Accepted python-django 1.7.11-1+deb8u6 (source all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 01 Jul 2019 17:22:02 -0300 Source: python-django Binary: python-django python3-django python-django-common python-django-doc Built-For-Profiles: nocheck Architecture: source all Version: 1.7.11-1+deb8u6 Distribution: jessie-security Urgency: high Maintainer: Debian Python Modules Team Changed-By: Chris Lamb Description: python-django - High-level Python web development framework (Python 2 version) python-django-common - High-level Python web development framework (common) python-django-doc - High-level Python web development framework (documentation) python3-django - High-level Python web development framework (Python 3 version) Closes: 931316 Changes: python-django (1.7.11-1+deb8u6) jessie-security; urgency=high . * CVE-2019-12781: Incorrect HTTP detection with reverse-proxies connecting via HTTPS. (Closes: #931316) Checksums-Sha1: fa89d60e0c3eb29c2ac41df05f60cf07753633a0 2721 python-django_1.7.11-1+deb8u6.dsc dcd61023a1c8fc87e74c848073e6d504973f551b 38488 python-django_1.7.11-1+deb8u6.debian.tar.xz e0e501b55e23b8d5f497e3533b2813d057a5003e 992424 python-django_1.7.11-1+deb8u6_all.deb 882182da229c9853b507d23956a0eb23ba151fef 975640 python3-django_1.7.11-1+deb8u6_all.deb 341da7249ac5da3e7442d949cc57f2cd8b691a52 1498516 python-django-common_1.7.11-1+deb8u6_all.deb 63ffa5f305b93dce64e6208636281434dd768167 2486264 python-django-doc_1.7.11-1+deb8u6_all.deb Checksums-Sha256: d150ac3731f273a1c60137c6b4c4b77513da0b62a021a6a85244532283b85589 2721 python-django_1.7.11-1+deb8u6.dsc 39102c7db04c018b83ef756b97d6302cf47c5c4c7c7beac726d02930415977e8 38488 python-django_1.7.11-1+deb8u6.debian.tar.xz 6ee0db3f6d1e63fe53d2f3e1f687928cebf8b8b76c3dd02dbcf8ab72c06cdbc9 992424 python-django_1.7.11-1+deb8u6_all.deb 35e2118d4288ccc4faa3f13e6c0a83bc8f73d7216b1e2ba7bfbe86bf61f368c9 975640 python3-django_1.7.11-1+deb8u6_all.deb 7182d1bdf49009a55292bfb083d8e40997b5b96ffe7ccb3849d47024276f4c78 1498516 python-django-common_1.7.11-1+deb8u6_all.deb 56b39c56cc57ae93b6595876b0bc916bc122501084bb5a9579b04626f4d46b13 2486264 python-django-doc_1.7.11-1+deb8u6_all.deb Files: 40b27dd4791f9ad9bc9c7cd8bbb27d89 2721 python optional python-django_1.7.11-1+deb8u6.dsc 3a3e73f59e3f80633c7bde7e8e90c673 38488 python optional python-django_1.7.11-1+deb8u6.debian.tar.xz ea37d11673cc6f28b6d3c0a7f3000fd2 992424 python optional python-django_1.7.11-1+deb8u6_all.deb 8b5ff4d3c3518992b3eddb5b302989a4 