Branches for Squeeze

Author: Steve McIntyre
Revision Date: 2013-09-14 23:45:44 UTC

* Fixes for various long-standing security issues found by Hamid
  Zamani <me@hamidx9.ir>. Closes: #720287
  + Validate the port offset of nasd to fix a potential buffer overflow
    (CVE-2013-4256)
  + Use better string functions to guard against heap overflows
    (CVE-2013-4257)
  + Sanity-check the TCP_DEVICE environment variable for safety.
* Fix string handling in aulog.c:osLogMsg() to fix missing format string
  in call to syslog() (CVE-2013-4258).