-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 01 Oct 2011 16:33:04 +0200
Source: ia32-libs
Binary: ia32-libs ia32-libs-dev
Architecture: source amd64
Version: 20111001
Distribution: stable
Urgency: low
Maintainer: Debian ia32-libs Team <pkg-ia32-libs-maintainers@lists.alioth.debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description: 
 ia32-libs  - ia32 shared libraries for use on amd64 and ia64 systems
 ia32-libs-dev - ia32 development files for use on amd64 and ia64 systems
Changes: 
 ia32-libs (20111001) stable; urgency=low
 .
   * Packages updated
 .
   [ curl (7.21.0-2) stable-security; urgency=high ]
 .
   * debian/patches/curl-gssapi-delegation: Fix for GSSAPI delegation
     vulnerability as detailed in CVE-2011-2192. More information and
     the patch at <http://curl.haxx.se/docs/adv_20110623.html>.
     (#631615)
 .
   [ dbus (1.2.24-4+squeeze1) stable; urgency=low ]
 .
   * Update Vcs-* control fields to reflect the move to git
   * Apply patch to fix CVE-2011-2200 (fd.o #38120), which is a local DoS for
     system services (#629938)
 .
   [ e2fsprogs (1.41.12-4stable1) stable; urgency=high ]
 .
   * Upload to proposed-updates
   * Fix "mke2fs -n" so it won't issue a discard and thus trash all
      the data on an SSD (oops!!!)
 .
   [ e2fsprogs (1.41.12-4) unstable; urgency=high ]
 .
   * Clear ext4 error fields in the superblock.  Otherwise users will see
     scary messages every 24 hours after a file system error is detected,
     even after e2fsck has fixed it, if they are using Linux 2.6.35 or later.
   * Fix usage message for logsave (#619788)
 .
   [ e2fsprogs (1.41.12-3) unstable; urgency=high ]
 .
   * Fix signed vs. unsigned char bug in getopt in e2fsprogs which
     afflicts systems with default unsigned char
   * Fix bug in e2fsck where it would fail to fix file systems
     where both the primary and backup block group descriptors are
     corrupted.  (Addresses Ubuntu Launchpad bug: #711799)
   * Fix package description: fsck has been moved to util-linux
     (#588726)
   * Fix badblocks so it the progress message correctly handles UTF-8
     characters for I18N systems (#583782, #587834)
   * Prevent e2fsck from accidentally scrambling a file system when
     checking a snapshot which has an external journal device (which has
     not been snapshotted).  (#587531)
   * Fix inode nlink accounting that would lead to very scary PROGRAMMING
     BUG errors.  (#555456)
   * Fix typos, spelling mistakes, spelling-out-the-obvious-to-clueless-
     sysadmins, etc. in man pages.  (#589345, #594004, #580236,
     #591083, #505719, #599786)
 .
   [ freetype (2.4.2-2.1+squeeze1) stable-security; urgency=high ]
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2011-0226: Vulnerability in parsing Type 1 fonts
 .
   [ krb5 (1.8.3+dfsg-4squeeze1) stable; urgency=low ]
 .
   * Fix double free with pkinit on KDC, CVE-2011-0284, #618517
   * Updated Danish debconf translations, thanks  Joe Dalton,
     #584282
   * KDC/LDAP DOS    (CVE-2010-4022, CVE-2011-0281, and CVE-2011-0282,
     #613487
   * Fix delegation of credentials against Windows servers; significant
     interoperability issue, #611906
   * Set nt-srv-inst on TGS names to work against W2K8R2 KDCs,
     #616429
   * Don't fail authentication when PAC verification fails; support hmac-
     md5 checksums even for non-RC4 keys, #616728
   * Port fix to upstream ticket 6899: fix invalid free in kadmind change
     password case, #622681
 .
   [ libpng (1.2.44-1+squeeze1) stable-security; urgency=high ]
 .
   * Apply upstream patch to 1-byte uninitialized memory reference in
     png_format_buffer(). (#632786, CVE-2011-2501)
   * Apply upstream patch to buffer overwrite in png_rgb_to_gray.
     (#633871, CVE-2011-2690)
   * Apply upstream patch to crash in png_default_error due to use of
     NULL Pointer. (#633871, CVE-2011-2691)
   * Apply upstream patch to memory corruption when handling empty sCAL chunks.
     (#633871, CVE-2011-2692)
 .
   [ libsndfile (1.0.21-3+squeeze1) stable-security; urgency=low ]
 .
   * CVE-2011-2696
 .
   [ nss (3.12.8-1+squeeze3) stable-security; urgency=low ]
 .
