Accepted devil 1.6.7-5+etch1 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 3 Feb 2009 22:06:49 +0000
Source: devil
Binary: libdevil1c2 libdevil-dev
Architecture: source i386
Version: 1.6.7-5+etch1
Distribution: stable-security
Urgency: high
Maintainer: Marcelo E. Magallon <mmagallo@debian.org>
Changed-By: Steffen Joeris <white@debian.org>
Description:
libdevil-dev - Cross-platform image loading and manipulation toolkit
libdevil1c2 - DevIL image manipulation toolkit runtime support
Closes: 511844 512122
Changes:
devil (1.6.7-5+etch1) stable-security; urgency=high
.
* Non-maintainer upload by the security team
* Fix buffer overflows in the iGetHdrHeader() function that allow
arbitrary code execution via a crafted Radiance RGBE file
(Closes: #511844, #512122)
Fixes: CVE-2008-5262
Files:
00a9a200619160d990ed2a2deeb4238d 784 devel optional devil_1.6.7-5+etch1.dsc
0d0c3842196d85c4e24bedabcd84f626 3013312 devel optional devil_1.6.7.orig.tar.gz
414a516d9fef38921dbd538d78adcac0 8379 devel optional devil_1.6.7-5+etch1.diff.gz
1f1bfc9efdd189ea5b430a50ca281cca 286098 devel optional libdevil-dev_1.6.7-5+etch1_i386.deb
aca0fc8776489aba07f6a6a103fb52f9 252798 libs optional libdevil1c2_1.6.7-5+etch1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkmI7zQACgkQ62zWxYk/rQfV1gCeLmOSvrAJKvFHeFrGJiSFjn5T
xLAAnR0sFQqDR77eA4CKkZZLYd2stHGE
=x/2E
-----END PGP SIGNATURE-----
Accepted:
devil_1.6.7-5+etch1.diff.gz
to pool/main/d/devil/devil_1.6.7-5+etch1.diff.gz
devil_1.6.7-5+etch1.dsc
to pool/main/d/devil/devil_1.6.7-5+etch1.dsc
libdevil-dev_1.6.7-5+etch1_i386.deb
to pool/main/d/devil/libdevil-dev_1.6.7-5+etch1_i386.deb
libdevil1c2_1.6.7-5+etch1_i386.deb
to pool/main/d/devil/libdevil1c2_1.6.7-5+etch1_i386.deb