Accepted nas 1.8-4 (source i386 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 26 Mar 2007 00:29:10 +0100
Source: nas
Binary: nas-doc libaudio-dev nas libaudio2 nas-bin
Architecture: source i386 all
Version: 1.8-4
Distribution: unstable
Urgency: high
Maintainer: Steve McIntyre <93sam@debian.org>
Changed-By: Steve McIntyre <93sam@debian.org>
Description:
libaudio-dev - The Network Audio System (NAS). (development files)
libaudio2 - The Network Audio System (NAS). (shared libraries)
nas - The Network Audio System (NAS). (local server)
nas-bin - The Network Audio System (NAS). (client binaries)
nas-doc - The Network Audio System (NAS). (extra documentation)
Closes: 416038
Changes:
nas (1.8-4) unstable; urgency=high
.
* High-urgency upload to fix multiple security holes (CVE-2007-1543,
CVE-2007-1544, CVE-2007-1545, CVE-2007-1546 and CVE-2007-1547):
+ accept_att_local buffer overflow through USL connection
+ server termination through unexistent ID in AddResource
+ bcopy crash caused by integer overflow in ProcAuWriteElement
+ invalid memory pointer caused by big num_actions in
ProcAuSetElements
+ another invalid memory pointer caused by big num_actions in
ProcAuSetElements
+ invalid memory pointer in compileInputs
+ exploits bug 3 in read mode (requires something playing on
the server)
+ NULL pointer caused by too much connections
+ Closes: #416038
Files:
9aa8fa5e47bd1b7281ffd77f30c0a7f2 715 sound optional nas_1.8-4.dsc
7f9a5cdfeb39b3ec36f2314ecea87214 488564 sound optional nas_1.8-4.diff.gz
5fb310aeef5d5c0ad65aa0887f6e9bb7 151780 doc extra nas-doc_1.8-4_all.deb
fe56bf4843b5396ab9044799d2ffa6e5 101526 sound optional nas_1.8-4_i386.deb
e1035ce0a66ed2022f169e8cbfb6057e 496384 sound extra nas-bin_1.8-4_i386.deb
43d0541380860eb26ad07bcd212680e5 73426 libs optional libaudio2_1.8-4_i386.deb
7776942340fedf8506f54e7b0d519e5b 1102850 libdevel optional libaudio-dev_1.8-4_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGBw4lfDt5cIjHwfcRAuAwAJ42f/Xy6bwZS8kuEQtCIBlKrR0m1gCfTxAY
DVm88GcYyYweSjlbNUDu8YQ=
=nmeb
-----END PGP SIGNATURE-----
Accepted:
libaudio-dev_1.8-4_i386.deb
to pool/main/n/nas/libaudio-dev_1.8-4_i386.deb
libaudio2_1.8-4_i386.deb
to pool/main/n/nas/libaudio2_1.8-4_i386.deb
nas-bin_1.8-4_i386.deb
to pool/main/n/nas/nas-bin_1.8-4_i386.deb
nas-doc_1.8-4_all.deb
to pool/main/n/nas/nas-doc_1.8-4_all.deb
nas_1.8-4.diff.gz
to pool/main/n/nas/nas_1.8-4.diff.gz
nas_1.8-4.dsc
to pool/main/n/nas/nas_1.8-4.dsc
nas_1.8-4_i386.deb
to pool/main/n/nas/nas_1.8-4_i386.deb
Reply to: