-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 28 Aug 2013 00:40:42 +0100 Source: nas Binary: libaudio2 nas libaudio-dev nas-bin nas-doc Architecture: powerpc Version: 1.9.3-5wheezy1 Distribution: wheezy-security Urgency: high Maintainer: powerpc Build Daemon (porpora) Changed-By: Steve McIntyre <93sam@debian.org> Description: libaudio-dev - Network Audio System - development files libaudio2 - Network Audio System - shared libraries nas - Network Audio System - local server nas-bin - Network Audio System - client binaries nas-doc - Network Audio System - extra documentation Closes: 720287 Changes: nas (1.9.3-5wheezy1) stable-security; urgency=high . * Fixes for various long-standing security issues found by Hamid Zamani . Closes: #720287 + Validate the port offset of nasd to fix a potential buffer overflow (CVE-2013-4256) + Use better string functions to guard against heap overflows (CVE-2013-4257) + Sanity-check the TCP_DEVICE environment variable to remove a format string bug (CVE-2013-4258) Checksums-Sha1: 7871ee75705b0eef37b4d1dd3863082bfc55caa3 117260 nas_1.9.3-5wheezy1_powerpc.deb f6d32ee453ad870cd7d6e04e3ac0e521b79cb2bf 178590 nas-bin_1.9.3-5wheezy1_powerpc.deb 0ea3c8c534e7ee838e1fc52ed851fa1147eea999 85810 libaudio2_1.9.3-5wheezy1_powerpc.deb f456fd04e1175f6a2069c345069e152243d75881 598728 libaudio-dev_1.9.3-5wheezy1_powerpc.deb Checksums-Sha256: 0b5282cf8e99c218140202ae8438803a0f7110fff644568a6151acf07c1ac5fe 117260 nas_1.9.3-5wheezy1_powerpc.deb e7f090d4e72246481dd3b4a0406948703b969cd3632e75c245788ea7ae299af0 178590 nas-bin_1.9.3-5wheezy1_powerpc.deb 33c806d8158553e4b93c692e6f5ac4553c4ba65b76bc94b24b5d526283056668 85810 libaudio2_1.9.3-5wheezy1_powerpc.deb 79e89135d30b103ffc231246f7358775245d17e9f720e62b8ff058f9bd0617f7 598728 libaudio-dev_1.9.3-5wheezy1_powerpc.deb Files: c5d4cb9f3ed277977a5a25e9fb6eca3d 117260 sound optional nas_1.9.3-5wheezy1_powerpc.deb ab73234eaee760f37fbd1b057e1c945a 178590 sound extra nas-bin_1.9.3-5wheezy1_powerpc.deb eed780f09f471e17a967bb63327f183a 85810 libs optional libaudio2_1.9.3-5wheezy1_powerpc.deb 247ddda479722dbec4d1db650c50e2dd 598728 libdevel optional libaudio-dev_1.9.3-5wheezy1_powerpc.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJSVFeSAAoJEO3cbNlJ7FI7/68P/0xDgyiRVqis3wBQSc9+kO9z bmliYZsUXztxc960dwPkMllHHc0D4vkHPkwN92PCUOq/rnsook20tDjybR08/FzM Juc4BgjoAQXDM8JP2K5e81V5WsGfilNGEM3nlb50i93ty3362X50HkJp5kr6Bz+0 vkTD00RFCoxW2BCnd4xnLrWJrlxwKYLz6XnYh5mW+VYwuRpTq9OWNGUfDPUCp4ZV uihxi1BIMlDSHZVJ4c2C73rSeMXq50xpw/bvc16LwJZyOFOZ5m8iVWdgHmj+gfb3 kGps80x/oDtwNJ1vl5qsu84gi9KQsBCGLYqjukzzAKxUvzvxB9/WK8aLTsPhBx53 H0q5/MA/or3oVmtlx/+/SZbEsoqc/CiZAWOPYSiYwTlDJJ3NSiQ/zHm19uogThyY jJIBLJW6b8cd87tDynDvPlJFfd35l1aw4M/WZ6lMfLFjVggKK6k/lG4lnlAZM5AG jyLwQgBV1e7fNnpjjo7ucEj8EevsUrmXt68ZJh9MXh54PZjCOh7hWFTeCaPzMWEr eKWfOcKMOb8+u4cARaL51pLM8/1UZjYYEEhby6lZw2olVqnRw0ajnxSt4B4e5EyB zjsREoEoywnEr1Z3vIVymTaB3SP4HYJjLM8Jq2QlYGO+bIs6Iu1stIrwEEIQafHf cBpuVC7YHgZcE7XTjRCU =6rQs -----END PGP SIGNATURE-----