Accepted jetty9 9.4.50-4+deb12u3 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 7 Apr 2024 22:31:45 CEST Source: jetty9 Architecture: source Version: 9.4.50-4+deb12u3 Distribution: bookworm-security Urgency: high Maintainer: Debian Java Maintainers Changed-By: Markus Koschany Checksums-Sha1: 993e3deffc6cdc131b21203814655c6a21940938 2836 jetty9_9.4.50-4+deb12u3.dsc 9e5acac5c2728b421791347629f570b3c061eba1 82528 jetty9_9.4.50-4+deb12u3.debian.tar.xz 870f42a9b318ea1263d3e941f2f41872818aa382 19236 jetty9_9.4.50-4+deb12u3_amd64.buildinfo Checksums-Sha256: d2375925e47595d87e5c5329acac0715af0535469405b529ecd63ca8395f4213 2836 jetty9_9.4.50-4+deb12u3.dsc cec77b64bfd93368377aa9291b100f4e7c18242005e37758ef8a314f0b8e5802 82528 jetty9_9.4.50-4+deb12u3.debian.tar.xz 44f93c184d471a762f0263d26056ace7ce2823aa79b1d70ae45f99878c50bb81 19236 jetty9_9.4.50-4+deb12u3_amd64.buildinfo Changes: jetty9 (9.4.50-4+deb12u3) bookworm-security; urgency=high . * Team upload. * Fix CVE-2024-22201: It was discovered that remote attackers may leave many HTTP/2 connections in ESTABLISHED state (not closed), TCP congested and idle. Eventually the server will stop accepting new connections from valid clients which can cause a denial of service. Files: 70ae7f71b9d1138c687dafeaedb2 2836 java optional jetty9_9.4.50-4+deb12u3.dsc 67ce53cc8de4bd0e004fdde1cdc4ca4b 82528 java optional jetty9_9.4.50-4+deb12u3.debian.tar.xz e232502b82415d6642c3f0096ba4fad4 19236 java optional jetty9_9.4.50-4+deb12u3_amd64.buildinfo -BEGIN PGP SIGNATURE- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmYTA1tfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkC9wQAMITTmUlDRNdedDtJTD4BU9RZ+fQUq4aLdHK gFOXsd1bYudShHBdK1h4HDu1SE+dYGatZtntDtFAuNNMilpDtIB2I9IaAlpZi8fn v0ShB+ldErWACyKcs7LuB/Zg9jLWdyeqmaW2REkZNg7E7W7OyPvoQedZWMcUt4IT FLu7UkpsmjaTfVPGx7MQlZdh6kJUWvSd21dWZ9Gf7cvK98tj1nofN4UGnLHPi05D QBHbym6ZpFHwEi9nm+VWgIQPWDb2jEToWKtRmyLwzx5Zk5CT8fWejzuS3BhIvQf0 8Zu9FRAjjuwb0hD+C4o0tLZnyw022L/F5XzGb4fC9L1+XY0L2ckEuax6iPyovNpy I6IyUQZpy0dct16CY4f7u+SLUNyyC+FHIx9fzFq30q8u4ckueoV1BGZATGzPxnP+ 23oKBCKOBP9zq4mrUKdHiaR3UzfXDI9SCYQEQCjqcwO4sMct5MeKNWEp8HbySnKq 0mcjScy8DXQqVBo9ToT3cFjGQfSvlZMqjtoPtwwFJ2FyaIorrPAYwWmD0xW2FTG0 WON/BCXbIUd7SV5SXkhptH1n2DRdBKgBhPgb0DJczahz1pGn2SF2g+I3NyjzMsar zsTv9FXskFf/kYmAcTQF6IsJRQBa8iJqacbYVqi3lFejI29ibgJdcFIgOSezjq8b eC6TKRMR =f9hT -END PGP SIGNATURE- pgpT6k_RHbB7D.pgp Description: PGP signature
Accepted dcmtk 3.6.7-9~deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 19 Apr 2024 13:38:32 +0200 Source: dcmtk Architecture: source Version: 3.6.7-9~deb12u1 Distribution: bookworm Urgency: medium Maintainer: Debian Med Packaging Team Changed-By: Andreas Beckmann Closes: 1038776 Changes: dcmtk (3.6.7-9~deb12u1) bookworm; urgency=medium . * Team upload. * Rebuild for bookworm. . dcmtk (3.6.7-9) unstable; urgency=medium . * Team upload. * Fix postrm Closes: #1038776 Checksums-Sha1: 2b250ec7cf930ed1267cc98123a16e03aa406645 2349 dcmtk_3.6.7-9~deb12u1.dsc 8cf2df9d490e0ce0e7d8944e084471b3d2292d36 40828 dcmtk_3.6.7-9~deb12u1.debian.tar.xz 91396b238f61ce74d54dfdc85dae6aa083022b42 7802 dcmtk_3.6.7-9~deb12u1_source.buildinfo Checksums-Sha256: cd9c012c5a332d41c826eeb1567e486fcaa72c31ee4cde72db04cc45cd61a808 2349 dcmtk_3.6.7-9~deb12u1.dsc be1c74ac0c18c4d8cef3eff770b415479112bd25133189bee2f03043c194d652 40828 dcmtk_3.6.7-9~deb12u1.debian.tar.xz 03264ff59aad4f19511e585c996ee1f21c3bc431832ed2b832a9b79216a6cf61 7802 dcmtk_3.6.7-9~deb12u1_source.buildinfo Files: fb28e30524dee82ec2a0a95a22f80746 2349 science optional dcmtk_3.6.7-9~deb12u1.dsc a66d8bd4254fabecd699d6fcf0e4f81f 40828 science optional dcmtk_3.6.7-9~deb12u1.debian.tar.xz 22d5dee9a35f038f9e8a64ae2052ccc2 7802 science optional dcmtk_3.6.7-9~deb12u1_source.buildinfo -BEGIN PGP SIGNATURE- iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmYiWEwQHGFuYmVAZGVi aWFuLm9yZwAKCRBfsz+TWentCP0sEACAvysdi7KkKQne/du020vrakIwVSzltutg VRL1JHzGOC/5c7hsyo6t/rANO1AM1kwCfZvDkjbsg2NAfNVGvUZZfjljFoak2M0l LPAxzPqLolfHoxrRnJ0XnznWQu9PyA/jXlfCpVgVLK06h8CsAAc3sv6zPSBOAI1W ZuEgXxGmLdciQ+en2x1m2Jz7A4LpVRLYelCmlMk6auUvZnpNudbwV4v3H9wIrfAa QqtNvSoBv7knRk8EHiFUHbXTa8s8NS2jQgWFRIFciCeKvZsGwiF8PeAPxv9HO5SO oR5oerr12IVRVOXVXTwrKMFWiWhOjG/kKPJcvUTjZStTReNkmnKtEmIZ+SbnV2BG custmDTehbTucZCLD3GDcXIuQCrxaOYXLbFpTF9JxYbJU9HUIx9OEWlnCWIk9RuJ rGOiUWaJbZuTNzltXZlmgMQM60JblS43mvBydiZ3lLinSnNipsPkV0R5+MIJHvti ++HFG01IbOcOyfDPd11yN5n1hp/r0Dkf31li7mx+IOLDWoyDGnePyv/hnkElvlGA DrSpSktcV0gWMHPbOZQri+iyMGeMsJlSA4irENios6XX9Z19eoEaJA+K25mtola+ An/YgHS1e0yYrRgboY3pSsfMRa7k4LaPBH4CQwsSbjJGub1rSpMVVthgUOZKK2M9 yo1Grn+MIA== =cRIT -END PGP SIGNATURE- pgpJYjD0bQcB2.pgp Description: PGP signature
