Accepted blosxom 2.0-14+etch1 (source all)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.7
Date: Mon, 06 Oct 2008 16:01:44 +0200
Source: blosxom
Binary: blosxom
Architecture: source all
Version: 2.0-14+etch1
Distribution: stable
Urgency: high
Maintainer: Pascal Hakim <[EMAIL PROTECTED]>
Changed-By: Gerfried Fuchs <[EMAIL PROTECTED]>
Description:
blosxom- light, feature-packed weblog app with plugin extensibility
Closes: 423441 500873
Changes:
blosxom (2.0-14+etch1) stable; urgency=high
.
* Apply patch to fix Cross-Site Scripting (XSS) vulnerability with respect
to unknown flavours (CVE-2008-2236) (closes: #500873)
* Only use param("-f") if $ENV{GATEWAY_INTERFACE} isn't set
(closes: #423441)
Files:
1967039427f10e01f9d4731e2ceb22a4 621 web optional blosxom_2.0-14+etch1.dsc
8b48b28026847656cd68eda0c2c8bf3d 19727 web optional
blosxom_2.0-14+etch1.diff.gz
eac216663aed042c2ff78c3bd8e9d685 30202 web optional
blosxom_2.0-14+etch1_all.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkjqSnUACgkQELuA/Ba9d8Y8RgCePsF7cvo0xqtvWsMRZUF75A13
AOYAnjPhCyMKf2Av98tnGvlQc7D6v8YM
=wWTb
-END PGP SIGNATURE-
Accepted:
blosxom_2.0-14+etch1.diff.gz
to pool/main/b/blosxom/blosxom_2.0-14+etch1.diff.gz
blosxom_2.0-14+etch1.dsc
to pool/main/b/blosxom/blosxom_2.0-14+etch1.dsc
blosxom_2.0-14+etch1_all.deb
to pool/main/b/blosxom/blosxom_2.0-14+etch1_all.deb
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted jumpnbump 1.50-6+etch1 (source powerpc)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Mon, 06 Oct 2008 18:00:04 +0200 Source: jumpnbump Binary: jumpnbump Architecture: source powerpc Version: 1.50-6+etch1 Distribution: stable Urgency: high Maintainer: Debian Games Team <[EMAIL PROTECTED]> Changed-By: Ansgar Burchardt <[EMAIL PROTECTED]> Description: jumpnbump - cute multiplayer platform game with bunnies Closes: 500611 Changes: jumpnbump (1.50-6+etch1) stable; urgency=high . * Update for etch to address a security issue. * Fix insecure handling of /tmp (Closes: #500611) * Set Maintainer to Debian Games Team, add Francois Marier and myself as Uploaders (same as in unstable) Files: 252cffd102bcde37e7078a6fa357b01e 794 games optional jumpnbump_1.50-6+etch1.dsc d7988bcdab400a4e9e15ef101f2275b1 13598 games optional jumpnbump_1.50-6+etch1.diff.gz eea1a892ddb52bb259d071a725f62a5b 311750 games optional jumpnbump_1.50-6+etch1_powerpc.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkjqShkACgkQELuA/Ba9d8Y+YACgr9CzxQHNjVCA6m9b/czBU3NE 8YkAniZkSvriu6CTGNaAtjsY3HAEaCu0 =VxKH -END PGP SIGNATURE- Accepted: jumpnbump_1.50-6+etch1.diff.gz to pool/main/j/jumpnbump/jumpnbump_1.50-6+etch1.diff.gz jumpnbump_1.50-6+etch1.dsc to pool/main/j/jumpnbump/jumpnbump_1.50-6+etch1.dsc jumpnbump_1.50-6+etch1_powerpc.deb to pool/main/j/jumpnbump/jumpnbump_1.50-6+etch1_powerpc.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted squid 2.6.5-6etch4 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Tue, 7 Oct 2008 12:47:25 -0700 Source: squid Binary: squid squid-cgi squidclient squid-common Architecture: source amd64 all Version: 2.6.5-6etch4 Distribution: stable-security Urgency: high Maintainer: Luigi Gangitano <[EMAIL PROTECTED]> Changed-By: Devin Carraway <[EMAIL PROTECTED]> Description: squid - Internet Object Cache (WWW proxy cache) squid-cgi - Squid cache manager CGI program squid-common - Internet Object Cache (WWW proxy cache) - common file squidclient - Command line URL extractor that talks to (a) squid Changes: squid (2.6.5-6etch4) stable-security; urgency=high . * Non-maintainer upload by the security team. * Actually apply debian/patches/59-dos-cache-update-2.dpatch in the build. Thanks to Christoph Biedl for the catch. Files: 6e919d707f76cb9d991744834369b876 669 web optional squid_2.6.5-6etch4.dsc 54c814d93e2976176d0389bf22fb216a 