Accepted blender 2.79.b+dfsg0-7+deb10u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted blender 2.79.b+dfsg0-7+deb10u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Mon, 11 Jul 2022 20:47:25 +0000
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=Su7s75la9n6vb8QhxILX3b1AiKe8xX3BmlIa7CQTy58=; b=pFRdPx/Vk/tESbgFN9OgsvaPvk 87keZfqkSq3mBvvVZufneT1Nh+lt6QaWYINAtXrqzdktT7kI3b63WA+oy7OJBaGH/nqXbyD7woR3z gsNXN02TbRl4OUugAkoUCm7DHv34dBXqnjFUW3UPKE1tYcks0FspEdZwusO8ww5zmDPIVzgV2aGun a7wPIRPBAs23olpQeEW3o/NWbNo9EJ9I75/ab+MJotr0kTLN6baF1Tg389DvZJRtuApiG1yVkYKzp Z3iJS15rkjlmyhMST+6SOaWXFSvo2lARCCT+rDwIzXq0JKLGclFHcSakFyzo1fGzUZu430zS0rb2D 2GgnTLug==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1oB0JR-000Hv3-6J@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 26 Jun 2022 12:03:02 +0200
Source: blender
Architecture: source
Version: 2.79.b+dfsg0-7+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Changes:
blender (2.79.b+dfsg0-7+deb10u1) buster-security; urgency=high
.
* Non-maintainer upload by the LTS Team.
* CVE-2022-0546
out-of-bounds heap access due to missing checks in the image loader
could result in denial of service, memory corruption or potentially
code execution
* CVE-2022-0545
integer overflow while processing 2d images might result in a
write-what-where vulnerability or an out-of-bounds read vulnerability
which could leak sensitive information or achieve code execution
* CVE-2022-0544
Crafted DDS image files could create an integer underflow in the
DDS loader which leads to an out-of-bounds read and might leak
sensitive information.
Checksums-Sha1:
8f4bac18e0dfb6680c8c3cc47fd4fe4e631825ea 3045 blender_2.79.b+dfsg0-7+deb10u1.dsc
f448bebbb3433f87ea86b89fa14f673346984e37 228544 blender_2.79.b+dfsg0-7+deb10u1.debian.tar.xz
26f7c0092b050f7e1e464ad8a5a60bd2ea03504d 22379 blender_2.79.b+dfsg0-7+deb10u1_amd64.buildinfo
Checksums-Sha256:
1f5bd9646d4bde74a47efec2558457d4989da3cb6dea9a9edebdcb01a362b1cb 3045 blender_2.79.b+dfsg0-7+deb10u1.dsc
56da815dfb0ce06c935c8dddbe18e5a57766351e60a9e1046e9c78bf8b34782f 228544 blender_2.79.b+dfsg0-7+deb10u1.debian.tar.xz
0a39758da53c1f688897b3b4811331bdbcd1965b5f0772cd2815aca36f1a3fac 22379 blender_2.79.b+dfsg0-7+deb10u1_amd64.buildinfo
Files:
3146053b577dd0b4bff047b9cafe3b73 3045 graphics optional blender_2.79.b+dfsg0-7+deb10u1.dsc
e28313b3fb6f8ab3f71379ead3d43be4 228544 graphics optional blender_2.79.b+dfsg0-7+deb10u1.debian.tar.xz
3949e744363905774ad8176c3b8c9abe 22379 graphics optional blender_2.79.b+dfsg0-7+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmK98bdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR2LvD/9k/t6bqDmYiBh0YrHMTsp8bngC/13x
03iNImlLHgsb2mFD2oRWkppW8uAgA72kIEtXEU1n+pQ58LQtpQ0i1YTYtqjwLOgM
BxcqbojHCjqM22x1PpUMSSQzCRsmj1Rwl7T143Rkl+uDD7htou5F/ACuRgyNjk+f
YoRA6cT3vi8h1TwdzDNJnJM9gA9MlxmYLiiJhOCuD/zQ/476JBA4O2dfMqfNT9cn
ssWNI9nhoXt+OUWlvqv6NoX/0J/btylUYlfd3yIuozJYJUt2a2utl/mXeow1Ott0
F4u7ufZcLBI48U6fub4z6oC1p7taoZaEiln7iHzvNOcrKrwI4Ufm2/8KBDFXwWRN
ke0cAKiXEaTZv8Y686ge8uXCpcQEAFSBpjFlmzvB7EodMEfQw4gqSSsALUVxxU+F
WozIG1oAjc55SbMhqxPc7yxtwgW50L1nMTnn4UCxtPoyT8+6g+ilPH9xfXsiJbcN
neSUvebMxPapWqWjRul06wRMovEGXW2YKnxq+n2Ug4C5G3Q8lGdv04fLgG+4Wd3O
J0nqERuCTsL1fj3GEwGZmhRAmt831URmZnduTiCaHWuH+tmn68zxIfLiiWbCniBf
bta0erztPfwj5N7NloIa18OvzthaQ2wN+Lh5EOldJ9Jx9Qc9kurFhgLcZUgoJV2p
apEZIEjR+m9BsQ==
=/DgH
-----END PGP SIGNATURE-----