[SRM] updating ia32-libs and ia32-libs-gtk

To: debian-release@lists.debian.org
Subject: [SRM] updating ia32-libs and ia32-libs-gtk
From: Thijs Kinkhorst <thijs@debian.org>
Date: Wed, 28 Dec 2011 13:08:05 +0100
Message-id: <[🔎] 201112281308.06698.thijs@debian.org>

Hi,

As usual I'd like to upload new versions of ia32-libs* to refresh the included 
packages w.r.t. stable/security updates. The resulting changelogs of ia32-libs 
and ia32-libs-gtk are included below. ia32-libs-core does not require an 
update. I'll monitor the situation so we can always upload a newer version 
closer to the point release if need be.

I'll send a separate email about lenny.

Let me know if I can upload.


Cheers,
Thijs

ia32-libs (20111228) stable; urgency=low

  * Packages updated

  [ cups (1.4.4-7+squeeze1) stable-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * debian/patches:
    - str3867 added, fix an infinite loop / heap-based buffer overflow in the
      gif_read_lzw() function (CVE-2011-2896)
    - str3914 added, complete the fix for the previous issue (CVE-2011-3170).

  [ freetype (2.4.2-2.1+squeeze3) stable-security; urgency=low ]

  * Non-maintainer upload by the Security Team.
  * Upload prepared by Michael Gilbert!
  * Fix CVE-2011-3439: vulnerability in CID-keyed Type 1 fonts.

  [ freetype (2.4.2-2.1+squeeze2) stable-security; urgency=low ]

  * Non-maintainer upload by the Security Team
  * CVE-2011-3256

  [ krb5 (1.8.3+dfsg-4squeeze2) stable; urgency=low ]

  * Upstream ticket 6852: permit gss_set_allowable_enctypes to restirct
    acceptor enctypes. Required in order to permit newer than squeeze
    clients to talk to a squeeze nfs server without degrading security
    for non-nfs applications on the box, #622146

  [ mesa (7.7.1-5) squeeze; urgency=low ]

  * glx: suppress BadRequest from DRI2Connect (which is expected for non-local
    clients).

  [ nss (3.12.8-1+squeeze4) stable-security; urgency=low ]

  * Explicitly distrust malaysian Digicert Sdn. Bhd CA certificate.
  * Address CVE-2011-3640 (Untrusted search path vulnerability).
    #647614.

  [ openssl (0.9.8o-4squeeze4) squeeze-security; urgency=high ]

  * Non-maintainer upload by the Security Team.
  * Block Malaysian's Digicert Sdn. Bhd. certificates by marking them
    as revoked.

  [ openssl (0.9.8o-4squeeze3) squeeze; urgency=low ]

  * Non-maintainer upload by the Security Team.
  * Fix CVE-2011-3210: SSL memory handling for (EC)DH ciphersuites

  [ pam (1.1.1-6.1+squeeze1) stable-security; urgency=low ]

  * Non-maintainer upload by the Security Team
  * Fix CVE-2011-3148 and CVE-2011-3149

 -- Thijs Kinkhorst <thijs@debian.org>  Wed, 28 Dec 2011 11:38:19 +0000

ia32-libs-gtk (20111228) stable; urgency=low

  * Packages updated

  [ jasper (1.900.1-7+squeeze1) stable-security; urgency=high ]

  * Backported patch from #652649:
    - CVE-2011-4516: Heap-based buffer overflow
    - CVE-2011-4517: Heap-based buffer overflow

 -- Thijs Kinkhorst <thijs@debian.org>  Wed, 28 Dec 2011 11:24:57 +0000

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

Follow-Ups:
- Re: [SRM] updating ia32-libs and ia32-libs-gtk
  - From: Thijs Kinkhorst <thijs@debian.org>
- Re: [SRM] updating ia32-libs and ia32-libs-gtk
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Re: [pkg-boost-devel] Boost defaults change (1.46.1 --> 1.48)
Next by Date: NEW changes in proposedupdates
Previous by thread: Processed: Re: Bug#653393: pu: package libhtml-template-pro-perl/0.9502-1+squeeze1
Next by thread: Re: [SRM] updating ia32-libs and ia32-libs-gtk
Index(es):
- Date
- Thread