Accepted qemu-kvm 1.1.2+dfsg-6+deb7u12 (source amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 01 Feb 2016 23:53:18 +0300 Source: qemu-kvm Binary: qemu-kvm qemu-kvm-dbg kvm Architecture: source amd64 Version: 1.1.2+dfsg-6+deb7u12 Distribution: wheezy-security Urgency: high Maintainer: Michael Tokarev Changed-By: Michael Tokarev Description: kvm- dummy transitional package from kvm to qemu-kvm qemu-kvm - Full virtualization on x86 hardware qemu-kvm-dbg - Debugging info for qemu-kvm Closes: 799452 806373 806741 806742 808130 808144 810519 810527 811201 Changes: qemu-kvm (1.1.2+dfsg-6+deb7u12) wheezy-security; urgency=high . * applied 3 patches from upstream to fix virtio-net possible remote DoS (Closes: #799452 CVE-2015-7295) * pcnet-add-check-to-validate-receive-data-size-CVE-2015-7504.patch (Closes: #806742, CVE-2015-7504) * pcnet-fix-rx-buffer-overflow-CVE-2015-7512.patch (Closes: #806741, CVE-2015-7512) * eepro100-prevent-two-endless-loops-CVE-2015-8345.patch (Closes: #806373, CVE-2015-8345) * vnc-avoid-floating-point-exception-CVE-2015-8504.patch (Closes: #808130, CVE-2015-8504) * ehci-make-idt-processing-more-robust-CVE-2015-8558.patch (Closes: #808144, CVE-2015-8558) * net-ne2000-fix-bounds-check-in-ioport-operations-CVE-2015-8743.patch (Closes: #810519, CVE-2015-8743) * ide-ahci-reset-ncq-object-to-unused-on-error-CVE-2016-1568.patch (Closes: #810527, CVE-2016-1568) * fw_cfg-add-check-to-validate-current-entry-value-CVE-2016-1714.patch (Closes: CVE-2016-1714) * i386-avoid-null-pointer-dereference-CVE-2016-1922.patch (Closes: #811201, CVE-2016-1922) Checksums-Sha1: d4538c4f85783793c947cdc432f1dea179d8f46e 2141 qemu-kvm_1.1.2+dfsg-6+deb7u12.dsc 62b0ec7f261463d5ccd18f1b3cf9c6acdb4f2097 116561 qemu-kvm_1.1.2+dfsg-6+deb7u12.debian.tar.gz f6e8e1247549bc51e47dff0dc4f48b24d8e4d95c 1681396 qemu-kvm_1.1.2+dfsg-6+deb7u12_amd64.deb 9d9fcea3292a044e64953d9de999308524cfc7b5 5274642 qemu-kvm-dbg_1.1.2+dfsg-6+deb7u12_amd64.deb 48bab6462ebb9831dc04692d5b1146fb535843ff 25186 kvm_1.1.2+dfsg-6+deb7u12_amd64.deb Checksums-Sha256: 64beb4e6f29513979b48deb3932d826b457c25358011048b3c090d5682152bd8 2141 qemu-kvm_1.1.2+dfsg-6+deb7u12.dsc c10c5304d6e227f8e6090c3f77d2cc4368bde3c6710ee4f0cdd1963193dadaaa 116561 qemu-kvm_1.1.2+dfsg-6+deb7u12.debian.tar.gz bf8c0218e27ac52cca0d69be470a422caa49b27007c09b71ae4fe532e9ab5791 1681396 qemu-kvm_1.1.2+dfsg-6+deb7u12_amd64.deb 105d76435eb2cbc242c24c0cf9b0379699f56b0766c087f690e14e2919d0dcb3 5274642 qemu-kvm-dbg_1.1.2+dfsg-6+deb7u12_amd64.deb 2a7871dd81cd3ffe4d826c06e8df503ce5993137fdbbe7d9d03efa44aa719dac 25186 kvm_1.1.2+dfsg-6+deb7u12_amd64.deb Files: 144ef48116fcaf60b920412a1658994b 2141 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u12.dsc 6c1789caffb3fad07ae93d02dd7415dc 116561 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u12.debian.tar.gz 34cce6c5bed1c1658e71e2618a42547b 1681396 misc optional qemu-kvm_1.1.2+dfsg-6+deb7u12_amd64.deb 4392245f14166fdae50dbfbaa5fb02ce 5274642 debug extra qemu-kvm-dbg_1.1.2+dfsg-6+deb7u12_amd64.deb 221a8847104fb9f9cea071330a79fbae 25186 oldlibs extra kvm_1.1.2+dfsg-6+deb7u12_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJWr8h6AAoJEL7lnXSkw9fbLt0H/2vgCcpm3suUaUsdZJZhifl/ fbgzYO25aFZ9yEdnz+/MLpXmXS4IvrD8gy4D+7a6HvoN6B8TLOgdGdpdvmlMXcDB +/buijAtLHWQVl7F/lugVXUHMpPB8Yas7NTvH33Q1j/YNeznc1U70fTZKCz6oLYd YfaRI0tEaPpnK9gG4LJfQotpzoKhYNtJrrcif3svKlOhGYHwrYVHdM1N64f1taph IkK4bpwwp5P3AWLeDzJF9ifpb635gwUr5G+yojnZggj/IZuIJS4Ibw/nMUrGbMT5 mgn24j1d7SMv/jbVpXCdtljtDfjU25zJBFY9Lna6D31yqzRHe7yd5ukoEct6u9A= =56BX -END PGP SIGNATURE-
Accepted wordpress 3.6.1+dfsg-1~deb7u10 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 06 Feb 2016 15:40:51 +1100 Source: wordpress Binary: wordpress wordpress-l10n Architecture: source all Version: 3.6.1+dfsg-1~deb7u10 Distribution: wheezy-security Urgency: high Maintainer: Giuseppe Iuculano Changed-By: Craig Small Description: wordpress - weblog manager wordpress-l10n - weblog manager - language files Closes: 813697 Changes: wordpress (3.6.1+dfsg-1~deb7u10) wheezy-security; urgency=high . * Changeset 36435 fixes SSRF for URLs CVE-2016- * Changeset 36444 improved redirect checking CVE-2016-2221 * Closes: #813697 Checksums-Sha1: 624e3af1186f06fd786b8864951bca48816e0562 2323 wordpress_3.6.1+dfsg-1~deb7u10.dsc 476338e9989881e376bec015aed326ea8ff52ad3 5264980 wordpress_3.6.1+dfsg-1~deb7u10.debian.tar.xz bd239e7e31d636b3a5011098ce80a741e125246e 3972044 wordpress_3.6.1+dfsg-1~deb7u10_all.deb ff40d9f5ba6bfccfbb00764000b590f64d1eb500 8871652 wordpress-l10n_3.6.1+dfsg-1~deb7u10_all.deb Checksums-Sha256: 6b71d3df3e22d6361cd65f89ab69250b5d7aef3179db0634030349608d26fab7 2323 wordpress_3.6.1+dfsg-1~deb7u10.dsc 50cfc661d0dc892ba523e47126dc299d20df34e923ca9615c1550731df24609d 5264980 wordpress_3.6.1+dfsg-1~deb7u10.debian.tar.xz 3d05566e61037516313511de6db993efdb04be804b794e4f1eb3de9e4d13b9da 3972044 wordpress_3.6.1+dfsg-1~deb7u10_all.deb 7779ac2b8a3423c048ca8607fecf2d8c94d21f34acd02db921cce7349552b71e 8871652 wordpress-l10n_3.6.1+dfsg-1~deb7u10_all.deb Files: e34e31f98acbb90c2b8b7520d81e5d16 2323 web optional wordpress_3.6.1+dfsg-1~deb7u10.dsc 4b60d1cd42e90ba199ad2e48caeac8c6 5264980 web optional wordpress_3.6.1+dfsg-1~deb7u10.debian.tar.xz 75dbe2992463c7ba2941263f1813b5df 3972044 web optional wordpress_3.6.1+dfsg-1~deb7u10_all.deb 0f7f09520a80382e39032b3683e452b6 8871652 localization optional wordpress-l10n_3.6.1+dfsg-1~deb7u10_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJWtaBlAAoJEAIhZsD/PITjv7gP/ivSyb+gJRP+UfvJzZ4lR4Oz tpQku/i3UgBrc+KOKRGEsHSvV0ZEpD8KroJXELj4C2RkHjycTtsw8QKRTwg6f7Ps JXv9Y8EVphb/MGS3yIRZOl9vfxu3k+ilmNtgfKp8oP/JPoLzYF5MgTZcBjzJ+dAM Q8wKAw9kB/8NEfDlSuUbOuJ3OeDkjPbjik1Tc09t5eZXUDKa01wBEUQuuBOWF2BT DQJX+DbeBa+PyyrSfbtPdGPWrFMlIdDUX4uI81riFz6pZcnQJ2VVekmFBsvaa7fT QgsVqBigp0gsgFp98zQ9TAAYTEnTegJSfg+3FOnjIIJqzAiDceE3HI/bJJELt/LA TTUzZS6upypBrLNjginxBjTn25xU79Il4+Pp/Vth4XeicglUZvcnosXkLNPobrdr IE5xBC7q+P7aXVHp9E20kca/YW0lRgd9E5vhs1KVFIVa3zQZtSb9ZqSkYLYf1QJt 4HTPyDDsmWzyK0hauPJz4/kS2NFEolP+KOCylBrwBpYlPSXYyIwPAYXtGbstSi36 eURp+RvDezu6r90n6nxUWBQkp9429e4x8gmeRXt5+DjhHpEPgE/G4uCjOH5IGn+8 4mRJgmoSlRuTfNXi7lWw1or1jA/Ey25h0/nTcv/xpu8OR3NikneFV/5Ko74RCJvZ 9l/Ka/Z44mg21siREwN4 =oMqq -END PGP SIGNATURE-
Accepted qemu 1.1.2+dfsg-6a+deb7u12 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 01 Feb 2016 23:53:18 +0300 Source: qemu Binary: qemu qemu-keymaps qemu-system qemu-user qemu-user-static qemu-utils Architecture: source all amd64 Version: 1.1.2+dfsg-6a+deb7u12 Distribution: wheezy-security Urgency: high Maintainer: Debian QEMU Team Changed-By: Michael Tokarev Description: qemu - fast processor emulator qemu-keymaps - QEMU keyboard maps qemu-system - QEMU full system emulation binaries qemu-user - QEMU user mode emulation binaries qemu-user-static - QEMU user mode emulation binaries (static version) qemu-utils - QEMU utilities Closes: 799452 806373 806741 806742 808130 808144 810519 810527 811201 Changes: qemu (1.1.2+dfsg-6a+deb7u12) wheezy-security; urgency=high . * applied 3 patches from upstream to fix virtio-net possible remote DoS (Closes: #799452 CVE-2015-7295) * pcnet-add-check-to-validate-receive-data-size-CVE-2015-7504.patch (Closes: #806742, CVE-2015-7504) * pcnet-fix-rx-buffer-overflow-CVE-2015-7512.patch (Closes: #806741, CVE-2015-7512) * eepro100-prevent-two-endless-loops-CVE-2015-8345.patch (Closes: #806373, CVE-2015-8345) * vnc-avoid-floating-point-exception-CVE-2015-8504.patch (Closes: #808130, CVE-2015-8504) * ehci-make-idt-processing-more-robust-CVE-2015-8558.patch (Closes: #808144, CVE-2015-8558) * net-ne2000-fix-bounds-check-in-ioport-operations-CVE-2015-8743.patch (Closes: #810519, CVE-2015-8743) * ide-ahci-reset-ncq-object-to-unused-on-error-CVE-2016-1568.patch (Closes: #810527, CVE-2016-1568) * fw_cfg-add-check-to-validate-current-entry-value-CVE-2016-1714.patch (Closes: CVE-2016-1714) * i386-avoid-null-pointer-dereference-CVE-2016-1922.patch (Closes: #811201, CVE-2016-1922) Checksums-Sha1: 8049b20d54a826ef824e18960b998c7557472b3f 2621 qemu_1.1.2+dfsg-6a+deb7u12.dsc ca5c1f97e6613394e18a96d79a2bfccdb6755104 128897 qemu_1.1.2+dfsg-6a+deb7u12.debian.tar.gz badd7b02e3010f7cf7f65f058ab1daa28f954dd0 50882 qemu-keymaps_1.1.2+dfsg-6a+deb7u12_all.deb ecb7a59bce9585e695c94850c7d1fdc54ea86a70 116268 qemu_1.1.2+dfsg-6a+deb7u12_amd64.deb 366ea277a6675ee9c9884b190eb7dc136bc1c6bb 27900478 qemu-system_1.1.2+dfsg-6a+deb7u12_amd64.deb c673b5e8aa3859846ebfebea3f23ba87d563ba08 7725480 qemu-user_1.1.2+dfsg-6a+deb7u12_amd64.deb 0fba70fb45d9378bb2dc99cf624b03f5f689d8b7 16572050 qemu-user-static_1.1.2+dfsg-6a+deb7u12_amd64.deb 7799b60222d8d4281baba8c15fa902a0170f7ede 665080 qemu-utils_1.1.2+dfsg-6a+deb7u12_amd64.deb Checksums-Sha256: 11de5b757f0daa8c0076e145f126b0468359d1273544c8b9cfeddb47273d4ad1 2621 qemu_1.1.2+dfsg-6a+deb7u12.dsc d023bfd26e9daada179627de8a25167e5534cb993261d3c5950036d7a6298cf1 128897 qemu_1.1.2+dfsg-6a+deb7u12.debian.tar.gz 5894b3037f5676b4058bb84b7a00166f56a3a596278aa2e457ded016ab22e1f9 50882 qemu-keymaps_1.1.2+dfsg-6a+deb7u12_all.deb f10a04468db9370f5121544bd4fc7b252956004eabe797c2a4dfec8f946eb344 116268 qemu_1.1.2+dfsg-6a+deb7u12_amd64.deb a7a6b8ad63fd2cc74198196ed2aac6c73083cc0c017395a9b6513ecc683e14d7 27900478 qemu-system_1.1.2+dfsg-6a+deb7u12_amd64.deb 14cb7234e0222403ca93d419c63e3195d89eac8c4fd5649e5a43eaf85565c6f6 7725480 qemu-user_1.1.2+dfsg-6a+deb7u12_amd64.deb 8ffeb21eba671458ed27b09a46d8872430c76ec4213caff4e498a2cdfaca0097 16572050 qemu-user-static_1.1.2+dfsg-6a+deb7u12_amd64.deb f3ee3a38739f62b2d3e6cf8daa19dd6e055a7d8c26f8b3afeefbbe8cd0f91046 665080 qemu-utils_1.1.2+dfsg-6a+deb7u12_amd64.deb Files: 5573dde7e7e417b8c8e0a169ffe1ae34 2621 misc optional qemu_1.1.2+dfsg-6a+deb7u12.dsc c40eb75e7070afc3ba085b11da235550 128897 misc optional qemu_1.1.2+dfsg-6a+deb7u12.debian.tar.gz 05657f12419d2284668c789ae1d03241 50882 misc optional qemu-keymaps_1.1.2+dfsg-6a+deb7u12_all.deb eee10df8a64c7e1a26dea186a6e97b81 116268 misc optional qemu_1.1.2+dfsg-6a+deb7u12_amd64.deb f7cb8e1521d5cc0509c366584607ecb9 27900478 misc optional qemu-system_1.1.2+dfsg-6a+deb7u12_amd64.deb fc1e6e19ecf87d653109ec0b428c5c51 7725480 misc optional qemu-user_1.1.2+dfsg-6a+deb7u12_amd64.deb 6888dbf0cba12930a94d7692a4ac57df 16572050 misc optional qemu-user-static_1.1.2+dfsg-6a+deb7u12_amd64.deb 6005db4212db4b1cb3aaf40a9baff08d 665080 misc optional qemu-utils_1.1.2+dfsg-6a+deb7u12_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJWr8h4AAoJEL7lnXSkw9fbz7cH/0JQgJtjbVhQSExe/LQF/geu Kad4NMhtC3biiA+kBuRcPwpocrCBFhzjkV98kLZbwXMfp1yONGpr1NmOZA+A4Bn7 Bmos6s1GiA6UTgwyo08b5UjYSdqMABdFKFeWkyeOhj68H72yAXQBbxV8PEa19YpR GOVvj6h5/WPtwktbAZfRj3TrJOakcigmnuUGbvOO3yX8zAlJqR04rF1szN7JZADa fPsaYxokXxeN4qIrA5/iBSa70/eKIL2i8Hd7tW4jM2Q/vX94HMQHcrchXFEIgJ7v wVjT8urHMu3DzkTys70uP9bxHbigen2L4rFImFdI/pWZlBls9eFQaQ+1E/aTEmI= =V5vA -END PGP SIGNATURE-
