Branches for Wheezy

Author: Guido Günther
Revision Date: 2016-03-27 15:47:43 UTC

Fix CVE-2012-6698, CVE-2012-6699, CVE-2012-6700,
out-of-bound reads/writes and use-after-free issues with specially
crafted DHCP messages.
This is a forward port of the patch applied to squeeze-lts since
wheezy uses the same upstream version. (LP: #1517226)

Author: Adam D. Barratt
Revision Date: 2016-06-01 20:00:53 UTC

[ Didier Raboud ]
* Swap the d-i Built-Using with the installer fetching, to fail on version
  mismatches earlier (Closes: #819586).

[ Cyril Brulebois ]
* Update to 20130613+deb7u3+b2 images, from proposed-updates.

Author: Thorsten Alteholz
Revision Date: 2016-03-24 18:03:02 UTC

* Non-maintainer upload by the Wheezy LTS Team.
* add struts-1.2.9-CVE-2015-0899.patch from Red Hat
  (same patch as in the Squeeze version)

Author: Sebastian Ramacher
Revision Date: 2016-03-02 23:22:59 UTC

* debian/confflags: Build with --disable-protocol=concat as this is the only
  real fix for CVE-2016-1897 and CVE-2016-1898.
* debian/patches/CVE-2016-2326.patch: avformat/asfenc: Check pts
  (CVE-2016-2326).

Author: Markus Koschany
Revision Date: 2016-02-23 00:15:07 UTC

* Non-maintainer upload.
* CVE-2016-0775:
  Fix buffer overflow in FliDecode.c (Closes: #813909)
* CVE-2016-2533:
  Fix buffer overflow in PcdDecode.c.

Author: Salvatore Bonaccorso
Revision Date: 2016-02-13 06:04:56 UTC

* Non-maintainer upload by the Security Team.
* Fix addition of EC points
* Fix multiply by zero in gcry_mpi_ec_mul
* ecc: Fix for chosen cipher text attacks (CVE-2015-7511)

Author: Aurelien Jarno
Revision Date: 2016-02-11 23:11:53 UTC

[ Aurelien Jarno ]
* patches/any/cvs-strftime.diff: new patch from upstream to fix
  segmentation fault caused by passing out-of-range data to strftime()
  (CVE-2015-8776). Closes: #812445.
* patches/any/cvs-hcreate.diff: new patch from upstream to fix an integer
  overflow in hcreate() and hcreate_r() (CVE-2015-8778). Closes: #812441.
* patches/any/cvs-catopen.diff: new patch from upstream to fix multiple
  unbounded stack allocations in catopen() (CVE-2015-8779). Closes:
  #812455.
* patches/any/cvs-gethostbyname4-memory-leak.diff: new patch from
  upstream to fix a memory leak in _nss_dns_gethostbyname4_r with big
  DNS answers.
* patches/any/local-CVE-2015-7547.diff: new patch to fix glibc getaddrinfo
  stack-based buffer overflow (CVE-2015-7547).

Author: Lars Tangvald
Revision Date: 2016-01-13 12:53:26 UTC

* Imported Upstream version 5.5.47 to fix security issues:
  - http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
  - CVE-2016-0546 CVE-2016-0505 CVE-2016-0596 CVE-2016-0597 CVE-2016-0616
    CVE-2016-0598 CVE-2016-0600 CVE-2016-0606 CVE-2016-0608 CVE-2016-0609
  (Closes: #811428)
* fix-test-suite-failure-caused-by-arbitrary-date-in-the-future-patch is no
  longer needed, as bug is fixed in new Upstream version

Author: Salvatore Bonaccorso
Revision Date: 2016-01-08 19:16:10 UTC

* Non-maintainer upload by the Security Team.
* Add 43_CVE-2015-7575.diff patch.
  CVE-2015-7575: MD5-based ServerKeyExchange signature accepted by
  default.

Author: Andreas Beckmann
Revision Date: 2015-12-15 23:05:01 UTC

* Use nvidia-kernel-source 304.131.
* Upload to wheezy.

Author: David Prévot
Revision Date: 2015-10-09 13:32:44 UTC

Upload compatible version with recent Iceweasel in Wheezy

Author: Moritz Muehlenhoff
Revision Date: 2015-05-25 20:59:17 UTC

Rebuild for wheezy

Author: Cyril Brulebois
Revision Date: 2015-08-28 17:31:58 UTC

[ Milan Kupcevic ]
Exclude CD/DVD drives from partition search. (thanks, Frank Fegert)
Closes: #332227

Author: David Prévot
Revision Date: 2015-08-27 17:51:23 UTC

[ David Prévot ]
* Track Wheezy

[ Kalle Olavi Niemitalo ]
* Fix enumeration of scripts on iceweasel >= 35
  Backported from upstream 2.6.8.42rc1 (Closes: #797043)

Author: Salvatore Bonaccorso
Revision Date: 2015-08-19 16:54:23 UTC

* Non-maintainer upload by the Security Team.
* CVE-2015-6496: conntrackd crash on unexpected network traffic
  (Closes: #796103)

Author: Stefan Fritsch
Revision Date: 2015-08-16 13:27:23 UTC

* Switch to SHA2 for newly generated certificates. Closes: #733255, #773815
* Set umask to make sure that the generated key is not world-readable
  for a short timespan while make-ssl-cert runs. Closes: #780828

Author: Moritz Muehlenhoff
Revision Date: 2015-08-13 21:16:49 UTC

CVE-2015-4491

Author: Aurelien Jarno
Revision Date: 2015-08-11 21:48:23 UTC

* New upstream version, affecting the following future time stamps:
  - North Korea switches to +0830 on 2015-08-15.
  - Uruguay no longer observes DST.

Author: gregor herrmann
Revision Date: 2015-08-11 14:44:29 UTC

Update to Olson database version 2015f.

Author: James McCoy
Revision Date: 2015-08-09 23:39:21 UTC

patches/CVE-2015-3817: svn_repos_trace_node_locations() reveals paths
hidden by authz

Author: Emmanuel Bourg
Revision Date: 2015-08-07 22:16:39 UTC

* Team upload.
* Fixed security issues (Closes: #777196, #792857)
  - CVE-2014-3612: JAAS LDAPLoginModule allows empty password authentication
  - CVE-2014-3600: XML External Entity expansion when evaluating XPath
    expressions
  - CVE-2014-3576: DoS via unauthenticated remote shutdown command
  - Disable JMX by default (Closes: #769887)

Author: Alessandro Ghedini
Revision Date: 2015-08-05 12:17:11 UTC

Rebuild against fixed xmltooling for DSA 3321-1

Author: Salvatore Bonaccorso
Revision Date: 2015-08-02 15:57:21 UTC

* Non-maintainer upload by the Security Team.
* Add CVE-2015-5400.patch patch.
  CVE-2015-5400: Information disclosure due to incorrect handling of peer
  responses. (Closes: #793128)

Author: Salvatore Bonaccorso
Revision Date: 2015-08-01 08:14:20 UTC

* Non-maintainer upload by the Security Team.
* Add CVE-2015-3228.patch patch.
  CVE-2015-3228: Integer overflow in gs_heap_alloc_bytes() (Closes: #793489)

Author: Youhei SASAKI
Revision Date: 2015-07-29 16:37:25 UTC

* Create cherry-picked patch for Security Fix (Closes: #789311).
  - CVE-2015-3225: 0006-Fix-Params_Depth.patch
    Default depth at which the parameter parser will raise an exception
    for being too deep, allows remote attackers to cause a denial of
    service (SystemStackError) via a request with a large parameter
    depth.

Author: micove
Revision Date: 2015-07-28 12:13:10 UTC

* Backport fix for #580120, #778669 from 0.12.1-47-g7ab7616-1 and
  0.12.0~svn2018-6.1 to wheezy.

[ IOhannes m zmölnig ]
* Disabled User-Interface by default. (Closes: #580120, #778669)

Author: Salvatore Bonaccorso
Revision Date: 2015-07-27 20:52:06 UTC

* Non-maintainer upload by the Security Team.
* CVE-2015-5477: A failure to reset a value to NULL in tkey.c could
  result in an assertion failure.

Author: Ferenc Wágner
Revision Date: 2015-07-27 11:39:26 UTC

Apply security fix from 1.5.5 for CVE-2015-0851 DoS (Closes: #793855):
Shibboleth SP software crashes on well-formed but invalid XML

Author: Laszlo Boszormenyi
Revision Date: 2015-07-24 15:57:09 UTC

Fix CVE-2015-1283, multiple integer overflows in the XML_GetBuffer
function (closes: #793484).

