Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: opu
Hi RT, In preparation of the upcoming Squeeze point release I've prepared updated versions of ia32-libs and ia32-libs-gtk, as usual. The changelogs are below. Is it ok to upload? Cheers, Thijs ia32-libs (20140630) squeeze-proposed-updates; urgency=low * Packages updated [ cups (1.4.4-7+squeeze4) oldstable-security; urgency=high ] * Backport security fix from cups-filters 1.0.47: pdftoopvp: SECURITY FIX for CVE-2013-6474, CVE-2013-6475, and CVE-2013-6476: Introduction of gmallocn and gmallocn3 to protect against arbitrary code execution with the privileges of the "lp" user via malicious PDF files. Also restrict the directory from where OPVP drivers can get loaded (#741333) [ curl (7.21.0-2.1+squeeze8) squeeze-security; urgency=medium ] * Fix multiple security issues (#742728): - Fix connection re-use when using different log-in credentials as per CVE-2014-0138 http://curl.haxx.se/docs/adv_20140326A.html - Reject IP address wildcard matches as per CVE-2014-0139 http://curl.haxx.se/docs/adv_20140326B.html * Set urgency=high accordingly [ gnutls26 (2.8.6-1+squeeze3) oldstable-security; urgency=high ] * 22_gnutls-2.8.5-cve-2014-0092.patch by Nikos Mavrogiannopoulos: Fix certificate validation issue. CVE-2014-0092 -- Thijs Kinkhorst <th...@debian.org> Mon, 30 Jun 2014 13:45:39 +0200 ia32-libs-gtk (20140630) squeeze-proposed-updates; urgency=low * Packages updated [ pixman (0.16.4-1+deb6u1) squeeze-security; urgency=high ] * pixman_trapezoid_valid(): Fix underflow when bottom is close to MIN_INT Addresses CVE-2013-6425 -- Thijs Kinkhorst <th...@debian.org> Fri, 31 Jan 2014 11:18:31 +0100 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org