ain...@debian.tryton.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
tryton-server - Tryton Application Platform (Server)
Changes:
tryton-server (2.2.4-1+deb7u4) wheezy-security; urgency=high
.
* CVE-2017-0360: Sanitize path in file_open against suffix injection attack.
Ch
: wheezy-security
Urgency: high
Maintainer: Sebastian Harl <tok...@debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
collectd - statistics collection and monitoring daemon
collectd-core - statistics collection and monitoring daemon (core system)
collectd-dbg
Distribution: wheezy-security
Urgency: high
Maintainer: Alessandro Ghedini <gh...@debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
curl - command line tool for transferring data with URL syntax
libcurl3 - easy-to-use client-side URL transfer library (OpenSSL flavou
hat you upgrade your curl packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAljjfqkACgkQHpU+J9Qx
Hlj4QQ/+IwOrFvQYHiPXuZTiSWmqFGXYZ/4XLXJPmeTz
5.1.0-3+deb7u3.
We recommend that you upgrade your collectd packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAljjuocACgkQHpU+J9Qx
and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of ghostscript updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member
er behind the
bounds of a statically allocated array of structs of type SWF_GRADIENTRECORD.
For Debian 7 "Wheezy", this issue has been fixed in ming version
1:0.4.4-1.1+deb7u2.
We recommend that you upgrade your ming packages.
Regards,
- --
,''`.
: :' : Chris Lamb
Distribution: wheezy-security
Urgency: high
Maintainer: Stuart R. Anderson <ander...@netsweng.com>
Changed-By: Chris Lamb <la...@debian.org>
Description:
libming-dev - Library to generate SWF (Flash) Files (development files)
libming-util - Library to generate SWF (Flash) Files - Utiliti
attackers to inject
arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL.
For Debian 7 "Wheezy", this issue has been fixed in wget version
1.13.4-3+deb7u4.
We recommend that you upgrade your wget packages.
Regards,
- --
,''`.
: :' :
and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of audiofile updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member
in and handled this if you don't get to it within — say — a couple
of days?
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
: Steve Langasek <vor...@debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
freetype2-demos - FreeType 2 demonstration programs
libfreetype6 - FreeType 2 font engine, shared library files
libfreetype6-dev - FreeType 2 font engine, development files
libfreetype6-udeb
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAli+oVcACgkQHpU+J9Qx
HlgVGw//XFaJWyDAd38TXQytLzkMN1r5zIYJPHT+o8BMgRezmBd1Zx
Hi Thorsten,
> […]
Thanks for uploading. I'll send the DLA announcement out now…
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
heezy", this issue has been fixed in cvs version
2:1.12.13+real-9+deb7u1.
We recommend that you upgrade your cvs packages. Thanks to Thorsten Glaser
<t...@mirbsd.de> for preparing and testing this upload.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@de
amd64
Version: 1.6.17dfsg-4+deb7u12
Distribution: wheezy-security
Urgency: high
Maintainer: Peter Samuelson <pe...@p12n.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
libapache2-svn - Subversion server modules for Apache
libsvn-dev - Development files for Subversion libra
quot; URLs in "svn:externals" and
"svn:sync-from-url".
For Debian 7 "Wheezy", this issue has been fixed in subversion
version 1.6.17dfsg-4+deb7u12.
We recommend that you upgrade your subversion packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'`
org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
xchat - IRC client for X similar to AmIRC
xchat-common - Common files for X-Chat
Closes: 852275
Changes:
xchat (2.8.8-7.1+deb7u1) wheezy-security; urgency=high
.
* CVE-2016-2087: Prevent a directory traversal vulnera
or modify
arbitrary files via a ".." in the server name.
For Debian 7 "Wheezy", this issue has been fixed in xchat version
2.8.8-7.1+deb7u1.
We recommend that you upgrade your xchat packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la..
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of git updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team might start
and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of mercurial updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS
.
Specially-crafted input could lead to a remote denial of service attack.
For Debian 7 "Wheezy", this issue has been fixed in libgxps version
0.2.2-2+deb7u1.
We recommend that you upgrade your libgxps packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `
7 "Wheezy", this issue has been fixed in apache2 version
2.2.22-13+deb7u10.
We recommend that you upgrade your apache2 packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
dded anarcat and mejo to CC as they are mentioned in the
apache2 2.2.22-13+deb7u8 upload; could one of you take care of it?
