Accepted snort 2.7.0-20.4 (source i386 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sun, 22 Mar 2009 00:16:44 +0100 Source: snort Binary: snort snort-common snort-doc snort-mysql snort-pgsql snort-rules-default snort-common-libraries Architecture: source i386 all Version: 2.7.0-20.4 Distribution: stable Urgency: high Maintainer: Javier Fernandez-Sanguino Pen~a Changed-By: Javier Fernandez-Sanguino Pen~a Description: snort - flexible Network Intrusion Detection System snort-common - flexible Network Intrusion Detection System [common files] snort-common-libraries - flexible Network Intrusion Detection System ruleset snort-doc - Documentation for the Snort IDS [documentation] snort-mysql - flexible Network Intrusion Detection System [MySQL] snort-pgsql - flexible Network Intrusion Detection System [PostgreSQL] snort-rules-default - flexible Network Intrusion Detection System ruleset Closes: 503992 Changes: snort (2.7.0-20.4) stable; urgency=high . * Fix error in call to LogMessage (missing parameters) which caused a segfault when fragmented packages were received. This bug was introduced in the patch to fix CVE-2008-1804. Urgency set to 'high' as in some circunstances it makes Snort fail to start on startup or die after working for only a few minutes. Also, this could be used as a DoS attack against an IDS sensor rendering it useless. (Closes: #503992) Checksums-Sha1: ce6f21a883cc4ddf8150b6a3ec9f90f4c8715ef9 1400 snort_2.7.0-20.4.dsc 49de34081f5c1c4359fd133fc3f4e6432e83d06d 3905896 snort_2.7.0.orig.tar.gz 8f277ab6576e994f9ecdcac1ba50131e21df1228 1600286 snort_2.7.0-20.4.diff.gz 0d9065d32a89cb91cfc9bc9da99ebff510cbe913 463592 snort_2.7.0-20.4_i386.deb 05306537eff106c82fc418e1515d48165c94ac5d 474504 snort-mysql_2.7.0-20.4_i386.deb 08123055c336a13ae2b205207ba7595f290375b6 474306 snort-pgsql_2.7.0-20.4_i386.deb ebe67c951e87db2d6cd84174d13a0a76ed82797f 244674 snort-common-libraries_2.7.0-20.4_i386.deb e3134802cf4eb382ba9570c940dcb23966cc3abc 147488 snort-common_2.7.0-20.4_all.deb 0b793a8c6f8323b05f78c96f51b3d0379a7b0e41 2303916 snort-doc_2.7.0-20.4_all.deb 98a7638a5e1d016d4698ae2780c1ec8a3e7559a0 402292 snort-rules-default_2.7.0-20.4_all.deb Checksums-Sha256: 159a887a5cb36f10f96ec75b661ed0b11126c441ac7a4a358a8587548aaaeea5 1400 snort_2.7.0-20.4.dsc 77260162ce98fa6684699465f8f3a8f6b90decc475f51903d2f558e92056ce9d 3905896 snort_2.7.0.orig.tar.gz 8fe0f515c0d380c2ad0831e3c00648e50c41b00695526e95ec6fa1f67ecf8913 1600286 snort_2.7.0-20.4.diff.gz e2402cb58156d450119d8e542db9bf3cb9a39c04950d79ca33f91ec32bbdbd46 463592 snort_2.7.0-20.4_i386.deb 4fe4ade341771bfa87c96240067c72daa85cd6fc805e14938870e7f4755cba7d 474504 snort-mysql_2.7.0-20.4_i386.deb 4cb9fb0590e84c86d0b8c0938cc407a7fcb1dbe2b3f1f49bac7a59ee923340f2 474306 snort-pgsql_2.7.0-20.4_i386.deb 241790bb770637e4f9791aa7d4126d7178600d2e05eee1ae8c1ede413fd3b649 244674 snort-common-libraries_2.7.0-20.4_i386.deb 7dde6985735ee750e655e8d26350b498abac8f8dd683a7bffce74a0c9bf8c513 147488 snort-common_2.7.0-20.4_all.deb b08f847b4741caf486798682aa734f2999caf1f3cd82f948294b5fb1e77c 2303916 snort-doc_2.7.0-20.4_all.deb 152c71e2da87d00e5f12f85496632b2d3369dddfd6813f8d6cf0fcb79dec29b2 402292 snort-rules-default_2.7.0-20.4_all.deb Files: 606f3c39ff67ac75c60747105a9c9cc9 1400 net optional snort_2.7.0-20.4.dsc f4f11f793599750614ee5c477744e648 3905896 net optional snort_2.7.0.orig.tar.gz e512633a5ef47926a5f1ad9dea27db0e 1600286 net optional snort_2.7.0-20.4.diff.gz c1b3a381a244d946ef774ae2c23d5cca 463592 net optional snort_2.7.0-20.4_i386.deb 515e1ec33087fdea198fb506d7416d74 474504 net extra snort-mysql_2.7.0-20.4_i386.deb 2f9aec20901f26bcbcb329c5937b85e1 474306 net optional snort-pgsql_2.7.0-20.4_i386.deb 44b020c6af8b4a5af4665fc2e719e264 244674 net optional snort-common-libraries_2.7.0-20.4_i386.deb 471b487c65dafbc9a466d02b3b12dec3 147488 net optional snort-common_2.7.0-20.4_all.deb 66f7bb6108356fda7648fbe9f013bfbd 2303916 doc optional snort-doc_2.7.0-20.4_all.deb 623e47ca21640e155d12f32a6bcc8280 402292 net optional snort-rules-default_2.7.0-20.4_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFJxs3ysandgtyBSwkRAh0kAJ4vZjhHjcR190fkAczYi7iLSsMVcQCfUrp2 THmHDILTdkEW7Yv8iFu4sx4= =xQb3 -END PGP SIGNATURE- Accepted: snort-common-libraries_2.7.0-20.4_i386.deb to pool/main/s/snort/snort-common-libraries_2.7.0-20.4_i386.deb snort-common_2.7.0-20.4_all.deb to pool/main/s/snort/snort-common_2.7.0-20.4_all.deb snort-doc_2.7.0-20.4_all.deb to pool/main/s/snort/snort-doc_2.7.0-20.4_all.deb snort-mysql_2.7.0-20.4_i386.deb to pool/main/s/snort/snort-mysql_2.7.0-20.4_i386.deb snort-pgsql_2.7.0-20.4_i386.deb to pool/main/s/snort/snort-pgsql_2.7.0-20.4_i386.deb snort-rules-default_2.7.0-20.4_all.deb to pool/main/s/snort/snort-rules-default_2.7.0-20.4_all.deb snort_2.7.0-20.4.diff.gz to pool/main/s/snort/snort_2.7.0-20.4.diff.gz snort_2.7.0-20.4.dsc to p
Accepted snort 2.7.0-20.4 (source i386 all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sun, 22 Mar 2009 00:16:44 +0100 Source: snort Binary: snort snort-common snort-doc snort-mysql snort-pgsql snort-rules-default snort-common-libraries Architecture: source i386 all Version: 2.7.0-20.4 Distribution: stable Urgency: high Maintainer: Javier Fernandez-Sanguino Pen~a Changed-By: Javier Fernandez-Sanguino Pen~a Description: snort - flexible Network Intrusion Detection System snort-common - flexible Network Intrusion Detection System [common files] snort-common-libraries - flexible Network Intrusion Detection System ruleset snort-doc - Documentation for the Snort IDS [documentation] snort-mysql - flexible Network Intrusion Detection System [MySQL] snort-pgsql - flexible Network Intrusion Detection System [PostgreSQL] snort-rules-default - flexible Network Intrusion Detection System ruleset Closes: 503992 Changes: snort (2.7.0-20.4) stable; urgency=high . * Fix error in call to LogMessage (missing parameters) which caused a segfault when fragmented packages were received. This bug was introduced in the patch to fix CVE-2008-1804. Urgency set to 'high' as in some circunstances it makes Snort fail to start on startup or die after working for only a few minutes. Also, this could be used as a DoS attack against an IDS sensor rendering it useless. (Closes: #503992) Checksums-Sha1: ce6f21a883cc4ddf8150b6a3ec9f90f4c8715ef9 1400 snort_2.7.0-20.4.dsc 49de34081f5c1c4359fd133fc3f4e6432e83d06d 3905896 snort_2.7.0.orig.tar.gz 8f277ab6576e994f9ecdcac1ba50131e21df1228 1600286 snort_2.7.0-20.4.diff.gz 0d9065d32a89cb91cfc9bc9da99ebff510cbe913 463592 snort_2.7.0-20.4_i386.deb 05306537eff106c82fc418e1515d48165c94ac5d 474504 snort-mysql_2.7.0-20.4_i386.deb 08123055c336a13ae2b205207ba7595f290375b6 474306 snort-pgsql_2.7.0-20.4_i386.deb ebe67c951e87db2d6cd84174d13a0a76ed82797f 244674 snort-common-libraries_2.7.0-20.4_i386.deb e3134802cf4eb382ba9570c940dcb23966cc3abc 147488 snort-common_2.7.0-20.4_all.deb 0b793a8c6f8323b05f78c96f51b3d0379a7b0e41 2303916 snort-doc_2.7.0-20.4_all.deb 98a7638a5e1d016d4698ae2780c1ec8a3e7559a0 402292 snort-rules-default_2.7.0-20.4_all.deb Checksums-Sha256: 159a887a5cb36f10f96ec75b661ed0b11126c441ac7a4a358a8587548aaaeea5 1400 snort_2.7.0-20.4.dsc 77260162ce98fa6684699465f8f3a8f6b90decc475f51903d2f558e92056ce9d 3905896 snort_2.7.0.orig.tar.gz 8fe0f515c0d380c2ad0831e3c00648e50c41b00695526e95ec6fa1f67ecf8913 1600286 snort_2.7.0-20.4.diff.gz e2402cb58156d450119d8e542db9bf3cb9a39c04950d79ca33f91ec32bbdbd46 463592 snort_2.7.0-20.4_i386.deb 4fe4ade341771bfa87c96240067c72daa85cd6fc805e14938870e7f4755cba7d 474504 snort-mysql_2.7.0-20.4_i386.deb 4cb9fb0590e84c86d0b8c0938cc407a7fcb1dbe2b3f1f49bac7a59ee923340f2 474306 snort-pgsql_2.7.0-20.4_i386.deb 241790bb770637e4f9791aa7d4126d7178600d2e05eee1ae8c1ede413fd3b649 244674 snort-common-libraries_2.7.0-20.4_i386.deb 7dde6985735ee750e655e8d26350b498abac8f8dd683a7bffce74a0c9bf8c513 147488 snort-common_2.7.0-20.4_all.deb b08f847b4741caf486798682aa734f2999caf1f3cd82f948294b5fb1e77c 2303916 snort-doc_2.7.0-20.4_all.deb 152c71e2da87d00e5f12f85496632b2d3369dddfd6813f8d6cf0fcb79dec29b2 402292 snort-rules-default_2.7.0-20.4_all.deb Files: 606f3c39ff67ac75c60747105a9c9cc9 1400 net optional snort_2.7.0-20.4.dsc f4f11f793599750614ee5c477744e648 3905896 net optional snort_2.7.0.orig.tar.gz e512633a5ef47926a5f1ad9dea27db0e 1600286 net optional snort_2.7.0-20.4.diff.gz c1b3a381a244d946ef774ae2c23d5cca 463592 net optional snort_2.7.0-20.4_i386.deb 515e1ec33087fdea198fb506d7416d74 474504 net extra snort-mysql_2.7.0-20.4_i386.deb 2f9aec20901f26bcbcb329c5937b85e1 474306 net optional snort-pgsql_2.7.0-20.4_i386.deb 44b020c6af8b4a5af4665fc2e719e264 244674 net optional snort-common-libraries_2.7.0-20.4_i386.deb 471b487c65dafbc9a466d02b3b12dec3 147488 net optional snort-common_2.7.0-20.4_all.deb 66f7bb6108356fda7648fbe9f013bfbd 2303916 doc optional snort-doc_2.7.0-20.4_all.deb 623e47ca21640e155d12f32a6bcc8280 402292 net optional snort-rules-default_2.7.0-20.4_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFJxs3ysandgtyBSwkRAh0kAJ4vZjhHjcR190fkAczYi7iLSsMVcQCfUrp2 THmHDILTdkEW7Yv8iFu4sx4= =xQb3 -END PGP SIGNATURE- Accepted: snort-common-libraries_2.7.0-20.4_i386.deb to pool/main/s/snort/snort-common-libraries_2.7.0-20.4_i386.deb snort-common_2.7.0-20.4_all.deb to pool/main/s/snort/snort-common_2.7.0-20.4_all.deb snort-doc_2.7.0-20.4_all.deb to pool/main/s/snort/snort-doc_2.7.0-20.4_all.deb snort-mysql_2.7.0-20.4_i386.deb to pool/main/s/snort/snort-mysql_2.7.0-20.4_i386.deb snort-pgsql_2.7.0-20.4_i386.deb to pool/main/s/snort/snort-pgsql_2.7.0-20.4_i386.deb snort-rules-default_2.7.0-20.4_all.deb to pool/main/s/snort/snort-rules-default_2.7.0-20.4_all.deb snort_2.7.0-20.4.diff.gz to pool/main/s/snort/snort_2.7.0-20.4.diff.gz snort_2.7.0-20.4.dsc to p
Accepted dns-browse 1.6-5 (all source)
-BEGIN PGP SIGNED MESSAGE- Format: 1.7 Date: Mon, 13 May 2002 10:57:32 +0200 Source: dns-browse Binary: dns-browse Architecture: source all Version: 1.6-5 Distribution: stable Urgency: high Maintainer: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Description: dns-browse - Frontends to DNS search. Closes: 146591 Changes: dns-browse (1.6-5) stable; urgency=high . * Fixed dns_tree so that it uses the HOME directory for cache files (Closes: #146591) Files: 903d3150001644057aff562af2d3f4e5 656 net extra dns-browse_1.6-5.dsc 1167d5865ebd0818077e3cdc17d82d2e 13298 net extra dns-browse_1.6-5.diff.gz 5420d30e41cf87ed3113447a2f6d952c 13920 net extra dns-browse_1.6-5_all.deb -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQCVAwUBPN/oiftEPvakNq0lAQH0iwP/dJYV9PUr24+mUe6GJrCoj2isJqE2uR1O nAY48/UXs1nCiKP6TfAWgFzS6RfhNzMR5q5aet6PXpxztRsR6xqr8XsRq5AqG3ZT DQvp//wN+HvEUaXJEKiondp7C18CB7JD30hGGndKnVz65gvCV7/ph0tiX2T5ZTf4 WHN+XO4TVXs= =YzD+ -END PGP SIGNATURE- Accepted: dns-browse_1.6-5.diff.gz to pool/main/d/dns-browse/dns-browse_1.6-5.diff.gz dns-browse_1.6-5.dsc to pool/main/d/dns-browse/dns-browse_1.6-5.dsc dns-browse_1.6-5_all.deb to pool/main/d/dns-browse/dns-browse_1.6-5_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted bastille 1:1.3.0-2.1 (i386 source)
-BEGIN PGP SIGNED MESSAGE- Format: 1.7 Date: Sun, 3 Nov 2002 21:43:54 +0100 Source: bastille Binary: bastille Architecture: source i386 Version: 1:1.3.0-2.1 Distribution: stable Urgency: medium Maintainer: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Description: bastille - Security hardening tool Closes: 147643 150614 158803 Changes: bastille (1:1.3.0-2.1) stable; urgency=medium . * This is a release only for woodyr1. For production environments, however, Bastille-1.3.0-6 (or 2.0 is recommended) * Fixed Bastille/Logging.pm (Closes: #158803) * Fixed Bastille/Firewall.pm so that it installs the firewalling script (Closes: #147643) * Removed psad from this package (in 'sid' it's a separate package so it also helps transition). This includes modifying debian/rules, removing the PSAD stuff from Questions.txt (otherwise the backend does not know where to jump to) and changing the 'Required Distro' to exclude Debian (DB is already there in Questions.txt wherever LINUX is) (Closes: #150614) Files: e03c7f1fb66a6406cf01b9ca41f9bdb3 690 admin optional bastille_1.3.0-2.1.dsc 013b288c1a675340e455534187d5a85a 21337 admin optional bastille_1.3.0-2.1.diff.gz c09d73c63abb55c702f0fbc9cf978fd1 232738 admin optional bastille_1.3.0-2.1_i386.deb -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQCVAwUBPcWXdftEPvakNq0lAQGhiAQAhRAlWIh9A1tlqzfgJYs5ALI1FRJTps3F 2cPUkVNo5XrrHVeEzl1QDQDytWmDE1/yt7rkCSDhnERlKqCgH9MUflOxN6XCrgUE zD1v1bECgDfWbCkD2C31VEjc+9XxVhZT3OVOK0hdNJGBRgXRKS7q+8An8Oin935i HCV/s1W1zsE= =nYWc -END PGP SIGNATURE- Accepted: bastille_1.3.0-2.1.diff.gz to pool/main/b/bastille/bastille_1.3.0-2.1.diff.gz bastille_1.3.0-2.1.dsc to pool/main/b/bastille/bastille_1.3.0-2.1.dsc bastille_1.3.0-2.1_i386.deb to pool/main/b/bastille/bastille_1.3.0-2.1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted bastille 1:1.3.0-2.1 (i386 source)
-BEGIN PGP SIGNED MESSAGE- Format: 1.7 Date: Sun, 3 Nov 2002 21:43:54 +0100 Source: bastille Binary: bastille Architecture: source i386 Version: 1:1.3.0-2.1 Distribution: stable Urgency: medium Maintainer: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Description: bastille - Security hardening tool Closes: 147643 150614 158803 Changes: bastille (1:1.3.0-2.1) stable; urgency=medium . * This is a release only for woodyr1. For production environments, however, Bastille-1.3.0-6 (or 2.0 is recommended) * Fixed Bastille/Logging.pm (Closes: #158803) * Fixed Bastille/Firewall.pm so that it installs the firewalling script (Closes: #147643) * Removed psad from this package (in 'sid' it's a separate package so it also helps transition). This includes modifying debian/rules, removing the PSAD stuff from Questions.txt (otherwise the backend does not know where to jump to) and changing the 'Required