-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 28 Aug 2013 00:40:42 +0100 Source: nas Binary: libaudio2 nas libaudio-dev nas-bin nas-doc Architecture: kfreebsd-i386 Version: 1.9.3-5wheezy1 Distribution: wheezy-security Urgency: high Maintainer: kfreebsd-i386 Build Daemon (fils) Changed-By: Steve McIntyre <93sam@debian.org> Description: libaudio-dev - Network Audio System - development files libaudio2 - Network Audio System - shared libraries nas - Network Audio System - local server nas-bin - Network Audio System - client binaries nas-doc - Network Audio System - extra documentation Closes: 720287 Changes: nas (1.9.3-5wheezy1) stable-security; urgency=high . * Fixes for various long-standing security issues found by Hamid Zamani . Closes: #720287 + Validate the port offset of nasd to fix a potential buffer overflow (CVE-2013-4256) + Use better string functions to guard against heap overflows (CVE-2013-4257) + Sanity-check the TCP_DEVICE environment variable to remove a format string bug (CVE-2013-4258) Checksums-Sha1: 0f2b98ede9c31c7850e9fde53d8a096b4679d52f 116282 nas_1.9.3-5wheezy1_kfreebsd-i386.deb b442558f3f7b21789750b829cfdbb8ccf07e4dc4 178354 nas-bin_1.9.3-5wheezy1_kfreebsd-i386.deb 0b33a7da831b13e51c3f36a42f8a2d9afb245d14 87514 libaudio2_1.9.3-5wheezy1_kfreebsd-i386.deb 4d3d46f0a74e6488e8eceba4131fe306d7ac1b2d 567762 libaudio-dev_1.9.3-5wheezy1_kfreebsd-i386.deb Checksums-Sha256: 717f8b25f694d2304521560ddee809577429a748613ef0951d80b14efa38c980 116282 nas_1.9.3-5wheezy1_kfreebsd-i386.deb 6a72874e869c5360203976859b52dfad23526a3df919663ab5d961c3882c846a 178354 nas-bin_1.9.3-5wheezy1_kfreebsd-i386.deb a30a2a30a6838996a716394ea05c00930990430d0e0c59032970ab8f6eeb57da 87514 libaudio2_1.9.3-5wheezy1_kfreebsd-i386.deb a197a6d97914d91c2b3766b84634da5b1db2349e168f6c9ad59749f184048743 567762 libaudio-dev_1.9.3-5wheezy1_kfreebsd-i386.deb Files: 8809e2ab7f9670cadd127e35acc27c84 116282 sound optional nas_1.9.3-5wheezy1_kfreebsd-i386.deb 31f371e4d16d07b2c9cda5a84a98b4f4 178354 sound extra nas-bin_1.9.3-5wheezy1_kfreebsd-i386.deb 9692ae79d17dee27674c993608d2c9aa 87514 libs optional libaudio2_1.9.3-5wheezy1_kfreebsd-i386.deb 34dbb342d529b1af9193f74286a6bde3 567762 libdevel optional libaudio-dev_1.9.3-5wheezy1_kfreebsd-i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/kFreeBSD) iQIcBAEBAgAGBQJSVFXVAAoJEOBZ3EoQ4ujojTYQAIpcGUR41QWFJa5DgUr1eEpJ K3gV72w8lRTYw2iCjLl6hP16vFATYVLtyHxg/ezwdY59046/0n+UFOgrVd7zpBI4 UdokpwnxTrSEH6+980LCrrkVeURfOLrvXOkPVPFpBtIWvqYUcehOzZxMIWpDcjfM xkrHs2YjDRWiZGYB3ZFm1J5ioGrIWQLbucEAa43yaGGUSUmFvh+xSHxNgJsw+xHB eHbutRtEEI3N+IcMj7+jIMUItl1Q3FFJqjS/urD00WxioJh9sC/yZyYAcF+VWurC GBp5uvEl6fvH9QPmU9Hkaq2uAfebGT94zhAgqttlom5o7ZoWBg0mu7SJsJxxsxmM 52UGcaKDumaPGDxIBlpHlYFTXXdTqTTqBhJ4NDieQjefdILLLk9Gb2qTtwhqiUML HP1VKld6Htvt92B1OeHdS7V9Lt11ArBp9PSrj76uw8GDIRwzB6wJ6YPHwpxtdJYN 3jmZUFKyzOTg5uMuQFg6TfdM+qwuDPsdSvXcB6nAcPV8Yy588ujN56hJ5FGxjHl9 vYaqZssnry/vb1ypd6YCSdsOJ+ieH+qQeZAA+RvP/4+cZE3flhLZcd/2OR1eIFQk 0N8EgSa+ke2tBXzYXP8rWM8atEuiLyzmrCejaw1UWU8GcfZn7teRgGPKjj9BRbQH fZtF89uY5n3MjsdauOhe =vG0X -----END PGP SIGNATURE-----