-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 28 Nov 2017 21:44:25 +0100 Source: bzr Binary: bzr python-bzrlib python-bzrlib-dbg python-bzrlib.tests bzr-doc Architecture: all source Version: 2.6.0+bzr6595-6+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Debian Bazaar Maintainers <pkg-bazaar-maint@lists.alioth.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Closes: 868966 874429 Description: bzr - easy to use distributed version control system bzr-doc - easy to use distributed version control system (documentation) python-bzrlib - distributed version control system - python library python-bzrlib-dbg - distributed version control system - debug extension python-bzrlib.tests - distributed version control system - testsuite Changes: bzr (2.6.0+bzr6595-6+deb8u1) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * Use 'localhost' rather than '127.0.0.1' in SSL certificates, as the latter trips up pycurl (Closes: #868966) * Ship a refreshed copy of the ssl certs used in testsuite * Prevent SSH command line options from being specified in bzr+ssh:// URLs (CVE-2017-14176) (Closes: #874429) Checksums-Sha1: 5bc34d5ab52dd87767efeac37c7b495c909fdc33 2914 bzr_2.6.0+bzr6595-6+deb8u1.dsc 8eb8643bb5af86044ffd5535f6f876476085f641 10944820 bzr_2.6.0+bzr6595.orig.tar.gz 478e98979ca4fa232590c9989ce0cfdfb1f54d75 64608 bzr_2.6.0+bzr6595-6+deb8u1.debian.tar.xz 963e48bd61916018de1dbe920fab054a4cfa31c2 54118 bzr_2.6.0+bzr6595-6+deb8u1_all.deb 6a8314e5acf99d59fead6e28ac3eea1d0cf625cb 1029498 python-bzrlib.tests_2.6.0+bzr6595-6+deb8u1_all.deb 51096d0973aaed6b4c971b2cdd0e554c37846320 3837242 bzr-doc_2.6.0+bzr6595-6+deb8u1_all.deb Checksums-Sha256: ebe83be4c7036e4f90f0a8ebeab997768fa47f835db5fa8f4de9d880b5c5f251 2914 bzr_2.6.0+bzr6595-6+deb8u1.dsc 0016ae484fa08afad9c13ba83871ab424ff0151dee30064af9dd355ec65bdcec 10944820 bzr_2.6.0+bzr6595.orig.tar.gz 58861deceaa2c9c6e3046b2a705b8150b217dc719e1aaa3e5e26113e291957f3 64608 bzr_2.6.0+bzr6595-6+deb8u1.debian.tar.xz f8c74a2f21bbe81f10ae82a03fb47ee9ad57015ea7664025df278e95ee1227ee 54118 bzr_2.6.0+bzr6595-6+deb8u1_all.deb 95f7e2a58c731ccf2b9762bb88ab7e41806d8fbaaa76c0bf7f5bfd4ade307338 1029498 python-bzrlib.tests_2.6.0+bzr6595-6+deb8u1_all.deb 93c8bd9a394a8039ee968f723441dda9bd33eeeae3fe43364ee553518d1317ff 3837242 bzr-doc_2.6.0+bzr6595-6+deb8u1_all.deb Files: 6f24cbb959a797e9b6e7b914bb75940b 2914 vcs optional bzr_2.6.0+bzr6595-6+deb8u1.dsc ec16d5e0dcb262515c7348c99f6a6891 10944820 vcs optional bzr_2.6.0+bzr6595.orig.tar.gz 66a3127d0dfcbe8944492b39f75dad5d 64608 vcs optional bzr_2.6.0+bzr6595-6+deb8u1.debian.tar.xz b4dc2da9ae5681200bc89a85d83784ee 54118 vcs optional bzr_2.6.0+bzr6595-6+deb8u1_all.deb 23ac871931ad76e15d392abb2b31ffcb 1029498 python optional python-bzrlib.tests_2.6.0+bzr6595-6+deb8u1_all.deb dee68949632a1fde379fbb6314aad2b7 3837242 doc optional bzr-doc_2.6.0+bzr6595-6+deb8u1_all.deb -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlodzRlfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89E1EYP/2JO2DbZscnKPaeKzD5ZsrB9lrVv59VF 6ZADheQ+IWwA2l5Qy1dF8M4DWzcIX5kdZtDsK7pRRbtLOmwbVDvOZID+cs9NOZsP +KqHCFoQWfFhC17xCJTi9mtvRtrVBqqz4Tch5uj3phpuPYd3R1vZ6rhilrnFRE50 wJwE3FfZ1HzVxbBs73n27/eLL1oFjYdymSsEPndnX9195Iglf5aNr+0rDq6BCQwJ +sBr4Qu3+db/BGq3CCOIfiqAr+ZqWu6dWFlnnr8sV3FCxtyJoJQFpnXQdzz3YklS 5tfsY4FKbzdzvv5WHa91dAzwlcdwmgJxTfYHNzfcjxJmK1vnKo/Xhzv8XsBLYiDx MobIr4QKMz108Kn8Nw34nHJeSTuB3xCMvORSHVrAxVf1HT0CM7AtQp906aB3a8kb xsEfZ168KciBUz3gdJkGqMs6EABGrnpUxPB0WR/a2P+xPQ8V4d2fzpMalgtBqcMC 28hEb02xVwRZ6t7hnpA755F+la10GPx3wLbPcjsSGfiyc6urDXAnB9+iVg+WdRoR 8pcab7w6/5b1rbsSSnK1N7HlmIDN9R6PYoH+ZZlvk/TpC/1iKY3Fh1L+ue2ph7v+ rlOo7ksH4qbtHhxD5w+1N087WAXXvCnX/U6QdysMDIu0uVqojUDMMamQeR6+thbS jrUCWCU3eFYD =oXJ9 -----END PGP SIGNATURE-----
