Accepted collectd 5.5.2-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 29 Jul 2016 00:02:11 +0200
Source: collectd
Binary: collectd-core collectd collectd-utils collectd-dbg collectd-dev libcollectdclient-dev libcollectdclient1
Architecture: source
Version: 5.5.2-1
Distribution: unstable
Urgency: high
Maintainer: Sebastian Harl <tokkee@debian.org>
Changed-By: Sebastian Harl <tokkee@debian.org>
Description:
collectd - statistics collection and monitoring daemon
collectd-core - statistics collection and monitoring daemon (core system)
collectd-dbg - statistics collection and monitoring daemon (debugging symbols)
collectd-dev - statistics collection and monitoring daemon (development files)
collectd-utils - statistics collection and monitoring daemon (utilities)
libcollectdclient-dev - client library for collectd's control interface (development file
libcollectdclient1 - client library for collectd's control interface
Closes: 829634 832507 832577
Changes:
collectd (5.5.2-1) unstable; urgency=high
.
* New upstream release.
- Fix heap overflow in the network plugin. Emilien Gaspar has identified a
heap overflow in parse_packet(), the function used by the network plugin
to parse incoming network packets. Thanks to Florian Forster for
reporting the bug in Debian. (Closes: #832507, CVE-2016-6254)
- Fix improper usage of gcry_control. A team of security researchers at
Columbia University and the University of Virginia discovered that
GCrypt's gcry_control is sometimes called without checking its return
value for an error. This may cause the program to be initialized without
the desired, secure settings. (Closes: #832577)
* debian/patches:
- bts832577-gcry-control.patch: Update for 5.5.2. Mostly part of the new
upstream release, except for: Don't abort() if gcrypt initialization
failed.
- Drop bts823012_librrd8.patch; merged upstream.
* Rebuild with linux-libc-dev >= 4.6 (now in testing and unstable) to
accommodate a change to rtnl_link_stats64. Thanks to Gábor Gombás for
reporting this (Closes: #829634).
Checksums-Sha1:
9e8737c6f85aa7cee060cf6d8107744e2f1aa5d3 3681 collectd_5.5.2-1.dsc
076cb021a16120988abfdd19c4e80fade26c55c2 2259231 collectd_5.5.2.orig.tar.gz
312a8ec61863e615a977e1bb08ebd75a4a28d3bb 71188 collectd_5.5.2-1.debian.tar.xz
Checksums-Sha256:
91fc9a563d442b9bd03368c0ecab85929acf00704b34a25f405c5953163a9da0 3681 collectd_5.5.2-1.dsc
8013ae74df2b90ec8a8e7ac5da7638e165199021eca5f423ff8ee19feac649ba 2259231 collectd_5.5.2.orig.tar.gz
f628b67c7fafe4f2c573f9a8c9a898bbbb3f606f69f1b60b442bf812f5444d25 71188 collectd_5.5.2-1.debian.tar.xz
Files:
fef24fc74ae938568d66d4ef63386434 3681 utils optional collectd_5.5.2-1.dsc
58ce766e4744837945b184af576d4b17 2259231 utils optional collectd_5.5.2.orig.tar.gz
2b8192834538527cf89c62365fe9789b 71188 utils optional collectd_5.5.2-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJXmvHwAAoJEMwFfnIvH/zHC+QQALtLU7hqZ10LcEDmP9RhiktH
YIKlczxvqh1UXox4zBbgfj0JLa812cyGHDfOBSonCwZ1YYaowYi32pDxdIhLsXN/
D72HP0TI/FkDreaoQXNio1lmL6PtVY2F+FODcY/nDtjvWljx85cK/Rf7LIPBA3Rc
+jHejA6/htO1Pulkt4VSORQZoW7SgQteRWppQ4hifC9GSC82LHzQpoxX9Pw4Gqy+
/4RhKoACrveZFq4sid7dq6z2Tum5XBp8XSn7REg60jFAY9TzejCnJCYz5r6fUwBJ
3AyszuRUxnbtvG4lGPE0fAHOTve1sCjr69+050iABkDgcpaZSR4FGrNKBfowmohS
7lL19M5pWdKgrkS0qxppM5H+fSZyl5++gdOtVND6h7/e3sM1VxrqaWwH7LD7DlYt
CfXjUMmIGeo6tzV7eWHnRQnyHaCaw52pkhQ8qIQ0yPmxUFrwPQ8+E4LieDkuhmbZ
5Hl2V8ZPcjpE6hGPz5EDe5GhVZ/IiRZr1Q/IJ65YKMnOnEKpis2l/1a59JSiO8wL
opQZxKPuodR7hWBoNlW1zlE6TP77QlY5BRvonw73OVUMycPQxHQZ1YlIV4vAc3Cn
9+yAsHLS0MInuCtvokqpSjqeuDDQa86UuSXayCYwmCropUdfNnnzpqvG+S6WwzWs
de2h7/RulaxIt5DA+sZL
=PumS
-----END PGP SIGNATURE-----
Reply to: