main/binary-mipsel/libtcltk-ruby1.8_1.8.7.72-3lenny1_mipsel.deb stable/main/binary-mipsel/ruby1.8_1.8.7.72-3lenny1_mipsel.deb ruby1.8 (1.8.7.72-3lenny1) stable-security; urgency=high * added patch: 932_CVE-2009-1904 (closes: #532689) It fixes BigDecimal DoS vulnerability (CVE-2009-1904). (backported from 1.8.7-p172 and 1.8.7-p174) * Add upstream patch to properly check return values of the OCSP_basic_verify function (CVE-2009-0642; Closes: #513528) stable/main/binary-mips/ruby1.8-dev_1.8.7.72-3lenny1_mips.deb stable/main/binary-mips/libdbm-ruby1.8_1.8.7.72-3lenny1_mips.deb stable/main/binary-mips/libtcltk-ruby1.8_1.8.7.72-3lenny1_mips.deb stable/main/binary-mips/libreadline-ruby1.8_1.8.7.72-3lenny1_mips.deb stable/main/binary-mips/libruby1.8_1.8.7.72-3lenny1_mips.deb stable/main/binary-mips/libruby1.8-dbg_1.8.7.72-3lenny1_mips.deb stable/main/binary-mips/libopenssl-ruby1.8_1.8.7.72-3lenny1_mips.deb stable/main/binary-mips/ruby1.8_1.8.7.72-3lenny1_mips.deb stable/main/binary-mips/libgdbm-ruby1.8_1.8.7.72-3lenny1_mips.deb ruby1.8 (1.8.7.72-3lenny1) stable-security; urgency=high * added patch: 932_CVE-2009-1904 (closes: #532689) It fixes BigDecimal DoS vulnerability (CVE-2009-1904). (backported from 1.8.7-p172 and 1.8.7-p174) * Add upstream patch to properly check return values of the OCSP_basic_verify function (CVE-2009-0642; Closes: #513528) stable/main/binary-ia64/libruby1.8_1.8.7.72-3lenny1_ia64.deb stable/main/binary-ia64/ruby1.8_1.8.7.72-3lenny1_ia64.deb stable/main/binary-ia64/libdbm-ruby1.8_1.8.7.72-3lenny1_ia64.deb stable/main/binary-ia64/libgdbm-ruby1.8_1.8.7.72-3lenny1_ia64.deb stable/main/binary-ia64/ruby1.8-dev_1.8.7.72-3lenny1_ia64.deb stable/main/binary-ia64/libtcltk-ruby1.8_1.8.7.72-3lenny1_ia64.deb stable/main/binary-ia64/libruby1.8-dbg_1.8.7.72-3lenny1_ia64.deb stable/main/binary-ia64/libopenssl-ruby1.8_1.8.7.72-3lenny1_ia64.deb stable/main/binary-ia64/libreadline-ruby1.8_1.8.7.72-3lenny1_ia64.deb ruby1.8 (1.8.7.72-3lenny1) stable-security; urgency=high * added patch: 932_CVE-2009-1904 (closes: #532689) It fixes BigDecimal DoS vulnerability (CVE-2009-1904). (backported from 1.8.7-p172 and 1.8.7-p174) * Add upstream patch to properly check return values of the OCSP_basic_verify function (CVE-2009-0642; Closes: #513528) stable/main/binary-hppa/libruby1.8-dbg_1.8.7.72-3lenny1_hppa.deb stable/main/binary-hppa/ruby1.8_1.8.7.72-3lenny1_hppa.deb stable/main/binary-hppa/libopenssl-ruby1.8_1.8.7.72-3lenny1_hppa.deb stable/main/binary-hppa/ruby1.8-dev_1.8.7.72-3lenny1_hppa.deb stable/main/binary-hppa/libgdbm-ruby1.8_1.8.7.72-3lenny1_hppa.deb stable/main/binary-hppa/libdbm-ruby1.8_1.8.7.72-3lenny1_hppa.deb stable/main/binary-hppa/libreadline-ruby1.8_1.8.7.72-3lenny1_hppa.deb stable/main/binary-hppa/libruby1.8_1.8.7.72-3lenny1_hppa.deb stable/main/binary-hppa/libtcltk-ruby1.8_1.8.7.72-3lenny1_hppa.deb ruby1.8 (1.8.7.72-3lenny1) stable-security; urgency=high * added patch: 932_CVE-2009-1904 (closes: #532689) It fixes BigDecimal DoS vulnerability (CVE-2009-1904). (backported from 1.8.7-p172 and 1.8.7-p174) * Add upstream patch to properly check return values of the OCSP_basic_verify function (CVE-2009-0642; Closes: #513528) stable/main/binary-armel/libdbm-ruby1.8_1.8.7.72-3lenny1_armel.deb stable/main/binary-armel/ruby1.8-dev_1.8.7.72-3lenny1_armel.deb stable/main/binary-armel/libruby1.8_1.8.7.72-3lenny1_armel.deb stable/main/binary-armel/libreadline-ruby1.8_1.8.7.72-3lenny1_armel.deb stable/main/binary-armel/libopenssl-ruby1.8_1.8.7.72-3lenny1_armel.deb stable/main/binary-armel/ruby1.8_1.8.7.72-3lenny1_armel.deb stable/main/binary-armel/libtcltk-ruby1.8_1.8.7.72-3lenny1_armel.deb stable/main/binary-armel/libruby1.8-dbg_1.8.7.72-3lenny1_armel.deb stable/main/binary-armel/libgdbm-ruby1.8_1.8.7.72-3lenny1_armel.deb ruby1.8 (1.8.7.72-3lenny1) stable-security; urgency=high * added patch: 932_CVE-2009-1904 (closes: #532689) It fixes BigDecimal DoS vulnerability (CVE-2009-1904). (backported from 1.8.7-p172 and 1.8.7-p174) * Add upstream patch to properly check return values of the OCSP_basic_verify function (CVE-2009-0642; Closes: #513528) stable/main/binary-arm/libdbm-ruby1.8_1.8.7.72-3lenny1_arm.deb stable/main/binary-arm/libruby1.8-dbg_1.8.7.72-3lenny1_arm.deb stable/main/binary-arm/ruby1.8-dev_1.8.7.72-3lenny1_arm.deb stable/main/binary-arm/libtcltk-ruby1.8_1.8.7.72-3lenny1_arm.deb stable/main/binary-arm/libreadline-ruby1.8_1.8.7.72-3lenny1_arm.deb stable/main/binary-arm/ruby1.8_1.8.7.72-3lenny1_arm.deb stable/main/binary-arm/libopenssl-ruby1.8_1.8.7.72-3lenny1_arm.deb stable/main/binary-arm/libruby1.8_1.8.7.72-3lenny1_arm.deb stable/main/binary-arm/libgdbm-ruby1.8_1.8.7.72-3lenny1_arm.deb ruby1.8 (1.8.7.72-3lenny1) stable-security; urgency=high * added patch: 932_CVE-2009-1904 (closes: #532689) It fixes BigDecimal DoS vulnerability (CVE-2009-1904). (backported from 1.8.7-p172 and 1.8.7-p174) * Add upstream patch to properly check return values of the OCSP_basic_verify function (CVE-2009-0642; Closes: #513528) stable/main/binary-amd64/libtcltk-ruby1.8_1.8.7.72-3lenny1_amd64.deb stable/main/binary-amd64/libruby1.8-dbg_1.8.7.72-3lenny1_amd64.deb stable/main/binary-amd64/libruby1.8_1.8.7.72-3lenny1_amd64.deb stable/main/binary-amd64/libreadline-ruby1.8_1.8.7.72-3lenny1_amd64.deb stable/main/binary-amd64/ruby1.8-dev_1.8.7.72-3lenny1_amd64.deb stable/main/binary-amd64/libdbm-ruby1.8_1.8.7.72-3lenny1_amd64.deb stable/main/binary-amd64/ruby1.8_1.8.7.72-3lenny1_amd64.deb stable/main/binary-amd64/libopenssl-ruby1.8_1.8.7.72-3lenny1_amd64.deb stable/main/binary-amd64/libgdbm-ruby1.8_1.8.7.72-3lenny1_amd64.deb ruby1.8 (1.8.7.72-3lenny1) stable-security; urgency=high * added patch: 932_CVE-2009-1904 (closes: #532689) It fixes BigDecimal DoS vulnerability (CVE-2009-1904). (backported from 1.8.7-p172 and 1.8.7-p174) * Add upstream patch to properly check return values of the OCSP_basic_verify function (CVE-2009-0642; Closes: #513528) stable/main/binary-alpha/ruby1.8-dev_1.8.7.72-3lenny1_alpha.deb stable/main/binary-alpha/libtcltk-ruby1.8_1.8.7.72-3lenny1_alpha.deb stable/main/binary-alpha/libgdbm-ruby1.8_1.8.7.72-3lenny1_alpha.deb stable/main/binary-alpha/ruby1.8_1.8.7.72-3lenny1_alpha.deb stable/main/binary-alpha/libdbm-ruby1.8_1.8.7.72-3lenny1_alpha.deb stable/main/binary-alpha/libopenssl-ruby1.8_1.8.7.72-3lenny1_alpha.deb stable/main/binary-alpha/libreadline-ruby1.8_1.8.7.72-3lenny1_alpha.deb stable/main/binary-alpha/libruby1.8_1.8.7.72-3lenny1_alpha.deb stable/main/binary-alpha/libruby1.8-dbg_1.8.7.72-3lenny1_alpha.deb ruby1.8 (1.8.7.72-3lenny1) stable-security; urgency=high * added patch: 932_CVE-2009-1904 (closes: #532689) It fixes BigDecimal DoS vulnerability (CVE-2009-1904). (backported from 1.8.7-p172 and 1.8.7-p174) * Add upstream patch to properly check return values of the OCSP_basic_verify function (CVE-2009-0642; Closes: #513528) stable/main/binary-i386/libruby1.8-dbg_1.8.7.72-3lenny1_i386.deb stable/main/binary-i386/libgdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb stable/main/binary-i386/libreadline-ruby1.8_1.8.7.72-3lenny1_i386.deb stable/main/binary-i386/libopenssl-ruby1.8_1.8.7.72-3lenny1_i386.deb stable/main/source/ruby1.8_1.8.7.72-3lenny1.diff.gz stable/main/binary-all/rdoc1.8_1.8.7.72-3lenny1_all.deb stable/main/source/ruby1.8_1.8.7.72-3lenny1.dsc stable/main/binary-i386/libtcltk-ruby1.8_1.8.7.72-3lenny1_i386.deb stable/main/binary-i386/libruby1.8_1.8.7.72-3lenny1_i386.deb stable/main/binary-i386/libdbm-ruby1.8_1.8.7.72-3lenny1_i386.deb stable/main/binary-all/irb1.8_1.8.7.72-3lenny1_all.deb stable/main/binary-all/ri1.8_1.8.7.72-3lenny1_all.deb stable/main/binary-all/ruby1.8-examples_1.8.7.72-3lenny1_all.deb stable/main/binary-i386/ruby1.8-dev_1.8.7.72-3lenny1_i386.deb stable/main/binary-i386/ruby1.8_1.8.7.72-3lenny1_i386.deb stable/main/binary-all/ruby1.8-elisp_1.8.7.72-3lenny1_all.deb ruby1.8 (1.8.7.72-3lenny1) stable-security; urgency=high * added patch: 932_CVE-2009-1904 (closes: #532689) It fixes BigDecimal DoS vulnerability (CVE-2009-1904). (backported from 1.8.7-p172 and 1.8.7-p174) * Add upstream patch to properly check return values of the OCSP_basic_verify function (CVE-2009-0642; Closes: #513528) stable/main/source/request-tracker3.6_3.6.7-5+lenny1.diff.gz stable/main/binary-all/request-tracker3.6_3.6.7-5+lenny1_all.deb stable/main/binary-all/rt3.6-db-sqlite_3.6.7-5+lenny1_all.deb stable/main/source/request-tracker3.6_3.6.7-5+lenny1.dsc stable/main/binary-all/rt3.6-apache2_3.6.7-5+lenny1_all.deb stable/main/binary-all/rt3.6-db-mysql_3.6.7-5+lenny1_all.deb stable/main/binary-all/rt3.6-db-postgresql_3.6.7-5+lenny1_all.deb stable/main/binary-all/rt3.6-clients_3.6.7-5+lenny1_all.deb request-tracker3.6 (3.6.7-5+lenny1) stable; urgency=low * Security fix: only allow SuperUsers to edit global RT at a Glance (Closes: #532990) stable/main/source/python-support_0.8.4lenny1.tar.gz stable/main/source/python-support_0.8.4lenny1.dsc stable/main/binary-all/python-support_0.8.4lenny1_all.deb python-support (0.8.4lenny1) stable; urgency=low * update-python-modules (create_dotpath): + Completely ignore lines starting with "import", as they would be executed by python upon startup. stable/main/binary-sparc/python-numpy_1.1.0-3+lenny1_sparc.deb stable/main/binary-sparc/python-numpy-dbg_1.1.0-3+lenny1_sparc.deb python-numpy (1:1.1.0-3+lenny1) stable; urgency=low * Fix incorrect cfunc.h symlink. (Closes: #538599) stable/main/binary-s390/python-numpy_1.1.0-3+lenny1_s390.deb stable/main/binary-s390/python-numpy-dbg_1.1.0-3+lenny1_s390.deb python-numpy (1:1.1.0-3+lenny1) stable; urgency=low * Fix incorrect cfunc.h symlink. (Closes: #538599) stable/main/binary-powerpc/python-numpy_1.1.0-3+lenny1_powerpc.deb stable/main/binary-powerpc/python-numpy-dbg_1.1.0-3+lenny1_powerpc.deb python-numpy (1:1.1.0-3+lenny1) stable; urgency=low * Fix incorrect cfunc.h symlink. (Closes: #538599) stable/main/binary-mipsel/python-numpy_1.1.0-3+lenny1_mipsel.deb stable/main/binary-mipsel/python-numpy-dbg_1.1.0-3+lenny1_mipsel.deb python-numpy (1:1.1.0-3+lenny1) stable; urgency=low * Fix incorrect cfunc.h symlink. (Closes: #538599) stable/main/binary-mips/python-numpy-dbg_1.1.0-3+lenny1_mips.deb stable/main/binary-mips/python-numpy_1.1.0-3+lenny1_mips.deb python-numpy (1:1.1.0-3+lenny1) stable; urgency=low * Fix incorrect cfunc.h symlink. (Closes: #538599) stable/main/binary-ia64/python-numpy-dbg_1.1.0-3+lenny1_ia64.deb stable/main/binary-ia64/python-numpy_1.1.0-3+lenny1_ia64.deb python-numpy (1:1.1.0-3+lenny1) stable; urgency=low * Fix incorrect cfunc.h symlink. (Closes: #538599) stable/main/binary-i386/python-numpy_1.1.0-3+lenny1_i386.deb stable/main/binary-i386/python-numpy-dbg_1.1.0-3+lenny1_i386.deb python-numpy (1:1.1.0-3+lenny1) stable; urgency=low * Fix incorrect cfunc.h symlink. (Closes: #538599) stable/main/binary-hppa/python-numpy_1.1.0-3+lenny1_hppa.deb stable/main/binary-hppa/python-numpy-dbg_1.1.0-3+lenny1_hppa.deb python-numpy (1:1.1.0-3+lenny1) stable; urgency=low * Fix incorrect cfunc.h symlink. (Closes: #538599) stable/main/binary-armel/python-numpy_1.1.0-3+lenny1_armel.deb stable/main/binary-armel/python-numpy-dbg_1.1.0-3+lenny1_armel.deb python-numpy (1:1.1.0-3+lenny1) stable; urgency=low * Fix incorrect cfunc.h symlink. (Closes: #538599) stable/main/binary-arm/python-numpy-dbg_1.1.0-3+lenny1_arm.deb stable/main/binary-arm/python-numpy_1.1.0-3+lenny1_arm.deb python-numpy (1:1.1.0-3+lenny1) stable; urgency=low * Fix incorrect cfunc.h symlink. (Closes: #538599) stable/main/binary-alpha/python-numpy-dbg_1.1.0-3+lenny1_alpha.deb stable/main/binary-alpha/python-numpy_1.1.0-3+lenny1_alpha.deb python-numpy (1:1.1.0-3+lenny1) stable; urgency=low * Fix incorrect cfunc.h symlink. (Closes: #538599) stable/main/source/python-numpy_1.1.0-3+lenny1.dsc stable/main/source/python-numpy_1.1.0-3+lenny1.diff.gz stable/main/binary-amd64/python-numpy-dbg_1.1.0-3+lenny1_amd64.deb stable/main/binary-all/python-numpy-doc_1.1.0-3+lenny1_all.deb stable/main/binary-all/python-numpy-ext_1.1.0-3+lenny1_all.deb stable/main/binary-amd64/python-numpy_1.1.0-3+lenny1_amd64.deb python-numpy (1:1.1.0-3+lenny1) stable; urgency=low * Fix incorrect cfunc.h symlink. (Closes: #538599) stable/main/binary-all/python-django_1.0.2-1+lenny1_all.deb stable/main/source/python-django_1.0.2-1+lenny1.dsc stable/main/source/python-django_1.0.2-1+lenny1.diff.gz python-django (1.0.2-1+lenny1) stable-proposed-updates; urgency=low * Add patch to fix issue with a maliciously crafted URL gaining access to any file on the filesystem (Closes: #539134) Upstream writes: Django includes a lightweight, WSGI-based web server for use in learning Django and in testing new applications during early stages of development. For sake of convenience, this web server automatically maps certain URLs corresponding to the static media files used by the Django administrative application. The handler which maps these URLs did not properly check the requested URL to verify that it corresponds to a static media file used by Django. As such, a carefully-crafted URL can cause the development server to serve any file to which it has read access. stable/main/binary-sparc/pulseaudio-module-gconf-dbg_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-module-lirc-dbg_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/libpulsecore5_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/libpulse-mainloop-glib0_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/libpulse-browse0_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-module-jack_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/libpulse-dev_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-module-jack-dbg_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-module-x11-dbg_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-esound-compat-dbg_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-module-hal_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-module-zeroconf-dbg_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-module-hal-dbg_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-module-x11_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-utils-dbg_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/libpulse-mainloop-glib0-dbg_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-module-lirc_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-utils_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-esound-compat_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-module-zeroconf_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/libpulse-browse0-dbg_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-module-gconf_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/pulseaudio-dbg_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/libpulse0-dbg_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/libpulsecore5-dbg_0.9.10-3+lenny1_sparc.deb stable/main/binary-sparc/libpulse0_0.9.10-3+lenny1_sparc.deb pulseaudio (0.9.10-3+lenny1) stable-security; urgency=high * Remove broken re-exec (CVE-2009-1894) * Used ld flags to pre-load DSOs * Regenerate auto* files