-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Thu, 28 Jul 2016 20:52:12 +0200 Source: collectd Binary: collectd-core collectd collectd-utils collectd-dbg collectd-dev libcollectdclient-dev libcollectdclient0 Architecture: source amd64 all Version: 5.1.0-3+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Sebastian Harl <tokkee@debian.org> Changed-By: Sebastian Harl <tokkee@debian.org> Description: collectd - statistics collection and monitoring daemon collectd-core - statistics collection and monitoring daemon (core system) collectd-dbg - statistics collection and monitoring daemon (debugging symbols) collectd-dev - statistics collection and monitoring daemon (development files) collectd-utils - statistics collection and monitoring daemon (utilities) libcollectdclient-dev - client library for collectd's control interface (development file libcollectdclient0 - client library for collectd's control interface Closes: 832507 832577 Changes: collectd (5.1.0-3+deb7u1) wheezy-security; urgency=high . * debian/patches/CVE-2016-6254.dpatch: Fix heap overflow in the network plugin. Emilien Gaspar has identified a heap overflow in parse_packet(), the function used by the network plugin to parse incoming network packets. Thanks to Florian Forster for reporting the bug in Debian. (Closes: #832507, CVE-2016-6254) * debian/patches/bts832577-gcry-control.dpatch: Fix improper usage of gcry_control. A team of security researchers at Columbia University and the University of Virginia discovered that GCrypt's gcry_control is sometimes called without checking its return value for an error. This may cause the program to be initialized without the desired, secure settings. (Closes: #832577) Checksums-Sha1: 64747c23eae5eb7bc8f35db2cc239f041311d055 3303 collectd_5.1.0-3+deb7u1.dsc 55f17b17a10710641a9bf4e8c5332cef661cafcd 1630323 collectd_5.1.0.orig.tar.gz 9d6b74cf6787c65de447b87f755bdd9db90efdb3 71842 collectd_5.1.0-3+deb7u1.diff.gz 8b927cb22580623f421f3a955b03dd00d2451934 920374 collectd-core_5.1.0-3+deb7u1_amd64.deb 18b84f4911ac99f466c978e30a2bfa29654079ec 76722 collectd_5.1.0-3+deb7u1_amd64.deb 3b6c299b1c15bc03ddeb2b4ffb73530b541c3a46 88328 collectd-utils_5.1.0-3+deb7u1_amd64.deb 3275cd70e383366031c6f3635784e8be195482d0 1348782 collectd-dbg_5.1.0-3+deb7u1_amd64.deb 863208f7ff2c5946991b0ab7dddcd47c4464fb2b 71308 libcollectdclient-dev_5.1.0-3+deb7u1_amd64.deb 0676fefeb907e5e30daf0612e0f0e8b4d8c37b96 78338 libcollectdclient0_5.1.0-3+deb7u1_amd64.deb 2bc4a45c6a9486e873e74edfde4226f9b2bea3ce 114422 collectd-dev_5.1.0-3+deb7u1_all.deb Checksums-Sha256: 7635d9a3981b78dde6a9e58e99836ba45166434f41bac2f7875a7e3309de1b31 3303 collectd_5.1.0-3+deb7u1.dsc 