-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 29 Dec 2012 19:23:17 +0000 Source: weechat Binary: weechat weechat-curses weechat-core weechat-plugins weechat-doc weechat-dev weechat-dbg Architecture: source all amd64 Version: 0.3.2-1+squeeze1 Distribution: stable-security Urgency: high Maintainer: Emmanuel Bouthenot <kolter@debian.org> Changed-By: Emmanuel Bouthenot <kolter@debian.org> Description: weechat - Fast, light and extensible chat client weechat-core - Fast, light and extensible chat client - core files weechat-curses - Fast, light and extensible chat client - console client weechat-dbg - Fast, light and extensible chat client - debugging symbols weechat-dev - Fast, light and extensible chat client - developement headers weechat-doc - Fast, light and extensible chat client - documentation weechat-plugins - Fast, light and extensible chat client - plugins Changes: weechat (0.3.2-1+squeeze1) stable-security; urgency=high . * Switch source format to '3.0 (quilt)' in order to easily add security patches * Add a patch to properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, see CVE-2011-1428. * Add a patch to fix a bug in the process handling API used by scripts. A remote attacker could exploit it to execute arbitrary commands, see CVE-2012-5534. Checksums-Sha1: 13fbf1c9814838577051d3a5c328ccbc980253bb 2129 weechat_0.3.2-1+squeeze1.dsc 3cddc1d89c883757c018211aa9b60e5cd83357ce 2423412 weechat_0.3.2.orig.tar.gz 2877dc181c8d7729ecc52bb1e0e3d6eb2c65e5dd 17628 weechat_0.3.2-1+squeeze1.debian.tar.gz 7a92269b889340d53e40e07c27535e52b5648a5f 21970 weechat_0.3.2-1+squeeze1_all.deb 04a618080014136b1b21c2ae353a4eadd3717056 239212 weechat-curses_0.3.2-1+squeeze1_amd64.deb ef65689696ab6a6f5e88325be1d718834b61753f 619388 weechat-core_0.3.2-1+squeeze1_amd64.deb ce0ff303e94a736f1dd44f9867d6a1b2e1876eac 339388 weechat-plugins_0.3.2-1+squeeze1_amd64.deb 98949c5852754ab8c238f51dd1b59b9168765daa 437290 weechat-doc_0.3.2-1+squeeze1_all.deb ce84316b213b0541b369b8492b84825a47834f52 32974 weechat-dev_0.3.2-1+squeeze1_all.deb 849e14ba3b20ec6a91c6a049bc71334374a3c0b3 1200456 weechat-dbg_0.3.2-1+squeeze1_amd64.deb Checksums-Sha256: bbc4bede84b18a0f9444d72e2f4f7dc0d427f9aacc2a2e2549e5cee3a8b3ed05 2129 weechat_0.3.2-1+squeeze1.dsc 27629d1c872efef33088216c8b9f7df60f2ccf05ee8c7225680ebc533da1098a 2423412 weechat_0.3.2.orig.tar.gz 04c5c0e4b1a6ab205e2a5544ecd2e0d7a254e8ae162e30d4032f87fc74989529 17628 weechat_0.3.2-1+squeeze1.debian.tar.gz 5b4e0e0050087bf4e5b19afc356abdc0a1954151f7a21f1b7d0e3ac58fe916e1 21970 weechat_0.3.2-1+squeeze1_all.deb 2475bb4880c3d15bb46c8e114cba6042b599f96a38fba7ec183416ffc7073ee2 239212 weechat-curses_0.3.2-1+squeeze1_amd64.deb 8b4aae5c93b15c0c24248640f465310e20f31cc41e662ad7064646ea6bf82aa8 619388 weechat-core_0.3.2-1+squeeze1_amd64.deb 5c2e46c921bca298eff3c93100591fe626c9d76bfbc9b29285c1755802b39aac 339388 weechat-plugins_0.3.2-1+squeeze1_amd64.deb a088ef6d4f954f32a123bd5a7cb8dcdccefe84d9a7d3b67d69de1da83c389022 437290 weechat-doc_0.3.2-1+squeeze1_all.deb 3c88322a2985a0e2096a5c928876237792a8d2589fb5ae01be050744c305fc0c 32974 weechat-dev_0.3.2-1+squeeze1_all.deb eeee712c0586d16c37b7b83277534c21e6bbe29ba60f550f75cbf4195ebcdf34 1200456 weechat-dbg_0.3.2-1+squeeze1_amd64.deb Files: 495c659e2ec6d6f94f10428e1b249404 2129 net optional weechat_0.3.2-1+squeeze1.dsc 8d39b7ea284660ea44182b66e330f3c3 2423412 net optional weechat_0.3.2.orig.tar.gz 831635c23c26bb395e26c143e792582f 17628 net optional weechat_0.3.2-1+squeeze1.debian.tar.gz 454480a5a74bc6fdbfe4c2e6d00b522e 21970 net optional weechat_0.3.2-1+squeeze1_all.deb 29b6cef27cb74e6007fdc9ef0dd2ae45 239212 net optional weechat-curses_0.3.2-1+squeeze1_amd64.deb 809599d3e6fd62077802e4cd1cffd2de 619388 net optional weechat-core_0.3.2-1+squeeze1_amd64.deb c807d46f11e3189122f8d9979db99589 339388 net optional weechat-plugins_0.3.2-1+squeeze1_amd64.deb 54ce850a1ea0d0e6db4e4f3c2a651bb6 437290 doc optional weechat-doc_0.3.2-1+squeeze1_all.deb 62e848db55f7a62b8d9e53813ca00edb 32974 devel optional weechat-dev_0.3.2-1+squeeze1_all.deb 1a1e75b98fa62cf11dceb9c9e8d44e03 1200456 debug extra weechat-dbg_0.3.2-1+squeeze1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJQ5fyQAAoJEEsHdyOSnULDCp4P/1CpZWVeG0AlC8lnr0xMjxmo SyuzBMzfAX9JdB7awTL1yIPbRPx6nkbiCEpx5izcetnAkKprww51IxmhBeYD6TtL jN4XJNQeD4u+DmJdmXBMbhkmw5NvXRgaWpZCz0PTrx1F3GQvLyvdgPZCcceuTDtf bNhEFMOYpV3Ds2XvgNmehD6xwwbJWmw5pRZ2QH584u3m69Ss8/4Gka+/UPvPw1bZ zdaJlE7d4fFeHyXGurtmMnK7HWvtHmJA/ABk2W1R7tBgyCiY4apxQ3ZSFvkR1L45 PjpNZ/UouXwBhlj9IyWh3bPWyFFCNuO2e9keWrreHdOXCB+pCwVe1Mq+SKyfFADU /PnNEC/1Is72dyZJ6mtjM1v8mG+mPneutlH0o2UEfmoniuekusu/SRXe9Anuj86W p8sVdeed+cT2DgrTT8RbeF08eNy9AH4GhY0XrGKay+b2gedt79tBuXSKlMOb4bA4 5fWY7QtODMUpesLEUzifHhcFUuXuDsM6TqJ5Ya7qkCvEUiGQ0a725kqQeGdSQGmk X+AHk5eFcfi+JgXBC1S+gDrqliCXK2fujB9XSgdFOlmAwfjTWYwrXlf9C9D1iqNn GbZRqGmgftcs9CKmsFoQeuI3jHKf1bUi5iBbvIPYRHob5BJIsAuJ7Bzdv4bEtUiq 3OCxkK06re94mohUdHJN =34GK -----END PGP SIGNATURE-----