stable/main/binary-s390/libpulsecore5-dbg_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/libpulse-browse0-dbg_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/libpulsecore5_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-module-zeroconf_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/libpulse-browse0_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/libpulse0-dbg_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/libpulse0_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-esound-compat-dbg_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-module-jack-dbg_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-module-zeroconf-dbg_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/libpulse-dev_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-module-gconf_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-esound-compat_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-module-lirc_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-module-hal-dbg_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-utils-dbg_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-utils_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-module-x11_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-module-hal_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-module-x11-dbg_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-dbg_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-module-lirc-dbg_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/libpulse-mainloop-glib0-dbg_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/libpulse-mainloop-glib0_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-module-jack_0.9.10-3+lenny1_s390.deb stable/main/binary-s390/pulseaudio-module-gconf-dbg_0.9.10-3+lenny1_s390.deb pulseaudio (0.9.10-3+lenny1) stable-security; urgency=high * Remove broken re-exec (CVE-2009-1894) * Used ld flags to pre-load DSOs * Regenerate auto* files stable/main/binary-powerpc/libpulse-dev_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-gconf_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-utils_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/libpulse0-dbg_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/libpulse0_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/libpulse-browse0-dbg_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/libpulse-mainloop-glib0-dbg_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-esound-compat_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-gconf-dbg_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/libpulse-browse0_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-lirc_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-lirc-dbg_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/libpulse-mainloop-glib0_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-hal-dbg_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-esound-compat-dbg_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/libpulsecore5-dbg_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-hal_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-utils-dbg_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-x11_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-dbg_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-zeroconf-dbg_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-x11-dbg_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-jack-dbg_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-jack_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/libpulsecore5_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio-module-zeroconf_0.9.10-3+lenny1_powerpc.deb stable/main/binary-powerpc/pulseaudio_0.9.10-3+lenny1_powerpc.deb pulseaudio (0.9.10-3+lenny1) stable-security; urgency=high * Remove broken re-exec (CVE-2009-1894) * Used ld flags to pre-load DSOs * Regenerate auto* files stable/main/binary-mipsel/libpulse-mainloop-glib0_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-dbg_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-lirc-dbg_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-gconf-dbg_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-jack_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-x11-dbg_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-utils_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/libpulsecore5_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-hal-dbg_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-hal_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/libpulse0-dbg_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-zeroconf-dbg_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/libpulse0_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/libpulse-dev_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/libpulse-browse0_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-gconf_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-x11_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/libpulsecore5-dbg_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-jack-dbg_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-zeroconf_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-utils-dbg_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/libpulse-browse0-dbg_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/libpulse-mainloop-glib0-dbg_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-module-lirc_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-esound-compat_0.9.10-3+lenny1_mipsel.deb stable/main/binary-mipsel/pulseaudio-esound-compat-dbg_0.9.10-3+lenny1_mipsel.deb pulseaudio (0.9.10-3+lenny1) stable-security; urgency=high * Remove broken re-exec (CVE-2009-1894) * Used ld flags to pre-load DSOs * Regenerate auto* files stable/main/binary-mips/libpulse-browse0_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-module-hal-dbg_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-utils-dbg_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-module-gconf-dbg_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/libpulse0-dbg_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-module-x11_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-module-lirc-dbg_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/libpulse-mainloop-glib0_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-module-gconf_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-module-jack_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-esound-compat-dbg_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/libpulse-dev_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/libpulse-browse0-dbg_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-dbg_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-module-x11-dbg_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-module-hal_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/libpulsecore5_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-module-zeroconf_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/libpulsecore5-dbg_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-utils_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-module-zeroconf-dbg_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-module-lirc_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-module-jack-dbg_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/libpulse0_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/libpulse-mainloop-glib0-dbg_0.9.10-3+lenny1_mips.deb stable/main/binary-mips/pulseaudio-esound-compat_0.9.10-3+lenny1_mips.deb pulseaudio (0.9.10-3+lenny1) stable-security; urgency=high * Remove broken re-exec (CVE-2009-1894) * Used ld flags to pre-load DSOs * Regenerate auto* files stable/main/binary-ia64/libpulsecore5-dbg_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-module-gconf_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-module-lirc-dbg_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-module-x11_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-module-zeroconf_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/libpulse-browse0-dbg_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/libpulse0_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-dbg_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/libpulse-dev_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-module-jack-dbg_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-module-hal_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-utils_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-module-lirc_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-module-zeroconf-dbg_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-module-hal-dbg_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/libpulse-browse0_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/libpulse0-dbg_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-module-x11-dbg_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-esound-compat_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/libpulsecore5_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/libpulse-mainloop-glib0-dbg_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-esound-compat-dbg_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-utils-dbg_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-module-jack_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/libpulse-mainloop-glib0_0.9.10-3+lenny1_ia64.deb stable/main/binary-ia64/pulseaudio-module-gconf-dbg_0.9.10-3+lenny1_ia64.deb pulseaudio (0.9.10-3+lenny1) stable-security; urgency=high * Remove broken re-exec (CVE-2009-1894) * Used ld flags to pre-load DSOs * Regenerate auto* files stable/main/binary-i386/pulseaudio-dbg_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-module-jack_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-esound-compat_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/libpulse0-dbg_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-module-zeroconf-dbg_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-utils_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/libpulse-mainloop-glib0-dbg_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/libpulsecore5_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-module-zeroconf_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-module-hal_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/libpulse-browse0-dbg_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-module-x11_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-utils-dbg_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-module-lirc_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/libpulsecore5-dbg_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-module-hal-dbg_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-module-gconf-dbg_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-module-x11-dbg_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/libpulse0_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/libpulse-mainloop-glib0_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-esound-compat-dbg_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-module-lirc-dbg_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-module-jack-dbg_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/libpulse-dev_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/pulseaudio-module-gconf_0.9.10-3+lenny1_i386.deb stable/main/binary-i386/libpulse-browse0_0.9.10-3+lenny1_i386.deb pulseaudio (0.9.10-3+lenny1) stable-security; urgency=high * Remove broken re-exec (CVE-2009-1894) * Used ld flags to pre-load DSOs * Regenerate auto* files stable/main/binary-hppa/pulseaudio-module-jack_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/libpulsecore5-dbg_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-module-zeroconf_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-module-lirc-dbg_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-dbg_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-esound-compat-dbg_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/libpulse-mainloop-glib0_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-esound-compat_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-module-jack-dbg_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/libpulse-mainloop-glib0-dbg_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-utils-dbg_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-module-x11_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-module-gconf_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-module-hal-dbg_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/libpulse0-dbg_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/libpulsecore5_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/libpulse0_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-module-lirc_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-module-hal_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/libpulse-dev_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-module-gconf-dbg_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-module-zeroconf-dbg_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-utils_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/libpulse-browse0_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/libpulse-browse0-dbg_0.9.10-3+lenny1_hppa.deb stable/main/binary-hppa/pulseaudio-module-x11-dbg_0.9.10-3+lenny1_hppa.deb pulseaudio (0.9.10-3+lenny1) stable-security; urgency=high * Remove broken re-exec (CVE-2009-1894) * Used ld flags to pre-load DSOs * Regenerate auto* files stable/main/binary-armel/pulseaudio-utils_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-module-jack-dbg_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/libpulse-browse0-dbg_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-module-x11-dbg_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-module-zeroconf-dbg_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/libpulse-mainloop-glib0-dbg_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-dbg_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-module-gconf_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-esound-compat_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-module-hal-dbg_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/libpulse0_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-module-lirc-dbg_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/libpulse-browse0_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-module-gconf-dbg_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/libpulse-mainloop-glib0_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/libpulse-dev_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-module-zeroconf_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/libpulsecore5-dbg_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-module-jack_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-module-hal_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-module-lirc_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/libpulse0-dbg_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/libpulsecore5_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-module-x11_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-utils-dbg_0.9.10-3+lenny1_armel.deb stable/main/binary-armel/pulseaudio-esound-compat-dbg_0.9.10-3+lenny1_armel.deb pulseaudio (0.9.10-3+lenny1) stable-security; urgency=high * Remove broken re-exec (CVE-2009-1894) * Used ld flags to pre-load DSOs * Regenerate auto* files