Accepted gpac 0.5.0+svn5324~dfsg1-1+deb8u4 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 30 Jun 2019 19:17:06 +0200 Source: gpac Binary: gpac gpac-dbg gpac-modules-base libgpac3 libgpac-dbg libgpac-dev Architecture: source amd64 Version: 0.5.0+svn5324~dfsg1-1+deb8u4 Distribution: jessie-security Urgency: high Maintainer: Debian Multimedia Maintainers Changed-By: Thorsten Alteholz Description: gpac - GPAC Project on Advanced Content - utilities gpac-dbg - GPAC Project on Advanced Content - debugging symbols gpac-modules-base - GPAC Project on Advanced Content - modules libgpac-dbg - GPAC Project on Advanced Content - debugging symbols for libgpac3 libgpac-dev - GPAC Project on Advanced Content - development files libgpac3 - GPAC Project on Advanced Content - shared libraries Changes: gpac (0.5.0+svn5324~dfsg1-1+deb8u4) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2019-12481, CVE-2019-12482 NULL pointer dereferences * CVE-2019-12483 heap-based buffer overflow Checksums-Sha1: bc1234341bfa28ac0295df5f90d03c4f6a052b36 2935 gpac_0.5.0+svn5324~dfsg1-1+deb8u4.dsc 15231e16ae8d154f9ec9ee8379289712412af26a 4677040 gpac_0.5.0+svn5324~dfsg1.orig.tar.bz2 b39cb35ea3ee5c20792ed4c3de23f5177ce4bb83 35268 gpac_0.5.0+svn5324~dfsg1-1+deb8u4.debian.tar.xz 1d18786d8cb03fe2f3809e5c515ffa3b79f0c2ca 245418 gpac_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb 005bed84a60e7aa4f585c6d953dba522723415eb 1284738 gpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb e24075fea4494f1c2224069fa8e628b7f42304ed 234254 gpac-modules-base_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb ff862dc3e129e5276cb1c93e85e3b805d8ff589b 1484068 libgpac3_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb 3abc0ebe83139dbdd8083f645f5a64df4740cd74 4837110 libgpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb ad589b91dce9350bbe34bc5bdcddbe2d8a9332e3 1984818 libgpac-dev_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb Checksums-Sha256: d4f5f0291ec6749eb2ff542b00a51e6df9b3871e79c2ac5589bab8c0c3231bb8 2935 gpac_0.5.0+svn5324~dfsg1-1+deb8u4.dsc 1f9e01978b2f9dafd94a0796f951a6b5cddcd351593453ad71a344b2c2ca9569 4677040 gpac_0.5.0+svn5324~dfsg1.orig.tar.bz2 e03476351cf344546e801b70044e3b5e52310369d262cbf8f503b54ba9e382da 35268 gpac_0.5.0+svn5324~dfsg1-1+deb8u4.debian.tar.xz 98d0fd8e3423146efc0eff725d2bbba932438d23bfa984bd6ebd2ce5135846fd 245418 gpac_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb 0aa4273bec16594e4d1c7eae8b9ad3fc2df366d6dc33bd0e2e8fe5db6a41937f 1284738 gpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb cfb084e66b9464e7ba86385bf390f587d696746d80614bcaedc809b752665d0a 234254 gpac-modules-base_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb 706a1ecdf0d1fa24996c41600d6d09561286076cabd0ec3ff0ecbb429eaf39da 1484068 libgpac3_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb 33d4b919d19a0f20ef3febbfe22d425976d75d3be519812ce0f62d31d07c1f8f 4837110 libgpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb 43d2d2f0b1662b0982e22d846f07c38ce2c15b9c8bed059fbfeab4792cc116b8 1984818 libgpac-dev_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb Files: 15bacd93c86e9bc890f0b875efb67773 2935 graphics optional gpac_0.5.0+svn5324~dfsg1-1+deb8u4.dsc 828bde94660792841a695c2d737d4188 4677040 graphics optional gpac_0.5.0+svn5324~dfsg1.orig.tar.bz2 263ff0757ecffd80728a2df0f1acaa71 35268 graphics optional