[collectd-changes] pkg-collectd: annotated tag "collectd-5.4.1-6+deb8u1" created. collectd-5.4.1-6+deb8u1

Sebastian Harl sh at tokkee.org
Sat Jul 30 00:12:31 CEST 2016 

The annotated tag "collectd-5.4.1-6+deb8u1" of project "collectd Debian package"
has been created
        at  22aeaed67edf26f642a752082e3b40319c889955 (tag)
   tagging  050b3e76e6dc72e7b1f402709d975ecb3622def3 (commit)
  replaces  collectd-5.4.1-6
 tagged by  Sebastian Harl
        on  Sat Jul 30 00:11:20 2016 +0200

- Log -----------------------------------------------------------------
Tagged collectd-5.4.1-6+deb8u1.

collectd (5.4.1-6+deb8u1) jessie-security; urgency=high

  * debian/patches/CVE-2016-6254.dpatch: Fix heap overflow in the network
    plugin. Emilien Gaspar has identified a heap overflow in parse_packet(),
    the function used by the network plugin to parse incoming network packets.
    Thanks to Florian Forster for reporting the bug in Debian.
    (Closes: #832507, CVE-2016-6254)
  * debian/patches/bts832577-gcry-control.dpatch: Fix improper usage of
    gcry_control. A team of security researchers at Columbia University and
    the University of Virginia discovered that GCrypt's gcry_control is
    sometimes called without checking its return value for an error. This may
    cause the program to be initialized without the desired, secure settings.
    (Closes: #832577)

 -- Sebastian Harl <tokkee at debian.org>  Thu, 28 Jul 2016 22:25:08 +0200
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAABAgAGBQJXm9SYAAoJEMwFfnIvH/zHhH8P/jpbHBP3OYQmGUPqdNhuJmn5
tElGj3vyOPQgghoI53RwjlG4aEKQ2tI6DvGYXx6t4cvAMeMbFsP4hqEIK1aq+Sgo
xTWYg93IL3HAvMI+AjQ04I6rjRQE0zIiW2bC1iUonxzRleQ8pZrUeWYNXb7NfIaE
C3VoqCsLOFJEFszol1JkxDbf34xuOwRSFjWR6A7zClcpIh4POsjQPdmYC4G+Whqb
6HQ7LXh6n2C58VP31Dkx5UYSnBS/rUnSiW3HLYJdQ94BBHazh2Uggt4lewa3rjp7
bphRTEF4jCb8vWCVPsz+SFfRGZ/oMz1eLLPowJnakK7c+rwAiwo6k4ViyiULGO50
gwFv/TKq2vyqFAVuJ87XmUohQLd0WFr+yMqB1M4bKEyvXB5lzp48aI2h7FSYELJY
einix8a20/glFln+7uEhI/kLbWLIWM2K0yQPj3+mj5rLkpT+jMfq164/ZMwl0O6v
ocfoHvbQ9XV+PnBeCz2/3SjnC66joTXU2B2HRieRGKl3nhEFA/py2TNBSdC+70ZW
kOKsqcEWwJWJeWHOWQdMp1bb4GT9tRbO7r5AqV9TJV/1ZKzMzZb9VJNE2Zy+MKAh
quq3x5fuAJluike7/vjhwQlH04V2sKKOqXgu0Kev0OE7AwkWGoIcGt1E+vZniXW1
YIpzDK5gR0AM7lf9s1PP
=1it8
-----END PGP SIGNATURE-----

Sebastian Harl (8):
      patches/CVE-2016-6254.dpatch: Fix heap overflow in the network plugin.
      patches/bts832577-gcry-control.dpatch: Fix improper usage of gcry_control.
      Release changelog to wheezy-security.
      Merged branch 'wheezy' into jessie.
      Update CVE-2016-6254 and bts832577-gcry-control patches for 5.4.1.
      Add changelog entry for jessie-security (5.4.1-6+deb8u1).
      Set urgency to high.
      Remove the wheezy-security changelog entry.

-----------------------------------------------------------------------

More information about the collectd-changes mailing list