stable/main/binary-arm/pulseaudio-utils_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-module-jack_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/libpulse-browse0_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-module-x11-dbg_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/libpulsecore5-dbg_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-module-lirc_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-dbg_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-module-jack-dbg_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/libpulsecore5_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-module-zeroconf-dbg_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-module-hal_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/libpulse0_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/libpulse0-dbg_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-module-gconf-dbg_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-utils-dbg_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-module-x11_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-module-zeroconf_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-module-gconf_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/libpulse-dev_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-module-lirc-dbg_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/libpulse-mainloop-glib0_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-module-hal-dbg_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-esound-compat_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/libpulse-browse0-dbg_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/libpulse-mainloop-glib0-dbg_0.9.10-3+lenny1_arm.deb stable/main/binary-arm/pulseaudio-esound-compat-dbg_0.9.10-3+lenny1_arm.deb pulseaudio (0.9.10-3+lenny1) stable-security; urgency=high * Remove broken re-exec (CVE-2009-1894) * Used ld flags to pre-load DSOs * Regenerate auto* files stable/main/binary-alpha/libpulsecore5-dbg_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/libpulse-browse0-dbg_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/libpulse-browse0_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-dbg_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-module-zeroconf_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-utils_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-module-hal-dbg_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/libpulse0_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/libpulse-dev_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-module-jack-dbg_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-module-gconf_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-module-gconf-dbg_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-utils-dbg_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-module-x11_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-module-jack_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/libpulse0-dbg_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-module-lirc_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-module-zeroconf-dbg_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-esound-compat_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/libpulsecore5_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-module-hal_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/libpulse-mainloop-glib0-dbg_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-module-lirc-dbg_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/libpulse-mainloop-glib0_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-esound-compat-dbg_0.9.10-3+lenny1_alpha.deb stable/main/binary-alpha/pulseaudio-module-x11-dbg_0.9.10-3+lenny1_alpha.deb pulseaudio (0.9.10-3+lenny1) stable-security; urgency=high * Remove broken re-exec (CVE-2009-1894) * Used ld flags to pre-load DSOs * Regenerate auto* files stable/main/binary-amd64/pulseaudio-module-zeroconf-dbg_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-utils-dbg_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-module-x11_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-module-x11-dbg_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-module-lirc-dbg_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/libpulse0_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-utils_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/libpulse-mainloop-glib0-dbg_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-module-gconf_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/libpulse-mainloop-glib0_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-module-jack-dbg_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-esound-compat_0.9.10-3+lenny1_amd64.deb stable/main/source/pulseaudio_0.9.10-3+lenny1.dsc stable/main/binary-amd64/pulseaudio-module-hal-dbg_0.9.10-3+lenny1_amd64.deb stable/main/source/pulseaudio_0.9.10-3+lenny1.tar.gz stable/main/binary-amd64/libpulsecore5-dbg_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/libpulse-browse0-dbg_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/libpulse0-dbg_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/libpulse-browse0_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-module-gconf-dbg_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-module-zeroconf_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-module-lirc_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-module-hal_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-dbg_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/libpulse-dev_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-esound-compat-dbg_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/libpulsecore5_0.9.10-3+lenny1_amd64.deb stable/main/binary-amd64/pulseaudio-module-jack_0.9.10-3+lenny1_amd64.deb pulseaudio (0.9.10-3+lenny1) stable-security; urgency=high * Remove broken re-exec (CVE-2009-1894) * Used ld flags to pre-load DSOs * Regenerate auto* files stable/main/source/postgrey_1.31-3.2.dsc stable/main/binary-all/postgrey_1.31-3.2_all.deb stable/main/source/postgrey_1.31-3.2.diff.gz postgrey (1.31-3.2) stable-proposed-updates; urgency=medium * NMU to propagate #504382 fix to lenny stable/main/binary-sparc/finch_2.4.3-4lenny4_sparc.deb stable/main/binary-sparc/libpurple0_2.4.3-4lenny4_sparc.deb stable/main/binary-sparc/pidgin_2.4.3-4lenny4_sparc.deb stable/main/binary-sparc/pidgin-dbg_2.4.3-4lenny4_sparc.deb pidgin (2.4.3-4lenny4) stable; urgency=medium * debian/patches/35_xmpp-require-ssl.patch: - Fix XMPP not properly enforcing "Require SSL/TLS" on some older servers (Closes: #542891) stable/main/binary-s390/libpurple0_2.4.3-4lenny4_s390.deb stable/main/binary-s390/finch_2.4.3-4lenny4_s390.deb stable/main/binary-s390/pidgin-dbg_2.4.3-4lenny4_s390.deb stable/main/binary-s390/pidgin_2.4.3-4lenny4_s390.deb pidgin (2.4.3-4lenny4) stable; urgency=medium * debian/patches/35_xmpp-require-ssl.patch: - Fix XMPP not properly enforcing "Require SSL/TLS" on some older servers (Closes: #542891) stable/main/binary-powerpc/pidgin_2.4.3-4lenny4_powerpc.deb stable/main/binary-powerpc/pidgin-dbg_2.4.3-4lenny4_powerpc.deb stable/main/binary-powerpc/finch_2.4.3-4lenny4_powerpc.deb stable/main/binary-powerpc/libpurple0_2.4.3-4lenny4_powerpc.deb pidgin (2.4.3-4lenny4) stable; urgency=medium * debian/patches/35_xmpp-require-ssl.patch: - Fix XMPP not properly enforcing "Require SSL/TLS" on some older servers (Closes: #542891) stable/main/binary-mipsel/pidgin-dbg_2.4.3-4lenny4_mipsel.deb stable/main/binary-mipsel/pidgin_2.4.3-4lenny4_mipsel.deb stable/main/binary-mipsel/libpurple0_2.4.3-4lenny4_mipsel.deb stable/main/binary-mipsel/finch_2.4.3-4lenny4_mipsel.deb pidgin (2.4.3-4lenny4) stable; urgency=medium * debian/patches/35_xmpp-require-ssl.patch: - Fix XMPP not properly enforcing "Require SSL/TLS" on some older servers (Closes: #542891) stable/main/binary-mips/pidgin-dbg_2.4.3-4lenny4_mips.deb stable/main/binary-mips/finch_2.4.3-4lenny4_mips.deb stable/main/binary-mips/libpurple0_2.4.3-4lenny4_mips.deb stable/main/binary-mips/pidgin_2.4.3-4lenny4_mips.deb pidgin (2.4.3-4lenny4) stable; urgency=medium * debian/patches/35_xmpp-require-ssl.patch: - Fix XMPP not properly enforcing "Require SSL/TLS" on some older servers (Closes: #542891) stable/main/binary-ia64/libpurple0_2.4.3-4lenny4_ia64.deb stable/main/binary-ia64/pidgin_2.4.3-4lenny4_ia64.deb stable/main/binary-ia64/pidgin-dbg_2.4.3-4lenny4_ia64.deb stable/main/binary-ia64/finch_2.4.3-4lenny4_ia64.deb pidgin (2.4.3-4lenny4) stable; urgency=medium * debian/patches/35_xmpp-require-ssl.patch: - Fix XMPP not properly enforcing "Require SSL/TLS" on some older servers (Closes: #542891) stable/main/binary-i386/pidgin_2.4.3-4lenny4_i386.deb stable/main/binary-i386/libpurple0_2.4.3-4lenny4_i386.deb stable/main/binary-i386/finch_2.4.3-4lenny4_i386.deb stable/main/binary-i386/pidgin-dbg_2.4.3-4lenny4_i386.deb pidgin (2.4.3-4lenny4) stable; urgency=medium * debian/patches/35_xmpp-require-ssl.patch: - Fix XMPP not properly enforcing "Require SSL/TLS" on some older servers (Closes: #542891) stable/main/binary-hppa/libpurple0_2.4.3-4lenny4_hppa.deb stable/main/binary-hppa/finch_2.4.3-4lenny4_hppa.deb stable/main/binary-hppa/pidgin-dbg_2.4.3-4lenny4_hppa.deb stable/main/binary-hppa/pidgin_2.4.3-4lenny4_hppa.deb pidgin (2.4.3-4lenny4) stable; urgency=medium * debian/patches/35_xmpp-require-ssl.patch: - Fix XMPP not properly enforcing "Require SSL/TLS" on some older servers (Closes: #542891) stable/main/binary-armel/pidgin-dbg_2.4.3-4lenny4_armel.deb stable/main/binary-armel/finch_2.4.3-4lenny4_armel.deb stable/main/binary-armel/libpurple0_2.4.3-4lenny4_armel.deb stable/main/binary-armel/pidgin_2.4.3-4lenny4_armel.deb pidgin (2.4.3-4lenny4) stable; urgency=medium * debian/patches/35_xmpp-require-ssl.patch: - Fix XMPP not properly enforcing "Require SSL/TLS" on some older servers (Closes: #542891) stable/main/binary-arm/libpurple0_2.4.3-4lenny4_arm.deb stable/main/binary-arm/finch_2.4.3-4lenny4_arm.deb stable/main/binary-arm/pidgin-dbg_2.4.3-4lenny4_arm.deb stable/main/binary-arm/pidgin_2.4.3-4lenny4_arm.deb pidgin (2.4.3-4lenny4) stable; urgency=medium * debian/patches/35_xmpp-require-ssl.patch: - Fix XMPP not properly enforcing "Require SSL/TLS" on some older servers (Closes: #542891) stable/main/binary-alpha/libpurple0_2.4.3-4lenny4_alpha.deb stable/main/binary-alpha/finch_2.4.3-4lenny4_alpha.deb stable/main/binary-alpha/pidgin-dbg_2.4.3-4lenny4_alpha.deb stable/main/binary-alpha/pidgin_2.4.3-4lenny4_alpha.deb pidgin (2.4.3-4lenny4) stable; urgency=medium * debian/patches/35_xmpp-require-ssl.patch: - Fix XMPP not properly enforcing "Require SSL/TLS" on some older servers (Closes: #542891) stable/main/binary-all/finch-dev_2.4.3-4lenny4_all.deb stable/main/source/pidgin_2.4.3-4lenny4.dsc stable/main/binary-all/pidgin-dev_2.4.3-4lenny4_all.deb stable/main/binary-all/libpurple-dev_2.4.3-4lenny4_all.deb stable/main/binary-amd64/finch_2.4.3-4lenny4_amd64.deb stable/main/binary-amd64/libpurple0_2.4.3-4lenny4_amd64.deb stable/main/binary-all/libpurple-bin_2.4.3-4lenny4_all.deb stable/main/binary-amd64/pidgin-dbg_2.4.3-4lenny4_amd64.deb stable/main/binary-all/pidgin-data_2.4.3-4lenny4_all.deb stable/main/binary-amd64/pidgin_2.4.3-4lenny4_amd64.deb stable/main/source/pidgin_2.4.3-4lenny4.diff.gz pidgin (2.4.3-4lenny4) stable; urgency=medium * debian/patches/35_xmpp-require-ssl.patch: - Fix XMPP not properly enforcing "Require SSL/TLS" on some older servers (Closes: #542891) stable/main/binary-sparc/libperl-dev_5.10.0-19lenny2_sparc.deb stable/main/binary-sparc/perl-suid_5.10.0-19lenny2_sparc.deb stable/main/binary-sparc/perl-debug_5.10.0-19lenny2_sparc.deb stable/main/binary-sparc/libperl5.10_5.10.0-19lenny2_sparc.deb stable/main/binary-sparc/perl-base_5.10.0-19lenny2_sparc.deb stable/main/binary-sparc/perl_5.10.0-19lenny2_sparc.deb perl (5.10.0-19lenny2) stable; urgency=low * Fix a typo in the replaces/conflicts/provides: libcpan-plus-perl should have been libcpanplus-perl. (Closes: #516289) * Fix a memory leak with the map operator. (Closes: #528332) stable/main/binary-s390/perl-debug_5.10.0-19lenny2_s390.deb stable/main/binary-s390/perl_5.10.0-19lenny2_s390.deb stable/main/binary-s390/perl-base_5.10.0-19lenny2_s390.deb stable/main/binary-s390/perl-suid_5.10.0-19lenny2_s390.deb stable/main/binary-s390/libperl-dev_5.10.0-19lenny2_s390.deb stable/main/binary-s390/libperl5.10_5.10.0-19lenny2_s390.deb perl (5.10.0-19lenny2) stable; urgency=low * Fix a typo in the replaces/conflicts/provides: libcpan-plus-perl should have been libcpanplus-perl. (Closes: #516289) * Fix a memory leak with the map operator. (Closes: #528332) stable/main/binary-powerpc/libperl-dev_5.10.0-19lenny2_powerpc.deb stable/main/binary-powerpc/perl-suid_5.10.0-19lenny2_powerpc.deb stable/main/binary-powerpc/libperl5.10_5.10.0-19lenny2_powerpc.deb stable/main/binary-powerpc/perl-base_5.10.0-19lenny2_powerpc.deb stable/main/binary-powerpc/perl-debug_5.10.0-19lenny2_powerpc.deb stable/main/binary-powerpc/perl_5.10.0-19lenny2_powerpc.deb perl (5.10.0-19lenny2) stable; urgency=low * Fix a typo in the replaces/conflicts/provides: libcpan-plus-perl should have been libcpanplus-perl. (Closes: #516289) * Fix a memory leak with the map operator. (Closes: #528332) stable/main/binary-mipsel/perl-debug_5.10.0-19lenny2_mipsel.deb stable/main/binary-mipsel/perl-base_5.10.0-19lenny2_mipsel.deb stable/main/binary-mipsel/libperl-dev_5.10.0-19lenny2_mipsel.deb stable/main/binary-mipsel/perl-suid_5.10.0-19lenny2_mipsel.deb stable/main/binary-mipsel/libperl5.10_5.10.0-19lenny2_mipsel.deb stable/main/binary-mipsel/perl_5.10.0-19lenny2_mipsel.deb perl (5.10.0-19lenny2) stable; urgency=low * Fix a typo in the replaces/conflicts/provides: libcpan-plus-perl should have been libcpanplus-perl. (Closes: #516289) * Fix a memory leak with the map operator. (Closes: #528332) stable/main/binary-mips/perl-base_5.10.0-19lenny2_mips.deb stable/main/binary-mips/perl_5.10.0-19lenny2_mips.deb stable/main/binary-mips/perl-debug_5.10.0-19lenny2_mips.deb stable/main/binary-mips/libperl-dev_5.10.0-19lenny2_mips.deb stable/main/binary-mips/perl-suid_5.10.0-19lenny2_mips.deb stable/main/binary-mips/libperl5.10_5.10.0-19lenny2_mips.deb perl (5.10.0-19lenny2) stable; urgency=low * Fix a typo in the replaces/conflicts/provides: libcpan-plus-perl should have been libcpanplus-perl. (Closes: #516289) * Fix a memory leak with the map operator. (Closes: #528332) stable/main/binary-ia64/perl_5.10.0-19lenny2_ia64.deb stable/main/binary-ia64/perl-debug_5.10.0-19lenny2_ia64.deb stable/main/binary-ia64/perl-base_5.10.0-19lenny2_ia64.deb stable/main/binary-ia64/libperl5.10_5.10.0-19lenny2_ia64.deb stable/main/binary-ia64/perl-suid_5.10.0-19lenny2_ia64.deb stable/main/binary-ia64/libperl-dev_5.10.0-19lenny2_ia64.deb perl (5.10.0-19lenny2) stable; urgency=low * Fix a typo in the replaces/conflicts/provides: libcpan-plus-perl should have been libcpanplus-perl. (Closes: #516289) * Fix a memory leak with the map operator. (Closes: #528332) stable/main/binary-i386/perl-debug_5.10.0-19lenny2_i386.deb stable/main/binary-i386/perl-suid_5.10.0-19lenny2_i386.deb stable/main/binary-i386/libperl-dev_5.10.0-19lenny2_i386.deb stable/main/binary-i386/perl-base_5.10.0-19lenny2_i386.deb stable/main/binary-i386/perl_5.10.0-19lenny2_i386.deb stable/main/binary-i386/libperl5.10_5.10.0-19lenny2_i386.deb perl (5.10.0-19lenny2) stable; urgency=low * Fix a typo in the replaces/conflicts/provides: libcpan-plus-perl should have been libcpanplus-perl. (Closes: #516289) * Fix a memory leak with the map operator. (Closes: #528332) stable/main/binary-hppa/perl_5.10.0-19lenny2_hppa.deb stable/main/binary-hppa/perl-base_5.10.0-19lenny2_hppa.deb stable/main/binary-hppa/libperl5.10_5.10.0-19lenny2_hppa.deb stable/main/binary-hppa/perl-suid_5.10.0-19lenny2_hppa.deb stable/main/binary-hppa/libperl-dev_5.10.0-19lenny2_hppa.deb stable/main/binary-hppa/perl-debug_5.10.0-19lenny2_hppa.deb