Debian Package Tracker

From: Kartik Mistry <kartik@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted aria2 0.14.0-1+lenny1 (source i386)
Date: Sun, 03 Jan 2010 01:58:26 +0000
Signed by: Steffen Joeris <white@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 24 Dec 2009 23:45:29 +0530
Source: aria2
Binary: aria2
Architecture: source i386
Version: 0.14.0-1+lenny1
Distribution: stable-security
Urgency: high
Maintainer: Patrick Ruckstuhl <patrick@tario.org>
Changed-By: Kartik Mistry <kartik@debian.org>
Description: 
 aria2      - High speed download utility
Closes: 551070
Changes: 
 aria2 (0.14.0-1+lenny1) stable-security; urgency=high
 .
   * Security upload.
   * src/DHTRoutingTableDeserializer.cc, src/array_fun.h:
     + Fixed buffer overflow which allows remote attackers to cause a denial of
       service (crash) and possibly execute arbitrary code via unknown vectors.
       Many thanks to Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com> for patch and
       Steffen Joeris <steffen.joeris@skolelinux.de> for help.
       CVE-2009-3575 (Closes: #551070)
Checksums-Sha1: 
 4ff6071484ac87c9277759a63885dd7c2a3fb6a7 1102 aria2_0.14.0-1+lenny1.dsc
 f035f89f1611526a63b8ed7039b294100e7518ad 1343630 aria2_0.14.0.orig.tar.gz
 4c4d913827f42a3d5136d1d0a99645a17458fed0 20698 aria2_0.14.0-1+lenny1.diff.gz
 5caf46e1c473fcf259952ee744c5f3239c92bfe7 1059854 aria2_0.14.0-1+lenny1_i386.deb
Checksums-Sha256: 
 a6806218afb1643d9117da40ce69984a2978b1f255c6ad7f2e34b56109203f9f 1102 aria2_0.14.0-1+lenny1.dsc
 876cd357c0e475600d27d190048c49652bdd4d3372644bc719b54b069acc9928 1343630 aria2_0.14.0.orig.tar.gz
 eaac27d9ed9dc5cfd0c15241355593693339f3bb3fddd8e7e80c449584c6319d 20698 aria2_0.14.0-1+lenny1.diff.gz
 4430e9958166cdccccc312e3d9bec5d4bc2b753c9d5a9f5e9d410cc4f7c2a5a3 1059854 aria2_0.14.0-1+lenny1_i386.deb
Files: 
 eec49435dff989725e33c563b196460a 1102 net optional aria2_0.14.0-1+lenny1.dsc
 ae853240ee88e373a138021613e28cb1 1343630 net optional aria2_0.14.0.orig.tar.gz
 849ab814910b27bcceb43f70289deecf 20698 net optional aria2_0.14.0-1+lenny1.diff.gz
 231c131054416daf24647fbe0f3253d3 1059854 net optional aria2_0.14.0-1+lenny1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAks3Tm4ACgkQ62zWxYk/rQd2wgCglN5fZgUn1cT64tUXn6Bjw6CU
854AoMb4LdlHH3zRLRi809Y+2yotVqFl
=VPnH
-----END PGP SIGNATURE-----


Accepted:
aria2_0.14.0-1+lenny1.diff.gz
  to main/a/aria2/aria2_0.14.0-1+lenny1.diff.gz
aria2_0.14.0-1+lenny1.dsc
  to main/a/aria2/aria2_0.14.0-1+lenny1.dsc
aria2_0.14.0-1+lenny1_i386.deb
  to main/a/aria2/aria2_0.14.0-1+lenny1_i386.deb

News for package aria2