-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 11 Jan 2014 15:19:46 +0100 Source: graphviz Binary: graphviz libgv-guile libgv-lua libgv-ocaml libgv-perl libgv-php5 libgv-python libgv-ruby libgv-tcl libgraph4 libcgraph5 libcdt4 libpathplan4 libgvc5 libgvc5-plugins-gtk libgvpr1 libxdot4 libgraphviz-dev graphviz-doc graphviz-dev Architecture: source all amd64 Version: 2.26.3-5+squeeze2 Distribution: squeeze-security Urgency: high Maintainer: David Claughton <dave@eclecticdave.com> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: graphviz - rich set of graph drawing tools graphviz-dev - transitional package for graphviz-dev rename graphviz-doc - additional documentation for graphviz libcdt4 - rich set of graph drawing tools - cdt library libcgraph5 - rich set of graph drawing tools - cgraph library libgraph4 - rich set of graph drawing tools - graph library libgraphviz-dev - graphviz libs and headers against which to build applications libgv-guile - Guile bindings for graphviz libgv-lua - Lua bindings for graphviz libgv-ocaml - OCaml bindings for graphviz libgv-perl - Perl bindings for graphviz libgv-php5 - Php5 bindings for graphviz libgv-python - Python bindings for graphviz libgv-ruby - Ruby bindings for graphviz libgv-tcl - Tcl bindings for graphviz libgvc5 - rich set of graph drawing tools - gvc library libgvc5-plugins-gtk - rich set of graph drawing tools - gtk plugins libgvpr1 - rich set of graph drawing tools - gvpr library libpathplan4 - rich set of graph drawing tools - pathplan library libxdot4 - rich set of graph drawing tools - xdot library Closes: 734745 Changes: graphviz (2.26.3-5+squeeze2) squeeze-security; urgency=high . * Non-maintainer upload by the Security Team. * Add CVE-2014-0978.patch patch. CVE-2014-0978: Fix stack-based buffer overflow due to a boundary error in the "yyerror()" function. (Closes: #734745) * Add CVE-2014-1236.patch patch. CVE-2014-1236: buffer overflow from user input (the regexp in chkNum would accept arbitrary long digit list) (Closes: #734745) Checksums-Sha1: 69b4265ef2a6907ce27b508a15b1c8bdb12342eb 2712 graphviz_2.26.3-5+squeeze2.dsc 99e8741a990173f277dd90859d0cca9d16a18cff 50964 graphviz_2.26.3-5+squeeze2.debian.tar.gz 11e93412ca4beb51da446308c0d906c6bb277e6b 2585914 graphviz-doc_2.26.3-5+squeeze2_all.deb 3cb513207b8df2bde51fcd7f340efe863812bf6a 48406 graphviz-dev_2.26.3-5+squeeze2_all.deb 926953d9e81cb18dee94dd4e24d388836a455763 375938 graphviz_2.26.3-5+squeeze2_amd64.deb 04274d3dc480cee6d19b5393efe8591803a72ed6 71758 libgv-guile_2.26.3-5+squeeze2_amd64.deb 05b507618dc9fc158041333a90bbce3b504f7490 81652 libgv-lua_2.26.3-5+squeeze2_amd64.deb bdb764520e49e8b18ff8107773d26371b14f35f3 79822 libgv-ocaml_2.26.3-5+squeeze2_amd64.deb 62bc1e15bf5e2cb5047639c59d1d2162faa61324 96784 libgv-perl_2.26.3-5+squeeze2_amd64.deb 9ca386193a362c8d2dc144511c54c240c80898ef 80442 libgv-php5_2.26.3-5+squeeze2_amd64.deb a797eb8087eb2d80c537b9ad079293ef543ece91 113982 libgv-python_2.26.3-5+squeeze2_amd64.deb 60539b02ee4e9995389d9d9e1bd3e3c4dd2602d6 75936 libgv-ruby_2.26.3-5+squeeze2_amd64.deb