From: Sebastian Harl Date: Thu, 28 Jul 2016 20:58:17 +0000 (+0200) Subject: Bump changelog to 5.5.2-1. X-Git-Tag: collectd-5.5.2-1~7 X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=20f1d822f97110d7565a3ac6e98272fb89eee3cd;p=pkg-collectd.git Bump changelog to 5.5.2-1. Document the pending security fixes. --- diff --git a/debian/changelog b/debian/changelog index 4bbcd88..7edc974 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,18 @@ +collectd (5.5.2-1) UNRELEASED; urgency=medium + + * New upstream release. + - Fix heap overflow in the network plugin. Emilien Gaspar has identified a + heap overflow in parse_packet(), the function used by the network plugin + to parse incoming network packets. Thanks to Florian Forster for + reporting the bug in Debian. (Closes: #832507, CVE-2016-6254) + - Fix improper usage of gcry_control. A team of security researchers at + Columbia University and the University of Virginia discovered that + GCrypt's gcry_control is sometimes called without checking its return + value for an error. This may cause the program to be initialized without + the desired, secure settings. (Closes: #832577) + + -- Sebastian Harl Thu, 28 Jul 2016 22:56:36 +0200 + collectd (5.5.1-5) unstable; urgency=low * debian/control, debian/rules: