-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 28 Aug 2013 00:40:42 +0100 Source: nas Binary: libaudio2 nas libaudio-dev nas-bin nas-doc Architecture: source all amd64 Version: 1.9.3-5wheezy1 Distribution: stable-security Urgency: high Maintainer: Steve McIntyre <93sam@debian.org> Changed-By: Steve McIntyre <93sam@debian.org> Description: libaudio-dev - Network Audio System - development files libaudio2 - Network Audio System - shared libraries nas - Network Audio System - local server nas-bin - Network Audio System - client binaries nas-doc - Network Audio System - extra documentation Closes: 720287 Changes: nas (1.9.3-5wheezy1) stable-security; urgency=high . * Fixes for various long-standing security issues found by Hamid Zamani <me@hamidx9.ir>. Closes: #720287 + Validate the port offset of nasd to fix a potential buffer overflow (CVE-2013-4256) + Use better string functions to guard against heap overflows (CVE-2013-4257) + Sanity-check the TCP_DEVICE environment variable to remove a format string bug (CVE-2013-4258) Checksums-Sha1: 15cf04efaadb0b64b769b974160e3b1af19905a8 1918 nas_1.9.3-5wheezy1.dsc dca770ddd10936ad1f19bf3c51f941c10d7bf84b 1485222 nas_1.9.3.orig.tar.gz 19926aeb893f5c4d77823c52e27f026aba7a4b17 44709 nas_1.9.3-5wheezy1.diff.gz b861612f0acdc6eb66bb88e3ca6e3665bddc436e 159338 nas-doc_1.9.3-5wheezy1_all.deb 801dcb1aeec18e7eb8b01aa7c85ad613125ea40a 122280 nas_1.9.3-5wheezy1_amd64.deb 391607fd96f3950fc46b96ea0f187e608bfd7b19 182714 nas-bin_1.9.3-5wheezy1_amd64.deb ad4738865ea994cf8a243dc7e093839908aacc90 87082 libaudio2_1.9.3-5wheezy1_amd64.deb 175b070edb5dcafb1c206d697dc33eb420ef50ef 613012 libaudio-dev_1.9.3-5wheezy1_amd64.deb Checksums-Sha256: b9e52ca93208e5a0b7dec68df90564c24dae251f14561edb0a4dd20f0aef6bcc 1918 nas_1.9.3-5wheezy1.dsc cd2c12980f812d6c7e08f48d00a2b7f85a040b3f587b177d4c1f03600a6ae7a9 1485222 nas_1.9.3.orig.tar.gz db1a6c4896343f278d178b7075027237a49758908d3abef67b8ae9fcae07d756 44709 nas_1.9.3-5wheezy1.diff.gz b2570899b77c37bc846a328ddc75d76b1644c45672df13792987e9aa7f03c910 159338 nas-doc_1.9.3-5wheezy1_all.deb cf38ddd23ff511d3a86d5a04d481ae3ed764ceff3a3c0cb333d8ec325ad8781e 122280 nas_1.9.3-5wheezy1_amd64.deb 15c679d986ddecfa705fed0d3470a17cdc55dd459ed8e5b19c2a78da1b8007bc 182714 nas-bin_1.9.3-5wheezy1_amd64.deb af48f88ea16df216f5d85414d8c08c2282ce7e1597ddbd3cb2a4aa125a19828e 87082 libaudio2_1.9.3-5wheezy1_amd64.deb 338a316913de57a7667f91d11e4086f941f384953dcb695d3b4e580b6850cc6a 613012 libaudio-dev_1.9.3-5wheezy1_amd64.deb Files: f8e1a604b6d6e9ae8b36079d49bfb2b5 1918 sound optional nas_1.9.3-5wheezy1.dsc ecd01a3b4e17a9d464efa83a03618025 1485222 sound optional nas_1.9.3.orig.tar.gz 9533179408c3d9d09add7e08b1c2fbbc 44709 sound optional nas_1.9.3-5wheezy1.diff.gz 2365ecf99d30ed8b72a256bf4c6d1a44 159338 doc extra nas-doc_1.9.3-5wheezy1_all.deb 98983c83bd575277d1844e8851b91764 122280 sound optional nas_1.9.3-5wheezy1_amd64.deb f4fe6927e4c697b78ea7260073d35e22 182714 sound extra nas-bin_1.9.3-5wheezy1_amd64.deb e950aecb9abed263d0cfe58469416a2b 87082 libs optional libaudio2_1.9.3-5wheezy1_amd64.deb 4104915c56bfe816b5a594c57883f2a0 613012 libdevel optional libaudio-dev_1.9.3-5wheezy1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJSVFJnAAoJEFh5eVc0QmhOm1cQAJTi8tRlT2HXDIeOGSIOXgk1 kkqZwfoOm3L7C17yMaf4xPf8IWtgUXvuf6+TVGpQEFS7FZaDda8hOCsf2tdNGYTm 3lcBKKASDpc9nU7CvMxGkt6cBMGK7G7eLF7Q4BrbWj7ZyHwOnr0g0igGspRa63ms TuXVf3x8RkDm4DO8e+fyZPSRdDspTQWsW7q9ZK1fPJso3xo3nLakoxvGJiSHHjYm rUheCD9k/UWOQiydOa2IrIEva7kA0VtQ5EJtWTYeU96nS6SCoFXuzA26uEcFcEgl /qz/x2C/FkQId1UufLydVmogwhM75eT+DbPzPC6EhueB1r/rxYwC1LAmuNqWpLtM JZWClNL4R1RBM040/V31IxzqBW8H/pLCZsXyzn/DCkuMBwvNFrBLMj3nDC94xXkv uGXk0eNlmdj6OVgGbxJx7+BUxbcfFWdp2eYsaJXN+labXbUOl0q/9D+/pPSBG/bX oFgnSdSJI9Nvvv8nYCxNfD6K3r9ivfyxwjcj8tkOEdHOZWyth4wRYdMM6UgOl84p S/995wYt4Rh749TOEoxP7I/YibM+YIrv9EWXcCh14QWMQj/H8xpBL6qgvJ5VbWeY TQ4wNND9HegZWAbKypv8Tb0HvqHHdZ2B5MflapIgQKKD1gTo442duPFAXT7QiO91 4NYsVUaWACT2gCmEWwqq =a3KT -----END PGP SIGNATURE-----
