[ddh-sys] apt-listchanges: changelogs for less
root
root op ddh.nl
Wo Apr 14 12:23:02 CEST 2010
krb5 (1.6.dfsg.4~beta1-5lenny3) stable-security; urgency=high
* Non-maintainer upload by the Security Team.
* Fixed CVE-2010-0629: unauthenticated remote KDC service crash.
(Closes: #567052)
-- Giuseppe Iuculano <iuculano op debian.org> Fri, 09 Apr 2010 18:48:35 +0200
libpng (1.2.27-2+lenny3) stable-security; urgency=high
* Non-maintainer upload by the Security Team.
* Fixed CVE-2009-2042: does not properly parse 1-bit interlaced images with
width values that are not divisible by 8, which causes libpng to include
uninitialized bits in certain rows of a PNG file and might allow remote
attackers to read portions of sensitive memory via "out-of-bounds pixels"
in the file (Closes: 533676)
* Fixed CVE-2010-0205: does not properly handle compressed ancillary-chunk
data that has a disproportionately large uncompressed representation, which
allows remote attackers to cause a denial of service (memory and CPU
consumption, and application hang) via a crafted PNG file (Closes: #572308)
-- Giuseppe Iuculano <iuculano op debian.org> Sun, 11 Apr 2010 11:40:33 +0200
linux-2.6 (2.6.26-21lenny4) stable-security; urgency=high
[ dann frazier ]
* futex: Handle user space corruption gracefully (CVE-2010-0622)
* mmap: cleanup compiler warnings from CVE-2010-0291 fixes
* x86: set_personality_ia32() misses force_personality32, an additional
fix for CVE-2010-0307
* Replace fix for CVE-2009-2691 w/ upstreamed version (Closes: #570554)
* uvesafb/connector: prevent unprivileged users from sending netlink packets
(CVE-2009-3725)
[ Ben Hutchings ]
* [xen][i386] Fix kernel logging via userspace (Closes: #568561)
(regression due to fix for #510478)
-- dann frazier <dannf op debian.org> Tue, 09 Mar 2010 09:34:37 -0700
pango1.0 (1.20.5-5+lenny1) stable-security; urgency=high
* Non-maintainer upload by the Security Team.
* Fixed CVE-2010-0421: improper input sanitization, leading to array indexing
error, in the way Pango font rendering library synthesized Glyph Definition
Table (GDEF) from the font's character map and the Unicode property
database. (Closes: #574021)
-- Giuseppe Iuculano <iuculano op debian.org> Thu, 18 Mar 2010 15:18:06 +0100
php5 (5.2.6.dfsg.1-1+lenny8) stable-security; urgency=high
* Fix CVE-2010-0397: null pointer dereference when processing invalid
XML-RPC requests (Closes: #573573)
-- Raphael Geissert <geissert op debian.org> Sun, 14 Mar 2010 01:05:03 -0600
More information about the ddh-sys
mailing list