Accepted pound 2.6-2+deb7u2 (source amd64) into oldoldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted pound 2.6-2+deb7u2 (source amd64) into oldoldstable
From: Markus Koschany <apo@debian.org>
Date: Mon, 12 Feb 2018 23:00:22 +0000
Message-id: <[🔎] E1elN5C-0005NK-Dl@seger.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 12 Feb 2018 22:32:32 +0100
Source: pound
Binary: pound
Architecture: source amd64
Version: 2.6-2+deb7u2
Distribution: wheezy-security
Urgency: high
Maintainer: Brett Parker <iDunno@sommitrealweird.co.uk>
Changed-By: Markus Koschany <apo@debian.org>
Description: 
 pound      - reverse proxy, load balancer and HTTPS front-end for Web servers
Closes: 888786
Changes: 
 pound (2.6-2+deb7u2) wheezy-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2016-10711:
     A request smuggling vulnerability was discovered in pound that may allow
     attackers to send a specially crafted http request to a web server or
     reverse proxy while pound may see a different set of requests.
     This facilitates several possible exploitations, such as partial cache
     poisoning, bypassing firewall protection and XSS. (Closes: #888786)
Checksums-Sha1: 
 4ee3ff6ce149fc8e0377174be7b1e02bb2f95ab5 1901 pound_2.6-2+deb7u2.dsc
 99aa655eab180163536e6539e0ebfd66c990d53c 16760 pound_2.6-2+deb7u2.debian.tar.gz
 21d16a47fdaa7a6932b9d9a09b9d1572f98412a4 112080 pound_2.6-2+deb7u2_amd64.deb
Checksums-Sha256: 
 758693720a668a07a8f812de03b7b507b071d7ca7a5c8e881d06e025ff4a3e42 1901 pound_2.6-2+deb7u2.dsc
 e6e1390d5b0f3e1f7e58509ba3e7bd04a34ff2216a3bf1fdc80a7b593ee0cd69 16760 pound_2.6-2+deb7u2.debian.tar.gz
 4cd3182b4e149423e47c31930479511148a65ffdd89003eebe37db6614e38848 112080 pound_2.6-2+deb7u2_amd64.deb
Files: 
 40cbae8351eabaf81f21fd1ef6e13b34 1901 net extra pound_2.6-2+deb7u2.dsc
 725171de5b54effd679adee9c99db03e 16760 net extra pound_2.6-2+deb7u2.debian.tar.gz
 7581aa294e0e985ebc2e7bf6ed646e76 112080 net extra pound_2.6-2+deb7u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlqCGC9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkNV8P/isT6iikNgcZf8GK//nD7+CAoeOaTbRnH4Qt
cqQQYnND6NHQtZreRiCaT44vx0WHIZs7KRdq66vU6MXqT6qTYGKUrUh6+HDrNF9Y
cQigEvkD9vfQsoGw12k7Uyp1t1cTqaPwn4Zk5J5mZNwvvkWnfVFKXSBQqCUHdM8F
ItI8bXLSjlyN8jnRMahGM33on0tyYedYvOh8LrnbvKSuSiR+vx+A7wCnCl8IaMPt
J4/IIf5eon2IGjmMlp5eZdBn1Dk1JjO9tzIy3hrWP7C3RbS8mMicf17itvgGhSSD
lff0DqVG938h7fMZO8ADRSbcFKPMAOctT0g6r7casxew8GN2DCKyaGUUd1S71xoh
wig4Nh974/d7biGrlG+sd5LmjwS7Ti3L10/7UVOwwYW6pm4THnBcSbjyw3XXXTBt
m2uHJtlgQ0Z0NiMcWt6Gs3RYdbn2kUv/Z1ErvNt1YByln63GDvJYppKAFBlA0Q8L
fwLOQUuaeoQc1n8L7E9CFR41W+5l4ZtwVsg1wfxNA9KQxlLMXMouHYCitqrh0KCp
JKQHkL1PQnb7dSC07oXNUceHlu4rvoVfuAv8L6GEelblYIsQ4qKo60U5KoNABOmb
dtVb1a5WcoJoyeoqTejfLnlLhu29kBDKb+RNNFTdKhJlLl819PEQuaDISJENDdJb
ll+6t7sf
=piiQ
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted clamav 0.99.2+dfsg-0+deb7u5 (source all amd64) into oldoldstable
Next by Date: Accepted advancecomp 1.15-1+deb7u1 (source amd64) into oldoldstable
Previous by thread: Accepted clamav 0.99.2+dfsg-0+deb7u5 (source all amd64) into oldoldstable
Next by thread: Accepted advancecomp 1.15-1+deb7u1 (source amd64) into oldoldstable
Index(es):
- Date
- Thread