Hi, As usual I'd like to upload new versions of ia32-libs* to refresh the included packages w.r.t. stable/security updates. The resulting changelogs of ia32-libs and ia32-libs-gtk are included below. ia32-libs-core does not require an update. I'll monitor the situation so we can always upload a newer version closer to the point release if need be. I'll send a separate email about lenny. Let me know if I can upload. Cheers, Thijs ia32-libs (20111228) stable; urgency=low * Packages updated [ cups (1.4.4-7+squeeze1) stable-security; urgency=high ] * Non-maintainer upload by the Security Team. * debian/patches: - str3867 added, fix an infinite loop / heap-based buffer overflow in the gif_read_lzw() function (CVE-2011-2896) - str3914 added, complete the fix for the previous issue (CVE-2011-3170). [ freetype (2.4.2-2.1+squeeze3) stable-security; urgency=low ] * Non-maintainer upload by the Security Team. * Upload prepared by Michael Gilbert! * Fix CVE-2011-3439: vulnerability in CID-keyed Type 1 fonts. [ freetype (2.4.2-2.1+squeeze2) stable-security; urgency=low ] * Non-maintainer upload by the Security Team * CVE-2011-3256 [ krb5 (1.8.3+dfsg-4squeeze2) stable; urgency=low ] * Upstream ticket 6852: permit gss_set_allowable_enctypes to restirct acceptor enctypes. Required in order to permit newer than squeeze clients to talk to a squeeze nfs server without degrading security for non-nfs applications on the box, #622146 [ mesa (7.7.1-5) squeeze; urgency=low ] * glx: suppress BadRequest from DRI2Connect (which is expected for non-local clients). [ nss (3.12.8-1+squeeze4) stable-security; urgency=low ] * Explicitly distrust malaysian Digicert Sdn. Bhd CA certificate. * Address CVE-2011-3640 (Untrusted search path vulnerability). #647614. [ openssl (0.9.8o-4squeeze4) squeeze-security; urgency=high ] * Non-maintainer upload by the Security Team. * Block Malaysian's Digicert Sdn. Bhd. certificates by marking them as revoked. [ openssl (0.9.8o-4squeeze3) squeeze; urgency=low ] * Non-maintainer upload by the Security Team. * Fix CVE-2011-3210: SSL memory handling for (EC)DH ciphersuites [ pam (1.1.1-6.1+squeeze1) stable-security; urgency=low ] * Non-maintainer upload by the Security Team * Fix CVE-2011-3148 and CVE-2011-3149 -- Thijs Kinkhorst <thijs@debian.org> Wed, 28 Dec 2011 11:38:19 +0000 ia32-libs-gtk (20111228) stable; urgency=low * Packages updated [ jasper (1.900.1-7+squeeze1) stable-security; urgency=high ] * Backported patch from #652649: - CVE-2011-4516: Heap-based buffer overflow - CVE-2011-4517: Heap-based buffer overflow -- Thijs Kinkhorst <thijs@debian.org> Wed, 28 Dec 2011 11:24:57 +0000
Attachment:
signature.asc
Description: This is a digitally signed message part.