Debian Package Tracker

From: Sam Hocevar (Debian packages) <sam+deb@zoy.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted libdumb 1:0.9.3-5 (source i386)
Date: Fri, 21 Jul 2006 02:32:15 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 21 Jul 2006 11:07:45 +0200
Source: libdumb
Binary: libdumb1 libaldmb1-dev libaldmb1 libdumb1-dev
Architecture: source i386
Version: 1:0.9.3-5
Distribution: unstable
Urgency: critical
Maintainer: Debian allegro packages maintainers <pkg-allegro-maintainers@lists.alioth.debian.org>
Changed-By: Sam Hocevar (Debian packages) <sam+deb@zoy.org>
Description: 
 libaldmb1  - dynamic universal music bibliotheque, Allegro version
 libaldmb1-dev - development files for libaldmb1
 libdumb1   - dynamic universal music bibliotheque
 libdumb1-dev - development files for libdumb1
Closes: 379064
Changes: 
 libdumb (1:0.9.3-5) unstable; urgency=critical
 .
   * Set urgency=critical because of security fix.
 .
   * debian/patches/100_CVE-2006-3668.diff:
     + Fix for CVE-2006-3668 "Heap-based buffer overflow in the it_read_envelope
       function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and
       earlier, and current CVS as of 20060716, allows user-complicit attackers
       to execute arbitrary code via a ".it" (Impulse Tracker) file with an
       enveloper with a large number of nodes." (Closes: #379064).
 .
   * debian/control:
     + Set policy to 3.7.2.
Files: 
 b91cf1acdf25110b2fbd49f169c81e63 754 libs optional libdumb_0.9.3-5.dsc
 6be3173f27c100781014fa249fc0cf08 4379 libs optional libdumb_0.9.3-5.diff.gz
 bb9c024fc6cdd245466504f0badcdf0d 203864 libs optional libdumb1_0.9.3-5_i386.deb
 e9ca3705673588d00f090370cef275a8 122542 libdevel optional libdumb1-dev_0.9.3-5_i386.deb
 383209af6c5cc6228e825fc087ee6e26 94544 libs optional libaldmb1_0.9.3-5_i386.deb
 4a7cea7289d8092aa6e32097c0398c11 4956 libdevel optional libaldmb1-dev_0.9.3-5_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEwJuKfPP1rylJn2ERAm6kAJ0V2q34Kn4AMws5TIzFcsAB9WI34gCdHZoN
F4m6LkVNZ7ZpnHy1uKfc3WM=
=M0YY
-----END PGP SIGNATURE-----


Accepted:
libaldmb1-dev_0.9.3-5_i386.deb
  to pool/main/libd/libdumb/libaldmb1-dev_0.9.3-5_i386.deb
libaldmb1_0.9.3-5_i386.deb
  to pool/main/libd/libdumb/libaldmb1_0.9.3-5_i386.deb
libdumb1-dev_0.9.3-5_i386.deb
  to pool/main/libd/libdumb/libdumb1-dev_0.9.3-5_i386.deb
libdumb1_0.9.3-5_i386.deb
  to pool/main/libd/libdumb/libdumb1_0.9.3-5_i386.deb
libdumb_0.9.3-5.diff.gz
  to pool/main/libd/libdumb/libdumb_0.9.3-5.diff.gz
libdumb_0.9.3-5.dsc
  to pool/main/libd/libdumb/libdumb_0.9.3-5.dsc
News for package libdumb