Distro' to exclude Debian (DB is already there in Questions.txt wherever LINUX is) (Closes: #150614) Files: e03c7f1fb66a6406cf01b9ca41f9bdb3 690 admin optional bastille_1.3.0-2.1.dsc 013b288c1a675340e455534187d5a85a 21337 admin optional bastille_1.3.0-2.1.diff.gz c09d73c63abb55c702f0fbc9cf978fd1 232738 admin optional bastille_1.3.0-2.1_i386.deb -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQCVAwUBPcWXdftEPvakNq0lAQGhiAQAhRAlWIh9A1tlqzfgJYs5ALI1FRJTps3F 2cPUkVNo5XrrHVeEzl1QDQDytWmDE1/yt7rkCSDhnERlKqCgH9MUflOxN6XCrgUE zD1v1bECgDfWbCkD2C31VEjc+9XxVhZT3OVOK0hdNJGBRgXRKS7q+8An8Oin935i HCV/s1W1zsE= =nYWc -END PGP SIGNATURE- Accepted: bastille_1.3.0-2.1.diff.gz to pool/main/b/bastille/bastille_1.3.0-2.1.diff.gz bastille_1.3.0-2.1.dsc to pool/main/b/bastille/bastille_1.3.0-2.1.dsc bastille_1.3.0-2.1_i386.deb to pool/main/b/bastille/bastille_1.3.0-2.1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted tiger 2.2.4-23 (i386 source)
-BEGIN PGP SIGNED MESSAGE- Format: 1.7 Date: Thu, 19 Jun 2003 00:45:02 +0200 Source: tiger Binary: tiger Architecture: source i386 Version: 2.2.4-23 Distribution: stable Urgency: medium Maintainer: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Description: tiger - Report system security vulnerabilities Closes: 157695 170461 172377 Changes: tiger (2.2.4-23) stable; urgency=medium . * Upload to the proposed-updates queue to be considered by the Release Manager. This version generated for the benefit of stable users (which are still encouraged to use 3.2 since it fixes many more bugs and can be backported easily, but still). This package fixes some open (and important) bugs including a security bug and also updates data (DSA listing) to latest available information. Bugs fixed: * Fixed buffer overflow discovered by Steve Grub in realpath.c this might be able to be locally exploited if a user can make a _very_ long path in the system but it might be difficult to pull off local privilege escalation with this one. Still, worth fixing. The fix has been backported from the 3.2 version. * Fixed the installation so all scripts are set as executable (I'm not incorporating all the Makefile changes done on 3.2 but it's now better) this has the side effect of now setting check_listeningprocs executable and properly installing check_sendmail (Closes: #157695, #172377) * No longer depends on essential packages as per policy, since there are no known versioned dependancies (there are for the 3.x release) for any of them (Closes: #170461) * Updated deb_advisories to include all the latest Debian Security Advisories so that the deb_checkadvisories check makes sense (was over a year out of date). Notice that, without this update the deb_checkadvisories is useless. This check is still useful for those running a system without internet access (i.e. cannot check updates at security.debian.org). If there is a new release of the CD images this might turn out useful for users updating through CD. Files: 9765cffceb61e0a95794210085672082 668 admin optional tiger_2.2.4-23.dsc 85e245333dac76c9e80e9a4d421291d6 99984 admin optional tiger_2.2.4-23.diff.gz 4c1f22da5ccd663cb392df1b313b578a 207972 admin optional tiger_2.2.4-23_i386.deb -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQCVAwUBPvD15PtEPvakNq0lAQEqaQQAtzKHZ/3KCzED2Qab8654YT/VqsvNTuc4 VvQFekkeeUC7q8yl4XCwqZS0RH9kWgqqm0z5zR0K2hWu67X/UDGFdrtXEUlueZxw ptvNnd0bkD+VhWBsLmaFeSFl5JxsHPtrZ9CattoZxJcYQs+da0uAz0wB07O1wJKQ K2G66UlhKUA= =rD33 -END PGP SIGNATURE- Accepted: tiger_2.2.4-23.diff.gz to pool/main/t/tiger/tiger_2.2.4-23.diff.gz tiger_2.2.4-23.dsc to pool/main/t/tiger/tiger_2.2.4-23.dsc tiger_2.2.4-23_i386.deb to pool/main/t/tiger/tiger_2.2.4-23_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted spellcast-doc 1.0.1 (i386 source)
-BEGIN PGP SIGNED MESSAGE- Format: 1.7 Date: Sun, 4 Apr 2004 21:24:12 +0200 Source: spellcast-doc Binary: spellcast-doc Architecture: source i386 Version: 1.0.1 Distribution: stable Urgency: high Maintainer: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Description: spellcast-doc - Documentation for the multi-player X game of spellcasting. Changes: spellcast-doc (1.0.1) stable; urgency=high . * Moved to non-free (see changes in debian/copyright) Files: 9ab24a6c8b5004580b19970f5fe04101 597 non-free/games extra spellcast-doc_1.0.1.dsc c681909c5893b2d78d6efdd1993d8396 49358 non-free/games extra spellcast-doc_1.0.1.tar.gz a1d2db26849f6c17a2c88c3335f1eeef 49898 non-free/games extra spellcast-doc_1.0.1_i386.deb -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQCVAwUBQHBh4/tEPvakNq0lAQHnBAP+K/EHkJucPuSFTayMV6uAql6LrbyhvM3X Jr5AedpJyzy+0bvQFVeg2l8fALHvnpoLI+sHyg8EheU9cb0s50PY9hIoCaseB00v yPvnUNGULBUC3pOnfu+qer3GPdKOW2LfWNoVWCTg+Ny9/0BmY3/cVqc4brWy6R7j L3Hxjd27ijc= =7Kr9 -END PGP SIGNATURE- Accepted: spellcast-doc_1.0.1.dsc to pool/non-free/s/spellcast-doc/spellcast-doc_1.0.1.dsc spellcast-doc_1.0.1.tar.gz to pool/non-free/s/spellcast-doc/spellcast-doc_1.0.1.tar.gz spellcast-doc_1.0.1_i386.deb to pool/non-free/s/spellcast-doc/spellcast-doc_1.0.1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted spellcast 1.0-12.1 (i386 source)
-BEGIN PGP SIGNED MESSAGE- Format: 1.7 Date: Sun, 4 Apr 2004 21:11:27 +0200 Source: spellcast Binary: spellcast Architecture: source i386 Version: 1.0-12.1 Distribution: stable Urgency: high Maintainer: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Description: spellcast - The classic hand-waving multi-player X game of spellcasting. Changes: spellcast (1.0-12.1) stable; urgency=high . * Moved to non-free due to licensing which was incorrectly considered free by the previous maintainer. See http://lists.debian.org/debian-legal/2003/debian-legal-200310/msg00136.html * Added a rant on why spellcast is not GPL describing the issue in the README.Debian file with more detail than the information available in the copyright file. Files: 5ca9bde46deee783f3a5f1d037776326 701 non-free/games optional spellcast_1.0-12.1.dsc 4e9deed4f0e70c6f26ded5c6785f599f 76990 non-free/games optional spellcast_1.0-12.1.diff.gz da3977544c5a28415695232636a377c4 179216 non-free/games optional spellcast_1.0-12.1_i386.deb -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQCVAwUBQHBhrftEPvakNq0lAQGf/wP/fuysV6zZbIRWNZZZQVtxnrXvTsKtdpyu JK5WBPHjs32H/bQgRZ2jK/hvRpKxyQg7DlKCsflI6we3GPO3H37Vt2QFw+xnEDpy +RJgHBKDVXrMad2Yhuw6fY1Twsbl0qGMOstsLdxe4ueoXyjfyWXNmHv3brP1CksF gVBNJarCxnc= =qBNi -END PGP SIGNATURE- Accepted: spellcast_1.0-12.1.diff.gz to pool/non-free/s/spellcast/spellcast_1.0-12.1.diff.gz spellcast_1.0-12.1.dsc to pool/non-free/s/spellcast/spellcast_1.0-12.1.dsc spellcast_1.0-12.1_i386.deb to pool/non-free/s/spellcast/spellcast_1.0-12.1_i386.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted htmlheadline 21.8-3 (all source)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Fri, 31 Dec 2004 00:18:16 +0100 Source: htmlheadline Binary: htmlheadline Architecture: source all Version: 21.8-3 Distribution: stable Urgency: high Maintainer: Martin Schulze <[EMAIL PROTECTED]> Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Description: htmlheadline - script that automatically fetches news headlines, and browses on Changes: htmlheadline (21.8-3) stable; urgency=high . * Fix temporary file vulnerabilities by locating the temporary download directory in the user's homedir. [HtmlHeadLine.sh, START_HHL_30.sh, START_HHL.sh, CAN-2004-1181] Files: 36da72a4ff991d7646a77eb7d8789f8a 579 web optional htmlheadline_21.8-3.dsc 319b218bd8c787a1455540a85428adc6 42360 web optional htmlheadline_21.8.orig.tar.gz 8c098ae1c43cf8f5f702191864e29b84 5383 web optional htmlheadline_21.8-3.diff.gz c55c6906ba256b1731d8d6c5a151eaf1 44570 web optional htmlheadline_21.8-3_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFB1r13W5ql+IAeqTIRAtvAAKCzcG5XxtQcOm1hkFEpmFxFDFH5DACgkIiO VuzI6yaQLDSuCO+G2tB/lN4= =00fp -END PGP SIGNATURE- Accepted: htmlheadline_21.8-3.diff.gz to pool/main/h/htmlheadline/htmlheadline_21.8-3.diff.gz htmlheadline_21.8-3.dsc to pool/main/h/htmlheadline/htmlheadline_21.8-3.dsc htmlheadline_21.8-3_all.deb to pool/main/h/htmlheadline/htmlheadline_21.8-3_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted dns-browse 1.6-5 (all source)
-BEGIN PGP SIGNED MESSAGE- Format: 1.7 Date: Mon, 13 May 2002 10:57:32 +0200 Source: dns-browse Binary: dns-browse Architecture: source all Version: 1.6-5 Distribution: stable Urgency: high Maintainer: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Description: dns-browse - Frontends to DNS search. Closes: 146591 Changes: dns-browse (1.6-5) stable; urgency=high . * Fixed dns_tree so that it uses the HOME directory for cache files (Closes: #146591) Files: 903d3150001644057aff562af2d3f4e5 656 net extra dns-browse_1.6-5.dsc 1167d5865ebd0818077e3cdc17d82d2e 13298 net extra dns-browse_1.6-5.diff.gz 5420d30e41cf87ed3113447a2f6d952c 13920 net extra dns-browse_1.6-5_all.deb -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQCVAwUBPN/oiftEPvakNq0lAQH0iwP/dJYV9PUr24+mUe6GJrCoj2isJqE2uR1O nAY48/UXs1nCiKP6TfAWgFzS6RfhNzMR5q5aet6PXpxztRsR6xqr8XsRq5AqG3ZT DQvp//wN+HvEUaXJEKiondp7C18CB7JD30hGGndKnVz65gvCV7/ph0tiX2T5ZTf4 WHN+XO4TVXs= =YzD+ -END PGP SIGNATURE- Accepted: dns-browse_1.6-5.diff.gz to pool/main/d/dns-browse/dns-browse_1.6-5.diff.gz dns-browse_1.6-5.dsc to pool/main/d/dns-browse/dns-browse_1.6-5.dsc dns-browse_1.6-5_all.deb to pool/main/d/dns-browse/dns-browse_1.6-5_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted bastille 1:1.3.0-2.1 (i386 source)