975640 python optional python3-django_1.7.11-1+deb8u6_all.deb 7bd7608bc02f5e92583adb939b3b89b7 1498516 python optional python-django-common_1.7.11-1+deb8u6_all.deb 02b9947f800c1cffa74532235e5a2b46 2486264 doc optional python-django-doc_1.7.11-1+deb8u6_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl0eeq0ACgkQHpU+J9Qx HlhNxg/8D9Ykb8i7DXnKi3Z0KKL/YUWcA043nRWakq/z3KabJwtmSHkLK2Cwn0rI zwS9E8i29Y2JmQF6msEbcDgvAJ7yyw7cBuqK6CN67u40fgKUoDsLp37o1qoqGnmy qmnSxyNnmvT5nXdGZ9Z6C4bLfLzGI1+D7StPocnURNZHjBegXCafN+ogU5ZA2i5v BqFzwHHjlxQRm4C9T5AikEJwUs19YAeRwtdapkerjsWXHjlH7CUkQdePPki+MI+L FHrFNrO7sVEhVYHMqFM3VPEa+9y7L4MIGlX5sfk+XCKgDf62kY6fJDfdEKVMJo1t wFaxC5it3y1xAMT/qzCdo2wfVa5mxWPRhdBaOAvnSTB+MxERT9i56IR9Gk8HEpfF lewrNn4/QxtSij0JY8N+AXeyWAn8HOg9V5calzqJDItmxgc+I8uciYe6qxtAhzhe wdxl9nuJ/K7bMoiAIgjFBrVMgFr+C0H3HWYFD3rLILA2FE8C66Y8SnFz5L9FDeSC pjjYWqTL4VEX6B5Jt8/YMob9CK61/UeoQ3XHH2v7lq4789U/OAIXkQOWmmF12Kgf UJ9U47UQha66T+Dw6rk6NvIiW+9MVBH+0g9DSdCabYebGEhE5oqdUtIGhnmzAlIW khy+FolxNGlRETsokzS4Z0EZpk9oxDE4Z5b9GKH4vLWoJnwWkrk= =WrCd -END PGP SIGNATURE-
Accepted lemonldap-ng 1.3.3-1+deb8u2 (source all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 04 Jul 2019 10:14:32 -0300 Source: lemonldap-ng Binary: lemonldap-ng lemonldap-ng-doc liblemonldap-ng-handler-perl liblemonldap-ng-conf-perl liblemonldap-ng-common-perl liblemonldap-ng-manager-perl liblemonldap-ng-portal-perl Architecture: source all Version: 1.3.3-1+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Debian Perl Group Changed-By: Chris Lamb Description: lemonldap-ng - OpenID, CAS and SAML compatible Web-SSO system lemonldap-ng-doc - Lemonldap::NG Web-SSO system documentation liblemonldap-ng-common-perl - Lemonldap::NG common files liblemonldap-ng-conf-perl - transitional dummy package liblemonldap-ng-handler-perl - Lemonldap::NG Apache handler part liblemonldap-ng-manager-perl - Lemonldap::NG manager part liblemonldap-ng-portal-perl - Lemonldap::NG authentication portal part Closes: 931117 Changes: lemonldap-ng (1.3.3-1+deb8u2) jessie-security; urgency=high . * CVE-2019-13031: Disable external entities in XML parsers to fix an issue that may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, etc. (Closes: #931117) Checksums-Sha1: 998c130496fd765763c1b65278c9de8c4bd452a0 3251 lemonldap-ng_1.3.3-1+deb8u2.dsc 9231e9081e9cf8c084c8e83415aeddd9ec0030df 5733680 lemonldap-ng_1.3.3.orig.tar.gz b5f2c6f7302624902e4bc6a98dc2986b1e85a7bd 99640 lemonldap-ng_1.3.3-1+deb8u2.debian.tar.xz 56b03641edbb9e97ff4ddaa2cd55ec9d2f6ab4aa 34482 lemonldap-ng_1.3.3-1+deb8u2_all.deb ead731d0a726335c3b00dc755fde926a81897ce5 4336990 lemonldap-ng-doc_1.3.3-1+deb8u2_all.deb 35295d4fb388b5e86eaa75eda96bdc928e0750e6 120700 liblemonldap-ng-handler-perl_1.3.3-1+deb8u2_all.deb 448c29d60d011751c0edd3e73019377fe70abd7b 33310 liblemonldap-ng-conf-perl_1.3.3-1+deb8u2_all.deb 73f18c11c7f6d89145e0289d42addd07beb718f3 108552 liblemonldap-ng-common-perl_1.3.3-1+deb8u2_all.deb 664cfcec09b84403b951980f7767256a0f4b79aa 283430 liblemonldap-ng-manager-perl_1.3.3-1+deb8u2_all.deb ae26902f4d17bf2bf7db203eea6a7e0562e3efef 514112 liblemonldap-ng-portal-perl_1.3.3-1+deb8u2_all.deb Checksums-Sha256: 5b1af355dcaa3ab0319d58ea40a40abf0f69bc6597f1b7bdf2fbf956084eb597 3251 lemonldap-ng_1.3.3-1+deb8u2.dsc a154a1ab22a2160db29478617016a4e0c278397ee53ccff2f123abbb17d49a44 5733680 lemonldap-ng_1.3.3.orig.tar.gz d425dda9be2aab22a3f03c50090ea3102a3cc6c1e49b224491568075fdd41743 99640 lemonldap-ng_1.3.3-1+deb8u2.debian.tar.xz c182028673f17888fae8ff3e4e9a27f243a48e3b3113254c6fb66035f437a1e7 34482 lemonldap-ng_1.3.3-1+deb8u2_all.deb aa0546f8d375bf305be9b8c4be4360af1764d98b542f5e1962ccc8b0efb3 4336990 lemonldap-ng-doc_1.3.3-1+deb8u2_all.deb dba4283160ed64da06ec773bb5c541bf045cb64fe163e277f5ad307995add127 120700 liblemonldap-ng-handler-perl_1.3.3-1+deb8u2_all.deb f496ec36b08af24d8fed7acc3a46341bcd469959ff9718f6da3b8136ff6acd80 33310 liblemonldap-ng-conf-perl_1.3.3-1+deb8u2_all.deb e34b341a5b68ef340040401802a54bc170da27b516f3097a6e43f64fb51ea42d 108552 liblemonldap-ng-common-perl_1.3.3-1+deb8u2_all.deb be813e268a0545ddfc977d5db4a55f31c365f34541ddee0b6965f8c8709cfa4a 283430 liblemonldap-ng-manager-perl_1.3.3-1+deb8u2_all.deb 52d4dfac37056e96de305221c78082c6c4180a51e01d8f1b05d602245fdc7b10 514112 liblemonldap-ng-portal-perl_1.3.3-1+deb8u2_all.deb Files: a6190790d809ac438b45852efa03f0e0 3251 perl optional lemonldap-ng_1.3.3-1+deb8u2.dsc 7467138febf0d34aaae1c6fddc8a8bd1 5733680 perl optional lemonldap-ng_1.3.3.orig.tar.gz 01d9b3efd128f77ce670a5c91ac57e61 99640 perl optional lemonldap-ng_1.3.3-1+deb8u2.debian.tar.xz 10afb27f87b2d92b5d4dfc9ae465dc09 34482 perl optional lemonldap-ng_1.3.3-1+deb8u2_all.deb e8b1e659ffab6ed45db14f11f127711d 4336990 doc optional lemonldap-ng-doc_1.3.3-1+deb8u2_all.deb c6725bac2a8bac033079c1b4645a7434 120700 perl optional liblemonldap-ng-handler-perl_1.3.3-1+deb8u2_all.deb b067afb4850a3241a4ce32e25aac8c76 33310 oldlibs optional liblemonldap-ng-conf-perl_1.3.3-1+deb8u2_all.deb 899816a321de386e03148b9924d72b73 108552 perl optional liblemonldap-ng-common-perl_1.3.3-1+deb8u2_all.deb 39f1ad910d969f97031aa24f48030244 283430 perl optional liblemonldap-ng-manager-perl_1.3.3-1+deb8u2_all.deb e9d0e50e38c90656ce527101c072d7c5 514112 perl optional liblemonldap-ng-portal-perl_1.3.3-1+deb8u2_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl0d/U8ACgkQHpU+J9Qx HlhdgA/+P31T5ydfFe6VgRzJRepm2c7F6ddoVknO4tLn3cynDHzrfipE1KzL9skA eIurdUoxo5GB2INnjGFG9+3GYIYv4lmcaaJk42xBq+QCu1M5uCDlayrldSscjEdB /Zscq4arhwoUeBxRUYDyIwbh5KkweUlYm8F6+DMlSDpeAHL8u4yKm1Us2dlkRQjX MdRHSdc28wx7zLDXK3hAWLocJpe4MJOahnK/4PxQB+fPHh9ow46WturzrNH0SwOX 0RAi5y8ATVpGJN58Tcrps08H1rNUwO+T/E6DmdhRt7Z1q8ikfFDw78UYTEg5LoZp IWSThTjHaoNbJtK1/Qaf6dfPXoBq4AvnWdAYVE6iUt7sdjy9QLZaK/ketAz27vdg r2fCZUCI/FyXf67BJMsvzzDBupqk3CBj7sj6hgwnNrqNYgcyqNoAD/jj3sezPAOl
[SECURITY] [DLA 1844-1] lemonldap-ng security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package: lemonldap-ng Version: 1.3.3-1+deb8u2 CVE ID : CVE-2019-13031 Debian Bug : #931117 It was discovered that there was a XML external entity vulnerability in the lemonldap-ng single-sign on system. This may have led to the disclosure of confidential data, denial of service, server side request forgery, port scanning, etc. For Debian 8 "Jessie", this issue has been fixed in lemonldap-ng version 1.3.3-1+deb8u2. We recommend that you upgrade your lemonldap-ng packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl0d/UMACgkQHpU+J9Qx Hlj0VxAAsYAiH43oUyuJ6fUSPLPVrW8fKiP/xnrj4++cf4o3rCcyfbO8yHGrbHnR t+LlUNnFELGHHxNWWN+PoJlgHqBKtdoCQrRAF/u+MQJjB7+NSCc5uGadHd0607TE 2nHYCYueETBoWJ9PxUL16IrAwKTr/orz20wNCWRqwa9AR0OeQ6lubLuYT5AgNLGd CbrwxhkNF1jyA6QFgr1aJjZuVGm/I/6Z3anu7BdWzb5yZDjvK3IYB/BIH7Fe+plY 6ilVtrYII/+oGTEBOTuAHhBjNxMxXtb4LBauTz9v9NNeHBXO0Yu7j/O1PuYS2g9d RegRd2Aiq2AIddCAH3WUfqej8v3iZCxl1Uyvh6TSIgsfhN71cvtzryoqEnV00taY Q6pDVOCJE061qH1bck7noyiW6GpyZmgwFHogzW2S//WjZnqTYzZP9IaTPm+Vveo8 YY3y2z48PzJL59xknpKv3SMuAd1FuBKjWQi/XaX84YpImPjdP8AijfGnQBRqR+ON vEHphMciUufg+IWEAOQfhbxPzGMsFbxEM00u2DRXpY6RUFPjAjIseUEvpU86o46w 3kJTN9etn75Uf+jNPu1jnL5vEipsegwu1cOdsftT7Do9aWDWd4mF7FGD9cUYyd/y 1KuHMdMEta6uTdVQ5FJZLOqxEBu41pI9PlfGJv5fA4m8/az8JgU= =oant -END PGP SIGNATURE-
Free Frontdesk slots this month
Hi, There are 2 free Frontdesk slots in the upcoming weeks. Volunteers wanted :) >From 08-07 to 14-07:Chris Lamb >From 15-07 to 21-07: >From 22-07 to 28-07:Thorsten Alteholz >From 29-07 to 04-08: https://wiki.debian.org/LTS/Development#Frontdesk_duties - Sylvain