273381 web optional squid_2.6.5-6etch4.diff.gz 46d12b52f401fcb70f7d951d66c5dade 437254 web optional squid-common_2.6.5-6etch4_all.deb 5c9d16bfc10bd4fedb2f9eb61c9395ca 709000 web optional squid_2.6.5-6etch4_amd64.deb dafc6a156fc1f80f91a3d11a50183c02 86346 web optional squidclient_2.6.5-6etch4_amd64.deb 8334a79c13f1865c37f0e0897b7acbaf 116724 web optional squid-cgi_2.6.5-6etch4_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFI7afrU5XKDemr/NIRAgcHAKDtRjffYezMV3zd2Vr7w6g9E4zFugCg6B8X 9FHoGrpuKQkw+quRybt3tFM= =pFJG -END PGP SIGNATURE- Accepted: squid-cgi_2.6.5-6etch4_amd64.deb to pool/main/s/squid/squid-cgi_2.6.5-6etch4_amd64.deb squid-common_2.6.5-6etch4_all.deb to pool/main/s/squid/squid-common_2.6.5-6etch4_all.deb squid_2.6.5-6etch4.diff.gz to pool/main/s/squid/squid_2.6.5-6etch4.diff.gz squid_2.6.5-6etch4.dsc to pool/main/s/squid/squid_2.6.5-6etch4.dsc squid_2.6.5-6etch4_amd64.deb to pool/main/s/squid/squid_2.6.5-6etch4_amd64.deb squidclient_2.6.5-6etch4_amd64.deb to pool/main/s/squid/squidclient_2.6.5-6etch4_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted feta 1.4.15+etch1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Wed, 1 Oct 2008 21:02:48 + Source: feta Binary: feta Architecture: source all Version: 1.4.15+etch1 Distribution: stable-security Urgency: high Maintainer: Debian QA Group <[EMAIL PROTECTED]> Changed-By: Moritz Muehlenhoff <[EMAIL PROTECTED]> Description: feta - simpler interface to APT, dpkg, and other package tools Changes: feta (1.4.15+etch1) stable-security; urgency=high . * Non-maintainer upload by the Security Team * Fix insecure temp file usage in to-upgrade plugin Files: 87c8cdfc722b149eefc2c4cc1e05c868 545 admin optional feta_1.4.15+etch1.dsc 27b5bc566e7f42a5b79dd8ef67013b8d 52134 admin optional feta_1.4.15+etch1.tar.gz 8133fddc8dc30973c5fcb3368292b1fb 47708 admin optional feta_1.4.15+etch1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFI4+W3Xm3vHE4uyloRAoTFAJ9vR7jNFka+JJQz/584gDdhwWAODQCgrYkJ SLiNK6dcfYdfGQMruvz1aSM= =0r5d -END PGP SIGNATURE- Accepted: feta_1.4.15+etch1.dsc to pool/main/f/feta/feta_1.4.15+etch1.dsc feta_1.4.15+etch1.tar.gz to pool/main/f/feta/feta_1.4.15+etch1.tar.gz feta_1.4.15+etch1_all.deb to pool/main/f/feta/feta_1.4.15+etch1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted myspell 1:3.0+pre3.1-18etch1 (source amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 05 Oct 2008 00:15:40 +0200 Source: myspell Binary: libmyspell3c2 libmyspell-dev Architecture: source amd64 Version: 1:3.0+pre3.1-18etch1 Distribution: stable Urgency: high Maintainer: Debian OpenOffice Team <[EMAIL PROTECTED]> Changed-By: Rene Engelhard <[EMAIL PROTECTED]> Description: libmyspell-dev - MySpell spellchecking library development files libmyspell3c2 - MySpell spellchecking library Closes: 496392 Changes: myspell (1:3.0+pre3.1-18etch1) stable; urgency=high . * fix insecure temp file usage, thanks Thijs Kinkhorst and Agustin Martin Domingo(closes: #496392); update 09_numbers.dpatch Files: 5384e5b5f732d1468cbee86234ca0bd6 723 devel optional myspell_3.0+pre3.1-18etch1.dsc e12be183c4e684035b61d93a3676ab43 16454 devel optional myspell_3.0+pre3.1-18etch1.diff.gz ef3c7e0932a4ab0ec1eb85629de2e5d7 88960 libdevel optional libmyspell-dev_3.1-18etch1_amd64.deb d7ad8b415a97c5c39f8276caa487df07 27576 libs optional libmyspell3c2_3.1-18etch1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFI5+3p+FmQsCSK63MRAsTcAJ4nfLJ/90SyjXWSP5TAsGQsEuO0egCfVcsS sydpqXY8WsU3HwsgwaQSSvo= =siQl -END PGP SIGNATURE- Accepted: libmyspell-dev_3.1-18etch1_amd64.deb to pool/main/m/myspell/libmyspell-dev_3.1-18etch1_amd64.deb libmyspell3c2_3.1-18etch1_amd64.deb to pool/main/m/myspell/libmyspell3c2_3.1-18etch1_amd64.deb myspell_3.0+pre3.1-18etch1.diff.gz to pool/main/m/myspell/myspell_3.0+pre3.1-18etch1.diff.gz