Accepted mt-daapd 0.2.4+r1376-1.1+etch1 (source amd64)

Subject:	Accepted mt-daapd 0.2.4+r1376-1.1+etch1 (source amd64)
From:	Devin Carraway <devin@xxxxxxxxxx>
Date:	Sat, 26 Jul 2008 12:20:31 +0200
Newsgroups:	linux.debian.changes


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon,  9 Jun 2008 06:36:18 +0000
Source: mt-daapd
Binary: mt-daapd
Architecture: source amd64
Version: 0.2.4+r1376-1.1+etch1
Distribution: stable-security
Urgency: high
Maintainer: Joshua Kwan <joshk@xxxxxxxxxxxxxxx>
Changed-By: Devin Carraway <devin@xxxxxxxxxx>
Description: 
 mt-daapd   - iTunes-compatible DAAP server
Closes: 459961 476241
Changes: 
 mt-daapd (0.2.4+r1376-1.1+etch1) stable-security; urgency=high
 .
   * Non-maintainer upload by the security team
   * Apply backport of upstream fixes for two related
     vulnerabilities (Closes: #459961):
     + CVE-2007-5824: Remote denial-of-service through a null pointer
       dereference in src/webserver.c's authorization header handling
     + CVE-2007-5825: Remote arbitrary code execution through a format
       string vulnerability in authorization header of an /xml-rpc request
   * Apply fix from Nico Golde <nion@xxxxxxxxxx> for CVE-2008-1771, an
     integer overflow vulnerability also in src/webserver.c, potentilly
     enabling execution of arbitrary code (Closes: #476241)
Files: 
 a303c40811df75fd395c28485d038ceb 765 sound optional 
mt-daapd_0.2.4+r1376-1.1+etch1.dsc
 c427c26e93914290b7cd615835ea333a 995301 sound optional 
mt-daapd_0.2.4+r1376.orig.tar.gz
 a565dacb5773182a44b367b6c78a0da8 8929 sound optional 
mt-daapd_0.2.4+r1376-1.1+etch1.diff.gz
 9297976354240c5a75b2c3636fe0746d 610844 sound optional 
mt-daapd_0.2.4+r1376-1.1+etch1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFITOyZU5XKDemr/NIRAjnwAKDPSxgW//tr2N7GewWAvyUIHWYS3QCeNlN2
A3JUS/iPA+M/yIpWDPGPlBc=
=bwia
-----END PGP SIGNATURE-----


Accepted:
mt-daapd_0.2.4+r1376-1.1+etch1.diff.gz
  to pool/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1.diff.gz
mt-daapd_0.2.4+r1376-1.1+etch1.dsc
  to pool/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1.dsc
mt-daapd_0.2.4+r1376-1.1+etch1_amd64.deb
  to pool/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_amd64.deb


-- 
To UNSUBSCRIBE, email to debian-changes-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx

<Prev in Thread]	Current Thread	[Next in Thread>
Accepted mt-daapd 0.2.4+r1376-1.1+etch1 (source amd64), Devin Carraway Accepted mt-daapd 0.2.4+r1376-1.1+etch1 (source amd64), Devin Carraway <=

Previous by Date:	Accepted ruby1.8 1.8.5-4etch2 (source i386 all), akira yamada
Next by Date:	Accepted linux-kbuild-2.6.24 2.6.24-1~etchnhalf.1 (ia64 source), dann frazier
Previous by Thread:	Accepted mt-daapd 0.2.4+r1376-1.1+etch1 (source amd64), Devin Carraway
Next by Thread:	Accepted pcre3 6.7+7.4-4 (source amd64), Florian Weimer
Indexes:	[Date] [Thread] [Top] [All Lists]