Accepted rsyslog 8.4.2-1+deb8u3 (source amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 09 Oct 2019 17:04:42 -0700 Source: rsyslog Binary: rsyslog rsyslog-mysql rsyslog-pgsql rsyslog-mongodb rsyslog-elasticsearch rsyslog-gssapi rsyslog-gnutls rsyslog-relp Architecture: source amd64 Version: 8.4.2-1+deb8u3 Distribution: jessie-security Urgency: high Maintainer: Michael Biebl Changed-By: Chris Lamb Description: rsyslog- reliable system and kernel logging daemon rsyslog-elasticsearch - Elasticsearch output plugin for rsyslog rsyslog-gnutls - TLS protocol support for rsyslog rsyslog-gssapi - GSSAPI authentication and encryption support for rsyslog rsyslog-mongodb - MongoDB output plugin for rsyslog rsyslog-mysql - MySQL output plugin for rsyslog rsyslog-pgsql - PostgreSQL output plugin for rsyslog rsyslog-relp - RELP protocol support for rsyslog Closes: 942065 942067 Changes: rsyslog (8.4.2-1+deb8u3) jessie-security; urgency=high . * CVE-2019-17041: Fix a heap overflow in the AIX message parser. (Closes: #942067) * CVE-2019-17042: Fix a heap overflow in the Cisco log message parser. (Closes: #942065) Checksums-Sha1: 9c1f930204c31d3cca9edbd122645a785c28f797 2608 rsyslog_8.4.2-1+deb8u3.dsc f68f92a1fa3d8fca6f4fc3dc4a7acbabc1774612 1938563 rsyslog_8.4.2.orig.tar.gz c79934bd2411a14feadb2a42c8ff6b56bc1531dc 24748 rsyslog_8.4.2-1+deb8u3.debian.tar.xz 4d8165621e9c7535b1e3e124066aab61de0635c6 545744 rsyslog_8.4.2-1+deb8u3_amd64.deb 4f9ebd707011efbb9d30622ac230d0bdb89e0351 164934 rsyslog-mysql_8.4.2-1+deb8u3_amd64.deb 526648ffc27373a07e36b3b28ac054d0ad728714 163558 rsyslog-pgsql_8.4.2-1+deb8u3_amd64.deb 174fad8c01e4f73ac0856924ba04db0161ab8da6 164878 rsyslog-mongodb_8.4.2-1+deb8u3_amd64.deb 5097ead3f2cc27483b2a8c20ff20f012622f1c1a 17 rsyslog-elasticsearch_8.4.2-1+deb8u3_amd64.deb 1d21646a73efa103a6bdc659d2f2910f6e7bd8e0 170228 rsyslog-gssapi_8.4.2-1+deb8u3_amd64.deb bbfe45e575acfb31023d0d2e9a2295ae22ea4a19 168808 rsyslog-gnutls_8.4.2-1+deb8u3_amd64.deb a0080f0154fe1bb01992e9483a895df64cc9157e 169062 rsyslog-relp_8.4.2-1+deb8u3_amd64.deb Checksums-Sha256: a771d96d88d260758da55c7026592b7e3c5b5dcccdb00012edea2a3f08fb58f0 2608 rsyslog_8.4.2-1+deb8u3.dsc 71c3c6dac74fba2692f9fefb092cd3d22e2bd71eb702e0da06648de51b8b7b9a 1938563 rsyslog_8.4.2.orig.tar.gz e30b44e0ab4bed945c24c02d573e6d9c59887f21a24b5200128ea8c56d497cee 24748 rsyslog_8.4.2-1+deb8u3.debian.tar.xz 463f9cdf661551051f236f6d031cd52d3e1ac2e9ca6c492409e71816e7c7f6c4 545744 rsyslog_8.4.2-1+deb8u3_amd64.deb 9788fdc82bc98d0d8d771fd553c5bcb3ee07db5deeef866279098381b629a1e5 164934 rsyslog-mysql_8.4.2-1+deb8u3_amd64.deb ea23d0004a69eb78918c2b79662f893b03bfdc5188a82cc4375fdcaa0ff40582 163558 rsyslog-pgsql_8.4.2-1+deb8u3_amd64.deb ffbbea4b765c9532e961f5e3d1d79219a01623f21e7d8653886264823ac5c0ce 164878 rsyslog-mongodb_8.4.2-1+deb8u3_amd64.deb f5e50f9f3515ea0b23c5f87cb68a36e34fda00419cdcb4a6acadb82a5d0e2757 17 rsyslog-elasticsearch_8.4.2-1+deb8u3_amd64.deb e5100577d25889df673762a815edc0cfe41279699ef30542a100813f6153a180 170228 rsyslog-gssapi_8.4.2-1+deb8u3_amd64.deb a83f536c8994c7981a8690a37fbfec46725a86d5388742249c6571f2bcabeb0c 168808 rsyslog-gnutls_8.4.2-1+deb8u3_amd64.deb 64044705fde193582bad0d747215557f8fefde53d46504577155170d222f7553 169062 rsyslog-relp_8.4.2-1+deb8u3_amd64.deb Files: ef8ac528120617d1850499b8945565eb 2608 admin important rsyslog_8.4.2-1+deb8u3.dsc 5d0f39d5a4fdd4b3b91d80450f17f22e 1938563 admin important rsyslog_8.4.2.orig.tar.gz ff8949acc2c57edd749fc0339dc28553 24748 admin important rsyslog_8.4.2-1+deb8u3.debian.tar.xz fc374c3722a28ec7f2afd2ad6f8ba2d5 545744 admin important rsyslog_8.4.2-1+deb8u3_amd64.deb 7a97481d4b93ecc92f38e6cecfec7511 164934 admin extra rsyslog-mysql_8.4.2-1+deb8u3_amd64.deb 8f76298429df7c55265d2b414717e2f1 163558 admin extra rsyslog-pgsql_8.4.2-1+deb8u3_amd64.deb 9dc5b2a8f44a7d480a5635fd675a01bf 164878 admin extra rsyslog-mongodb_8.4.2-1+deb8u3_amd64.deb 2b184d368f2ad2014cd578bdc2f06a3a 17 admin extra rsyslog-elasticsearch_8.4.2-1+deb8u3_amd64.deb d9fa7a0362769b99d55bbc17518dcb89 170228 admin extra rsyslog-gssapi_8.4.2-1+deb8u3_amd64.deb 8b12b800b815252a60355a3f72f52eb7 168808 admin extra rsyslog-gnutls_8.4.2-1+deb8u3_amd64.deb 27a964e9682e77f697c245511ac4bbef 169062 admin extra rsyslog-relp_8.4.2-1+deb8u3_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl2ed04ACgkQHpU+J9Qx HlhPAhAAmHYLfwHDcmEneUWwH+lfFHYh2I09JyHMMclUrGZWE3rZ9Ryip8jsfbhx NV+oBud1FDoQ24Jj54UAPy19nCVP1qQiyhGXSK7Hu+Ix41cnNgQn/mZGiFTIil26 dkA/uJu0TdQleBULy139jAKKg++zwmOw3GpqxbHKmRKFqVYA5t6BQpqAoT31a7ia gO+j9UcxrHwoMPQfaWucY7SD5mxG2aIO8C8gMO4dKrVDsr1KGD/kkBtzEWRwsdA8 57hQYsL4SAzX0xxY4cyur0nNZuHt4/vTcDk/SePwb9ld5ZkRUn+rrc4yo5qthe+X FmB87lFEpVLKk3mRc3Tcq4jaWP5I+d5asPuUx9cFLs6jya6DaJ3Nq5R8KTJOhf6T HWwam49evgplSfClW7BIfFAKOwm793Gd0loaWi49JNMKB1aaA8Q4ka+mGUHAmMZ9 FS1nlJu+8ul4Upi3W2YCCa+pXV9mUybPIqQsfbo5pk4WQO+fISX0+Vf0fJKNmLfM szQCQhMxfhMTgBc95XFhoMk
Accepted libtomcrypt 1.17-6+deb8u1 (source amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 09 Oct 2019 14:11:08 -0700 Source: libtomcrypt Binary: libtomcrypt-dev libtomcrypt0 Architecture: source amd64 Version: 1.17-6+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Michael Stapelberg Changed-By: Chris Lamb Description: libtomcrypt-dev - static library, header files and documentation for libtomcrypt libtomcrypt0 - public domain open source cryptographic toolkit Changes: libtomcrypt (1.17-6+deb8u1) jessie-security; urgency=high . * CVE-2019-17362: Prevent a denial of service (out-of-bounds read and crash) attack via carefully crafted "DER" encoded data, eg. by importing an X.509 certificate. Checksums-Sha1: d7a047d235dd95dc11ed44f1fbd5eb6aec3bb857 2075 libtomcrypt_1.17-6+deb8u1.dsc 8de54fc139d078d8da73303e8907e9a2f9254f7a 1721194 libtomcrypt_1.17.orig.tar.gz e1936d6ebe27c01f954dc6f99db0f39c3b3fd2ee 13988 libtomcrypt_1.17-6+deb8u1.debian.tar.xz d608634bdaf1d5fec6b7fb29dc875251b8e3a339 1070764 libtomcrypt-dev_1.17-6+deb8u1_amd64.deb 8827d7a0883606fc12735499640846287462ef5b 325352 libtomcrypt0_1.17-6+deb8u1_amd64.deb Checksums-Sha256: a5eb25a845cc508a42b3de9a03b8f0ee8f0a8d83d5d3ea638e44712f876ab830 2075 libtomcrypt_1.17-6+deb8u1.dsc 23be62bf7598ea210b7d2ea6f31edd8ab7dbcbcf28a887e2bfe030cb3e22b14e 1721194 libtomcrypt_1.17.orig.tar.gz 0271a58a0b205c4bdc49e796173fe77d468d71ce851d4cf5d8e63fb2720990de 13988 libtomcrypt_1.17-6+deb8u1.debian.tar.xz 0a732bed436c9b33f70449f4b26d0419f7d0140706f011701ebdf786bca8f3ce 1070764 libtomcrypt-dev_1.17-6+deb8u1_amd64.deb 35baabb88cfd5d74022b4db8174a726158bfba9cc650fdcdf37f71ab1d8e51f7 325352 libtomcrypt0_1.17-6+deb8u1_amd64.deb Files: a9040a38769b0bd850139b8534dfb410 2075 libs extra libtomcrypt_1.17-6+deb8u1.dsc 1996612d56e9c8e631193cb51492a911 1721194 libs extra libtomcrypt_1.17.orig.tar.gz 07134b9dacd9b255f522c4c482168d2f 13988 libs extra libtomcrypt_1.17-6+deb8u1.debian.tar.xz 0893dd1364b84ae266f3e1e8203c46aa 1070764 libdevel extra libtomcrypt-dev_1.17-6+deb8u1_amd64.deb e9aa49fc54dbe60418afe3d7bd640b71 325352 libs extra libtomcrypt0_1.17-6+deb8u1_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl2eThwACgkQHpU+J9Qx HlhS7xAApqmtj1nPKBAtJ6icy5QAQoXmZNMTWa8yXkZrOhqIMZ+OR7HFDsMCBmwy 2qH/FOb4Yps9xcLwvO3MiugK7ePyu8g+fYa9A1jlv7P6LbLLTSblHH0Mevbp+AfJ LchpJwy9gAVyrXKDfeoe1taTAq9N3JQ7LW3MitLu8zb0d8vbHMl9rMTwkFs+mIww Wi11v/rn9fleFarzIINB8raeplrekTon0XRhlS4zQ7o6Zb34sCmunRuXkk6NjGS9 9E357WL2vYN6qq5rx7Orp57kkWFlIXtM/M8KU0W4EBbfKU5lv6WKdDXeW2WdSmvF tIdtLXtM0nTvcuG4MjXjX4Euc5X4wTtAUMMXayVq16WpuqmWHMjmV3AHITY5L24T tNm447rgIN6cReEMJRYKCujl0FMfwfCFk6FMfs2S2F17kxQT9kCXEyqZf/GCuOh0 B4J/kIwgn80pmT95OEILJ9OgZbO2/JQFylgdVvmdfnSNELCe2M2mFBTMegnWTzvl IaS56T0ptwLKU+ouutG+s6gulTxUNXjJ8+yqvAE4DKJuSla9mv2LzTL2aGZILYfM M+Y4wfouK8kVVcSO7yjOgGZwyqXg0TCJfK2NSgutxTXOHnLs6KU/sIMZ3ua5RRyV 1wRqY2nKOwmtKls4pLMvAvsScXCfasw5lAGOXRyHBh+/dfyAY3M= =wd5E -END PGP SIGNATURE-
Accepted clamav 0.101.4+dfsg-0+deb8u1 (source all amd64) into oldoldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 01 Oct 2019 11:04:25 +0200 Source: clamav Binary: clamav-base clamav-docs clamav-dbg clamav libclamav-dev libclamav9 clamav-daemon clamdscan clamav-testfiles clamav-freshclam clamav-milter Architecture: source all amd64 Version: 0.101.4+dfsg-0+deb8u1 Distribution: jessie-security Urgency: medium Maintainer: ClamAV Team Changed-By: Hugo Lefeuvre Description: clamav - anti-virus utility for Unix - command-line interface clamav-base - anti-virus utility for Unix - base package clamav-daemon - anti-virus utility for Unix - scanner daemon clamav-dbg - debug symbols for ClamAV clamav-docs - anti-virus utility for Unix - documentation clamav-freshclam - anti-virus utility for Unix - virus database update utility clamav-milter - anti-virus utility for Unix - sendmail integration clamav-testfiles - anti-virus utility for Unix - test files clamdscan - anti-virus utility for Unix - scanner client libclamav-dev - anti-virus utility for Unix - development files libclamav9 - anti-virus utility for Unix - library Closes: 921190 934359 Changes: clamav (0.101.4+dfsg-0+deb8u1) jessie-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * Upload based on the stretch package, thanks to: . [ Sebastian Andrzej Siewior ] * Import 0.101.4 (Closes: #921190) - CVE-2019-12625 (Add scan time limit to limit the processing zip-bombs) (Closes: #934359) - CVE-2019-12900 (An out of bounds write was possible within ClamAV's NSIS bzip) - update symbols file (bump to 101.4 and drop unused cli_strnstr). Checksums-Sha1: ccb5ac1b9eeba37e5a53b4a37a59902dfd1c57d6 2990 clamav_0.101.4+dfsg-0+deb8u1.dsc ae609c30ebf523a2f5e1b5f3cf25332cbb48686d 4975416 clamav_0.101.4+dfsg.orig.tar.xz 71bf6f8386c710769c15924f9efc738023d041d5 218816 clamav_0.101.4+dfsg-0+deb8u1.debian.tar.xz 12746934b9a5dbbdea34e16b28e9a5d868c923f8 112338 clamav-base_0.101.4+dfsg-0+deb8u1_all.deb 51d430d58335aa6ea3c378b6cecce0631dcabeb9 273912 clamav-docs_0.101.4+dfsg-0+deb8u1_all.deb 8b510dcac861dcea022f88caac608ecb958ca484 2472738 clamav-dbg_0.101.4+dfsg-0+deb8u1_amd64.deb 604cee45f74ad396f11d4832c409c2bed18777db 166844 clamav_0.101.4+dfsg-0+deb8u1_amd64.deb 2c98f088b84ca92c7d2f283951413db5abe69002 67828 libclamav-dev_0.101.4+dfsg-0+deb8u1_amd64.deb 7f04f8de7196807e6364672e66fc8a84662b8893 