Best wishes,
--
,''`.
: :' : Chris Lamb, Debian Project Leader
`. `'` la...@debian.org / chris-lamb.co.uk
`-
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of ncurses updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team
s with a "Version:" field
of "0.79.5+wheezy2"?
Regards,
--
,''`.
: :' : Chris Lamb, Debian Project Leader
`. `'` la...@debian.org / chris-lamb.co.uk
`-
for administering LDAP servers.
For Debian 7 "Wheezy", this issue has been fixed in phpldapadmin version
1.2.2-5+deb7u1.
We recommend that you upgrade your phpldapadmin packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
hanged-By: Chris Lamb <la...@debian.org>
Description:
phpldapadmin - web based interface for administering LDAP servers
Closes: 867719
Changes:
phpldapadmin (1.2.2-5+deb7u1) wheezy-security; urgency=high
.
* CVE-2016-11107: Fix a cross-site scripting (XSS) vulnerabily in
entry_chooser.
3 times ;-)
Regards,
--
,''`.
: :' : Chris Lamb, Debian Project Leader
`. `'` la...@debian.org / chris-lamb.co.uk
`-
ng message:
[…]
FYI for phpldapadmin I worked-around this by building with --build=source,all
and re-uploading.
Best wishes,
--
,''`.
: :' : Chris Lamb, Debian Project Leader
`. `'` la...@debian.org / chris-lamb.co.uk
`-
by a heap-based buffer
over-read in the "convert_latin1" function.
For Debian 7 "Wheezy", this issue has been fixed in mpg123 version
1.14.4-1+deb7u2.
We recommend that you upgrade your mpg123 packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la..
Hi Matus,
> so, can we expect updated package to appear in wheezy soon?
> should I bug someone or is anyone taking a look at it?
Is this https://bugs.debian.org/762965 ?
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
: source all amd64
Version: 1.2.1-2.2+wheezy4+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Kartik Mistry <kar...@debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
nginx - small, powerful, scalable web/proxy server
nginx-common - small, powerful, scalab
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAllnK9YACgkQHpU+J9Qx
HliX5A//dPavm2srbLpx/CUhR2fJoy3fOK7+tbVc/5o/fNMCZD2mrHnvBKvxjoDP
6MDpgHdaqwRYh5hX
Hi Christos,
> Chris beat me to it and uploaded 1.2.1-2.2+wheezy4+deb7u1, thanks!
Whoops, sorry for not replying to the -lts mail! I hope we didn't
duplicate any work.
Best wishes,
--
,''`.
: :' : Chris Lamb, Debian Project Leader
`. `'` la...@debian.org / ch
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <g...@debian.hu>
Changed-By: Chris Lamb <la...@debian.org>
Description:
lemon - LALR(1) Parser Generator for C or C++
libsqlite3-0 - SQLite 3 shared library
libsqlite3-0-dbg - SQLite 3 debugging symbols
libsqlite3-dev - SQLite 3
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of tcpdump updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of vim updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team might start
. The getNodeSize function in
ext/rtree/rtree.c mishandled undersized RTree blobs in a specially-crafted
database,
For Debian 7 "Wheezy", this issue has been fixed in sqlite3 version
3.7.13-1+deb7u4.
We recommend that you upgrade your sqlite3 packages.
Regards,
- --
,''`.
: :' :
-8705.
For Debian 7 "Wheezy", this issue has been fixed in memcached version
1.4.13-0.2+deb7u3.
We recommend that you upgrade your memcached packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of libclamunrar updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member
leak
<https://eprint.iacr.org/2017/627>
For Debian 7 "Wheezy", this issue has been fixed in libgcrypt11 version
1.5.0-5+deb7u6.
We recommend that you upgrade your libgcrypt11 packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@de
: high
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-ma...@lists.alioth.debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
libgcrypt11 - LGPL Crypto library - runtime library
libgcrypt11-dbg - LGPL Crypto library - debugger files
libgcrypt11-dev - LGPL Cr
eb7u2.
We recommend that you upgrade your libclamunrar packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlldWl8ACgkQHpU+J9Qx
HliqUBAAruZEl0SjpIAjr
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of giflib updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team might
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of cacti updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team might
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of curl updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team might start
and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of minidjvu updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team
.
