-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 30 Jan 2016 16:36:20 +0100 Source: radicale Binary: radicale python-radicale Architecture: source all Version: 0.9-1+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Jonas Smedegaard <dr@jones.dk> Changed-By: Markus Koschany <apo@debian.org> Description: python-radicale - simple calendar server - module radicale - simple calendar server - daemon Closes: 809920 Changes: radicale (0.9-1+deb8u1) jessie-security; urgency=high . * Non-maintainer upload. * CVE-2015-8748 and CVE-2015-8747: Fix insecure path handling by sanitizing system paths and always making them absolute. Fix multifilesystem backend allowed access to arbitrary files on all platforms. (Closes: #809920) Checksums-Sha1: 85cf841fd364a8b68e11ea706b1e5dad5a1d6de8 2171 radicale_0.9-1+deb8u1.dsc ed82a88f818bd96a1be57cd8660bf3cf2636048b 47833 radicale_0.9.orig.tar.gz d827ea147a8dc4f4b5d6df20a19b41a27f9f4adb 23708 radicale_0.9-1+deb8u1.debian.tar.xz df478680441b3e45e698dc1b2474230048aa7c96 26692 radicale_0.9-1+deb8u1_all.deb c2d1bf71a17f47fdc097ae8fcb25547c1918d02b 33512 python-radicale_0.9-1+deb8u1_all.deb Checksums-Sha256: 2afeff23304025654b9d204ae223c76090061928601e3924ab992cb0278fec79 2171 radicale_0.9-1+deb8u1.dsc 512ae0b0af552bfd921e004ef795d1b42f090188e7afa2fa96276512be5a1205 47833 radicale_0.9.orig.tar.gz 2f0d120539163a8fe4e621c9d918ff4f33fcef19b0afe1026f10ddd6fabbafb2 23708 radicale_0.9-1+deb8u1.debian.tar.xz 605a8ab6fc95ce5a05a8bb22898a29cbfa2dc0201a0bf28237f44a99e647daf1 26692 radicale_0.9-1+deb8u1_all.deb 2932f3e202d757e98487d65cb717e62a6974b7f74ee2ef1cfd54a5ed7370b246 33512 python-radicale_0.9-1+deb8u1_all.deb Files: 850b0d520eaa24eab91682c9fc7694fe 2171 web optional radicale_0.9-1+deb8u1.dsc ed4043f3d5659d8f5e5954db3ffd177a 47833 web optional radicale_0.9.orig.tar.gz 153fa68cfd04b3da16bba2ee24698377 23708 web optional radicale_0.9-1+deb8u1.debian.tar.xz ec95469f2a07be460ecb1e8ac5c66404 26692 web optional radicale_0.9-1+deb8u1_all.deb 1c5f1169677edc1f7eb6d5b105651bc3 33512 python optional python-radicale_0.9-1+deb8u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJWrNlxXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkfBEP/RDOItaJq30VssEDIPBlTSRe gJQJh5GO4cpl2qqok7sGqUw8YjgzcjCdnOINh5ywN4+MlGI6E0YigF9lDKsOE4sO 8YIEMquhVnnvLWKM6dYGc60HZhTwHnzsqfxXDUmyji4YWhcdaPxqPAZSnbJZEyyF 9dN5n0BUeaWFCxFkOHFLHvgD4YSaRayqwdfOEz2ZYivSA9GIdho0xvDTOx0afWj4 VtTCQXzu7UlMPKotaZR6JQ2HDearS7gsCFgF9XlL6xE+wkPsWyUUnWxrtMB7Wktt 9fbxY48YK3fEmXansk3LvAcEwf0Cuq6HMWWX0UK5kYsWJAUqWl+mv1ACsQUbk8gN dL7PvOzh3IToR5iyolmpoDpAbRw5WuAvjVNfZqs+zoyT9wt/qXou6WOHJVKJOjV2 /ucE/XHIMdXg35IQ8l8/8eAf7aQyIllOwEssD7UdfqOSp0mix2Vt7QX5X99VMpr8 q+BaoGBpbbDhWd05tDK7mvqtJA9eNfzdOp59CRbn2MltvJqZlAG3SrTt+nytnpgU tN2WbTW8Kky/YF7d27GowsC2NubbziCB1DC4Vt3OAe5LY7Jjq7tNd2rcAXBk6W/k B4A9snmbt7gRzJ7K7L7NaJksMPlPa1A1T7UdOrYlq7YUTJVblw4QpQUSSBsFWFEI QDkqGrMkLUx/U8bWwSCI =dQ/D -----END PGP SIGNATURE-----