Accepted xymon 4.3.17-6+deb8u2 (source amd64) into oldoldstable

2019-08-25 Thread Hugo Lefeuvre 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 25 Aug 2019 09:18:13 -0400
Source: xymon
Binary: xymon xymon-client
Architecture: source amd64
Version: 4.3.17-6+deb8u2
Distribution: jessie-security
Urgency: medium
Maintainer: Christoph Berg 
Changed-By: Hugo Lefeuvre 
Description:
 xymon  - monitoring system for systems, networks and applications
 xymon-client - client for the Xymon network monitor
Closes: 935470
Changes:
 xymon (4.3.17-6+deb8u2) jessie-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * This update is based on Axel Beckert's 4.3.28-2+deb9u1 update. Thanks!
   * Apply minimal upstream security patch to fix several (server-only)
 vulnerabilities reported upstream by Graham Rymer:
 + CVE-2019-13451: service overflows histlogfn in history.c.
 + CVE-2019-13452: service overflows histlogfn in reportlog.c.
 + CVE-2019-13273: srdb overflows dbfn in csvinfo.c.
 + CVE-2019-13274: reflected XSS in csvinfo.c.
 + CVE-2019-13455: htmlquoted(hostname) overflows msgline in
   acknowledge.c.
 + CVE-2019-13484: htmlquoted(xymondreq) overflows errtxt appfeed.c.
 + CVE-2019-13485: hostname overflows selfurl in history.c.
 + CVE-2019-13486: htmlquoted(xymondreq) overflows errtxt in
   svcstatus.c.
 + Closes: #935470
   * Include hostname validation regression fixes from 4.3.30, too.
Checksums-Sha1:
 881906ad9b7a0d1d564370be299ac9eb1bea4032 1962 xymon_4.3.17-6+deb8u2.dsc
 f37ab24205c4762d552d889ae761aaca5d76c468 106412 
xymon_4.3.17-6+deb8u2.debian.tar.xz
 bc57a3d70cd7d1fa3112778599fdd829b1c27c5c 2268674 
xymon_4.3.17-6+deb8u2_amd64.deb
 6a90ebe8f6494066a758aeaba5fc4d7a83ae7cc8 249730 
xymon-client_4.3.17-6+deb8u2_amd64.deb
Checksums-Sha256:
 d807facbbf13a0304d373876cdbc4c410bcec0c5d8cc0d0f549d0a4058bc91e2 1962 
xymon_4.3.17-6+deb8u2.dsc
 1ec657169f8dab1be010a0e40407defa7ef43f19f001353db825dd2c28fc36ed 106412 
xymon_4.3.17-6+deb8u2.debian.tar.xz
 0c7de7d91fea10f46e3606c7f12066802145a92ab9ebacef8ed01c65b8f15f08 2268674 
xymon_4.3.17-6+deb8u2_amd64.deb
 2aaba233ce61e6b256f03df0e24bde768fa9d253f2df1d6ab53ba8201d95ceac 249730 
xymon-client_4.3.17-6+deb8u2_amd64.deb
Files:
 08342c2a9478d20cd1469ccb80d205e7 1962 net extra xymon_4.3.17-6+deb8u2.dsc
 04b029039a7b04b08cb3c5769093edab 106412 net extra 
xymon_4.3.17-6+deb8u2.debian.tar.xz
 9b118eb9fb5c510e89098cec1ca1850a 2268674 net extra 
xymon_4.3.17-6+deb8u2_amd64.deb
 21caed032f7cc2086cfb6badc6b0a992 249730 net extra 
xymon-client_4.3.17-6+deb8u2_amd64.deb