perl (5.10.0-19lenny2) stable; urgency=low * Fix a typo in the replaces/conflicts/provides: libcpan-plus-perl should have been libcpanplus-perl. (Closes: #516289) * Fix a memory leak with the map operator. (Closes: #528332) stable/main/binary-armel/perl_5.10.0-19lenny2_armel.deb stable/main/binary-armel/perl-suid_5.10.0-19lenny2_armel.deb stable/main/binary-armel/libperl-dev_5.10.0-19lenny2_armel.deb stable/main/binary-armel/libperl5.10_5.10.0-19lenny2_armel.deb stable/main/binary-armel/perl-debug_5.10.0-19lenny2_armel.deb stable/main/binary-armel/perl-base_5.10.0-19lenny2_armel.deb perl (5.10.0-19lenny2) stable; urgency=low * Fix a typo in the replaces/conflicts/provides: libcpan-plus-perl should have been libcpanplus-perl. (Closes: #516289) * Fix a memory leak with the map operator. (Closes: #528332) stable/main/binary-arm/perl-suid_5.10.0-19lenny2_arm.deb stable/main/binary-arm/libperl5.10_5.10.0-19lenny2_arm.deb stable/main/binary-arm/perl_5.10.0-19lenny2_arm.deb stable/main/binary-arm/perl-debug_5.10.0-19lenny2_arm.deb stable/main/binary-arm/perl-base_5.10.0-19lenny2_arm.deb stable/main/binary-arm/libperl-dev_5.10.0-19lenny2_arm.deb perl (5.10.0-19lenny2) stable; urgency=low * Fix a typo in the replaces/conflicts/provides: libcpan-plus-perl should have been libcpanplus-perl. (Closes: #516289) * Fix a memory leak with the map operator. (Closes: #528332) stable/main/binary-amd64/perl-suid_5.10.0-19lenny2_amd64.deb stable/main/binary-amd64/perl-base_5.10.0-19lenny2_amd64.deb stable/main/binary-amd64/perl-debug_5.10.0-19lenny2_amd64.deb stable/main/binary-amd64/libperl-dev_5.10.0-19lenny2_amd64.deb stable/main/binary-amd64/perl_5.10.0-19lenny2_amd64.deb stable/main/binary-amd64/libperl5.10_5.10.0-19lenny2_amd64.deb perl (5.10.0-19lenny2) stable; urgency=low * Fix a typo in the replaces/conflicts/provides: libcpan-plus-perl should have been libcpanplus-perl. (Closes: #516289) * Fix a memory leak with the map operator. (Closes: #528332) stable/main/binary-alpha/libperl-dev_5.10.0-19lenny2_alpha.deb stable/main/binary-alpha/perl_5.10.0-19lenny2_alpha.deb stable/main/binary-alpha/perl-base_5.10.0-19lenny2_alpha.deb stable/main/binary-alpha/perl-debug_5.10.0-19lenny2_alpha.deb stable/main/binary-alpha/perl-suid_5.10.0-19lenny2_alpha.deb stable/main/binary-alpha/libperl5.10_5.10.0-19lenny2_alpha.deb perl (5.10.0-19lenny2) stable; urgency=low * Fix a typo in the replaces/conflicts/provides: libcpan-plus-perl should have been libcpanplus-perl. (Closes: #516289) * Fix a memory leak with the map operator. (Closes: #528332) stable/main/source/perl_5.10.0-19lenny2.dsc stable/main/binary-all/libcgi-fast-perl_5.10.0-19lenny2_all.deb stable/main/binary-all/perl-doc_5.10.0-19lenny2_all.deb stable/main/binary-all/perl-modules_5.10.0-19lenny2_all.deb stable/main/source/perl_5.10.0-19lenny2.diff.gz perl (5.10.0-19lenny2) stable; urgency=low * Fix a typo in the replaces/conflicts/provides: libcpan-plus-perl should have been libcpanplus-perl. (Closes: #516289) * Fix a memory leak with the map operator. (Closes: #528332) perl (5.10.0-19lenny1) stable-security; urgency=high * [SECURITY] CVE-2009-1391: Fix a buffer overflow in Compress::Raw::Zlib. (Closes: #532736) stable/main/binary-sparc/libcrypto0.9.8-udeb_0.9.8g-15+lenny3_sparc.udeb stable/main/binary-sparc/openssl_0.9.8g-15+lenny3_sparc.deb stable/main/binary-sparc/libssl0.9.8_0.9.8g-15+lenny3_sparc.deb stable/main/binary-sparc/libssl-dev_0.9.8g-15+lenny3_sparc.deb stable/main/binary-sparc/libssl0.9.8-dbg_0.9.8g-15+lenny3_sparc.deb openssl (0.9.8g-15+lenny3) stable-security; urgency=low * Fix DoS via a DTLS ChangeCipherSpec packet that occurs before ClientHello (CVE-2009-1386) * Fix DoS via an out-of-sequence DTLS handshake message (CVE-2009-1387) stable/main/binary-s390/libssl-dev_0.9.8g-15+lenny3_s390.deb stable/main/binary-s390/libcrypto0.9.8-udeb_0.9.8g-15+lenny3_s390.udeb stable/main/binary-s390/libssl0.9.8-dbg_0.9.8g-15+lenny3_s390.deb stable/main/binary-s390/libssl0.9.8_0.9.8g-15+lenny3_s390.deb stable/main/binary-s390/openssl_0.9.8g-15+lenny3_s390.deb openssl (0.9.8g-15+lenny3) stable-security; urgency=low * Fix DoS via a DTLS ChangeCipherSpec packet that occurs before ClientHello (CVE-2009-1386) * Fix DoS via an out-of-sequence DTLS handshake message (CVE-2009-1387) stable/main/binary-powerpc/openssl_0.9.8g-15+lenny3_powerpc.deb stable/main/binary-powerpc/libssl0.9.8_0.9.8g-15+lenny3_powerpc.deb stable/main/binary-powerpc/libssl0.9.8-dbg_0.9.8g-15+lenny3_powerpc.deb stable/main/binary-powerpc/libcrypto0.9.8-udeb_0.9.8g-15+lenny3_powerpc.udeb stable/main/binary-powerpc/libssl-dev_0.9.8g-15+lenny3_powerpc.deb openssl (0.9.8g-15+lenny3) stable-security; urgency=low * Fix DoS via a DTLS ChangeCipherSpec packet that occurs before ClientHello (CVE-2009-1386) * Fix DoS via an out-of-sequence DTLS handshake message (CVE-2009-1387) stable/main/binary-mipsel/libcrypto0.9.8-udeb_0.9.8g-15+lenny3_mipsel.udeb stable/main/binary-mipsel/libssl0.9.8_0.9.8g-15+lenny3_mipsel.deb stable/main/binary-mipsel/libssl-dev_0.9.8g-15+lenny3_mipsel.deb stable/main/binary-mipsel/openssl_0.9.8g-15+lenny3_mipsel.deb stable/main/binary-mipsel/libssl0.9.8-dbg_0.9.8g-15+lenny3_mipsel.deb openssl (0.9.8g-15+lenny3) stable-security; urgency=low * Fix DoS via a DTLS ChangeCipherSpec packet that occurs before ClientHello (CVE-2009-1386) * Fix DoS via an out-of-sequence DTLS handshake message (CVE-2009-1387) stable/main/binary-mips/libssl0.9.8-dbg_0.9.8g-15+lenny3_mips.deb stable/main/binary-mips/libssl-dev_0.9.8g-15+lenny3_mips.deb stable/main/binary-mips/libcrypto0.9.8-udeb_0.9.8g-15+lenny3_mips.udeb stable/main/binary-mips/libssl0.9.8_0.9.8g-15+lenny3_mips.deb stable/main/binary-mips/openssl_0.9.8g-15+lenny3_mips.deb openssl (0.9.8g-15+lenny3) stable-security; urgency=low * Fix DoS via a DTLS ChangeCipherSpec packet that occurs before ClientHello (CVE-2009-1386) * Fix DoS via an out-of-sequence DTLS handshake message (CVE-2009-1387) stable/main/binary-ia64/libcrypto0.9.8-udeb_0.9.8g-15+lenny3_ia64.udeb stable/main/binary-ia64/libssl-dev_0.9.8g-15+lenny3_ia64.deb stable/main/binary-ia64/openssl_0.9.8g-15+lenny3_ia64.deb stable/main/binary-ia64/libssl0.9.8-dbg_0.9.8g-15+lenny3_ia64.deb stable/main/binary-ia64/libssl0.9.8_0.9.8g-15+lenny3_ia64.deb openssl (0.9.8g-15+lenny3) stable-security; urgency=low * Fix DoS via a DTLS ChangeCipherSpec packet that occurs before ClientHello (CVE-2009-1386) * Fix DoS via an out-of-sequence DTLS handshake message (CVE-2009-1387) stable/main/binary-i386/openssl_0.9.8g-15+lenny3_i386.deb stable/main/binary-i386/libcrypto0.9.8-udeb_0.9.8g-15+lenny3_i386.udeb stable/main/binary-i386/libssl-dev_0.9.8g-15+lenny3_i386.deb stable/main/binary-i386/libssl0.9.8_0.9.8g-15+lenny3_i386.deb stable/main/binary-i386/libssl0.9.8-dbg_0.9.8g-15+lenny3_i386.deb openssl (0.9.8g-15+lenny3) stable-security; urgency=low * Fix DoS via a DTLS ChangeCipherSpec packet that occurs before ClientHello (CVE-2009-1386) * Fix DoS via an out-of-sequence DTLS handshake message (CVE-2009-1387) stable/main/binary-hppa/libcrypto0.9.8-udeb_0.9.8g-15+lenny3_hppa.udeb stable/main/binary-hppa/libssl0.9.8-dbg_0.9.8g-15+lenny3_hppa.deb stable/main/binary-hppa/libssl0.9.8_0.9.8g-15+lenny3_hppa.deb stable/main/binary-hppa/openssl_0.9.8g-15+lenny3_hppa.deb stable/main/binary-hppa/libssl-dev_0.9.8g-15+lenny3_hppa.deb openssl (0.9.8g-15+lenny3) stable-security; urgency=low * Fix DoS via a DTLS ChangeCipherSpec packet that occurs before ClientHello (CVE-2009-1386) * Fix DoS via an out-of-sequence DTLS handshake message (CVE-2009-1387) stable/main/binary-armel/libssl0.9.8_0.9.8g-15+lenny3_armel.deb stable/main/binary-armel/libssl0.9.8-dbg_0.9.8g-15+lenny3_armel.deb stable/main/binary-armel/libssl-dev_0.9.8g-15+lenny3_armel.deb stable/main/binary-armel/libcrypto0.9.8-udeb_0.9.8g-15+lenny3_armel.udeb stable/main/binary-armel/openssl_0.9.8g-15+lenny3_armel.deb openssl (0.9.8g-15+lenny3) stable-security; urgency=low * Fix DoS via a DTLS ChangeCipherSpec packet that occurs before ClientHello (CVE-2009-1386) * Fix DoS via an out-of-sequence DTLS handshake message (CVE-2009-1387) stable/main/binary-arm/libssl-dev_0.9.8g-15+lenny3_arm.deb stable/main/binary-arm/libssl0.9.8-dbg_0.9.8g-15+lenny3_arm.deb stable/main/binary-arm/libssl0.9.8_0.9.8g-15+lenny3_arm.deb stable/main/binary-arm/openssl_0.9.8g-15+lenny3_arm.deb stable/main/binary-arm/libcrypto0.9.8-udeb_0.9.8g-15+lenny3_arm.udeb openssl (0.9.8g-15+lenny3) stable-security; urgency=low * Fix DoS via a DTLS ChangeCipherSpec packet that occurs before ClientHello (CVE-2009-1386) * Fix DoS via an out-of-sequence DTLS handshake message (CVE-2009-1387) stable/main/binary-alpha/libssl0.9.8_0.9.8g-15+lenny3_alpha.deb stable/main/binary-alpha/libssl-dev_0.9.8g-15+lenny3_alpha.deb stable/main/binary-alpha/libssl0.9.8-dbg_0.9.8g-15+lenny3_alpha.deb stable/main/binary-alpha/libcrypto0.9.8-udeb_0.9.8g-15+lenny3_alpha.udeb stable/main/binary-alpha/openssl_0.9.8g-15+lenny3_alpha.deb openssl (0.9.8g-15+lenny3) stable-security; urgency=low * Fix DoS via a DTLS ChangeCipherSpec packet that occurs before ClientHello (CVE-2009-1386) * Fix DoS via an out-of-sequence DTLS handshake message (CVE-2009-1387) stable/main/binary-amd64/libcrypto0.9.8-udeb_0.9.8g-15+lenny3_amd64.udeb stable/main/binary-amd64/openssl_0.9.8g-15+lenny3_amd64.deb stable/main/source/openssl_0.9.8g-15+lenny3.diff.gz stable/main/binary-amd64/libssl0.9.8_0.9.8g-15+lenny3_amd64.deb stable/main/binary-amd64/libssl0.9.8-dbg_0.9.8g-15+lenny3_amd64.deb stable/main/source/openssl_0.9.8g-15+lenny3.dsc stable/main/binary-amd64/libssl-dev_0.9.8g-15+lenny3_amd64.deb openssl (0.9.8g-15+lenny3) stable-security; urgency=low * Fix DoS via a DTLS ChangeCipherSpec packet that occurs before ClientHello (CVE-2009-1386) * Fix DoS via an out-of-sequence DTLS handshake message (CVE-2009-1387) stable/main/binary-sparc/libopenexr-dev_1.6.1-3+lenny3_sparc.deb stable/main/binary-sparc/libopenexr6_1.6.1-3+lenny3_sparc.deb stable/main/binary-sparc/openexr_1.6.1-3+lenny3_sparc.deb openexr (1.6.1-3+lenny3) stable-security; urgency=low * Rebuild with the right distribution, meh. :) stable/main/binary-s390/openexr_1.6.1-3+lenny3_s390.deb stable/main/binary-s390/libopenexr-dev_1.6.1-3+lenny3_s390.deb stable/main/binary-s390/libopenexr6_1.6.1-3+lenny3_s390.deb openexr (1.6.1-3+lenny3) stable-security; urgency=low * Rebuild with the right distribution, meh. :) stable/main/binary-powerpc/openexr_1.6.1-3+lenny3_powerpc.deb stable/main/binary-powerpc/libopenexr6_1.6.1-3+lenny3_powerpc.deb stable/main/binary-powerpc/libopenexr-dev_1.6.1-3+lenny3_powerpc.deb openexr (1.6.1-3+lenny3) stable-security; urgency=low * Rebuild with the right distribution, meh. :) stable/main/binary-mipsel/libopenexr6_1.6.1-3+lenny3_mipsel.deb stable/main/binary-mipsel/libopenexr-dev_1.6.1-3+lenny3_mipsel.deb stable/main/binary-mipsel/openexr_1.6.1-3+lenny3_mipsel.deb openexr (1.6.1-3+lenny3) stable-security; urgency=low * Rebuild with the right distribution, meh. :) stable/main/binary-mips/openexr_1.6.1-3+lenny3_mips.deb stable/main/binary-mips/libopenexr-dev_1.6.1-3+lenny3_mips.deb stable/main/binary-mips/libopenexr6_1.6.1-3+lenny3_mips.deb openexr (1.6.1-3+lenny3) stable-security; urgency=low * Rebuild with the right distribution, meh. :) stable/main/binary-ia64/openexr_1.6.1-3+lenny3_ia64.deb stable/main/binary-ia64/libopenexr6_1.6.1-3+lenny3_ia64.deb stable/main/binary-ia64/libopenexr-dev_1.6.1-3+lenny3_ia64.deb openexr (1.6.1-3+lenny3) stable-security; urgency=low * Rebuild with the right distribution, meh. :) stable/main/binary-i386/libopenexr6_1.6.1-3+lenny3_i386.deb stable/main/binary-i386/libopenexr-dev_1.6.1-3+lenny3_i386.deb stable/main/binary-i386/openexr_1.6.1-3+lenny3_i386.deb openexr (1.6.1-3+lenny3) stable-security; urgency=low * Rebuild with the right distribution, meh. :) stable/main/binary-hppa/libopenexr-dev_1.6.1-3+lenny3_hppa.deb stable/main/binary-hppa/libopenexr6_1.6.1-3+lenny3_hppa.deb stable/main/binary-hppa/openexr_1.6.1-3+lenny3_hppa.deb openexr (1.6.1-3+lenny3) stable-security; urgency=low * Rebuild with the right distribution, meh. :) stable/main/binary-armel/openexr_1.6.1-3+lenny3_armel.deb stable/main/binary-armel/libopenexr6_1.6.1-3+lenny3_armel.deb stable/main/binary-armel/libopenexr-dev_1.6.1-3+lenny3_armel.deb openexr (1.6.1-3+lenny3) stable-security; urgency=low * Rebuild with the right distribution, meh. :) stable/main/binary-arm/libopenexr-dev_1.6.1-3+lenny3_arm.deb stable/main/binary-arm/libopenexr6_1.6.1-3+lenny3_arm.deb stable/main/binary-arm/openexr_1.6.1-3+lenny3_arm.deb openexr (1.6.1-3+lenny3) stable-security; urgency=low * Rebuild with the right distribution, meh. :) stable/main/binary-alpha/openexr_1.6.1-3+lenny3_alpha.deb stable/main/binary-alpha/libopenexr6_1.6.1-3+lenny3_alpha.deb stable/main/binary-alpha/libopenexr-dev_1.6.1-3+lenny3_alpha.deb openexr (1.6.1-3+lenny3) stable-security; urgency=low * Rebuild with the right distribution, meh. :) stable/main/binary-amd64/openexr_1.6.1-3+lenny3_amd64.deb stable/main/binary-amd64/libopenexr-dev_1.6.1-3+lenny3_amd64.deb stable/main/source/openexr_1.6.1-3+lenny3.dsc stable/main/source/openexr_1.6.1-3+lenny3.diff.gz stable/main/binary-amd64/libopenexr6_1.6.1-3+lenny3_amd64.deb openexr (1.6.1-3+lenny3) stable-security; urgency=low * Rebuild with the right distribution, meh. :) stable/main/binary-sparc/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny2_sparc.deb stable/main/binary-sparc/openafs-dbg_1.4.7.dfsg1-6+lenny2_sparc.deb stable/main/binary-sparc/openafs-fileserver_1.4.7.dfsg1-6+lenny2_sparc.deb stable/main/binary-sparc/openafs-dbserver_1.4.7.dfsg1-6+lenny2_sparc.deb stable/main/binary-sparc/openafs-kpasswd_1.4.7.dfsg1-6+lenny2_sparc.deb stable/main/binary-sparc/openafs-krb5_1.4.7.dfsg1-6+lenny2_sparc.deb stable/main/binary-sparc/openafs-client_1.4.7.dfsg1-6+lenny2_sparc.deb stable/main/binary-sparc/libopenafs-dev_1.4.7.dfsg1-6+lenny2_sparc.deb openafs (1.4.7.dfsg1-6+lenny2) stable-proposed-updates; urgency=low * Apply upstream patch to avoid converting more negative errors into invalid kernel memory pointers. This is a further fix for the basic issue discovered in CVE-2009-1250. stable/main/binary-s390/openafs-dbserver_1.4.7.dfsg1-6+lenny2_s390.deb stable/main/binary-s390/openafs-kpasswd_1.4.7.dfsg1-6+lenny2_s390.deb stable/main/binary-s390/openafs-krb5_1.4.7.dfsg1-6+lenny2_s390.deb stable/main/binary-s390/libopenafs-dev_1.4.7.dfsg1-6+lenny2_s390.deb stable/main/binary-s390/openafs-client_1.4.7.dfsg1-6+lenny2_s390.deb stable/main/binary-s390/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny2_s390.deb stable/main/binary-s390/openafs-fileserver_1.4.7.dfsg1-6+lenny2_s390.deb stable/main/binary-s390/openafs-dbg_1.4.7.dfsg1-6+lenny2_s390.deb openafs (1.4.7.dfsg1-6+lenny2) stable-proposed-updates; urgency=low * Apply upstream patch to avoid converting more negative errors into invalid kernel memory pointers. This is a further fix for the basic issue discovered in CVE-2009-1250. stable/main/binary-powerpc/openafs-krb5_1.4.7.dfsg1-6+lenny2_powerpc.deb stable/main/binary-powerpc/openafs-client_1.4.7.dfsg1-6+lenny2_powerpc.deb stable/main/binary-powerpc/libopenafs-dev_1.4.7.dfsg1-6+lenny2_powerpc.deb stable/main/binary-powerpc/openafs-kpasswd_1.4.7.dfsg1-6+lenny2_powerpc.deb stable/main/binary-powerpc/openafs-dbserver_1.4.7.dfsg1-6+lenny2_powerpc.deb stable/main/binary-powerpc/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny2_powerpc.deb stable/main/binary-powerpc/openafs-dbg_1.4.7.dfsg1-6+lenny2_powerpc.deb stable/main/binary-powerpc/openafs-fileserver_1.4.7.dfsg1-6+lenny2_powerpc.deb openafs (1.4.7.dfsg1-6+lenny2) stable-proposed-updates; urgency=low * Apply upstream patch to avoid converting more negative errors into invalid kernel memory pointers. This is a further fix for the basic issue discovered in CVE-2009-1250. stable/main/binary-ia64/openafs-dbg_1.4.7.dfsg1-6+lenny2_ia64.deb stable/main/binary-ia64/openafs-fileserver_1.4.7.dfsg1-6+lenny2_ia64.deb stable/main/binary-ia64/libopenafs-dev_1.4.7.dfsg1-6+lenny2_ia64.deb stable/main/binary-ia64/openafs-client_1.4.7.dfsg1-6+lenny2_ia64.deb stable/main/binary-ia64/openafs-krb5_1.4.7.dfsg1-6+lenny2_ia64.deb stable/main/binary-ia64/openafs-dbserver_1.4.7.dfsg1-6+lenny2_ia64.deb stable/main/binary-ia64/openafs-kpasswd_1.4.7.dfsg1-6+lenny2_ia64.deb stable/main/binary-ia64/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny2_ia64.deb openafs (1.4.7.dfsg1-6+lenny2) stable-proposed-updates; urgency=low * Apply upstream patch to avoid converting more negative errors into invalid kernel memory pointers. This is a further fix for the basic issue discovered in CVE-2009-1250. stable/main/binary-armel/libopenafs-dev_1.4.7.dfsg1-6+lenny2_armel.deb stable/main/binary-armel/openafs-krb5_1.4.7.dfsg1-6+lenny2_armel.deb stable/main/binary-armel/openafs-dbg_1.4.7.dfsg1-6+lenny2_armel.deb stable/main/binary-armel/openafs-client_1.4.7.dfsg1-6+lenny2_armel.deb stable/main/binary-armel/openafs-fileserver_1.4.7.dfsg1-6+lenny2_armel.deb stable/main/binary-armel/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny2_armel.deb stable/main/binary-armel/openafs-dbserver_1.4.7.dfsg1-6+lenny2_armel.deb stable/main/binary-armel/openafs-kpasswd_1.4.7.dfsg1-6+lenny2_armel.deb openafs (1.4.7.dfsg1-6+lenny2) stable-proposed-updates; urgency=low * Apply upstream patch to avoid converting more negative errors into invalid kernel memory pointers. This is a further fix for the basic issue discovered in CVE-2009-1250. stable/main/binary-arm/openafs-client_1.4.7.dfsg1-6+lenny2_arm.deb stable/main/binary-arm/openafs-fileserver_1.4.7.dfsg1-6+lenny2_arm.deb stable/main/binary-arm/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny2_arm.deb stable/main/binary-arm/openafs-kpasswd_1.4.7.dfsg1-6+lenny2_arm.deb stable/main/binary-arm/openafs-dbserver_1.4.7.dfsg1-6+lenny2_arm.deb stable/main/binary-arm/libopenafs-dev_1.4.7.dfsg1-6+lenny2_arm.deb stable/main/binary-arm/openafs-krb5_1.4.7.dfsg1-6+lenny2_arm.deb stable/main/binary-arm/openafs-dbg_1.4.7.dfsg1-6+lenny2_arm.deb openafs (1.4.7.dfsg1-6+lenny2) stable-proposed-updates; urgency=low * Apply upstream patch to avoid converting more negative errors into invalid kernel memory pointers. This is a further fix for the basic issue discovered in CVE-2009-1250. stable/main/binary-amd64/libopenafs-dev_1.4.7.dfsg1-6+lenny2_amd64.deb stable/main/binary-amd64/openafs-krb5_1.4.7.dfsg1-6+lenny2_amd64.deb stable/main/binary-amd64/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny2_amd64.deb stable/main/binary-amd64/openafs-dbg_1.4.7.dfsg1-6+lenny2_amd64.deb stable/main/binary-amd64/openafs-fileserver_1.4.7.dfsg1-6+lenny2_amd64.deb stable/main/binary-amd64/openafs-client_1.4.7.dfsg1-6+lenny2_amd64.deb stable/main/binary-amd64/openafs-kpasswd_1.4.7.dfsg1-6+lenny2_amd64.deb stable/main/binary-amd64/openafs-dbserver_1.4.7.dfsg1-6+lenny2_amd64.deb openafs (1.4.7.dfsg1-6+lenny2) stable-proposed-updates; urgency=low * Apply upstream patch to avoid converting more negative errors into invalid kernel memory pointers. This is a further fix for the basic issue discovered in CVE-2009-1250. stable/main/binary-alpha/openafs-dbg_1.4.7.dfsg1-6+lenny2_alpha.deb stable/main/binary-alpha/openafs-kpasswd_1.4.7.dfsg1-6+lenny2_alpha.deb stable/main/binary-alpha/openafs-dbserver_1.4.7.dfsg1-6+lenny2_alpha.deb stable/main/binary-alpha/libopenafs-dev_1.4.7.dfsg1-6+lenny2_alpha.deb stable/main/binary-alpha/openafs-fileserver_1.4.7.dfsg1-6+lenny2_alpha.deb stable/main/binary-alpha/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny2_alpha.deb stable/main/binary-alpha/openafs-krb5_1.4.7.dfsg1-6+lenny2_alpha.deb stable/main/binary-alpha/openafs-client_1.4.7.dfsg1-6+lenny2_alpha.deb openafs (1.4.7.dfsg1-6+lenny2) stable-proposed-updates; urgency=low * Apply upstream patch to avoid converting more negative errors into invalid kernel memory pointers. This is a further fix for the basic issue discovered in CVE-2009-1250. stable/main/binary-i386/openafs-dbg_1.4.7.dfsg1-6+lenny2_i386.deb stable/main/binary-i386/openafs-kpasswd_1.4.7.dfsg1-6+lenny2_i386.deb stable/main/binary-all/openafs-doc_1.4.7.dfsg1-6+lenny2_all.deb stable/main/source/openafs_1.4.7.dfsg1-6+lenny2.diff.gz stable/main/binary-i386/openafs-krb5_1.4.7.dfsg1-6+lenny2_i386.deb stable/main/binary-i386/openafs-dbserver_1.4.7.dfsg1-6+lenny2_i386.deb stable/main/binary-i386/openafs-fileserver_1.4.7.dfsg1-6+lenny2_i386.deb stable/main/binary-i386/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny2_i386.deb stable/main/binary-i386/openafs-client_1.4.7.dfsg1-6+lenny2_i386.deb stable/main/binary-i386/libopenafs-dev_1.4.7.dfsg1-6+lenny2_i386.deb stable/main/binary-all/openafs-modules-source_1.4.7.dfsg1-6+lenny2_all.deb stable/main/source/openafs_1.4.7.dfsg1-6+lenny2.dsc openafs (1.4.7.dfsg1-6+lenny2) stable-proposed-updates; urgency=low * Apply upstream patch to avoid converting more negative errors into invalid kernel memory pointers. This is a further fix for the basic issue discovered in CVE-2009-1250. stable/main/binary-all/ocsinventory-agent_0.0.9.2repack1-4lenny1_all.deb stable/main/source/ocsinventory-agent_0.0.9.2repack1-4lenny1.dsc stable/main/source/ocsinventory-agent_0.0.9.2repack1-4lenny1.diff.gz ocsinventory-agent (1:0.0.9.2repack1-4lenny1) stable-security; urgency=high * Do not search backend module by scanning directories with File::Find anymore (Closes: #506416) - add exclude_curdir_recursion.patch stable/main/binary-sparc/libnss3-tools_3.12.3.1-0lenny1_sparc.deb stable/main/binary-sparc/libnss3-1d_3.12.3.1-0lenny1_sparc.deb stable/main/binary-sparc/libnss3-dev_3.12.3.1-0lenny1_sparc.deb stable/main/binary-sparc/libnss3-1d-dbg_3.12.3.1-0lenny1_sparc.deb nss (3.12.3.1-0lenny1) stable-security; urgency=high * Build for stable-security stable/main/binary-s390/libnss3-1d_3.12.3.1-0lenny1_s390.deb stable/main/binary-s390/libnss3-1d-dbg_3.12.3.1-0lenny1_s390.deb stable/main/binary-s390/libnss3-dev_3.12.3.1-0lenny1_s390.deb stable/main/binary-s390/libnss3-tools_3.12.3.1-0lenny1_s390.deb nss (3.12.3.1-0lenny1) stable-security; urgency=high * Build for stable-security stable/main/binary-powerpc/libnss3-dev_3.12.3.1-0lenny1_powerpc.deb stable/main/binary-powerpc/libnss3-1d_3.12.3.1-0lenny1_powerpc.deb stable/main/binary-powerpc/libnss3-tools_3.12.3.1-0lenny1_powerpc.deb stable/main/binary-powerpc/libnss3-1d-dbg_3.12.3.1-0lenny1_powerpc.deb nss (3.12.3.1-0lenny1) stable-security; urgency=high * Build for stable-security stable/main/binary-mipsel/libnss3-1d_3.12.3.1-0lenny1_mipsel.deb stable/main/binary-mipsel/libnss3-tools_3.12.3.1-0lenny1_mipsel.deb stable/main/binary-mipsel/libnss3-1d-dbg_3.12.3.1-0lenny1_mipsel.deb stable/main/binary-mipsel/libnss3-dev_3.12.3.1-0lenny1_mipsel.deb nss (3.12.3.1-0lenny1) stable-security; urgency=high * Build for stable-security stable/main/binary-mips/libnss3-dev_3.12.3.1-0lenny1_mips.deb stable/main/binary-mips/libnss3-1d-dbg_3.12.3.1-0lenny1_mips.deb stable/main/binary-mips/libnss3-tools_3.12.3.1-0lenny1_mips.deb stable/main/binary-mips/libnss3-1d_3.12.3.1-0lenny1_mips.deb nss (3.12.3.1-0lenny1) stable-security; urgency=high * Build for stable-security stable/main/binary-ia64/libnss3-dev_3.12.3.1-0lenny1_ia64.deb stable/main/binary-ia64/libnss3-tools_3.12.3.1-0lenny1_ia64.deb stable/main/binary-ia64/libnss3-1d-dbg_3.12.3.1-0lenny1_ia64.deb stable/main/binary-ia64/libnss3-1d_3.12.3.1-0lenny1_ia64.deb nss (3.12.3.1-0lenny1) stable-security; urgency=high * Build for stable-security stable/main/binary-hppa/libnss3-dev_3.12.3.1-0lenny1_hppa.deb stable/main/binary-hppa/libnss3-tools_3.12.3.1-0lenny1_hppa.deb stable/main/binary-hppa/libnss3-1d_3.12.3.1-0lenny1_hppa.deb stable/main/binary-hppa/libnss3-1d-dbg_3.12.3.1-0lenny1_hppa.deb nss (3.12.3.1-0lenny1) stable-security; urgency=high * Build for stable-security stable/main/binary-armel/libnss3-dev_3.12.3.1-0lenny1_armel.deb stable/main/binary-armel/libnss3-tools_3.12.3.1-0lenny1_armel.deb stable/main/binary-armel/libnss3-1d_3.12.3.1-0lenny1_armel.deb stable/main/binary-armel/libnss3-1d-dbg_3.12.3.1-0lenny1_armel.deb nss (3.12.3.1-0lenny1) stable-security; urgency=high * Build for stable-security stable/main/binary-arm/libnss3-1d-dbg_3.12.3.1-0lenny1_arm.deb stable/main/binary-arm/libnss3-1d_3.12.3.1-0lenny1_arm.deb stable/main/binary-arm/libnss3-tools_3.12.3.1-0lenny1_arm.deb stable/main/binary-arm/libnss3-dev_3.12.3.1-0lenny1_arm.deb nss (3.12.3.1-0lenny1) stable-security; urgency=high * Build for stable-security stable/main/binary-amd64/libnss3-dev_3.12.3.1-0lenny1_amd64.deb stable/main/binary-amd64/libnss3-1d_3.12.3.1-0lenny1_amd64.deb stable/main/binary-amd64/libnss3-tools_3.12.3.1-0lenny1_amd64.deb stable/main/binary-amd64/libnss3-1d-dbg_3.12.3.1-0lenny1_amd64.deb nss (3.12.3.1-0lenny1) stable-security; urgency=high * Build for stable-security stable/main/binary-alpha/libnss3-1d-dbg_3.12.3.1-0lenny1_alpha.deb stable/main/binary-alpha/libnss3-dev_3.12.3.1-0lenny1_alpha.deb stable/main/binary-alpha/libnss3-1d_3.12.3.1-0lenny1_alpha.deb stable/main/binary-alpha/libnss3-tools_3.12.3.1-0lenny1_alpha.deb nss (3.12.3.1-0lenny1) stable-security; urgency=high * Build for stable-security stable/main/binary-i386/libnss3-1d_3.12.3.1-0lenny1_i386.deb stable/main/binary-i386/libnss3-tools_3.12.3.1-0lenny1_i386.deb stable/main/binary-i386/libnss3-1d-dbg_3.12.3.1-0lenny1_i386.deb stable/main/source/nss_3.12.3.1-0lenny1.diff.gz stable/main/source/nss_3.12.3.1-0lenny1.dsc stable/main/binary-i386/libnss3-dev_3.12.3.1-0lenny1_i386.deb nss (3.12.3.1-0lenny1) stable-security; urgency=high * Build for stable-security stable/main/binary-all/nexuiz-data_2.4.2-1+lenny1_all.deb stable/main/source/nexuiz-data_2.4.2-1+lenny1.diff.gz stable/main/source/nexuiz-data_2.4.2-1+lenny1.dsc stable/main/binary-all/nexuiz-music_2.4.2-1+lenny1_all.deb nexuiz-data (2.4.2-1+lenny1) stable; urgency=low * New patch disable_update_check to stop nagging users about the new upstream version (closes: #522738) * Move patch-stamp to build-stamp dependency to ensure that it happens before building. stable/main/binary-sparc/libmysqlclient15-dev_5.0.51a-24+lenny2_sparc.deb stable/main/binary-sparc/libmysqlclient15off_5.0.51a-24+lenny2_sparc.deb stable/main/binary-sparc/mysql-client-5.0_5.0.51a-24+lenny2_sparc.deb stable/main/binary-sparc/mysql-server-5.0_5.0.51a-24+lenny2_sparc.deb mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high * SECURITY: Fix for CVE-2009-2446: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. Closes: #536726. Complete debdiff for 5.0.51a-24+lenny2 generously contributed by Christian Hammers . stable/main/binary-s390/libmysqlclient15-dev_5.0.51a-24+lenny2_s390.deb stable/main/binary-s390/libmysqlclient15off_5.0.51a-24+lenny2_s390.deb stable/main/binary-s390/mysql-server-5.0_5.0.51a-24+lenny2_s390.deb stable/main/binary-s390/mysql-client-5.0_5.0.51a-24+lenny2_s390.deb mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high * SECURITY: Fix for CVE-2009-2446: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. Closes: #536726. Complete debdiff for 5.0.51a-24+lenny2 generously contributed by Christian Hammers . stable/main/binary-powerpc/libmysqlclient15-dev_5.0.51a-24+lenny2_powerpc.deb stable/main/binary-powerpc/mysql-client-5.0_5.0.51a-24+lenny2_powerpc.deb stable/main/binary-powerpc/libmysqlclient15off_5.0.51a-24+lenny2_powerpc.deb stable/main/binary-powerpc/mysql-server-5.0_5.0.51a-24+lenny2_powerpc.deb mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high * SECURITY: Fix for CVE-2009-2446: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. Closes: #536726. Complete debdiff for 5.0.51a-24+lenny2 generously contributed by Christian Hammers . stable/main/binary-mipsel/libmysqlclient15off_5.0.51a-24+lenny2_mipsel.deb stable/main/binary-mipsel/libmysqlclient15-dev_5.0.51a-24+lenny2_mipsel.deb stable/main/binary-mipsel/mysql-client-5.0_5.0.51a-24+lenny2_mipsel.deb stable/main/binary-mipsel/mysql-server-5.0_5.0.51a-24+lenny2_mipsel.deb mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high * SECURITY: Fix for CVE-2009-2446: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. Closes: #536726. Complete debdiff for 5.0.51a-24+lenny2 generously contributed by Christian Hammers . stable/main/binary-mips/libmysqlclient15off_5.0.51a-24+lenny2_mips.deb stable/main/binary-mips/libmysqlclient15-dev_5.0.51a-24+lenny2_mips.deb stable/main/binary-mips/mysql-client-5.0_5.0.51a-24+lenny2_mips.deb stable/main/binary-mips/mysql-server-5.0_5.0.51a-24+lenny2_mips.deb mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high * SECURITY: Fix for CVE-2009-2446: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. Closes: #536726. Complete debdiff for 5.0.51a-24+lenny2 generously contributed by Christian Hammers . stable/main/binary-ia64/libmysqlclient15-dev_5.0.51a-24+lenny2_ia64.deb stable/main/binary-ia64/libmysqlclient15off_5.0.51a-24+lenny2_ia64.deb stable/main/binary-ia64/mysql-client-5.0_5.0.51a-24+lenny2_ia64.deb stable/main/binary-ia64/mysql-server-5.0_5.0.51a-24+lenny2_ia64.deb mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high * SECURITY: Fix for CVE-2009-2446: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. Closes: #536726. Complete debdiff for 5.0.51a-24+lenny2 generously contributed by Christian Hammers . stable/main/binary-hppa/libmysqlclient15off_5.0.51a-24+lenny2_hppa.deb stable/main/binary-hppa/mysql-client-5.0_5.0.51a-24+lenny2_hppa.deb stable/main/binary-hppa/libmysqlclient15-dev_5.0.51a-24+lenny2_hppa.deb stable/main/binary-hppa/mysql-server-5.0_5.0.51a-24+lenny2_hppa.deb mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high * SECURITY: Fix for CVE-2009-2446: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. Closes: #536726. Complete debdiff for 5.0.51a-24+lenny2 generously contributed by Christian Hammers . stable/main/binary-armel/mysql-server-5.0_5.0.51a-24+lenny2_armel.deb stable/main/binary-armel/libmysqlclient15off_5.0.51a-24+lenny2_armel.deb stable/main/binary-armel/libmysqlclient15-dev_5.0.51a-24+lenny2_armel.deb stable/main/binary-armel/mysql-client-5.0_5.0.51a-24+lenny2_armel.deb mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high * SECURITY: Fix for CVE-2009-2446: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. Closes: #536726. Complete debdiff for 5.0.51a-24+lenny2 generously contributed by Christian Hammers . stable/main/binary-arm/libmysqlclient15off_5.0.51a-24+lenny2_arm.deb stable/main/binary-arm/libmysqlclient15-dev_5.0.51a-24+lenny2_arm.deb stable/main/binary-arm/mysql-client-5.0_5.0.51a-24+lenny2_arm.deb stable/main/binary-arm/mysql-server-5.0_5.0.51a-24+lenny2_arm.deb mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high * SECURITY: Fix for CVE-2009-2446: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. Closes: #536726. Complete debdiff for 5.0.51a-24+lenny2 generously contributed by Christian Hammers . stable/main/binary-amd64/mysql-server-5.0_5.0.51a-24+lenny2_amd64.deb stable/main/binary-amd64/libmysqlclient15-dev_5.0.51a-24+lenny2_amd64.deb stable/main/binary-amd64/libmysqlclient15off_5.0.51a-24+lenny2_amd64.deb