-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 19 Jul 2011 22:21:04 +1000 Source: opie Binary: opie-client opie-server libopie-dev Architecture: kfreebsd-i386 Version: 2.32.dfsg.1-0.2+squeeze1 Distribution: squeeze-security Urgency: high Maintainer: kfreebsd-i386 Build Daemon (field) Changed-By: Steffen Joeris Description: libopie-dev - OPIE library development files. opie-client - OPIE programs for generating OTPs on client machines opie-server - OPIE programs for maintaining an OTP key file Closes: 631344 631345 Changes: opie (2.32.dfsg.1-0.2+squeeze1) stable-security; urgency=high . * Non-maintainer upload by the security team * Fix off-by-one and privilege escalation via missing check for setuid() (Closes: #631344, #631345) Fixes: CVE-2011-2489 CVE-2011-2490 Checksums-Sha1: 3542a67ae2ada9f37cb28652588ee1b2771f0565 43114 opie-client_2.32.dfsg.1-0.2+squeeze1_kfreebsd-i386.deb d68ce18c51033483c81f22593c398c454d711e3f 45470 opie-server_2.32.dfsg.1-0.2+squeeze1_kfreebsd-i386.deb 432dadba95490d36260e6a34d03267e8dcb70e1d 30794 libopie-dev_2.32.dfsg.1-0.2+squeeze1_kfreebsd-i386.deb Checksums-Sha256: 63928a2029053622843f21d28780fb11d1403542da95fd0ebffad43d83dacbb8 43114 opie-client_2.32.dfsg.1-0.2+squeeze1_kfreebsd-i386.deb 0e65600313ca401727425920b5fe7349067855afa2fc07591c6e7dbe91f0ac47 45470 opie-server_2.32.dfsg.1-0.2+squeeze1_kfreebsd-i386.deb 97f2ef8218ade69c1a4887bd20485f6476feeec279b6ef413070048b23df15fe 30794 libopie-dev_2.32.dfsg.1-0.2+squeeze1_kfreebsd-i386.deb Files: 746952c5a1a28c518ec6616127c016e7 43114 admin optional opie-client_2.32.dfsg.1-0.2+squeeze1_kfreebsd-i386.deb 4b04fa67543cccada7730ffee4145add 45470 admin optional opie-server_2.32.dfsg.1-0.2+squeeze1_kfreebsd-i386.deb 0974210a84bdc2f4aef92d3624cf1184 30794 devel optional libopie-dev_2.32.dfsg.1-0.2+squeeze1_kfreebsd-i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/kFreeBSD) iQIcBAEBAgAGBQJOJfS5AAoJEJ9+8QQixhhYSRUP/1bwQXf6noJ2T+obz/kpGs1U aW25fbZll1qZQ6wwelS/Gx1kpBToHd5OwbYe3R7wPcwajfbqV8A9MkmsxBWhFO9T yQiv177InR+Xz2dwlBDS/Vu0+hQ9GJmo4KPZfE6sl3qWJGwzhe6Se+tzELYL5Oue XlF8w48Rq0/Lppd4OWQw/eH8t/ImKDkmWKyYtqrq3s4aDlS8W+rPkNfjH1CqMvCZ aMIQZD/YzLSHmNONverM1Ja156/h1Ry6JMzUXt1RKGBc0G1HlfoxorDBg3dgW5KL UNLJ7reLl8UDpw6fDCzezvbbQJa6/Sx15HK58Px27DuTUEEzahLSBo/YiVJu3TUM aCPorKfDputJ9zqB5G0hOPlJIqobJY8ZQedr/JZLSHzw34Z/7NEmVywXK8WzEg30 dpqJ8V279gUlb8BGGVA6MzENuBOzX9aKMF/ZkNNVduRpjQYnVMgBo8UzaVHHisTN 1/5rFXVZKoTHiJpko6LMuQyLlIXd2oc16d9WLdZ9pSOww42iU+Wkk+rhiUjaQACj owkLN8P0cVYexx2X991x7V6xIBgeor73mxs+LQOIpMxqY1JxNykBYaKOuyAnukk2 sfjI+Z6jPPIrYZ03iDgD2PQ1LxATH2d3aMXmxqskmFGV+Ft6y/YKoGGxqffkzi7u GXIBsaNeNA/p+UucSdZ/ =1CSo -----END PGP SIGNATURE-----