myspell_3.0+pre3.1-18etch1.dsc to pool/main/m/myspell/myspell_3.0+pre3.1-18etch1.dsc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted dist 3.70-31etch1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Mon, 06 Oct 2008 18:05:47 -0500 Source: dist Binary: dist Architecture: source all Version: 3.70-31etch1 Distribution: stable Urgency: high Maintainer: Manoj Srivastava <[EMAIL PROTECTED]> Changed-By: Manoj Srivastava <[EMAIL PROTECTED]> Description: dist - Tools for developing, maintaining and distributing software. Changes: dist (3.70-31etch1) stable; urgency=high . * Backport patches from the Lenny version to fix security issues. If a script uses a temp file which is created in /tmp, then an attacker can create symlink with the same name in this directory in order to destroy or rewrite some system or user files. Symlink attack may also lead not only to the data desctruction but to denial of service as well. Creating files with rand or pid to randomize the file names is not adequate to protect the system. We now use File::Temp to safely create the temporary files as needed. This closes a grave bug. There are no code changes in this version, apart from the bug fix. #496412. Files: 494f8a1fa667cd8b2c14afbb2ab12a2d 590 devel optional dist_3.70-31etch1.dsc 3a7b82e6661fd1b686ed0fe04d9dc3fe 31345 devel optional dist_3.70-31etch1.diff.gz 5f56a5c8ad408f07d50320e951822f35 554194 devel optional dist_3.70-31etch1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkjqnMAACgkQIbrau78kQkxQ/wCgpEmN5eFwU8vnLte89bgzOkJx +4AAoLqt+e+NNLoZ0Szmq3SSeufkwob7 =v6uz -END PGP SIGNATURE- Accepted: dist_3.70-31etch1.diff.gz to pool/main/d/dist/dist_3.70-31etch1.diff.gz dist_3.70-31etch1.dsc to pool/main/d/dist/dist_3.70-31etch1.dsc dist_3.70-31etch1_all.deb to pool/main/d/dist/dist_3.70-31etch1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted mon 0.99.2-9+etch2 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Mon, 06 Oct 2008 14:16:39 +0200 Source: mon Binary: mon Architecture: source i386 Version: 0.99.2-9+etch2 Distribution: stable-security Urgency: high Maintainer: Debian QA Group <[EMAIL PROTECTED]> Changed-By: Steffen Joeris <[EMAIL PROTECTED]> Description: mon- monitor hosts/services/whatever and alert about problems Changes: mon (0.99.2-9+etch2) stable-security; urgency=high . * Non-maintainer upload by the security team * Make sure to use /var/log/mon/ for logging, since it runs under the daemon user by default and would otherwise lack permissions Files: 777a64c7f02bb12ed424f0cc2ca74b09 660 admin extra mon_0.99.2-9+etch2.dsc 2a0d34cd493abc10042bf05d2271a55b 166255 admin extra mon_0.99.2.orig.tar.gz 21156aea6f48d98eaab3b43e42a062b1 17561 admin extra mon_0.99.2-9+etch2.diff.gz 96745e69e7720b72d50f35f60a837e9b 178842 admin extra mon_0.99.2-9+etch2_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkjqCAIACgkQ62zWxYk/rQeA9ACgh6c4S3l5moSwMyGW8lxXEV++ a1AAoK7cxjFHKOd8OQNCEZ7bC7k2ZTzk =yJMs -END PGP SIGNATURE- Accepted: mon_0.99.2-9+etch2.diff.gz to pool/main/m/mon/mon_0.99.2-9+etch2.diff.gz mon_0.99.2-9+etch2.dsc to pool/main/m/mon/mon_0.99.2-9+etch2.dsc mon_0.99.2-9+etch2_i386.deb to pool/main/m/mon/mon_0.99.2-9+etch2_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted libpam-pwdfile 0.99-3etch1 (source i386)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.7
Date: Thu, 25 Sep 2008 12:48:47 +0200
Source: libpam-pwdfile
Binary: libpam-pwdfile
Architecture: source i386
Version: 0.99-3etch1
Distribution: stable
Urgency: low
Maintainer: Greg Norris <[EMAIL PROTECTED]>
Changed-By: Peter Palfrader <[EMAIL PROTECTED]>
Description:
libpam-pwdfile - PAM module allowing authentication via an /etc/passwd-like
file
Closes: 499203
Changes:
libpam-pwdfile (0.99-3etch1) stable; urgency=low
.
