Debian Package Tracker

From: Florian Weimer <fw@deneb.enyo.de>
To: <debian-changes@lists.debian.org>
Subject: Accepted heirloom-mailx 12.5-2+deb7u1 (source amd64) into proposed-updates->stable-new, proposed-updates
Date: Tue, 16 Dec 2014 21:47:11 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 15 Dec 2014 21:27:14 +0100
Source: heirloom-mailx
Binary: heirloom-mailx
Architecture: source amd64
Version: 12.5-2+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Hilko Bengen <bengen@debian.org>
Changed-By: Florian Weimer <fw@deneb.enyo.de>
Description: 
 heirloom-mailx - feature-rich BSD mail(1)
Changes: 
 heirloom-mailx (12.5-2+deb7u1) wheezy-security; urgency=high
 .
   * Apply patches from Red Hat to address command execution issues:
     + 0011-outof-Introduce-expandaddr-flag.patch
       Disable command execution in email addresses (CVE-2014-7844)
     + 0012-unpack-Disable-option-processing-for-email-addresses.patch
     + 0013-fio.c-Unconditionally-require-wordexp-support.patch
     + 0014-globname-Invoke-wordexp-with-WRDE_NOCMD.patch (CVE-2004-2771)
Checksums-Sha1: 
 2f897f30a0fee667dce8540316740dce6ae08c63 1477 heirloom-mailx_12.5-2+deb7u1.dsc
 2fa7f300dea7747e5880d61fd691a103d70863ba 324085 heirloom-mailx_12.5.orig.tar.gz
 d187c11d49b7fa31b7737f32cfb07d0901d2eabb 10122 heirloom-mailx_12.5-2+deb7u1.debian.tar.gz
 3317439647a70d2695cb56358c36c084fd5501e1 274410 heirloom-mailx_12.5-2+deb7u1_amd64.deb
Checksums-Sha256: 
 9da04497ceaa2edfc87d221ced1316545b21ff2a8b11296c7675aa3cfebd30b0 1477 heirloom-mailx_12.5-2+deb7u1.dsc
 015ba4209135867f37a0245d22235a392b8bbed956913286b887c2e2a9a421ad 324085 heirloom-mailx_12.5.orig.tar.gz
 104b23d251407c8edf09a7db86239232a91ab61def0f6d6b521424de03aab895 10122 heirloom-mailx_12.5-2+deb7u1.debian.tar.gz
 5debc4714a4b2ecafb3407972c9c3a243adc372e814651de603f6a08836fbaa2 274410 heirloom-mailx_12.5-2+deb7u1_amd64.deb
Files: 
 be558edcc188b6f6fe38d57115532236 1477 mail optional heirloom-mailx_12.5-2+deb7u1.dsc
 29a6033ef1412824d02eb9d9213cb1f2 324085 mail optional heirloom-mailx_12.5.orig.tar.gz
 4b26a112f58e994ecbbe6e0c2ffd61ca 10122 mail optional heirloom-mailx_12.5-2+deb7u1.debian.tar.gz
 60598fa761af1d3ba8b685a3e27b7d24 274410 mail optional heirloom-mailx_12.5-2+deb7u1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJUj0/MAAoJEL97/wQC1SS+daMIALLxIIvXY8G5qhgL5cqNdsR5
oYu/gmJZE2LTmVzCBijvHpc1R10jiSDP4jen6aZiNdZ0WKr9AxwdnR9FlpMPe6Zj
eJW3BwerqLjVQfFbin4cElkjGECtbg6Dxs7n0e29krP3m1mEFzJrV+t28uq9RvLE
KmW4XjUvrVPDQDHtt444+BCl0RcXf+OpXp765ez6Y42setVZWjEIGFI//JBm7Voz
6D7Vr2O2++EgGXdURKufRS1SH7L9tsTY2wlEfaWlmVHQgtkELpGqNsAOVTTIsqVl
EPquGxdqW3Cfh5xjhoQcp8Vfd9RyepMlOZFBJ41jN1dx8phqLBO34YNacuNAHdA=
=KLHD
-----END PGP SIGNATURE-----

News for package heirloom-mailx