8e06c03c5467f3021565570fc86c931a43579aa6dad25ca5999d66850cd19927 1630323 collectd_5.1.0.orig.tar.gz dc924d44e65302e17512cbca3361cf4c3a1ff41431a25ab19711e0b6cda4dca2 71842 collectd_5.1.0-3+deb7u1.diff.gz f031ec20e79100b9feae404df31a9848e1afd6b83be3bd47e73a58c14997484f 920374 collectd-core_5.1.0-3+deb7u1_amd64.deb 5bea8af8dc991d7e23f374ae44b7ada1e61cd6a1a5cbf7006f13e29d508f4c8b 76722 collectd_5.1.0-3+deb7u1_amd64.deb ca032e55d0cf251fe554ae835aac57150b5c7aec8d42daba6497463499b077d5 88328 collectd-utils_5.1.0-3+deb7u1_amd64.deb a1fdb6926a408d381bc2c8894980ba693fb13596ec0e639819225a0067018479 1348782 collectd-dbg_5.1.0-3+deb7u1_amd64.deb c627d6682efe4e8ce92c25a025e97ca95a097938132c6459e6663d126f4690ec 71308 libcollectdclient-dev_5.1.0-3+deb7u1_amd64.deb af08e5e13b013bee5c54e7b6e7ca44f98a188b34dde663f62d31459eb350a259 78338 libcollectdclient0_5.1.0-3+deb7u1_amd64.deb 4cfc3ca2e6d40af92e11d01041c1a3e9c9f3fda35b5163c066d2144f20fc1b0c 114422 collectd-dev_5.1.0-3+deb7u1_all.deb Files: ec071b3432a457be7aa92ddb40f19c45 3303 utils optional collectd_5.1.0-3+deb7u1.dsc adc58a0d448a359ecf737da9398898c6 1630323 utils optional collectd_5.1.0.orig.tar.gz ab73adf73860a69a8364df763cc12f74 71842 utils optional collectd_5.1.0-3+deb7u1.diff.gz 528422ef617cf31a6574bd5e45078416 920374 utils optional collectd-core_5.1.0-3+deb7u1_amd64.deb b47a4d2cef9e24eb4f4cff095a1e06ed 76722 utils optional collectd_5.1.0-3+deb7u1_amd64.deb b7581b8b7fdb55310b6347b37b3cb1af 88328 utils optional collectd-utils_5.1.0-3+deb7u1_amd64.deb 57a731459c918d1f50cec11c5eaec64a 1348782 debug extra collectd-dbg_5.1.0-3+deb7u1_amd64.deb 90eebe78d6a2121ee0e4d74a70827e6c 71308 libdevel optional libcollectdclient-dev_5.1.0-3+deb7u1_amd64.deb 2cce4f4bed850b8083686d30de1707bf 78338 libs optional libcollectdclient0_5.1.0-3+deb7u1_amd64.deb 0f0da4202c516238a9f02a669e4f51ef 114422 utils optional collectd-dev_5.1.0-3+deb7u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJXmmCIAAoJEMwFfnIvH/zHkaMQAMRbJZhsmhkxMAPBJ8OpoXPq 9c1+NBsE88PJeLz8tS5CR7oZdn0At3uDy51lrsTFQhFeAnVBEPFkLuCbxw6mrquW MNPi9wlRDIT4aKScd4Rngt62cGDpvT9kPPplwhtxngy4hUPYTrdmq/K8QLLlsT2+ oV+TqAzPvJn+UoZB9nKEMWv3rBAdwA/6J76A9ygM3Up619m2M/apn4Vnxnq9cJL1 qOPrOXk6cXmrymMijC2QN8VADcPdU+1/1svFsylJPUnQPDkz/1NHrtjYujPea15E W/TvtzOk8bLGJIcIIYPc70PD6W6BVtu+gtOlSF/Qh4qXCl1szGATvujYPiuO4tTc bpuSkWd8KrtNOcCOM67j3jUp9Sq/npQvI60rSbpVl51HFZfGsKY3z3pFjmGPf0qW 13kglpWksDrTDOQNDd+p3FfAutu6TgPWNzEnhWMOJHJYVztvzJHeXI0t8unf8O4f ogg1iLXBwdNuM9rtqNuHJqzbyqsolDRbpgnzn4BCG7iY+ugiEqv+kdKnhGg8ZhiE lbFijF5u0mBt/H2O0GRGC77gc3Kbpx1tkSKrWwsSHmkFvBY3bxgxIKYYzr+2F22z I/NXKLODaFO11NeaGhDtuo6ssKET6o4kK89O6fbWoHcckYunp8Q8JK8RVsjog2fH PXo7r22ZtrV3/QEQJoKU =fwqk -----END PGP SIGNATURE-----