-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 23 Sep 2017 11:41:28 +0200 Source: bzr Binary: bzr python-bzrlib python-bzrlib-dbg python-bzrlib.tests bzr-doc Architecture: source all amd64 Version: 2.6.0~bzr6526-1+deb7u1 Distribution: wheezy-security Urgency: medium Maintainer: Debian Bazaar Maintainers <pkg-bazaar-maint@lists.alioth.debian.org> Changed-By: Emilio Pozuelo Monfort <pochu@debian.org> Description: bzr - easy to use distributed version control system bzr-doc - easy to use distributed version control system (documentation) python-bzrlib - distributed version control system - python library python-bzrlib-dbg - distributed version control system - debug extension python-bzrlib.tests - distributed version control system - testsuite Closes: 874429 Changes: bzr (2.6.0~bzr6526-1+deb7u1) wheezy-security; urgency=medium . * Non-maintainer upload by the LTS Security team. * CVE-2017-14176: prevent bzr+ssh URLs from passing options to ssh. Closes: #874429. * CVE-2013-2099: Avoid allowing multiple wildcards in a single SSL cert hostname segment. * debian/patches/10_test_smart_transport_fix: backported from upstream, fix regression in test_smart_transport when run with newer kernels. Checksums-Sha1: 0c9b945b62248ac1aeaba58527f5bd0e962dbbfc 2496 bzr_2.6.0~bzr6526-1+deb7u1.dsc ff7f1ef6be6cea9a07ba7d59d8374a017d871b99 9966974 bzr_2.6.0~bzr6526.orig.tar.gz a14e0e0f73a85b7520b21a12bb1c699b84097b2a 44251 bzr_2.6.0~bzr6526-1+deb7u1.debian.tar.gz 092c07b33b60bd459eec90b54ffaadec5402b62a 52834 bzr_2.6.0~bzr6526-1+deb7u1_all.deb 4c5385c12496f770e3d0977c7cc17b06760b730b 2364294 python-bzrlib_2.6.0~bzr6526-1+deb7u1_amd64.deb bdd7f94e2e797642a4f38af2688f9af9772cc96e 2993258 python-bzrlib-dbg_2.6.0~bzr6526-1+deb7u1_amd64.deb d4ea3edff12b04ed971ed40c4a26ec99c4bb4e6f 1452034 python-bzrlib.tests_2.6.0~bzr6526-1+deb7u1_all.deb 68766c4a32b2e16df62193158e88adffed2556db 5529466 bzr-doc_2.6.0~bzr6526-1+deb7u1_all.deb Checksums-Sha256: 3c6c1d75bb41892e64e8931b62af169f7d9a1489e7b2ee94364d05ce024be917 2496 bzr_2.6.0~bzr6526-1+deb7u1.dsc d7196bf838062aea7e1c215cef26dfe160c64f28b2092a22d4f6c1b96ecc046d 9966974 bzr_2.6.0~bzr6526.orig.tar.gz 405f7ac5596952a7f2111d1446c457ecc70f0db83c8150f3e00fdd2c4638f78e 44251 bzr_2.6.0~bzr6526-1+deb7u1.debian.tar.gz af19c2e4c35d300cd3e529ddbe1d20faf51d2c3643df03b5f1894451afef00a2 52834 bzr_2.6.0~bzr6526-1+deb7u1_all.deb cc4b9ede4fff8b04ef05b847b320ef66937774cbef8f1cf9c93f632df71d9b54 2364294 python-bzrlib_2.6.0~bzr6526-1+deb7u1_amd64.deb f04084de6b2981b8f0153bc6d708718e9a0dc112860a47253fa95210bd17cd6b 2993258 python-bzrlib-dbg_2.6.0~bzr6526-1+deb7u1_amd64.deb 8bc75a30daf9094cb1b576b90766b91aefaf2584c523248e347265bad63ee702 1452034 python-bzrlib.tests_2.6.0~bzr6526-1+deb7u1_all.deb 5065248cbfe66f3df8d3eb0331ffd7ef37de87ab625d6072a4753406abaf229c 5529466 bzr-doc_2.6.0~bzr6526-1+deb7u1_all.deb Files: 470de5091d3ad4326c4d74fe028ab038 2496 vcs optional bzr_2.6.0~bzr6526-1+deb7u1.dsc 3f1075ab1d43929fe6c2a6ac20002e85 9966974 vcs optional bzr_2.6.0~bzr6526.orig.tar.gz 98fc480c362fc36c28b9a9bbf049b0e7 44251 vcs optional bzr_2.6.0~bzr6526-1+deb7u1.debian.tar.gz 7a396ed565faed13a0540f31734aa190 52834 vcs optional bzr_2.6.0~bzr6526-1+deb7u1_all.deb 10975405fcf39104baf8a2dfaeb13a71 2364294 python optional python-bzrlib_2.6.0~bzr6526-1+deb7u1_amd64.deb df054bb5f4594be4afc21513ffd08d5c 2993258 debug extra python-bzrlib-dbg_2.6.0~bzr6526-1+deb7u1_amd64.deb 556d10fa05df6f0909a3bc4d96e73a7f 1452034 python optional python-bzrlib.tests_2.6.0~bzr6526-1+deb7u1_all.deb 7eb6147414ef2b77e04c33a431b2a865 5529466 doc optional bzr-doc_2.6.0~bzr6526-1+deb7u1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlnGVT8ACgkQnUbEiOQ2 gwL14w//YsO8GER+AlUSjNvIM86cStKpvKzs05BB6qCHEb6hGrTvG8uRdtgJOl8W W7CIEcjyF3w8Yrez8z+00no9muSxW2Wl0ZO5zJYu/SQVRJ5qdcWajmfUSe45oGkW tVutWLaPtlqzt94UbwK8eltkubtv8lCKEpYJqXHnNRj/i8Ce2ToHFw7eCuaRv6z8 BFQziXPNhm/H0lvKQh5OTU6yJCU6APRFsJ2FcI2gFkGYl+koodETKU0a6qeXnjwK O/6Ww3rr2ICnL5H7fWfhsisAOI8mUIHa1HzjVtMbRx7357fM58uV3MUrG8gEAuAU 0RrVi+MGtX7lIGNdXa505WNsfiZzgdGILivOow2GSTCcPEmF37QnsujyYTpWWBPm FKdv37POxdkY7N0Z+c7AsBhPoSE6zkSgf4yWRAxJYcmvVTfCcWD5w4vIONjYgcDX 4HML30CuQJTlh5Jcemk4ViJUKIC4wuLqU7QNZMsRXXhG0g+UZ8BzIPORiHTZki29 jM7A5H8l+u0GfgkBmyVjuZTvoffhqpXcSWuPFhLlDTdkmBUThdKx2dHkoIn9O9DA kTqjMSInsu588FDtODhb89i0k1CpSzEdfv3pQqkIuaKq4hfeUnDQGnhrXqMJuQJS rnHui/8o+MdG07z7tMRmCiz/wWxl3WaFgUeb6FzMD+uJRBk6UrY= =sbYP -----END PGP SIGNATURE-----