Author: Paul Gevers
Revision Date: 2015-07-19 21:57:27 UTC

* Security update
  - CVE-2015-4634 SQL injection in graphs.php
  - Multiple other SQL injection vulnerabilities

Author: Alessandro Ghedini
Revision Date: 2015-07-18 15:22:34 UTC

Fix heap buffer overflow and memory saturation on invalid HTML input
as per CVE-2015-5522 and CVE-2015-5523 (Closes: #792571)

Author: Bas Couwenberg
Revision Date: 2015-07-15 22:27:35 UTC

Add patch to fix 32 bit multiplication overflow.

Author: Moritz Muehlenhoff
Revision Date: 2015-07-05 16:49:04 UTC

CVE-2015-0848 CVE-2015-4588 CVE-2015-4695 CVE-2015-4696

Author: Mats Erik Andersson
Revision Date: 2015-06-30 01:04:03 UTC

* QA Upload
* NLST of empty directory results in segfault. (Closes: #788331)
  + debian/patches/500-ssl.diff: Updated.

Author: Laszlo Boszormenyi
Revision Date: 2015-06-28 13:57:13 UTC

* Fix CVE-2015-2141, misuse of blinding technique that is aimed at
  preventing timing attacks.
* Update my email address.

Author: Markus Koschany
Revision Date: 2015-06-25 18:52:02 UTC

* Team upload.
* Add CVE-2015-1833.patch.
  Fix XXE/XEE vulnerability of the Jackrabbit WebDAV bundle.
  When processing a WebDAV request body containing XML, the XML parser can be
  instructed to read content from network resources accessible to the host,
  identified by URI schemes such as "http(s)" or "file". Depending on the
  WebDAV request, this can not only be used to trigger internal network
  requests, but might also be used to insert said content into the request,
  potentially exposing it to the attacker and others. (Closes: #787316)

Author: Daniel Stender
Revision Date: 2015-06-21 12:20:37 UTC

* added fix-insecure-use-of-tmp-when-executing-c44.diff, fix
  of no-dsa security issue (related bug #784889 closed by 0.7.21-1
  in Sid).
* deb/rules: added empty override for dh_auto_clean (see #724228).

Author: Santiago Vila
Revision Date: 2015-06-21 11:00:00 UTC

* Apply the following patches from jessie:
- Fixed bug "unzip thinks some files are symlinks". Closes: #717029.
  Reported by Jeff King. Patch by Andreas Schwab.
- Increase size of cfactorstr array in list.c to avoid a buffer
  overflow problem. Closes: #741384.
- Fix zipinfo crash where a value <= 25.5 was printed in a buffer
  having room only for values < 10.0. Closes: #744212.

Author: Gunnar Wolf
Revision Date: 2015-06-18 09:53:59 UTC

* Backported from 7.38: SA-CORE-2015-002 (Multiple vulnerabilities. CVE
  IDs assigned as follows:
  + Impersonation (OpenID module - Drupal 6 and 7): CVE-2015-3234
  + Open redirect (Field UI module - Drupal 7): CVE-2015-3232
  + Open redirect (Overlay module - Drupal 7: CVE-2015-3233
  + Information disclosure (Render cache system - Drupal 7): CVE-2015-3231
* Refreshed patches that are applied for the build process, lowering the
  amount of build-noise generated.

Author: Ben Hutchings
Revision Date: 2015-06-14 17:05:53 UTC

* Non-maintainer upload.
* Delay creation of symlinks to prevent arbitrary file writes (CVE-2015-1038)
  (Closes: #774660)

Author: Kurt Roeckx
Revision Date: 2015-06-13 12:18:30 UTC

* Fix CVE-2015-1791
* Fix CVE-2015-1792
* Fix CVE-2015-1789
* Fix CVE-2015-1790
* Fix CVE-2015-1788
* Fix CVE-2015-4000
* Fix CVE-2014-8176

Author: Philip Rinn
Revision Date: 2015-06-09 20:52:45 UTC

* Add patch debian/patches/04-fix_CVE-2015-3885.patch:
  - Fix dcraw imput sanitization errors (CVE-2015-3885)

Author: Daniel Stender
Revision Date: 2015-06-07 10:00:40 UTC

add avoid_mktexmp.diff to fix CVE-2014-1937 (related bug #737324
was closed in Sid by 3.4.1-1).

