Accepted mumble 1.2.18-1+deb9u1 (source) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 04 Mar 2019 23:42:33 + Source: mumble Binary: mumble mumble-server mumble-dbg Architecture: source Version: 1.2.18-1+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Christopher Knadle Changed-By: Christopher Knadle Description: mumble - Low latency encrypted VoIP client mumble-dbg - Low latency encrypted VoIP client (debugging symbols) mumble-server - Low latency encrypted VoIP server Changes: mumble (1.2.18-1+deb9u1) stretch-security; urgency=high . * debian/patches: - Add 60-fix-message-flood.diff to fix instability and crash due to message flooding Thanks to "the zombi community" for finding the bug, committing a fix upstream, and contacting me to fix the issue in Debian - Add 61-configurable-rate-limit.diff to make message rate limit configurable Checksums-Sha1: e3e70f5acd60d53ff96339c56a375f47d7792a13 2370 mumble_1.2.18-1+deb9u1.dsc 28cb93e590f9a524fc15af047a7e55e721512152 3210749 mumble_1.2.18.orig.tar.gz 05f8cf59d5a388ebecb8ace69402126faaa3d49c 41328 mumble_1.2.18-1+deb9u1.debian.tar.xz 2d141b9c8b7c07b145aff1becfba5ec2d9b4 5764 mumble_1.2.18-1+deb9u1_source.buildinfo Checksums-Sha256: 587cc47fc7c6abd8573460cc1471a8215504a68b903786efeb007d642e4360d9 2370 mumble_1.2.18-1+deb9u1.dsc e0f7acc82691b9090e5d10a23ff4a7ceb9affe429b8f5221a9766129dc6f55aa 3210749 mumble_1.2.18.orig.tar.gz 4a78aaf969e6d2240c394ba4bc1fd9c7d2e49acc0896fb43848143e32b556647 41328 mumble_1.2.18-1+deb9u1.debian.tar.xz 96b0a11aaff5c28c3d861ea462e1fe0efd7a5958cce1ce28e258762322afe38f 5764 mumble_1.2.18-1+deb9u1_source.buildinfo Files: b83aa54e8fe20a7f4ec0ae50f59ea3c5 2370 sound optional mumble_1.2.18-1+deb9u1.dsc 3c448632142e0f38e693250965e8b6b1 3210749 sound optional mumble_1.2.18.orig.tar.gz 3403e3f5d27149d6ae1518dcf04de08b 41328 sound optional mumble_1.2.18-1+deb9u1.debian.tar.xz 7ac83b2128be16efcb50cb8fbda38d7b 5764 sound optional mumble_1.2.18-1+deb9u1_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEe1KzyGmRW/4DhtV6ieLKD9m6RHAFAlx9urUACgkQieLKD9m6 RHB+Lg//Yng4MCx2eZFFd40vhzDXfnsmNAk+BA1hMEomRDXTChEP1Q10cEGfxEgQ X1TsS04mEpD+4hSg4Yzb/8qNXldcBISs72drKeacACc0pY/KpFqgymUKCdaH14RO GvTpdawLAjjFH3o0veWcEo1aw6ZCkGUKjP2aRV4IoPY/ZLpQJRSYAZ4oBuv+rIbn TDcJvwEo4Gk0lYmeNAevVaWigRl7Yq9u2xMksJMw/g6ZsJYdrejJY+ZPUbGW/1rT gKO1pXgrihQUfBvx0AX1XTcVf3Vyc4UcJCAEJrqae+emUmktX/YWgNUxLLvTME0j fpV56XvY8c73+y65NgR6D0bktvDznJSOlhJROfzKy12QVVY9NcuCoturwzP6Z/T1 VwL+nz/DWDDX/0v0MVoLSx4w61KR6PSHug2Lcj8o4xFFN9uSrmAfL0JBodceN+pB 3OpsNiEb3XYHbPmJW5XrHh0IVMbPIpSuxiwrFc4lu93DHwc4bSHaFNl5czZOIUMw FcSZsrodwqgTI6BEtPoCggtTKN1t5XOzURFpIF/OwOFgE5So434YmOvj47RZAvk7 1wfnDdNStIDeESpU0OWE/02BzaOgggPdmFvcEAUfduntMwIbKDZY2QDNbLEktPfc PnOZsmc9CogKBrOZbA55ONU2jYI1swLY6ULDN6NGgPbT0L2rHso= =XDDp -END PGP SIGNATURE-
Accepted libssh 0.6.3-4+deb8u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 23 Nov 2015 08:43:19 -0500 Source: libssh Binary: libssh-4 libssh-gcrypt-4 libssh-dev libssh-gcrypt-dev libssh-dbg libssh-doc Architecture: source amd64 all Version: 0.6.3-4+deb8u1 Distribution: jessie Urgency: medium Maintainer: Laurent Bigonville Changed-By: Christopher Knadle Description: libssh-4 - tiny C SSH library (OpenSSL flavor) libssh-dbg - tiny C SSH library. Debug symbols libssh-dev - tiny C SSH library. Development files (OpenSSL flavor) libssh-doc - tiny C SSH library. Documentation files libssh-gcrypt-4 - tiny C SSH library (gcrypt flavor) libssh-gcrypt-dev - tiny C SSH library. Development files (gcrypt flavor) Closes: 784404 Changes: libssh (0.6.3-4+deb8u1) jessie; urgency=medium . * Non-maintainer upload. * debian/patches: - Add 0002_CVE-2015-3146.patch Fix "null pointer dereference due to a logical error in the handling of a SSH_MSG_NEWKEYS and KEXDH_REPLY packets" (Closes: #784404, CVE-2015-3146) Checksums-Sha1: b8592e0e0a4e88fdd351dce49dc38f17325e5611 2450 libssh_0.6.3-4+deb8u1.dsc 3b0a4f836973417e875404a792275e997f729d37 18360 libssh_0.6.3-4+deb8u1.debian.tar.xz fb00b30fd52be86459cd212c3fb0678725bd5ea4 129026 libssh-4_0.6.3-4+deb8u1_amd64.deb 0a42856bc24eceed37e7ba0b5d7ef7240996c3f7 128686 libssh-gcrypt-4_0.6.3-4+deb8u1_amd64.deb 0ccd7d117e39fcdf0e83605741e240b8e62bee77 161456 libssh-dev_0.6.3-4+deb8u1_amd64.deb 798a00b9bff09d846ca90792246d3f2cb71fd9ad 161396 libssh-gcrypt-dev_0.6.3-4+deb8u1_amd64.deb 9db0021514e2f9f18fd9da97aaff0ff30cf1a192 765856 libssh-dbg_0.6.3-4+deb8u1_amd64.deb d9dc90e79be8d975b92663f9df19b0e1457ccea6 199658 libssh-doc_0.6.3-4+deb8u1_all.deb Checksums-Sha256: 58ec2e3dc707522d0f9c2114ee703ed73c428f680a018186c7dda75111da7e2c 2450 libssh_0.6.3-4+deb8u1.dsc 7c98ac0ed6c28faad4faa328341d353bbd72937388531cf6d11773ea79a0e714 18360 libssh_0.6.3-4+deb8u1.debian.tar.xz 574163c31b3d4ed595386d3539d4b07fcacf3cb98d6a2ff32718a1a58f455d33 129026 libssh-4_0.6.3-4+deb8u1_amd64.deb 9b94c245445eae91f3cc2e55e33f292e7493c22174921301677f2cdd8aa6c645 128686 libssh-gcrypt-4_0.6.3-4+deb8u1_amd64.deb fe1256af0b7217e000b82959c81ea083e4e1c12729e927357ca2ce3f7d458774 161456 libssh-dev_0.6.3-4+deb8u1_amd64.deb 6f95df26c042815b0d2a444aed712e08ca52a5b8d7f238ef170050f4377f9d9a 161396 libssh-gcrypt-dev_0.6.3-4+deb8u1_amd64.deb 369f71b319940add27eecd0cb3ab354c9592c96efe9e4673ea21cc4de055ecf9 765856 libssh-dbg_0.6.3-4+deb8u1_amd64.deb 432ad5bce5f62d77b1da3b7ac2b36ad6873b51a31d5fecf6239c10dad2c80e3e 199658 libssh-doc_0.6.3-4+deb8u1_all.deb Files: caf595b6548404101713a7f3512f29da 2450 libs optional libssh_0.6.3-4+deb8u1.dsc f839168cda0209bb84e08de26bbcd25c 18360 libs optional libssh_0.6.3-4+deb8u1.debian.tar.xz 0acd80280d9852132ffbdf2aa6056b6b 129026 libs optional libssh-4_0.6.3-4+deb8u1_amd64.deb 95dc50139bd266e081023e3a1553f91a 128686 libs optional libssh-gcrypt-4_0.6.3-4+deb8u1_amd64.deb 8c9e7eff12c86c4ca45a8be350cdd414 161456 libdevel optional libssh-dev_0.6.3-4+deb8u1_amd64.deb 7eba9230e83595d575c44c2e3a1a60a1 161396 libdevel optional libssh-gcrypt-dev_0.6.3-4+deb8u1_amd64.deb 4914b2bea0add963bd78ac31c84daa29 765856 debug extra libssh-dbg_0.6.3-4+deb8u1_amd64.deb 0bff151e261cb0471ef58eac126e2caa 199658 doc optional libssh-doc_0.6.3-4+deb8u1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQJ8BAEBCgBmBQJWgGb0XxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXREMUUxMzE2RTkzQTc2MEE4MTA0RDg1RkFC QjNBNjgwMTg2NDlBQTA2AAoJELs6aAGGSaoGowgP/0yug5FSBM3NsHdkVjckMtoU EMiHN8RN/73t7+v0j8dbghKhml1Wry0MHgku9EUnKHn0pu2hFiU8saHxcroXD53+ JOavtnwp39HRUt3mZ9FjDs/RPgBZj7zcLj6zJh7FF4Fjt5/srhVN2f4SOeayztoP Zonj8rC/eOWXW++5lkb4M6G7k88vQNkCyQEemzK33LAy96laD5Cu8XLJfMDUR90D AJCAO/UK9hKI5OmDNZ2eZGkXQHbjY4raGvgxGQcFGg4+7zzKs06DHDcFsv2hSsXQ 93uv2yUuhz8eF7fWEElJ5VKG1AiBXYR004qCzX1HfD8Z1/nNKbAscWDetmscg8VA K0eNfl1Jx+m86PIuGnnjJ1AspCwly8chDGmJXeD9/uUMRplFS+BBMcNO/luF4Oqn Uos2cUSjkFWlcEGqayjLl4TJpHL9EIO71G3xAIplfb83zyhir66kcWbl1PSkhhr1 px64hKkfPywkCwplHpfCAo+FLQDhDUHskW//5c3yTm+Y0L2/T1zfZ6JSYcPznfyv mQkzSpYOnMzYG2iF34DjfdgScLql6ZOFlLDd9Cu7ArQEHs/a8wTwvFUT/sGganuS jfY2LU1zy7PMTU8FGIJhnBgV+CaGt7IQddhCT+JJkR4NHuw3gpKEk71VPQLrvd2u w2khoLCeKfWysHoRnOTq =LQhN -END PGP SIGNATURE-
Accepted libssh 0.5.4-1+deb7u2 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 23 Nov 2015 04:08:05 -0500 Source: libssh Binary: libssh-4 libssh-dev libssh-dbg libssh-doc Architecture: source all amd64 Version: 0.5.4-1+deb7u2 Distribution: wheezy Urgency: medium Maintainer: Laurent Bigonville Changed-By: Christopher Knadle Description: libssh-4 - tiny C SSH library libssh-dbg - tiny C SSH library. Debug symbols libssh-dev - tiny C SSH library. Development files libssh-doc - tiny C SSH library. Documentation files Closes: 773577 784404 Changes: libssh (0.5.4-1+deb7u2) wheezy; urgency=medium . * Non-maintainer upload. * debian/patches: - Add 0005-security-fix-for-vulnerability-CVE-2014-8132.patch Fix "Double free on dangling pointers in initial key exchange packet" (Closes: #773577, CVE-2014-8132) - Add 0006-security-fix-for-vulnerability-CVE-2015-3146.patch Fix "null pointer dereference due to a logical error in the handling of a SSH_MSG_NEWKEYS and KEXDH_REPLY packets" (Closes: #784404, CVE-2015-3146) Checksums-Sha1: be882d3eb2fef01ad2a1f804059f8db8f2d6840b 2168 libssh_0.5.4-1+deb7u2.dsc 52ffc16a4ccf586f3f7156b5876d5ade054e29b2 11395 libssh_0.5.4-1+deb7u2.debian.tar.gz 1358a7b6bb3c0d4631be68835f7169ec6845d174 275148 libssh-doc_0.5.4-1+deb7u2_all.deb 3ec2f8ff287098d14069bc00ef5757cacf53d6c0 131206 libssh-4_0.5.4-1+deb7u2_amd64.deb f3c87b5ca7d5f6f438acc894a278aad6a3e18b05 184628 libssh-dev_0.5.4-1+deb7u2_amd64.deb 3b4f693345c5d9cf650fa16bff72221d2e50d5de 361066 libssh-dbg_0.5.4-1+deb7u2_amd64.deb Checksums-Sha256: df73b82196ba13d42456b245bc4376b934fabd8705e4713580832b50b82c1b14 2168 libssh_0.5.4-1+deb7u2.dsc 3d92f837c87c383e91224883fc9693cb3bae6f897310f89a6a2e31d2b2a1de6d 11395 libssh_0.5.4-1+deb7u2.debian.tar.gz a12fed469508f99434279a3f4b72bf5020276074ba259ee24259b5146a4c98cb 275148 libssh-doc_0.5.4-1+deb7u2_all.deb 9d34d3f9ed7fd31226a07789b13b12c2e7926a43829036f4bfcfac8ef0f0eda1 131206 libssh-4_0.5.4-1+deb7u2_amd64.deb 9691de480487455154ba266b32915529bc94c7bd1547326ab885f6b7f3fd5cc1 184628 libssh-dev_0.5.4-1+deb7u2_amd64.deb d89cac72ea66d270da3d2ebb86fcea9be0f6696d1cd88aae6014d092ba58286c 361066 libssh-dbg_0.5.4-1+deb7u2_amd64.deb Files: e70e5f1fe324d46e58538e6f803902c0 2168 libs optional libssh_0.5.4-1+deb7u2.dsc 5ebd0e081bd409dc7e1e2046f7617201 11395 libs optional libssh_0.5.4-1+deb7u2.debian.tar.gz bc9df9fa1361755cadce915153758234 275148 doc optional libssh-doc_0.5.4-1+deb7u2_all.deb 798e418cbdb87df5ea98bab3e0104b67 131206 libs optional libssh-4_0.5.4-1+deb7u2_amd64.deb e06c14f8e41b774f553d06011562ba02 184628 libdevel optional libssh-dev_0.5.4-1+deb7u2_amd64.deb 4f8b9872ed9a5248c05aa17deb06 361066 debug extra libssh-dbg_0.5.4-1+deb7u2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQJ8BAEBCgBmBQJWgKm0XxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXREMUUxMzE2RTkzQTc2MEE4MTA0RDg1RkFC