Debian Package Tracker

Date: Sat, 16 Feb 2013 14:47:17 +0000
From: Thijs Kinkhorst <thijs@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted ia32-libs 20130215 (source amd64)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 15 Feb 2013 14:26:26 +0100
Source: ia32-libs
Binary: ia32-libs ia32-libs-dev
Architecture: source amd64
Version: 20130215
Distribution: stable
Urgency: low
Maintainer: Debian ia32-libs Team <pkg-ia32-libs-maintainers@lists.alioth.debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description: 
 ia32-libs  - ia32 shared libraries for use on amd64 and ia64 systems
 ia32-libs-dev - ia32 development files for use on amd64 and ia64 systems
Changes: 
 ia32-libs (20130215) stable; urgency=low
 .
   * Packages updated
 .
   [ cups (1.4.4-7+squeeze2) stable-security; urgency=high ]
 .
   * Backport upstream configuration files split:
     - Add split-configuration-files-STR4223.dpatch
     - Install the new cups-files.conf
     Fixes: CVE-2012-5519 (#692791)
   * Make cupsd.conf a non-conffile, as it is managed by cups itself.
     - On new installs, set it up from cupsd.conf.default.
     - On upgrades, move it away in preinst and move it back in postinst.
     - On aborted upgrades, move the file back in place.
     - On purge, delete it too.
   * Document changes in cups.NEWS.
 .
   [ libexif (0.6.19-1+squeeze1) stable-security; urgency=high ]
 .
   * Non-maintainer upload by the Security Team.
   * Cherry pick changes for CVE-2012-2814, CVE-2012-2840, CVE-2012-2813,
     CVE-2012-2812, CVE-2012-2841, CVE-2012-2836, CVE-2012-2837.
     (backport patches for fix-CVE-2012-2814, fix-CVE-2012-2836,
      fix-CVE-2012-2837)
 .
   [ libxml2 (2.7.8.dfsg-2+squeeze6) stable-security; urgency=high ]
 .
   [ Daniel Veillard ]
   * Fix potential out of bound access
     CVE-2012-5134, #694521.
 .
   [ libxslt (1.1.26-6+squeeze2) stable-security; urgency=high ]
 .
   * Patch to fix three CVEs (#689422):
     - CVE-2012-2870 by Daniel Veillard and Chris Evans
     - CVE-2012-2871 by Daniel Veillard
     - CVE-2012-2893 by Chris Evans
 .
   [ libxslt (1.1.26-6+squeeze1) stable; urgency=low ]
 .
   [ Daniel Veillard ]
   * Fix generate-id() to not expose object addresses
     CVE-2011-1202, #617413.
 .
   [ Abhishek Arya ]
   * Fix some case of pattern parsing errors
     CVE-2011-3970, #660650.
 .
   [ Chris Evans ]
   * [PATCH] Fix crash with unexpected DTD nodes in XSLT.
     CVE-2012-2825, #679283.
 .
   [ nss (3.12.8-1+squeeze6) stable-security; urgency=low ]
 .
   * Explicitly distrust two intermediate CA certificates mis-issued by
     TURKTRUST.
 .
   [ openssl (0.9.8o-4squeeze14) squeeze-security; urgency=low ]
 .
   * Fix CVE-2013-0166 and CVE-2013-0169
 .
   [ tiff (3.9.4-5+squeeze8) stable-security; urgency=high ]
 .
   * Add fix for CVE-2012-5581, reimplementing DOTRANGE handling to make it
     safer.  Thanks to Red Hat security team for backporting the fix.
 .
   [ tiff (3.9.4-5+squeeze7) stable-security; urgency=high ]
 .
   * Add fix for CVE-2012-4564, a heap-buffer overflow.  Thanks Adrian La
     Duca for doing all the work to prepare this upload.  (#692345)
 .
   [ tiff (3.9.4-5+squeeze6) stable-security; urgency=high ]
 .
   * Add fix for CVE-2012-4447, a buffer overrun.  (#688944)
   * CVE-2012-2088 was actually included in previous version but not listed
     in the change log.
 .
   [ tiff (3.9.4-5+squeeze5) stable-security; urgency=high ]
 .
   * Added several additional security patches taken from the Ubuntu Natty
     (11.04) tiff package.  (#678140)
 .
     CVE-2010-2482
     CVE-2010-2595
     CVE-2010-2597
     CVE-2010-2630
     CVE-2010-4665
     CVE-2012-2113
     CVE-2012-3401
Checksums-Sha1: 
 876a80e5988972d8e6934f0229639f0824e1628e 1641 ia32-libs_20130215.dsc
 45f4ed0bb0229f3b5c6ccc116dc3b0be3eef6181 334485403 ia32-libs_20130215.tar.gz
 c1cef33fc92e2fdb31ed907711d24dc48c67f544 34257802 ia32-libs_20130215_amd64.deb
 af43658e5bfba96576a0902c75e548c47722a017 13074832 ia32-libs-dev_20130215_amd64.deb
Checksums-Sha256: 
 a87456f081a2d6d4f53cac4cd15a78bfe7369b2e1baffa62d9471b383f43bde1 1641 ia32-libs_20130215.dsc
 59c928dd20b2cb08a22e348b81529dafbbaa257a1adf7515d39bace91db31204 334485403 ia32-libs_20130215.tar.gz
 41b6b37040f56e1d2ed63295bbfeca8e1fbb8ef93723b3ffd4dc4b39b41ced85 34257802 ia32-libs_20130215_amd64.deb
 27583267e2e8744d7d926e7164251194d6fb737ab97e010603ed8fa4d61dd121 13074832 ia32-libs-dev_20130215_amd64.deb
Files: 
 6bdc513cd4bd9153fd6e88ccf0c571fa 1641 libs optional ia32-libs_20130215.dsc
 c2dee7d1a9b8c734bd27d6ddd523ecdb 334485403 libs optional ia32-libs_20130215.tar.gz
 bacc50a7ecc0f33773be0fa473dfd092 34257802 libs optional ia32-libs_20130215_amd64.deb
 2ff6009d7afae6ff9446604d9433b788 13074832 libdevel extra ia32-libs-dev_20130215_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJRHjw8AAoJEFb2GnlAHawELUUH/AufbUEjvwWc17CmP1qz7Mw1
p2oYFIHPrrcz7o3q8TASd9CwF9+g4F7S12SKzGY8o6+3tuBufHSaiSsBdW0ur/BI
8xppsct/1SatPgNdzL++Gis9xN/sSlHzDLxy8CSstL9UVZYSXkvOAtBh5UUe+SYM
VdI+9Liz1dYgedr2uS86ECHGIKYHfCFLu1E4+jrHto8UZ3WjbTZT0bQ6LlJ+DQ5T
luhTy4yNMHkkS4qbl1GwjjtcBOKG+aIgW22k1xtz45RMID6VUVs13PIdZ5Dt8s6k
0M/8r2ZaxQsJt4GzJvsGQ2k/Sln0/O7Umd9cLZthqCwx7wRX46UH3MGZukAGo1w=
=FfFt
-----END PGP SIGNATURE-----
News for package ia32-libs