Author: Daniel Stender
Revision Date: 2015-06-06 18:41:01 UTC

add fix-insecure-use-of-tmp-when-calling-c44.diff on security
bug #784888 (closed by 0.4-1 in sid).

Author: Sebastien Delafond
Revision Date: 2015-06-02 22:43:53 UTC

* NMU by the Security Team
* Fix regression introduced in 1.8.ooops.21+dfsg-2+deb7u1 (Closes: #787100)

Author: Matteo F. Vescovi
Revision Date: 2015-05-28 14:15:10 UTC

* debian/patches/: patchset updated
  - 0001-Fix_CVE-2015-3885.patch added (Closes: #786788)
    | Integer overflow in the ljpeg_start function
    | in dcraw 7.00 and earlier allows remote attackers
    | to cause a denial of service (crash) via a
    | crafted image, which triggers a buffer overflow,
    | related to the len variable.

Author: Santiago Vila
Revision Date: 2015-05-27 19:26:16 UTC

Upload for wheezy. Closes: #749734.

Author: Salvatore Bonaccorso
Revision Date: 2015-05-26 20:46:20 UTC

* Non-maintainer upload by the Security Team.
* Update CVE-2015-3202.patch patch.
  CVE-2015-3202: Missing scrubbing of the environment before executing a
  mount or umount of a filesystem.
  The previous fix for CVE-2015-3202 was incomplete and missed the
  replacement of one execl call with execle. (Closes: #786475)

Author: Markus Koschany
Revision Date: 2015-05-23 23:33:30 UTC

* Team upload.
* Add CVE-2014-8111.patch. (Closes: #783233)
  It was discovered that a JkUnmount rule for a subtree of a previous JkMount
  rule could be ignored. This could allow a remote attacker to potentially
  access a private artifact in a tree that would otherwise not be accessible
  to them.
  - Add option to control handling of multiple adjacent slashes in mount and
    unmount. New default is collapsing the slashes only in unmount. Before
    this change, adjacent slashes were never collapsed, so most mounts and
    unmounts didn't match for URLs with multiple adjacent slashes.
  - Configuration is done via new JkOption for Apache (values
    "CollapseSlashesAll", "CollapseSlashesNone" or "CollapseSlashesUnmount").

Author: Christoph Berg
Revision Date: 2015-05-23 22:58:29 UTC

Fix remote crash - invalid packet order causes lookup of NULL pointer.
Not exploitable, just DoS. (CVE-2015-4054)
Cherry-picked from upstream 1.5.5.

Author: Salvatore Bonaccorso
Revision Date: 2015-05-22 08:05:50 UTC

* Non-maintainer upload by the Security Team.
* Add bug785778-null-pointer-deref.patch patch.
  CVE-2015-4047: Fix NULL pointer dereference in racoon in gssapi.c
  leading to a possible crash and denial of service attack. (Closes: #785778)

Author: Salvatore Bonaccorso
Revision Date: 2015-05-20 20:51:05 UTC

* Team upload.
* Add 0001-make-skip-work-again.patch patch.
  Restore --skip functionality for cpansign. (Closes: #785701)

Author: Sebastien Delafond
Revision Date: 2015-05-19 12:58:18 UTC

* Non-maintainer upload by the Security Team
* Fix CVE-2015-3306: unauthenticated copying of files via SITE CPFR/CPTO
  allowed by mod_copy (Closes: #782781)

Author: Wouter Verhelst
Revision Date: 2015-05-15 13:03:42 UTC

* Backport fix for CVE-2015-0847 to fix handling of SIGTERM and SIGCHLD.
  Closes: #784657.
* Merge patch by Tuomas Räsänen to do all negotiation in the child
  process. Closes: #781547, CVE-2013-7441.

Author: Salvatore Bonaccorso
Revision Date: 2015-05-14 18:19:32 UTC

* Team upload.
* Consider MANIFEST.SKIP when verfying signature as part of testsuites.
  Set skip => 1 on Module::Signature::verify for compatibility with the
  fix for CVE-2015-3407 in libmodule-signature-perl.

Author: Thijs Kinkhorst
Revision Date: 2015-05-07 19:01:01 UTC

[ Brett Parker ]
* Add anti_poodle patch (CVE-2014-3566, Closes: #765539)
  - It's now possible to disable SSLv3 with the "DisableSSLv3"
    directive in pound.cfg. It's however not disabled by default.
* Disable tls compression patch (CVE-2012-4929, Closes: 727197)
* Add missing chunk to renegotiation patch
  (CVE-2009-3555, Closes: #765649).
* don't wrongly encode = in redirect (Closes: #723731)

[ Thijs Kinkhorst ]
* Upload to wheezy-security.

Author: Salvatore Bonaccorso
Revision Date: 2015-05-06 21:37:29 UTC

* Non-maintainer upload by the Security Team.
* Handle case where SO_REUSEPORT may be defined but not supported by
  the running kernel.
  The update for CVE-2015-3294 caused a regression for the armel and armhf
  builds due to a newer linux-libc-dev package installed in the wheezy
  chroots used for the build. The libc headers defined SO_REUSEPORT,
  whereas the kernel in wheezy does not support it uncovering this
  problem. (Closes: #784571)
* Set SO_REUSEADDR as well as SO_REUSEPORT on DHCP sockets when
  both are available

Author: Javi Merino
Revision Date: 2015-05-06 08:09:26 UTC

Fix "CVE-2014-9462" by adding patch
from_upstream__sshpeer_more_thorough_shell_quoting.patch (Closes:
#783237)

Author: Santiago Vila
Revision Date: 2015-05-04 15:17:48 UTC

* Changed /etc/debian_version to 7.9, for Debian 7.9 point release.
* Distribution is now "oldstable" because this is for wheezy.

Author: Sebastian Andrzej Siewior
Revision Date: 2015-05-02 22:35:37 UTC

[ Andreas Cadhalpun ]
* Fix variable name mismatch in clamav-milter.postinst in order to
  make preseeding work correctly. (Closes: #778445)
* Drop 'XS-Testsuite: autopkgtest' from debian/control.
  Debhelper automatically adds the Testsuite field.
  This fixes the lintian warning xs-testsuite-header-in-debian-control.
* Fix cleanup on purge in clamav-base.postrm.

[ Sebastian Andrzej Siewior ]
* Replace ” with " in debian/common_functions (Closes: #781088)
* Import new upstream:
  - Improvements to PDF processing: decryption, escape sequence
    handling, and file property collection.
  - Scanning/analysis of additional Microsoft Office 2003 XML format.
  - Fix infinite loop condition on crafted y0da cryptor file. Identified
    and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221.
  - Fix crash on crafted petite packed file. Reported and patch
    supplied by Sebastian Andrzej Siewior. CVE-2015-2222.
  - Fix false negatives on files within iso9660 containers. This issue
    was reported by Minzhuan Gong.
  - Fix a couple crashes on crafted upack packed file. Identified and
    patches supplied by Sebastian Andrzej Siewior.
  - Fix a crash during algorithmic detection on crafted PE file.
    Identified and patch supplied by Sebastian Andrzej Siewior.
  - Fix an infinite loop condition on a crafted "xz" archive file.
    This was reported by Dimitri Kirchner and Goulven Guiheux.
    CVE-2015-2668.
  - Fix compilation error after ./configure --disable-pthreads.
    Reported and fix suggested by John E. Krokes.
  - Apply upstream patch for possible heap overflow in Henry Spencer's
    regex library. CVE-2015-2305 (Closes: #778406).
  - Fix crash in upx decoder with crafted file. Discovered and patch
    supplied by Sebastian Andrzej Siewior. CVE-2015-2170.
  - Fix segfault scanning certain HTML files. Reported with sample by
    Kai Risku.
  - Improve detections within xar/pkg files.
* update GPG key used to verify releases to get uscan/get_orig.sh working
  again.
* update symbol version for cl_retflevel due to CL_FLEVEL change.

Author: Salvatore Bonaccorso
Revision Date: 2015-05-01 13:48:42 UTC

* Team upload.
* Add CVE-2015-3451.patch patch.
  CVE-2015-3451: expand_entities set to 0 is not preserved after a
  _clone() call. (Closes: #783443)

Author: Andreas Beckmann
Revision Date: 2015-04-30 21:22:34 UTC

* Non-maintainer upload with maintainer approval.
* Backport from 1.8.7-1: "recognize lenny and squeeze unmodified sudoers" to
  avoid dpkg questions about modified conffiles on upgrades to wheezy.
  (Closes: #660594)
* *.preinst: Recognize the unmodified /etc/sudoers from sudo-ldap/lenny.

