Branches for Gutsy

Author: Luca Falavigna
Revision Date: 2007-10-14 15:41:14 UTC

* Merge from Debian unstable, remaining Ubuntu changes:
  - Add 50_misc_typos.dpatch
  - Remove build-dep on libsnmp*-dev
  - debian/control: Set Ubuntu MOTU as maintainer

Author: Jamie Strandboge
Revision Date: 2007-10-18 14:10:13 UTC

* SECURITY UPDATE: denial of service via multiple HTTPS redirects
* debian/patches/29_SECURITY_LP153697.dpatch: set SSL context and SSL
  connection to NULL in np_net_ssl_cleanup()
* SECURITY UPDATE: denial of service via multiple redirects
* debian/patches/30_SECURITY_LP153703.dpatch: fix off-by-one error to
  re-allocate the proper amount of memory in redir()
* SECURITY UPDATE: denial of service and possible arbitrary code execution
  as the user in check_http.c via crafted Location Header
* debian/patches/CVE-2007-5198.dpatch: previous patch was not complete.
  Patch now reworked to properly validate Location header in redir().
* References
  LP: #153697
  LP: #153703
  CVE-2007-5198
  LP: #152624

Author: Jamie Strandboge
Revision Date: 2007-10-18 14:10:13 UTC

* SECURITY UPDATE: denial of service via multiple HTTPS redirects
* debian/patches/29_SECURITY_LP153697.dpatch: set SSL context and SSL
  connection to NULL in np_net_ssl_cleanup()
* SECURITY UPDATE: denial of service via multiple redirects
* debian/patches/30_SECURITY_LP153703.dpatch: fix off-by-one error to
  re-allocate the proper amount of memory in redir()
* SECURITY UPDATE: denial of service and possible arbitrary code execution
  as the user in check_http.c via crafted Location Header
* debian/patches/CVE-2007-5198.dpatch: previous patch was not complete.
  Patch now reworked to properly validate Location header in redir().
* References
  LP: #153697
  LP: #153703
  CVE-2007-5198
  LP: #152624