-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Fri, 29 Jul 2011 18:37:00 +0200 Source: torque Binary: torque-common torque-server torque-pam torque-scheduler torque-client torque-mom torque-client-x11 libtorque2 libtorque2-dev Architecture: source amd64 Version: 2.4.8+dfsg-9squeeze1 Distribution: stable-security Urgency: low Maintainer: Morten Kjeldgaard Changed-By: Jordi Mallach Description: libtorque2 - shared library for Torque client and server libtorque2-dev - header files for libtorque2 torque-client - command line interface to Torque server torque-client-x11 - GUI for torque clients torque-common - Torque Queueing System shared files torque-mom - job execution engine for Torque batch system torque-pam - PAM module for PBS MOM nodes torque-scheduler - scheduler part of Torque torque-server - PBS-derived batch processing server Changes: torque (2.4.8+dfsg-9squeeze1) stable-security; urgency=low . * [CVE_2011_2193]: Fix two potential buffer overflows: jobid length and hostname length weren't properly checked, and these both allow segfaults/buffer overflow attacks within the code. * Steal an additional potential buffer overflow fix from upstream SVN: - src/resmom/checkpoint.c (mom_checkpoint_recover): Use strncpy and strncat instead of strcpy and strcat. * Update Vcs-* fields to point to the new squeeze branch. Checksums-Sha1: 76b4001fe18d9e4ebc0191aff8ce2e30ba06e09e 1692 torque_2.4.8+dfsg-9squeeze1.dsc 214a92112403fd05dfd05749ceb600fddf641ddc 3141766 torque_2.4.8+dfsg.orig.tar.gz 21753884dbc48d5e17e30e4325e705018d7e5131 21605 torque_2.4.8+dfsg-9squeeze1.debian.tar.gz b4a62a4cc6a1b9fa90e2373bf3b7d4e5bcc742d0 37638 torque-common_2.4.8+dfsg-9squeeze1_amd64.deb 00021b39680c9552dd5efa789fed76ea53fddc93 187792 torque-server_2.4.8+dfsg-9squeeze1_amd64.deb 44a7adad9a4ff4ce2ebede7acddbadc2f5a9a1ad 33816 torque-pam_2.4.8+dfsg-9squeeze1_amd64.deb 7fe778d253ace07e1dcbb327d257753828fa6c68 91776 torque-scheduler_2.4.8+dfsg-9squeeze1_amd64.deb c9e710126d406bfb009de88adda9b9df32ab2b35 395022 torque-client_2.4.8+dfsg-9squeeze1_amd64.deb 45092c6572cd1f0ee39c59f098a2df9ab2124c11 194404 torque-mom_2.4.8+dfsg-9squeeze1_amd64.deb a5e3906828a7386eb82e93cdbccbd87936d42cd5 652774 torque-client-x11_2.4.8+dfsg-9squeeze1_amd64.deb 6b82b6b372cc9aa1a296388b7a809559d98ea7e8 114704 libtorque2_2.4.8+dfsg-9squeeze1_amd64.deb 792a66abb5be0f88d7697cb5196d3467f4988297 46250 libtorque2-dev_2.4.8+dfsg-9squeeze1_amd64.deb Checksums-Sha256: 975bbcd496b7091f108ab9efcfa4d2c0fb9f2fdf6e86fb41fbd56f502a95188c 1692 torque_2.4.8+dfsg-9squeeze1.dsc bb10a57e10a77f43df0c518540a61c9f991df407d91e315f50b0e8e7dd1ac289 3141766 torque_2.4.8+dfsg.orig.tar.gz 8d5752a6b479d4fe59d60875027bb0a2bfe6cfec79f784f7455c47fc57bcf810 21605 torque_2.4.8+dfsg-9squeeze1.debian.tar.gz 7cd8224bfaefd3076e200673449f031949bd0a1b885b2a7a8a27fa3a66d4e678 37638 torque-common_2.4.8+dfsg-9squeeze1_amd64.deb b21e43b59717f4f6a35c6390a034d0945f6c6d7034c50d44e3acd2e38783dc91 187792 torque-server_2.4.8+dfsg-9squeeze1_amd64.deb 5c3702a9db726eb17de35dac40ec7cc4ddd4b0cfbdf639866d7aa7385c81e1e8 33816 torque-pam_2.4.8+dfsg-9squeeze1_amd64.deb daf0b249457bf4119cfb657114575d53bbffabe1f081fa343b4d5bfd5513c916 91776 torque-scheduler_2.4.8+dfsg-9squeeze1_amd64.deb f2bdfbf9d0e32b548ab3528bcfcc752612729afbdfff522a9cf1651814406380 395022 torque-client_2.4.8+dfsg-9squeeze1_amd64.deb c08f6d20cf70ea2a5ee0951b183dc444e12c3605f72f26b594ebcfa4d068061a 194404 torque-mom_2.4.8+dfsg-9squeeze1_amd64.deb 9d66295663591b21ac6bbc55dd06ff2761debe2332f6f53cbeacaa21a9fc7148 652774 torque-client-x11_2.4.8+dfsg-9squeeze1_amd64.deb 453b5e7d8a1901de7bf47aa4eeb1cd3cf9b278f489dc3a1a42531a3913a47521 114704 libtorque2_2.4.8+dfsg-9squeeze1_amd64.deb a6e6a91b1e2f7ac50711e56c3212c7b4bfab73f01d5fceb93bf21ecc1b30a7f7 46250 libtorque2-dev_2.4.8+dfsg-9squeeze1_amd64.deb Files: bffbb2f5a4578c336d16785ab3fab757 1692 net optional torque_2.4.8+dfsg-9squeeze1.dsc 76bea0d84fc59c537df3e77555879395 3141766 net optional torque_2.4.8+dfsg.orig.tar.gz 6984c0affc8096a6f0b94d9144ce837b 21605 net optional torque_2.4.8+dfsg-9squeeze1.debian.tar.gz 03339e37316170138b7a83fda10b5e42 37638 utils optional torque-common_2.4.8+dfsg-9squeeze1_amd64.deb 08554e45af80ea18f6db436e6ce573a6 187792 utils optional torque-server_2.4.8+dfsg-9squeeze1_amd64.deb f0384edac91c5fbb5ede8eea6b2369f7 33816 utils optional torque-pam_2.4.8+dfsg-9squeeze1_amd64.deb ddbefde61eb1b8685f41dee485105ab5 91776 net optional torque-scheduler_2.4.8+dfsg-9squeeze1_amd64.deb 76be136002bc4d02ca5283b02a18ab45 395022 utils optional torque-client_2.4.8+dfsg-9squeeze1_amd64.deb ffe8c342a821afbb009941ff4689add7 194404 utils optional torque-mom_2.4.8+dfsg-9squeeze1_amd64.deb d7fbf981bff0f165cd20802053746fa6 652774 x11 optional torque-client-x11_2.4.8+dfsg-9squeeze1_amd64.deb 272833e19c89eadd436ceeba898e5bf5 114704 libs optional libtorque2_2.4.8+dfsg-9squeeze1_amd64.deb fdc713c61603272159fac040e1dd1cc2 46250 libdevel optional libtorque2-dev_2.4.8+dfsg-9squeeze1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk432jcACgkQJYSUupF6Il7yqgCgsrgfN+98mBVZt0UWrKga7o2q i94AniWW2lWzUJ/KwcMSIWDiXcUBBBWZ =yeW+ -----END PGP SIGNATURE-----