Accepted igtf-policy-bundle 1.128-1~deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 10 Apr 2024 13:43:46 +0200 Source: igtf-policy-bundle Architecture: source Version: 1.128-1~deb12u1 Distribution: bookworm Urgency: medium Maintainer: Dennis van Dok Closes: 1045502 Changes: igtf-policy-bundle (1.128-1~deb12u1) bookworm; urgency=important . * Proposed update to address CAB Forum S/MIME policy change . igtf-policy-bundle (1.128-1) unstable; urgency=medium . * updated CRL download URL for ArmeSFo (AM) . igtf-policy-bundle (1.127-1) unstable; urgency=medium . * added supplementary issuing CA Issuing CA IGTF - C5 - 1 for eMudhra (IN) * removed discontinued QuoVadis CAs QuoVadis-Grid-ICA-G2 QuoVadis-Root-CA2G3 QuoVadis-Root-CA2 and QuoVadis-Root-CA3G3 (BM) . igtf-policy-bundle (1.126-1) unstable; urgency=medium . * New upstream release: * removed replaced InCommon IGTF Server CA and associated Comodo RSA CA (US) * removed discontinued UNLPGrid CA (CL) . igtf-policy-bundle (1.125-1) unstable; urgency=medium . * New upstream release: * Updated root certificate ArmeSFo CA with extended validity (AM) . igtf-policy-bundle (1.124-1) unstable; urgency=medium . * New upstream release: * updated contact meta-data for ArmeSFo authority (AM) * removed discontinued AEGIS authority (RS) * removed suspended KENET Root and issuing CAs (KE) * removed suspended SDG-G2 authority (CN) * removed suspended CNIC authority (CN) * removed all four discontinued DigitalTrust CAs operated by their issuer (AE) . igtf-policy-bundle (1.123-1) unstable; urgency=medium . * New upstream release: * Add ECC private trust hierarchy for GEANT (Research and Education) TCS (EU) * Added accredited private trust eMudhra IGTF root and issuers (IN) . igtf-policy-bundle (1.122-1) unstable; urgency=medium . * New Upstream release: * Added private trust hierarchy for GEANT (Research and Education) TCS (EU) * Added accredited eMudhra joint public trust root and issuing CAs (IN) * Added private trust eMudhra IGTF root and issuers as experimental (IN, US) * Closes: 1045502 . igtf-policy-bundle (1.121-1) unstable; urgency=medium . * New upstream release: * Added accredited (classic) InCommon RSA IGTF Server CA 3 under the Sectigo USERTrust RSA root, for which namespaces have been updated (US) . igtf-policy-bundle (1.120-1) unstable; urgency=medium . * New upstream release: * Added transitional CDP mirror URLs for retiring DigitalTrust CAs (AE) * Removed discontinued NIIF-Root-CA-2 (HU) * Removed expiring GermanGrid (GridKA CrossGrid) CA (DE) . igtf-policy-bundle (1.119-1) unstable; urgency=medium . * New upstream release: * Updated UKeScience Root (2007) with consistent string encodings (UK) * Removed obsolete SHA1 subordinates DigiCertGridTrustCA-Classic and DigiCertGridCA-1-Classic from DigiCert, reflected in RPDNC namespaces * Experimental (non-accredited) new InCommon RSA IGTF Server CA 2 (ICA under Sectigo USERTrust RSA root, for which namespaces have been updated) (US) Checksums-Sha1: 08cea50860051951e99842b4423df09c49e8af99 2612 igtf-policy-bundle_1.128-1~deb12u1.dsc 57026e6214a73c1b7a6193dbdfad82b0cf3e6693 32988 igtf-policy-bundle_1.128-1~deb12u1.debian.tar.xz 99c35460c983941dc5c4b8ed8fb8960b0143399a 6043 igtf-policy-bundle_1.128-1~deb12u1_source.buildinfo Checksums-Sha256: e767d0534fad1ac7e9a40917417cec5e4d46916752f461f8be86ce8bfe20553a 2612 igtf-policy-bundle_1.128-1~deb12u1.dsc 2840e509f3aed82e66199bd6226863e75249bb15c2951eeace40291e5887b92b 32988 igtf-policy-bundle_1.128-1~deb12u1.debian.tar.xz a5e5179502d0577d75d5e3fc6843f4e13d9c8605692abf9ef61dc97b68b4fe14 6043 igtf-policy-bundle_1.128-1~deb12u1_source.buildinfo Files: d196458ad00ea10d2b142cd9628d7f16 2612 misc optional igtf-policy-bundle_1.128-1~deb12u1.dsc e243c2d35e8bfb970df1d3709ad682be 32988 misc optional igtf-policy-bundle_1.128-1~deb12u1.debian.tar.xz 3cd0ede27bc38a79151e2d8b05f7dc8f 6043 misc optional igtf-policy-bundle_1.128-1~deb12u1_source.buildinfo -BEGIN PGP SIGNATURE- iQJHBAEBCgAxFiEEWGm4u3eUE64rvBHj3/rYGXYX7xkFAmYWe3QTHGRlbm5pc3Zk QG5pa2hlZi5ubAAKCRDf+tgZdhfvGWSiD/462SX+2Ltfm4zr53T1np9fZFPT/VK6 CIJdKNY7JYKll9HdvUeDmtrQ1AavhYyCvzQEndX+dPIWigeSaUTUqTgo/jfk7KgO kN2todWpk4KX0s7oUUacW4VWUDur8oZpP3RBktQgtpYZJHOrmx5TZ+vKcLm6NjAd XGEs0Uo+TSqxVDJuMCJzvRsJKEsoBs4HiJrHgttV67rqAqRU+xdnjJ41rHeYbNhw hkJXJpL5JN80DBIwfArgS3ryCyIAMOJfHCIEWF+zhpcLaRclTaXMSQaNntX7eIoa kzNktyO6hwC6CJtGUoTrNtyNw2NW34NpVSqd6pNctwytrETrlLx8cn7La65Au7CG f2hvUKMxqquekx3m4ENB5jY6d/j5ca8Y9k8nxZR8LYSVfUaSUhAjLQLzZaX9eyIM ZFYibmDFq7UJo8Jd9fsodWB+FsDRDml5VPGDME27GV45/OfvJHSCbJ36MVghfFfm 0XmBbuSAp//As16L8X2VuKpDf5oDHYDta8uACMfnf6xrUuGEhvoFJ5hVV8yCC2V6 cN7v5FrKEoakWXXU/DM0sCsFZvU1NBPYSmIm4wI1yjhu/h1jsk85Gw2Uhoo5DltL JzdCCBpAM6/7mz+cQtoEM8WfYK6Q/kbV3uBPyVGYGtXivvSBozYrK1q9v60d0+OD izRO3XpYe4FIwA== =flH5 -END PGP SIGNATURE- pgpU5uJrEc8Mt.pgp Description
Accepted pdudaemon 0.0.8.58.g597052b-1+deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 19 Apr 2024 09:40:49 +0200 Source: pdudaemon Architecture: source Version: 0.0.8.58.g597052b-1+deb12u1 Distribution: bookworm Urgency: medium Maintainer: Matt Hart Changed-By: Andreas Beckmann Closes: 1060768 Changes: pdudaemon (0.0.8.58.g597052b-1+deb12u1) bookworm; urgency=medium . * Non-maintainer upload. * Add dependency on python3-aiohttp. (Closes: #1060768) Checksums-Sha1: 3b26f7e79a620f96e5ee523cbb5b4d22f450cb57 2370 pdudaemon_0.0.8.58.g597052b-1+deb12u1.dsc da20c4e0cb23034a8471996b80cf46d70e9bb690 6220 pdudaemon_0.0.8.58.g597052b-1+deb12u1.debian.tar.xz 3b1426ad9dc75af6779ea3cf63eea2f1c814e0bb 7970 pdudaemon_0.0.8.58.g597052b-1+deb12u1_source.buildinfo Checksums-Sha256: 688a97c3834e0e897948a0fe526f9d7f434073ed49fddb63abc9856f667f7bc6 2370 pdudaemon_0.0.8.58.g597052b-1+deb12u1.dsc c067261dfb7cb3ccb7ab6cc0bdb187b6c583b84d6e3a9331f0b713d2cd71a129 6220 pdudaemon_0.0.8.58.g597052b-1+deb12u1.debian.tar.xz bd9a86bb499932e5a1373550fb62df756e6baa288b2e5e04023a275a61203106 7970 pdudaemon_0.0.8.58.g597052b-1+deb12u1_source.buildinfo Files: e9b619a130fcd87cd323d316efe2b77b 2370 net optional pdudaemon_0.0.8.58.g597052b-1+deb12u1.dsc 387963239190295def6783db7e42b80e 6220 net optional pdudaemon_0.0.8.58.g597052b-1+deb12u1.debian.tar.xz b37b9f0d772692c22f9d866ae450834f 7970 net optional pdudaemon_0.0.8.58.g597052b-1+deb12u1_source.buildinfo -BEGIN PGP SIGNATURE- iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmYiIGYQHGFuYmVAZGVi aWFuLm9yZwAKCRBfsz+TWentCCsdEACkRycdf+9l1hXyQqXvatuFw0jyw3CUy9+l QL7q3T57Gnrmw6rmNDysoK24i8tfOQqU7TvWIHTjIIlbNvTRTr4QOnbx4zU2wdlt LPGUuoMdN8EG+gzxd83COx9Ywyd1InUQphRps+aFFsB4Zhrn+YEMyv1hQ8i7ce7a aODBsbV/92sxnU2HmcA8h5GVp2dgEtI0uArGqBRlup+dXM+hXfDFK0wAmYBUwYBb 1pggYoMIAAyUVBGQPaQGzc4csRNbfNSwgtKYR+wa4dl7NiKpgvJ6m+SLTFUpy4ts lrrOt4hAQfOX8D6ClwayOD9FaPhrCiWo/7cLuW9Wct0bDTl66iuBya+LuNswp/LM QRVvSJ5QJR4UPdTYtTGBP1W1R6Op0reFTPKyUedkhharoUuNcw0FfZsFKqhRWMBM kurts1U3wE8pgia2nt58DPrRm2MIhVVuzZAkxOOPwIrO1WOWJEgDpm6jOZiqalnD gqGel+9j3DX+Pdz5YPh/BHeUqbcB0844eA1X1bKQ07bXj1s0itgK4krvXif34e9n A+cOmQTRup578kgojuohlNpCCc+/qtdQtJeZb7hedwCjaKEKu4jmlKjwgzVF/S7k ssN6Ly4SNLEZXvFSZ3Bz2xIfJjUkSKNGotUxGanFk+Zsbt9JUnC5/e25LALKcrI3 XqkFxy9pGw== =7Gob -END PGP SIGNATURE- pgpV8Zwp929O0.pgp Description: PGP signature
Accepted yapet 2.6-2~deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 11 Apr 2024 20:40:18 +0200 Source: yapet Architecture: source Version: 2.6-2~deb12u1 Distribution: bookworm Urgency: medium Maintainer: Salvatore Bonaccorso Changed-By: Salvatore Bonaccorso Closes: 1064724 Changes: yapet (2.6-2~deb12u1) bookworm; urgency=medium . * Rebuild for bookworm . yapet (2.6-2) unstable; urgency=medium . * crypt/blowfish: Remove EVP_CIPHER_CTX_set_key_length() (Closes: #1064724) * crypt/aes: Remove EVP_CIPHER_CTX_set_key_length() Checksums-Sha1: 0a691e8916fd5949d49c4c357a7dcb78452fda72 2064 yapet_2.6-2~deb12u1.dsc 335a90e8fefc66c9841426829d31880c84fd428a 8028 yapet_2.6-2~deb12u1.debian.tar.xz Checksums-Sha256: 62195a270b1c7939db5b7008a656d05eec3c13bbc93db78f8cb7b41fd5dd2009 2064 yapet_2.6-2~deb12u1.dsc 805b03cc33acb8789e6c48d486edee19e5ff0771cf3a66ad732650f089f79a5a 8028 yapet_2.6-2~deb12u1.debian.tar.xz Files: 210afad98d9b43635abe82a24dd5454d 2064 utils optional yapet_2.6-2~deb12u1.dsc c7ec34ece7531676f120836b63ba1419 8028 utils optional yapet_2.6-2~deb12u1.debian.tar.xz -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmYYMFxfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89ElwUP/2M+gLpGqVZvTXiS9fWr2BYilBs+6CDs QnkXQF7qXIF7hVJlBrURefgLyZOnEuiTeyM043cMPjptqDS9EmaS8aetCWdvq23F EjtXAkGXNnxhugOu0AIeXuVI3C+e+sYxlO6f/g7McbywQPRK4XY0bqTzwn7+A20F IAeeOQzGH7NBsj3d6zq9aui+lsH+EHWgmAKFnEaGuyKf6ZoYt6eAR3ao0Q7gafuN 99MTJ71wmfZd/hT9LmD9EMTxbrl74oAW2uZlKGR2iQcbscE8E4cEKNJ8VIVZI1gH 0xHZjQl2eZOWM7OwmBl3Sb8IMjQqDXiyYjAXdG8NuO1RwOyveVpa46KGlhvsvrd/ 1fbn7y9GlQ+eNeBcYJ/9mzpBqg35ljliwbuFrEirnIx6MbBAbvp7Lzy8Xnmz7pr4 BGbiNoPyFDzKW6vPOpXb14XXS802IZa1LsnVfOow4oopk5YbGJFCbsjBmmixNs6q uIdZjkg0AQtt9Jplu3EJQgSejcWYxDVAKX8jEHpvwVUA4oWeoffcAsYFbfrFR3P/ YPn2ZrGSZzL0Cz/1NBorb7o8ju7L/Ba/jKle9nuLTdkJ/DwnhxM/yYusZzDfT5kC 44Kq4oSQsjL/Yf8Euw98lRnw7j0974c1GWsFT55pM0G7y6dyMfXmT0asVW2FpQc4 uiGbY6yZDek6 =H6a+ -END PGP SIGNATURE- pgpYMKLXVNfzD.pgp Description: PGP signature
Accepted libapache2-mod-auth-openidc 2.4.12.3-2+deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 18 Apr 2024 14:20:00 +0200 Source: libapache2-mod-auth-openidc Architecture: source Version: 2.4.12.3-2+deb12u1 Distribution: bookworm Urgency: medium Maintainer: Moritz Schlarb Changed-By: Moritz Schlarb Closes: 1064183 Changes: libapache2-mod-auth-openidc (2.4.12.3-2+deb12u1) bookworm; urgency=medium . * CVE-2024-24814: Missing input validation on mod_auth_openidc_session_chunks cookie value made the server vulnerable to a Denial of Service (DoS) attack. If an attacker manipulated the value of the OpenIDC cookie to a very large integer like , the server struggled with the request for a long time and finally returned a 500 error. Making a few requests of this kind caused servers to become unresponsive, and so attackers could thereby craft requests that would make the server work very hard and/or crash with minimal effort. (Closes: #1064183) Checksums-Sha1: 48152d4f7c03317dc578ea4845a20c15cd315a75 2325 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u1.dsc 1c4e5d1781006ff9a29cfa350b15a776adf1cb1a 7764 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u1.debian.tar.xz f5624c86bc0ae6c1fe0bdf90dca4d35a6455dabc 8448 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u1_amd64.buildinfo Checksums-Sha256: 4f5904073b8562a7a3b982b01dd1c75c10f4b29e3d698abc9be4001fdd6e9e98 2325 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u1.dsc 