Branches for Dapper

Author: Marc Deslauriers
Revision Date: 2011-02-08 15:51:38 UTC

* SECURITY UPDATE: local privilege escalation via alternate config file
  (LP: #697934)
  - debian/patches/80_CVE-2010-4345.dpatch: backport massive behaviour-
    altering changes from upstream git to fix issue.
  - debian/patches/81_CVE-2010-4345-docs.dpatch: backport documentation
    changes.
  - debian/patches/67_unnecessaryCopt.dpatch: Do not use exim's -C option
    in utility scripts. This would not work with ALT_CONFIG_PREFIX.
    Patch obtained from Debian's 4.69-9+lenny2.
  - Build with WHITELIST_D_MACROS=OUTGOING. After this security update,
    exim will not regain root privileges (usually necessary for local
    delivery) if the -D option was used. Macro identifiers listed in
    WHITELIST_D_MACROS are exempted from this restriction. mailscanner
    (4.79.11-2.2) uses -DOUTGOING.
  - Build with TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. After this
    security update, exim will not re-gain root privileges (usually
    necessary for local delivery) if the -C option was used. This makes
    it impossible to start a fully functional damon with an alternate
    configuration file. /etc/exim4/trusted_configs (can) contain a list
    of filenames (one per line, full path given) to which this
    restriction does not apply.
  - debian/exim4-daemon-*.NEWS: Add description of changes. Thanks to
    Debian and Andreas Metzler for the text.
  - CVE-2010-4345
* SECURITY UPDATE: arbitrary file append via symlink attack (LP: #708023)
  - debian/patches/82_CVE-2011-0017.dpatch: check setuid and setgid return
    codes in src/exim.c, src/log.c.
  - CVE-2011-0017
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via hard link to another user's file (LP: #609620)
  - debian/patches/CVE-2010-2023.dpatch: check for links in
    src/transports/appendfile.c.
  - CVE-2010-2023
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via symlink on a lock file (LP: #609620)
  - debian/patches/CVE-2010-2024.dpatch: improve lock file handling in
    src/exim_lock.c, src/transports/appendfile.c.
  - CVE-2010-2024

Author: WanderingVillager
Revision Date: 2005-10-27 21:31:50 UTC

Documentation snapshot for the Wine 0.9 release.

Author: Marc Deslauriers
Revision Date: 2011-02-08 15:51:38 UTC

* SECURITY UPDATE: local privilege escalation via alternate config file
  (LP: #697934)
  - debian/patches/80_CVE-2010-4345.dpatch: backport massive behaviour-
    altering changes from upstream git to fix issue.
  - debian/patches/81_CVE-2010-4345-docs.dpatch: backport documentation
    changes.
  - debian/patches/67_unnecessaryCopt.dpatch: Do not use exim's -C option
    in utility scripts. This would not work with ALT_CONFIG_PREFIX.
    Patch obtained from Debian's 4.69-9+lenny2.
  - Build with WHITELIST_D_MACROS=OUTGOING. After this security update,
    exim will not regain root privileges (usually necessary for local
    delivery) if the -D option was used. Macro identifiers listed in
    WHITELIST_D_MACROS are exempted from this restriction. mailscanner
    (4.79.11-2.2) uses -DOUTGOING.
  - Build with TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. After this
    security update, exim will not re-gain root privileges (usually
    necessary for local delivery) if the -C option was used. This makes
    it impossible to start a fully functional damon with an alternate
    configuration file. /etc/exim4/trusted_configs (can) contain a list
    of filenames (one per line, full path given) to which this
    restriction does not apply.
  - debian/exim4-daemon-*.NEWS: Add description of changes. Thanks to
    Debian and Andreas Metzler for the text.
  - CVE-2010-4345
* SECURITY UPDATE: arbitrary file append via symlink attack (LP: #708023)
  - debian/patches/82_CVE-2011-0017.dpatch: check setuid and setgid return
    codes in src/exim.c, src/log.c.
  - CVE-2011-0017
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via hard link to another user's file (LP: #609620)
  - debian/patches/CVE-2010-2023.dpatch: check for links in
    src/transports/appendfile.c.
  - CVE-2010-2023
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via symlink on a lock file (LP: #609620)
  - debian/patches/CVE-2010-2024.dpatch: improve lock file handling in
    src/exim_lock.c, src/transports/appendfile.c.
  - CVE-2010-2024

Author: Christian Hammers
Revision Date: 2006-01-09 22:09:07 UTC

New upstream release

Author: Alberto Gonzalez Iniesta
Revision Date: 2004-11-08 11:26:33 UTC

* Patched rlogin.c so that calling it as 'netkit-rlogin' will also
  work. (Closes: #279095)
* Changed maintainer email address.

Author: Andrew James Grafham
Revision Date: 2003-03-25 21:36:38 UTC

New upstream release

Author: Riku Voipio
Revision Date: 2005-01-23 12:56:16 UTC

* Fix the version, darn
* Get rid of historic conflict, closes: #160614

Author: Christoph Berg
Revision Date: 2005-11-24 16:21:01 UTC

* miniDBV.dtx/sty: remove isolatin1.sty (Closes: #339863).
* Bump Standards-Version.

Author: Eric Dorland
Revision Date: 2005-10-10 19:42:56 UTC

debian/po/sv.po: Swedish translation from Daniel Nylander. (Closes:
#332550)

Author: Marc Deslauriers
Revision Date: 2010-08-16 13:44:28 UTC

* debian/patches/119_sslinsecurerenegotiation-directive.dpatch: once
  openssl gets updated to fix CVE-2009-3555, server renegotiations with
  unpatched clients will fail. This patch adds the ability to revert to
  the previous unsafe behaviour with a new SSLInsecureRenegotiation
  directive. (LP: #616759)
* debian/control: add specific dependency on first openssl version to get
  CVE-2009-3555 fix.

Author: Martin Pitt
Revision Date: 2006-03-16 11:30:25 UTC

* SECURITY UPDATE: Arbitrary remote code execution with long tftp:// URLs.
* lib/tftp.c: Fix unbounded sprintf() to avoid buffer overflow. Thanks to
  Ulf Harnhammar for discovering this.
* CVE-2006-1061

Author: Marc Deslauriers
Revision Date: 2010-08-20 13:47:29 UTC

* SECURITY UPDATE: arbitrary script injection via multiple cross-site
  scripting issues.
  - debian/patches/103_CVE-2010-2487,2969,2970.patch: properly escape
    strings in MoinMoin/{Page,PageEditor,PageGraphicalEditor}.py,
    MoinMoin/action/*.py.
  - CVE-2010-2487
  - CVE-2010-2969

Author: Marc Deslauriers
Revision Date: 2010-08-20 13:47:29 UTC

* SECURITY UPDATE: arbitrary script injection via multiple cross-site
  scripting issues.
  - debian/patches/103_CVE-2010-2487,2969,2970.patch: properly escape
    strings in MoinMoin/{Page,PageEditor,PageGraphicalEditor}.py,
    MoinMoin/action/*.py.
  - CVE-2010-2487
  - CVE-2010-2969

Author: Sebastian Dröge
Revision Date: 2006-05-14 16:23:00 UTC

* debian/patches/001-attachment-xss-fix.patch:
  + SECURITY: Backported patch from latest upstream version:
    - Fixed cross site scripting issue which could lead to cookie theft etc.
      Thanks to the CAcert Security Team!
  + Thanks to Alexander Schremmer for pointing at this security problem

Author: Martin Pitt
Revision Date: 2006-04-24 11:58:30 UTC

* SECURITY UPDATE: Remote DoS with crafted realms during DIGEST-MD5
  negotiation.
* Add debian/patches/27_upstream_cvs_digest-md5-crash.diff:
  - plugins/digestmd5.c: Check that the provided realm is valid to avoid
    crash.
  - Patch taken from upstream CVS, fixed upstream in 2.1.21:
    https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/
    plugins/digestmd5.c.diff?r1=1.173&r2=1.175&f=u
* CVE-2006-1721

Author: Martin Pitt
Revision Date: 2006-01-27 15:52:14 UTC

debian/rules: Remove pkgstriptranslations call again, buildd magic
already handles that nowadays.

Author: Santiago Vila
Revision Date: 2005-10-21 16:22:40 UTC

* New upstream release.
* Exit status is now 1 when missing files (Closes: #40148, #46403).
  This brings the behaviour in line with the future 2.0 release,
  so if your script breaks, you get to keep both pieces.
* Updated FSF address in copyright file.

Author: John Dong
Revision Date: 2006-12-02 05:40:46 UTC

Automated backport upload; no source changes.

Author: A. Maitland Bottoms
Revision Date: 2006-01-08 10:48:14 UTC

* New upstream release (Closes: #338324)
* support GNU/kFreeBSD in cmake (Closes: #340764)

Author: Aurelien Jarno
Revision Date: 2005-08-27 19:24:02 UTC

* Non-maintainer upload.
* gcc-4.0 fixes (bug #263186).
* Added a patch for GNU/kFreeBSD.

Author: Agustin Martin Domingo
Revision Date: 2005-11-16 14:22:11 UTC

New upstream version

Author: Agustin Martin Domingo
Revision Date: 2005-12-05 13:42:28 UTC

* debian/{control,rules,aspell-eo.{docs,links,info-aspell},debian/aspell/:
  - Build a new aspell-eo package out of the same sources
* debian/compat: raise compat level to 4
* debian/rules, debian/aspell/:
  - Provide basic structure to create an official aspell-eo tarball.
* debian/control:
  - Bumped standards to 3.6.2. No changes needed.
* Updated, improved and fixed docs in the debian dir.

Author: Tollef Fog Heen
Revision Date: 2007-03-11 15:13:16 UTC

Revert from cdrkit commands to cdrtools one (LP# 91180)

Author: Scott James Remnant (Canonical)
Revision Date: 2005-11-08 05:40:06 UTC

Resynchronise with Debian.

Author: Aaron Lehmann
Revision Date: 2004-02-29 13:53:43 UTC

Fix double heartbeat (Closes: #235415)

Author: Matthias Klose
Revision Date: 2005-10-04 13:10:57 UTC

Install saxon versions 651 and 653. Ubuntu 16783.

Author: Kirk Hilliard
Revision Date: 2005-12-09 03:33:25 UTC

Changed umask to 022 to avoid "other writable" pid files.

Author: Brian Nelson
Revision Date: 2006-01-02 20:57:57 UTC

* Rebuilding, which should fix segfaults due to C++ ABI changes
  (Closes: #343060)

* Renamed debian/aspell.overrides to debian/aspell.lintian, and modified
  debian/rules to install it

* Updated FSF address in the copyright files

* debian/aspell.lintian: added "aspell:
  package-has-a-duplicate-relation"

* debian/patches/02_u-deva_common_data.dpatch: new patch to add
  u-deva.cset and u-deva.cmap data files, needed by aspell-hi and
  aspell-mr

* debian/control: have aspell replace versions of aspell-hi and
  aspell-mr that contained the u-deva files

Author: Ralf Treinen
Revision Date: 2006-01-07 10:11:15 UTC

* Bumped (Build-)dependency on ocaml to 3.09.1
* New uploader Sylvain Le Gall <gildor@debian.org>
* Automate update of debian/control.

Author: Guus Sliepen
Revision Date: 2005-10-17 00:48:26 UTC

Move scripts from if-pre-up and if-post-down to if-up and if-down.

Author: Martin Pitt
Revision Date: 2006-04-27 19:50:38 UTC

Bump libfile-rsyncp-perl and rsync from Suggests: to Depends: to make the
package work out of the box in a nice way. Thanks to Christian Bjälevik
<nafallo@magicalforest.se> for the suggestion.

Author: Marc Deslauriers
Revision Date: 2011-01-11 17:42:12 UTC

* SECURITY UPDATE: directory traversal via crafted LoadPlugin directory
  - debian/patches/3000_CVE-2010-4369.patch: properly sanitize plugin
    name in wwwroot/cgi-bin/awstats.pl.
  - CVE-2010-4369

Author: Marc Deslauriers
Revision Date: 2011-01-11 17:42:12 UTC

* SECURITY UPDATE: directory traversal via crafted LoadPlugin directory
  - debian/patches/3000_CVE-2010-4369.patch: properly sanitize plugin
    name in wwwroot/cgi-bin/awstats.pl.
  - CVE-2010-4369

Author: Marc Deslauriers
Revision Date: 2010-12-08 10:39:39 UTC

* SECURITY UPDATE: message forgery and privilege escalation via
  unacceptable checksums
  - src/lib/crypto/krb/dk/derive.c, src/lib/crypto/krb/keyed_checksum_types.c,
    src/lib/krb5/krb/mk_safe.c, src/lib/krb5/krb/preauth2.c,
    src/plugins/preauth/pkinit/pkinit_srv.c: patched inline, thanks to
    upstream.
  - CVE-2010-1323
  - MITKRB5-SA-2010-007

Author: Marc Deslauriers
Revision Date: 2010-12-08 10:39:39 UTC

* SECURITY UPDATE: message forgery and privilege escalation via
  unacceptable checksums
  - src/lib/crypto/krb/dk/derive.c, src/lib/crypto/krb/keyed_checksum_types.c,
    src/lib/krb5/krb/mk_safe.c, src/lib/krb5/krb/preauth2.c,
    src/plugins/preauth/pkinit/pkinit_srv.c: patched inline, thanks to
    upstream.
  - CVE-2010-1323
  - MITKRB5-SA-2010-007

Author: Steve Beattie
Revision Date: 2010-12-03 13:15:15 UTC

* SECURITY UPDATE: ciphersuite downgrade vulnerability
  - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
    cipher suite bug
  - http://openssl.org/news/secadv_20101202.txt
  - CVE-2010-4180

Author: Steve Beattie
Revision Date: 2010-12-03 13:15:15 UTC

* SECURITY UPDATE: ciphersuite downgrade vulnerability
  - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
    cipher suite bug
  - http://openssl.org/news/secadv_20101202.txt
  - CVE-2010-4180

Author: Marc Deslauriers
Revision Date: 2010-11-26 12:54:23 UTC

* SECURITY UPDATE: denial of service via ncache entry and a rrsig for the
  same type
  - lib/dns/rbtdb.c: properly mark existing RRSIG records as stale. Also
    required backport of change #1997.
  - CVE-2010-3613
* SECURITY UPDATE: answers incorrectly marked as insecure during key
  algorithm rollover
  - lib/dns/include/dns/types.h, lib/dns/validator.c: improve logic.
  - CVE-2010-3614

Author: Marc Deslauriers
Revision Date: 2010-11-26 12:54:23 UTC

* SECURITY UPDATE: denial of service via ncache entry and a rrsig for the
  same type
  - lib/dns/rbtdb.c: properly mark existing RRSIG records as stale. Also
    required backport of change #1997.
  - CVE-2010-3613
* SECURITY UPDATE: answers incorrectly marked as insecure during key
  algorithm rollover
  - lib/dns/include/dns/types.h, lib/dns/validator.c: improve logic.
  - CVE-2010-3614

Author: Marc Deslauriers
Revision Date: 2010-11-09 14:10:41 UTC

* SECURITY UPDATE: denial of service via joins involving a table with a
  unique SET column
  - debian/patches/113_SECURITY_CVE-2010-3677.dpatch: improve logic in
    sql/item_cmpfunc.cc. Add tests to mysql-test/*.
  - CVE-2010-3677
* SECURITY UPDATE: denial of service via TEMPORARY InnoDB tables with
  nullable columns
  - debian/patches/113_SECURITY_CVE-2010-3680.dpatch: check for null
    datatype in sql/ha_innodb.cc. Add tests to mysql-test/*.
  - CVE-2010-3680
* SECURITY UPDATE: denial of service via alternate reads from two indexes
  on a table using the HANDLER interface
  - debian/patches/113_SECURITY_CVE-2010-3681.dpatch: check for the same
    index in sql/sql_handler.cc. Add tests to mysql-test/*.
  - CVE-2010-3681
* SECURITY UPDATE: denial of service via use of EXPLAIN with certain
  queries
  - debian/patches/113_SECURITY_CVE-2010-3682.dpatch: improve conditional
    in sql/sql_select.cc. Add tests to mysql-test/*.
  - CVE-2010-3682
* SECURITY UPDATE: denial of service via derived table materializing.
  - debian/patches/113_SECURITY_CVE-2010-3834.dpatch: handle temporary
    tables in sql/field.cc, sql/sql_select.*. Add tests to mysql-test/*.
  - CVE-2010-3834
* SECURITY UPDATE: denial of service via pre-evaluation of LIKE
  predicates during view preparation.
  - debian/patches/113_SECURITY_CVE-2010-3836.dpatch: make sure we're not
    in view preparation mode in sql/item_cmpfunc.cc. Add tests to
    mysql-test/*.
  - CVE-2010-3836
* SECURITY UPDATE: denial of service via use of GROUP_CONCAT() and
  WITH ROLLUP together.
  - debian/patches/113_SECURITY_CVE-2010-3837.dpatch: create a copy of
    the order structures in sql/item_sum.cc, sql/table.h. Add tests to
    mysql-test/*.
  - CVE-2010-3837
* SECURITY UPDATE: denial of service via longblob and union or update
  with subquery.
  - debian/patches/113_SECURITY_CVE-2010-3838.dpatch: handle REAL_RESULT
    in sql/item_func.cc. Add tests to mysql-test/*.
  - CVE-2010-3838
* SECURITY UPDATE: denial of service via PolyFromWKB() function and
  improper data.
  - debian/patches/113_SECURITY_CVE-2010-3840.dpatch: improve data
    handling in sql/spatial.cc. Add tests to mysql-test/*.
  - CVE-2010-3840

