Accepted gsoap 2.8.17-1+deb8u2 (source amd64 all) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 14 Feb 2019 16:59:28 +0100
Source: gsoap
Binary: libgsoap5 libgsoap-dev gsoap gsoap-doc libgsoap-dbg gsoap-dbg
Architecture: source amd64 all
Version: 2.8.17-1+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Mattias Ellert <mattias.ellert@fysast.uu.se>
Changed-By: Mattias Ellert <mattias.ellert@physics.uu.se>
Description:
gsoap - Stub generators for gSOAP
gsoap-dbg - Debugging symbols for gSOAP stub generators
gsoap-doc - gSOAP documentation
libgsoap-dbg - Debugging symbols for gSOAP libraries
libgsoap-dev - Development libraries and headers for gSOAP
libgsoap5 - Runtime libraries for gSOAP
Changes:
gsoap (2.8.17-1+deb8u2) jessie-security; urgency=high
.
* Fix for CVE-2019-7659
Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a
denial of service (application abort) or possibly have unspecified other
impact if a server application is built with the -DWITH_COOKIES flag. This
affects the C/C++ libgsoapck/libgsoapck++ and libgsoapssl/libgsoapssl++
libraries, as these are built with that flag.
* Fix issue with DIME protocol receiver and malformed DIME headers
This patch addresses a critical issue with the DIME protocol receiver that
may cause the receiver to become unresponsive when a malformed DIME
protocol message is received. -- https://www.genivia.com/advisory.html
Checksums-Sha1:
b634de13739e375ff03ff4362c2358f4b8cb447b 2223 gsoap_2.8.17-1+deb8u2.dsc
49248b9752b17be61d459f7eba925838fc52aad1 5291604 gsoap_2.8.17.orig.tar.gz
32cc06a1e97a711f0e7281323c7a64eddc311e57 14428 gsoap_2.8.17-1+deb8u2.debian.tar.xz
42afaa4881299dee57d6e31c09c693a92189d334 201896 libgsoap5_2.8.17-1+deb8u2_amd64.deb
c90e196268c3e6909c88e29c8758533042e7fea5 202136 libgsoap-dev_2.8.17-1+deb8u2_amd64.deb
32726314deba9b9f1190db4b3eb80ead331a8505 695936 gsoap_2.8.17-1+deb8u2_amd64.deb
7b6806742aaa2dea019637e83eade42e59e269f8 544336 libgsoap-dbg_2.8.17-1+deb8u2_amd64.deb
2872c95392ffb9179277e43a9bc3255c23e919ca 1898648 gsoap-dbg_2.8.17-1+deb8u2_amd64.deb
47533edba585a71ee23ee3d60e4978a62c2775cc 3261966 gsoap-doc_2.8.17-1+deb8u2_all.deb
Checksums-Sha256:
e3984bd221ebd505c7facece35f3b5cc0ffb0c44d09ba43f27d8d824eed18738 2223 gsoap_2.8.17-1+deb8u2.dsc
1024fcb41d06a3ce9f2f7b65a983573f4d5ed267df2f695cf77a9510e5749199 5291604 gsoap_2.8.17.orig.tar.gz
583d3242ff552a3093f178a2e0d90455facbf09ac96200ae9c01637acb9b3090 14428 gsoap_2.8.17-1+deb8u2.debian.tar.xz
be68db3267fb62ead3ababae2a0f4f4c04dc71fee0b1b115da8c9671d1e21bc6 201896 libgsoap5_2.8.17-1+deb8u2_amd64.deb
2dce2f2c6d3038929b7d076f2f870a91b12b0b882d264c3f8cd3275948306320 202136 libgsoap-dev_2.8.17-1+deb8u2_amd64.deb
a2c2c2ad3003e28a3aabc2fe0d2d584c235cec6318b54b7cbadbd28a22c77eee 695936 gsoap_2.8.17-1+deb8u2_amd64.deb
ed1abeacf9f5ace083cdbecd2fdec0080e5f97a6380dfb35a6bb04206952d216 544336 libgsoap-dbg_2.8.17-1+deb8u2_amd64.deb
7c20ead1d17685e13cac85710b93a92c76fb8f421aaf2b8dd1b671dc4f81605f 1898648 gsoap-dbg_2.8.17-1+deb8u2_amd64.deb
b97b1225bbfc9f1e98f6e608435fe083327e24d8cdbcc2224cff14bfdae5a3dc 3261966 gsoap-doc_2.8.17-1+deb8u2_all.deb
Files:
f9b7a2d25ad3715357a8dbb08827c4ac 2223 devel optional gsoap_2.8.17-1+deb8u2.dsc
6da6950609b0656c12d6fc4704c5f843 5291604 devel optional gsoap_2.8.17.orig.tar.gz
ebd4d67b34feddf6238cb38aec7c66e2 14428 devel optional gsoap_2.8.17-1+deb8u2.debian.tar.xz
01e4f01042488da9643e24dcc41ca942 201896 libs optional libgsoap5_2.8.17-1+deb8u2_amd64.deb
c667aa17fb9c7c7ff84426eb6b961835 202136 libdevel optional libgsoap-dev_2.8.17-1+deb8u2_amd64.deb
c8efb79162204ad112eaa98a4af3a2e3 695936 devel optional gsoap_2.8.17-1+deb8u2_amd64.deb
5d9e94f28d9ac1cd5997fc1756125dcd 544336 debug extra libgsoap-dbg_2.8.17-1+deb8u2_amd64.deb
30cbfe5259d47d48b6d52ff9616d9e88 1898648 debug extra gsoap-dbg_2.8.17-1+deb8u2_amd64.deb
d6381450bb77362127471aba0229b35d 3261966 doc optional gsoap-doc_2.8.17-1+deb8u2_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlxq1isACgkQHpU+J9Qx
HlhR5hAAk4/u+DmvfU4ID7m9bbtjn3YgUVa3p6x4KZlvWCbhE/y9pM0v4DX4Fw7S
kIOT6XjPgnuD0YHzEUI5WGZvaa+m8CQZE2p7VNJuECclFv0Q3NJ3azHd/O6Ncd+w
JkEkU6gUez1BgqekyGx+TFfQbW4PdK38vjyQYxGsBCCTWHnqr8Z77rOaMya4gDRy
iQIXmMP7Xr8MkKtA9LHV31jJ8mgtF3iROpnVx4Cvk88r0JYYt5zlabRYPNPIoCRm
ChNfCEGlZXqaiXxPl7GWbDQbiMgtbPgILJYBdho5mEcZSWyGwEQRujWKoKh4sq7Z
7PRStLquOeup582WpHoODjKe1ss8iWE4rhstuprU4mn4sAZzEyrkibNZNSUxMhB+
p8Q/tG89+rECqGFhDLYYR2gqG81EHsD7QBJPi18RZKP+vMcutRy35BDxxyMYU0L7
AT6OMTKnZrh0Lqffv8WSNf0aXZYU75nzvb58kgMEGnbAsq/tPLlsMsZF+eYAAgWM
RE7qeCMMg6I077tU/jTQjTWGTy8oS5EAZNNTJElzTgTXRwzqv+iKvNXdCmLxCqPu
apIbr47cnMrgc8lP1cpKcf/ZCQYH9WYWu39w0vO14jgwFjqLMulzLArl4EOljuXj
MuavIoPp3frZzUdnhlLlvPpMEBA0EyC1ukkCWFZRRO9eCvoP+zk=
=/qlv
-----END PGP SIGNATURE-----
Reply to: