Re: [SECURITY] [DSA 2612-2] ircd-ratbox update
thank you, guys. will make use of it. On 2/10/13, Moritz Muehlenhoff j...@debian.org wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2612-2 secur...@debian.org http://www.debian.org/security/Moritz Muehlenhoff February 10, 2013 http://www.debian.org/security/faq - - Package: ircd-ratbox Vulnerability : programming error Problem type : remote Debian-specific: no CVE ID : CVE-2012-6084 This update to the previous ircd-ratbox DSA only raises the version number to ensure that a higher version is used than a previously binNMU on some architectures. For the stable distribution (squeeze), this problem has been fixed in version 3.0.6.dfsg-2+squeeze1. We recommend that you upgrade your ircd-ratbox packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEUEARECAAYFAlEX6JUACgkQXm3vHE4uylpioQCcDQvyJFUkZ53pzs3k7CFDvlL1 v6gAlAkyL/gZnYMKLZiUgbE7m3Stvg0= =J5xk -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-security-announce-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130210183700.GA6726@pisco.westfalen.local -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/ca+lfa70itzat8pni1u1e3yjkbkmz8nmm2rcqbsdanavtbnp...@mail.gmail.com
Upcoming stable point release (6.0.7)
Hi, The next point release for squeeze (6.0.7) is scheduled for Saturday February 23rd. Stable NEW will be frozen during the preceding Monday (18th). As usual, base-files can be uploaded at any point before the freeze. Regards, Adam -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1360783944.9953.3.ca...@jacala.jungle.funky-badger.org
Re: [SECURITY] [DSA 2621-1] openssl security update
unsubscribe - Reply message - From: Thijs Kinkhorst th...@debian.org To: debian-security-annou...@lists.debian.org Subject: [SECURITY] [DSA 2621-1] openssl security update Date: Thu, Feb 14, 2013 07:07 -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-2621-1 secur...@debian.org http://www.debian.org/security/ Thijs Kinkhorst February 13, 2013 http://www.debian.org/security/faq - - Package: openssl Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2013-0166 CVE-2013-0169 Debian Bug : 699889 Multiple vulnerabilities have been found in OpenSSL. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2013-0166 OpenSSL does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service via an invalid key. CVE-2013-0169 A timing side channel attack has been found in CBC padding allowing an attacker to recover pieces of plaintext via statistical analysis of crafted packages, known as the Lucky Thirteen issue. For the stable distribution (squeeze), these problems have been fixed in version 0.9.8o-4squeeze14. For the testing distribution (wheezy), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 1.0.1e-1. We recommend that you upgrade your openssl packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJRG/JcAAoJEFb2GnlAHawEXbAH/16o5HCWPDrLN8USWuBKPi9R ECdIC/8JlxIqaTgCzYn8T704y05Q9orT2SwjThpkbqwgjhWtCvDVozYmHIrznoVQ g2Vi+kk1o0qmSuuWC6F2GUIgiaqWQkrt1zm2E6XPirL8WNGB71GJfDEAGR+xCwGJ h8JEOgoqIadiyZ9ZcSMqMnyMdktRReRuCLUhYlnK5Ls1iEA7Cuu+l/kvLQjRrTJ5 mybsFt+f7edaDRVlXIBjNLKT7/Xo0bcVdRN5Jm5fKNtoTCrOsf5Qzpx0lQuAFA4l fTooy9XvKKvWvilhZhQPHygMHTyqEPbEoMViwdNnVmrN3XISS4MgsCPjZet47CU= =r0Ii -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-security-announce-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130213200741.d15e359...@kinkhorst.com
External check
CVE-2012-6117: RESERVED CVE-2013-0228: RESERVED CVE-2013-0266: RESERVED CVE-2013-0271: RESERVED CVE-2013-0272: RESERVED CVE-2013-0273: RESERVED CVE-2013-0274: RESERVED -- The output might be a bit terse, but the above ids are known elsewhere, check the references in the tracker. The second part indicates the status of that id in the tracker at the moment the script was run. -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/511c8735.907RvNvJh/beczmm%atomo64+st...@gmail.com