Accepted nvidia-graphics-drivers 195.36.31-6squeeze2 (amd64 i386 source)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 17 Aug 2012 00:43:36 +0200 Source: nvidia-graphics-drivers Binary: nvidia-glx nvidia-glx-ia32 nvidia-glx-dev libgl1-nvidia-glx libgl1-nvidia-glx-ia32 nvidia-kernel-dkms nvidia-kernel-source nvidia-libvdpau1 nvidia-libvdpau1-ia32 nvidia-libvdpau-dev nvidia-vdpau-driver nvidia-vdpau-driver-ia32 nvidia-smi libcuda1 libcuda1-ia32 libcuda1-dev libnvidia-compiler libnvidia-compiler-ia32 libnvidia-compiler1 libnvidia-compiler1-ia32 nvidia-opencl-common nvidia-opencl-icd nvidia-opencl-icd-ia32 nvidia-libopencl1 nvidia-libopencl1-ia32 nvidia-libopencl1-dev libgl1-nvidia-alternatives libgl1-nvidia-alternatives-ia32 libglx-nvidia-alternatives Architecture: amd64 i386 source Version: 195.36.31-6squeeze2 Distribution: stable Urgency: low Maintainer: Debian NVIDIA Maintainers Changed-By: Andreas Beckmann Closes: 684781 Description: libcuda1 - NVIDIA CUDA runtime library libcuda1-dev - NVIDIA CUDA development files libcuda1-ia32 - NVIDIA CUDA runtime library (32-bit) libgl1-nvidia-alternatives - simplifies replacing MESA libGL with GPU vendor libraries libgl1-nvidia-alternatives-ia32 - simplifies replacing MESA libGL with GPU vendor libraries (32-bit libgl1-nvidia-glx - NVIDIA binary OpenGL libraries${nvidia:LegacyDesc} libgl1-nvidia-glx-ia32 - NVIDIA binary OpenGL 32-bit libraries${nvidia:LegacyDesc} libglx-nvidia-alternatives - simplifies replacing Xorg module libglx.so with GPU vendor librar libnvidia-compiler - NVIDIA runtime compiler library libnvidia-compiler-ia32 - NVIDIA runtime compiler library (32-bit) libnvidia-compiler1 - NVIDIA runtime compiler library (transitional package) libnvidia-compiler1-ia32 - NVIDIA runtime compiler library (32-bit) (transitional package) nvidia-glx - NVIDIA binary Xorg driver${nvidia:LegacyDesc} nvidia-glx-dev - NVIDIA OpenGL development files (transitional package)${nvidia:Le nvidia-glx-ia32 - NVIDIA binary driver 32-bit libs${nvidia:LegacyDesc} nvidia-kernel-dkms - NVIDIA binary kernel module DKMS source${nvidia:LegacyDesc} nvidia-kernel-source - NVIDIA binary kernel module source${nvidia:LegacyDesc} nvidia-libopencl1 - NVIDIA OpenCL library nvidia-libopencl1-dev - NVIDIA OpenCL development files nvidia-libopencl1-ia32 - NVIDIA OpenCL 32-bit library nvidia-libvdpau-dev - NVIDIA vdpau development files (transitional package) nvidia-libvdpau1 - NVIDIA vdpau libraries (transitional package) nvidia-libvdpau1-ia32 - NVIDIA vdpau 32-bit libraries (transitional package) nvidia-opencl-common - NVIDIA OpenCL driver nvidia-opencl-icd - NVIDIA OpenCL ICD nvidia-opencl-icd-ia32 - NVIDIA OpenCL ICD (32-bit) nvidia-smi - NVIDIA System Management Interface nvidia-vdpau-driver - NVIDIA vdpau driver nvidia-vdpau-driver-ia32 - NVIDIA vdpau 32-bit driver Changes: nvidia-graphics-drivers (195.36.31-6squeeze2) stable; urgency=low . * CVE-2012-4225. (Closes: #684781) Add upstream patch nvidia-blacklist-vga-pmu-registers-195.diff: Fix exploitable local privilege escalation through VGA window manipulation via the device nodes that allows access to arbitrary physical memory. Checksums-Sha1: 8d17d5a4f62c00e5453535fcb13892b9a5ef1463 2438 nvidia-graphics-drivers_195.36.31-6squeeze2.dsc d93fdc9fda34d30fae51b4994fcd29460da69c5c 73361 nvidia-graphics-drivers_195.36.31-6squeeze2.debian.tar.gz 761ad70355671ee644ca89d5809a65d78e1034e5 2938166 nvidia-glx_195.36.31-6squeeze2_i386.deb d04d4ff52475aca1b9697632be850d24d2b75fd1 50220 nvidia-glx-dev_195.36.31-6squeeze2_i386.deb 8064bd037e57aa22d0e4965e498a43238f06cffb 6740286 libgl1-nvidia-glx_195.36.31-6squeeze2_i386.deb 397663d266f9e513013675bc0c146005189ceabb 7137404 nvidia-kernel-dkms_195.36.31-6squeeze2_i386.deb d75aeccd986b0fff7138b540766e6ea9dba4afd3 6477130 nvidia-kernel-source_195.36.31-6squeeze2_i386.deb deaa582bd8fb0512db9bf60b3d8334e583c97b6b 49946 nvidia-libvdpau1_195.36.31-6squeeze2_i386.deb a966dad1ca0923d1996925c47d47c96f9d23d739 49956 nvidia-libvdpau-dev_195.36.31-6squeeze2_i386.deb ce9b5e7ab8f2549829de5055b448a70f442ee49f 998610 nvidia-vdpau-driver_195.36.31-6squeeze2_i386.deb 0b6198b52c7667742a34ad82fd3287e44d7c41d6 79950 nvidia-smi_195.36.31-6squeeze2_i386.deb 366dd855101c7c317ce489941be147f93cff1976 3685010 libcuda1_195.36.31-6squeeze2_i386.deb d310447e4e3ecb4fac4a26e7f0da75d97b50cf2d 59694 libcuda1-dev_195.36.31-6squeeze2_i386.deb 4d9dcb7a0c1de2c9c02b297c07b9afd92b4f7d9e 5931360 libnvidia-compiler_195.36.31-6squeeze2_i386.deb 1f9f81404fc9300592b23bfa1f2810bd9ee6a2d1 49820 libnvidia-compiler1_195.36.31-6squeeze2_i386.deb 054a0a075dbb2d09d65307ebfb38ff29c54c7502 50082 nvidia-opencl-common_195.36.31-6squeeze2_i386.deb c56e39ae2ece554279157c317eccfa6ec0c7987a 49980 nvidia-opencl-icd_195.36.31-6squeeze2_i386.deb 12748efcc8c5bfae0bcf7677a1e2c75ee79edf68 57446 nvidia-libopencl1_195.36.31-6squeeze2_i386.deb ab5f88da96c4dd8c032a59d4f087c75bc60a3273 63264 nvidia-libopencl1-dev_19
Accepted tor 0.2.2.38-1 (source all amd64)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 22 Aug 2012 07:43:32 UTC Source: tor Binary: tor tor-dbg tor-geoipdb Architecture: source all amd64 Version: 0.2.2.38-1 Distribution: stable Urgency: low Maintainer: Peter Palfrader Changed-By: Peter Palfrader Description: tor- anonymizing overlay network for TCP tor-dbg- debugging symbols for Tor tor-geoipdb - geoIP database for Tor Checksums-Sha1: 7b2cd0b3994ea2abe2b51a0c752e440a9d5d5578 1554 tor_0.2.2.38-1.dsc abac1902d301c6bd5d522e4cc81aead3299cf968 2928500 tor_0.2.2.38.orig.tar.gz 495736def59bc87b9f4756820b7b18f95c7af24f 33411 tor_0.2.2.38-1.diff.gz e4da4be5f977bdea242089ba10ab299e9deafe0d 1414796 tor-geoipdb_0.2.2.38-1_all.deb bc488342533e0896116bfcd68f0e71cfe8f86363 1059930 tor_0.2.2.38-1_amd64.deb 17e1f7b2cdb5505ee008d8d688c0078d58529216 1139732 tor-dbg_0.2.2.38-1_amd64.deb Checksums-Sha256: abc156949d5cea11a3279c5f7aa32cde025a40de852c29c6a02f2f19178e91ff 1554 tor_0.2.2.38-1.dsc 