Accepted polarssl 1.2.9-1~deb7u6 (source amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 23 Jan 2016 15:47:29 +0100 Source: polarssl Binary: libpolarssl-dev libpolarssl-runtime libpolarssl0 Architecture: source amd64 Version: 1.2.9-1~deb7u6 Distribution: wheezy-security Urgency: high Maintainer: Roland Stigge Changed-By: Guido Günther Description: libpolarssl-dev - lightweight crypto and SSL/TLS library libpolarssl-runtime - lightweight crypto and SSL/TLS library libpolarssl0 - lightweight crypto and SSL/TLS library Changes: polarssl (1.2.9-1~deb7u6) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Security Team. * CVE-2015-5291: Remote attack on clients using session tickets or SNI Checksums-Sha1: 84d1cc18c617cddf23b179a663d6973a4420efbb 1804 polarssl_1.2.9-1~deb7u6.dsc 4d7335340d3b06e0cb79ecb45442232c07a2a34a 14240 polarssl_1.2.9-1~deb7u6.debian.tar.gz fb988c428acad4f60b2303c0179bb6f0821afd03 274832 libpolarssl-dev_1.2.9-1~deb7u6_amd64.deb 47f9accb9d9f91fcb451f82b28f0b953eaa6a27c 2786128 libpolarssl-runtime_1.2.9-1~deb7u6_amd64.deb 13c443ff3093983ad622bf07ba91778dd027808d 186032 libpolarssl0_1.2.9-1~deb7u6_amd64.deb Checksums-Sha256: db787ac84d9de83afc949f09f6035357afe4596e2e679868f1534d679cc65744 1804 polarssl_1.2.9-1~deb7u6.dsc 1953ce97c1287cb4a5b39ca30188aacc174e5cba2604f74595f63ae2f2ca574a 14240 polarssl_1.2.9-1~deb7u6.debian.tar.gz 1a9037f163f9788f7f8d156e1efb75d9e60c66b0d4dc59fb5836a17a17914dc8 274832 libpolarssl-dev_1.2.9-1~deb7u6_amd64.deb 70160f373215f3241510d623ed476c285f3db2a9b8f681432bbf81177f3b7a1c 2786128 libpolarssl-runtime_1.2.9-1~deb7u6_amd64.deb 8b3e480bc81dcd693a101865742104b03284ac621b9b86844ca0dd18fbeb772e 186032 libpolarssl0_1.2.9-1~deb7u6_amd64.deb Files: 22c0e997ffaf0c7bac48d4b3a35d26b9 1804 libs optional polarssl_1.2.9-1~deb7u6.dsc af035f3cd242215c9dc05dda83c57e1d 14240 libs optional polarssl_1.2.9-1~deb7u6.debian.tar.gz ddd7f7e734a2872c27817dd897827f32 274832 libdevel optional libpolarssl-dev_1.2.9-1~deb7u6_amd64.deb d420a9a1298d67d0cfbf245d6496d7bb 2786128 libdevel optional libpolarssl-runtime_1.2.9-1~deb7u6_amd64.deb 2671a44f8c04f9ae12d4f22ba09d161d 186032 libs optional libpolarssl0_1.2.9-1~deb7u6_amd64.deb -BEGIN PGP SIGNATURE- iQIVAwUBVqOh0Qe4t7DqmBILAQgoBA/+Pnd4zpTIgKcVudPIhTp2SIg6l7v9l4uq Tj2iyN10vnxKPP9GjbjiIPcqU7R7ypHhLN1jxlX1vxsbsbXp8Nvy8btYEzxJ8fg5 AE2ANHmr3wlISroAUmZjkEMwHyugSJ06MQmvsWTq8GvFbcbecNZji9Twr9QSOG29 kGNbcBP8HrMs4+fwptulhXOe8ePHEXDwiJ6VjGUYLju1iA/XSVSJGDWC3fw5zd8a mBQABzjqm439Bu2AiWPhicqjQGY7pl9Ng6/AgdXcyq9xcKtXeMI6AW+GfLSL5KVO PENmIzuMkm2VSA39H2ZDSV0jjkC1Lu4Po43j+BB7zn9Rt4j8O0z+fn8EoW50iFAV Ckei7i6E/X1VGV9SAvZ4kmu8H/0dhWagCGIgkXJ1aCbEBvoO35566Yd01fDTOsvY ob6LJrXEpqyqlOJRQiXVJno1v/nukjFT1ifprxRkFc4C9sfFUtt6KNHnsK1fqaDF C9n3T0kqLX/zPf/NsfTnzAUuLrDqy7upmLTPzD5cRmoTjwdOXOumJGaq+yg2LSsq pqXJzM74js1gYMl6a3ong9KktSScbyN6W1lYBm1kgTi3Dvg/4GtG1SFWATP/DZh5 dewjktVc27/1iMGQJ2NTGYqbkAuH+0Q8WQeJTiA6M1i6Eewh3lkg2F+4pc1RP19E uNMJrDONOH0= =BPqR -END PGP SIGNATURE-
Accepted libdatetime-timezone-perl 1:1.58-1+2016a (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 03 Feb 2016 20:44:43 +0100 Source: libdatetime-timezone-perl Binary: libdatetime-timezone-perl Architecture: source all Version: 1:1.58-1+2016a Distribution: wheezy Urgency: medium Maintainer: Debian Perl Group Changed-By: gregor herrmann Description: libdatetime-timezone-perl - framework exposing the Olson time zone database to Perl Changes: libdatetime-timezone-perl (1:1.58-1+2016a) wheezy; urgency=medium . * Update to Olson database version 2016a. Checksums-Sha1: 7ad2f83436ac4dceccf23f05af9431ce6ae49988 2533 libdatetime-timezone-perl_1.58-1+2016a.dsc de84c57d7228d0f8a9ab09a860d666fa94b4467a 174844 libdatetime-timezone-perl_1.58-1+2016a.debian.tar.xz 16b9dcd363cc7e64e8b6624217dcfc4b8080d313 265980 libdatetime-timezone-perl_1.58-1+2016a_all.deb Checksums-Sha256: 6b5c17920693283c8a8b8cc7603492f69b0b6b8b8d409672257cb7e8a054ac82 2533 libdatetime-timezone-perl_1.58-1+2016a.dsc 025bbd11a6b6d43361d64c1a7d0cac1d4f1263556025b1be9c7dfbe201756389 174844 libdatetime-timezone-perl_1.58-1+2016a.debian.tar.xz 81f8e92028beaaebe044c784098ce1ff74e271282a48c11b69d65ce92c848858 265980 libdatetime-timezone-perl_1.58-1+2016a_all.deb Files: c1625fe4b3c6ce9b1a00cf933211afe6 2533 perl optional libdatetime-timezone-perl_1.58-1+2016a.dsc 6a82625d3e1456d2bc9ddac816d6eaec 174844 perl optional libdatetime-timezone-perl_1.58-1+2016a.debian.tar.xz 4e35c6fae4ed4ea327dffd8ce75b12df 265980 perl optional