stable/main/binary-amd64/mysql-client-5.0_5.0.51a-24+lenny2_amd64.deb mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high * SECURITY: Fix for CVE-2009-2446: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. Closes: #536726. Complete debdiff for 5.0.51a-24+lenny2 generously contributed by Christian Hammers . stable/main/binary-alpha/libmysqlclient15off_5.0.51a-24+lenny2_alpha.deb stable/main/binary-alpha/libmysqlclient15-dev_5.0.51a-24+lenny2_alpha.deb stable/main/binary-alpha/mysql-client-5.0_5.0.51a-24+lenny2_alpha.deb stable/main/binary-alpha/mysql-server-5.0_5.0.51a-24+lenny2_alpha.deb mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high * SECURITY: Fix for CVE-2009-2446: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. Closes: #536726. Complete debdiff for 5.0.51a-24+lenny2 generously contributed by Christian Hammers . stable/main/binary-all/mysql-server_5.0.51a-24+lenny2_all.deb stable/main/source/mysql-dfsg-5.0_5.0.51a-24+lenny2.dsc stable/main/binary-all/mysql-common_5.0.51a-24+lenny2_all.deb stable/main/binary-all/mysql-client_5.0.51a-24+lenny2_all.deb stable/main/binary-i386/mysql-server-5.0_5.0.51a-24+lenny2_i386.deb stable/main/binary-i386/mysql-client-5.0_5.0.51a-24+lenny2_i386.deb stable/main/binary-i386/libmysqlclient15-dev_5.0.51a-24+lenny2_i386.deb stable/main/binary-i386/libmysqlclient15off_5.0.51a-24+lenny2_i386.deb stable/main/source/mysql-dfsg-5.0_5.0.51a-24+lenny2.diff.gz mysql-dfsg-5.0 (5.0.51a-24+lenny2) stable-security; urgency=high * SECURITY: Fix for CVE-2009-2446: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. Closes: #536726. Complete debdiff for 5.0.51a-24+lenny2 generously contributed by Christian Hammers . stable/main/binary-sparc/multipath-udeb_0.4.8-14+lenny2_sparc.udeb stable/main/binary-sparc/multipath-tools_0.4.8-14+lenny2_sparc.deb stable/main/binary-sparc/kpartx_0.4.8-14+lenny2_sparc.deb multipath-tools (0.4.8-14+lenny2) stable-proposed-updates; urgency=low * [ea3a89c] On shutdown multipathd flushes its internal message queue but we have to check if the messages on the queue are not empty. (Closes: #519252) stable/main/binary-s390/kpartx_0.4.8-14+lenny2_s390.deb stable/main/binary-s390/multipath-udeb_0.4.8-14+lenny2_s390.udeb stable/main/binary-s390/multipath-tools_0.4.8-14+lenny2_s390.deb multipath-tools (0.4.8-14+lenny2) stable-proposed-updates; urgency=low * [ea3a89c] On shutdown multipathd flushes its internal message queue but we have to check if the messages on the queue are not empty. (Closes: #519252) stable/main/binary-powerpc/kpartx_0.4.8-14+lenny2_powerpc.deb stable/main/binary-powerpc/multipath-tools_0.4.8-14+lenny2_powerpc.deb stable/main/binary-powerpc/multipath-udeb_0.4.8-14+lenny2_powerpc.udeb multipath-tools (0.4.8-14+lenny2) stable-proposed-updates; urgency=low * [ea3a89c] On shutdown multipathd flushes its internal message queue but we have to check if the messages on the queue are not empty. (Closes: #519252) stable/main/binary-mipsel/multipath-tools_0.4.8-14+lenny2_mipsel.deb stable/main/binary-mipsel/multipath-udeb_0.4.8-14+lenny2_mipsel.udeb stable/main/binary-mipsel/kpartx_0.4.8-14+lenny2_mipsel.deb multipath-tools (0.4.8-14+lenny2) stable-proposed-updates; urgency=low * [ea3a89c] On shutdown multipathd flushes its internal message queue but we have to check if the messages on the queue are not empty. (Closes: #519252) stable/main/binary-mips/multipath-tools_0.4.8-14+lenny2_mips.deb stable/main/binary-mips/multipath-udeb_0.4.8-14+lenny2_mips.udeb stable/main/binary-mips/kpartx_0.4.8-14+lenny2_mips.deb multipath-tools (0.4.8-14+lenny2) stable-proposed-updates; urgency=low * [ea3a89c] On shutdown multipathd flushes its internal message queue but we have to check if the messages on the queue are not empty. (Closes: #519252) stable/main/binary-ia64/multipath-udeb_0.4.8-14+lenny2_ia64.udeb stable/main/binary-ia64/kpartx_0.4.8-14+lenny2_ia64.deb stable/main/binary-ia64/multipath-tools_0.4.8-14+lenny2_ia64.deb multipath-tools (0.4.8-14+lenny2) stable-proposed-updates; urgency=low * [ea3a89c] On shutdown multipathd flushes its internal message queue but we have to check if the messages on the queue are not empty. (Closes: #519252) stable/main/binary-hppa/kpartx_0.4.8-14+lenny2_hppa.deb stable/main/binary-hppa/multipath-tools_0.4.8-14+lenny2_hppa.deb stable/main/binary-hppa/multipath-udeb_0.4.8-14+lenny2_hppa.udeb multipath-tools (0.4.8-14+lenny2) stable-proposed-updates; urgency=low * [ea3a89c] On shutdown multipathd flushes its internal message queue but we have to check if the messages on the queue are not empty. (Closes: #519252) stable/main/binary-armel/multipath-tools_0.4.8-14+lenny2_armel.deb stable/main/binary-armel/kpartx_0.4.8-14+lenny2_armel.deb stable/main/binary-armel/multipath-udeb_0.4.8-14+lenny2_armel.udeb multipath-tools (0.4.8-14+lenny2) stable-proposed-updates; urgency=low * [ea3a89c] On shutdown multipathd flushes its internal message queue but we have to check if the messages on the queue are not empty. (Closes: #519252) stable/main/binary-arm/multipath-udeb_0.4.8-14+lenny2_arm.udeb stable/main/binary-arm/kpartx_0.4.8-14+lenny2_arm.deb stable/main/binary-arm/multipath-tools_0.4.8-14+lenny2_arm.deb multipath-tools (0.4.8-14+lenny2) stable-proposed-updates; urgency=low * [ea3a89c] On shutdown multipathd flushes its internal message queue but we have to check if the messages on the queue are not empty. (Closes: #519252) stable/main/binary-amd64/kpartx_0.4.8-14+lenny2_amd64.deb stable/main/binary-amd64/multipath-tools_0.4.8-14+lenny2_amd64.deb stable/main/binary-amd64/multipath-udeb_0.4.8-14+lenny2_amd64.udeb multipath-tools (0.4.8-14+lenny2) stable-proposed-updates; urgency=low * [ea3a89c] On shutdown multipathd flushes its internal message queue but we have to check if the messages on the queue are not empty. (Closes: #519252) stable/main/binary-alpha/multipath-udeb_0.4.8-14+lenny2_alpha.udeb stable/main/binary-alpha/kpartx_0.4.8-14+lenny2_alpha.deb stable/main/binary-alpha/multipath-tools_0.4.8-14+lenny2_alpha.deb multipath-tools (0.4.8-14+lenny2) stable-proposed-updates; urgency=low * [ea3a89c] On shutdown multipathd flushes its internal message queue but we have to check if the messages on the queue are not empty. (Closes: #519252) stable/main/source/multipath-tools_0.4.8-14+lenny2.dsc stable/main/binary-i386/multipath-udeb_0.4.8-14+lenny2_i386.udeb stable/main/binary-i386/kpartx_0.4.8-14+lenny2_i386.deb stable/main/binary-all/multipath-tools-boot_0.4.8-14+lenny2_all.deb stable/main/source/multipath-tools_0.4.8-14+lenny2.diff.gz stable/main/binary-i386/multipath-tools_0.4.8-14+lenny2_i386.deb multipath-tools (0.4.8-14+lenny2) stable-proposed-updates; urgency=low * [ea3a89c] On shutdown multipathd flushes its internal message queue but we have to check if the messages on the queue are not empty. (Closes: #519252) stable/main/binary-sparc/libapache2-mod-wsgi_2.5-1~lenny1_sparc.deb mod-wsgi (2.5-1~lenny1) stable; urgency=medium * Rebuild for Lenny (Closes: #526154) * Add patch from upstream's mod_wsgi-2.X branch (revision 1352) (decrement of reference count on NULL pointer) stable/main/binary-s390/libapache2-mod-wsgi_2.5-1~lenny1_s390.deb mod-wsgi (2.5-1~lenny1) stable; urgency=medium * Rebuild for Lenny (Closes: #526154) * Add patch from upstream's mod_wsgi-2.X branch (revision 1352) (decrement of reference count on NULL pointer) stable/main/binary-powerpc/libapache2-mod-wsgi_2.5-1~lenny1_powerpc.deb mod-wsgi (2.5-1~lenny1) stable; urgency=medium * Rebuild for Lenny (Closes: #526154) * Add patch from upstream's mod_wsgi-2.X branch (revision 1352) (decrement of reference count on NULL pointer) stable/main/binary-mipsel/libapache2-mod-wsgi_2.5-1~lenny1_mipsel.deb mod-wsgi (2.5-1~lenny1) stable; urgency=medium * Rebuild for Lenny (Closes: #526154) * Add patch from upstream's mod_wsgi-2.X branch (revision 1352) (decrement of reference count on NULL pointer) stable/main/binary-mips/libapache2-mod-wsgi_2.5-1~lenny1_mips.deb mod-wsgi (2.5-1~lenny1) stable; urgency=medium * Rebuild for Lenny (Closes: #526154) * Add patch from upstream's mod_wsgi-2.X branch (revision 1352) (decrement of reference count on NULL pointer) stable/main/binary-ia64/libapache2-mod-wsgi_2.5-1~lenny1_ia64.deb mod-wsgi (2.5-1~lenny1) stable; urgency=medium * Rebuild for Lenny (Closes: #526154) * Add patch from upstream's mod_wsgi-2.X branch (revision 1352) (decrement of reference count on NULL pointer) stable/main/binary-i386/libapache2-mod-wsgi_2.5-1~lenny1_i386.deb mod-wsgi (2.5-1~lenny1) stable; urgency=medium * Rebuild for Lenny (Closes: #526154) * Add patch from upstream's mod_wsgi-2.X branch (revision 1352) (decrement of reference count on NULL pointer) stable/main/binary-hppa/libapache2-mod-wsgi_2.5-1~lenny1_hppa.deb mod-wsgi (2.5-1~lenny1) stable; urgency=medium * Rebuild for Lenny (Closes: #526154) * Add patch from upstream's mod_wsgi-2.X branch (revision 1352) (decrement of reference count on NULL pointer) stable/main/binary-armel/libapache2-mod-wsgi_2.5-1~lenny1_armel.deb mod-wsgi (2.5-1~lenny1) stable; urgency=medium * Rebuild for Lenny (Closes: #526154) * Add patch from upstream's mod_wsgi-2.X branch (revision 1352) (decrement of reference count on NULL pointer) stable/main/binary-arm/libapache2-mod-wsgi_2.5-1~lenny1_arm.deb mod-wsgi (2.5-1~lenny1) stable; urgency=medium * Rebuild for Lenny (Closes: #526154) * Add patch from upstream's mod_wsgi-2.X branch (revision 1352) (decrement of reference count on NULL pointer) stable/main/binary-alpha/libapache2-mod-wsgi_2.5-1~lenny1_alpha.deb mod-wsgi (2.5-1~lenny1) stable; urgency=medium * Rebuild for Lenny (Closes: #526154) * Add patch from upstream's mod_wsgi-2.X branch (revision 1352) (decrement of reference count on NULL pointer) stable/main/source/mod-wsgi_2.5-1~lenny1.dsc stable/main/binary-amd64/libapache2-mod-wsgi_2.5-1~lenny1_amd64.deb stable/main/source/mod-wsgi_2.5-1~lenny1.diff.gz mod-wsgi (2.5-1~lenny1) stable; urgency=medium * Rebuild for Lenny (Closes: #526154) * Add patch from upstream's mod_wsgi-2.X branch (revision 1352) (decrement of reference count on NULL pointer) stable/main/binary-sparc/memcached_1.2.2-1+lenny1_sparc.deb memcached (1.2.2-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix heap-based buffer overflows due to integer overflow in length processing (CVE-2009-2415). stable/main/binary-s390/memcached_1.2.2-1+lenny1_s390.deb memcached (1.2.2-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix heap-based buffer overflows due to integer overflow in length processing (CVE-2009-2415). stable/main/binary-powerpc/memcached_1.2.2-1+lenny1_powerpc.deb memcached (1.2.2-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix heap-based buffer overflows due to integer overflow in length processing (CVE-2009-2415). stable/main/binary-mipsel/memcached_1.2.2-1+lenny1_mipsel.deb memcached (1.2.2-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix heap-based buffer overflows due to integer overflow in length processing (CVE-2009-2415). stable/main/binary-mips/memcached_1.2.2-1+lenny1_mips.deb memcached (1.2.2-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix heap-based buffer overflows due to integer overflow in length processing (CVE-2009-2415). stable/main/binary-ia64/memcached_1.2.2-1+lenny1_ia64.deb memcached (1.2.2-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix heap-based buffer overflows due to integer overflow in length processing (CVE-2009-2415). stable/main/binary-i386/memcached_1.2.2-1+lenny1_i386.deb memcached (1.2.2-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix heap-based buffer overflows due to integer overflow in length processing (CVE-2009-2415). stable/main/binary-hppa/memcached_1.2.2-1+lenny1_hppa.deb memcached (1.2.2-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix heap-based buffer overflows due to integer overflow in length processing (CVE-2009-2415). stable/main/binary-armel/memcached_1.2.2-1+lenny1_armel.deb memcached (1.2.2-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix heap-based buffer overflows due to integer overflow in length processing (CVE-2009-2415). stable/main/binary-arm/memcached_1.2.2-1+lenny1_arm.deb memcached (1.2.2-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix heap-based buffer overflows due to integer overflow in length processing (CVE-2009-2415). stable/main/binary-alpha/memcached_1.2.2-1+lenny1_alpha.deb memcached (1.2.2-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix heap-based buffer overflows due to integer overflow in length processing (CVE-2009-2415). stable/main/source/memcached_1.2.2-1+lenny1.dsc stable/main/source/memcached_1.2.2-1+lenny1.diff.gz stable/main/binary-amd64/memcached_1.2.2-1+lenny1_amd64.deb memcached (1.2.2-1+lenny1) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fix heap-based buffer overflows due to integer overflow in length processing (CVE-2009-2415). stable/main/binary-all/mantis_1.1.6+dfsg-2lenny1_all.deb stable/main/source/mantis_1.1.6+dfsg-2lenny1.dsc stable/main/source/mantis_1.1.6+dfsg-2lenny1.diff.gz mantis (1.1.6+dfsg-2lenny1) stable-security; urgency=high * Urgency high because this upload fixes a security issue * Fix a security issue with the default permissions of the database configuration. It has been world-readable. It is now fixed for new installations and previous installations are (carefully) updated. (Closes: #425010) stable/main/binary-sparc/ppp-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/source/linux-kernel-di-sparc-2.6_1.41lenny5.dsc stable/main/binary-sparc/pata-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/scsi-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/jfs-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/kernel-image-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/md-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/zlib-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/ext3-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/cdrom-core-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/xfs-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/isofs-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/ide-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/ata-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/usb-storage-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/nls-core-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/usb-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/ipv6-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/multipath-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/scsi-core-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/source/linux-kernel-di-sparc-2.6_1.41lenny5.tar.gz stable/main/binary-sparc/nic-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/reiserfs-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/sata-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/plip-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/crypto-dm-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/crypto-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/fat-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/crypto-core-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb stable/main/binary-sparc/scsi-common-modules-2.6.26-2-sparc64-di_1.41lenny5_sparc.udeb linux-kernel-di-sparc-2.6 (1.41lenny5) stable; urgency=low * Built against version 2.6.26-19 of