Author: Felix Geyer
Revision Date: 2015-04-28 21:38:08 UTC

* Fix a symlink directory traversal vulnerability (Closes: #774171)
  - Add debian/patches/fix-dir-traversal

Author: Antonio Terceiro
Revision Date: 2015-04-27 18:30:57 UTC

Fix OpenSSL Hostname Verification [CVE-2015-1855]

Author: Sergei Golovan
Revision Date: 2015-04-25 19:32:17 UTC

Added a patch from upstream which fixes an XSS vulnerability in
the html module for <textarea/> elements (closes: #780100).

Author: Stefan Lippers-Hollmann
Revision Date: 2015-04-23 19:56:11 UTC

import "P2P: Validate SSID element length before copying it
(CVE-2015-1863)" from upstream (Closes: #783148); this is essentially a
no-op for the wheezy binaries distributed by Debian, as CONFIG_P2P is
disabled there.

Author: Alessandro Ghedini
Revision Date: 2015-04-21 13:51:57 UTC

* Fix re-using authenticated connection when unauthenticated
  as per CVE-2015-3143
  http://curl.haxx.se/docs/adv_20150422A.html
* Fix Negotiate not treated as connection-oriented as per CVE-2015-3148
  http://curl.haxx.se/docs/adv_20150422B.html

Author: Markus Koschany
Revision Date: 2015-04-18 14:15:11 UTC

* Team upload.
* Add CVE-2012-6153.patch and CVE-2014-3577.patch.
  It was found that the fix for CVE-2012-5783 and CVE-2012-6153 was
  incomplete. The code added to check that the server hostname matches the
  domain name in the subject's CN field was flawed. This can be exploited by
  a Man-in-the-middle (MITM) attack where the attacker can spoof a valid
  certificate using a specially crafted subject.

Author: Paul Tagliamonte
Revision Date: 2015-04-17 16:09:04 UTC

* Security Upload
* Include fix for remote file inclusion, CVE-2015-0846, thanks to
  James P. Turk for finding this bug and providing a fix.

Author: Steven Chamberlain
Revision Date: 2015-04-16 21:45:05 UTC

* Pick SVN r281231 from FreeBSD 9-STABLE to fix:
  - SA-15:04: integer overflow in IGMP protocol (CVE-2015-1414)
    updated patch from advisory revision 1.1 (Closes: #779201)
  - SA-15:09: Denial of Service with IPv6 Router Advertisements
    (CVE-2015-2923) (Closes: #782735)

Author: Markus Koschany
Revision Date: 2015-04-15 21:24:48 UTC

* Team upload.
* Add CVE-2014-3577.patch. (Closes: #758086)
  It was found that the fix for CVE-2012-6153 was incomplete: the code added
  to check that the server hostname matches the domain name in a subject's
  Common Name (CN) field in X.509 certificates was flawed. A
  man-in-the-middle attacker could use this flaw to spoof an SSL server using
  a specially crafted X.509 certificate. The fix for CVE-2012-6153 was
  intended to address the incomplete patch for CVE-2012-5783. The issue is
  now completely resolved by applying this patch and the
  06_fix_CVE-2012-5783.patch.
* Change java.source and java.target ant properties to 1.5, otherwise
  commons-httpclient will not compile with this patch.

Author: Dominic Hargreaves
Revision Date: 2015-04-14 23:24:22 UTC

Fix format string injection vulnerability in localisation of
templates (CVE-2015-0845)

Author: Sebastien Delafond
Revision Date: 2015-04-13 18:29:02 UTC

Tighten build dependency on libx11-dev (Closes: #782505)

Author: Salvatore Bonaccorso
Revision Date: 2015-04-12 11:02:08 UTC

* Non-maintainer upload by the Security Team.
* Fix buffer overflow in the handling of the XAUTHORITY env variable
  (CVE-2015-2831) (Closes: #781806)
* Remove duplicate check for temp[i] == '\0' in das_watchdog.c
* Fix infinite loop on platforms where char is unsigned
* Add fix-memory-leak-on-realloc.patch patch.
  Fix potential memory leak on realloc and causing "NULL+i" (write)
  dereference afterwards.
  Thanks to Niels Thykier <niels@thykier.net>

Author: Moritz Muehlenhoff
Revision Date: 2015-04-11 20:47:13 UTC

CVE-2013-7439

Author: Salvatore Bonaccorso
Revision Date: 2015-04-11 14:38:36 UTC

* Non-maintainer upload by the Security Team.
* Add CVE-2015-2806.patch patch.
  CVE-2015-2806: stack overflow in asn1_der_decoding.

Author: Joachim Wiedorn
Revision Date: 2015-04-10 22:25:52 UTC

* With the following security bugfixes (See: #782160):
  - Fix CVE-2015-1853: Protect authenticated symmetric NTP
                       associations against DoS attacks.
  - Fix CVE-2015-1821: Fix access configuration with subnet
                       size indivisible by 4.
  - Fix CVE-2015-1822: Fix initialization of reply slots for
                       authenticated commands.

Author: Kurt Roeckx
Revision Date: 2015-04-10 20:36:48 UTC

* Fix CVE-2015-1798 and CVE-2015-1799 (Closes: #782095)
* Fix endless loop and non-random key generation using
  ntp-keygen on big endian machines.

Author: Moritz Muehlenhoff
Revision Date: 2015-04-08 21:30:38 UTC

Fix buffer overflow in MP4 playback, thanks to Ralph Giles

Author: Peter Palfrader
Revision Date: 2015-04-06 17:30:17 UTC

* New upstream version, fixing hidden service related Denial of
  Service bugs:
  - Fix two remotely triggerable assertion failures (upstream bugs
    #15600 and #15601).
  - Disallow multiple INTRODUCE1 cells on the same circuit at introduction
    points, making overwhelming hidden services with introductions more
    expensive (upstream bug #15515).

Author: Dominic Hargreaves
Revision Date: 2015-04-05 18:33:33 UTC

Disable SSLv3 to mitigate against the POODLE vulnerability
(Closes: #767026)

Author: Salvatore Bonaccorso
Revision Date: 2015-04-04 13:15:47 UTC

* Team upload.
* Add 0001-Adjustments-for-the-loss-of-spclocation-in-9.2.patch patch.
  Fixes interoperability problem between wheezy clients using DBD::Pg
  against newer PostgreSQL versions.
  Thanks to Christoph Biedl <debian.axhn@manchmal.in-ulm.de> (Closes: #781722)

Author: Salvatore Bonaccorso
Revision Date: 2015-04-04 11:01:18 UTC

* Non-maintainer upload by the Security Team.
* Add missing required patches for CVE-2014-3660.
  The two upstream commits a3f1e3e5712257fd279917a9158278534e8f4b72 and
  cff2546f13503ac028e4c1f63c7b6d85f2f2d777 are required in addition to the
  commit be2a7edaf289c5da74a4f9ed3a0b6c733e775230 to fix CVE-2014-3660 due
  to changes in the use of ent->checked.
  Fixes "libxml2: CVE-2014-3660 patch makes installation-guide FTBFS".
  (Closes: #774358)
* Refresh cve-2014-3660.patch patch
* Refresh cve-2014-3660-bis.patch patch

Author: Salvatore Bonaccorso
Revision Date: 2015-04-03 20:21:46 UTC

* Non-maintainer upload by the Security Team with patches from Guillem Jover
* Fix buffer overflow from size under user control.
  This is causing free() on an invalid pointer.
  Fixes: CVE-2015-2782 (Closes: #774015)
* Fix absolute path directory traversal.
  Fixes: CVE-2015-0557 (Closes: #774435)
* Fix symlink directory traversal.
  Fixes: CVE-2015-0556 (Closes: #774434)

Author: Alessandro Ghedini
Revision Date: 2015-04-01 15:50:38 UTC

* Fix NULL pointer dereference when reading XPM files with a
  crafted color table as per CVE-2014-2497 (Closes: #744719)
* Fix buffer read overflow when reading invalid GIF files
  as per CVE-2014-9709

Author: Christian T. Steigies
Revision Date: 2015-03-30 21:08:51 UTC

include patch by Martin Kroeker to fix crashes found by Jodie Cunningham

Author: Ondřej Surý
Revision Date: 2015-03-27 16:05:23 UTC

* Pull upstream security bugs from git cvsimported sources, this fixes
  many security bugs (CVE-2014-9330, CVE-2014-8127, CVE-2014-8129,
  CVE-2014-8128, CVE-2014-9655) (Closes: #773987, #776185)
* The tiff package has a new maintainer

Author: Salvatore Bonaccorso
Revision Date: 2015-03-27 13:18:17 UTC

* Non-maintainer upload by the Security Team.
* Add 03_CVE-2014-9706 patch.
  CVE-2014-9706: Don't allow writing to files under .git/ when checking
  out working trees. (Closes: #780989)

Author: Miguel Landaeta
Revision Date: 2015-03-26 20:18:56 UTC

* Team upload.
* Fix FTBFS error by making sure SSL unit tests use TLS protocols.
  - SSLv3 and previous protocols are not secure and deprecated
    in JDK7.
  - Additionally, some X509 certificates provided by upstream expired
    and were causing failures in unit tests as well, so they were
    regenerated. (Closes: #780519).

Author: Guillaume Delacour
Revision Date: 2015-03-25 22:32:45 UTC

CVE-2012-1836 was partially fixed; refresh 03_CVE-2012-1836 patch by
importing 2.0.7 src/dns.cpp changes (Closes: #780880)

Author: Ferenc Wágner
Revision Date: 2015-03-24 08:14:42 UTC

Backport security fix from V2.5.4 for CVE-2015-2684: authenticated
denial of service vulnerability that results in a crash on certain
kinds of malformed SAML messages.

Author: Tony Mancill
Revision Date: 2015-03-24 05:17:00 UTC

* Team upload.
* Add debian/patches/cve_2015_0250.patch to disable external XML entity
  resolution (information disclosure). This addresses CVE-2015-0250.
  (Closes: #780897)

Author: Marcelo Jorge Vieira
Revision Date: 2015-03-22 10:56:18 UTC

Upload to wheezy-security

Author: Romain Francoise
Revision Date: 2015-03-16 20:51:18 UTC

* Cherry-pick changes from upstream Git to fix the following security
  issues:
  + CVE-2015-0261: missing bounds checks in IPv6 Mobility printer.
  + CVE-2015-2153: missing bounds checks in RPKI/RTR printer.
  + CVE-2015-2154: missing bounds checks in ISOCLNS printer.
  + CVE-2015-2155: missing bounds checks in ForCES printer.

Author: Salvatore Bonaccorso
Revision Date: 2015-03-16 13:20:09 UTC

* Non-maintainer upload by the Security Team.
* CVE-2015-0885: Fix denial of service via -- in usernames (Closes: #780139)

Author: Moritz Muehlenhoff
Revision Date: 2015-03-15 20:48:30 UTC

* Integer overflows in BDF font parsing
* NULL pointer deref in BDF font parsing

Author: Jean-Michel Vourgère
Revision Date: 2015-03-14 16:33:09 UTC

* memo_zero_len_multipage: Fix overflow in some memo fields. Thanks to
  lovelytwo@github.
* bin_output_fix: Fix output of binary data. Thanks to tyzhaoqi.

Author: Colin Watson
Revision Date: 2015-03-14 12:56:58 UTC

* Backport from upstream:
  - MATTA-2015-002: Enforce acceptable range for Diffie-Hellman server
    value.
  - Fix an erroneous length field in SSH-1 key load.
  - CVE-2015-2157: Fix failure to clear sensitive private key information
    from memory (closes: #779488).

Author: Salvatore Bonaccorso
Revision Date: 2015-03-12 17:05:28 UTC

* Non-maintainer upload by the Security Team.
* Add CVE-2015-0252.patch patch.
  CVE-2015-0252: Apache Xerces-C XML parser crashes on malformed input.

Author: Moritz Mühlenhoff
Revision Date: 2015-03-06 19:31:14 UTC

CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9660 CVE-2014-9661
CVE-2014-9663 CVE-2014-9664 CVE-2014-9666 CVE-2014-9667 CVE-2014-9669
CVE-2014-9670 CVE-2014-9671 CVE-2014-9672 CVE-2014-9673 CVE-2014-9675