gpac_0.5.0+svn5324~dfsg1-1+deb8u4.debian.tar.xz a13f447a497504d50b64f0e80b1f26cb 245418 graphics optional gpac_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb c02456f404be0bca3899b0e4666a0de2 1284738 debug extra gpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb 7e3be19c1f48afbbb45db45eff68f903 234254 graphics optional gpac-modules-base_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb ddb308cc099dc30e7b9750b990f1a483 1484068 libs optional libgpac3_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb 946e9631bcc8a2ce18ec69bddf7bb5d0 4837110 debug extra libgpac-dbg_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb 57580c63316ef0efc130508b19d4fa3b 1984818 libdevel optional libgpac-dev_0.5.0+svn5324~dfsg1-1+deb8u4_amd64.deb -BEGIN PGP SIGNATURE- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl0Y+fVfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYR6nhD/wI/fNGop7YBMpau+TJaMsmulIi4/kq SKQDE2ovxIfQ0l+JTnRfnibEc3b9pHr8/7RrBzghZlEWlz7Umhsrhq0dOA86ha+u iPWYOv8APt83yN3B3FavSYxnzSUeNOYsYIfSfOrRwQmmIuB68tV1Tr4WFUsoowkf lybcNt/uBH2jPFvhjPlHOfdsCfpzGaRfOFYnECNb6mAPGYMWFWxB3VKdA3LKP9xl 8W/F/1OYQf3JdIfZAh7kL6oyUT+U0Xci1b3fGJ8nAnu/z0vbCO8qqbVTfCyCz6M8 LXhj4EHyM85EgGNiAfuJohXUi6mxT6Q/hUBx86dr9lBGa3UKa1Z8kv3y85Xe92SL fRxeiBoElVKegZHepueOEALi6YHQArShlsR1lbDpiYrBO/x9E1KB+YG+3dwQUocO ygmoTbmDVGcuQfoshzNY+VmNq3aQvG2Iltd57vuv5gFp8JF+dj4d97OLm7sxFNzf fyaxVKaxkG8iBfemsGpFvkCR/RlBj7DpqXYRwqt3jzO56VnUf6os6q80gZN7u7yp IQp+Aji0lnsDB5gErWgu/EfYphPrp8JD+NsAc6DsnRj64Evd3POA9ROQBzSZMXPl omYcAXYIRUm5u4n4yYsgisGDXl+ep5eAGrdgF5vwACzIUlo5PNBMNtJKTG2MV3QR Fht9EPTUb8eArA== =wrHA -END PGP SIGNATURE-
Accepted obfs4proxy 0.0.3-2+deb8u1 (source amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 30 Jun 2019 19:06:23 +0300 Source: obfs4proxy Binary: obfs4proxy Architecture: source amd64 Version: 0.0.3-2+deb8u1 Distribution: jessie-security Urgency: medium Maintainer: Anonymity Tools Debian Maintainers Changed-By: Adrian Bunk Description: obfs4proxy - pluggable transport proxy for Tor, implementing obfs4 Changes: obfs4proxy (0.0.3-2+deb8u1) jessie-security; urgency=medium . * Non-maintainer upload. * Rebuild with golang-go.crypto-dev that has CVE-2019-11840 fixed. Checksums-Sha1: ad4baeea607f32e4a18605a6832e0e185a8d0935 2078 obfs4proxy_0.0.3-2+deb8u1.dsc 56b8a64ab8e66fb51a85efc26bbc4600e3cc7565 41136 obfs4proxy_0.0.3.orig.tar.xz d5eefc71b432320a3befa78fb352da7347532540 21228 obfs4proxy_0.0.3-2+deb8u1.debian.tar.xz 5353530535fd7b2e970d3bd471ced2588a124b03 1128418 obfs4proxy_0.0.3-2+deb8u1_amd64.deb Checksums-Sha256: a9806e8fe96cca82a03f0430a6706af203fcff6b10bc8bc623c8dc2ab41dfa03 2078 obfs4proxy_0.0.3-2+deb8u1.dsc e5cadccc8816bb9644d0281459b9d665e0edcdc1b14a8b2d755bfe082ec961dd 41136 obfs4proxy_0.0.3.orig.tar.xz d394812260204d8cd32c1318a94907c6846d4f0083df38feca56d239877fd65b 21228 obfs4proxy_0.0.3-2+deb8u1.debian.tar.xz 105b32d98cbb67f74aea0734d33ccd263a7df28fb2ae1b18c039c1a22cb3fcc2 1128418 obfs4proxy_0.0.3-2+deb8u1_amd64.deb Files: 6508d3dc4595850c4f8fbee1e0264500 2078 net extra obfs4proxy_0.0.3-2+deb8u1.dsc 2d2b6b4287950865dc5934a10be13093 41136 net extra obfs4proxy_0.0.3.orig.tar.xz 6bc6300d892aa1f63d2be24e9d88f6ad 21228 net extra obfs4proxy_0.0.3-2+deb8u1.debian.tar.xz 11724f13ba07e78c6a192e5252af58c7 1128418 net extra obfs4proxy_0.0.3-2+deb8u1_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl0Y4sYACgkQiNJCh6LY