8ee32e7fa14ddc1ded299e9c396b5628d473233528c3a22f8bfc7eac9094b4cf 2928500 tor_0.2.2.38.orig.tar.gz 64e3397a5b95ef3783545b0ca37cc362b0b50d98e6a4166de4e9c1372e05c9d1 33411 tor_0.2.2.38-1.diff.gz 4b9a445f519a96b12e6752c2c25cff088eabb9a23be6bfa5cbbe581e31cea2ef 1414796 tor-geoipdb_0.2.2.38-1_all.deb f7329491557b712885101dfbff1df3dcf16948a7e7809e4ef76ba16cdc0c 1059930 tor_0.2.2.38-1_amd64.deb 6ac25ef5a09f3b965c626899bcea0f488863956ead35e8bf3f8a14adc92c3dd3 1139732 tor-dbg_0.2.2.38-1_amd64.deb Changes: tor (0.2.2.38-1) stable; urgency=low . * New upstream version, fixing three security issues, as discussed in #684763: - Avoid an uninitialized memory read when reading a vote or consensus document that has an unrecognized flavor name. This read could lead to a remote crash bug. Fixes bug 6530; bugfix on 0.2.2.6-alpha. [CVE-2012-3518] - Try to leak less information about what relays a client is choosing to a side-channel attacker. Previously, a Tor client would stop iterating through the list of available relays as soon as it had chosen one, thus finishing a little earlier when it picked a router earlier in the list. If an attacker can recover this timing information (nontrivial but not proven to be impossible), they could learn some coarse-grained information about which relays a client was picking (middle nodes in particular are likelier to be affected than exits). The timing attack might be mitigated by other factors (see bug 6537 for some discussion), but it's best not to take chances. Fixes bug 6537; bugfix on 0.0.8rc1. [CVE-2012-3519] * Note that contrary to the upstream release notes and changelog the folloiwng issue is not fixed by this release. Discussion in the upstream bug tracker suggests it is not triggerable in practice. - Avoid read-from-freed-memory and double-free bugs that could occur when a DNS request fails while launching it. Fixes bug 6480; bugfix on 0.2.0.1-alpha. [CVE-2012-3517; https://bugs.torproject.org/6480] Files: 4c8496750c52d874bd992dbc98d0e889 1554 net optional tor_0.2.2.38-1.dsc 91a9dd2c9d7fbd946bda5a13edbe5667 2928500 net optional tor_0.2.2.38.orig.tar.gz 918d403e15f1c88d2f63898b06cd897a 33411 net optional tor_0.2.2.38-1.diff.gz 927aeb9113f2e1055196acde238223ae 1414796 net extra tor-geoipdb_0.2.2.38-1_all.deb 14bc4bfe57f2c459808a836d186c6ebd 1059930 net optional tor_0.2.2.38-1_amd64.deb 1884f011b01c2f12f9708366d231b7a1 1139732 debug extra tor-dbg_0.2.2.38-1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBCAAGBQJQOj/NAAoJEDTSCgbh3sV35akH/AgXHpPdRzId2VMHU1nzRWH7 0iu6wMMtpS49uZJGS6UKa8ugImRdM+lsNKjng9rQ7KqfyPzLIDt8G9too4lN1xLn ns4/WIz/S5eBnft8TjcmtlrZk22i+DGrkrjvVockKZxVDihutTC3V+RniEg2RLMn gSLrbt6u64FLrJuH0LtjgnracpHldgphY7fa2uLmrrkdlNS3kViZ+9a6UqNynmv0 0hdexv3BbDzk+/cZ8sGBphd7IMupc32yCeOf8LbyEhRo1a5phOAC7izWato4uJFe Gv4MFSb+Y3CjoB/duDuq5qlrcfgMPLL6PuFXlycSiKFNF2QuFfTXIzfGCqKR8ro= =9OUW -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-changes-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1t64l2-000182...@franck.debian.org