Author: Marc Deslauriers
Revision Date: 2010-11-09 14:10:41 UTC

* SECURITY UPDATE: denial of service via joins involving a table with a
  unique SET column
  - debian/patches/113_SECURITY_CVE-2010-3677.dpatch: improve logic in
    sql/item_cmpfunc.cc. Add tests to mysql-test/*.
  - CVE-2010-3677
* SECURITY UPDATE: denial of service via TEMPORARY InnoDB tables with
  nullable columns
  - debian/patches/113_SECURITY_CVE-2010-3680.dpatch: check for null
    datatype in sql/ha_innodb.cc. Add tests to mysql-test/*.
  - CVE-2010-3680
* SECURITY UPDATE: denial of service via alternate reads from two indexes
  on a table using the HANDLER interface
  - debian/patches/113_SECURITY_CVE-2010-3681.dpatch: check for the same
    index in sql/sql_handler.cc. Add tests to mysql-test/*.
  - CVE-2010-3681
* SECURITY UPDATE: denial of service via use of EXPLAIN with certain
  queries
  - debian/patches/113_SECURITY_CVE-2010-3682.dpatch: improve conditional
    in sql/sql_select.cc. Add tests to mysql-test/*.
  - CVE-2010-3682
* SECURITY UPDATE: denial of service via derived table materializing.
  - debian/patches/113_SECURITY_CVE-2010-3834.dpatch: handle temporary
    tables in sql/field.cc, sql/sql_select.*. Add tests to mysql-test/*.
  - CVE-2010-3834
* SECURITY UPDATE: denial of service via pre-evaluation of LIKE
  predicates during view preparation.
  - debian/patches/113_SECURITY_CVE-2010-3836.dpatch: make sure we're not
    in view preparation mode in sql/item_cmpfunc.cc. Add tests to
    mysql-test/*.
  - CVE-2010-3836
* SECURITY UPDATE: denial of service via use of GROUP_CONCAT() and
  WITH ROLLUP together.
  - debian/patches/113_SECURITY_CVE-2010-3837.dpatch: create a copy of
    the order structures in sql/item_sum.cc, sql/table.h. Add tests to
    mysql-test/*.
  - CVE-2010-3837
* SECURITY UPDATE: denial of service via longblob and union or update
  with subquery.
  - debian/patches/113_SECURITY_CVE-2010-3838.dpatch: handle REAL_RESULT
    in sql/item_func.cc. Add tests to mysql-test/*.
  - CVE-2010-3838
* SECURITY UPDATE: denial of service via PolyFromWKB() function and
  improper data.
  - debian/patches/113_SECURITY_CVE-2010-3840.dpatch: improve data
    handling in sql/spatial.cc. Add tests to mysql-test/*.
  - CVE-2010-3840

Author: Jamie Strandboge
Revision Date: 2010-11-08 12:56:54 UTC

* SECURITY UPDATE: fix invalid memory read by fixing the semantic of XPath
  axis for namespace/attribute context nodes
  - http://git.gnome.org/browse/libxml2/patch/?id=91d19754d46acd4a639a8b9e31f50f31c78f8c9c
  - http://git.gnome.org/browse/libxml2/patch/?id=ea90b894146030c214a7df6d8375310174f134b9
  - CVE-2010-4008

Author: Jamie Strandboge
Revision Date: 2010-11-08 12:56:54 UTC

* SECURITY UPDATE: fix invalid memory read by fixing the semantic of XPath
  axis for namespace/attribute context nodes
  - http://git.gnome.org/browse/libxml2/patch/?id=91d19754d46acd4a639a8b9e31f50f31c78f8c9c
  - http://git.gnome.org/browse/libxml2/patch/?id=ea90b894146030c214a7df6d8375310174f134b9
  - CVE-2010-4008

Author: Marc Deslauriers
Revision Date: 2010-11-02 15:17:07 UTC

* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via libXft overflow.
  - debian/patches/425-CVE-2010-3311.patch: correctly validate position
    in src/base/ftstream.c.
  - CVE-2010-3311
* SECURITY UPDATE: denial of service and possible code execution via
  TrueType GX font
  - debian/patches/426-CVE-2010-3855.patch: add bounds checks to
    src/truetype/ttgxvar.c.
  - CVE-2010-3855

Author: Marc Deslauriers
Revision Date: 2010-11-02 15:17:07 UTC

* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via libXft overflow.
  - debian/patches/425-CVE-2010-3311.patch: correctly validate position
    in src/base/ftstream.c.
  - CVE-2010-3311
* SECURITY UPDATE: denial of service and possible code execution via
  TrueType GX font
  - debian/patches/426-CVE-2010-3855.patch: add bounds checks to
    src/truetype/ttgxvar.c.
  - CVE-2010-3855