The other thing in this is that regressions, whilst obviously breaking
people's setups and that's bad in itself (!), they have an additional
embarrassment component given the funding model.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of libvorbis updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS
Regards,
- --
,''`.
: :' : Chris Lamb, Debian Project Leader
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlmIXQYACgkQHpU+J9Qx
HljHoA/9GbDPSfYQdHt4ely6z6CwEwpM0giq+ixPecIlQxq9qVsPxBkbz2DEmEIT
K4ZqR
3
https://security-tracker.debian.org/tracker/CVE-2017-11735
Regards,
--
,''`.
: :' : Chris Lamb, Debian Project Leader
`. `'` la...@debian.org / chris-lamb.co.uk
`-
Lopo <er...@mega-nerd.com>
Changed-By: Chris Lamb <la...@debian.org>
Description:
libsndfile1 - Library for reading/writing audio files
libsndfile1-dev - Development files for libsndfile; a library for
reading/writing a
sndfile-programs - Sample programs that use libsndfile
Closes: 86
Hi Guido,
> Would there be interest in a BoF discussing LTS and security team
> workflow questions?
Interest here... (if only for us to ensure we all meet IRL!)
Best wishes,
--
,''`.
: :' : Chris Lamb, Debian Project Leader
`. `'` la...@debian.org / chris-lamb.co.uk
`-
Distribution: wheezy-security
Urgency: high
Maintainer: Rene Mayrhofer <rm...@debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
libstrongswan - strongSwan utility and crypto library
strongswan - IPsec VPN solution metapackage
strongswan-dbg - strongSwan library
wan-vulnerability-(cve-2017-11185).html>
For Debian 7 "Wheezy", this issue has been fixed in strongswan version
4.5.2-1.5+deb7u10.
We recommend that you upgrade your strongswan packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org /
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of openvpn updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team
deb...@lists.lxde.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
lxterminal - LXDE terminal emulator
lxterminal-dbg - LXDE terminal emulator (debug)
Closes: 862098
Changes:
lxterminal (0.1.11-4+deb7u1) wheezy-security; urgency=high
.
* CVE-2016-10369: Prevent local users t
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of rzip updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team might start
and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of binutils updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of eglibc updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team might
: Julien BLACHE <jbla...@debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
libsane- API library for scanners
libsane-common - API library for scanners -- documentation and support files
libsane-dbg - API development library for scanners [debug symbols]
libsa
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of libxml2 updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team
sensitive memory information
via a crafted SANE_NET_CONTROL_OPTION packet.
For Debian 7 "Wheezy", this issue has been fixed in sane-backends version
1.0.22-7.4+deb7u1.
We recommend that you upgrade your sane-backends packages.
Regards,
- --
,''`.
: :' :
heezy", this issue has been fixed in deluge version
1.3.3-2+nmu1+deb7u2.
We recommend that you upgrade your deluge packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
-security
Urgency: high
Maintainer: Cristian Greco <crist...@debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
deluge - bittorrent client written in Python/PyGTK
deluge-common - bittorrent client written in Python/PyGTK (common files)
deluge-console - bittorrent cl
environment.
This was caused by an insecure use of temporary files for a socket file.
For Debian 7 "Wheezy", this issue has been fixed in lxterminal version
0.1.11-4+deb7u1.
We recommend that you upgrade your lxterminal packages.
Regards,
- --
,''`.
: :' :
ad claimed since April 17th. :)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
egards,
--
,''`.
: :' : Chris Lamb, Debian Project Leader
`. `'` la...@debian.org / chris-lamb.co.uk
`-
eb7u5.
We recommend that you upgrade your openvpn packages.
Regards,
- --
,''`.
: :' : Chris Lamb, Debian Project Leader
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAllMLksACgkQHpU+J
Dear Ola,
I hope this finds you well. ``org/lts-frontdesk.2017.txt`` has:
From 02-10 to 08-10:Ola Lundqvist <o...@debian.org>
From 09-10 to 15-10:Chris Lamb <ch...@chris-lamb.co.uk>
I was wondering if we could swap these two weeks? No worries if
not…
attackers could cause a denial of service and
possibly read heap memory via a specially crafted .ICS file.
For Debian 7 "Wheezy", this issue has been fixed in libical version
0.48-2+deb7u1.
We recommend that you upgrade your libical packages.
Regards,
- --
,''`.
: :' :
org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
libical-dbg - debugging symbols for libical
libical-dev - iCalendar library implementation in C (development)
libical0 - iCalendar library implementation in C (runtime)
Closes: 852034 860451
Changes:
libical (0.48-2+deb7u1) whe
Ola Lundqvist wrote:
> Sure. No problem. Please update the file. I have updated my calendar.
Done; many thanks :)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
a denial of service
attack.
For Debian 7 "Wheezy", this issue has been fixed in miniupnpc version
1.5-2+deb7u2.
We recommend that you upgrade your miniupnpc packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
Salvatore Bonaccorso wrote:
> I plan to work on the relvant changes to the security tracker for once
> stretch is released.
Can you briefly explain what changes you are refering to?
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
ng the Makefile and last but not
> least the bin/gen-{DSA,DLA} changes, which need to be done once there
> is a new stable release.
Thanks for the explanation; pretty much what I was thinking but good
to have it confirmed :)
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
split.[ch]. Some
of the run_cmd callsites were also different in the 1.7 version so it's
not identical.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
Chris Lamb wrote:
> No :)
As in, there are no other changes. (Sorry, removed too much of the
quote context...)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
.org/news/846121
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
heezy", this issue has been fixed in picocom version
1.7-1+deb7u1.
We recommend that you upgrade your picocom packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
hanged-By: Chris Lamb <la...@debian.org>
Description:
yodl - Your Own Document Language (Yodl) is a pre-document language
yodl-doc - Documenation for Your Own Document Language (Yodl)
Changes:
yodl (3.00.0-6+deb7u1) wheezy-security; urgency=high
.
* CVE-2016-10375: Correct buf
7 "Wheezy", this issue has been fixed in yodl version
3.00.0-6+deb7u1.
We recommend that you upgrade your yodl packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP SIGNATURE-
iQIzBAEBCAAdFiE
to search the directory could crash slapd by issuing
a search requesting a "Paged Results" value set to zero.
For Debian 7 "Wheezy", this issue has been fixed in openldap version
2.4.31-2+deb7u3.
We recommend that you upgrade your openldap packages.
Regards,
- --
,''
AIFF ("Audio Interchange File
Format") file could result in an out-of-bounds memory read.
For Debian 7 "Wheezy", this issue has been fixed in libsndfile version
1.0.25-9.1+deb7u3.
We recommend that you upgrade your libsndfile packages.
Regards,
- --
,''`.
:
Lopo <er...@mega-nerd.com>
Changed-By: Chris Lamb <la...@debian.org>
Description:
libsndfile1 - Library for reading/writing audio files
libsndfile1-dev - Development files for libsndfile; a library for
reading/writing a
sndfile-programs - Sample programs that use libsndfile
Closes: 86
Maintainer: Laszlo Boszormenyi (GCS) <g...@debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
expat - XML parsing C library - example application
lib64expat1 - XML parsing C library - runtime library (64bit)
lib64expat1-dev - XML parsing C library - development kit (64bit
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of jetty updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team might
"Wheezy", this issue has been fixed in expat version
2.1.0-1+deb7u5.
We recommend that you upgrade your expat packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
-BEGIN PGP
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of jetty8 updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team might
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of kdepim updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team might
and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of libquicktime updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member
and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of libsndfile updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member
ain...@lists.alioth.debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description:
libxstream-java - Java library to serialize objects to XML and back again
Closes: 861521
Changes:
libxstream-java (1.4.2-1+deb7u2) wheezy-security; urgency=high
.
* CVE-2016-7957: Prevent a remote
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of mp3gain updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team
and/or test the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of trafficserver updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member
right thing using the PHP CLI.
Alas, I did not setup a complete wheezy Wordpress installation with
a Shibboleth integration to test this, so this would be only "gap"
if there was one.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.org / chris-lamb.co.uk
`-
.li>
Changed-By: Chris Lamb <la...@debian.org>
Description:
wordpress-shibboleth - Shibboleth plugin for WordPress
Closes: 874416
Changes:
wordpress-shibboleth (1.4-2+deb7u1) wheezy-security; urgency=high
.
* CVE-2017-14313: Fix an XSS vulnerability due to improper use of
a
the updated package before it gets released.
You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of emacs23 updates
for the LTS releases.
Thank you very much.
Chris Lamb,
on behalf of the Debian LTS team.
PS: A member of the LTS team
201 - 300 of 927 matches
Mail list logo