linux-2.6. stable/main/binary-s390/ext3-modules-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/binary-s390/scsi-modules-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/binary-s390/multipath-modules-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/source/linux-kernel-di-s390-2.6_0.37lenny5.dsc stable/main/binary-s390/crypto-modules-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/binary-s390/crypto-core-modules-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/binary-s390/md-modules-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/source/linux-kernel-di-s390-2.6_0.37lenny5.tar.gz stable/main/binary-s390/fat-modules-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/binary-s390/crypto-dm-modules-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/binary-s390/dasd-modules-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/binary-s390/core-modules-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/binary-s390/kernel-image-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/binary-s390/ext2-modules-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/binary-s390/scsi-core-modules-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/binary-s390/nic-modules-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/binary-s390/xfs-modules-2.6.26-2-s390-di_0.37lenny5_s390.udeb stable/main/binary-s390/kernel-image-2.6.26-2-s390-tape-di_0.37lenny5_s390.udeb linux-kernel-di-s390-2.6 (0.37lenny5) stable; urgency=low * Built against version 2.6.26-19 of linux-2.6. stable/main/binary-powerpc/isofs-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/loop-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/ext2-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/pata-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/multipath-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/ata-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/uinput-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/nic-extra-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/zlib-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/ata-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/pcmcia-storage-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/scsi-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/ppp-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/scsi-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/crypto-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/ext3-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/cdrom-core-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/floppy-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/scsi-common-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/fat-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/md-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/jfs-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/input-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/ext3-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/input-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/source/linux-kernel-di-powerpc-2.6_1.48lenny5.tar.gz stable/main/binary-powerpc/mouse-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/reiserfs-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/md-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/fancontrol-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/nls-core-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/crypto-core-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/jfs-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/pcmcia-storage-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/zlib-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/serial-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/kernel-image-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/reiserfs-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/nic-extra-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/cdrom-core-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/sata-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/scsi-common-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/crypto-dm-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/pcmcia-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/core-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/ide-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/nic-pcmcia-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/usb-storage-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/crypto-core-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/affs-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/xfs-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/nic-pcmcia-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/multipath-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/hfs-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/nic-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/ipv6-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/usb-serial-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/ufs-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/ppp-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/crypto-dm-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/ext2-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/ide-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/hypervisor-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/mouse-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/xfs-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/crypto-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/scsi-core-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/firewire-core-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/firewire-core-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/usb-serial-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/nic-shared-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/scsi-extra-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/ufs-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/isofs-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/ipv6-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/loop-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/usb-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/irda-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/usb-storage-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/kernel-image-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/hfs-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/scsi-extra-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/irda-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/nic-shared-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/uinput-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/scsi-core-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/fat-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/nic-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/floppy-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/serial-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/core-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/affs-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/nls-core-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/source/linux-kernel-di-powerpc-2.6_1.48lenny5.dsc stable/main/binary-powerpc/sata-modules-2.6.26-2-powerpc-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/usb-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/pcmcia-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb stable/main/binary-powerpc/pata-modules-2.6.26-2-powerpc64-di_1.48lenny5_powerpc.udeb linux-kernel-di-powerpc-2.6 (1.48lenny5) stable; urgency=low * Built against version 2.6.26-19 of linux-2.6. stable/main/binary-mipsel/rtc-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/reiserfs-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/kernel-image-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/cdrom-core-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/fat-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/ipv6-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/cdrom-core-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/source/linux-kernel-di-mipsel-2.6_1.8lenny5.tar.gz stable/main/binary-mipsel/fb-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/rtc-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/ide-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/nfs-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/usb-storage-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/ppp-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/crypto-dm-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/isofs-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/loop-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/jfs-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/reiserfs-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/sata-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/input-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/multipath-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/nls-core-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/usb-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/multipath-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/reiserfs-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/ppp-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/usb-storage-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/crypto-dm-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/md-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/scsi-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/scsi-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/scsi-core-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/ipv6-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/jfs-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/jfs-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/multipath-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/crypto-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/cdrom-core-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/ppp-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/fat-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/usb-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/usb-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/ppp-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/reiserfs-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/source/linux-kernel-di-mipsel-2.6_1.8lenny5.dsc stable/main/binary-mipsel/input-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/ipv6-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/ipv6-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/crypto-core-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/sata-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/cdrom-core-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/xfs-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/nls-core-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/input-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/xfs-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/jfs-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/kernel-image-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/ide-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/multipath-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/sata-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/scsi-common-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/fat-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/usb-storage-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/crypto-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/loop-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/crypto-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/scsi-core-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/nls-core-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/scsi-common-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/kernel-image-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/kernel-image-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/xfs-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/md-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/loop-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/fat-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/isofs-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/loop-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/md-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/md-modules-2.6.26-2-r5k-cobalt-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/crypto-dm-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/fb-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/ide-modules-2.6.26-2-sb1-bcm91250a-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/xfs-modules-2.6.26-2-4kc-malta-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/crypto-dm-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb stable/main/binary-mipsel/crypto-modules-2.6.26-2-sb1a-bcm91480b-di_1.8lenny5_mipsel.udeb linux-kernel-di-mipsel-2.6 (1.8lenny5) stable; urgency=low * Built against version 2.6.26-19 of linux-2.6. stable/main/binary-mips/ide-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/crypto-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/jfs-modules-2.6.26-2-r4k-ip22-di_1.9lenny5_mips.udeb stable/main/binary-mips/ide-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/kernel-image-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/cdrom-core-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/md-modules-2.6.26-2-r4k-ip22-di_1.9lenny5_mips.udeb stable/main/binary-mips/multipath-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/jfs-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/rtc-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/ide-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/crypto-dm-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/fat-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/md-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/source/linux-kernel-di-mips-2.6_1.9lenny5.dsc stable/main/binary-mips/sata-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/rtc-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/reiserfs-modules-2.6.26-2-r4k-ip22-di_1.9lenny5_mips.udeb stable/main/binary-mips/nls-core-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/sata-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/usb-storage-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/ipv6-modules-2.6.26-2-r5k-ip32-di_1.9lenny5_mips.udeb stable/main/binary-mips/scsi-common-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/source/linux-kernel-di-mips-2.6_1.9lenny5.tar.gz stable/main/binary-mips/ipv6-modules-2.6.26-2-r4k-ip22-di_1.9lenny5_mips.udeb stable/main/binary-mips/xfs-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/crypto-dm-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/xfs-modules-2.6.26-2-r5k-ip32-di_1.9lenny5_mips.udeb stable/main/binary-mips/reiserfs-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/reiserfs-modules-2.6.26-2-r5k-ip32-di_1.9lenny5_mips.udeb stable/main/binary-mips/kernel-image-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/loop-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/crypto-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/crypto-core-modules-2.6.26-2-r5k-ip32-di_1.9lenny5_mips.udeb stable/main/binary-mips/ipv6-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/multipath-modules-2.6.26-2-r5k-ip32-di_1.9lenny5_mips.udeb