Author: Marc Deslauriers
Revision Date: 2010-10-13 16:45:03 UTC

* SECURITY UPDATE: possible arbitrary code execution via malformed PDF
  - debian/patches/106_security_CVE-2010-3702.patch: properly initialize
    parser in poppler/Gfx.cc.
  - CVE-2010-3702
* SECURITY UPDATE: possible arbitrary code execution via malformed PDF
  - debian/patches/107_security_CVE-2010-3704.patch: make sure code isn't
    < 0 in fofi/FoFiType1.cc.
  - CVE-2010-3704

Author: Marc Deslauriers
Revision Date: 2010-10-13 16:45:03 UTC

* SECURITY UPDATE: possible arbitrary code execution via malformed PDF
  - debian/patches/106_security_CVE-2010-3702.patch: properly initialize
    parser in poppler/Gfx.cc.
  - CVE-2010-3702
* SECURITY UPDATE: possible arbitrary code execution via malformed PDF
  - debian/patches/107_security_CVE-2010-3704.patch: make sure code isn't
    < 0 in fofi/FoFiType1.cc.
  - CVE-2010-3704

Author: Marc Deslauriers
Revision Date: 2010-09-23 14:48:20 UTC

* SECURITY UPDATE: unprivileged logical volume manipulation with clvmd
  - daemons/clvmd/{clvm.h,clvmd.c}: revert to using a pathname-based
    socket in order to enforce correct permissions.
  - http://patch-tracker.debian.org/patch/series/view/lvm2/2.02.39-8/CVE-2010-2526.patch
  - CVE-2010-2526

Author: Michael Vogt
Revision Date: 2006-05-29 08:34:08 UTC

debian/dirs: /etc/apt.conf.d -> /etc/apt/apt.conf.d (Ubuntu: #44172)

Author: Marc Deslauriers
Revision Date: 2010-09-23 14:48:20 UTC

* SECURITY UPDATE: unprivileged logical volume manipulation with clvmd
  - daemons/clvmd/{clvm.h,clvmd.c}: revert to using a pathname-based
    socket in order to enforce correct permissions.
  - http://patch-tracker.debian.org/patch/series/view/lvm2/2.02.39-8/CVE-2010-2526.patch
  - CVE-2010-2526

Author: Jamie Strandboge
Revision Date: 2010-09-15 15:46:13 UTC

SECURITY UPDATE: no change rebuild to use the new statically linked libbz2
which fixed CVE-2010-0405

Author: Jamie Strandboge
Revision Date: 2010-09-15 15:46:13 UTC

SECURITY UPDATE: no change rebuild to use the new statically linked libbz2
which fixed CVE-2010-0405

Author: Jamie Strandboge
Revision Date: 2010-09-15 13:25:14 UTC

SECURITY UPDATE: no change rebuild to use the new statically linked libbz2
which fixed CVE-2010-0405

Author: Jamie Strandboge
Revision Date: 2010-09-15 13:25:14 UTC

SECURITY UPDATE: no change rebuild to use the new statically linked libbz2
which fixed CVE-2010-0405

Author: Jamie Strandboge
Revision Date: 2010-09-09 10:18:04 UTC

* SECURITY UPDATE: fix integer overflow in BZ2_decompress()
  - decompress.c: return error if N is larger than 2*1024^2 which keeps es
    from overflowing but leaves enough room for the 900k maximum value of
    the RUNA/RUNB encoding
  - patch from upstream
  - CVE-2010-0405

Author: Jamie Strandboge
Revision Date: 2010-09-09 10:18:04 UTC

* SECURITY UPDATE: fix integer overflow in BZ2_decompress()
  - decompress.c: return error if N is larger than 2*1024^2 which keeps es
    from overflowing but leaves enough room for the 900k maximum value of
    the RUNA/RUNB encoding
  - patch from upstream
  - CVE-2010-0405

Author: Marc Deslauriers
Revision Date: 2010-09-01 11:40:38 UTC

* SECURITY UPDATE: arbitrary file overwrite via 3xx redirect
  - debian/patches/CVE-2010-2252.dpatch: don't use server names in
    doc/wget.texi, src/{http.c,init.c,main.c,options.h,retr.*}.
  - This update changes previous behaviour by ignoring the filename
    supplied by the server during redirects. To re-enable previous
    behaviour, see the new --trust-server-names option.
  - CVE-2010-2252

Author: Marc Deslauriers
Revision Date: 2010-09-01 11:40:38 UTC

* SECURITY UPDATE: arbitrary file overwrite via 3xx redirect
  - debian/patches/CVE-2010-2252.dpatch: don't use server names in
    doc/wget.texi, src/{http.c,init.c,main.c,options.h,retr.*}.
  - This update changes previous behaviour by ignoring the filename
    supplied by the server during redirects. To re-enable previous
    behaviour, see the new --trust-server-names option.
  - CVE-2010-2252

Author: Marc Deslauriers
Revision Date: 2010-08-27 14:42:25 UTC

* SECURITY UPDATE: arbitrary file overwrite via dot file download
  - bin/lwp-download: reject filenames that start with a dot.
  - CVE-2010-2253

Author: Marc Deslauriers
Revision Date: 2010-08-27 14:42:25 UTC

* SECURITY UPDATE: arbitrary file overwrite via dot file download
  - bin/lwp-download: reject filenames that start with a dot.
  - CVE-2010-2253

Author: Marc Deslauriers
Revision Date: 2010-08-12 08:37:24 UTC

* SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
  - apps/{s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
    ssl/{d1_both,d1_clnt,d1_srvr,s23_clnt,s3_both,s3_clnt,s3_pkt,s3_srvr,
    ssl_err,ssl_lib,t1_lib,t1_reneg}.c, ssl/Makefile, ssl/{ssl3,ssl,
    ssl_locl,tls1}.h: add rfc5746 support. Patch backport thanks to
    Red Hat.
  - CVE-2009-3555

