* Packages updated

[ libxml2 (2.7.8.dfsg-2+squeeze1) stable-security; urgency=low ]

* xpath.c: Fix some potential problems on reallocation failures.
  #628537.

[ nss (3.12.8-1+squeeze1) stable-security; urgency=low ]

* debian/rules: Fallback to DEB_BUILD_ARCH when dpkg-architecture does't
  support DEB_BUILD_ARCH_BITS.
* debian/control: Lower build depends on dpkg-dev to (>= 1.13.19), which
  was the value before starting to use DEB_BUILD_ARCH_BITS.
* mozilla/security/nss/lib/ckfw/builtins/certdata.*: Mark fraudulent
  Comodo certificates as untrusted.

[ pulseaudio (0.9.21-3+squeeze1) stable; urgency=low ]

* Team upload.
* Fix pacmd hanging in poll() when reading from stdin very early.
  Patch extracted from upstream by Alexander Wuerstlein <arw@arw.name>
 (#574589)

[ tiff (3.9.4-5+squeeze2) stable-security; urgency=high ]

* CVE-2009-5022: Buffer overflow in OJPEG support. (#624287)

[ tiff (3.9.4-5+squeeze1) stable-security; urgency=high ]

* CVE-2011-0192: Buffer overflow in Fax4Decode
* CVE-2011-1167: Buffer overflow with thunder encoded files