850320 libclamav9_0.101.4+dfsg-0+deb8u1_amd64.deb 2726d3da3158aac8db2c2a426a900f36256d2e1b 268858 clamav-daemon_0.101.4+dfsg-0+deb8u1_amd64.deb 70daf68e5193422a317ae595a38336554a011398 126522 clamdscan_0.101.4+dfsg-0+deb8u1_amd64.deb ccf5c0eba92be924d4c70c4fe45dca6957847644 2878646 clamav-testfiles_0.101.4+dfsg-0+deb8u1_all.deb 4170e861a7d45e5e15e63932af36aafe692cc719 221386 clamav-freshclam_0.101.4+dfsg-0+deb8u1_amd64.deb fe6f14455d8fab0ba7c0fbaa898006de4854de5a 265000 clamav-milter_0.101.4+dfsg-0+deb8u1_amd64.deb Checksums-Sha256: 79abca6d77524ef32ad19895c96eaeaead65c66950041c994de9e5313ab6b330 2990 clamav_0.101.4+dfsg-0+deb8u1.dsc f97e09180cf15391db8b5c9db18a1409b748a417861a6aa4621db8844dde3c23 4975416 clamav_0.101.4+dfsg.orig.tar.xz c5cbb3cfd18b55aea89c178461215b8cf140a02362286fc0070e7cb5158839ac 218816 clamav_0.101.4+dfsg-0+deb8u1.debian.tar.xz e00aab1f4016ba71e8caa4544e6d95805f3779518d581006cdb890266bdca5e8 112338 clamav-base_0.101.4+dfsg-0+deb8u1_all.deb 931ffcf1fc1f5595b87f3879ff69c2ab9720c3bcf02aacaf4fd358fe43dddf0c 273912 clamav-docs_0.101.4+dfsg-0+deb8u1_all.deb a6687182373f4aa08109a307fd9875016105018bc2a66bb0d47e0ce92c0a1092 2472738 clamav-dbg_0.101.4+dfsg-0+deb8u1_amd64.deb 1027f5a0129694f57e8625d4647278af6a462f6ecfd498da3ca614f6f8d4b104 166844 clamav_0.101.4+dfsg-0+deb8u1_amd64.deb e6d23c3abe8bc960ce7921c3efed08ba540cc8a3c397a7fd0b7fbc5b378ee52a 67828 libclamav-dev_0.101.4+dfsg-0+deb8u1_amd64.deb b4e0d11b5d1856495d2db76d295d4c833ad4b7ca3b096fbeea90f7a3c2a56f65 850320 libclamav9_0.101.4+dfsg-0+deb8u1_amd64.deb 5c3601cc0bf2cf38002638edfe3f071d8b4afec125367e3c1f0b27f4dc67f12e 268858 clamav-daemon_0.101.4+dfsg-0+deb8u1_amd64.deb 252a36718934c4700fd875f21ef38e342d6d4c9c4a81844a0f61a01259d40d84 126522 clamdscan_0.101.4+dfsg-0+deb8u1_amd64.deb ec82aa6c7892f8fb293ee43ece1972009fed755adf07ec9a153c9ad1fd9030c9 2878646 clamav-testfiles_0.101.4+dfsg-0+deb8u1_all.deb 2fb1f03cb79d203ae750e08de91130b5a23c04ad889d924998bb7fd41a6d2b42 221386 clamav-freshclam_0.101.4+dfsg-0+deb8u1_amd64.deb 46fe617147ca98fa6725d6e357c2ba39dffbbf4dc3bf1517361eafbb64b83853 265000 clamav-milter_0.101.4+dfsg-0+deb8u1_amd64.deb Files: 2637d75b9eef49e539968694a292e62f 2990 utils optional clamav_0.101.4+dfsg-0+deb8u1.dsc 915d7b2d6113055a31d8adcca1e0d0dd 4975416 utils optional clamav_0.101.4+dfsg.orig.tar.xz f2851ca3585928ee55ce4aca258da42a 218816 utils optional clamav_0.101.4+dfsg-0+deb8u1.debian.tar.xz 55e0c65e6a4dbcca8dd4b7d5b30a85cf 112338 utils optional clamav-base_0.101.4+dfsg-0+deb8u1_all.deb a1d10b6ec072a