-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 28 Nov 2005 12:07:57 -0500 Source: helix-player Binary: helix-player Architecture: source i386 Version: 1.0.4-1sarge2 Distribution: stable-security Urgency: high Maintainer: Thomas Maurer <tma@hispeed.ch> Changed-By: Noah Meyerhans <noahm@debian.org> Description: helix-player - The Helix Community's open source media player Changes: helix-player (1.0.4-1sarge2) stable-security; urgency=high . * NMU by the security team * Apply patch to fix integer overflow in httpfsys.cpp (CVE-2005-2629) * Apply patch to fix memory allocation bug in protocol/common/util/hxbitset.cpp This bug may have security implications, but does not currently have a CVE number and there is no known vulnerability at this time. Files: 5abe49b8d746b78b1f70016382d44a35 908 graphics optional helix-player_1.0.4-1sarge2.dsc b7103af4ca93cb52cd548a4f7da43c3b 9113 graphics optional helix-player_1.0.4-1sarge2.diff.gz afe49d505b51edefe6b66e92720e9a62 4289142 graphics optional helix-player_1.0.4-1sarge2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDiz2NYrVLjBFATsMRAnZIAJ94rI56v5C8CNMfG0NQ+/TL8hxl+QCfeIek n+iVNsctUhpbDtoO42Xpynw= =zE+S -----END PGP SIGNATURE----- Accepted: helix-player_1.0.4-1sarge2.diff.gz to pool/main/h/helix-player/helix-player_1.0.4-1sarge2.diff.gz helix-player_1.0.4-1sarge2.dsc to pool/main/h/helix-player/helix-player_1.0.4-1sarge2.dsc helix-player_1.0.4-1sarge2_i386.deb to pool/main/h/helix-player/helix-player_1.0.4-1sarge2_i386.deb
