Skip to content

Instantly share code, notes, and snippets.

@grahamc

grahamc/foo.eml Secret

Created December 23, 2016 00:50
Show Gist options
  • Save grahamc/94b193465c1805b02f7222385afcd7cc to your computer and use it in GitHub Desktop.
Save grahamc/94b193465c1805b02f7222385afcd7cc to your computer and use it in GitHub Desktop.
Download ZIP
Raw
foo.eml
From: Graham Christensen <graham@grahamc.com>
To: nix-security-announce@googlegroups.com
Subject: Security fixes from 2016-12-23 00:33 UTC
--text follows this line--
<#secure method=pgpmime mode=sign>
The following issues have been resolved in NixOS in release-16.09 and
unstable. They remain potentially vulnerable on older major
releases.
These patches will be released to the unstable and
release-16.09 channels when Hydra finishes building the "tested" job
for each channel:
- https://hydra.nixos.org/job/nixos/release-16.09/tested
- https://hydra.nixos.org/job/nixos/trunk-combined/tested
Please consider helping with the next security roundup by commenting on
LATEST_ROUNDUP_URL.
The following changes were applied to release-16.09:
af9b4c6 libtorrentRasterbar_1_0: 1.0.9 -> 1.0.10
> Fixes potential crash on invalid input to the http parser
> and a division-by-zero bug in the super seeding logic.
831571c keepass: 2.33 -> 2.34
> Recommended update from upstream. Release notes:
> http://keepass.info/news/n160611_2.34.html
d3e9fc6 linux:3.12.68 -> 3.12.69
> All kernel patches are considered security-sensitive.
6cef2f2 linux:3.18.44 -> 3.18.45
> All kernel patches are considered security-sensitive.
bd9eba2 zlib: patch for CVE-2016-9840, CVE-2016-9841, CVE-9842, CV..
> CVE-2016-9840
> CVE-2016-9841
> CVE-2016-9842
> CVE-2016-9843
4e6223c pythonPackages.bottle: 0.12.9 -> 0.12.11 for CVE-2016-9964
> CVE-2016-9964
b5de7ef xen: patch for many XSAs
> XSA-190
> XSA-191
> XSA-192
> XSA-193
> XSA-195
> XSA-196
> XSA-198
> XSA-200
> XSA_202
> XSA-204
d3934be openjpeg2: patch for CVE-2016-9580, and CVE-2016-9581
> CVE-2016-9580
> CVE-2016-9581
142b303 libupnp: 1.6.20 -> 1.6.21 for CVE-2016-8863
> CVE-2016-8863
490a23e nagios: 4.2.3 -> 4.2.4 for CVE-2016-9566
> CVE-2016-9566
6c97c1c tomcatUnstable: 9.0.0.M13 -> 9.0.0.M15 for CVE-2016-9774, ..
> CVE-2016-9774
> CVE-2016-9775
2ab18b7 tomcat85: 8.5.8 -> 8.5.9 for CVE-2016-9774, CVE-2016-9775
> CVE-2016-9774
> CVE-2016-9775
78b5267 game-music-emu: 0.6.0 -> 0.6.1 for multiple CVEs
> CVE-2016-9957
> CVE-2016-9958
> CVE-2016-9959
> CVE-2016-9960
> CVE-2016-9961
b2e80a5 samba4: 4.3.11 -> 4.3.13
> CVE-2016-2123
> CVE-2016-2125
> CVE-2016-2126
eaf6fc8 tor: 0.2.8.10 -> 0.2.8.12
> CVE-2016-1254
b5edcfc squid: 3.5.19 -> 3.5.23
> CVE-2016-10002
> CVE-2016-10003
======================================================================
The following changes were applied to unstable:
3ffb5ba linux:3.18.44 -> 3.18.45
> All kernel patches are considered security-sensitive.
53e2152 linux:3.12.68 -> 3.12.69
> All kernel patches are considered security-sensitive.
ecc7b33 pythonPackages.bottle: 0.12.9 -> 0.12.11 for CVE-2016-9964
> CVE-2016-9964
4e6c7fa xen: patch for many XSAs
> XSA-190
> XSA-191
> XSA-192
> XSA-193
> XSA-195
> XSA-196
> XSA-198
> XSA-200
> XSA_202
> XSA-204
c7a2073 openjpeg2: patch for CVE-2016-9580, and CVE-2016-9581
> CVE-2016-9580
> CVE-2016-9581
0d3f0f0 libupnp: 1.6.20 -> 1.6.21 for CVE-2016-8863
> CVE-2016-8863
2f17c36 nagios: 4.2.3 -> 4.2.4 for CVE-2016-9566
> CVE-2016-9566
72faac9 tomcatUnstable: 9.0.0.M13 -> 9.0.0.M15 for CVE-2016-9774, ..
> CVE-2016-9774
> CVE-2016-9775
a528c04 tomcat85: 8.5.8 -> 8.5.9 for CVE-2016-9774, CVE-2016-9775
> CVE-2016-9774
> CVE-2016-9775
2c24ce5 game-music-emu: 0.6.0 -> 0.6.1 for multiple CVEs
> CVE-2016-9957
> CVE-2016-9958
> CVE-2016-9959
> CVE-2016-9960
> CVE-2016-9961
3e92b56 tor: 0.2.8.10 -> 0.2.8.12
> CVE-2016-1254
4b67968 squid: 3.5.19 -> 3.5.23
> CVE-2016-10002
> CVE-2016-10003
Thank you very much,
Graham Christensen
NixOS Security Team
https://github.com/nixos/security
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment