Debian Package Tracker

From: Sam Hocevar (Debian packages) <sam+deb@zoy.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted libdumb 1:0.9.2-6 (source i386)
Date: Wed, 30 Aug 2006 23:02:27 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 21 Jul 2006 11:07:45 +0200
Source: libdumb
Binary: libaldmb0-dev libaldmb0 libdumb0-dev libdumb0
Architecture: source i386
Version: 1:0.9.2-6
Distribution: stable-security
Urgency: high
Maintainer: Sam Hocevar (Debian packages) <sam+deb@zoy.org>
Changed-By: Sam Hocevar (Debian packages) <sam+deb@zoy.org>
Description: 
 libaldmb0  - dynamic universal music bibliotheque, allegro version
 libaldmb0-dev - development files for libaldmb0
 libdumb0   - dynamic universal music bibliotheque
 libdumb0-dev - development files for libdumb0
Closes: 379064
Changes: 
 libdumb (1:0.9.2-6) stable-security; urgency=high
 .
   * src/it/itread.c:
     + Fix for CVE-2006-3668 "Heap-based buffer overflow in the it_read_envelope
       function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and
       earlier, and current CVS as of 20060716, allows user-complicit attackers
       to execute arbitrary code via a ".it" (Impulse Tracker) file with an
       enveloper with a large number of nodes." (Closes: #379064).
Files: 
 32242f365a1433e66ca9e46a004523df 634 libs optional libdumb_0.9.2-6.dsc
 0ce45f64934e6d5d7b82a55108596680 145722 libs optional libdumb_0.9.2.orig.tar.gz
 65aa4b7596e81c622e830bbe1d32ff22 3914 libs optional libdumb_0.9.2-6.diff.gz
 ead6a0b39172a059491c864b9985101f 108496 libs optional libdumb0_0.9.2-6_i386.deb
 a0d02ff38ef6791845756ca2394a4bc5 47478 libdevel optional libdumb0-dev_0.9.2-6_i386.deb
 1c721ae454752d3a252f1cfc9a773d41 74484 libs optional libaldmb0_0.9.2-6_i386.deb
 e4b77e2545480a205f675e39017efc58 4738 libdevel optional libaldmb0-dev_0.9.2-6_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEwQSOXm3vHE4uyloRAr8cAKDlhjg3bz8EvGrDjilhuKe0gjFNFQCguT1Q
5tiomedTMa9ysqsr29fgVvo=
=+I7H
-----END PGP SIGNATURE-----


Accepted:
libaldmb0-dev_0.9.2-6_i386.deb
  to pool/main/libd/libdumb/libaldmb0-dev_0.9.2-6_i386.deb
libaldmb0_0.9.2-6_i386.deb
  to pool/main/libd/libdumb/libaldmb0_0.9.2-6_i386.deb
libdumb0-dev_0.9.2-6_i386.deb
  to pool/main/libd/libdumb/libdumb0-dev_0.9.2-6_i386.deb
libdumb0_0.9.2-6_i386.deb
  to pool/main/libd/libdumb/libdumb0_0.9.2-6_i386.deb
libdumb_0.9.2-6.diff.gz
  to pool/main/libd/libdumb/libdumb_0.9.2-6.diff.gz
libdumb_0.9.2-6.dsc
  to pool/main/libd/libdumb/libdumb_0.9.2-6.dsc
News for package libdumb
