-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Fri, 31 Jan 2014 09:19:46 +0100 Source: ia32-libs Binary: ia32-libs ia32-libs-dev Architecture: source amd64 Version: 20140131 Distribution: squeeze-proposed-updates Urgency: low Maintainer: Debian ia32-libs Team <pkg-ia32-libs-maintainers@lists.alioth.debian.org> Changed-By: Thijs Kinkhorst <thijs@debian.org> Description: ia32-libs - ia32 shared libraries for use on amd64 and ia64 systems ia32-libs-dev - ia32 development files for use on amd64 and ia64 systems Changes: ia32-libs (20140131) squeeze-proposed-updates; urgency=low . * Packages updated . [ curl (7.21.0-2.1+squeeze7) squeeze-security; urgency=high ] . * Fix re-use of wrong HTTP NTLM connection as per CVE-2014-0015 http://curl.haxx.se/docs/adv_20140129.html * Set urgency=high accordingly . [ curl (7.21.0-2.1+squeeze6) oldstable-security; urgency=low ] . * Disable host verification too when using the --insecure option (#729965) . [ curl (7.21.0-2.1+squeeze5) oldstable-security; urgency=high ] . * Fix OpenSSL checking of a certificate CN or SAN name field when the digital signature verification is turned off as per CVE-2013-4545 http://curl.haxx.se/docs/adv_20131115.html * Set urgency=high accordingly . [ libxml2 (2.7.8.dfsg-2+squeeze8) oldstable-security; urgency=high ] . * Non-maintainer upload by the Security Team. * Fix cve-2013-2877: out-of-bounds read when handling documents that end abruptly. . [ nspr (4.8.6-1+squeeze1) squeeze-security; urgency=high ] . * Non-maintainer upload by the Security Team. * Fix CVE-2013-5607: integer overflow on 64 bit systems . [ nss (3.12.8-1+squeeze7) squeeze-security; urgency=high ] . * Non-maintainer upload by the Security Team. * Add CVE-2013-5605.patch. CVE-2013-5605: Null_Cipher() does not respect maxOutputLen; allowing remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets. Checksums-Sha1: 1eab2644e1c2f74e8e315c6856952c5b230e6174 1641 ia32-libs_20140131.dsc 7c12f80585af15f0ea2cb8f32bf853c984a4dd3d 334668317 ia32-libs_20140131.tar.gz 348652345019034a408fa0f74ff8264e969be3b0 34265756 ia32-libs_20140131_amd64.deb 10b0ee06a83276cf9033ec60419d351060117f02 13081820 ia32-libs-dev_20140131_amd64.deb Checksums-Sha256: 46ad4f6ab93484974179a42f576553f6e98823d9563b9f8ddb435149e4a178e0 1641 ia32-libs_20140131.dsc c9f7404ab737259a59d406a933ad0df71148166f214e187edb6508e008298901 334668317 ia32-libs_20140131.tar.gz e4f59f4b2067f9ddd83641531b31b20e1dff8379586d4957288369460b9a4c66 34265756 ia32-libs_20140131_amd64.deb fe7b095cddb2bd6ee5d2ce7a9fe7ef35bbd5b998e2c9d54145fdc2f34667f5cf 13081820 ia32-libs-dev_20140131_amd64.deb Files: 1bdc6e83bbfbd38be48b1af417907763 1641 libs optional ia32-libs_20140131.dsc 016f60f777e9f46d42274aece14d87f7 334668317 libs optional ia32-libs_20140131.tar.gz bc1f51cb527ef6736dac9163fa8c8fff 34265756 libs optional ia32-libs_20140131_amd64.deb da5e06408ea72e73fa075a6b1e79c1cb 13081820 libdevel extra ia32-libs-dev_20140131_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJS63o1AAoJEFb2GnlAHawEGWsH/38UiAOXtr2pkbWcb2LpO0uc agJ+lrHrjI/7AS/IkWjFGv6+oo1Sll1GUervtgRBkqpgl6mBjmeVfRyHGbGQmNzp 3SL0f+BMH4CMjRFrrR3uoo710QXP1wTWVPfHyHddU7ONr67t7R7qITdAgizOIzjR 7iI4J/sew8qP4CZxSOOlzITLUzfTwi9HC2iPhY/T5fR1HDg2nOlt6PuNlwW5GvKF x82jdKUBe8Lm7P9GHK5dutTq0q8CggDyqs2o5t34L483KKVUGokDlovXWmNHh6aN djq0O54NNPZCF7un8A/pyR6vcEiyFvZ19/HhDl4lNuC3PTYh706P1QKw7VXOWzE= =6sxI -----END PGP SIGNATURE-----
