-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 27 Nov 2017 21:12:18 +0100 Source: bzr Binary: bzr python-bzrlib python-bzrlib-dbg python-bzrlib.tests bzr-doc Architecture: source Version: 2.7.0+bzr6619-7+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Debian Bazaar Maintainers <pkg-bazaar-maint@lists.alioth.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: bzr - easy to use distributed version control system bzr-doc - easy to use distributed version control system (documentation) python-bzrlib - distributed version control system - python library python-bzrlib-dbg - distributed version control system - debug extension python-bzrlib.tests - distributed version control system - testsuite Closes: 868966 874429 Changes: bzr (2.7.0+bzr6619-7+deb9u1) stretch-security; urgency=high . * Non-maintainer upload by the Security Team. * Use 'localhost' rather than '127.0.0.1' in SSL certificates, as the latter trips up pycurl (Closes: #868966) * Ship a refreshed copy of the ssl certs used in testsuite * Prevent SSH command line options from being specified in bzr+ssh:// URLs (CVE-2017-14176) (Closes: #874429) Checksums-Sha1: 8e1cf05b469efea80bc2ed260d8d3a43db88d463 3033 bzr_2.7.0+bzr6619-7+deb9u1.dsc 8bf0b1d7867528e078484cf53a2ab6b879f36b18 10945598 bzr_2.7.0+bzr6619.orig.tar.gz be438b1b7afbd84b8af8bb6133cdbf99c375a0ce 92072 bzr_2.7.0+bzr6619-7+deb9u1.debian.tar.xz 8b5cced0416e11671925931d311fc5f52c6d0d7d 6745 bzr_2.7.0+bzr6619-7+deb9u1_source.buildinfo Checksums-Sha256: b13644e5d249743102646f3d01ae66b9ddb6d1911f3ee2d6fe0e5ac8b9bd6273 3033 bzr_2.7.0+bzr6619-7+deb9u1.dsc a0192999245457fbd564702518bc96453ac0f9b38ea031a466679839b346fa14 10945598 bzr_2.7.0+bzr6619.orig.tar.gz c59743abd33483852c1fdc0647a96599e8b7adccde266b32fc78f639e369584d 92072 bzr_2.7.0+bzr6619-7+deb9u1.debian.tar.xz 53df5b773ac3c3b5d695fa1d860f74cec24488eb0de70c81c55f0484e4dd0f6b 6745 bzr_2.7.0+bzr6619-7+deb9u1_source.buildinfo Files: e0e9ef57e855836d08d930e68be3d678 3033 vcs optional bzr_2.7.0+bzr6619-7+deb9u1.dsc a310bda70f391bbc299d0b9d38c1b41a 10945598 vcs optional bzr_2.7.0+bzr6619.orig.tar.gz 8728b74bdea6ba958aca5c16b3a985b9 92072 vcs optional bzr_2.7.0+bzr6619-7+deb9u1.debian.tar.xz 192dad00880dbf195c2e2a79e5dad46d 6745 vcs optional bzr_2.7.0+bzr6619-7+deb9u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlocfv1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EchoP/Aqe3YQqkGlvlPLaIzuEbg3Q3w5Lc7l2 qlrQ74co71QKxTqRoFj8mYjH1/n1PKJSbNlv6xBb7I153T8uaDTmaLE2rIQfWRBB qaYTRngNaBc2gUAoM2Zj7qgEObxbE5QaR4PgNurWwTJuA9WA27ROSvGqYTcrqYTU UDmUnGnbfMMQiAEH4jLeB5mOVn5FvOc6nk3msQjbgsKm6qq7eKbsUijuZ2brkhXB LH3/1n1lcY9NBBwg5czarUnZYzwIkiubVgLOYh3QX6SNM92hNuaxwNqEcMRD1tzy e56HBEuAFGrTeQpTPtfvjxLSqCOOMq6VqSRVncGK8td0fooynxexDi5EmiEXn5gM knsPevd64xOQoE1HeS6zMLwhZkQnprYv9XZ9f3L3ny78lXTwSyO/kJaNxv1HxWyI rMQxCP8UH9syz5vztBBB+gWvNO7TuaI9JhD/ZOhEvx9Drh9M7y8hVL4s2JESDOmr /Pcj2jatIP7W0/0OdGzVtLNgov1tKxAac1RYWjz/V1HFP+nQSU8zNaEL2YZC74U3 EK9WhRFKLbEw1lJaIBLd7OWUju4Gm+f/s1hCzSR3NOSMyjCB8eP2sq8369P1fKa4 nnj9YJT5D0hf6s83atp5T2aiS+rYqKLcypQV0fFmnn5bSmfUHqmaFM8uYqx92MRU W675gJsY0N/a =BMHi -----END PGP SIGNATURE-----