Debian Package Tracker

From: Nicolas Braud-Santoni <nicoo@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted pam-u2f 1.0.7-1+deb10u1 (source) into proposed-updates->stable-new, proposed-updates
Date: Sun, 25 Aug 2019 14:27:36 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 13 Aug 2019 01:06:31 +0200
Source: pam-u2f
Architecture: source
Version: 1.0.7-1+deb10u1
Distribution: buster
Urgency: high
Maintainer: Debian Authentication Maintainers <team+auth@tracker.debian.org>
Changed-By: Nicolas Braud-Santoni <nicoo@debian.org>
Closes: 930021 930023 930047
Changes:
 pam-u2f (1.0.7-1+deb10u1) buster; urgency=high
 .
   * Backport multiple security fixes
      + Fix insecure debug file handling CVE-2019-12209. (Closes: #930021)
      + Fix debug file descriptor leak CVE-2019-12210. (Closes: #930023)
      + Fix a non-critical buffer out-of-bounds access. (Closes: #930047)
 .
   * Backport a reliability fix
     pam-u2f could previously segfault following a failure to allocate a buffer.
Checksums-Sha1:
 49a281cf17a8b5db56583553727b0d93d317c480 2138 pam-u2f_1.0.7-1+deb10u1.dsc
 68360e338b42f8db16c77ea1cd96b856ba2843ef 56428 pam-u2f_1.0.7-1+deb10u1.debian.tar.xz
 75ca5b380694325edc6731cdbbd64fdfebb275d6 6448 pam-u2f_1.0.7-1+deb10u1_amd64.buildinfo
Checksums-Sha256:
 4b173ae60c2f8f13f6b4e8e04c6d5f7ed13495c9d33238cd0e1d14ea515d286d 2138 pam-u2f_1.0.7-1+deb10u1.dsc
 e5d0e60331a0e16599faae60c713863f7f4e761b9120d097b0c558d66bc185b7 56428 pam-u2f_1.0.7-1+deb10u1.debian.tar.xz
 6efe3aaf30d89b81252353352b2cd8521d641539bdaf4b53414453f2caff3f90 6448 pam-u2f_1.0.7-1+deb10u1_amd64.buildinfo
Files:
 45334ae640b0e0190c959d7f1fad6208 2138 admin optional pam-u2f_1.0.7-1+deb10u1.dsc
 8d0b8abdb6c364e5856fc6cad289262a 56428 admin optional pam-u2f_1.0.7-1+deb10u1.debian.tar.xz
 b6e95eeeb26dd53f32ee0aec5bd3485d 6448 admin optional pam-u2f_1.0.7-1+deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEU7EqA8ZVHYoLJhPE5vmO4pLV7MsFAl1hYk4ACgkQ5vmO4pLV
7MtAYA/7Bsj+jyHRf35IQDaemMduk6NP5DKsP8wQfFKICpCK0PJKGiTgt801gDx6
IjZb2O7yCWScgWWUId2oiS4NAuo9HYf83rbJ568w0nr2kK4tM3SF0UjVXc0wFffG
/2EylkotgZ2JMvD+bMdRKPD4O6YGvd3BDiwrG9EigNC1a0GQA0K7Iw+C6H5gDZGp
NiXO8tFNQPAoOIsmcic5nVA+H7PdDHfq9tLu+qmfH3ZQCokzrTE74+QDYx6k8bT+
pcOSBMwg+fzz4rYsQKrFTVlIPXfFJCBZRAQkOIyL/NmkIhM07ZJ9PnE69qM32ao0
3Wlh2jLN8vTTecdkapKsNb6DCu7A9SJGw/yrC6LQik2pDJgyAN4fL0+cZl/Qbz38
KauRg3BxTJQmMLB1T6xkD3v8e7M8AYT+nomKGqFErbVp81Gz/VmLw1sh/y1MkF8U
HkrjtQXtz1jkVZnchIiUPT1CKWO+GU+pCEtZcxmjuAJRbcIVD7Ejrf4GeXj5nZIM
5OM5eQZY4NxKXk5AcShu+gS7g9+sDyZwZXW6U2FvnLz2+TwDv3MKjlF7pxQq+ZxF
vwXN418sVxjHfqXiQa91e2H+E3zfIccCJJFBwlPiejSsAKZ+TFU5vKN3pG8GiTl8
F9QBY0hKoXEuanawtIqG/oT3CWLTUSgVlEKBjVM/H0yU4zPTR68=
=FO85
-----END PGP SIGNATURE-----

News for package pam-u2f