QjNBNjgwMTg2NDlBQTA2AAoJELs6aAGGSaoGdcMP/Ru+d8sOhHSezx0M9WUaWeA0 lcNSNON5+3kPVCZmA5W6/3pZwVe+ICK/22OF4N37nANidh/RAXjbYJD7nlgB0gsD bd5/Zc9Ow0lCygnBQ2sa4KigA3NzwxT6uC69s2ZgYmTvGzZ2RA2TdDReW/8+WRm9 vFB0FaPa7poa3BboAwYoS7GgOhAAWOt/frKK4fz+sQn3dr4bPps7f9ws4ePNMhRk 6JqwlkTNX4vHHOIun7lV8Y2gH0TRnF4vUFLcBDkkBFsm2U3boyBBkLV9QOLRxi8I o00X86wTS3DCo/VveK0BvtwBhNRmpVPaKHni6NWGB1UYHiLBQoOjksK6veJouoFD 4uAU95ZI6RFmk5HWh9DAGmRURWDtiNbjLSvab2zyx/BEFYOPzhrB+5gTsIRvLuT3 kNefAh7YJeRmHtaIeX3WdwulN2ZIn9xUHr4JUJrTxExPIf4aLxTXWllSKlbQkahk SDQQ7NQGVDIPhi+F6RA1FxSuBVcxGb50cFb9IM1epkOAD3XnUD++Pd0kNCY2kZpT T3bunD25OtJgDvHjfngeSP/uUNn/Lv8cGofGaEi/ZBkT59/g53qi8zcrgFY3eF3H Mb3+tcl3UCd3wA2lmlDhUPX3x30azOr5A4lxZzomfAMel+A2m+fdM48do80dl6UV sTPQborIS/thvfBxIYZh =509B -END PGP SIGNATURE-
Accepted mumble 1.2.3-349-g315b5f5-2.2+deb7u2 (source amd64) into proposed-updates->stable-new, proposed-updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 03 Sep 2014 22:15:06 -0400 Source: mumble Binary: mumble mumble-server mumble-dbg Architecture: source amd64 Version: 1.2.3-349-g315b5f5-2.2+deb7u2 Distribution: wheezy Urgency: medium Maintainer: Ron Lee Changed-By: Christopher Knadle Description: mumble - Low latency VoIP client mumble-dbg - Low latency VoIP client (debugging symbols) mumble-server - Low latency VoIP server Closes: 681715 688444 742091 748189 Changes: mumble (1.2.3-349-g315b5f5-2.2+deb7u2) wheezy; urgency=medium . * debian/control: - remove obsolete Vcs entries. Closes: #681715 * debian/patches: - Add two security fixes. Closes: #748189 Mumble-SA-2014-005.patch CVE-2014-3755 http://mumble.info/security/Mumble-SA-2014-005.txt SVG images with local file references could trigger client DoS Mumble-SA-2014-006.patch CVE-2014-3756 http://mumble.info/security/Mumble-SA-2014-006.txt The Mumble client did not properly HTML-escape some external strings before using them in a rich-text (HTML) context. Thanks to Mikkel Krautz for reporting the bug, and Gregor Herrmann for updating the patches for Wheezy. - Add 35-fix-UDP-socket-initialization.diff. Closes: #742091 Fix UDP communication failing until connected user's mic is activated and data sent. Thanks to Mikkel Krautz for finding the issue and fixing upstream. - Add 37-fix-connect-dialog-hang-dee463ef.diff. Closes: #688444 Fix crashing when connecting to a server. Thanks to Valentin Lorentz for reporting the bug. Checksums-Sha1: 8367adb65e7d64cc8fb402a30e3d67f29e3050f5 2440 mumble_1.2.3-349-g315b5f5-2.2+deb7u2.dsc ff9a2961f4a2887d24c78825e82ab60b19f31db5 52370 mumble_1.2.3-349-g315b5f5-2.2+deb7u2.debian.tar.gz d35e01fe360ef88e88aa92138e612a03a05b83b1 2877702 mumble_1.2.3-349-g315b5f5-2.2+deb7u2_amd64.deb 6d894145a6eac63ca79be55e522e99f207a51386 955396 mumble-server_1.2.3-349-g315b5f5-2.2+deb7u2_amd64.deb 14fdb6bb340d45b45ffe41054d04e6318ff4052e 29371722 mumble-dbg_1.2.3-349-g315b5f5-2.2+deb7u2_amd64.deb Checksums-Sha256: 3f9baaad5c768dd96ad485a4d3774dc8cee0659476d77a9f1e09555fad2bfd55 2440 mumble_1.2.3-349-g315b5f5-2.2+deb7u2.dsc e32addd16356749bbbfd77808509b78d39d6c7d9f6db0c48c7ac41d9162bfaef 52370 mumble_1.2.3-349-g315b5f5-2.2+deb7u2.debian.tar.gz 532e6545dba389055bb8152e9e4e66d9eebee97ee0beba20f5e105cc99268dab 2877702 mumble_1.2.3-349-g315b5f5-2.2+deb7u2_amd64.deb 7b26f7481aabf5653c52f2eb04c53796ef216bb10d0e9ea8516c5a2ad89b5a57 955396 mumble-server_1.2.3-349-g315b5f5-2.2+deb7u2_amd64.deb 9d6dd84ee24c83451d3766fe57ad3a82b453f93395803175f2de6f1cfd873fe5 29371722 mumble-dbg_1.2.3-349-g315b5f5-2.2+deb7u2_amd64.deb Files: fb7dc7ebfef58f1f21857b31a9e5b05f 2440 sound optional mumble_1.2.3-349-g315b5f5-2.2+deb7u2.dsc b26f84ceedca1073c7bbca5b2681044c 52370 sound optional mumble_1.2.3-349-g315b5f5-2.2+deb7u2.debian.tar.gz 09e9b55d6b6b72b68061d952684f379c 2877702 sound optional mumble_1.2.3-349-g315b5f5-2.2+deb7u2_amd64.deb 480d0235976f4bc965da6884ae1febd3 955396 sound optional mumble-server_1.2.3-349-g315b5f5-2.2+deb7u2_amd64.deb 600c4eb988825047cebb4900807fe51a 29371722 debug extra mumble-dbg_1.2.3-349-g315b5f5-2.2+deb7u2_amd64.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJURTrzAAoJEBLZsEqQy9jktgAP/18cCQfuOGkf4m5Py7Pg1Evy cuM3S/Xkk6naNAo7S9CWJd+XW338e/C4dwb1O2e4Ofj7ptZxPlsnjfo3JWkmKGl9 NKu+udKupEUf1ato3aMa8mXuxTld5tqcXhmpWxYcE3W+7rS/pKnGAFJTdFu5+s/g uSudSrLkpjmE7wKWsAmnm3abEtfN+DI4bpfTfIs/86WxUfjVGmdi9wHttPUGyR/z nAmHEdvcwTIeVKNPyJsqGuyS5MCJPa9vXnKJUADaUOZTLxQ1WKhvVXoYDoEUnlxP K7Q7o9qsc442Yq+OH6ERYvZtkMAIbJdJGi+X4Hje1G5krz9FEOQGCh8aeGFSoScY akBAaNtqyYfub7OMpboMa4AXDcMZrmosxL85Pfboc4/UMVSp1K+WBsWXgm4S31NE HKeBhUIS+UyxXPEitGSrQIKj6aca2/S4ssqWHQoW0vUJZpQYxIZiC/4hzk/KZxrl 2Of4OFWMRdahgaAfroPVZ6vtlHzHWGOPs03A5RUgN/xkkdwSe57HvFWfNyadGqIc qr7ACPbdsLQxTGPIlNPXj+jB6VqIk1fmwYJwH/AnMP4vYpABeL1FHKFyH9gZK1ed CrunrbPL3A8BoSFgzr7thgb3qMU3foFHcZcRgdASLRSW4fg9+Bax8SJioVIZQUIz HYgWQA2dCQdvTKej7xAc =FtJJ -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-changes-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1xhigh-00055d...@franck.debian.org