[collectd-changes] pkg-collectd: annotated tag "collectd-5.1.0-3+deb7u1" created. collectd-5.1.0-3+deb7u1
Sebastian Harl
sh at tokkee.org
Sat Jul 30 00:12:31 CEST 2016
The annotated tag "collectd-5.1.0-3+deb7u1" of project "collectd Debian package"
has been created
at 4382e4325156904332d40aa0195356499df95284 (tag)
tagging f064ae4bed980aba19edc7fbd14e2e5c9406e71c (commit)
replaces collectd-5.1.0-3
tagged by Sebastian Harl
on Sat Jul 30 00:11:55 2016 +0200
- Log -----------------------------------------------------------------
Tagged collectd-5.1.0-3+deb7u1.
collectd (5.1.0-3+deb7u1) wheezy-security; urgency=high
* debian/patches/CVE-2016-6254.dpatch: Fix heap overflow in the network
plugin. Emilien Gaspar has identified a heap overflow in parse_packet(),
the function used by the network plugin to parse incoming network packets.
Thanks to Florian Forster for reporting the bug in Debian.
(Closes: #832507, CVE-2016-6254)
* debian/patches/bts832577-gcry-control.dpatch: Fix improper usage of
gcry_control. A team of security researchers at Columbia University and
the University of Virginia discovered that GCrypt's gcry_control is
sometimes called without checking its return value for an error. This may
cause the program to be initialized without the desired, secure settings.
(Closes: #832577)
-- Sebastian Harl <tokkee at debian.org> Thu, 28 Jul 2016 20:52:12 +0200
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJXm9S5AAoJEMwFfnIvH/zHERoP/0bxYQRXFzKX/rUbzTC3k+hb
dHlLQMW1R9Lx+vhu2qnnHPm2MKv44sdnmWfJ8+aetW21D+FZ3zb6nA2fXOd9ddQ0
DCNqYWnwd310mShiXSSBKwtulm4xDBXfI/KkCU+4TSXHSe60e3c9Xmmulr2kZwjd
V4AO2XocCMdroRgaYq5yZggM/iK9F/CXDDPkLKWNa0kuzKoYFE+aMBrv3IZOPSD5
/jPEwVo5BMgHaRHppiS2pobNTwItwixmTD0qHqeQkPf62yCMUJWOwIeRFSpJeaN8
SmiuIMeUfa6ecVKBuahzweDDDrG9ndHxEJzZUV8oUzUc/uNlfgrSIadM+69opbtl
isyn5a7/4JDf6d0HdldNY9iY+VBu0J8xSkESRN3IPFaI4CqWoL3EUB6FRUvnPkKA
C88Awv+/enKLWJZhwkqqkFORZmmzsrXPofvjku0Iu27BILEhHeVcWfM/hvlwtrXw
x0Ue2CTtXsAMnnJEEw+S/AGNl+CkhjDwusLjPDc01grDBf5DSsyDnTUv1fNiXSdK
6GD9+jzqo8vvCT+Ibszk4vxkGaaU9/KtgVDFq5roamHkI32FhsJf11owO+lsAlKM
XiLYoWP1cvXe2h30rnuPvMPdlYOlLvKeE5fniAMOhGTQgpwxHQpiEODTpj+rVYlP
jjDu3HOAHdJEhwPamQpQ
=6EIx
-----END PGP SIGNATURE-----
Sebastian Harl (3):
patches/CVE-2016-6254.dpatch: Fix heap overflow in the network plugin.
patches/bts832577-gcry-control.dpatch: Fix improper usage of gcry_control.
Release changelog to wheezy-security.
-----------------------------------------------------------------------
More information about the collectd-changes
mailing list