Author: Steve Beattie
Revision Date: 2010-08-02 12:23:20 UTC

* SECURITY UPDATE: perform certificate host validation
  - debian/patches/60-w3m-0.5.2-CVE-2010-2074-nulcn.diff: handle a '\0'
    character in a domain name in the CN and SAN, applied inline
  - 70-w3m-0.5.2-disable_sslv2.diff: disable SSLv2 by default,
    applied inline
  - CVE-2010-2074
  - References
    http://www.openwall.com/lists/oss-security/2010/06/14/4

Author: Steve Beattie
Revision Date: 2010-08-02 12:23:20 UTC

* SECURITY UPDATE: perform certificate host validation
  - debian/patches/60-w3m-0.5.2-CVE-2010-2074-nulcn.diff: handle a '\0'
    character in a domain name in the CN and SAN, applied inline
  - 70-w3m-0.5.2-disable_sslv2.diff: disable SSLv2 by default,
    applied inline
  - CVE-2010-2074
  - References
    http://www.openwall.com/lists/oss-security/2010/06/14/4

Author: Steve Beattie
Revision Date: 2010-07-29 16:25:34 UTC

* SECURITY UPDATE: null ptr deref, free uninitialized data in modrdn calls
  - servers/slapd/modrdn.c: check return for errors and clean up uninitialized data
  - servers/slapd/dn.c: return error on 0-length or binary RDNs
  - servers/slapd/schema_init.c: return error on invalid syntax
  - References
    CVE-2010-0211, CVE-2010-0212
    http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/modrdn.c.diff?r1=1.170.2.7&r2=1.170.2.8
    http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/dn.c.diff?r1=1.182.2.15&r2=1.182.2.16
    http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/schema_init.c.diff?r1=1.386.2.39&r2=1.386.2.40

Author: Steve Beattie
Revision Date: 2010-07-29 16:25:34 UTC

* SECURITY UPDATE: null ptr deref, free uninitialized data in modrdn calls
  - servers/slapd/modrdn.c: check return for errors and clean up uninitialized data
  - servers/slapd/dn.c: return error on 0-length or binary RDNs
  - servers/slapd/schema_init.c: return error on invalid syntax
  - References
    CVE-2010-0211, CVE-2010-0212
    http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/modrdn.c.diff?r1=1.170.2.7&r2=1.170.2.8
    http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/dn.c.diff?r1=1.182.2.15&r2=1.182.2.16
    http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/schema_init.c.diff?r1=1.386.2.39&r2=1.386.2.40

Author: Marc Deslauriers
Revision Date: 2010-07-05 13:19:22 UTC

* SECURITY UPDATE: arbitrary code execution from additional data row via
  malformed PNG image
  - pngpread.c: check for unexpected data after the last row.
  - patch backported from 1.2.44
  - CVE-2010-1205
* SECURITY UPDATE: denial of service via memory leak from malformed sCAL
  chunks
  - pngrutil.c: properly free memory
  - patch backported from 1.2.44
  - CVE-2010-2249

Author: Marc Deslauriers
Revision Date: 2010-07-05 13:19:22 UTC

* SECURITY UPDATE: arbitrary code execution from additional data row via
  malformed PNG image
  - pngpread.c: check for unexpected data after the last row.
  - patch backported from 1.2.44
  - CVE-2010-1205
* SECURITY UPDATE: denial of service via memory leak from malformed sCAL
  chunks
  - pngrutil.c: properly free memory
  - patch backported from 1.2.44
  - CVE-2010-2249

Author: Martin Pool
Revision Date: 2010-07-02 04:56:44 UTC

bzr PPA rebuild onto dapper.

Author: Martin Pool
Revision Date: 2010-06-30 07:56:06 UTC

remove unnecessary copy of bzr.postinst

Author: Jamie Strandboge
Revision Date: 2010-06-18 14:11:17 UTC

* SECURITY UPDATE: properly handle multiple PATH variables when using
  secure_path in env.c
  - http://www.sudo.ws/repos/sudo/raw-rev/3057fde43cf0
  - CVE-2010-1646

Author: Jamie Strandboge
Revision Date: 2010-06-18 14:11:17 UTC

* SECURITY UPDATE: properly handle multiple PATH variables when using
  secure_path in env.c
  - http://www.sudo.ws/repos/sudo/raw-rev/3057fde43cf0
  - CVE-2010-1646

Author: Jamie Strandboge
Revision Date: 2010-06-10 17:20:05 UTC

* SECURITY UPDATE: fix buffer overflow via long URL
  - patch thanks to Debian
  - CVE-2009-3700
* SECURITY UPDATE: fix buffer overflows for URLs with specific lengths and
  redirect URL
  - patch thanks to Debian
  - CVE-2009-3826

Author: Jamie Strandboge
Revision Date: 2010-06-10 17:20:05 UTC

* SECURITY UPDATE: fix buffer overflow via long URL
  - patch thanks to Debian
  - CVE-2009-3700
* SECURITY UPDATE: fix buffer overflows for URLs with specific lengths and
  redirect URL
  - patch thanks to Debian
  - CVE-2009-3826

Author: Jamie Strandboge
Revision Date: 2010-06-02 15:25:32 UTC

* SECURITY UPDATE: fix potential DoS in certificate verification
  - debian/patches/92_CVE-2006-7239.diff: update to verify hash
    algorithm is supported and not NULL
  - CVE-2006-7239

Author: Jamie Strandboge
Revision Date: 2010-06-02 15:25:32 UTC

* SECURITY UPDATE: fix potential DoS in certificate verification
  - debian/patches/92_CVE-2006-7239.diff: update to verify hash
    algorithm is supported and not NULL
  - CVE-2006-7239

Author: Kees Cook
Revision Date: 2010-05-19 16:59:53 UTC

* SECURITY UPDATE: integer overflow in strfmon() might lead to arbitrary
  code execution.
  - debian/patches/any/git-strfmon-overflow.dpatch: backport from upstream.
  - CVE-2008-1391
* SECURITY UPDATE: newlines not escaped in /etc/mtab.
  - debian/patches/any/git-mntent-newline-escape.dpatch: upstream fixes.
  - CVE-2010-0296
* SECURITY UPDATE: arbitrary code execution from ELF headers (LP: #542197).
  - debian/patches/any/git-fix-dtag-cast.dpatch: upstream fixes.
  - CVE-2010-0830
* debian/patches/any/git-readdir-padding.dpatch: fix readdir padding when
  processing getdents64() in a 32-bit execution environment (LP: #392501).

Author: Kees Cook
Revision Date: 2010-05-19 16:59:53 UTC

* SECURITY UPDATE: integer overflow in strfmon() might lead to arbitrary
  code execution.
  - debian/patches/any/git-strfmon-overflow.dpatch: backport from upstream.
  - CVE-2008-1391
* SECURITY UPDATE: newlines not escaped in /etc/mtab.
  - debian/patches/any/git-mntent-newline-escape.dpatch: upstream fixes.
  - CVE-2010-0296
* SECURITY UPDATE: arbitrary code execution from ELF headers (LP: #542197).
  - debian/patches/any/git-fix-dtag-cast.dpatch: upstream fixes.
  - CVE-2010-0830
* debian/patches/any/git-readdir-padding.dpatch: fix readdir padding when
  processing getdents64() in a 32-bit execution environment (LP: #392501).

Author: Brandon Holtsclaw
Revision Date: 2010-04-28 23:49:20 UTC

Packaging only changes to facilitate backporting

Author: Artur Rona
Revision Date: 2010-04-11 02:16:47 UTC

* SECURITY UPDATE: Insufficient output sanitizing when generating
  configuration file (LP: #387215).
  - debian/patches/051_CVE-2009-1151.patch: Do not output unescaped
    chars to generated configuration file. Patch from upstream SVN revision
    12301.
  - References:
    + CVE-2009-1151
    + PMASA-2009-3
* removed unused debian/patches/series file

Author: Artur Rona
Revision Date: 2010-04-11 02:16:47 UTC

* SECURITY UPDATE: Insufficient output sanitizing when generating
  configuration file (LP: #387215).
  - debian/patches/051_CVE-2009-1151.patch: Do not output unescaped
    chars to generated configuration file. Patch from upstream SVN revision
    12301.
  - References:
    + CVE-2009-1151
    + PMASA-2009-3
* removed unused debian/patches/series file

Author: Martin Pitt
Revision Date: 2010-04-07 19:25:03 UTC

* New upstream bug fix release: (LP: #557408)
  - Add new configuration parameter ssl_renegotiation_limit to control
    how often we do session key renegotiation for an SSL connection.
    This can be set to zero to disable renegotiation completely, which
    may be required if a broken SSL library is used. In particular,
    some vendors are shipping stopgap patches for CVE-2009-3555 that
    cause renegotiation attempts to fail.
  - Fix possible crashes when trying to recover from a failure in
    subtransaction start.
  - Fix server memory leak associated with use of savepoints and a
    client encoding different from server's encoding.
  - Make substring() for bit types treat any negative length as meaning
    "all the rest of the string".
    The previous coding treated only -1 that way, and would produce an
    invalid result value for other negative values, possibly leading to
    a crash (CVE-2010-0442).
  - Fix integer-to-bit-string conversions to handle the first
    fractional byte correctly when the output bit width is wider than
    the given integer by something other than a multiple of 8 bits.
  - Fix some cases of pathologically slow regular expression matching.
  - Fix the STOP WAL LOCATION entry in backup history files to report
    the next WAL segment's name when the end location is exactly at a
    segment boundary.
  - Fix some more cases of temporary-file leakage.
    This corrects a problem introduced in the previous minor release.
    One case that failed is when a plpgsql function returning set is
    called within another function's exception handler.
  - When reading "pg_hba.conf" and related files, do not treat
    @something as a file inclusion request if the @ appears inside
    quote marks; also, never treat @ by itself as a file inclusion
    request.
    This prevents erratic behavior if a role or database name starts
    with @. If you need to include a file whose path name contains
    spaces, you can still do so, but you must write @"/path to/file"
    rather than putting the quotes around the whole construct.
  - Prevent infinite loop on some platforms if a directory is named as
    an inclusion target in "pg_hba.conf" and related files.
  - Fix psql's numericlocale option to not format strings it shouldn't
    in latex and troff output formats.
  - Fix plpgsql failure in one case where a composite column is set to
    NULL.
  - Add volatile markings in PL/Python to avoid possible
    compiler-specific misbehavior.
  - Prevent crash in "contrib/dblink" when too many key columns are
    specified to a dblink_build_sql_- function.
  - Fix assorted crashes in "contrib/xml2" caused by sloppy memory
    management.