-BEGIN PGP SIGNATURE-

iQHDBAEBCgAtFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl1jLJMPHGhsZUBkZWJp
YW4ub3JnAAoJEBHjBY5eRBpCgkcL/1xdN2+PCqiNQLiXkAzN8x5ARoSa81l5zo1b
owEIYKpJtHAmT+lwM0xhU2ydfAmXb98ACf4ifpAo7CZoYYKIRIu+Xbwik/6XCbrm
XMCUYhxzM+qfxcDvvc5xa0LBhsrXWca+FFZznBwITQtf48svxGEhyfi5RykSHhhK
+pgN3MnIZRGZ+/bXgphabQjpHTOpYs4cXtO2syTyH0sWFhnnGhCwLF+JgYuvb48T
8q6d+uKtnv47l7qYrA+I9zcz7ou9L8PeWvRUx800tYFwIbMg2PzgU1+gjdzp3Svi
gev1owugFGMBIoSOu/iBCoHvWTQx2SDpnaRJPdVuVaxXo06SFqhJKIsjSVJyETan
ddJnb6a/zOythwaaPbDwVQawcIe5HRSGbe+D2416zj7hGaewB/F/CxoUumbWhEzQ
KSKHiyamIJfgBn5hAAUkuHOYNKsHSGd3oUrO6cpeqMa+7m8khAqWG+VlxiTJLSVo
BCHOcP3gEK9EeHi+e7tcVBwodIu2dw==
=RGJY
-END PGP SIGNATURE-

Accepted tiff 4.0.3-12.3+deb8u9 (source all amd64) into oldoldstable

2019-08-25 Thread Thorsten Alteholz 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 25 Aug 2019 11:03:02 +0200
Source: tiff
Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-tools libtiff-opengl 
libtiff-doc
Architecture: source all amd64
Version: 4.0.3-12.3+deb8u9
Distribution: jessie-security
Urgency: high
Maintainer: Ondřej Surý 
Changed-By: Thorsten Alteholz 
Description:
 libtiff-doc - TIFF manipulation and conversion documentation
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff5   - Tag Image File Format (TIFF) library
 libtiff5-dev - Tag Image File Format library (TIFF), development files
 libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface
Changes:
 tiff (4.0.3-12.3+deb8u9) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2019-14973
 Wrong handling off integer overflow checks, that are based on
 undefined compiler behavior, might result in an application crash.
Checksums-Sha1:
 db60e6e8c7c836edd4e2746be91bae988f906228 2399 tiff_4.0.3-12.3+deb8u9.dsc
 652e97b78f1444237a82cbcfe014310e776eb6f0 2051630 tiff_4.0.3.orig.tar.gz
 321d0bda71f6fc7366010d473f8557377d04811f 70408 
tiff_4.0.3-12.3+deb8u9.debian.tar.xz
 889c82f697ab87f418cb6ed62b9df88bccdfef3b 372308 
libtiff-doc_4.0.3-12.3+deb8u9_all.deb
 7bf1f41076c2ee3c018f7a874d994b7b5f78ce61 223176 
libtiff5_4.0.3-12.3+deb8u9_amd64.deb
 d3c1c7aa8c485b07d504abe3ed28452cd56d5b72 81890 
libtiffxx5_4.0.3-12.3+deb8u9_amd64.deb
 8622eb157cbc8575423e513eb10406052d175ddb 345366 
libtiff5-dev_4.0.3-12.3+deb8u9_amd64.deb
 b666bf7d36ba6b0bbe386331dccbd40e02450b43 275110 
libtiff-tools_4.0.3-12.3+deb8u9_amd64.deb
 224eab1dcafc9f4541c5aa82cf9ec0d5d350f82d 86784 
libtiff-opengl_4.0.3-12.3+deb8u9_amd64.deb
Checksums-Sha256:
 f7832a72c22181f67650585cb1e58c8b4f943dffde644c587861c4734265c6e1 2399 
tiff_4.0.3-12.3+deb8u9.dsc
 ea1aebe282319537fb2d4d7805f478dd4e0e05c33d0928baba76a7c963684872 2051630 
tiff_4.0.3.orig.tar.gz
 26ffa9eb31ec9af6854489503bc3b35cc3ea9f65f1d5aee5bdd8566de12802e0 70408 
tiff_4.0.3-12.3+deb8u9.debian.tar.xz
 4801f728e6d5699ea967abbbdbce509b9d05a95e94c50cec2950bdc90c495af9 372308 
libtiff-doc_4.0.3-12.3+deb8u9_all.deb
 fbd0eab4bddfbf481b9918043cd227151bb9f93e937f54f526735718125b9d1c 223176 
libtiff5_4.0.3-12.3+deb8u9_amd64.deb
 6e08ccced2c30716a981fc6aea1ad3ec8328abff752114e09305a7354ac20c7e 81890 
libtiffxx5_4.0.3-12.3+deb8u9_amd64.deb
 ef0cb092bf8b50577c7853ea9a39fc8dff806847b353859035b0d1f1f472e864 345366 
libtiff5-dev_4.0.3-12.3+deb8u9_amd64.deb
 db68aa24649b93b0e550475f28f355d14192b178b69f0afec3c01db0b3ee0458 275110 
libtiff-tools_4.0.3-12.3+deb8u9_amd64.deb
 079572094afea7957176d5d96ead2d53d2b5d2aab70c7db8a6af269852383861 86784 
libtiff-opengl_4.0.3-12.3+deb8u9_amd64.deb
Files:
 2d50f7e52e5a8a4b9b4962846e2d1298 2399 libs optional tiff_4.0.3-12.3+deb8u9.dsc
 051c1068e6a0627f461948c365290410 2051630 libs optional tiff_4.0.3.orig.tar.gz
 975622dd7f50396ce54db98780ef91ff 70408 libs optional 
tiff_4.0.3-12.3+deb8u9.debian.tar.xz
 a80a64542982e8b1196364ed228c9ed2 372308 doc optional 
libtiff-doc_4.0.3-12.3+deb8u9_all.deb
 5886e8bb18eeadef1e93beb53559d5f3 223176 libs optional 
libtiff5_4.0.3-12.3+deb8u9_amd64.deb
 60e2a7317d57179932be3cbd7d714b0f 81890 libs optional 
libtiffxx5_4.0.3-12.3+deb8u9_amd64.deb
 2994aa6abb48a25a1bce2b1b19ec7bbe 345366 libdevel optional 
libtiff5-dev_4.0.3-12.3+deb8u9_amd64.deb
 907d618476cb88a15ba84a912ac6baa4 275110 graphics optional 
libtiff-tools_4.0.3-12.3+deb8u9_amd64.deb
 049716227fd16dd8cc146424df77213e 86784 graphics optional 
libtiff-opengl_4.0.3-12.3+deb8u9_amd64.deb

