[collectd-changes] pkg-collectd: annotated tag "collectd-5.1.0-3+deb7u1" created. collectd-5.1.0-3+deb7u1

Sebastian Harl sh at tokkee.org
Sat Jul 30 00:12:31 CEST 2016


The annotated tag "collectd-5.1.0-3+deb7u1" of project "collectd Debian package"
has been created
        at  4382e4325156904332d40aa0195356499df95284 (tag)
   tagging  f064ae4bed980aba19edc7fbd14e2e5c9406e71c (commit)
  replaces  collectd-5.1.0-3
 tagged by  Sebastian Harl
        on  Sat Jul 30 00:11:55 2016 +0200

- Log -----------------------------------------------------------------
Tagged collectd-5.1.0-3+deb7u1.

collectd (5.1.0-3+deb7u1) wheezy-security; urgency=high

  * debian/patches/CVE-2016-6254.dpatch: Fix heap overflow in the network
    plugin. Emilien Gaspar has identified a heap overflow in parse_packet(),
    the function used by the network plugin to parse incoming network packets.
    Thanks to Florian Forster for reporting the bug in Debian.
    (Closes: #832507, CVE-2016-6254)
  * debian/patches/bts832577-gcry-control.dpatch: Fix improper usage of
    gcry_control. A team of security researchers at Columbia University and
    the University of Virginia discovered that GCrypt's gcry_control is
    sometimes called without checking its return value for an error. This may
    cause the program to be initialized without the desired, secure settings.
    (Closes: #832577)

 -- Sebastian Harl <tokkee at debian.org>  Thu, 28 Jul 2016 20:52:12 +0200
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAABAgAGBQJXm9S5AAoJEMwFfnIvH/zHERoP/0bxYQRXFzKX/rUbzTC3k+hb
dHlLQMW1R9Lx+vhu2qnnHPm2MKv44sdnmWfJ8+aetW21D+FZ3zb6nA2fXOd9ddQ0
DCNqYWnwd310mShiXSSBKwtulm4xDBXfI/KkCU+4TSXHSe60e3c9Xmmulr2kZwjd
V4AO2XocCMdroRgaYq5yZggM/iK9F/CXDDPkLKWNa0kuzKoYFE+aMBrv3IZOPSD5
/jPEwVo5BMgHaRHppiS2pobNTwItwixmTD0qHqeQkPf62yCMUJWOwIeRFSpJeaN8
SmiuIMeUfa6ecVKBuahzweDDDrG9ndHxEJzZUV8oUzUc/uNlfgrSIadM+69opbtl
isyn5a7/4JDf6d0HdldNY9iY+VBu0J8xSkESRN3IPFaI4CqWoL3EUB6FRUvnPkKA
C88Awv+/enKLWJZhwkqqkFORZmmzsrXPofvjku0Iu27BILEhHeVcWfM/hvlwtrXw
x0Ue2CTtXsAMnnJEEw+S/AGNl+CkhjDwusLjPDc01grDBf5DSsyDnTUv1fNiXSdK
6GD9+jzqo8vvCT+Ibszk4vxkGaaU9/KtgVDFq5roamHkI32FhsJf11owO+lsAlKM
XiLYoWP1cvXe2h30rnuPvMPdlYOlLvKeE5fniAMOhGTQgpwxHQpiEODTpj+rVYlP
jjDu3HOAHdJEhwPamQpQ
=6EIx
-----END PGP SIGNATURE-----

Sebastian Harl (3):
      patches/CVE-2016-6254.dpatch: Fix heap overflow in the network plugin.
      patches/bts832577-gcry-control.dpatch: Fix improper usage of gcry_control.
      Release changelog to wheezy-security.

-----------------------------------------------------------------------




More information about the collectd-changes mailing list