mLEV0g//UdSiTNEAJfCSFF4vcfG6UGwXp/QfWUobBGF/MAXEaQqYh/k7X8WeSMzO hLzca9VvgJV4OrYMUzQD2OqmOAffwoEkENGxpze0waH+L09zrzE9he3bWhnR9XXs gqbJ1KagnRHWGmd71eWV+RViK29AlgGSt7Qz2JHYUINhMrGlDUuXMUMoFePkp2cZ iE26KF9bg043S9cuEsiUyNsERMJ3+WEdndq34WrerjqpDXR3f0w/W9D40yOvJgSo aDBJ5fQtJEUssIuvLMerAJjOy7WaZkka7gMmeJvoV0CdV7Xh5CaavGOg9Iuo6UPB BzF6Ee2Uud+vzWnQFNFX5E76kbeakpSH0xLXncb+R/WeTEJwVwvr0ZR5iRbINw/Z nzGlRYhaspA6p4DdCWGEUy4c7gDW5IdGGwCMH4GEEy3MrzkuiJw2Sz9WnXghdyZW 3k5zY3RGyPcAoKlU/egkalHK5KPmIkA78flkGVZZi0vvb9IJ8bk92lHcXhKC2XNh Ii2UZd5ICeI019KLyojOFxv5ulT9pHuZgwNBMITnSKFd1ys7XfVpSAAOJQjFP2zT 9Nt+PdU+rZfiGKqup8gxaWdq4yL0o0hr5TZdVYLIosWZF4IbCGr3RvXlds+Eev5P uZPZFAEf6T2f7IW55vCzs1dVNbCIe+cCl7+kooMc4LtmfkaeTrQ= =nbQQ -END PGP SIGNATURE-
Accepted golang-go.crypto 0.0~hg190-1+deb8u1 (source all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 30 Jun 2019 13:21:43 +0300 Source: golang-go.crypto Binary: golang-go.crypto-dev Architecture: source all Version: 0.0~hg190-1+deb8u1 Distribution: jessie-security Urgency: medium Maintainer: Tonnerre Lombard Changed-By: Adrian Bunk Description: golang-go.crypto-dev - Supplementary Go cryptography libraries Changes: golang-go.crypto (0.0~hg190-1+deb8u1) jessie-security; urgency=medium . * Non-maintainer upload. * Backjport fix for a flaw in the amd64 implementation of salsa20 (CVE-2019-11840). Checksums-Sha1: 7379b8083d014f9b48a61caf0dd3baf08737696a 2046 golang-go.crypto_0.0~hg190-1+deb8u1.dsc 030d6fb5ba4c97f192d6cafdec3f5d8b0c5b3374 298703 golang-go.crypto_0.0~hg190.orig.tar.gz 3a92168272adcf9e4f5019c8644827b813a67087 4100 golang-go.crypto_0.0~hg190-1+deb8u1.debian.tar.xz 25376a7b14278dd012cb06ae60ea3fc8a09cebaf 243790 golang-go.crypto-dev_0.0~hg190-1+deb8u1_all.deb Checksums-Sha256: 2c5de46529d324cdd61cde28f666ec8cb9c4945eb3392c3208d6040e4db2655a 2046 golang-go.crypto_0.0~hg190-1+deb8u1.dsc 60c26162d00df7e4201ab8df4158572b7acf074a27d11d168be7178cf4ba4ce0 298703 golang-go.crypto_0.0~hg190.orig.tar.gz 69e4dd688256aadef40c1707e4757d21a2d030322d82de9b5e5b8965da41d145 4100 golang-go.crypto_0.0~hg190-1+deb8u1.debian.tar.xz c40120d77fafde12d044f30f19dc006938754fa59e32e1c7344ccf1b5ed6 243790 golang-go.crypto-dev_0.0~hg190-1+deb8u1_all.deb Files: 17f35ced4bf684cd2e77f5dedcf67538 2046 devel extra golang-go.crypto_0.0~hg190-1+deb8u1.dsc a73ccf3329769910eae9970ce01f5889 298703 devel extra golang-go.crypto_0.0~hg190.orig.tar.gz 2eef643f605e8461923cc680b313ac4c 4100 devel extra golang-go.crypto_0.0~hg190-1+deb8u1.debian.tar.xz bd0db50a117cf3cfe2c41fb169ec6d00 243790 devel extra golang-go.crypto-dev_0.0~hg190-1+deb8u1_all.deb -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl0YvAEACgkQiNJCh6LY mLFADhAAswaP/sj06EKl1aMHPWlG1RhwUntv0hW8sSon0dSjozUlMlAyjTiJzGcr cSgWHe7Y/lKUBX13kh5cBsq9DP/7DkVC5e8yxV0nBcIbUmfgkCFwJu4IlCl9U3HV URLBDuJWBZ9+o1fYr4WY9++8bQY9sQ4rZ5OKZHfFtxWi0JW3kAkcBnR2EluATj0f 8tgeetAOIfkvyNCkRZaDJYYhTmKuwpnDUE2+YMRVfATctKklrk8E6eh4ma22X6XV vNTl2K/KD2Y75QTclkQ/zf9YNtP52nF+p5uFLAtCtsMjQTmd9j5ExumqwCA9vE0u zbM8TnP0gXHYy91nEvzAXBliaV+5+GU0GU1G72YywLOlfb8+skkFynca7r+h3ACw fuJhDs1PAWj8Q9IYaHq+m4TNVtFXA58ltzihZDXpDzOyO517jU4ObsDRSsE/Md7h JxPOI5Ex8Sy7MAXNt6s0gMpncvXBYJNNnkedQpMXQQPGg13NKENFdGuFo0SyA1sY yWSfHtthwpwu49vMI40UOAFBnU1ti9GYXVhqPQxBPlpibYvPjQirkHlI/7jPqp+k zOTYl0YPX+nIrOfNyoBJiexNvERpbiGBW8UABUO+YJfyHe4AuDh24rhRzSkBZASy RYrt/psihzk9FWGEaN89AJw8cqflffrkvkNQdKAbcjjfpOh9a2A= =CMWK -END PGP SIGNATURE-