-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 16 Aug 2017 11:58:11 +0200 Source: gsoap Binary: libgsoap10 libgsoap-dev gsoap gsoap-doc libgsoap-dbg gsoap-dbg Architecture: source amd64 all Version: 2.8.35-4+deb9u1 Distribution: stretch Urgency: medium Maintainer: Mattias Ellert <mattias.ellert@physics.uu.se> Changed-By: Mattias Ellert <mattias.ellert@physics.uu.se> Description: gsoap - Stub generators for gSOAP gsoap-dbg - Debugging symbols for gSOAP stub generators gsoap-doc - gSOAP documentation libgsoap-dbg - Debugging symbols for gSOAP libraries libgsoap-dev - Development libraries and headers for gSOAP libgsoap10 - Runtime libraries for gSOAP Changes: gsoap (2.8.35-4+deb9u1) stretch; urgency=medium . * Fix for CVE-2017-9765 Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via a large XML document. Checksums-Sha1: f5d103cd6f57bd1f8e91395d66ea631fa5dd05fb 2199 gsoap_2.8.35-4+deb9u1.dsc 34b8e916aca590d16345d714d051d8786545d160 5723766 gsoap_2.8.35.orig.tar.gz 1faa4271dd93f24b991e8b3405a509ab7637b3d5 13092 gsoap_2.8.35-4+deb9u1.debian.tar.xz 242c7c12303d253cea74521b16b963b2fcba978d 4091038 gsoap-dbg_2.8.35-4+deb9u1_amd64.deb 58db71fb282eabce3dde73afd89b8ec29f327853 11385248 gsoap-doc_2.8.35-4+deb9u1_all.deb d23046500b18939b669ab3765f0e9f40afed853f 8577 gsoap_2.8.35-4+deb9u1_amd64.buildinfo dee2e7dc4e824110ccc0cbb002307994f76db39a 943524 gsoap_2.8.35-4+deb9u1_amd64.deb ccf024602737aef22878eb309ed50fe8b0a10e3c 1214158 libgsoap-dbg_2.8.35-4+deb9u1_amd64.deb 60723e86bea5879e98b7ba533ea310637738b813 265078 libgsoap-dev_2.8.35-4+deb9u1_amd64.deb 67867bfc49c8caebcfd3b2f345a93535d6509f03 265426 libgsoap10_2.8.35-4+deb9u1_amd64.deb Checksums-Sha256: 32f2056c4f3b1f38a691b95527d2161fef2a19914999d7c0a13a41a326f85bee 2199 gsoap_2.8.35-4+deb9u1.dsc 20d607d499ec347c0ba21c926bba09da232f53f4da90c47f20a6a67970c1fb5e 5723766 gsoap_2.8.35.orig.tar.gz d27338f22758e8d1ed7113e13535b3eb2c09973b64c985d6491dcd87ee35dfc4 13092 gsoap_2.8.35-4+deb9u1.debian.tar.xz 8acbbbafd4ef0ee24107793c235c3d02c3dec55b43429898f1b4a9c8c77abc5c 4091038 gsoap-dbg_2.8.35-4+deb9u1_amd64.deb d5dd4337de970752f181a9b0567f0a5baf375c1f79e6bcff381bd9fbecafce31 11385248 gsoap-doc_2.8.35-4+deb9u1_all.deb f456a03b5a28426d897ac512131cd91f9c26209bde5f6abde84c87b6b6a415e8 8577 gsoap_2.8.35-4+deb9u1_amd64.buildinfo a8ebc58be9a499dd9ecf8da2c106b3ab3201b942cd2318927671bdc7c4e68035 943524 gsoap_2.8.35-4+deb9u1_amd64.deb c1ea2abef70be1ae95165fc5d58cef859d26dcb4f2cf86c5a2a64227fc78df31 1214158 libgsoap-dbg_2.8.35-4+deb9u1_amd64.deb c4cf334d185dcff5a6c4227d554461c52e5290a764751418cf5e778356f50ce5 265078 libgsoap-dev_2.8.35-4+deb9u1_amd64.deb 9b85c658d95994852b8e68b81497adecf166e416655774a4daa2bf3aa89321bf 265426 libgsoap10_2.8.35-4+deb9u1_amd64.deb Files: fde3ecb1ef972c050685c3b592bc341e 2199 devel optional gsoap_2.8.35-4+deb9u1.dsc 78c05da816e30e59c2df69dbb6ab2dea 5723766 devel optional gsoap_2.8.35.orig.tar.gz c97da6985daa46bd076f9ae195816755 13092 devel optional gsoap_2.8.35-4+deb9u1.debian.tar.xz 05725b621ef3c5c5fc60565e41e58e4f 4091038 debug extra gsoap-dbg_2.8.35-4+deb9u1_amd64.deb c1355ae75fa2fbaf9d24c7201d58d245 11385248 doc optional gsoap-doc_2.8.35-4+deb9u1_all.deb b3d53d868e8799145711a71058beeaa4 8577 devel optional gsoap_2.8.35-4+deb9u1_amd64.buildinfo 9114636bf12771c17cd05eba2c6df6c2 943524 devel optional gsoap_2.8.35-4+deb9u1_amd64.deb 12dbbe3020b12c027549ce1d5963f0be 1214158 debug extra libgsoap-dbg_2.8.35-4+deb9u1_amd64.deb 50643732472fc562aa90210980d6a780 265078 libdevel optional libgsoap-dev_2.8.35-4+deb9u1_amd64.deb 25576dce085158aaea02ac48d199c485 265426 libs optional libgsoap10_2.8.35-4+deb9u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE6hgwr99NQxrZ4RRS6K7C/zvhqUsFAlnJKYIACgkQ6K7C/zvh qUsmeQ//WFZWnvEXpik8+wshwM4//I7ESgrrOLz35zpGHemmgysUpX9XXGOEJn1Y QGXTHFmFotLBW+kVImj6TgOatFfuWNrdOsLdrl9DsnmFxxHj47tdoUoM8aFbaxqg 5sqTi0R2CBYO4KSbxEv//6JnZNna/Gy8nMHC7+ypuqeZ2mdjoigoDUSjR6whVgBE Wt+Pmm+OHKq9vxdlY92+JrPlZx8FSnzg3p2vTFuMMf2KMJGWrEXXM+qy5gPGAEns 1wp1FtnHxRbCGtRIGJGhMVkDv7z5XGBQx15zTt9vvhTL+gOL1YnA/GKQxvwLpjEB rpitIhJeomgyNOdvLTu0FvbXVk6sUBqRfdoGCuWQX27lU5YTYDjSTVv6fCJprHld RqNmK2M8x3nh2mUdqzlSvj/gpdyokLsju7zeJ9EJ0OA3WDnRD2N7ZNEOqnnHXMd9 N+WiKbJ/zVGYi8BtwEE0Fqen845xbFp5OUIusUGMKZDNX5Q5ocFKKl79I+FBuVRT SkJv4qT5U79uHUSu9TwU8yH4iKBMF2nIhKaUgH+1c9JGGIZxh1EK7Ss3k4SbXR9O UJx7hZXGydrVdNJVtJu51cTI40Dsi6HcJr/1mX5uvAkujlsFBI4fo/ouDITEoG6N 7AmqsySP8CEju2VjNB6ADm0VQIh26bUA1hdd5M/ewc9xMc4gJqg= =yLxJ -----END PGP SIGNATURE-----