Accepted ia32-libs 20151231 (source amd64) into squeeze-lts

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 31 Dec 2015 14:02:28 +0100
Source: ia32-libs
Binary: ia32-libs ia32-libs-dev
Architecture: source amd64
Version: 20151231
Distribution: squeeze-lts
Urgency: low
Maintainer: Debian ia32-libs Team <pkg-ia32-libs-maintainers@lists.alioth.debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description: 
 ia32-libs  - ia32 shared libraries for use on amd64 and ia64 systems
 ia32-libs-dev - ia32 development files for use on amd64 and ia64 systems
Changes: 
 ia32-libs (20151231) squeeze-lts; urgency=low
 .
   * Packages updated
 .
   [ arts (1.5.9-3+deb6u1) squeeze-lts; urgency=medium ]
 .
   * Non-maintaine upload by the Debian LTS team.
   * Add debian/patches/99_CVE-2015-7543.diff to fix CVE-2015-7543:
     insecure use of mktemp() leading to possible hijack of IPC directory.
 .
   [ cups (1.4.4-7+squeeze10) squeeze-lts; urgency=medium ]
 .
   * Fix buffer overflow on size allocation of texttopdf.
     Updated debian/local/filters/pdf-filters/filter/texttopdf.c
     - CVE-2015-3258: Heap-based buffer overflow in the WriteProlog
       function.
     - CVE-2015-3279: Integer overflow.
 .
   [ freetype (2.4.2-2.1+squeeze6) squeeze-lts; urgency=medium ]
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * CVE-2014-9745: Fix Savannah bug #41590. Protect against invalid number in
     t1load.c parse_encoding().
   * CVE-2014-9746, CVE-2014-9747: Fix Savannah bug #41309. Correct use of
     uninitialized data in t1load.c, cidload.c, t42parse.c and psobjs.c.
 .
   [ gnutls26 (2.8.6-1+squeeze6) squeeze-lts; urgency=high ]
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * CVE-2015-8313: A tiny POODLE left. Gnutls didn't check the first padding
     byte in CBC modes.
 .
   [ krb5 (1.8.3+dfsg-4squeeze10) squeeze-lts; urgency=medium ]
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * CVE-2015-2697: Fix build_principal memory bug
   * Backport k5memdup0 from 1.13.2 for that
   * CVE-2015-2695: Fix SPNEGO context aliasing bugs
   * The upstream patch for CVE-2015-2695 introduced regressions preventing the
     use of gss_import_sec_context() with contexts established using SPNEGO;
     the fixes for those regressions are included here.
 .
   [ libidn (1.15-2+deb6u2) squeeze-lts; urgency=high ]
 .
   * Non-maintainer upload by the Squeeze LTS team
   * fix_utf8_error_handling. Issue introduced in fix for CVE-2015-2059
 .
   [ libpng (1.2.44-1+squeeze6) squeeze-lts; urgency=high ]
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * CVE-2015-8472
     update incomplete patch for CVE-2015-8126
   * CVE-2015-8540
     underflow read in png_check_keyword in pngwutil.c
   * CVE-2012-3425
     The png_push_read_zTXt function in pngpread.c in libpng 1.0.x
     before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and
     1.5.x before 1.5.10 allows remote attackers to cause a denial
     of service (out-of-bounds read) via a large avail_in field value
     in a PNG image.
     In contrast to the next changelog entry, the vulnerable code
     is present.
 .
   [ libpng (1.2.44-1+squeeze5) squeeze-lts; urgency=high ]
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * CVE-2015-7981
     Added a safety check in png_set_tIME() (Bug report from Qixue Xiao).
   * CVE-2015-8126
     Multiple buffer overflows in the (1) png_set_PLTE and
     (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x
     before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24,
     and 1.6.x before 1.6.19 allow remote attackers to cause a denial
     of service (application crash) or possibly have unspecified other
     impact via a small bit-depth value in an IHDR (aka image header)
     chunk in a PNG image.
   * CVE-2012-3425
     vulnerable code is not present here
 .
   [ libsndfile (1.0.21-3+squeeze2) squeeze-lts; urgency=high ]
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * debian/patches :
     - Add 102_sd2_buffer_read_overflow.diff (CVE-2014-9496, #774162).
     - Add 103_file_io_divide_by_zero.diff (CVE-2014-9756, #804447).
     - Add 104_fix_aiff_heap_overflow.diff (CVE-2015-7805, #804445).
 .
   [ libxml2 (2.7.8.dfsg-2+squeeze16) squeeze-lts; urgency=high ]
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * Patches taken from Wheezy, thanks to Salvatore Bonaccorso
   * Add Avoid-processing-entities-after-encoding-conversion-.patch patch.
     CVE-2015-7498: Heap-based buffer overflow in xmlParseXmlDecl.
   * Add CVE-2015-7497-Avoid-an-heap-buffer-overflow-in-xmlDi.patch patch.
     CVE-2015-7497: Heap-based buffer overflow in xmlDictComputeFastQKey.
   * Add CVE-2015-5312-Another-entity-expansion-issue.patch patch.
     CVE-2015-5312: CPU exhaustion when processing specially crafted XML
     input.
   * Add patches to address CVE-2015-7499.
     CVE-2015-7499: Heap-based buffer overflow in xmlGROW.
     Add a specific parser error (XML_ERR_USER_STOP), backported from
     e50ba8164eee06461c73cd8abb9b46aa0be81869 upstream (commit to address
     CVE-2013-2877, the "Try to stop parsing as quickly as possible" was not
     backported).