* Non-maintainer upload.
* Link using gcc instead of ld (closes: #499203).
* Mark the pam_sm_* functions as __attribute__((visibility("default"))) and
build with -fvisibility=hidden.
Files:
03395c2d87c83f5c767e002397fdf58d 595 admin extra libpam-pwdfile_0.99-3etch1.dsc
c4b0d37c0d463384e10a78cb82c04265 3890 admin extra
libpam-pwdfile_0.99-3etch1.diff.gz
b195eb928fa9c7b397167c7433271dc2 15296 admin extra
libpam-pwdfile_0.99-3etch1_i386.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFI23Atz/ccs6+kS90RAtP5AJ0W3H+O2dNIhZhBHMdDaTmosdlKXwCgjj69
aKIjTZuWWULDSGZ3Qkk++D4=
=1rwj
-END PGP SIGNATURE-
Accepted:
libpam-pwdfile_0.99-3etch1.diff.gz
to pool/main/libp/libpam-pwdfile/libpam-pwdfile_0.99-3etch1.diff.gz
libpam-pwdfile_0.99-3etch1.dsc
to pool/main/libp/libpam-pwdfile/libpam-pwdfile_0.99-3etch1.dsc
libpam-pwdfile_0.99-3etch1_i386.deb
to pool/main/libp/libpam-pwdfile/libpam-pwdfile_0.99-3etch1_i386.deb
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted irqbalance 0.12-7etch1 (source i386)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Fri, 03 Oct 2008 10:09:14 +0200 Source: irqbalance Binary: irqbalance Architecture: source i386 Version: 0.12-7etch1 Distribution: stable Urgency: low Maintainer: Eric Dorland <[EMAIL PROTECTED]> Changed-By: Peter Palfrader <[EMAIL PROTECTED]> Description: irqbalance - Balances irq's for SMP systems Closes: 500985 Changes: irqbalance (0.12-7etch1) stable; urgency=low . * Non maintainer upload. * irqbalance would segfault on startup when /proc/interrupts contains an interrupt with a number of 256 or larger, since internally it stored data in a fixed-length array. Newer versions (say 0.55) have replaced the data structure with a list so this is fixed there. For now we just skip interrupts with such high numbers, since it's the least invasive approach during the stable cycle (closes: #500985). Files: 22e509a1f923f567e1f4b6485f28a378 586 utils extra irqbalance_0.12-7etch1.dsc 976331fd841c32e869c0c2fd824a3b1e 10888 utils extra irqbalance_0.12-7etch1.diff.gz 540fc7b88ab32d459906fec94f79cfdb 16072 utils extra irqbalance_0.12-7etch1_i386.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFI5dQ7z/ccs6+kS90RAkd+AJ42bFlNLQQQCqL63/FNsArrOZtW8gCfRKbl nyMnEbugo/WUkg6qXuh2Bik= =+v1T -END PGP SIGNATURE- Accepted: irqbalance_0.12-7etch1.diff.gz to pool/main/i/irqbalance/irqbalance_0.12-7etch1.diff.gz irqbalance_0.12-7etch1.dsc to pool/main/i/irqbalance/irqbalance_0.12-7etch1.dsc irqbalance_0.12-7etch1_i386.deb to pool/main/i/irqbalance/irqbalance_0.12-7etch1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted postgresql-8.1 8.1.13-0etch1 (source i386 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Mon, 09 Jun 2008 19:02:17 +0200 Source: postgresql-8.1 Binary: postgresql-8.1 postgresql-pltcl-8.1 postgresql-plperl-8.1 libpgtypes2 libpq-dev libpq4 postgresql-doc-8.1 postgresql-plpython-8.1 libecpg5 libecpg-compat2 libecpg-dev postgresql-client-8.1 postgresql-contrib-8.1 postgresql-server-dev-8.1 Architecture: source i386 all Version: 8.1.13-0etch1 Distribution: stable Urgency: low Maintainer: Martin Pitt <[EMAIL PROTECTED]> Changed-By: Martin Pitt <[EMAIL PROTECTED]> Description: libecpg-compat2 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg5 - run-time library for ECPG programs libpgtypes2 - shared library libpgtypes for PostgreSQL 8.1 libpq-dev - header files for libpq4 (PostgreSQL