-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 12 Feb 2017 21:43:18 +0100 Source: libevent Binary: libevent-dev libevent-dbg libevent-2.0-5 libevent-core-2.0-5 libevent-extra-2.0-5 libevent-pthreads-2.0-5 libevent-openssl-2.0-5 Architecture: source Version: 2.0.21-stable-3 Distribution: unstable Urgency: medium Maintainer: Anibal Monsalve Salazar <anibal@debian.org> Changed-By: Balint Reczey <balint@balintreczey.hu> Description: libevent-2.0-5 - Asynchronous event notification library libevent-core-2.0-5 - Asynchronous event notification library (core) libevent-dbg - Asynchronous event notification library (debug symbols) libevent-dev - Asynchronous event notification library (development files) libevent-extra-2.0-5 - Asynchronous event notification library (extra) libevent-openssl-2.0-5 - Asynchronous event notification library (openssl) libevent-pthreads-2.0-5 - Asynchronous event notification library (pthreads) Closes: 854092 Changes: libevent (2.0.21-stable-3) unstable; urgency=medium . * Fix three vulnerabilites (Closes: #854092): - DNS remote stack overread vulnerability (CVE-2016-10195) - (Stack) buffer overflow in evutil_parse_sockaddr_port() (CVE-2016-10196) - Out-of-bounds read in search_make_new() (CVE-2016-10197) * Add myself as an uploader * ACK NMU Checksums-Sha1: 7b22ec0291b3b318979dcad58c490e2190e9ea1d 2432 libevent_2.0.21-stable-3.dsc 9f452abca559f50eb6e48ef00299d81b20f68f31 15592 libevent_2.0.21-stable-3.debian.tar.xz Checksums-Sha256: cddbe5e9b5f9cb801cdfba755337da63d57249b9e43fc26a8faa025711013456 2432 libevent_2.0.21-stable-3.dsc 059ea5982bb163b288225d41653b8d340c5682628b92b8db729b0d1cb9f65a2c 15592 libevent_2.0.21-stable-3.debian.tar.xz Files: 3c9359068c5c1368cac40a41d631fc19 2432 libs optional libevent_2.0.21-stable-3.dsc fe687400bd216b4fc70e73240707e998 15592 libs optional libevent_2.0.21-stable-3.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYoMzbAAoJEPZk0la0aRp9rCMQAKGdLIAZAbRuZgXTkGkUtV4P Gb8+DGSlzIYSf31xy5aDnbTRoAKw2hG5em3bB/QakCe2gNqOWU+qRzlfoKlX2mL0 c1aINMMNVLInHllIxJP8P6AynMUU3k6iuNjZbFg+DwLb65z9wDW4KVBKYc7WYMqs DWnJqKfAGHT20NgGMTGVRyzMvw3syokRNRDgIxZjry0u2lvHj9kej6pmxpebChL1 jFbnmoDyKdEKL5nLQ4vc7bsOayPTfBXRedTeas6yxwJ3fZeOE6GDEu1oAUACxLta ETuuxCnok8GpxPJgSW1dNaKDQQqhJeHHyjmAXPPw/JrBZ9+G8Q7aISUCQPCFtXVs kF9vmDPFFC2yhqAt0uaQjfFlvcdrHM5NZvqu72ikQ3bWhdasOgEhSE8XfcQwZM3X GDlDgMumpZ4dRmxebnTCittHRFWIwC9JfbzmeB/GIkDhy4GLPkqXfGzvHj2juV4Y RbQ+ViuB9dLJPTUXlTzTCmmz+wOnK8DNuqrINHJSgFE+aUrKbm0uDaIMU5KZqBat 81PvvDK7v3flW6leW7iewjFOKsunwhb8TiPiandPHOHvxGWUa+/SsApBnuuhGfma YhmC7uKiQl5rqaf6T1ZI4LH/XM8czSrM9muup7O1uTByn0MiPIF9C39DFCVIyeMZ 5L5uHBWEcY7F5lhWSpjL =Bi92 -----END PGP SIGNATURE-----