stable/main/binary-mips/md-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/crypto-core-modules-2.6.26-2-r4k-ip22-di_1.9lenny5_mips.udeb stable/main/binary-mips/crypto-dm-modules-2.6.26-2-r4k-ip22-di_1.9lenny5_mips.udeb stable/main/binary-mips/reiserfs-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/usb-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/jfs-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/crypto-modules-2.6.26-2-r4k-ip22-di_1.9lenny5_mips.udeb stable/main/binary-mips/reiserfs-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/md-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/isofs-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/loop-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/kernel-image-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/crypto-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/xfs-modules-2.6.26-2-r4k-ip22-di_1.9lenny5_mips.udeb stable/main/binary-mips/md-modules-2.6.26-2-r5k-ip32-di_1.9lenny5_mips.udeb stable/main/binary-mips/loop-modules-2.6.26-2-r4k-ip22-di_1.9lenny5_mips.udeb stable/main/binary-mips/crypto-dm-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/jfs-modules-2.6.26-2-r5k-ip32-di_1.9lenny5_mips.udeb stable/main/binary-mips/input-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/fb-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/loop-modules-2.6.26-2-r5k-ip32-di_1.9lenny5_mips.udeb stable/main/binary-mips/fat-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/crypto-dm-modules-2.6.26-2-r5k-ip32-di_1.9lenny5_mips.udeb stable/main/binary-mips/scsi-core-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/cdrom-core-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/fb-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/multipath-modules-2.6.26-2-r4k-ip22-di_1.9lenny5_mips.udeb stable/main/binary-mips/usb-storage-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/input-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/xfs-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/scsi-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/input-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/fat-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/scsi-core-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/sata-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/ipv6-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/ipv6-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/scsi-common-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/loop-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/jfs-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb stable/main/binary-mips/nls-core-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/ppp-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/xfs-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/usb-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/crypto-modules-2.6.26-2-r5k-ip32-di_1.9lenny5_mips.udeb stable/main/binary-mips/scsi-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/cdrom-core-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/kernel-image-2.6.26-2-r5k-ip32-di_1.9lenny5_mips.udeb stable/main/binary-mips/multipath-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/usb-storage-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/multipath-modules-2.6.26-2-4kc-malta-di_1.9lenny5_mips.udeb stable/main/binary-mips/kernel-image-2.6.26-2-r4k-ip22-di_1.9lenny5_mips.udeb stable/main/binary-mips/isofs-modules-2.6.26-2-sb1a-bcm91480b-di_1.9lenny5_mips.udeb stable/main/binary-mips/usb-modules-2.6.26-2-sb1-bcm91250a-di_1.9lenny5_mips.udeb linux-kernel-di-mips-2.6 (1.9lenny5) stable; urgency=low * Built against version 2.6.26-19 of linux-2.6. stable/main/binary-ia64/sn-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/multipath-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/nls-core-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/usb-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/source/linux-kernel-di-ia64-2.6_1.42lenny5.dsc stable/main/binary-ia64/uinput-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/scsi-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/jfs-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/plip-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/fb-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/kernel-image-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/crc-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/scsi-core-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/mouse-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/crypto-core-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/reiserfs-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/firewire-core-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/ide-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/nic-usb-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/ata-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/cdrom-core-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/nic-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/pcmcia-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/ext3-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/ufs-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/isofs-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/zlib-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/ppp-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/core-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/ntfs-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/input-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/source/linux-kernel-di-ia64-2.6_1.42lenny5.tar.gz stable/main/binary-ia64/ipv6-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/efi-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/irda-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/ide-core-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/sata-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/xfs-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/crypto-dm-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/serial-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/usb-storage-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/fat-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/md-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/parport-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/loop-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/crypto-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb stable/main/binary-ia64/nic-shared-modules-2.6.26-2-itanium-di_1.42lenny5_ia64.udeb linux-kernel-di-ia64-2.6 (1.42lenny5) stable; urgency=low * Make zlib-modules a dependency of nic-modules (bnx2x needs zlib_inflate) * Built against version 2.6.26-19 of linux-2.6. stable/main/binary-i386/firewire-core-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/reiserfs-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/nls-core-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/nic-wireless-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/scsi-common-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/ata-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/crc-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/nic-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/mouse-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/scsi-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/pcmcia-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/usb-serial-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/ide-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/ipv6-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/scsi-extra-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/crypto-core-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/uinput-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/scsi-core-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/mmc-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/usb-storage-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/fat-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/usb-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/isofs-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/virtio-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/core-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/parport-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/reiserfs-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/jfs-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/ide-core-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/nic-usb-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/xfs-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/crypto-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/floppy-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/virtio-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/ppp-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/nic-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/plip-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/cdrom-core-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/source/linux-kernel-di-i386-2.6_1.76lenny5.dsc stable/main/binary-i386/nic-pcmcia-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/acpi-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/xfs-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/pcmcia-storage-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/ata-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/nic-extra-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/irda-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/serial-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/ntfs-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/crypto-dm-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/multipath-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/md-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/fb-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/nic-wireless-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/ppp-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/qnx4-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/acpi-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/ide-core-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/pcmcia-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/ext2-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/scsi-common-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/pata-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/source/linux-kernel-di-i386-2.6_1.76lenny5.tar.gz stable/main/binary-i386/crc-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/ntfs-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/firewire-core-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/ext2-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/jfs-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/nic-extra-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/irda-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/qnx4-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/serial-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/zlib-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/isofs-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/sata-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/plip-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/kernel-image-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/crypto-core-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/md-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/usb-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/usb-serial-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/usb-storage-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/fb-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/crypto-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/nls-core-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/cdrom-core-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/ufs-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/ufs-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/input-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/scsi-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/ext3-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/efi-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/scsi-core-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/pcmcia-storage-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/parport-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/nic-pcmcia-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/nic-shared-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/ide-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/scsi-extra-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/loop-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/ipv6-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/uinput-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/mmc-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/pata-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/fat-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/nic-shared-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/sata-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/kernel-image-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/core-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/loop-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/zlib-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/nic-usb-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/crypto-dm-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/mouse-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/floppy-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/input-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/multipath-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb stable/main/binary-i386/ext3-modules-2.6.26-2-486-di_1.76lenny5_i386.udeb stable/main/binary-i386/efi-modules-2.6.26-2-686-bigmem-di_1.76lenny5_i386.udeb linux-kernel-di-i386-2.6 (1.76lenny5) stable; urgency=low * Built against version 2.6.26-19 of linux-2.6. stable/main/binary-hppa/loop-modules-2.6.26-2-parisc-di_1.38lenny5_hppa.udeb stable/main/binary-hppa/kernel-image-2.6.26-2-parisc64-di_1.38lenny5_hppa.udeb stable/main/binary-hppa/crypto-core-modules-2.6.26-2-parisc64-di_1.38lenny5_hppa.udeb stable/main/binary-hppa/usb-storage-modules-2.6.26-2-parisc-di_1.38lenny5_hppa.udeb stable/main/source/linux-kernel-di-hppa-2.6_1.38lenny5.tar.gz stable/main/binary-hppa/multipath-modules-2.6.26-2-parisc-di_1.38lenny5_hppa.udeb stable/main/binary-hppa/crypto-core-modules-2.6.26-2-parisc-di_1.38lenny5_hppa.udeb stable/main/binary-hppa/ppp-modules-2.6.26-2-parisc64-di_1.38lenny5_hppa.udeb stable/main/binary-hppa/crypto-dm-modules-2.6.26-2-parisc64-di_1.38lenny5_hppa.udeb stable/main/binary-hppa/crypto-modules-2.6.26-2-parisc64-di_1.38lenny5_hppa.udeb stable/main/binary-hppa/ide-modules-2.6.26-2-parisc64-di_1.38lenny5_hppa.udeb stable/main/binary-hppa/cdrom-core-modules-2.6.26-2-parisc-di_1.38lenny5_hppa.udeb stable/main/binary-hppa/ipv6-modules-2.6.26-2-parisc-di_1.38lenny5_hppa.udeb stable/main/binary-hppa/nic-modules-2.6.26-2-parisc64-di_1.38lenny5_hppa.udeb stable/main/binary-hppa/input-modules-2.6.26-2-parisc64-di_1.38lenny5_hppa.udeb stable/main/binary-hppa/input-modules-2.6.26-2-parisc-di_1.38lenny5_hppa.udeb stable/main/binary-hppa/md-modules-2.6.26-2-parisc-