2d12ef29195cc123400752e91eb61eb78d86762f22a312faff5ed7dd22db1064 7764 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u1.debian.tar.xz 2b0a6a9811ef289acdccf6a254604cba5fec1894f6986d807a2f3e0c18e25c61 8448 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u1_amd64.buildinfo Files: fd5cc9b4e7a18f975d121d49b88d4a26 2325 httpd optional libapache2-mod-auth-openidc_2.4.12.3-2+deb12u1.dsc 9f0659dc1a46f0b45c6473723ed86e69 7764 httpd optional libapache2-mod-auth-openidc_2.4.12.3-2+deb12u1.debian.tar.xz 176fdc1870d781962f19b40ab903356b 8448 httpd optional libapache2-mod-auth-openidc_2.4.12.3-2+deb12u1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQJKBAEBCgA0FiEE3wEiR7/GVQGv8oRFDCS4Qcfduq8FAmYhEu0WHHNjaGxhcmJt QHVuaS1tYWluei5kZQAKCRAMJLhBx926r6j8D/9Gopp36dLgy9ck9IG9vW3gB/qm 30/gR+smGLaEzu6Hf4YHu1qRl4Dz4LMgx3hKlG2bNAxEfzjmt56H+uWNRiiO90rz 8dAJVGVADm4M6VH6CAXeVe44YwI5Jo/9wVkzUWBANDgIXvC4+0iO7KHwM8X5tbyq cyJQrG99X1k2BSfbpZHje3bbg1bkFVu3uOOAqWpTaWGZweVjR2Ep7o+FdnDJvA5Q WKs0zfO7hxyHDUZYyiFqxJa4GTTYT9MWk/0BTD0qyRO8WAA20eENvoG3vkv0plUb HLhMM0847rYXEIxKLv58ao/Y1rGmDHbAeGqhUkvIuyemdT5yYO/bmDjQ+U9K6ZFA 2qO3vaz7qipDPRgzlouEXcjEwzjNavrQ9N7zLusraXVq4TZ3SQwr3St7th7TgLjz vd9DS63XyMu/BHAbNbxZvNBJbfS3ZeVhgjxkswq0i26XQId//KmR63B4l+llvabR 4dV73MYrH1lOOcMnfHYqxhgsWWH4dvCBmZGBZmqAVhRRj4xVcHVTfqVkj96U/N6/ ryLZUmv1MbcChzLIxegKWl9mk1bblX/mC12dUmwMP0IsT/ncJ1sF26H+Iv3wGsbi h8s6jjG7a/cAcFtU45ze7+uwTblo/7U35Ob+LgD46K9F4swYAV1u11gHm8N/EtbX ByktFjekB59YNfL9ag== =D0Nz -END PGP SIGNATURE- pgpQdSaS7TWmx.pgp Description: PGP signature
Accepted libtool 2.4.7-7~deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 09 Apr 2024 22:04:40 +0200 Source: libtool Architecture: source Version: 2.4.7-7~deb12u1 Distribution: bookworm Urgency: medium Maintainer: Alastair McKinstry Changed-By: Andreas Beckmann Closes: 1039583 1039612 1041229 Changes: libtool (2.4.7-7~deb12u1) bookworm; urgency=medium . * Non-maintainer upload. * Rebuild for bookworm. * Reinstate obsolete Breaks, Provides. . libtool (2.4.7-7) unstable; urgency=medium . * Remove obsolete Breaks: for oldstable, Provides: libltdl7-dev. * Replace Breaks: libltdl3-dev with Conflicts: libltdl3-dev. Thanks Andreas Beckmann. Closes: #1041229 . libtool (2.4.7-6) unstable; urgency=medium . * Incorrect check for += operator causes func_append to fail Patch from Ernesto Alfonso. Closes: #1039612 * Standards-Version: 4.6.2 * Add Breaks/Replaces on libtldl3-dev. Closes: #1039583 Checksums-Sha1: a6cd16cd9029c360d22fb0800bf36eec6c3b7d4e 2314 libtool_2.4.7-7~deb12u1.dsc 66bc345cd1d47f6b081091b98973f2658c3ff24e 41016 libtool_2.4.7-7~deb12u1.debian.tar.xz 31aff4212c73e5d0ff4ad8134eceda31a22c85e2 6296 libtool_2.4.7-7~deb12u1_source.buildinfo Checksums-Sha256: 4285486d14795acbc423442e183c976625f7d481ac0ec3a0ec1ff800046310c4 2314 libtool_2.4.7-7~deb12u1.dsc c9e5cb0a64b0d02976bcb02b554a565fbdc5da9aef036ecd66328d6230843dda 41016 libtool_2.4.7-7~deb12u1.debian.tar.xz 23b32a19c73770bb14645257e8a237e15b8da7600131045a2b51ffa9d4727ed9 6296 libtool_2.4.7-7~deb12u1_source.buildinfo Files: f316573efa903a845d26348f27a47ef0 2314 devel optional libtool_2.4.7-7~deb12u1.dsc c40bc74f5d89a4f84cd403b574f2c287 41016 devel optional libtool_2.4.7-7~deb12u1.debian.tar.xz c4e32d1a1911a0fbd165dc1a0f2ddd87 6296 devel optional libtool_2.4.7-7~deb12u1_source.buildinfo -BEGIN PGP SIGNATURE- iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmYVn8gQHGFuYmVAZGVi aWFuLm9yZwAKCRBfsz+TWentCDYZEACYUU1qYcnbwzbzsmNoxZVDq98nTEULKdvX HmUmTPiIebpnbMBIcLBuEeQOfzPgqmZC9jfeGextNWUjHasM72zaccOQhXpvYm1m yCQyy3Ulq/eZkAo09oKgBYQEZ6DfkGXVTOuCoExUb/FK7gRxWk6sodXsQpKITBiC 6IBwkUjLgmy1Cth8DkdIRRmV3vONLep3z3uEBs/U4b0OI+i9MlwzzT0fQmrhaCwj Fa3HRn9uU6JKS0mXnSMTU4eN/bzMAhsS3RyXNfkOo5wir3Sa4/Awbi0t/WLpg+nV pNaUVkFfsBMOcDXPcS/8UDJFu168R7bihL2IeWsgMRewfFrFRUKKuPyPC6QBnz11 SvCRoorncLdKMeKO/pg6PS59wuXVuZO2o/FR8g7v4hLN2Pps4I+bVbJ4rOY9bFsK +aJBFqALn7GoyPU0H+AurWTDPNOv/Q/UF1jZB1ZbERsCnX9yl2wCBJ1dTwkIbMKi teuF0lIr6YDTWlWeuL4oBkQd9hInzDB4V9NMzw6OLEFTdsF/GbylI9722lMyuRnu mwh+p7m59cTnGwcumVV3iKGEIghPdwGSinieFMEssVVjS4NwsZcLNkJl2nz6zOw5 U0Ea6HelooGoKDKPmrmL4qlWhSOs+BMWotmVFpF0kQ3DNiq2WJgFABRIpf5CZ0Ol 8Mo0zhGW1A== =i5oj -END PGP SIGNATURE- pgp2HVE1zP03s.pgp Description: PGP signature
Accepted u-boot 2023.01+dfsg-2+deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 18 Apr 2024 15:00:21 -0700 Source: u-boot Architecture: source Version: 2023.01+dfsg-2+deb12u1 Distribution: bookworm Urgency: medium Maintainer: Vagrant Cascadian Changed-By: Vagrant Cascadian Closes: 1061137 Changes: u-boot (2023.01+dfsg-2+deb12u1) bookworm; urgency=medium . * debian/patches: Apply fix from upstream for orion-timer, affecting sheevaplug and related platforms. (Closes: #1061137) Checksums-Sha1: 5ec85d7ebf1d4233ff16ec832579428175c5d50a 3041 u-boot_2023.01+dfsg-2+deb12u1.dsc e700489714b0477fa6e163b594bb90fe37a4fd60 50324 u-boot_2023.01+dfsg-2+deb12u1.debian.tar.xz f8696b91d2c60424dd10413274b5b045e0f53ec3 12319 u-boot_2023.01+dfsg-2+deb12u1_amd64.buildinfo Checksums-Sha256: 4892418326ecf56c5dba15289cc4df83e7cdaec4636a5781d72acfe7a4b74a7c 3041 u-boot_2023.01+dfsg-2+deb12u1.dsc 