-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 06 Nov 2012 12:56:27 +0200 Source: radsecproxy Binary: radsecproxy Architecture: source i386 Version: 1.6.2-1 Distribution: unstable Urgency: high Maintainer: Faidon Liambotis <paravoid@debian.org> Changed-By: Faidon Liambotis <paravoid@debian.org> Description: radsecproxy - RADIUS protocol proxy supporting RadSec Changes: radsecproxy (1.6.2-1) unstable; urgency=high . * Urgency set to high for a security release. * New upstream release, fixing two security issues: - When verifying clients, don't consider config blocks with CA settings ('tls') which differ from the one used for verifying the certificate chain (RADSECPROXY-43, CVE-2012-4523). Reported by Ralf Paffrath. - Fix the issue with verification of clients when using multiple 'tls' config blocks for DTLS too (RADSECPROXY-43, CVE-2012-4566). Reported by Raphael Geissert. * Drop most of debian/patches/fix_manpages, merged upstream. Checksums-Sha1: d43706bf9981b5c29f1d729b627727ccb8421f52 1790 radsecproxy_1.6.2-1.dsc c45ddbbc69ed81a77c1365160d2cdd8f0184f40e 205422 radsecproxy_1.6.2.orig.tar.gz 16e538b78df5afdd9f405746059362b4b34cd7ac 7771 radsecproxy_1.6.2-1.debian.tar.gz dbe6ea9d3a9fa8a456325686e28a7c790905cf35 91126 radsecproxy_1.6.2-1_i386.deb Checksums-Sha256: cea923711ef4df80546329a34bc1aaa923d800163ffe5a2ae895555a9bb7289f 1790 radsecproxy_1.6.2-1.dsc d562e69025b8833f0e44b141ae04aa0ae6b014290883a4f88967d8220c1d927c 205422 radsecproxy_1.6.2.orig.tar.gz 0f9e35c22a07bc12e1927674c652795c45025b112c709cf108723a5b48311bbc 7771 radsecproxy_1.6.2-1.debian.tar.gz ed05e66a7ca3ec25afd0e17839b509f36d5aa403c066e14a21cb7af43e306c32 91126 radsecproxy_1.6.2-1_i386.deb Files: 4e51d22dafcb280c932ac4fbe1d07d3a 1790 net optional radsecproxy_1.6.2-1.dsc dad5c696e4cfe80d606ba90c9a13118b 205422 net optional radsecproxy_1.6.2.orig.tar.gz d58caa1c7d1c86515dc57b8f8217d270 7771 net optional radsecproxy_1.6.2-1.debian.tar.gz b7f203967cce8c32c27fb86f766be043 91126 net optional radsecproxy_1.6.2-1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJQmQSyAAoJEJ0LXlse7I8OVuUP/AiTJ3DDFgpcfwZKLDv6GRor DG+NjZvXoXw07yKZrEMfkDVHiBEnAa/IltyxAoXICDBVTQdfjbROoFFNflzP58Dy o21Qoyo9AOvUFSeuCT0thw/32XiwmT8+WNP1YbbP5pgJm5Dpd0vFOFt1652JsnF0 OZ1NkoIHaDd5ZsMUZ0yWe596a1PkB+TSj2UcnU4idEHpcVD15X+SqgJWeZMuajAQ gV9kGH+8D9KjAHhxeiF4wE/VOJtr1j9yaUlEfT6kugr1AkTV2Hwf4sBwBwUogWv7 Rh7jCflyidLEGLRvNvLiLjW41YlAhsKSjBV1tG/w2t8jNDGlCK/rMP4gjP+5If5W 4Kb/ooPVogqR1fSSXRMo9CwQGCs/G5/Ep7y68vn2m4NFv4XxEMVGCzUv30AdgdV1 0PLRIaq4xr9s3NI/qRS/2472f9c91n8D8AIaFUYoDpurSHRsKLzBfrRTrxVJ24Cr EOy6Yz5wCXhWrW9YamTn3zIi+O9ojWgTcjbl10oLwfCnpYwz/eEe5zFXRCRKxtyC l7t0J3NxgDOXWLXx34E3wqK0ZdHa+ynQuTssaTO0OlHl+L6/yQrtLnx/MXI5Joc8 HoPNlddKu/SD/XGc4srrG67FnBVxxlRMoG1OnL5+1MpkVCFMZWMmoWSz3y7xw0uf kTE7lbSKlxzxyfpBHVa5 =1CzO -----END PGP SIGNATURE-----