[ddh-sys] apt-listchanges: changelogs for less

root root op ddh.nl
Vr Dec 10 17:50:08 CET 2010

krb5 (1.6.dfsg.4~beta1-5lenny6) stable-security; urgency=emergency

    * MITKRB5-SA-2010-007
        * CVE-2010-1323: attackers have a 1/256 chance of being able to
          produce krb_safe messages that appear to be from legitimate remote
          sources. Other than use in KDC database copies this may not be a
          huge issue only because no one actually uses krb_safe
          messages. Similarly, an attacker can force clients to display
          challenge/response values of the attacker's choice.

 -- Sam Hartman <hartmans op debian.org>  Sat, 20 Nov 2010 15:28:58 -0500

exim4 (4.69-9+lenny1) stable-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix SMTP file descriptors being leaked to processes invoked with ${run...}
  * Fix memory corruption issue in string_format(). CVE-2010-4344
  * Fix potential memory pool corruption issue in internal_lsearch_find().

 -- Stefan Fritsch <sf op debian.org>  Fri, 10 Dec 2010 13:25:07 +0100

glibc (2.7-18lenny6) stable-security; urgency=high

  * Fix CVE-2010-3847 with patches from Andreas Schwab and Kees Cook.

 -- Florian Weimer <fw op deneb.enyo.de>  Thu, 21 Oct 2010 20:51:38 +0200

libxml2 (2.6.32.dfsg-5+lenny2) stable-security; urgency=high

  * Backport upstream commits 91d1975 and ea90b89 to better process some
    malformed XPath expressions (CVE-2010-4008).

 -- Mike Hommey <glandium op debian.org>  Sun, 28 Nov 2010 15:52:16 +0100

linux-2.6 (2.6.26-26lenny1) stable-security; urgency=high

  * net sched: fix kernel leak in act_police (CVE-2010-3477)
  * aio: check for multiplication overflow in do_io_submit (CVE-2010-3067)
  * cxgb3: prevent reading uninitialized stack memory (CVE-2010-3296)
  * eql: prevent reading uninitialized stack memory (CVE-2010-3297)
  * rose: Fix signedness issues wrt. digi count (CVE-2010-3310)
  * sctp: Do not reset the packet during sctp_packet_config() (CVE-2010-3432)
  * Fix pktcdvd ioctl dev_minor range check (CVE-2010-3437)
  * ALSA: prevent heap corruption in snd_ctl_new() (CVE-2010-3442)
  * thinkpad-acpi: lock down video output state access (CVE-2010-3448)
  * sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac() (CVE-2010-3705)
  * setup_arg_pages: diagnose excessive argument size (CVE-2010-3858)
  * X.25: memory corruption in X.25 facilities parsing (CVE-2010-3873)
  * sys_semctl: fix kernel stack leakage (CVE-2010-4083)
  * ALSA: rme9652: prevent reading uninitialized stack memory
    (CVE-2010-4080, CVE-2010-4081)
  * V4L/DVB: ivtvfb: prevent reading uninitialized stack memory (CVE-2010-4079)
  * video/sis: prevent reading uninitialized stack memory (CVE-2010-4078)
  * X.25: Prevent crashing when parsing bad X.25 facilities (CVE-2010-4164)
  * v4l1: fix 32-bit compat microcode loading translation (CVE-2010-2963)
  * net: Mitigate overflow issues
     - Truncate recvfrom and sendto length to INT_MAX.
     - Limit socket I/O iovec total length to INT_MAX.
     - Resolves kernel heap overflow in the TIPC protcol (CVE-2010-3859)
  * net: ax25: fix information leak to userland (CVE-2010-3875)
  * can-bcm: fix minor heap overflow (CVE-2010-3874)
  * net: packet: fix information leak to userland (CVE-2010-3876)
  * net: tipc: fix information leak to userland (CVE-2010-3877)
  * inet_diag: Make sure we actually run the same bytecode we audited
  * ipc: shm: fix information leak to userland (CVE-2010-4072)
  * ipc: initialize structure memory to zero for compat functions
  * USB: serial/mos*: prevent reading uninitialized stack memory (CVE-2010-4074)
  * [SCSI] gdth: integer overflow in ioctl (CVE-2010-4157)
  * econet: Avoid stack overflow w/ large msgiovlen (CVE-2010-3848)
  * econet: disallow NULL remote addr for sendmsg() (CVE-2010-3849)
  * econet: Add mising CAP_NET_ADMIN check in SIOCSIFADDR (CVE-2010-3850)

 -- dann frazier <dannf op debian.org>  Wed, 24 Nov 2010 17:46:00 -0700

linux-2.6 (2.6.26-26) stable; urgency=high

  [ Ben Hutchings ]
  * [alpha,s390,sparc] math-emu: correct test for downshifting fraction in
    _FP_FROM_INT() (Closes: #593193)
  * SCSI/mptsas: fix hangs caused by ATA pass-through (Closes: #594690)
  * xfs: prevent kernel crash due to corrupted inode log format
    (Closes: #550733)
  * r6040: Fix various bugs in r6040_multicast_list() (Closes: #600155)

 -- dann frazier <dannf op debian.org>  Sat, 20 Nov 2010 15:30:51 -0700

subversion (1.5.1dfsg1-5) stable-security; urgency=medium

  * Fix CVE-2010-3315: mod_dav_svn can give authorized users higher
    privileges than they are configured for, in rare configurations.

 -- Peter Samuelson <peter op p12n.org>  Thu, 07 Oct 2010 00:56:45 -0500

base-files (5lenny8) stable; urgency=low

  * Bump version in /etc/debian_version to "5.0.7".

 -- Santiago Vila <sanvila op debian.org>  Fri, 26 Nov 2010 13:58:08 +0100

dpkg (1.14.30) stable; urgency=low

  * Fix dpkg to not lose package metadata on filesystems where readdir()
    returns new files added after the opendir() call, btrfs in particular
    triggered the problematic behaviour. Closes: #575891

 -- Raphael Hertzog <hertzog op debian.org>  Wed, 20 Oct 2010 23:10:29 +0200

openssl (0.9.8g-15+lenny9) stable-security; urgency=low

  * Fix TLS extension parsing race condition (CVE-2010-3864)

 -- Kurt Roeckx <kurt op roeckx.be>  Mon, 15 Nov 2010 20:57:21 +0100

postgresql-8.3 (8.3.12-0lenny1) stable-security; urgency=low

  * New upstream security/bug fix release:
    - Use a separate interpreter for each calling SQL userid in PL/Perl
      and PL/Tcl.
      This change prevents security problems that can be caused by
      subverting Perl or Tcl code that will be executed later in the same
      session under another SQL user identity (for example, within a
      SECURITY DEFINER function). Most scripting languages offer numerous
      ways that that might be done, such as redefining standard functions
      or operators called by the target function. Without this change,
      any SQL user with Perl or Tcl language usage rights can do
      essentially anything with the SQL privileges of the target
      function's owner.
      The cost of this change is that intentional communication among
      Perl and Tcl functions becomes more difficult. To provide an escape
      hatch, PL/PerlU and PL/TclU functions continue to use only one
      interpreter per session. This is not considered a security issue
      since all such functions execute at the trust level of a database
      superuser already.
      It is likely that third-party procedural languages that claim to
      offer trusted execution have similar security issues. We advise
      contacting the authors of any PL you are depending on for
      security-critical purposes.
      Our thanks to Tim Bunce for pointing out this issue
    - Prevent possible crashes in pg_get_expr() by disallowing it from
      being called with an argument that is not one of the system catalog
      columns it's intended to be used with.
    - Fix incorrect usage of non-strict OR joinclauses in Append
      This is a back-patch of an 8.4 fix that was missed in the 8.3
      branch. This corrects an error introduced in 8.3.8 that could cause
      incorrect results for outer joins when the inner relation is an
      inheritance tree or UNION ALL subquery.
    - Fix possible duplicate scans of UNION ALL member relations.
    - Fix "cannot handle unplanned sub-select" error.
      This occurred when a sub-select contains a join alias reference
      that expands into an expression containing another sub-select.
    - Fix failure to mark cached plans as transient.
      If a plan is prepared while "CREATE INDEX CONCURRENTLY" is in
      progress for one of the referenced tables, it is supposed to be
      re-planned once the index is ready for use. This was not happening
    - Reduce PANIC to ERROR in some occasionally-reported btree failure
      cases, and provide additional detail in the resulting error
      This should improve the system's robustness with corrupted indexes.
    - Prevent show_session_authorization() from crashing within
      autovacuum processes.
    - Defend against functions returning setof record where not all the
      returned rows are actually of the same rowtype.
    - Fix possible failure when hashing a pass-by-reference function
    - Improve merge join's handling of NULLs in the join columns.
      A merge join can now stop entirely upon reaching the first NULL, if
      the sort order is such that NULLs sort high.
    - Take care to fsync the contents of lockfiles (both "postmaster.pid"
      and the socket lockfile) while writing them.
      This omission could result in corrupted lockfile contents if the
      machine crashes shortly after postmaster start. That could in turn
      prevent subsequent attempts to start the postmaster from
      succeeding, until the lockfile is manually removed.
    - Avoid recursion while assigning XIDs to heavily-nested
      The original coding could result in a crash if there was limited
      stack space.
    - Avoid holding open old WAL segments in the walwriter process.
      The previous coding would prevent removal of no-longer-needed
    - Fix log_line_prefix's %i escape, which could produce junk early in
      backend startup.
    - Fix possible data corruption in "ALTER TABLE ... SET TABLESPACE"
      when archiving is enabled.
      be interrupted by query-cancel.
    - Fix "REASSIGN OWNED" to handle operator classes and families.
    - Fix possible core dump when comparing two empty tsquery values.
    - Fix LIKE's handling of patterns containing % followed by _.
      We've fixed this before, but there were still some
      incorrectly-handled cases.
    - In PL/Python, defend against null pointer results from
      PyCObject_AsVoidPtr and PyCObject_FromVoidPtr.
    - Make psql recognize "DISCARD ALL" as a command that should not be
      encased in a transaction block in autocommit-off mode.
    - Fix ecpg to process data from RETURNING clauses correctly.
    - Improve "contrib/dblink"'s handling of tables containing dropped
    - Fix connection leak after "duplicate connection name" errors in
    - Fix "contrib/dblink" to handle connection names longer than 62
      bytes correctly.
    - Add hstore(text, text) function to "contrib/hstore".
      This function is the recommended substitute for the now-deprecated
      => operator. It was back-patched so that future-proofed code can be
      used with older server versions. Note that the patch will be
      effective only after "contrib/hstore" is installed or reinstalled
      in a particular database. Users might prefer to execute the "CREATE
      FUNCTION" command by hand, instead.
    - Update build infrastructure and documentation to reflect the source
      code repository's move from CVS to Git.

 -- Martin Pitt <mpitt op debian.org>  Tue, 05 Oct 2010 21:53:16 +0200

tzdata (2010o-0lenny1) stable; urgency=low

  * New upstream release.
  * da.po: Danish translation from Joe Hansen.  closes: #596143.
  * pt_BR.po: Brazilian Portuguese translation from Flamarion
    Jorge.  closes: #550846.
  * sk.po: Slovak translation from Ivan Masár.  closes: #534440.

 -- Clint Adams <schizo op debian.org>  Thu, 11 Nov 2010 12:38:20 -0500

Meer informatie over de ddh-sys maillijst