libdatetime-timezone-perl_1.58-1+2016a_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQJ8BAEBCgBmBQJWsljzXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXREMUUxMzE2RTkzQTc2MEE4MTA0RDg1RkFC QjNBNjgwMTg2NDlBQTA2AAoJELs6aAGGSaoGwRUP/0i4/i1zQ0RW5phLIewJGCBh ksdn26bU/la/Ed4Xso2VYWuOeZCsf74PL4uDyYn0svNkDcbDzmV+uZBlf+TQzn2V vyIo89RmPuAdvyg2jAe7nKtdPq0/SeONPWPJuzSBvxjoJwQ53S9g+y8Pc+l5myjf Fmnkj+pTd2HKdufgnwvTDGXwGmhu+iyORQIVzx4g/pIoTWRrmrpfLdh6uUOvu3KD Pbq3w7ZIUzhq10mQsJLvJwH3s35gARmuOFgshSEfvqVyqE8EYnp9IJp6Zqkd5MSh yvEGP0z/A9wIbbzLHA67Fx5nAB8Ic3ONIGiXhbqTJbC6iNTWxQ96Dwxk1JDZP+Mi CGe5C+s85pyjcAqMpGuCmRNwC8gV2MR9FzpluU7oZTHugaUWcqfmJpCniHwgESw0 W/OFSFTmcvPUjpaKX4mphApHSZThvpkegSyn7zuC0oaNLpcPIGYgS9p8Tw2q5tBY AfYJx8Ldn8ouqTZgU1qhfF5S1EZb3ec3Jrh+Gt503GdcavdbVNPqjoLhwsleiuVl RmyteQ7DyCIpev3a0ff+ehY2Er79581Vnd3OMH1oflMQrXDpUU4Cd3xTUz1e3ZYk +oBI79wceXlJypuQw+4anMXKYuQ5j2TM2Cc5VRwXjI25KEmsKEMpjRdYSr/9D7Lb YT+8MfHNVgCz+4BzR8YN =8tof -END PGP SIGNATURE-
Accepted krb5 1.10.1+dfsg-5+deb7u7 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 31 Jan 2016 13:39:43 +0100 Source: krb5 Binary: krb5-user krb5-kdc krb5-kdc-ldap krb5-admin-server krb5-multidev libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc libkrb5-3 libgssapi-krb5-2 libgssrpc4 libkadm5srv-mit8 libkadm5clnt-mit8 libk5crypto3 libkdb5-6 libkrb5support0 krb5-gss-samples krb5-locales Architecture: source all amd64 Version: 1.10.1+dfsg-5+deb7u7 Distribution: wheezy-security Urgency: high Maintainer: Sam Hartman Changed-By: Salvatore Bonaccorso Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-doc - Documentation for MIT Kerberos krb5-gss-samples - MIT Kerberos GSS Sample applications krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-locales - Internationalization support for MIT Kerberos krb5-multidev - Development files for MIT Kerberos without Heimdal conflict krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-user - Basic programs to authenticate using MIT Kerberos libgssapi-krb5-2 - MIT Kerberos runtime libraries - krb5 GSS-API Mechanism libgssrpc4 - MIT Kerberos runtime libraries - GSS enabled ONCRPC libk5crypto3 - MIT Kerberos runtime libraries - Crypto Library libkadm5clnt-mit8 - MIT Kerberos runtime libraries - Administration Clients libkadm5srv-mit8 - MIT Kerberos runtime libraries - KDC and Admin Server libkdb5-6 - MIT Kerberos runtime libraries - Kerberos database libkrb5-3 - MIT Kerberos runtime libraries libkrb5-dbg - Debugging files for MIT Kerberos libkrb5-dev - Headers and development libraries for MIT Kerberos libkrb5support0 - MIT Kerberos runtime libraries - Support library Closes: 813126 813296 Changes: krb5 (1.10.1+dfsg-5+deb7u7) wheezy-security; urgency=high . * Non-maintainer upload by the Security Team. * Verify decoded kadmin C strings [CVE-2015-8629] CVE-2015-8629: An authenticated attacker can cause kadmind to read beyond the end of allocated memory by sending a string without a terminating zero byte. Information leakage may be possible for an attacker with permission to modify the database. (Closes: #813296) * Fix leaks in kadmin server stubs [CVE-2015-8631] CVE-2015-8631: An authenticated attacker can cause kadmind to leak memory by supplying a null principal name in a request which uses one. Repeating these requests will eventually cause kadmind to exhaust all available memory. (Closes: #813126) Checksums-Sha1: 2e13e07c08dd2e321795d2120e50521fa2c5699e 2938 krb5_1.10.1+dfsg-5+deb7u7.dsc 35bd8e021519007cf240eea0351242516cb761d2 156798 krb5_1.10.1+dfsg-5+deb7u7.debian.tar.gz a49b966ada737cad5ade8005473103527624d57a 2668968 krb5-doc_1.10.1+dfsg-5+deb7u7_all.deb 3aa2c0f72ea7b70e498c5735275b2f38827169d8 1504092 krb5-locales_1.10.1+dfsg-5+deb7u7_all.deb cf6b4473fc04c66d222954494518f348615d0401 154040 krb5-user_1.10.1+dfsg-5+deb7u7_amd64.deb f5290babf83a4050f945d48477d86fede2563cdd 226770 krb5-kdc_1.10.1+dfsg-5+deb7u7_amd64.deb 79d69713d7968271f86a0f4fb307816d53e3b135 121496 krb5-kdc-ldap_1.10.1+dfsg-5+deb7u7_amd64.deb 6c4167a1bf51477696d2fb5f68930396fe3dfda8 124042 krb5-admin-server_1.10.1+dfsg-5+deb7u7_amd64.deb 3129e4506102b35f188ce26ba0154efcaeedcd54 154350 krb5-multidev_1.10.1+dfsg-5+deb7u7_amd64.deb 0370e07a94dbaf27e669acfd3274ef6c2a0df30c 40358 libkrb5-dev_1.10.1+dfsg-5+deb7u7_amd64.deb 5a279b895c488e9465ccb16b3c8fe1f8416ba36a 2210340 libkrb5-dbg_1.10.1+dfsg-5+deb7u7_amd64.deb e6f38a22d57184f854cd56b200709ac044f6 83218 krb5-pkinit_1.10.1+dfsg-5+deb7u7_amd64.deb 0772a0d2c302c19735eba29cd375d12a71f4ea1c 393868 libkrb5-3_1.10.1+dfsg-5+deb7u7_amd64.deb 4d3826bc7ffed84547fa960ebd75aae38abed4b6 150014 libgssapi-krb5-2_1.10.1+dfsg-5+deb7u7_amd64.deb e0aae862fb77d50ef75e2458a3e6abf78db3bf96 88212 libgssrpc4_1.10.1+dfsg-5+deb7u7_amd64.deb b173aa14747256f32de25a649fe49227c094c644 85546 libkadm5srv-mit8_1.10.1+dfsg-5+deb7u7_amd64.deb 470cf453123eb20e43141489ddf926cdd6d48dfb 68748 libkadm5clnt-mit8_1.10.1+dfsg-5+deb7u7_amd64.deb 9943eea567b0184c9000c2aa855daaf78339255f 113270 libk5crypto3_1.10.1+dfsg-5+deb7u7_amd64.deb 4bed0abbaa66ef57f8f6b8b79a2e3cd438b7e721 67788 libkdb5-6_1.10.1+dfsg-5+deb7u7_amd64.deb 17fb2da62255cf997ca57fe5cc13ff70f67add8b 50454 libkrb5support0_1.10.1+dfsg-5+deb7u7_amd64.deb 1cdddb97e3b861d7aae1ab8811759486c64c72d7 52684 krb5-gss-samples_1.10.1+dfsg-5+deb7u7_amd64.deb Checksums-Sha256: 29b9149c3036b56c71ea311e287e1ab5fc02f65e0a217013310c8c5651ec5059 2938 krb5_1.10.1+dfsg-5+deb7u7.dsc 9f1e2cbe961420558ed4c27ee6c899b1fcca7c144ea3886151f4bc96d175ba7e 156798 krb5_1.10.1+dfsg-5+deb7u7.debian.tar.gz 20d30eb52776e7eda4630d374637e4e7a70617f0e9012cf67de966b84ed435e7 2668968 krb5-doc_1.10.1+dfsg-5+deb7u7_all.deb a062a031b89a98441a89fed1e8f96d24cf29c10b45eef716e25a63b2ad7d9f46 1504092 krb5-locales_1.10.1+dfsg-5+deb7u7_all.deb 3dacd3f05eba31ca671b6139c317701832d2277ee08fbba6821035
Accepted wordpress 4.1+dfsg-1+deb8u8 (source all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 06 Feb 2016 15:13:23 +1100 Source: wordpress Binary: wordpress wordpress-l10n wordpress-theme-twentyfifteen wordpress-theme-twentyfourteen wordpress-theme-twentythirteen Architecture: source all Version: 4.1+dfsg-1+deb8u8 Distribution: jessie-security Urgency: high Maintainer: Craig Small Changed-By: Craig Small Description: wordpress - weblog manager wordpress-l10n - weblog manager - language files wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files wordpress-theme-twentyfourteen - weblog manager - twentyfourteen theme files wordpress-theme-twentythirteen - weblog manager - twentythirteen theme files Closes: 813697 Changes: wordpress (4.1+dfsg-1+deb8u8) jessie-security; urgency=high . * Changeset 36435 fixes SSRF for URLs CVE-2016- * Changeset 36444 improved redirect checking CVE-2016-2221 * Closes: #813697 Checksums-Sha1: ec5b7b222f44f2514fd520ea14424d29d409262d 2533 wordpress_4.1+dfsg-1+deb8u8.dsc 4b55b240b748df7f721213504dd51814fe61cee6 6117108 wordpress_4.1+dfsg-1+deb8u8.debian.tar.xz 824b3b7c595c8bad513aadeed62b9d2026afc13c 3169462 wordpress_4.1+dfsg-1+deb8u8_all.deb 5425f65784cf77d756961aa5d8e994c367a1a471 4239094 wordpress-l10n_4.1+dfsg-1+deb8u8_all.deb f66a93a4b1b2553365947f5132f6ff1855fa8922 501516 wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u8_all.deb 8432cbe09c25041bc1fd4f74148b60cff44bbfb0 800680 wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u8_all.deb 8b4b4f9603a30ef76f7cda64125027161def6aa8 320306 wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u8_all.deb Checksums-Sha256: 19b8f53b002dd56d0e620e74cc87800cfe174d04cf24b651fb1acc1c0273e276 2533 wordpress_4.1+dfsg-1+deb8u8.dsc e78b3bdb71910eb14c02c5c86e5c905cd6f1fe613b8ffaaff274962879b80639 6117108 wordpress_4.1+dfsg-1+deb8u8.debian.tar.xz fe8a7abda8f17466e486f45c331aec91f627aadc79ab6d1bd81916827fcddccc 3169462 wordpress_4.1+dfsg-1+deb8u8_all.deb fa393650ec16c3dc8e0b0c08dc49d2d5eeef3447d39b96755405b2749bac35aa 4239094 wordpress-l10n_4.1+dfsg-1+deb8u8_all.deb cba2e6e8d26e7209e935be1deaeb0d39bc8aed11fb632381ae34e07ebb69436d 501516 wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u8_all.deb a838355fb7b0e047e19852c0bda904f061f070202a9f2ac0a71054e6e48cdc57 800680 wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u8_all.deb 95c93c18b535a08b3a3e4d712a7f24bcdb0a35d0ac6d308e978fa376dae83413 320306 wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u8_all.deb Files: 0d41430f19ddaca26446adfef0476b2a 2533 web optional wordpress_4.1+dfsg-1+deb8u8.dsc c2f3f36a4eedbca31beb55d575f88f85 6117108 web optional wordpress_4.1+dfsg-1+deb8u8.debian.tar.xz 1692e417216724943e4158b9910bf9e9 3169462 web optional wordpress_4.1+dfsg-1+deb8u8_all.deb 31ee69de5c524f374760434b14fb1dc8 4239094 localization optional wordpress-l10n_4.1+dfsg-1+deb8u8_all.deb a7a71bc73b5a3c2b333538431d20c926 501516 web optional wordpress-theme-twentyfifteen_4.1+dfsg-1+deb8u8_all.deb a24e026c011b460582b8e38e7f477bf0 800680 web optional wordpress-theme-twentyfourteen_4.1+dfsg-1+deb8u8_all.deb d3e155f8b0947af07df57fc125279f58 320306 web optional wordpress-theme-twentythirteen_4.1+dfsg-1+deb8u8_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJWtk1PAAoJEAIhZsD/PITjUP4P/ApbKbDQWbiUrh/jZU2ecXZP f525u7vJUBcKvQuWjRpSZgXGdf54rK8alaHRCAMr5t8OUBlFCB2gk4Cmhhldb07s jpPSQJZWwnAmfcTg1aEj5uNHt8lZ/hpohcRL9WXnsCj6XYn7CUvD/CKb7TWF0mkJ TiSBFTb0AxtO8iF3ZEJoA6uaTP8YG2qrChS7N2McYKXa9qvHh4r1vtTu3E1Bh8Bm PLH5DnOxd2WAfedJhiZJkhM0zASJv/V9y+o1vFZl7OwmiVY1TSZdim1UPm/Bbuuy Y8b2wPnbl93rtJ9hQ/YQ92I+nUqT4Ne4IQnSgMxajhrXNWvoa5qnTyLFh7LbLZ+6 jf5tvizAt5hRwmgwcMFDjS1riErKjLdmQziMlQUSbI4EcrEkacc1aHWB4PNlMOWo fo24G4KU1XOmwzUzQex04ivs3S7RIf89nXd78wApSrnKnZIGITrSiIBhZqbXOSnd KpcJTp13jENZR5feVnS9gU/fFbfPfGwaKRZgjo/R2x4ssBc56ML4LLJNPXwe8kXA LjJWYelcJCxIPposETyl7LCWO6vdkuQ1jlTfZjD/ZEBHnpa/qN9tA9gzuNTeAYz9 vGH/ya4h5x0mlehvClFwVjvkUlzEEa4b9rD2ma1mt2asFVmu1yIH/MTdyFFCQX2J Yahp1VXZzXP6C67apc8C =YS+P -END PGP SIGNATURE-