   * Add CVE-2015-7500-Fix-memory-access-error-due-to-incorre.patch patch.
     CVE-2015-7500: Heap buffer overflow in xmlParseMisc.
 .
   [ libxml2 (2.7.8.dfsg-2+squeeze15) squeeze-lts; urgency=high ]
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * fix off by one error for previous patch for CVE-2015-7942
     (thanks to Salvatore for spotting this)
   * Add patch for CVE-2015-8241 (#806384)
     Buffer overread with XML parser in xmlNextChar
   * Add patch for CVE-2015-8317_751631
     issues in the xmlParseXMLDecl function:
     If we fail conversing the current input stream while
     processing the encoding declaration of the XMLDecl
     then it's safer to just abort there and not try to
     report further errors.
   * Add patch for CVE-2015-8317_51603
     If the string is not properly terminated do not try to convert
     to the given encoding.
 .
   [ libxml2 (2.7.8.dfsg-2+squeeze14) squeeze-lts; urgency=high ]
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * rebuild for correct triggers file
 .
   [ libxml2 (2.7.8.dfsg-2+squeeze13) squeeze-lts; urgency=high ]
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * Add patch for CVE-2015-7942 (#802827)
 .
   [ nspr (4.8.6-1+squeeze3) squeeze-lts; urgency=high ]
 .
   * Non-maintainer upload by the Squeeze LTS team.
   * Fix CVE-2015-7183, MFSA-2015-133: heap-buffer overflow in
     PL_ARENA_ALLOCATE
 .
   [ nss (3.12.8-1+squeeze13) squeeze-lts; urgency=medium ]
 .
   * Non-maintainer upload by the Debian LTS Team.
   * Add CVE-2015-7182.patch:
     CVE-2015-7182: Heap-based buffer overflow in the ASN.1 decoder
   * Add CVE-2015-7181.patch:
   * CVE-2015-7181: The sec_asn1d_parse_leaf function improperly restricts
     access to an unspecified data structure
   * Add autopkgtest for certificate generation/signing and library linking
   * Add gbp.conf for LTS
 .
   [ nss (3.12.8-1+squeeze12) squeeze-lts; urgency=medium ]
 .
   * Non-maintainer upload by the Debian LTS Team.
   * Add CVE-2015-2730.patch:
     CVE-2015-2730: ECDSA signature validation fails to handle some
     signatures correctly.
   * Add CVE-2015-2721.patch:
     CVE-2015-2721: NSS incorrectly permits skipping of ServerKeyExchange.
 .
   [ openldap (2.4.23-7.3+deb6u2) squeeze-lts; urgency=high ]
 .
   * Import upstream patch to remove an unnecessary assert(0) that could be
     triggered remotely by an unauthenticated user by sending a malformed BER
     element. (ITS#8240) (CVE-2015-6908) (#798622)
 .
   [ openssl (0.9.8o-4squeeze22) squeeze-lts; urgency=medium ]
 .
   * Fix CVE-2015-3195
Checksums-Sha1: 
 47193c0e4838b5f8ecc3fc143855262c5814e8b6 1548 ia32-libs_20151231.dsc
 45bde0ea959035fa692dc913d31553c642a133d8 335222376 ia32-libs_20151231.tar.gz
 7c474f8bffce30a6a6bc34c13512aac87b7aca53 34279960 ia32-libs_20151231_amd64.deb
 0ebcd6c46d1ce07b1fb29bc7869ed37ddc71a114 13097768 ia32-libs-dev_20151231_amd64.deb
Checksums-Sha256: 
 46fabfd0fdf76f1b8ce18796088e2ed1d616d777805a89b0a135de5a63b4bd92 1548 ia32-libs_20151231.dsc
 b91793240cde0d26a7cc2d535c58cf153e077a106f023347b5a366f26bd23e48 335222376 ia32-libs_20151231.tar.gz
 c5d4f2d0f460c70ec068541c1beacd5465467a3fac3d29100cd28907bf45b4f6 34279960 ia32-libs_20151231_amd64.deb
 333e848c86544e65f19f35d32440ac66bb0f955b3ce1803054d2776698d7ab5c 13097768 ia32-libs-dev_20151231_amd64.deb
Files: 
 1b20196b2061fb5d4b99c88273aee647 1548 libs optional ia32-libs_20151231.dsc
 4a11f06d82f9f13716cf6aa556e40ba6 335222376 libs optional ia32-libs_20151231.tar.gz
 2dc0622d87f256dfb1058d22c2f432a3 34279960 libs optional ia32-libs_20151231_amd64.deb
 e02a2db4497d4387d9ecc727af2e47ca 13097768 libdevel extra ia32-libs-dev_20151231_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCAAGBQJWhTSVAAoJEFb2GnlAHawEersH/38F624BYsX47eAxbbre7z0I
ZD7XS9huQXNhkkY4OW99vjeHWKvS4dqs7qWZtJkcCyDr1FPWm3XVWejGX/NadROp
8c/RnImKjrriJ7cj0R/O16Z72ZnLewvzscPOq1jWgJ6TcOdxQR41r38wGSzBiqkU
pBP2vKXOhxuS2Ct/am8NlUp9zcNmDkxnOPxD9Q5rok/lH+UUrcBFi1U0A2IHxesi
caqk0L2f2OIjnjMrauv8YMscAUpCwXPJdlGAimMCSwDmgJGAQPgv+ViDAJ2CMsET
x9Mzf2v5Psn90BTOrhI64sfdJ7lJwF2mtVIcz+64Dh4TX7xBGo2nvn65MqaQVhA=
=OY83
-----END PGP SIGNATURE-----