bd3ae60dc3edfdf7e81caf217678b18071e376e8 666344 libgv-tcl_2.26.3-5+squeeze2_amd64.deb 9bc571219d52b7d1a2e9859b5b3c4c216a6369cf 73092 libgraph4_2.26.3-5+squeeze2_amd64.deb 8e9cdf8195633f05d13394ed2f56a43f3c21971e 87274 libcgraph5_2.26.3-5+squeeze2_amd64.deb 4e24a529e3425ae38b2f3192c886739c2afdc00f 59942 libcdt4_2.26.3-5+squeeze2_amd64.deb 88cc57028d2c957173e18779447764571e07455a 65066 libpathplan4_2.26.3-5+squeeze2_amd64.deb 8e08b2265eafc69a512731a24e1d96529f571c2f 542378 libgvc5_2.26.3-5+squeeze2_amd64.deb 5a7adc55fb3d41d7531e16c0d53289d339264eeb 62440 libgvc5-plugins-gtk_2.26.3-5+squeeze2_amd64.deb a60a5c9ace4bbf923165f2ecfd050139dab147af 243844 libgvpr1_2.26.3-5+squeeze2_amd64.deb 9d65c341a62b3424665b9244b0d7d792215809f1 53978 libxdot4_2.26.3-5+squeeze2_amd64.deb 692c7bbe60cfc2202c9cafa0b0a9988523cf055b 123312 libgraphviz-dev_2.26.3-5+squeeze2_amd64.deb Checksums-Sha256: 62eeedc9c329353dfc621267f42253d1e2c1cc21dc5d7fddcb898483596e0ad3 2712 graphviz_2.26.3-5+squeeze2.dsc 38148b44d9ffb78b11983a8ac3d31e2790043d083f2747d2d3ca844a28e723f3 50964 graphviz_2.26.3-5+squeeze2.debian.tar.gz f08583a04baf421d1a562237a51c1b9414f41452b0352921e61323461c5a4175 2585914 graphviz-doc_2.26.3-5+squeeze2_all.deb 1190f1e52c42d1cd4a6a9ee00d72071528ca3f036780717d59c4c36df99d347f 48406 graphviz-dev_2.26.3-5+squeeze2_all.deb 70655c7506fa1b2e0ad3a3dd2f89f5423edea34e38af2db6d378dd7a5fde6cc3 375938 graphviz_2.26.3-5+squeeze2_amd64.deb 7f844ef7788373a0f870e9046fc72478179644357682c6798032d3f0a26e5d27 71758 libgv-guile_2.26.3-5+squeeze2_amd64.deb 79a99569ba44faa31678fce3cea69663ead97109543c322f6055c7e7e9790096 81652 libgv-lua_2.26.3-5+squeeze2_amd64.deb 138a83b091d58cd1df533c18c7f7fc8d02f90eb9bd262ec8662c7b0244926e89 79822 libgv-ocaml_2.26.3-5+squeeze2_amd64.deb 45b3adb72d12c6f6fa593c7479f8dbdd1574199fe0dc72b3eaa9598ca2369388 96784 libgv-perl_2.26.3-5+squeeze2_amd64.deb 21d4ae3ff1d29ad9e1dc4dd76e06f59c62b246a8c7a2d6f23af17f5bb6eba1fc 80442 libgv-php5_2.26.3-5+squeeze2_amd64.deb a56eed7bbb1609d406e731064b7cdb30aaecf31589d1ce0fcadaf7b9e6ffd1fc 113982 libgv-python_2.26.3-5+squeeze2_amd64.deb f4308aded9e707bf179a82b7bbb31ba39e7a123822eb2e7f54d262acd06b9c65 75936 libgv-ruby_2.26.3-5+squeeze2_amd64.deb eae6254aad97ffd011bdd1bc1f00fbb2801d126a0a501020783ba27af87b569d 666344 libgv-tcl_2.26.3-5+squeeze2_amd64.deb bbdcb396d3953f961efbb3adce5f84070c34718ff3ddb495eca6df45b8e8f8a9 73092 libgraph4_2.26.3-5+squeeze2_amd64.deb dc6987e09fa564386caeb37bfdc1994ec2b1861f869780f38c06f50a34199187 87274 libcgraph5_2.26.3-5+squeeze2_amd64.deb 707893308e3641e3fa0c837e3faf00ef37de31f08bfb26bf4971aba85af6c883 59942 libcdt4_2.26.3-5+squeeze2_amd64.deb 0b3dde99c0b8d92b7f41a77300e321ccd853c16429507a0a0b1ca2e827b97547 65066 libpathplan4_2.26.3-5+squeeze2_amd64.deb 554a580c2df71110bf818d29173b928d1a511b3ad88861e4c497c448a3283d76 542378 libgvc5_2.26.3-5+squeeze2_amd64.deb 931dd2c6998b74ade9104a4234a78232c823677ae5fa8d0f9d248e62f2008260 62440 libgvc5-plugins-gtk_2.26.3-5+squeeze2_amd64.deb 2fa6785385a853906bdd15821070bbfc102d91c2820db11552b66c01a577c632 243844 libgvpr1_2.26.3-5+squeeze2_amd64.deb cb5a0e0364379a501a4c574171a89dca8bc481d82dc4f8380d8146befbb04423 53978 libxdot4_2.26.3-5+squeeze2_amd64.deb a015c86c2f8e23f8d54d6db4130be2e37a36f995a17cb9ac7968fd729df36b0b 123312 libgraphviz-dev_2.26.3-5+squeeze2_amd64.deb Files: 77a5c680be3f3931db084ff17c46cad4 2712 graphics optional graphviz_2.26.3-5+squeeze2.dsc b943a1e5e029b87a19ddfd3a4c4cbdb4 50964 graphics optional graphviz_2.26.3-5+squeeze2.debian.tar.gz e1e9d5240deef670a0d1abb745d2d24d 2585914 doc optional graphviz-doc_2.26.3-5+squeeze2_all.deb 70929da9ff97d3b13738f1be0da11c82 48406 devel optional graphviz-dev_2.26.3-5+squeeze2_all.deb 76d1950b1e2eae2678749e4bfac681bc 375938 graphics optional graphviz_2.26.3-5+squeeze2_amd64.deb c91f76a5cdea282b5afdae0f1de7ced1 71758 interpreters optional libgv-guile_2.26.3-5+squeeze2_amd64.deb b3ac5bbd983739f4375032b8c6d041c7 81652 interpreters optional libgv-lua_2.26.3-5+squeeze2_amd64.deb 6b4513d3cf68b0f99d6a574efc298990 79822 ocaml optional libgv-ocaml_2.26.3-5+squeeze2_amd64.deb 9963c816414e122ce5e5fc8475e43c13 96784 perl optional libgv-perl_2.26.3-5+squeeze2_amd64.deb e36724d5bfc29f00aae57b0685707502 80442 php optional libgv-php5_2.26.3-5+squeeze2_amd64.deb 3ac57408c48b223a470de3d7575c2b8c 113982 python optional libgv-python_2.26.3-5+squeeze2_amd64.deb 720ab649b4dac62308c75eed957bc623 75936 ruby optional libgv-ruby_2.26.3-5+squeeze2_amd64.deb 8cf69dd066623e0f170696f6db16acaa 666344 interpreters optional libgv-tcl_2.26.3-5+squeeze2_amd64.deb a669373729729f390f74ebfe8e87a903 73092 libs optional libgraph4_2.26.3-5+squeeze2_amd64.deb 3afbd7da9a93589e808ba03145590705 87274 libs optional libcgraph5_2.26.3-5+squeeze2_amd64.deb 3f35225e97d56efbdaf74ae1284c2cf4 59942 libs optional libcdt4_2.26.3-5+squeeze2_amd64.deb 3a4aff0993450329735f0a4e257c2d47 65066 libs optional libpathplan4_2.26.3-5+squeeze2_amd64.deb 343adcd564c1a9e1a325433742a7e9d4 542378 libs optional libgvc5_2.26.3-5+squeeze2_amd64.deb f07da400178fd2cdc9b42b54b4679c5d 62440 libs optional libgvc5-plugins-gtk_2.26.3-5+squeeze2_amd64.deb 99bff86141c27e038426da43298d8c82 243844 libs optional libgvpr1_2.26.3-5+squeeze2_amd64.deb 6d7be3161df741e4a8cb8592b0c656b9 53978 libs optional libxdot4_2.26.3-5+squeeze2_amd64.deb 2b546a947eb0de9e243af8b1f780998c 123312 libdevel optional libgraphviz-dev_2.26.3-5+squeeze2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJS1APNAAoJEAVMuPMTQ89EoXoP/2/EweCOfzuRyKfw5P5Opk9g ro7pqC0pAPtteXD8159UQj+WsVv2osk3guEKq9BN+BA4xj5Sk1dakaIN63b2ZmKD Gbl8/vKQzU2AxZSZ4fjxabfW2X6X1PQM51wjUofIzO/eJzq7wFsU+/E4EcFQHvlK 7rXfUstCe5C+8qnC/0y3xJ/40RDe2ciWwrku67U6T3vYHbLluwCwyMzWq9MGMecG T1N4BoGKDOhmhJFQAKygIUiIlzm0qOPINc3e2xEvLI2LKlsbWf4JnQXhQj3RfXmq XVYuRavFI9KGv+X+qiY71h1hCy0GJ4bGKwZmZEKe8sB3lQ784WOlBPwKoxiE9m3g wxvSsfFaZf/bLSnumBZ/p+SDtebJwoHIuXViPAcY88TLxalk0FQ+46ttKL+PaRlc dF3r5uutBFimkXI0GI2MSZDPsJ+Jwvvz/vn4JBZtJH0uRPcJeA6wQGWA2PlNFDAN nPPJAtAOsthaO7WAeWzELgpxADMlMGm/mYm5aMdZPOY92YgsrI+ftmkMvtb0jAYE DuOZDEr1VRTprtL4AhUYWGsjPD+mU/xSZHHKnkHMiRNbm8q5jbY91JZMkoUf79p1 3GtrBM+5WUJqcM9KWfqk4RgZlKUxod5DRJu3Oe9wuJmhloioLrcSqmT4ym+oUps7 L1UG58OQWMSoGP8ST9sW =E8GS -----END PGP SIGNATURE-----