   * mozilla/security/nss/lib/ckfw/builtins/certdata.*:
     Explicitely distrust various DigiNotar CAs:
     - DigiNotar Root CA
     - DigiNotar Services 1024 CA
     - DigiNotar Cyber CA
     - DigiNotar Cyber CA 2nd
     - DigiNotar PKIoverheid
     - DigiNotar PKIoverheid G2
 .
   [ nss (3.12.8-1+squeeze2) stable-security; urgency=low ]
 .
   * mozilla/security/nss/lib/ckfw/builtins/certdata.*:
     Remove DigiNotar Root CA.
 .
   [ openldap (2.4.23-7.2) stable; urgency=low ]
 .
   * Non-maintainer upload targeted at stable.
   * Fix "dpkg-reconfigure slapd". #596343
 .
   [ openldap (2.4.23-7.1) stable; urgency=low ]
 .
   * Non-maintainer upload targeted at stable.
   * Picked the following patches from various sources:
 .
   [ Matthijs Möhlmann ]
   * Update patch service-operational-before-detach (#616164, #598361)
 .
   [ Ubuntu Security Team / Jamie Strandboge ]
   * SECURITY UPDATE: fix successful anonymous bind via chain overlay when
     using forwarded authentication failures
     - debian/patches/CVE-2011-1024
     - CVE-2011-1024
   * SECURITY UPDATE: verify password when authenticating to rootdn and using ndb
     backend. Note: Debian is not compiled with --enable-ndb by default
     - debian/patches/CVE-2011-1025
     - CVE-2011-1025
   * SECURITY UPDATE: fix DoS when processing unauthenticated modrdn requests
     and requestDN is empty
     - debian/patches/CVE-2011-1081
     - CVE-2011-1081
     - LP: #742104, 617606
 .
   [ openssl (0.9.8o-4squeeze2) squeeze-security; urgency=high ]
 .
   * Non-maintainer upload by the Security Team.
   * Block DigiNotar certificates
   * Fix CVE-2011-1945: timing attacks against ECDHE_ECDSA makes
     it easier to determine private keys.
 .
   [ tiff (3.9.4-5+squeeze3) stable-security; urgency=high ]
 .
   * Redo CVE-2011-0192 to fix regression. (#630042)
Checksums-Sha1: 
 26840e8ad254e8e7b89ad8401055497a0994f80f 1563 ia32-libs_20111001.dsc
 c735daf1412a61c59110bd2c291bef8e34f36b6e 334258246 ia32-libs_20111001.tar.gz
 272e8a49724c31b8643436edbe928bfd1d29653c 34233592 ia32-libs_20111001_amd64.deb
 5e2e9fcd3134082d56fbc2c3599b03b873b8a974 13066606 ia32-libs-dev_20111001_amd64.deb
Checksums-Sha256: 
 6a67583057125e7d9b4f07051830f85d25f9c56d5a20f6bd47c0b474550cfd94 1563 ia32-libs_20111001.dsc
 51f82055ca73871698dffdd3fd9a6b92024f6974a52c5e74bfe36f62fe12d5f0 334258246 ia32-libs_20111001.tar.gz
 1def61bc506f580b91ddf7bd2869f24b97f90866d5722455b483da55afde46bf 34233592 ia32-libs_20111001_amd64.deb
 b25926ad24de77f95d7d1f301dec617d649bdf3c561551e833f163e9191dcdd4 13066606 ia32-libs-dev_20111001_amd64.deb
Files: 
 12a6e4a2b57b453e39e5b8134ca4290e 1563 libs optional ia32-libs_20111001.dsc
 2bf7ff89db15b3eb1d9fbaa2e4a418df 334258246 libs optional ia32-libs_20111001.tar.gz
 deadb384514fde67ded36730d27591a7 34233592 libs optional ia32-libs_20111001_amd64.deb
 256c9e7c96aebe453bf1d2bff5fe11b7 13066606 libdevel extra ia32-libs-dev_20111001_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJOhyc3AAoJEOxfUAG2iX57ZUYH/20SDCN78mcWyXaeUKkles6T
YJ6WFLR5F17mUwpBHmbg6MKc/CjKh08Afjrd+5LK2DF/HGD0f+TTj0i0LXRuV/bt
XwM3CasrtuTGVS7iKJa/Gs+cYeZN1HVby9nEEZJIxpaE3wOzKHVRQP1N2kpqI1p6
BieGLSLx67xqq6hxx7SGtyQONZePngxoTPdWoDKJDULGUN+xoZp+giqE5fNnTslJ
JLGXHk4nwvlP0jLAA5KaitPbRtot5aVQw4rU6an7Xmj0bkasVp2+4ue1ogEawZbT
kvB73e8sZrEksPqwoA5RPjNmC3rpRL4Nj5fTeUsbxfNzGfg67s1opB3U58P0LPg=
=ROXT
-----END PGP SIGNATURE-----