36999760b7899ad096c3d718a3750c06cd1692681cb77790f18962db5fe7a41f 50324 u-boot_2023.01+dfsg-2+deb12u1.debian.tar.xz e9974d80d6c74c4da98a7f257bfd48c9accbaaa84823e6eb45368d1c6d70bed9 12319 u-boot_2023.01+dfsg-2+deb12u1_amd64.buildinfo Files: c7c5c0fdddcc75b9c9f17f762cbdd151 3041 admin optional u-boot_2023.01+dfsg-2+deb12u1.dsc ccfaff71dac46a655df66f5d808b0c51 50324 admin optional u-boot_2023.01+dfsg-2+deb12u1.debian.tar.xz e5205d2cfcf0a74db16286e3d3baf50b 12319 admin optional u-boot_2023.01+dfsg-2+deb12u1_amd64.buildinfo -BEGIN PGP SIGNATURE- iIkEARYKADEWIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCZiGbBhMcdmFncmFudEBk ZWJpYW4ub3JnAAoJENxRj8h/lxaq0jcBAPEW2AtOBhcxnvq7Qv+eKxZmPaKBL9qx mWq7tg9fmyiLAPoC3omcaKi7m4NYqX8IpX4X/k16x2Dcq98gwBSq8NeFCA== =sisH -END PGP SIGNATURE- pgp34hoKWgHDD.pgp Description: PGP signature
Accepted amavisd-new 1:2.11.1-5+deb11u1 (source all) into oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 31 Mar 2024 18:16:32 +1100 Source: amavisd-new Binary: amavisd-new Architecture: source all Version: 1:2.11.1-5+deb11u1 Distribution: oldstable Urgency: medium Maintainer: Brian May Changed-By: Brian May Description: amavisd-new - Interface between MTA and virus scanner/content filters Changes: amavisd-new (1:2.11.1-5+deb11u1) oldstable; urgency=medium . * CVE-2024-28054: Handle multiple boundary parameters that contain conflicting values. Checksums-Sha1: d415617fe0aa1790144c1e51446346126c1fb6c5 2032 amavisd-new_2.11.1-5+deb11u1.dsc 3e74ca29978b2563f8612faca4309f1ca566f6a0 875204 amavisd-new_2.11.1.orig.tar.bz2 f04c6ff794f0bb2a432b6f418d17f3e83eea7778 61592 amavisd-new_2.11.1-5+deb11u1.debian.tar.xz b4f3a11b3e951b2e34a20f4993379936b5ba4caa 938204 amavisd-new_2.11.1-5+deb11u1_all.deb b0cf084ffebd67a6d595b12df4befeefa1a32332 6080 amavisd-new_2.11.1-5+deb11u1_amd64.buildinfo Checksums-Sha256: f52b2e9aea345dfede6a2ca12ec78d8f03bb0944cf445cc938dbcf83b878baea 2032 amavisd-new_2.11.1-5+deb11u1.dsc 91e5dbe55354abcca14cedb26cbfa221866d2f897b0a7180b6dabea0bb948ad8 875204 amavisd-new_2.11.1.orig.tar.bz2 d5988a6675d272a6aab99e6e15218cad307b02614f704ec0b59777d7a8f35991 61592 amavisd-new_2.11.1-5+deb11u1.debian.tar.xz 83fcd0da5c9cc8cd9a3a1e183e10ad93bf9cdf6d6aad0b155aa52ff9a18dc6e4 938204 amavisd-new_2.11.1-5+deb11u1_all.deb 53041c67b9105bf63e448b32e0eac2515a1d25a267d04b2dcc509db2c2831fee 6080 amavisd-new_2.11.1-5+deb11u1_amd64.buildinfo Files: 125ece3106f541fc5979e9abe35d0401 2032 mail optional amavisd-new_2.11.1-5+deb11u1.dsc f89fc043c790e35137121e45f2890703 875204 mail optional amavisd-new_2.11.1.orig.tar.bz2 1685ccb39b25c9797c67cb9f7556320b 61592 mail optional amavisd-new_2.11.1-5+deb11u1.debian.tar.xz 3b47f257c2d3358936dc0d0a83b50f5f 938204 mail optional amavisd-new_2.11.1-5+deb11u1_all.deb 2e8d012bed851fb60ebf2771bbe0eb2f 6080 mail optional amavisd-new_2.11.1-5+deb11u1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQJDBAEBCgAtFiEEKpwfR8DOwu5vyB4TKpJZkldkSvoFAmYMgIIPHGJhbUBkZWJp YW4ub3JnAAoJECqSWZJXZEr6H4sQAItbimT0M6f46I75wRltazOUVcJw8LCIjK28 QBLJdZpZ9RrZQpSz6aukrdoM3Zf/4RQMsX9PPyxdEroQnObyw9PbNNtVXhcLpNH1 7n4/9KKkYxu9+9k6BT72NN/TwkiWBYrt/s1M6HihIwI8rBjKSilmr4jAMKuCW05w INkOPSgiXmdc7a84UQehV/1nI8eWmsOmVJkmoyaSH/LqjY1z8brXcZRDdOQspH4i B+flhyEE31CGNQLGLEoW4KkgQ4FxRA3ArwpHr4ssyTiHp7QiTJQyuUPcoMtC8sJX zAD8qtcLQ51tVA6lB2oUAIXGASaQRSS6s+zGTL3cuh+V+oJKOaLOdZ0/DlYDUsJN sVTuxa7y9WNo8wDAmrlq0dP2yUE9cDWBFf+ovurW34/E5v4vftxKaAFKP9ooRd/A fQYSYhJI6GUcXdJI51uQAYqViJfW4aTC0PJBJMEU2bDQqsbZGiw1Zb70jQrNPgn3 VvKX4fNCy7yZDMVnu0rv6xcEk6CNhs5xasphSKLB7gojZ+AEoteIf4Q0/MYTH3M4 6/+N6fYksxnas/O1MLMS9PP6JRbGhj00YSPNdItw9IHao0di7PT/ZL1xcS/y1RqI Hj9XGRnVwt9U8CKsBratzRgmXzeHHgOCf+GKqtlxrNWvEbTwdeXHfO0I1/wbARf5 NcW6cKGR =eRPF -END PGP SIGNATURE- pgpxcxq7vI9to.pgp Description: PGP signature
Accepted guix 1.4.0-3+deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 17 Apr 2024 14:23:27 -0700 Source: guix Architecture: source Version: 1.4.0-3+deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: Vagrant Cascadian Changed-By: Vagrant Cascadian Closes: 1066113 Changes: guix (1.4.0-3+deb12u1) bookworm-security; urgency=medium . * debian/patches: guix-daemon: Protect against file descriptor escape when building fixed-output derivations (CVE-2024-27297). (Closes: #1066113) Checksums-Sha1: 1575901846c9f03abed91fff6281294f998f07a7 1893 guix_1.4.0-3+deb12u1.dsc 0d36f7907db883b775b2e4bf5a527ba59ee6778a 40563275 guix_1.4.0.orig.tar.gz 8e6b53fee0cc17a0c302432a89386017850bbbdf 833 guix_1.4.0.orig.tar.gz.asc 7c538b9dc13c6b54a2e795e02c84fe44872b0a2c 59800 guix_1.4.0-3+deb12u1.debian.tar.xz 24efc6808dc59cea517e45fae50713837fe2b044 11054 guix_1.4.0-3+deb12u1_amd64.buildinfo Checksums-Sha256: a4419520bb5829aa2ce25ee4e809e154d84ed98456b6b7c5d97f8a44b6499156 1893 guix_1.4.0-3+deb12u1.dsc 43c769cbf632ef05449ac1fa48c1ba152c33494c6abc7e47137bba7b2149f8a4 40563275 guix_1.4.0.orig.tar.gz b30c7e63048c3fe4e72d6146f107e55e27d1ea1eb5bc7fd8818f20a1a32c8e10 833 guix_1.4.0.orig.tar.gz.asc e716f6f46e3185404a247f125e3add8b44252d337df87063f95f08eb95032bee 59800 guix_1.4.0-3+deb12u1.debian.tar.xz 43e5f9fe33c0142c2fa8a084258192224c2ef7d9262988e0d95a03f1c5b87bd6 11054 guix_1.4.0-3+deb12u1_amd64.buildinfo Files: 2f2cfa48595274d40bfb4d3739b1c69f 1893 admin optional guix_1.4.0-3+deb12u1.dsc 740b0afa9a9eac622ea5fecc06737429 40563275 admin optional guix_1.4.0.orig.tar.gz 8c6f80b9dfbb77bb656b3e0f5187baa7 833 admin optional guix_1.4.0.orig.tar.gz.asc 846aab762bf3898373cabf643096089d 59800 admin optional guix_1.4.0-3+deb12u1.debian.tar.xz f9f74f69d2f560722f74348a028873c5 11054 admin optional guix_1.4.0-3+deb12u1_amd64.buildinfo -BEGIN PGP SIGNATURE- iIkEARYKADEWIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCZiBOMhMcdmFncmFudEBk ZWJpYW4ub3JnAAoJENxRj8h/lxaqGSAA/RcoMfE+qkYE7d3Wh+YE3zE2RatXebkB WvE+GdL5intnAP9nIyOTtU6BCXBsKecybQYsYxAFQeg3XXYF1LczsOITCw== =jr55 -END PGP SIGNATURE- pgp1SW1tTyVFS.pgp Description: PGP signature
Accepted thunderbird 1:115.10.1-1~deb12u1 (source) into proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 21 Apr 2024 10:16:07 +0200 Source: thunderbird Architecture: source Version: 1:115.10.1-1~deb12u1 Distribution: bookworm-security Urgency: medium Maintainer: Carsten Schoenert Changed-By: Carsten Schoenert Changes: thunderbird (1:115.10.1-1~deb12u1) bookworm-security; urgency=medium . * Rebuild for bookworm-security Checksums-Sha1: 1edb473df9b98b61b2eb86fe079ab1b14f5225ec 8485 thunderbird_115.10.1-1~deb12u1.dsc 10c1831b356931e4c3fc6c7f417906d2628f9cb1 13012840 thunderbird_115.10.1.orig-thunderbird-l10n.tar.xz 1d19a8ceee2335dd5fe15c1f49bbbeea9d02e11a 554681316 thunderbird_115.10.1.orig.tar.xz dc7e27be252cf2206d42a884ad9d43cd982177fd 545804 thunderbird_115.10.1-1~deb12u1.debian.tar.xz Checksums-Sha256: 3bf9c89472f6d24303faa95e10704523a4d177d530de49b92361cc4b52cf80c2 8485 thunderbird_115.10.1-1~deb12u1.dsc f29941558f252eec961b57dcfa3adab58b87d64a90162364783c799f21779dd9 13012840 thunderbird_115.10.1.orig-thunderbird-l10n.tar.xz 5c1d09b1f89a82ce2ec2c4ea8f86f04b0c00183d8b492936d7452e4b4a991ba4 554681316 thunderbird_115.10.1.orig.tar.xz 6e84b3e51db658dcf295b4bb81d884a32997a372b50925e76085ffbd1f6e165d 545804 thunderbird_115.10.1-1~deb12u1.debian.tar.xz Files: 32c0723834f69106a0e38986cade7f17 8485 mail optional thunderbird_115.10.1-1~deb12u1.dsc ae0a35287182fd7bba4c71e421db0282 13012840 mail optional thunderbird_115.10.1.orig-thunderbird-l10n.tar.xz cdb15941abd8ac62888af1f6b2f8230f 554681316 mail optional thunderbird_115.10.1.orig.tar.xz 82d1080b005437ebe9fe723568dde264 545804 mail optional thunderbird_115.10.1-1~deb12u1.debian.tar.xz -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEtw38bxNP7PwBHmKqgwFgFCUdHbAFAmYk6HQACgkQgwFgFCUd HbCEyQ/9Fppl8GboSUpXrNnPFBg2NkbrHGgW4FWxHCyZ7JQsM+Fc7o/mThzARCh9 2ue7Go1BNRYme62RCvmXxBFrpex6x/dd2vIJSSWUysQKQVm54q+S3Mg+1qbcpwjP ZoGqlwFfNxhzASF0D7IP1hYbB3yTQRFmiecyJlBOOhjqzhG/RGTQLn2xqkwxf0wX fczHmiImobG5AADt7BwsbTP1r2MDXUnLXaUnUVppgsPmuM30bKjBMgMrk9my4sPm bOJdjoF1yuP6t2PQO47+R30qZrxeuDtllQm2CV5jJa58Y/S9CsHQ3hUJtb9aoYvG gSwUGXCj240j49eQ3vgBWzt6j/tSX1c213j7SHBkB340PcXrvRjC+YH8xU8lh8l6 wTqgxuXJBVwPPKHsHhvPGi8kaj9YQRayrMn2bB4+f9PRRSHMo+46FH1V2RqwSVv2 uWLN/elam3mZjkO/FghFY3fRYcCyS+YRkEmsYuTIxw074OhyyfeBWX2iC2G7Is8S y9Lre0b/WgiFacK8NRSIZKpFuawZKfD30rIcjzkL1Q/Fygj8N42hVf7J6eqnphyJ 7u4EFgYPzO5jfr/ZXXIj6SkWCoG8n8HGcGJ9QrYwMDpTS4e7zL5E8TMnl//9r0a1 9Bnz/RHZVGahzl64R3e2lq0tvejKfLOzGGcG52NfQMy1vmvkXLU= =FHnD -END PGP SIGNATURE- pgpqXOmeoDQi7.pgp Description: PGP signature
Accepted imlib2 1.7.1-2+deb11u1 (source) into oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 06 Apr 2024 22:40:50 +0200 Source: imlib2 Architecture: source Version: 1.7.1-2+deb11u1 Distribution: bullseye Urgency: medium Maintainer: Markus Koschany Changed-By: Markus Koschany Changes: imlib2 (1.7.1-2+deb11u1) bullseye; urgency=medium . * Fix CVE-2024-25447 and CVE-2024-25448 and CVE-2024-25450. A heap-buffer overflow vulnerability was discovered in imlib2 when using the tgaflip function in loader_tga.c Checksums-Sha1: 8dacf75d3fda25c67c61a4c0e8e65b2971823e6f 2277 imlib2_1.7.1-2+deb11u1.dsc b5fa53aea7e7a8424b6d1c1292a638ad31c2b3a5 11400 imlib2_1.7.1-2+deb11u1.debian.tar.xz bcdafcc80364c96b0b94ea9529c3928c3f9373ac 8757 imlib2_1.7.1-2+deb11u1_amd64.buildinfo Checksums-Sha256: 37e2c99008ce93cdd0c0c6c258c17fa137d55cd21d4f7f72f84c0b2166d6b26f 2277 imlib2_1.7.1-2+deb11u1.dsc 6cdb80e4e08a0806f43531300f086a91ccb5fdd7dc516c66ff6c0998af389f85 11400 imlib2_1.7.1-2+deb11u1.debian.tar.xz 08a00eb22a111f16cbef3661709115648130a20fe5cb593e5869e806583383c0 8757 imlib2_1.7.1-2+deb11u1_amd64.buildinfo Files: 76a7da4caa8c20fa652f6119e60c4401 2277 libs optional imlib2_1.7.1-2+deb11u1.dsc 7cd91006abdcadcc25e6218fa2eac9f5 11400 libs optional imlib2_1.7.1-2+deb11u1.debian.tar.xz 6cb177bfdafd3c58bc0d8349c5635fb4 8757 libs optional imlib2_1.7.1-2+deb11u1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmYRtI9fFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkOgwP/0eH8aCKM+QlanChKeLA+M6B7D1n2cLfmrxx vs3SumSj2Rj72F2Oib408x9dOf4yG9pSAFGks++6EHbeqYhAhlGqVH7fnw2hz6uy BMuVJbcYZBghX3tWzjSVzyRP3Opg0Lfi86dniDyVNYX2XdeJr4plENKMFDITJ3Ua Y9jh2PlwgWLl9JzrkX7BZSj9DfOLXaUCfhXN8zVnGzPpEyv5Mvl0vP8++CiHKowN 94tWPsCvTz6/R3oWRRg277/w11IyaebsJoc+hbCgx8tqhVnwWNcP8xYRSU6cyu63 b3l+xbwpiTGC5KIpGo2rA8V82GX5NuzW5w11qP1vtq/7/FXpERCjnASXUjLDqhUL TeSxnBqBCze0XAeiU1wRSQ/O1naWMsvG6f24OfRoKND/6RFv1bY1gPUl1673TUNv ij/amDWFileRTxqPKo2vY2faYow0uCRfYfDn1CyWYx8ngSIpYQFTKDGwJ2TfHWUx gDuiiKrf2IwL6racp+hUGxHKWdM8lKEDUsQXioJUSrWvhFUHVzkwuRJVqgMFNSg8 9YwiEiTByox5oBfeQfG7+YmudNvtAX2DvWWblTamgfxp4Uq4bp+G4gRZ7w2opP/x nyFqGcYaNZPikmOym2Mkp1rpjjj1EX5j6/TX6amiFR9MJGgEYTTOE7+GFQ9Sq9wl dGS2jJC1 =wryc -END PGP SIGNATURE- pgp0MjnvK0F_0.pgp Description: PGP signature