-BEGIN PGP SIGNED MESSAGE- Format: 1.7 Date: Sun, 3 Nov 2002 21:43:54 +0100 Source: bastille Binary: bastille Architecture: source i386 Version: 1:1.3.0-2.1 Distribution: stable Urgency: medium Maintainer: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Description: bastille - Security hardening tool Closes: 147643 150614 158803 Changes: bastille (1:1.3.0-2.1) stable; urgency=medium . * This is a release only for woodyr1. For production environments, however, Bastille-1.3.0-6 (or 2.0 is recommended) * Fixed Bastille/Logging.pm (Closes: #158803) * Fixed Bastille/Firewall.pm so that it installs the firewalling script (Closes: #147643) * Removed psad from this package (in 'sid' it's a separate package so it also helps transition). This includes modifying debian/rules, removing the PSAD stuff from Questions.txt (otherwise the backend does not know where to jump to) and changing the 'Required Distro' to exclude Debian (DB is already there in Questions.txt wherever LINUX is) (Closes: #150614) Files: e03c7f1fb66a6406cf01b9ca41f9bdb3 690 admin optional bastille_1.3.0-2.1.dsc 013b288c1a675340e455534187d5a85a 21337 admin optional bastille_1.3.0-2.1.diff.gz c09d73c63abb55c702f0fbc9cf978fd1 232738 admin optional bastille_1.3.0-2.1_i386.deb -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQCVAwUBPcWXdftEPvakNq0lAQGhiAQAhRAlWIh9A1tlqzfgJYs5ALI1FRJTps3F 2cPUkVNo5XrrHVeEzl1QDQDytWmDE1/yt7rkCSDhnERlKqCgH9MUflOxN6XCrgUE zD1v1bECgDfWbCkD2C31VEjc+9XxVhZT3OVOK0hdNJGBRgXRKS7q+8An8Oin935i HCV/s1W1zsE= =nYWc -END PGP SIGNATURE- Accepted: bastille_1.3.0-2.1.diff.gz to pool/main/b/bastille/bastille_1.3.0-2.1.diff.gz bastille_1.3.0-2.1.dsc to pool/main/b/bastille/bastille_1.3.0-2.1.dsc bastille_1.3.0-2.1_i386.deb to pool/main/b/bastille/bastille_1.3.0-2.1_i386.deb
Accepted bastille 1:1.3.0-2.1 (i386 source)
-BEGIN PGP SIGNED MESSAGE- Format: 1.7 Date: Sun, 3 Nov 2002 21:43:54 +0100 Source: bastille Binary: bastille Architecture: source i386 Version: 1:1.3.0-2.1 Distribution: stable Urgency: medium Maintainer: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Description: bastille - Security hardening tool Closes: 147643 150614 158803 Changes: bastille (1:1.3.0-2.1) stable; urgency=medium . * This is a release only for woodyr1. For production environments, however, Bastille-1.3.0-6 (or 2.0 is recommended) * Fixed Bastille/Logging.pm (Closes: #158803) * Fixed Bastille/Firewall.pm so that it installs the firewalling script (Closes: #147643) * Removed psad from this package (in 'sid' it's a separate package so it also helps transition). This includes modifying debian/rules, removing the PSAD stuff from Questions.txt (otherwise the backend does not know where to jump to) and changing the 'Required Distro' to exclude Debian (DB is already there in Questions.txt wherever LINUX is) (Closes: #150614) Files: e03c7f1fb66a6406cf01b9ca41f9bdb3 690 admin optional bastille_1.3.0-2.1.dsc 013b288c1a675340e455534187d5a85a 21337 admin optional bastille_1.3.0-2.1.diff.gz c09d73c63abb55c702f0fbc9cf978fd1 232738 admin optional bastille_1.3.0-2.1_i386.deb -BEGIN PGP SIGNATURE- Version: 2.6.3ia Charset: noconv iQCVAwUBPcWXdftEPvakNq0lAQGhiAQAhRAlWIh9A1tlqzfgJYs5ALI1FRJTps3F 2cPUkVNo5XrrHVeEzl1QDQDytWmDE1/yt7rkCSDhnERlKqCgH9MUflOxN6XCrgUE zD1v1bECgDfWbCkD2C31VEjc+9XxVhZT3OVOK0hdNJGBRgXRKS7q+8An8Oin935i HCV/s1W1zsE= =nYWc -END PGP SIGNATURE- Accepted: bastille_1.3.0-2.1.diff.gz to pool/main/b/bastille/bastille_1.3.0-2.1.diff.gz bastille_1.3.0-2.1.dsc to pool/main/b/bastille/bastille_1.3.0-2.1.dsc bastille_1.3.0-2.1_i386.deb to pool/main/b/bastille/bastille_1.3.0-2.1_i386.deb
Accepted htmlheadline 21.8-3 (all source)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Fri, 31 Dec 2004 00:18:16 +0100 Source: htmlheadline Binary: htmlheadline Architecture: source all Version: 21.8-3 Distribution: stable Urgency: high Maintainer: Martin Schulze <[EMAIL PROTECTED]> Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Description: htmlheadline - script that automatically fetches news headlines, and browses on Changes: htmlheadline (21.8-3) stable; urgency=high . * Fix temporary file vulnerabilities by locating the temporary download directory in the user's homedir. [HtmlHeadLine.sh, START_HHL_30.sh, START_HHL.sh, CAN-2004-1181] Files: 36da72a4ff991d7646a77eb7d8789f8a 579 web optional htmlheadline_21.8-3.dsc 