Author: Martin Pitt
Revision Date: 2010-04-07 19:25:03 UTC

* New upstream bug fix release: (LP: #557408)
  - Add new configuration parameter ssl_renegotiation_limit to control
    how often we do session key renegotiation for an SSL connection.
    This can be set to zero to disable renegotiation completely, which
    may be required if a broken SSL library is used. In particular,
    some vendors are shipping stopgap patches for CVE-2009-3555 that
    cause renegotiation attempts to fail.
  - Fix possible crashes when trying to recover from a failure in
    subtransaction start.
  - Fix server memory leak associated with use of savepoints and a
    client encoding different from server's encoding.
  - Make substring() for bit types treat any negative length as meaning
    "all the rest of the string".
    The previous coding treated only -1 that way, and would produce an
    invalid result value for other negative values, possibly leading to
    a crash (CVE-2010-0442).
  - Fix integer-to-bit-string conversions to handle the first
    fractional byte correctly when the output bit width is wider than
    the given integer by something other than a multiple of 8 bits.
  - Fix some cases of pathologically slow regular expression matching.
  - Fix the STOP WAL LOCATION entry in backup history files to report
    the next WAL segment's name when the end location is exactly at a
    segment boundary.
  - Fix some more cases of temporary-file leakage.
    This corrects a problem introduced in the previous minor release.
    One case that failed is when a plpgsql function returning set is
    called within another function's exception handler.
  - When reading "pg_hba.conf" and related files, do not treat
    @something as a file inclusion request if the @ appears inside
    quote marks; also, never treat @ by itself as a file inclusion
    request.
    This prevents erratic behavior if a role or database name starts
    with @. If you need to include a file whose path name contains
    spaces, you can still do so, but you must write @"/path to/file"
    rather than putting the quotes around the whole construct.
  - Prevent infinite loop on some platforms if a directory is named as
    an inclusion target in "pg_hba.conf" and related files.
  - Fix psql's numericlocale option to not format strings it shouldn't
    in latex and troff output formats.
  - Fix plpgsql failure in one case where a composite column is set to
    NULL.
  - Add volatile markings in PL/Python to avoid possible
    compiler-specific misbehavior.
  - Prevent crash in "contrib/dblink" when too many key columns are
    specified to a dblink_build_sql_- function.
  - Fix assorted crashes in "contrib/xml2" caused by sloppy memory
    management.

Author: Adam Conrad
Revision Date: 2006-05-08 14:07:51 UTC

* Merge new upstream version from Debian, UVF exception approved by mdz.
* Very (very, very) carefully merge our Java-related changes with Debian's
  rather different Java changes to produce something that should work.
* Create a python2.4-subversion transitional package to smooth upgrades.

Author: Jamie Strandboge
Revision Date: 2010-03-29 17:18:51 UTC

no change rebuild against clamav 0.95

Author: Jamie Strandboge
Revision Date: 2010-03-29 17:18:51 UTC

no change rebuild against clamav 0.95

Author: Jamie Strandboge
Revision Date: 2010-03-29 16:22:44 UTC

no change rebuild against clamav 0.95

Author: Jamie Strandboge
Revision Date: 2010-03-29 16:22:44 UTC

no change rebuild against clamav 0.95

Author: Jamie Strandboge
Revision Date: 2010-03-29 16:21:33 UTC

no change rebuild against clamav 0.95

Author: Jamie Strandboge
Revision Date: 2010-03-29 16:21:33 UTC

no change rebuild against clamav 0.95

Author: Jamie Strandboge
Revision Date: 2010-03-29 16:20:38 UTC

no change rebuild against clamav 0.95

Author: Jamie Strandboge
Revision Date: 2010-03-29 16:20:38 UTC

no change rebuild against clamav 0.95

Author: Jamie Strandboge
Revision Date: 2010-03-29 16:15:30 UTC

no change rebuild against clamav 0.95

Author: Jamie Strandboge
Revision Date: 2010-03-29 16:15:30 UTC

no change rebuild against clamav 0.95

Author: Jamie Strandboge
Revision Date: 2010-03-29 16:14:15 UTC

no change rebuild against clamav 0.95

Author: Jamie Strandboge
Revision Date: 2010-03-29 16:14:15 UTC

no change rebuild against clamav 0.95

Author: Jamie Strandboge
Revision Date: 2010-03-29 16:01:54 UTC

no change rebuild against clamav 0.95

Author: Jamie Strandboge
Revision Date: 2010-03-29 16:01:54 UTC

no change rebuild against clamav 0.95

Author: Stefan Lesicnik
Revision Date: 2010-03-03 10:22:05 UTC

* SECURITY UPDATE: Heap-based buffer overflow in msadpcm.c in libaudiofile
  in audiofile 0.2.6 allows context-dependent attackers to cause a denial
  of service (application crash) or possibly execute arbitrary code via a
  crafted WAV file. (LP: #527033)
  - debian/patches/22_CVE-2008-5824.dpatch: Fix buffer overflow when
    decompressing MS ADPCM .wav files.
  - CVE-2008-5824

Author: root
Revision Date: 2010-03-15 19:35:40 UTC

[ Stefan Lesicnik ]
* SECURITY UPDATE: Denial of service (application crash) or possibly
  execute arbitrary code via a crafted WAV file. (LP: #527033)
  - src/adjust.c: Fix buffer overflows in
    case of compressed WAV files.
  - Patch from Debian applied inline.
  - CVE-2008-5824

[ root ]
* GNU config automated update: config.sub (20050210 to 20050708),
  config.guess (20050324 to 20050803)

Author: Stefan Lesicnik
Revision Date: 2010-03-03 10:22:05 UTC

* SECURITY UPDATE: Heap-based buffer overflow in msadpcm.c in libaudiofile
  in audiofile 0.2.6 allows context-dependent attackers to cause a denial
  of service (application crash) or possibly execute arbitrary code via a
  crafted WAV file. (LP: #527033)
  - debian/patches/22_CVE-2008-5824.dpatch: Fix buffer overflow when
    decompressing MS ADPCM .wav files.
  - CVE-2008-5824