Accepted libapache2-mod-auth-openidc 2.4.9.4-0+deb11u4 (source) into oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 18 Apr 2024 14:27:26 +0200 Source: libapache2-mod-auth-openidc Architecture: source Version: 2.4.9.4-0+deb11u4 Distribution: bullseye Urgency: high Maintainer: Moritz Schlarb Changed-By: Moritz Schlarb Closes: 1064183 Changes: libapache2-mod-auth-openidc (2.4.9.4-0+deb11u4) bullseye; urgency=high . * CVE-2024-24814: Missing input validation on mod_auth_openidc_session_chunks cookie value made the server vulnerable to a Denial of Service (DoS) attack. If an attacker manipulated the value of the OpenIDC cookie to a very large integer like , the server struggled with the request for a long time and finally returned a 500 error. Making a few requests of this kind caused servers to become unresponsive, and so attackers could thereby craft requests that would make the server work very hard and/or crash with minimal effort. (Closes: #1064183) Checksums-Sha1: 59075b190efed8b5b0acc91beb6719f72950f871 2560 libapache2-mod-auth-openidc_2.4.9.4-0+deb11u4.dsc c2547eb068c4cf808254e22084bf38863ed65927 8180 libapache2-mod-auth-openidc_2.4.9.4-0+deb11u4.debian.tar.xz 5b57962345ba44d775627aa58e67c23270996c32 8775 libapache2-mod-auth-openidc_2.4.9.4-0+deb11u4_amd64.buildinfo Checksums-Sha256: fdfdf2d1e8f29d9aeecc447f752f9d6c8fd197a17f41e9928bb0c9520cbc6095 2560 libapache2-mod-auth-openidc_2.4.9.4-0+deb11u4.dsc e180e64cb72b19bbb55a9b17ee6c9b6157b6ee79b0e38fee4f3af08be0de9656 8180 libapache2-mod-auth-openidc_2.4.9.4-0+deb11u4.debian.tar.xz 7163bc3c51b761633c1dee6881d715342daad6817f4afad1c9d7093765ada122 8775 libapache2-mod-auth-openidc_2.4.9.4-0+deb11u4_amd64.buildinfo Files: db3f551e27cc7eb67b79ae17934e027b 2560 httpd optional libapache2-mod-auth-openidc_2.4.9.4-0+deb11u4.dsc e6225a8e4af69e90ca7ed50d884358a6 8180 httpd optional libapache2-mod-auth-openidc_2.4.9.4-0+deb11u4.debian.tar.xz 645b146646668d77485825efad8fcb2a 8775 httpd optional libapache2-mod-auth-openidc_2.4.9.4-0+deb11u4_amd64.buildinfo -BEGIN PGP SIGNATURE- iQJKBAEBCgA0FiEE3wEiR7/GVQGv8oRFDCS4Qcfduq8FAmYhEhAWHHNjaGxhcmJt QHVuaS1tYWluei5kZQAKCRAMJLhBx926r+JaEACGpXKn4dQQBUzRzfHpy7I+h6d+ KhrZkahzHob6pesxyOhW6d+mbBYyaqzk7HTprOo1Xtu0mr5AvPnyJPkQQdoG6nmb COTbSyuIOKtykC28eTjm9nqcECm4NCNhCKeNocS0HXJr8juQvbmR6tb0u1sQt/WY nmrK1RPJFb7VaJw5lwVcCOUgFLD6SCfglVOxORFkmiU6btxM/soJvATYzDW4hPY8 z2awnGK4oQrREYB61OhbxvzS6aEfpPNWVcrGxlHsDXbKjcjq/DsnEcxN/1TVnjYR ehVKJjKhRL/sqsn5xoWPr3Yd2i4KsW7yXEmW6St3RvW5fhoL4ufAfWFFCYB3TX8r AlQZSaoW+kxuAVTlNp3X4syIibzOsRRq/TVRIFNkwFjCDMmKARARSmbg//NoVQqD 2/PYRjFr4WtDFqfnezGGtQHwocoRGDxlyD+FDTjmZq676E5vexpq1s6Dy5Pz6BJE 00Onbmqn8dN23ojD+SdKYwR2CQbLIkpnXx0voa5Hd7EeqqPdeKm1jmuEQjlSJM0T JQ8z4TBJvffeUCC7XxvHo/w3a5fVOipIcpg9VpQd+Bh2Of06Jk2W8Cr4yi1AW5Kx T1Pi0+a/q50JSeobrSpHgTRnW9ikhb0clFpAe445wEV70529ncFUmfG0CNS6PmaE 3ujZ3jN+aB2PDK6dxA== =buzI -END PGP SIGNATURE- pgpHrZDTROpSj.pgp Description: PGP signature
Accepted postfix 3.5.25-0+deb11u1 (source) into oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 09 Mar 2024 10:38:51 -0500 Source: postfix Architecture: source Version: 3.5.25-0+deb11u1 Distribution: bullseye Urgency: medium Maintainer: LaMont Jones Changed-By: Scott Kitterman Changes: postfix (3.5.25-0+deb11u1) bullseye; urgency=medium . [Wietse Venema] . * 3.5.25 - Bugfix (defect introduced: Postfix 2.3, date 20051222): the Dovecot auth client did not reset the 'reason' from a previous Dovecot auth service response, before parsing the next Dovecot auth server response in the same SMTP session. Reported by Stephan Bosch, File: xsasl/xsasl_dovecot_server.c. - Cleanup: Postfix SMTP server response with an empty authentication failure reason. File: smtpd/smtpd_sasl_glue.c. - Bugfix (defect introduced: Postfix 3.1, date: 20151128): "postqueue -j" produced broken JSON when escaping a control character as \u. Found during code maintenance. File: postqueue/showq_json.c. - Cleanup: posttls-finger certificate match expectations for all TLS security levels, including warnings for levels that don't implement certificate matching. Viktor Dukhovni. File: posttls-finger.c. - Bugfix (defect introduced: Postfix 2.3): after prepending a message header with a Postfix access table PREPEND action, a Milter request to delete or update an existing header could have no effect, or it could target the wrong instance of an existing header. Root cause: the fix dated 20141018 for the Postfix Milter client was incomplete. The client did correctly hide the first, Postfix-generated, Received: header when sending message header information to a Milter with the smfi_header() application callback