319b218bd8c787a1455540a85428adc6 42360 web optional htmlheadline_21.8.orig.tar.gz 8c098ae1c43cf8f5f702191864e29b84 5383 web optional htmlheadline_21.8-3.diff.gz c55c6906ba256b1731d8d6c5a151eaf1 44570 web optional htmlheadline_21.8-3_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFB1r13W5ql+IAeqTIRAtvAAKCzcG5XxtQcOm1hkFEpmFxFDFH5DACgkIiO VuzI6yaQLDSuCO+G2tB/lN4= =00fp -END PGP SIGNATURE- Accepted: htmlheadline_21.8-3.diff.gz to pool/main/h/htmlheadline/htmlheadline_21.8-3.diff.gz htmlheadline_21.8-3.dsc to pool/main/h/htmlheadline/htmlheadline_21.8-3.dsc htmlheadline_21.8-3_all.deb to pool/main/h/htmlheadline/htmlheadline_21.8-3_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted ethereal 0.10.10-2sarge3 (source powerpc)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 18 Sep 2005 22:49:08 +0200 Source: ethereal Binary: ethereal ethereal-dev tethereal ethereal-common Architecture: source powerpc Version: 0.10.10-2sarge3 Distribution: stable-security Urgency: high Maintainer: Martin Schulze <[EMAIL PROTECTED]> Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Description: ethereal - network traffic analyzer ethereal-common - network traffic analyser (common files) ethereal-dev - network traffic analyser (development tools) tethereal - network traffic analyzer (console) Changes: ethereal (0.10.10-2sarge3) stable-security; urgency=high . * Security fixes for sarge: * CAN-2005-2360 - free static memory and crash in LDAP [ epan/dissectors/packet-ldap.c ] * CAN-2005-2361 - crash in several dissectors AgentX: changed plugins/agentx/packet-agentx.c PER:changed epan/dissectors/packet-per.c DOCSIS: changed plugins/docsis/packet-docsis.c RADIUS: changed epan/dissectors/packet-radius.c Telnet: changed epan/dissectors/packet-telnet.c IS-IS: changed epan/dissectors/packet-isis-lsp.c HTTP: changed epan/tvbuff.c DCERPC: changed epan/dissectors/packet-dcerpc.c DHCP: changed epan/dissectors/packet-bootp.c SCTP: changed gtk/sctp_graph_dlg.c Does not apply: NCP * CAN-2005-2363 - infinite loop in dissectors SMPP: changed epan/dissectors/packet-smpp.c 802.3: changed epan/dissectors/packet-ieee8023.c H1: changed epan/dissectors/packet-h1.c DHCP: changed epan/dissectors/packet-bootp.c Does not apply: Megaco * CAN-2005-2364 - null pointer dereference WBXML: Changed epan/dissectors/packet-wbxml.c GIOP: Changed epan/dissectors/packet-giop.c Does not apply: CAMEL * CAN-2005-2365 - buffer overflow or memory exhaustion in SMB (Changed epan/dissectors/packet-smb.c) * CAN-2005-2366 - abort or infinite loop in BER Changed epan/dissectors/packet-per.c * CAN-2005-2367 - format strings found by iDEFENSE Changed epan/dissectors/packet-per.c Changed plugins/irda/packet-irda.c Changed plugins/profinet/packet-pn-dcp.c Changed epan/dissectors/packet-iapp.c Changed epan/dissectors/packet-gsm_a.c Changed epan/dissectors/packet-ansi_map.c Changed epan/dissectors/packet-rsvp.c Changed epan/dissectors/packet-ansi_637.c Changed epan/dissectors/packet-per.c Changed epan/dissectors/packet-ansi_a.c Changed epan/dissectors/packet-afp.c Changed epan/dissectors/packet-dcerpc-spoolss.c Changed epan/dissectors/packet-ncp.inc Changed epan/dissectors/packet-slowprotocols.c Files: 2f3011894f29728f1b4b667418a83b20 855 net optional ethereal_0.10.10-2sarge3.dsc e6b74468412c17bb66cd459bfb61471c 7411510 net optional ethereal_0.10.10.orig.tar.gz 208197070a9bffebf9ca3286ab606e7d 166589 net optional ethereal_0.10.10-2sarge3.diff.gz cada16e51ac36beb419c5a9e5244fc77 5069306 net optional ethereal-common_0.10.10-2sarge3_powerpc.deb 48e260c08135b4bfaf040332fa6165d6 454474 net optional ethereal_0.10.10-2sarge3_powerpc.deb 043923838d836bd067659bf7533bc157 93322 net optional tethereal_0.10.10-2sarge3_powerpc.deb 8ddad2121b0db827060d2886efecbf3d 153766 devel optional ethereal-dev_0.10.10-2sarge3_powerpc.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDPoLCW5ql+IAeqTIRAmO1AJ9KIPLeAUd0DXmA9XO6MmblaD5qjACcD8PQ WZwc7b+DLGmSTmg85mAcHvs= =h9cP -END PGP SIGNATURE- Accepted: ethereal-common_0.10.10-2sarge3_powerpc.deb to pool/main/e/ethereal/ethereal-common_0.10.10-2sarge3_powerpc.deb ethereal-dev_0.10.10-2sarge3_powerpc.deb to pool/main/e/ethereal/ethereal-dev_0.10.10-2sarge3_powerpc.deb ethereal_0.10.10-2sarge3.diff.gz to pool/main/e/ethereal/ethereal_0.10.10-2sarge3.diff.gz ethereal_0.10.10-2sarge3.dsc to pool/main/e/ethereal/ethereal_0.10.10-2sarge3.dsc ethereal_0.10.10-2sarge3_powerpc.deb to pool/main/e/ethereal/ethereal_0.10.10-2sarge3_powerpc.deb tethereal_0.10.10-2sarge3_powerpc.deb to pool/main/e/ethereal/tethereal_0.10.10-2sarge3_powerpc.