-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 05 Sep 2011 21:23:52 +0000 Source: bcfg2 Binary: bcfg2 bcfg2-server Architecture: source all Version: 0.9.5.7-1.1+lenny1 Distribution: oldstable-security Urgency: high Maintainer: Sami Haahtinen Changed-By: Nico Golde Description: bcfg2 - Configuration management client bcfg2-server - Configuration management server Closes: 640028 Changes: bcfg2 (0.9.5.7-1.1+lenny1) oldstable-security; urgency=high . * Non-maintainer upload by the Security Team. * Backport upstream patches to fix several problems of unescaped shell commands leading to remote root compromise (Closes: #640028). Checksums-Sha1: 2d0f713d50c94b932d20310fbf6e888d4b8ce4ea 1136 bcfg2_0.9.5.7-1.1+lenny1.dsc 54ff837b843fdebb2aefbf88c48fbe16247c3efa 786983 bcfg2_0.9.5.7.orig.tar.gz cd7c4fbe4dc2699bc313e91fd6c7296ff413cae1 4452 bcfg2_0.9.5.7-1.1+lenny1.diff.gz 1bcaf0ccf5786af2695368792f199828850243f8 275628 bcfg2_0.9.5.7-1.1+lenny1_all.deb 6182c8b241303583f4c41036433db952a225962c 430940 bcfg2-server_0.9.5.7-1.1+lenny1_all.deb Checksums-Sha256: 3a14472abcb9a62351ab7676858ea5188eebab58601a2c5395faf3df98ad569e 1136 bcfg2_0.9.5.7-1.1+lenny1.dsc 0b25f325eed2a666ba3ad3f7b7d767a26955cab76ef95f37b1372597a7c3fcae 786983 bcfg2_0.9.5.7.orig.tar.gz 396a4d57fc855248eb7c51f8b7505f63400a18a398cc088e18de8ac3b606bb5b 4452 bcfg2_0.9.5.7-1.1+lenny1.diff.gz fbe43d3fdbdcdce85da6c4124bc35905e065c062ec2a37cbc7ff746fd714794f 275628 bcfg2_0.9.5.7-1.1+lenny1_all.deb a052865f38e519112c7ab05ee9c6608b0cd3f91c663c3c634b2a8727302432e3 430940 bcfg2-server_0.9.5.7-1.1+lenny1_all.deb Files: a3a95990000a8f83acc45a89ffed78f6 1136 admin optional bcfg2_0.9.5.7-1.1+lenny1.dsc 8145906ee3a365faa86eec3000263a84 786983 admin optional bcfg2_0.9.5.7.orig.tar.gz 2e6f008903c451db706955152904b8ff 4452 admin optional bcfg2_0.9.5.7-1.1+lenny1.diff.gz 391801877c277ac417f3927903175d13 275628 admin optional bcfg2_0.9.5.7-1.1+lenny1_all.deb 41deb5119125c0465319129f73c3d164 430940 admin optional bcfg2-server_0.9.5.7-1.1+lenny1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk5nZGAACgkQHYflSXNkfP+rVwCfQcJIhv0N48Iq8ELHfqICKTiN PRYAn2dldvXXzCQzBdQw3tggFWSaG8Rd =K5vj -----END PGP SIGNATURE-----