function, but it was still hiding the first header (instead of the first Received: header) when handling requests from a Milter to delete or update an existing header. Problem report by Carlos Velasco. This change was verified to have no effect on requests from a Milter to add or insert a header. File: cleanup/cleanup_milter.c. - Workaround: tlsmgr logfile spam. Some OS lies under load: it says that a socket is readable, then it says that the socket has unread data, and then it says that read returns EOF, causing Postfix to spam the log with a warning message. File: tlsmgr/tlsmgr.c. - Bugfix (defect introduced: Postfix 3.4): the SMTP server's BDAT command handler could be tricked to read $message_size_limit bytes into memory. Found during code maintenance. File: smtpd/smtpd.c. - Performance: eliminate worst-case behavior where the queue manager defers delivery to all destinations over a specific delivery transport, after only a single delivery agent failure. The scheduler now throttles one destination, and allows deliveries to other destinations to keep making progress. Files: *qmgr/qmgr_deliver.c. - Safety: drop and log over-size DNS responses resulting in more than 100 records. This 20x larger than the number of server addresses that the Postfix SMTP client is willing to consider when delivering mail, and is well below the number of records that could cause a tail recursion crash in dns_rr_append() as reported by Toshifumi Sakaguchi. This also limits the number of DNS requests from check_*_*_access restrictions. Files: dns/dns.h, dns/dns_lookup.c, dns/dns_rr.c, dns/test_dns_lookup.c, posttls-finger/posttls-finger.c, smtp/smtp_addr.c, smtpd/smtpd_check.c. Checksums-Sha1: 1257eba1cfe6297467ff561d1fc7f00bec0d2c9d 3039 postfix_3.5.25-0+deb11u1.dsc f4113ea664e9b240ec11e64799c06f9e0650e2d5 4660537 postfix_3.5.25.orig.tar.gz aa0e4b11babb2db0c211131670b5294010d6e9b2 220 postfix_3.5.25.orig.tar.gz.asc 93cf6295540636d7fed5c5d04c9e9658c74b59c0 212404 postfix_3.5.25-0+deb11u1.debian.tar.xz 37cad9dec398aa57e8bb6adca95b756458c9ee4a 7462 postfix_3.5.25-0+deb11u1_source.buildinfo Checksums-Sha256: 35d7d5ac0b26bcfc9d85b73724031fc70b3e09c35c30bc3c13b3fe2cc0e93fc5 3039 postfix_3.5.25-0+deb11u1.dsc 618bd4de7aab3d14763eed93d937a8ebf72cfa186a26751e7463748d78b779d8 4660537 postfix_3.5.25.orig.tar.gz a8af9bf04470cea2b1bb7f2b1c60a27258130ecde2ebecfaf67d92b0c30be856 220 postfix_3.5.25.orig.tar.gz.asc a9d8e0d716f1704e85c5892edd2c6441f139964459689c64ceb1d35c53c9 212404 postfix_3.5.25-0+deb11u1.debian.tar.xz e35072be5e6b102ebc551f45ae44947d6a2422432d4a338f1e301f0f948674d1 7462 postfix_3.5.25-0+deb11u1_source.buildinfo Files: c651b271787f5f96862978dbc27ebe69 3039 mail optional postfix_3.5.25-0+deb11u1.dsc 0849a4b2fff023fac1647ed3c5ba1e9d 4660537 mail optional postfix_3.5.25.orig.tar.gz e35958f5a953d319c9e61d33d633d2d9 220 mail optional postfix_3.5.25.orig.tar.gz.asc fa975deeb76e93855f22d48a2f84
Accepted guix 1.2.0-4+deb11u2 (source) into oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 17 Apr 2024 15:39:38 -0700 Source: guix Architecture: source Version: 1.2.0-4+deb11u2 Distribution: bullseye-security Urgency: medium Maintainer: Vagrant Cascadian Changed-By: Vagrant Cascadian Closes: 1066113 Changes: guix (1.2.0-4+deb11u2) bullseye-security; urgency=medium . * debian/patches: guix-daemon: Protect against file descriptor escape when building fixed-output derivations (CVE-2024-27297). (Closes: #1066113) Checksums-Sha1: 28b4569f128da111e30db1dd880c7553a157522a 1810 guix_1.2.0-4+deb11u2.dsc 9245bd579c15a089fecb4fde0d9e2fc43af4e0fa 30564986 guix_1.2.0.orig.tar.gz e34806e9aef744309a6901ee70299b96a25f455c 833 guix_1.2.0.orig.tar.gz.asc 881577cdea7ff9de3e8107faf37e8753e2fac35f 40996 guix_1.2.0-4+deb11u2.debian.tar.xz 057d4000fdbf4bf010fc1d60c39ba1a90caca163 10498 guix_1.2.0-4+deb11u2_amd64.buildinfo Checksums-Sha256: 365f2076c2f421edc202522f146b79df4b3a3797a5eb25790ef9222c6f00458e 1810 guix_1.2.0-4+deb11u2.dsc 5ecdf7ced25b1fb0ca7c57e794b7b60c8a7adcb15261dec2af37925c838c6d74 30564986 guix_1.2.0.orig.tar.gz e278e3aba3fe9acd35aa6586933d940f0c847ccfb6d1370cb5c4f754732d2fb6 833 guix_1.2.0.orig.tar.gz.asc 05e9b181607c3e07a65f43223a2c600651ec8b32fbe6faf0db895d339576e158 40996 guix_1.2.0-4+deb11u2.debian.tar.xz 14ecbba7b1bf646546d99ec53e727e3664c10c21d43d34f3ad068d1647bcedb1 10498 guix_1.2.0-4+deb11u2_amd64.buildinfo Files: e685bc2cbdcb0a9172008a20ef634536 1810 admin optional guix_1.2.0-4+deb11u2.dsc f11073e551eaf9ae7119cd90671c0d90 30564986 admin optional guix_1.2.0.orig.tar.gz bbed756aaf1d8303a14cc9b5fdc05066 833 admin optional guix_1.2.0.orig.tar.gz.asc d09141d2b754aff550b959148df45994 40996 admin optional guix_1.2.0-4+deb11u2.debian.tar.xz fbe95bfe922c77ccbace88ff1eb1b089 10498 admin optional guix_1.2.0-4+deb11u2_amd64.buildinfo -BEGIN PGP SIGNATURE- iIkEARYKADEWIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCZiBcfRMcdmFncmFudEBk ZWJpYW4ub3JnAAoJENxRj8h/lxaqZpABAIAoNFxOkzrGMIcT75zxlhwwYqM4J07t k+iYYQ45njCpAQCNH089MIj0Xu1Fp4S+7N7ORPlWPCtmodKk0DxldRe6CA== =d+ze -END PGP SIGNATURE- pgpRW4yNbScOp.pgp Description: PGP signature
