Debian Package Tracker

From: Brian May <bam@debian.org>
To: <debian-lts-changes@lists.debian.org>
Subject: Accepted pound 2.6-1+deb6u1 (source) into squeeze-lts
Date: Sun, 24 Jan 2016 04:20:43 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 23 Jan 2016 11:22:06 +1100
Source: pound
Binary: pound
Architecture: source
Version: 2.6-1+deb6u1
Distribution: squeeze-lts
Urgency: high
Maintainer: Brett Parker <iDunno@sommitrealweird.co.uk>
Changed-By: Brian May <bam@debian.org>
Description:
 pound      - reverse proxy, load balancer and HTTPS front-end for Web servers
Closes: 723731 727197 765539 765649
Changes:
 pound (2.6-1+deb6u1) squeeze-lts; urgency=high
 .
   [ Brian May ]
   * Non-maintainer upload by the Squeeze LTS Team.
   * Backport of 2.6-2+deb7u1 from wheezy security.
   * Also fixes CVE-2011-3389, beast attack.
   * Reverse patch in #654833 as it is broken on squeeze.
 .
   [ Brett Parker ]
   * Add anti_poodle patch (CVE-2014-3566, Closes: #765539)
     - It's now possible to disable SSLv3 with the "DisableSSLv3"
       directive in pound.cfg. It's however not disabled by default.
   * Disable tls compression patch (CVE-2012-4929, Closes: 727197)
   * Add missing chunk to renegotiation patch
     (CVE-2009-3555, Closes: #765649).
   * don't wrongly encode = in redirect (Closes: #723731)
 .
   [ Martin Meredith ]
   * Update anti_beast patch
      - Actually authored by Joe Gooch <mrwizard@k12system.com>
      - Fix segfault on some systems
   * Added patch to fix XSS redirect vulnerability
     - Patch from Joe Gooch <mrwizard@k12system.com>
   * New upstream release
   * Patch from Michal Jirku <box@wejn.org> to add config
     options that prevent BEAST/renegotiation attacks
Checksums-Sha1:
 86bee72b4cd2df939f90f1c1c388151e25826b12 1741 pound_2.6-1+deb6u1.dsc
 91ba84c6db579b06dc82fceb790e55e344b1dc40 180595 pound_2.6.orig.tar.gz
 395b5ea9dbb85c2c6609a5333b50f85d6d059ad6 13276 pound_2.6-1+deb6u1.debian.tar.xz
Checksums-Sha256:
 624a33f0bc010a62d3343dbf4f0240cf34a929365c07fdc66e49ad7a702b1bd4 1741 pound_2.6-1+deb6u1.dsc
 0ad25e3652e22117abbc17a70b5d8913e05991318a5506bc7437e662616fdf21 180595 pound_2.6.orig.tar.gz
 da2aa2694a6849225081a58cbea557a4b694b6340f7287b3a14cc3a8a3d869d1 13276 pound_2.6-1+deb6u1.debian.tar.xz
Files:
 66dcee4ae63f9bb7a7e8b2c7fb3012ab 1741 net extra pound_2.6-1+deb6u1.dsc
 8c913b527332694943c4c67c8f152071 180595 net extra pound_2.6.orig.tar.gz
 009b543259606f4189046f3b59227fd8 13276 net extra pound_2.6-1+deb6u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWpDUOAAoJEJyE7hq50CY2U2IP/RHAW0D0lWyxFGABNHwH2ATc
q7sUAXYm1LzCv8Buo+tQvB17vwvK+hK7owMuu5B9xU4seXA7fQd2MQqKZOHgKe5p
tpac6raR0oXwJ2aHTZPPTXNTK5sz+cEWqmCJ1OO/a+mDva5GpqxmfGnw2eCQvhif
3J6vaYdjU2fZ+Xk2DGWU1m4/ZVMu0fVKV66cJls55GO2cwKCuZtIAytbrzUbg3L0
qpsnUm5So4cRsI+ZHCoyMrogYJaWbRbirlK2ram1cYJaK+A0XpyA0yWlAg9B7v7f
ULQT3bKY5MNfuh9pYtr7xNtZ8UI5aZKCi1MGsvQTCSvIkUOExyOHofgwEeeNjNW3
+QAdOibF34IFR4VIiAiqm7yH7HM24R/iq+0Az1ningWwszct5l05wqPCZ0a4AZ7T
/Uac5a6kGB2uy5FOPUx4UFTAuSFNHKsxBgpQ5kafjBJytSK5WZQGoqA0AAgC8ymD
bhF6oBMf9Aj9fXqJ7WF4RfqqE7bZP3Qxl2lbKGhgBnh25FkzifxmHjaEblO1wZmM
8iVB/lMCWSMbi1k1hvUFyyLTwcOvUtPyP5E9ymNgZdKyVdqO5C9CnEEJtWgcU+cE
cXQhMlyW9TLa5MUQW+ifYCqxoTUWP+zsqawbZFIYqUkqrWZxmJMM/sbQEk9Q1K9p
QxAx/YlKGtr0UeezVvYU
=3RqF
-----END PGP SIGNATURE-----
News for package pound