library) libpq4 - PostgreSQL C client library postgresql-8.1 - object-relational SQL database, version 8.1 server postgresql-client-8.1 - front-end programs for PostgreSQL 8.1 postgresql-contrib-8.1 - additional facilities for PostgreSQL postgresql-doc-8.1 - documentation for the PostgreSQL database management system postgresql-plperl-8.1 - PL/Perl procedural language for PostgreSQL 8.1 postgresql-plpython-8.1 - PL/Python procedural language for PostgreSQL 8.1 postgresql-pltcl-8.1 - PL/Tcl procedural language for PostgreSQL 8.1 postgresql-server-dev-8.1 - development files for PostgreSQL 8.1 server-side programming Changes: postgresql-8.1 (8.1.13-0etch1) stable; urgency=low . * New upstream bugfix release (please note that 8.1.12 was never released, due to the discovery of another major bug): - Make "ALTER AGGREGATE ... OWNER TO" update pg_shdepend. This oversight could lead to problems if the aggregate was later involved in a "DROP OWNED" or "REASSIGN OWNED" operation. - Fix "ALTER TABLE ADD COLUMN ... PRIMARY KEY" so that the new column is correctly checked to see if it's been initialized to all non-nulls. Previous versions neglected to check this requirement at all. - Fix possible "CREATE TABLE" failure when inheriting the "same" constraint from multiple parent relations that inherited that constraint from a common ancestor. - Fix conversions between ISO-8859-5 and other encodings to handle Cyrillic "Yo" characters (e and E with two dots). - Fix a few datatype input functions that were allowing unused bytes in their results to contain uninitialized, unpredictable values. This could lead to failures in which two apparently identical literal values were not seen as equal, resulting in the parser complaining about unmatched ORDER BY and DISTINCT expressions. - Fix a corner case in regular-expression substring matching. - Fix incorrect result from ecpg's PGTYPEStimestamp_sub() function. - Fix core dump in "contrib/xml2"'s xpath_table() function when the input query returns a NULL value. - Fix longstanding "LISTEN"/"NOTIFY" race condition. In rare cases a session that had just executed a "LISTEN" might not get a notification, even though one would be expected because the concurrent transaction executing "NOTIFY" was observed to commit later. A side effect of the fix is that a transaction that has executed a not-yet-committed "LISTEN" command will not see any row in pg_listener for the "LISTEN", should it choose to look; formerly it would have. This behavior was never documented one way or the other, but it is possible that some applications depend on the old behavior. - Disallow "LISTEN" and "UNLISTEN" within a prepared transaction. This was formerly allowed but trying to do it had various unpleasant consequences, notably that the originating backend could not exit as long as an "UNLISTEN" remained uncommitted. - Fix rare crash when an error occurs during a query using a hash index. - Fix input of datetime values for February 29 in years BC. The former coding was mistaken about which years were leap years. - Fix "unrecognized node type" error in some variants of "ALTER OWNER". - Fix pg_ctl to correctly extract the postmaster's port number from command-line options. Previously, pg_ctl start -w could try to contact the postmaster on the wrong port, leading to bogus reports of startup failure. - Fix display of constant expressions in ORDER BY and GROUP BY. An explictly casted constant would be shown incorrectly. This could for example lead to corruption of a view definition during dump and reload. - Fix libpq to handle NOTICE messages correctly during COPY OUT. This failure has only been observed to occur when a user-defined datatype's output routine issues a
Accepted tzdata 2008e-1etch2 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Mon, 06 Oct 2008 13:48:00 +0200 Source: tzdata Binary: tzdata Architecture: source all Version: 2008e-1etch2 Distribution: stable Urgency: low Maintainer: Aurelien Jarno <[EMAIL PROTECTED]> Changed-By: Aurelien Jarno <[EMAIL PROTECTED]> Description: tzdata - Time Zone and Daylight Saving Time Data Closes: 501169 Changes: tzdata (2008e-1etch2) stable; urgency=low . * Fix Argentinian timezone wrt DST. Closes: #501169 Files: f9742dc26c6c97d7f39238ddde5cb19a 875 libs required tzdata_2008e-1etch2.dsc f6c8029ecad8aa852637ff105059c263 4643 libs required tzdata_2008e-1etch2.diff.gz 490a4d32a1c2a7c9c1c120d7398e3dc6 353040 libs required tzdata_2008e-1etch2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFI6fvnw3ao2vG823MRAkjgAJ9ExHG7wdGgeHE+dYZYHlFGrD9VnQCfZyga 7hILBSmE91ASfiKoB0CoMwM= =dbo+ -END PGP SIGNATURE- Accepted: tzdata_2008e-1etch2.diff.gz to pool/main/t/tzdata/tzdata_2008e-1etch2.diff.gz tzdata_2008e-1etch2.dsc to pool/main/t/tzdata/tzdata_2008e-1etch2.dsc tzdata_2008e-1etch2_all.deb to pool/main/t/tzdata/tzdata_2008e-1etch2_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted mplayer 1.0~rc1-12etch5 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Mon, 29 Sep 2008 12:27:01 +0200 Source: mplayer Binary: mplayer-doc mplayer Architecture: source amd64 all Version: 1.0~rc1-12etch5 Distribution: stable-security Urgency: high Maintainer: A Mennucc1 <[EMAIL PROTECTED]> Changed-By: Devin Carraway <[EMAIL PROTECTED]> Description: mplayer- The Movie Player mplayer-doc - documentation for MPlayer Changes: mplayer (1.0~rc1-12etch5) stable-security; urgency=high . * Non-maintainer upload by the security team. Thanks to A Mennucc1 for preparing the fix. * fix oCERT-2008-013 Mplayer real demuxer heap. Thanks to Felipe Andres Manzano, Andrea Barisani, Steffen Joeris, Reimar Döffinger. Files: b270973c3ce8e7fbfca6f9cd3eb66425 1265 graphics optional mplayer_1.0~rc1-12etch5.dsc cd099ed406a7c844930c9887d8982a52 86658 graphics optional mplayer_1.0~rc1-12etch5.diff.gz 17e990bdca10c40756b82a9dc5a2e265 2047298 graphics optional mplayer-doc_1.0~rc1-12etch5_all.deb 98533d1a687b80c2e0986150f8ce8236 4370114 graphics optional mplayer_1.0~rc1-12etch5_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFI4IovU5XKDemr/NIRAq7oAJ9FxSWDCNGcGQ+KnOOpMKYLniKrnwCfaoad q+tv9RIRycB5pICqsPEVZjk= =eiNO -END PGP SIGNATURE- Accepted: mplayer-doc_1.0~rc1-12etch5_all.deb to pool/main/m/mplayer/mplayer-doc_1.0~rc1-12etch5_all.deb mplayer_1.0~rc1-12etch5.diff.gz to pool/main/m/mplayer/mplayer_1.0~rc1-12etch5.diff.gz mplayer_1.0~rc1-12etch5.dsc to pool/main/m/mplayer/mplayer_1.0~rc1-12etch5.dsc mplayer_1.0~rc1-12etch5_amd64.deb to pool/main/m/mplayer/mplayer_1.0~rc1-12etch5_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted squid 2.6.5-6etch2 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 5 Oct 2008 14:04:01 -0700 Source: squid Binary: squid squid-cgi squidclient squid-common Architecture: source amd64 all Version: 2.6.5-6etch2 Distribution: stable-security Urgency: high Maintainer: Luigi Gangitano <[EMAIL PROTECTED]> Changed-By: Devin Carraway <[EMAIL PROTECTED]> Description: squid - Internet Object Cache (WWW proxy cache) squid-cgi - Squid cache manager CGI program squid-common - Internet Object Cache (WWW proxy cache) - common file squidclient - Command line URL extractor that talks to (a) squid Changes: squid (2.6.5-6etch2) stable-security; urgency=high . * Non-maintainer upload by the security team. * debian/patches/59-dos-cache-update-2.dpatch -- Added upstream patch to fix DoS vulnerability introduced in upstream's fix for CVE-2007-6239. At worst, this weakness could be exploited by authorized clients to induce a crash in the squid server (Ref: CVE-2008-1612). Files: b1726dce2c7eea1e010906ea38bf072c 669 web optional squid_2.6.5-6etch2.dsc a50f26f9efdb5a4cecb924079a7acfb9 273482 web optional squid_2.6.5-6etch2.diff.gz 8bc777de8a4c48c8bf97b549f623c3b4 437244 web optional squid-common_2.6.5-6etch2_all.deb e8742c13712128d60a771644ebba83c4 708968 web optional squid_2.6.5-6etch2_amd64.deb 6f3e9c710fd34f6e6dc73f59dd08305f 86296 web optional squidclient_2.6.5-6etch2_amd64.deb a5cd8cc313c0ac1b029465ea20e4f545 116682 web optional squid-cgi_2.6.5-6etch2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFI6TLOU5XKDemr/NIRAqZGAJ9JSGVAAG7t561I/E64ntisw5vcIACeIPre mS1HV3hX5cW9SeDDgzlTYwU= =8ufG -END PGP SIGNATURE- Accepted: squid-cgi_2.6.5-6etch2_amd64.deb to pool/main/s/squid/squid-cgi_2.6.5-6etch2_amd64.deb squid-common_2.6.5-6etch2_all.deb to pool/main/s/squid/squid-common_2.6.5-6etch2_all.deb squid_2.6.5-6etch2.diff.gz to pool/main/s/squid/squid_2.6.5-6etch2.diff.gz squid_2.6.5-6etch2.dsc to pool/main/s/squid/squid_2.6.5-6etch2.dsc squid_2.6.5-6etch2_amd64.deb to pool/main/s/squid/squid_2.6.5-6etch2_amd64.deb squidclient_2.6.5-6etch2_amd64.deb to pool/main/s/squid/squidclient_2.6.5-6etch2_amd64.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted php5 5.2.0-8+etch13 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Tue, 30 Sep 2008 20:19:42 +0200 Source: php5 Binary: php5-gd php5-ldap php5 php5-xmlrpc php5-pspell libapache2-mod-php5 php5-xsl php5-cgi php-pear php5-tidy php5-pgsql php5-cli php5-recode php5-mhash php5-sybase php5-curl php5-odbc php5-mcrypt php5-mysql php5-common php5-imap php5-snmp php5-dev php5-sqlite libapache-mod-php5 php5-interbase Architecture: source amd64 all Version: 5.2.0-8+etch13 Distribution: stable-security Urgency: high Maintainer: Debian PHP Maintainers <[EMAIL PROTECTED]> Changed-By: Sean Finney <[EMAIL PROTECTED]> Description: libapache-mod-php5 - server-side, HTML-embedded scripting language (apache 1.3 module) libapache2-mod-php5 - server-side, HTML-embedded scripting language (apache 2 module) php-pear - PEAR - PHP Extension and Application Repository php5 - server-side, HTML-embedded scripting language (meta-package) php5-cgi - server-side, HTML-embedded scripting language (CGI binary) php5-cli - command-line interpreter for the php5 scripting language php5-common - Common files for packages built from the php5 source php5-curl - CURL module for php5 php5-dev - Files for PHP5 module development php5-gd- GD module for php5 php5-imap - IMAP module for php5 php5-interbase - interbase/firebird module for php5 php5-ldap - LDAP module for php5 php5-mcrypt - MCrypt module for php5 php5-mhash - MHASH module for php5 php5-mysql - MySQL module for php5 php5-odbc - ODBC module for php5 php5-pgsql - PostgreSQL module for php5 php5-pspell - pspell module for php5 php5-recode - recode module for php5 php5-snmp - SNMP module for php5 php5-sqlite - SQLite module for php5 php5-sybase - Sybase / MS SQL Server module for php5 php5-tidy - tidy module for php5 php5-xmlrpc - XML-RPC module for php5 php5-xsl - XSL module for php5 Closes: 499987 499988 499989 Changes: php5 (5.2.0-8+etch13) stable-security; urgency=high . * Upload to etch for security issues * The following security issues are addressed with this update: - CVE-2008-3658: Buffer overflow in the imageloadfont function. Patch: 140-CVE-2008-3658.patch (closes: #499989) - CVE-2008-3659: Buffer overflow in the memnstr function. Patch: 139-CVE-2008-3659.patch (closes: #499988) - CVE-2008-3660: Remote DoS in fastcgi module Patch: CVE-2008-3660.patch (closes: #499987) * Revert previous security patch for CVE-2008-2829. A fix for this will not be possible without an updated version of the UW c-client libraries. Files: 8ba966963b8c4b37ea56d0cef80e7039 1978 web optional php5_5.2.0-8+etch13.dsc 10f6d3ac9ecccb7373f40c0d99cdf43f 121493 web optional php5_5.2.0-8+etch13.diff.gz 9e1a1da6055242b0d001f4c9ff0b1f7d 218156 web optional php5-common_5.2.0-8+etch13_amd64.deb 52db652f6553a9d85e20a5f02675a6f5 2510644 web optional libapache-mod-php5_5.2.0-8+etch13_amd64.deb 5590d5644b1cbbcbb1c96c06b387d605 2511216 web optional libapache2-mod-php5_5.2.0-8+etch13_amd64.deb c2d801cdaf7781dc896faf04a5105d3f 4864388 web optional php5-cgi_5.2.0-8+etch13_amd64.deb 67b28d07935c3d1f5360b5e1bbe5a8c1 2452484 web optional php5-cli_5.2.0-8+etch13_amd64.deb 5bc06af75f92bdc8003100ec6d9d3431 345886 devel optional php5-dev_5.2.0-8+etch13_amd64.deb c6636b1548c75a08102f51db0d527c00 24988 web optional php5-curl_5.2.0-8+etch13_amd64.deb 5dd902475c072d734052582c6f7d2e85 37120 web optional php5-gd_5.2.0-8+etch13_amd64.deb eaaf935241a1563d73f81a6821a3167a 36718 web optional php5-imap_5.2.0-8+etch13_amd64.deb d319c606452d700520bc07b24d49a35e 46612 web optional php5-interbase_5.2.0-8+etch13_amd64.deb d9a29cf09beae75e0d3aac598c960ce3 18664 web optional php5-ldap_5.2.0-8+etch13_amd64.deb ef48390d507f03c8fc6d028f77f1c61b 13488 web optional php5-mcrypt_5.2.0-8+etch13_amd64.deb 5b029983cc69277132bc6fb2e08695df 5256 web optional php5-mhash_5.2.0-8+etch13_amd64.deb 5b90295ca27a76a4f92d15cb95595547 71658 web optional php5-mysql_5.2.0-8+etch13_amd64.deb 273edb825157240950c36d0331836787 36404 web optional php5-odbc_5.2.0-8+etch13_amd64.deb d2331ea1c49360119dab7ad436b08105 53946 web optional php5-pgsql_5.2.0-8+etch13_amd64.deb dce351f52fd523687a9cd79e1fac9484 9400 web optional php5-pspell_5.2.0-8+etch13_amd64.deb 82aba5bf571bb3baeadc877428e23c5a 4900 web optional php5-recode_5.2.0-8+etch13_amd64.deb 497ad75dcae62d70eca61838b58674aa 12062 web optional php5-snmp_5.2.0-8+etch13_amd64.deb 863ce9407e2bb11139a21a367e4dd9e3 38568 web optional php5-sqlite_5.2.0-8+etch13_amd64.deb f628b370883ff7550045487c310b8bf9 19436 web optional php5-sybase_5.2.0-8+etch13_amd64.deb 586e2d9a90258e2748178c32e59bbd72 17568 web optional php5-tidy_5.2.0-8+etch13_amd64.deb 594d974c37abc09838b2ae6aad029a40 39158 web optional php5-xmlrpc_5.2.0-8+etch13_amd64.deb 72d9b79013abf3ce74a3c56fd90c1dc0 13030 web optional php5-xsl_5.2.0-8+etch13_amd64.deb f2233a4fe8d7bf941738e152a9f59871 1048 web optional php5_5.2
