-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 06 Nov 2012 11:55:39 +0200 Source: radsecproxy Binary: radsecproxy Architecture: source i386 Version: 1.4-1+squeeze1 Distribution: stable-security Urgency: high Maintainer: Faidon Liambotis <paravoid@debian.org> Changed-By: Faidon Liambotis <paravoid@debian.org> Description: radsecproxy - RADIUS protocol proxy supporting RadSec Changes: radsecproxy (1.4-1+squeeze1) stable-security; urgency=high . * Backport two security fixes from 1.6.1/1.6.2: - When verifying clients, don't consider config blocks with CA settings ('tls') which differ from the one used for verifying the certificate chain (RADSECPROXY-43, CVE-2012-4523). Reported by Ralf Paffrath. - Fix the issue with verification of clients when using multiple 'tls' config blocks for DTLS too (RADSECPROXY-43, CVE-2012-4566). Reported by Raphael Geissert. Checksums-Sha1: b25430349b312600175d6a9e10550e4ff635dd61 1723 radsecproxy_1.4-1+squeeze1.dsc 205e3dc6062cd7c7b22fb812e4f4bce893eb998c 179771 radsecproxy_1.4.orig.tar.gz cc5700a7eac1a2d8b28fc3aeefbfa87ef975a143 6491 radsecproxy_1.4-1+squeeze1.diff.gz 84410ce59928b972f965576e71a3446ca168acc2 62556 radsecproxy_1.4-1+squeeze1_i386.deb Checksums-Sha256: a0e2114b49831f75903353464841616f7e6bfa91d2a3a2cf8b9207e690ad293b 1723 radsecproxy_1.4-1+squeeze1.dsc 12cbdb8c0ac6eaba81fc805033549845a5937f42e32416f091cc79796f207385 179771 radsecproxy_1.4.orig.tar.gz a6e2a63d7e6dfdf5e6ff662c8f6711f1b35868bfccf86aab0b0eee5d8504c3ad 6491 radsecproxy_1.4-1+squeeze1.diff.gz bec9fc381986f866135d5a9e8346f822833688751c4f3565677af0a6b89116c4 62556 radsecproxy_1.4-1+squeeze1_i386.deb Files: fecade2db8794c1ae13d6580792d52f1 1723 net optional radsecproxy_1.4-1+squeeze1.dsc 7b5248b2a7a133561cf685730824c893 179771 net optional radsecproxy_1.4.orig.tar.gz d2c7a5571cebd5347dbcd989081dd4e6 6491 net optional radsecproxy_1.4-1+squeeze1.diff.gz 42ca735f1c3e2954015be633489faa92 62556 net optional radsecproxy_1.4-1+squeeze1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJQmOVrAAoJEJ0LXlse7I8OfMgP/1lLcwuEKrVSS+oo60CfZjKH jgSEnLqBqE89aS01DZGotvPZynwYJKPZVlyItpZKeNCjcedIrWNQ8wI8cCFbfoM+ IXLhJxjV/usa+N0Nziy5tD/w+x7qIJubsFbSUBVd/OtLJ7EzkX1s6w0DY0sH2KUU BkMrkrKJa+GTMNIol6GdZxpzjJnLhpII4WYw/38SSkWogn63mYDwmc2JI2ZCM7yS NWsmuVR+pIukSvPS7P2PidMHFm7qIJaor7vqLY2A0fL9HmvbHbfGHvtth/6IxM3C jCkhJWntoyU0ytuzwE6ZjR5RjlOyHkqZvUeZtJGQApsuIlNIH1qytH7zmRXPLqxg vGwtqqLPwL8cGxcAq+xgtCw0/q5lEaEfYRofVAVjynePEZV8sFZLdSldikhJr9nE gZ4rPq4RJ2uwmCqN08hW/GkvA+AvGNmUyMzonpsPvD0VK5QpEG9H8UYA5MC1c6Qi JveLJ6BZEVM2t13OgWdIMg6d4Xdmqv4EMO/10m6U+5axM4O0QhcdNasVJQAlcBAJ wSsZD+nmRzWJJcagkmHU23vu9JYyA3akxZGWve/9F2pvmJ85lhJK0JMgiKcUxQ1A AEaTvDghdL0oXVcR5cAydNQLrXavWiUoHXnZDKj4I9OO//AaKYQNWKJFWrQTZwVc WU90Ehq1gIblSCo2D7Xq =K9Rw -----END PGP SIGNATURE-----