Accepted tiff 4.0.3-12.3+deb8u1 (source all amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 02 Jan 2016 09:18:06 +0100 Source: tiff Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-tools libtiff-opengl libtiff-doc Architecture: source all amd64 Version: 4.0.3-12.3+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Ondřej Surý Changed-By: Laszlo Boszormenyi (GCS) Description: libtiff-doc - TIFF manipulation and conversion documentation libtiff-opengl - TIFF manipulation and conversion tools libtiff-tools - TIFF manipulation and conversion tools libtiff5 - Tag Image File Format (TIFF) library libtiff5-dev - Tag Image File Format library (TIFF), development files libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface Closes: 808968 809021 Changes: tiff (4.0.3-12.3+deb8u1) jessie-security; urgency=high . * Backport upstream fixes for: - CVE-2015-8665 an out-of-bound read in TIFFRGBAImage interface (closes: #808968), - CVE-2015-8683 an out-of-bounds read in CIE Lab image format (closes: #809021), - CVE-2015-8781 out of bounds write at tif_luv.c:208, - CVE-2015-8782 potential out-of-bound writes in decode, - CVE-2015-8783 potential out-of-bound reads in case of short input data, - CVE-2015-8784 potential out-of-bound write in NeXTDecode(). Checksums-Sha1: 1592d69661d4bffeb0924770cadb0280dc6c6bfd 2226 tiff_4.0.3-12.3+deb8u1.dsc 652e97b78f1444237a82cbcfe014310e776eb6f0 2051630 tiff_4.0.3.orig.tar.gz 16b525b3b71102ba1992427c85ffea6d5fa7044a 31764 tiff_4.0.3-12.3+deb8u1.debian.tar.xz 59f99a67bd84376b1bf6956334e7288c98d70fb2 363528 libtiff-doc_4.0.3-12.3+deb8u1_all.deb 2f42ea521422199af07572678f573bb86c438138 213448 libtiff5_4.0.3-12.3+deb8u1_amd64.deb 017e23930fa66c217d579e4a4a930df5267279df 74990 libtiffxx5_4.0.3-12.3+deb8u1_amd64.deb 6340bab6581ae5f9bfabbb338cb61b846f483dc0 335260 libtiff5-dev_4.0.3-12.3+deb8u1_amd64.deb f225923488fd1c419d54fbbfeeccbdaaafe24e4e 285694 libtiff-tools_4.0.3-12.3+deb8u1_amd64.deb c9706d6a178b9d85f1e0638f128534adad05cb3a 79906 libtiff-opengl_4.0.3-12.3+deb8u1_amd64.deb Checksums-Sha256: eb8d25c4f28aafb3ddbe29d29f91876c13539da38011837ad974f65838cf5fec 2226 tiff_4.0.3-12.3+deb8u1.dsc ea1aebe282319537fb2d4d7805f478dd4e0e05c33d0928baba76a7c963684872 2051630 tiff_4.0.3.orig.tar.gz a689adbd64ff8220fb095bceface04417068e69d6ec98063db3489f1c02410a6 31764 tiff_4.0.3-12.3+deb8u1.debian.tar.xz 682b3f9e7e2cd7fd982dc3c51ed92a4529e25ad3336496f11358f7f0c30c9e6d 363528 libtiff-doc_4.0.3-12.3+deb8u1_all.deb 06b4254a0a78fdf199b044975d5b750902ca8916400db7cc309deeba44dee42e 213448 libtiff5_4.0.3-12.3+deb8u1_amd64.deb 132dc95ca561cfa7f0ac7bd25e1c73ded1052414566f74128d921ad73bfaf817 74990 libtiffxx5_4.0.3-12.3+deb8u1_amd64.deb 66475418fa4790016ed42e91b9fead8214605a2b604b4cab7837cadb6ad6ada5 335260 libtiff5-dev_4.0.3-12.3+deb8u1_amd64.deb 43ca07b50381d45ecf1e2430c7960c0e0a301ad0d0567d51a7e8bc4c328b5347 285694 libtiff-tools_4.0.3-12.3+deb8u1_amd64.deb 6e2680ef375c241484fa8e4c354ebf3f8519e4bbe72533d985c76cb1d23ef084 79906 libtiff-opengl_4.0.3-12.3+deb8u1_amd64.deb Files: 336b29c642a4c3f44eca5644b95c0600 2226 libs optional tiff_4.0.3-12.3+deb8u1.dsc 051c1068e6a0627f461948c365290410 2051630 libs optional tiff_4.0.3.orig.tar.gz 8994b58cf108e18084acd4813f376963 31764 libs optional tiff_4.0.3-12.3+deb8u1.debian.tar.xz 1ee185ebe665b2fa80d2dfdf857a9b35 363528 doc optional libtiff-doc_4.0.3-12.3+deb8u1_all.deb 97b01df72c1d4b2c94db92ef79e6dddc 213448 libs optional libtiff5_4.0.3-12.3+deb8u1_amd64.deb 691332632e03c9bf4393ba3f2763227c 74990 libs optional libtiffxx5_4.0.3-12.3+deb8u1_amd64.deb 952ae037759bc976f131e78ac1f49262 335260 libdevel optional libtiff5-dev_4.0.3-12.3+deb8u1_amd64.deb 0f0121dc6100287e623ecb6836f0bbfb 285694 graphics optional libtiff-tools_4.0.3-12.3+deb8u1_amd64.deb 6afe47c3712577cc97147a1a76ac98c0 79906 graphics optional libtiff-opengl_4.0.3-12.3+deb8u1_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCAAGBQJWskzoAAoJENzjEOeGTMi/BOIQAJ3KABfZjXqpDUS8tkX3JMLg Xwvf9p6EviRXLME3cCW/WBHQBfJ72mBUxergJEgzUydQXnl6rKvyCKmpegnNdFu/ j7oJ8Jnw1kCxqf/UT3gDMsUZxd6ghaYBmR/qEbrq0DmruI7GNUXzoHmT+PaNrny1 4fhQf5Fr+6V+iswVdy8Yxy1IMDYxzmai8xLYJ2AThw1mjdj92TBOJPpfFVkAHVWN 8t2nA6fcgH6D1Ubj/bfcRIWXIt38j10oSND1WBss1qyLEgj0HyxHD3kuEqcN/YSx STCJ9VYrROk4JH8wPQqDdDXEl5v+Hx0vy2SIvofR2/ShpRvKVQHyQgYb/L9UsueP RrcKiHg8k0HyyMLGCs7KSmCC1jDYt9d59laxY0iunaBT1KJqALNw0X46AtyyzZkL 7E5mPM7z9y8IDHl3oqZ6u8hYi+YLk44J3yB7el0JAVd6y1VdgGQdYzv37u/iESZG 7frYw/lkU2R91st+f5d6HDk88qwQm0dK/L1zFf813oIrOGlxdQqJshFHMYWKQJYp x30LYxsRPkLqpABGO1ep2uoYMBJqStYPsdZYDG7onca1W8nPm+YnXUPEXcJwQUYH 8uwVFJgEaosQpRkNgyeoc9tKkXsOM29olt7IPywMspWEWDD+gvXVFC7hz8kEXlZC GuyIx7lMG0gDL7czhQpo =yyTs -END PGP SIGNATURE-
Accepted qemu 1:2.1+dfsg-12+deb8u5a (source amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 08 Feb 2016 10:33:30 +0300 Source: qemu Binary: qemu qemu-system qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm Architecture: source amd64 Version: 1:2.1+dfsg-12+deb8u5a Distribution: jessie-security Urgency: high Maintainer: Debian QEMU Team Changed-By: Michael Tokarev Description: qemu - fast processor emulator qemu-guest-agent - Guest-side qemu-system agent qemu-kvm - QEMU Full virtualization on x86 hardware qemu-system - QEMU full system emulation binaries qemu-system-arm - QEMU full system emulation binaries (arm) qemu-system-common - QEMU full system emulation binaries (common files) qemu-system-mips - QEMU full system emulation binaries (mips) qemu-system-misc - QEMU full system emulation binaries (miscelaneous) qemu-system-ppc - QEMU full system emulation binaries (ppc) qemu-system-sparc - QEMU full system emulation binaries (sparc) qemu-system-x86 - QEMU full system emulation binaries (x86) qemu-user - QEMU user mode emulation binaries qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user qemu-user-static - QEMU user mode emulation binaries (static version) qemu-utils - QEMU utilities Closes: 799452 806373 806741 806742 808130 808131 808144 808145 809229 809232 809237 810519 810527 811201 812307 Changes: qemu (1:2.1+dfsg-12+deb8u5a) jessie-security; urgency=high . * applied 3 patches from upstream to fix virtio-net possible remote DoS (Closes: #799452 CVE-2015-7295) * pcnet-add-check-to-validate-receive-data-size-CVE-2015-7504.patch (Closes: #806742, CVE-2015-7504) * pcnet-fix-rx-buffer-overflow-CVE-2015-7512.patch (Closes: #806741, CVE-2015-7512) * msix-implement-pba-write-but-read-only-CVE-2015-7549.patch (Closes: #808131, CVE-2015-7549) * eepro100-prevent-two-endless-loops-CVE-2015-8345.patch (Closes: #806373, CVE-2015-8345) * vnc-avoid-floating-point-exception-CVE-2015-8504.patch (Closes: #808130, CVE-2015-8504) * ehci-make-idt-processing-more-robust-CVE-2015-8558.patch (Closes: #808144, CVE-2015-8558) * two upstream patches from xsa-155 fixing unsafe shared memory access in xen (Closes: #809229, CVE-2015-8550) * net-ne2000-fix-bounds-check-in-ioport-operations-CVE-2015-8743.patch (Closes: #810519, CVE-2015-8743) * net-vmxnet3-avoid-memory-leakage-in-activate_device-[...].patch (Closes: #808145, CVE-2015-8567, CVE-2015-8568) * scsi-initialise-info-object-with-appropriate-size-CVE-2015-8613.patch (Closes: #809232, CVE-2015-8613) * vmxnet3-refine-l2-header-validation-CVE-2015-8744.patch (Closes: CVE-2015-8744) * vmxnet3-support-reading-IMR-registers-on-bar0-CVE-2015-8745.patch (Closes: CVE-2015-8745) * ide-ahci-reset-ncq-object-to-unused-on-error-CVE-2016-1568.patch (Closes: #810527, CVE-2016-1568) * fw_cfg-add-check-to-validate-current-entry-value-CVE-2016-1714.patch (Closes: CVE-2016-1714) * i386-avoid-null-pointer-dereference-CVE-2016-1922.patch (Closes: #811201, CVE-2016-1922) * e1000-eliminate-infinite-loops-on-out-of-bounds-start-CVE-2016-1981.patch (Closes: #812307, CVE-2016-1981) * hmp-fix-sendkey-out-of-bounds-write-CVE-2015-8619.patch (Closes: #809237, CVE-2015-8619) Checksums-Sha1: 98393c6d4d972757e6a15b457b4904536a92ca3f 5176 qemu_2.1+dfsg-12+deb8u5a.dsc a5928d53f352ec549837ba63f55c5d52341999be 128076 qemu_2.1+dfsg-12+deb8u5a.debian.tar.xz d96b963059051a0941213cad62d8b6f61316d56c 122694 qemu_2.1+dfsg-12+deb8u5a_amd64.deb 542fde82530914515f19f0f042bac8eaa23e20c9 51930 qemu-system_2.1+dfsg-12+deb8u5a_amd64.deb 40fa761909e8a021db40334df486cd2f8c4de3e5 281718 qemu-system-common_2.1+dfsg-12+deb8u5a_amd64.deb 390417db23daeef6f5f6d3ba04678c6cd002edf6 5198408 qemu-system-misc_2.1+dfsg-12+deb8u5a_amd64.deb 5e88681a3ea2e9ff9efca27b577509633ac3b7a0 2231682 qemu-system-arm_2.1+dfsg-12+deb8u5a_amd64.deb 634f0ed0c7bcf2382986487d0d3e1c3bb85e4fd7 2553396 qemu-system-mips_2.1+dfsg-12+deb8u5a_amd64.deb e23e74a457a77294e8b352a41d52370f2540e126 2831746 qemu-system-ppc_2.1+dfsg-12+deb8u5a_amd64.deb 01f345932dc38a48c321fddb4bd7b8e9afb05027 1668400 qemu-system-sparc_2.1+dfsg-12+deb8u5a_amd64.deb 0956ce514ae60d1c9719b5b1603994acfa180c2a 2044598 qemu-system-x86_2.1+dfsg-12+deb8u5a_amd64.deb ec29c3080f143940fd1ead9a7f0afd8c4ae18468 4890826 qemu-user_2.1+dfsg-12+deb8u5a_amd64.deb ab78e3a696a5f45b0124bd7656fae0c62e8a24a3 6897096 qemu-user-static_2.1+dfsg-12+deb8u5a_amd64.deb 09db7d2562f837c63d69c9cb1cc34a5a82f2dbc9 2888 qemu-user-binfmt_2.1+dfsg-12+deb8u5a_amd64.deb 9ae42be909bfc7d300116437360207edbefdfd29 482032 qemu-utils_2.1+dfsg-12+deb8u5a_amd64.deb 22bd2658155dfac41eec7cab0cdca0f41c05fc25 136226 qemu-guest-agent_2.1+dfsg-12+deb8u5a_amd64.deb fc9df80dc40eb7e9fc4b966194a3d
Accepted qemu 1:2.1+dfsg-12+deb8u5 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 01 Feb 2016 23:32:49 +0300 Source: qemu Binary: qemu qemu-system qemu-system-common qemu-system-misc qemu-system-arm qemu-system-mips qemu-system-ppc qemu-system-sparc qemu-system-x86 qemu-user qemu-user-static qemu-user-binfmt qemu-utils qemu-guest-agent qemu-kvm Architecture: source Version: 1:2.1+dfsg-12+deb8u5 Distribution: jessie-security Urgency: high Maintainer: Debian QEMU Team Changed-By: Michael Tokarev Description: qemu - fast processor emulator qemu-guest-agent - Guest-side qemu-system agent qemu-kvm - QEMU Full virtualization on x86 hardware qemu-system - QEMU full system emulation binaries qemu-system-arm - QEMU full system emulation binaries (arm) qemu-system-common - QEMU full system emulation binaries (common files) qemu-system-mips - QEMU full system emulation binaries (mips) qemu-system-misc - QEMU full system emulation binaries (miscelaneous) qemu-system-ppc - QEMU full system emulation binaries (ppc) qemu-system-sparc - QEMU full system emulation binaries (sparc) qemu-system-x86 - QEMU full system emulation binaries (x86) qemu-user - QEMU user mode emulation binaries qemu-user-binfmt - QEMU user mode binfmt registration for qemu-user qemu-user-static - QEMU user mode emulation binaries (static version) qemu-utils - QEMU utilities Closes: 799452 806373 806741 806742 808130 808131 808144 808145 809229 809232 810519 810527 811201 Changes: qemu (1:2.1+dfsg-12+deb8u5) jessie-security; urgency=high . * applied 3 patches from upstream to fix virtio-net possible remote DoS (Closes: #799452 CVE-2015-7295) * pcnet-add-check-to-validate-receive-data-size-CVE-2015-7504.patch (Closes: #806742, CVE-2015-7504) * pcnet-fix-rx-buffer-overflow-CVE-2015-7512.patch (Closes: #806741, CVE-2015-7512) * msix-implement-pba-write-but-read-only-CVE-2015-7549.patch (Closes: #808131, CVE-2015-7549) * eepro100-prevent-two-endless-loops-CVE-2015-8345.patch (Closes: #806373, CVE-2015-8345) * vnc-avoid-floating-point-exception-CVE-2015-8504.patch (Closes: #808130, CVE-2015-8504) * ehci-make-idt-processing-more-robust-CVE-2015-8558.patch (Closes: #808144, CVE-2015-8558) * two upstream patches from xsa-155 fixing unsafe shared memory access in xen (Closes: #809229, CVE-2015-8550) * net-ne2000-fix-bounds-check-in-ioport-operations-CVE-2015-8743.patch (Closes: #810519, CVE-2015-8743) * net-vmxnet3-avoid-memory-leakage-in-activate_device-[...].patch (Closes: #808145, CVE-2015-8567, CVE-2015-8568) * scsi-initialise-info-object-with-appropriate-size-CVE-2015-8613.patch (Closes: #809232, CVE-2015-8613) * vmxnet3-refine-l2-header-validation-CVE-2015-8744.patch (Closes: CVE-2015-8744) * vmxnet3-support-reading-IMR-registers-on-bar0-CVE-2015-8745.patch (Closes: CVE-2015-8745) * ide-ahci-reset-ncq-object-to-unused-on-error-CVE-2016-1568.patch (Closes: #810527, CVE-2016-1568) * fw_cfg-add-check-to-validate-current-entry-value-CVE-2016-1714.patch (Closes: CVE-2016-1714) * i386-avoid-null-pointer-dereference-CVE-2016-1922.patch (Closes: #811201, CVE-2016-1922) Checksums-Sha1: e83e863c38e418b2623c6700b13c8c4c4f6e7eb9 5174 qemu_2.1+dfsg-12+deb8u5.dsc 54a39c8e48b1b1e7d39beeeb7eb9fc554623897f 127544 qemu_2.1+dfsg-12+deb8u5.debian.tar.xz Checksums-Sha256: 5ab190585d859a94c3aee7397c6c54a3f9c9169fbee45a694d33962b2af9b62f 5174 qemu_2.1+dfsg-12+deb8u5.dsc 938be4ec654e623b0ad783eba71b951d7c92f98f803a1671e27de896d7009beb 127544 qemu_2.1+dfsg-12+deb8u5.debian.tar.xz Files: e51c9efc7305e91cf03a6c5f6b4f49d4 5174 otherosfs optional qemu_2.1+dfsg-12+deb8u5.dsc ab8611a4548efcb3c4c0aca8ab64590a 127544 otherosfs optional qemu_2.1+dfsg-12+deb8u5.debian.tar.xz -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJWr8SBAAoJEL7lnXSkw9fbzYcH/RA8b2ogrYlEKYvYtcPn6gC2 27WWqxQ4Rkiaja61msNJvsnYFIMOh/HuFGDbXQoewV064I7AltnjNCwSSTs4vPTn hEZeN2C7tEsW9vQ/O85Xb7g8ZVPxov6hsfF9U/k0OIi84kZp8Vgj5JkJV5Sp1XFL YrLB8GnMO4AojP5S904mIMTjpB0OfitPUNo29r8Ppce+Wr+s35gPja7iGp+hFwyE h9x+e//tqMtuj3TNrfhkbnF4rUgOyvmm7T79GY2Ma5vgjMGU9ZT+I6Jl8DsyWMAd U3AkhMP3K8+86gKPnDoFpleIZeL7u74R5px586BzAQOn2fl1e8JgytUVE4QCV4A= =l7aU -END PGP SIGNATURE-
Accepted polarssl 1.3.9-2.1+deb8u1 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 05 Feb 2016 13:41:23 +0100 Source: polarssl Binary: libpolarssl-dev libpolarssl-runtime libpolarssl7 Architecture: source Version: 1.3.9-2.1+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Roland Stigge Changed-By: Guido Günther Closes: 801413 Description: libpolarssl7 - lightweight crypto and SSL/TLS library libpolarssl-dev - lightweight crypto and SSL/TLS library libpolarssl-runtime - lightweight crypto and SSL/TLS library Changes: polarssl (1.3.9-2.1+deb8u1) jessie-security; urgency=high . * Non-maintainer upload. * Backport patches for CVE-2015-5291 and CVE-2015-8036 (Closes: #801413) * Add simple smoke test Checksums-Sha1: 5cca94595fad469f4db2fe5dcb01a9c3bee282b0 1866 polarssl_1.3.9-2.1+deb8u1.dsc 3462b4455e1443ac1a1007fbd69861ebfb5c5506 1741396 polarssl_1.3.9.orig.tar.gz 5a1c499f6b3308efe985d4778aaf3f6d108ac673 8844 polarssl_1.3.9-2.1+deb8u1.debian.tar.xz Checksums-Sha256: d5495ac3ea1daf3c692095bd378cd9828a8a08bbde22d1d01592a71dc563b4bb 1866 polarssl_1.3.9-2.1+deb8u1.dsc d3605afc28ed4b7d1d9e3142d72e42855e4a23c07c951bbb0299556b02d36755 1741396 polarssl_1.3.9.orig.tar.gz a82ea0b17baee04e84c9d1ff798e98a56fb7868d7a465797e4c383f767622023 8844 polarssl_1.3.9-2.1+deb8u1.debian.tar.xz Files: a1a14db34e03ef2c4d6727f5ffa72315 1866 libs optional polarssl_1.3.9-2.1+deb8u1.dsc 48af7d1f0d5de512cbd6dacf5407884c 1741396 libs optional polarssl_1.3.9.orig.tar.gz 217fee58d15b80c4f9a9b87b100abf49 8844 libs optional polarssl_1.3.9-2.1+deb8u1.debian.tar.xz -BEGIN PGP SIGNATURE- iQIcBAEBCAAGBQJWthUUAAoJEAe4t7DqmBIL8WMP/1TW8g2d52ty0ZVhfP2gCSpF 0AJ83uvTjHGR+O3akI+44TTFkwmW+aGkleErIRk9S6V9Ru6OyLSjyBg9zuGshYU7 BG+HPMhzUbZ2wTc7gdBoYwetjE8MYMgof23bFVSZtJPtxJH5T5Upaz8qi7U9FDtM lTjqw2p+xFwZLJmiXiq4ULi6gtv4mykV6yH55RabXbl1u31UjXiTItxmlFEvzvWv NxXE/J62MzPZPoNZ/8wXNPApiQW5JfEiSw+3WPcO8cf/acgr9+6YPJUbBB+pi2M4 eZOT08XhzGJaEbldSWb4U6xEm+rEFb/tYv55fW+VGVwXMOhrN4CCaN4/Ej1ZcpgD NNCVpsKI2HZxwGw0Pxm5xoKkc5blG9HHReKAkXHhebtuIfXGzeHs8AkXYzzhSkD8 55vp9xLscDj7R72YuZ8lcLV4lRJzkt6V5r/FWZxoroySZvWPgWCyyDprRmBimoik fJ+0snd4NrOLpBkX48A4/OjtmoUiij9JfvRQcLrsy3Rmx8okUD5Ze/3tXh3cx8fI +3oX9D0I7hfQpA3gPp3lBrTAYZlCNdWP83T6XiCYCyDbVvVvJnD8wh5Am+ytoJwu dV41cXMiU7EHZdFOAdJJ50QM9K7Yi76xTrXnU7iz1LplBJmSvU9oDE06sttylwkR Sb3gPCagXctamhLiWvyu =TGMn -END PGP SIGNATURE-