-BEGIN PGP SIGNATURE-

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl1iwcxfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYRyjzD/9QPSFJs7SPOt+VN77+JbHkAc/+f+Hk
Qw/DU3Wrx50uLpFVxreoaLgFTlamj6EKbruCgKYVm6VFq8Ukl6YhNndd2u97mdmR
4cayBc/nLD/W9VPNFIE7XGgACvwJzH7pzvUM1i52mAgpiaAwEJuRb7L/4bUlJifl
RpzNNmShr5dgY367TGXiJJ938tKD6GXs2uQHHdCG1Cl9ZI+e/LflkZ64itavvtMS
wkw5mWTW2YUeLQf7zuDoRbL98Ivwr6jQrMsA85BpN68PdZwkxdKAzmsSoMWsYhp3
/1j9FQiU37rqHNyII6dV8+J3K17Gq7eEZuklantotMUuPsI55yW5WzaOu7YxJtAk
J2n2WDFpkzjOJYsYszLwlTzED3S/xBSWS/bSy/TcUuAa5JLdlrOhlYv0om+0E2Vk
3B815aYEOdQQ1D+eD3j49oMHxjfZ2i4Ft5ZHUlpj+FZnp3snOjuRtqVHhjYkcmEn
b77PJUPJ2bCibOBFkUlsA5GdZOkZdBLygnf+EzbYIfLnxs4e5xZvY4+8pl++oGVV
BMjuMLqP6AORuemjSEcfCu5kuOKIvds4vCib1ZH9Dh0J0siwOiR1AJ4HiNBR3jIg
C7ZjiSFalWFDLgV2qUOPS/WiFfdPd4NPQnfWQwdVAg5v1A1a3nbT1w9Dzs6zqK34
SzAiTPEv2KuZ8Q==
=Dr7E
-END PGP SIGNATURE-