Accepted freexl 1.0.2-2+deb9u2 (source amd64) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 23 Feb 2018 10:57:19 +0100
Source: freexl
Binary: libfreexl-dev libfreexl1 libfreexl1-dbg
Architecture: source amd64
Version: 1.0.2-2+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>
Changed-By: Bas Couwenberg <sebastic@debian.org>
Description:
libfreexl-dev - library for direct reading of Microsoft Excel spreadsheets - deve
libfreexl1 - library for direct reading of Microsoft Excel spreadsheets
libfreexl1-dbg - library for direct reading of Microsoft Excel spreadsheets - debu
Changes:
freexl (1.0.2-2+deb9u2) stretch-security; urgency=high
.
* Add upstream patch to fix various heap-buffer-overflows.
- heap-buffer-overflow in freexl::destroy_cell of FreeXL 1.0.4
https://bugzilla.redhat.com/show_bug.cgi?id=1547879
- heap-buffer-overflow in freexl.c:1805 parse_SST parse_SST
https://bugzilla.redhat.com/show_bug.cgi?id=1547883
- heap-buffer-overflow in freexl.c:1866 parse_SST of FreeXL 1.0.4
https://bugzilla.redhat.com/show_bug.cgi?id=1547885
- heap-buffer-overflow in freexl.c:383 parse_unicode_string of FreeXL
1.0.4
https://bugzilla.redhat.com/show_bug.cgi?id=1547889
- heap-buffer-overflow in freexl.c:3912 read_mini_biff_next_record of
FreeXL 1.0.4
https://bugzilla.redhat.com/show_bug.cgi?id=1547892
Checksums-Sha1:
98e4fa76757c4838491406f1fb0436ed8395071a 2127 freexl_1.0.2-2+deb9u2.dsc
9878a2dfb23ba00be34605557ac454539411071d 939064 freexl_1.0.2.orig.tar.gz
c3286951a1559217836c0d5097e86ecccb54064b 15736 freexl_1.0.2-2+deb9u2.debian.tar.xz
4c3ba5b6eb0387c21963e4130141e9897caa6e68 6548 freexl_1.0.2-2+deb9u2_amd64.buildinfo
7fe2d7f11e4010c96405a32ca2c5e28d78b172a2 32970 libfreexl-dev_1.0.2-2+deb9u2_amd64.deb
f3e396c7a81ee1a5bc4c6eb46ced5b0ccaf0d5eb 50896 libfreexl1-dbg_1.0.2-2+deb9u2_amd64.deb
16f1e937d5e3856778f3bb215a12f740f69aaf55 34074 libfreexl1_1.0.2-2+deb9u2_amd64.deb
Checksums-Sha256:
8cdd71e0ae338388bf11877269bac8f11d773b33e2cce44ada607ce4100b2062 2127 freexl_1.0.2-2+deb9u2.dsc
b39a4814a0f53f5e09a9192c41e3e51bd658843f770399023a963eb064f6409d 939064 freexl_1.0.2.orig.tar.gz
d02a32eb6f9b8f4d868819ca08d15d2e2a16f25176cec48475f383fbd682c81b 15736 freexl_1.0.2-2+deb9u2.debian.tar.xz
190f55faf39642c9cd762d7f7770dd16c066260271b4fc1a57b9a28247633737 6548 freexl_1.0.2-2+deb9u2_amd64.buildinfo
f11d689db10ff1b6bb39ed4226a4694f5a3c6dbb811b8c17a3440a985cf173b1 32970 libfreexl-dev_1.0.2-2+deb9u2_amd64.deb
cd59f4b30241b767cb9acfc189f83cf37470a7a28a84b6f888b9355eb9d62554 50896 libfreexl1-dbg_1.0.2-2+deb9u2_amd64.deb
316a5c0dc28d737fbd0e39764e09c59e3a4d7ddc57fa9a634a79c57e6606616c 34074 libfreexl1_1.0.2-2+deb9u2_amd64.deb
Files:
36aa1eae117bdac847274e0996588859 2127 libs optional freexl_1.0.2-2+deb9u2.dsc
9954640e5fed76a5d9deb9b02b0169a0 939064 libs optional freexl_1.0.2.orig.tar.gz
053dae892679ccc8f19e4247e896af8b 15736 libs optional freexl_1.0.2-2+deb9u2.debian.tar.xz
8d7c552b9f5bb1ec1446e1f097cbc9b3 6548 libs optional freexl_1.0.2-2+deb9u2_amd64.buildinfo
b628c55a764958e98633472db1fe5fa6 32970 libdevel optional libfreexl-dev_1.0.2-2+deb9u2_amd64.deb
8404ef726afb476c5fb14f2ebdbaadcb 50896 debug extra libfreexl1-dbg_1.0.2-2+deb9u2_amd64.deb
d46bb7b0f88c2794e3108a0564bdb522 34074 libs optional libfreexl1_1.0.2-2+deb9u2_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEgYLeQXBWQI1hRlDRZ1DxCuiNSvEFAlqWSEcACgkQZ1DxCuiN
SvHOjxAAuWuhOSXiaVhLcsB0lRAQj8ayVq60GodUe0R1IcWfXMkq3SPuMf7pkvWg
zbcsE9uOnMptjnZczNK2DlXM5vsvziAAhTeLc1FRUzEV/LNScknJ+7TreKSHtB7I
t87kFcEYLun/tunr7W2DP3JwVDiMahq/izzmo/X154A1d5/5wy/GhnD/o3Soq0xd
BMKR6t+5rpisE8rEiCM46YG2wCz/KUUJbkOLuEfSIaMzSXDvq6H5zTpM7sSmFXmD
1xBr1+MOlPO7j8wLy30reDWdAa9eLIwCBpa//3AuO4i4j/otuW3kivrXYHP57HmG
8P2VbjyaQP06L1x63DhtfPZ0IZGN8edqFU8IWAplBJyIvQsZcJdkbhphI/JD2CAy
y60fnn8nhMUkZR+y704+NLU8e53wgAH8kA2PNeoDvAXomDXKcbq3OMAivCERAuX4
UzSGxdtikQogE4w9f2cmVUkuEOlzh8hV+8hV5MiF1n4VvuXo2xsk7GfvjCBRlrUt
q804fNyvSHdk2kE+ENXuTpYh7PyPbbI+P8fEi1upehWVWahCJNt9kIWF/dIqZeD6
R+ZpURhzJnbeTH0jKrpL09ZAcfL8z7n3tRwcftQ03pnTln8Y7HV6csD2ZixJtI6p
hJrBLTIl/O3YLlmzrzgKNORfB0jTdg/B92UShuHkPyAo+x8I19U=
=/NUS
-----END PGP SIGNATURE-----