Debian Package Tracker

From: Loic Minier <lool@dooz.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted libmms 0.2-7 (source i386)
Date: Tue, 11 Jul 2006 05:17:08 -0700
Signed by: Loïc Minier <lool@dooz.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 11 Jul 2006 13:11:11 +0200
Source: libmms
Binary: libmms-dev libmms0
Architecture: source i386
Version: 0.2-7
Distribution: unstable
Urgency: high
Maintainer: Loic Minier <lool@dooz.org>
Changed-By: Loic Minier <lool@dooz.org>
Description: 
 libmms-dev - MMS stream protocol library - development files
 libmms0    - MMS stream protocol library
Changes: 
 libmms (0.2-7) unstable; urgency=high
 .
   * SECURITY: CVE-2006-2200: buffer overflows in mms / mmsh parsers:
     additional fixes thanks to Matthias Hopf:
     - even more checks on "packet_length" / "packet_len" in src/mms.c and
       src/mmsh.c
     - fix memset() calls in the two string_utf16() implementations in
       src/mms.c to clear all bytes in dest, "len" is the UTF-16 length of the
       string in wide chars, so the memset should use "2 * len".
Files: 
 3589e26ae8b82bd6186f4823e362da21 590 libs optional libmms_0.2-7.dsc
 a7af610a793c7548e556acb131decbde 21491 libs optional libmms_0.2-7.diff.gz
 5d6469a82b23eb1bd0c2c664e4d7a899 25178 libdevel optional libmms-dev_0.2-7_i386.deb
 7f7e0290776cd402c73b9632587d99c4 21056 libs optional libmms0_0.2-7_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEs4mE4VUX8isJIMARAmzbAJ9ZKcDSKuvdD79HNy1Iy9a3Mvr/YACeKL55
CWzxkewSIYYD1DQh7C5iSbc=
=t+bX
-----END PGP SIGNATURE-----


Accepted:
libmms-dev_0.2-7_i386.deb
  to pool/main/libm/libmms/libmms-dev_0.2-7_i386.deb
libmms0_0.2-7_i386.deb
  to pool/main/libm/libmms/libmms0_0.2-7_i386.deb
libmms_0.2-7.diff.gz
  to pool/main/libm/libmms/libmms_0.2-7.diff.gz
libmms_0.2-7.dsc
  to pool/main/libm/libmms/libmms_0.2-7.dsc

News for package libmms