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted acidlab 0.9.6b20-10.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 30 Oct 2005 22:05:35 +0100 Source: acidlab Binary: acidlab-doc acidlab-pgsql acidlab acidlab-mysql Architecture: source all Version: 0.9.6b20-10.1 Distribution: stable-security Urgency: high Maintainer: Jeremy T. Bouse <[EMAIL PROTECTED]> Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Description: acidlab- Analysis Console for Intrusion Databases acidlab-doc - Analysis Console for Intrusion Databases (documentation) acidlab-mysql - Analysis Console for Intrusion Databases for MySQL acidlab-pgsql - Analysis Console for Intrusion Databases for Postgres Changes: acidlab (0.9.6b20-10.1) stable-security; urgency=high . * Patch [013] SECURITY fix: - Add proper filtering in all ImportHTTP variables using either the new functions to check for numeric/alphanumeric chars or the filterSql() function to prevent SQL injection attacks. This patch fixes CVE-2005-3325 but also other attack vectors not mentioned in the initial advisory (http://www.frsirt.com/english/advisories/2005/2188) Files: 0bae590a4e21f9ee5b904d5b7457 696 web extra acidlab_0.9.6b20-10.1.dsc 02346f1d88573440afe79e8e3eca13a7 352092 web extra acidlab_0.9.6b20-10.1.diff.gz f78fc7c230991b9949cbd2eb5b0d54fc 4414 web extra acidlab-mysql_0.9.6b20-10.1_all.deb 3eaec77032a2c3e5044f3c649e802a5f 4416 web extra acidlab-pgsql_0.9.6b20-10.1_all.deb 0382bf72c1ac0121f196d26b0d8462fb 275994 web extra acidlab-doc_0.9.6b20-10.1_all.deb 9f6a40fc2f63e296c03029d04b92273c 660860 web extra acidlab_0.9.6b20-10.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDdQZ7sandgtyBSwkRAptQAJ4z9mc9gKpC4F68w0yGWGqF5brEjQCcCh8L U8q0lz52FI99wgTfJ+7O9UY= =JLOx -END PGP SIGNATURE- Accepted: acidlab-doc_0.9.6b20-10.1_all.deb to pool/main/a/acidlab/acidlab-doc_0.9.6b20-10.1_all.deb acidlab-mysql_0.9.6b20-10.1_all.deb to pool/main/a/acidlab/acidlab-mysql_0.9.6b20-10.1_all.deb acidlab-pgsql_0.9.6b20-10.1_all.deb to pool/main/a/acidlab/acidlab-pgsql_0.9.6b20-10.1_all.deb acidlab_0.9.6b20-10.1.diff.gz to pool/main/a/acidlab/acidlab_0.9.6b20-10.1.diff.gz acidlab_0.9.6b20-10.1.dsc to pool/main/a/acidlab/acidlab_0.9.6b20-10.1.dsc acidlab_0.9.6b20-10.1_all.deb to pool/main/a/acidlab/acidlab_0.9.6b20-10.1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Accepted acidlab 0.9.6b20-10.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 30 Oct 2005 22:05:35 +0100 Source: acidlab Binary: acidlab-doc acidlab-pgsql acidlab acidlab-mysql Architecture: source all Version: 0.9.6b20-10.1 Distribution: stable-security Urgency: high Maintainer: Jeremy T. Bouse <[EMAIL PROTECTED]> Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Description: acidlab- Analysis Console for Intrusion Databases acidlab-doc - Analysis Console for Intrusion Databases (documentation) acidlab-mysql - Analysis Console for Intrusion Databases for MySQL acidlab-pgsql - Analysis Console for Intrusion Databases for Postgres Changes: acidlab (0.9.6b20-10.1) stable-security; urgency=high . * Patch [013] SECURITY fix: - Add proper filtering in all ImportHTTP variables using either the new functions to check for numeric/alphanumeric chars or the filterSql() function to prevent SQL injection attacks. This patch fixes CVE-2005-3325 but also other attack vectors not mentioned in the initial advisory (http://www.frsirt.com/english/advisories/2005/2188) Files: 0bae590a4e21f9ee5b904d5b7457 696 web extra acidlab_0.9.6b20-10.1.dsc 02346f1d88573440afe79e8e3eca13a7 352092 web extra acidlab_0.9.6b20-10.1.diff.gz f78fc7c230991b9949cbd2eb5b0d54fc 4414 web extra acidlab-mysql_0.9.6b20-10.1_all.deb 3eaec77032a2c3e5044f3c649e802a5f 4416 web extra acidlab-pgsql_0.9.6b20-10.1_all.deb 0382bf72c1ac0121f196d26b0d8462fb 275994 web extra acidlab-doc_0.9.6b20-10.1_all.deb 9f6a40fc2f63e296c03029d04b92273c 660860 web extra acidlab_0.9.6b20-10.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDdQZ7sandgtyBSwkRAptQAJ4z9mc9gKpC4F68w0yGWGqF5brEjQCcCh8L U8q0lz52FI99wgTfJ+7O9UY= =JLOx -END PGP SIGNATURE- Accepted: acidlab-doc_0.9.6b20-10.1_all.deb to pool/main/a/acidlab/acidlab-doc_0.9.6b20-10.1_all.deb acidlab-mysql_0.9.6b20-10.1_all.deb to pool/main/a/acidlab/acidlab-mysql_0.9.6b20-10.1_all.deb acidlab-pgsql_0.9.6b20-10.1_all.deb to pool/main/a/acidlab/acidlab-pgsql_0.9.6b20-10.1_all.deb acidlab_0.9.6b20-10.1.diff.gz to pool/main/a/acidlab/acidlab_0.9.6b20-10.1.diff.gz acidlab_0.9.6b20-10.1.dsc to pool/main/a/acidlab/acidlab_0.9.6b20-10.1.dsc acidlab_0.9.6b20-10.1_all.deb to pool/main/a/acidlab/acidlab_0.9.6b20-10.1_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
