Accepted gsl 2.5+dfsg-6+deb10u1 (source) into oldoldstable
- To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
- Subject: Accepted gsl 2.5+dfsg-6+deb10u1 (source) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Thu, 21 Sep 2023 16:20:20 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: gsl_2.5+dfsg-6+deb10u1_source.changes
- Debian-source: gsl
- Debian-suite: oldoldstable
- Debian-version: 2.5+dfsg-6+deb10u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=3p8jNA5tK1RX1bqAxWdYZn/0bUpw1ItrNhM+u9Wxf+Q=; b=kVpbME6O32rdgeTHUazUbyBfL0 BXAm49YNWY8yKQkNT19cF2dBNfg5DLaqNdv7wvTLYdJkCLkjcW+A+cW5s2QaW3f0Ex0gNtdf0z77w pHjaBQq0WfMaFJuWSajfZk8IFUFC9MRsOPml5Cn9vkXwQ5NiLotQW0/bjMEUyKytLqJbg/OEfAaT1 9wgim4TNcevZtJWKXJu+A8QDJ1kiUh3aZggZIk9dUNhojwl4OAXoJPmZZcxZjBeXuz6eWnBfEJLv3 efTOE5VDAYMQTM2x6PTyOIWbLD/3YWtQcXefiWYN1zTrLLD+nNlAun71FgFHfLVxaebPS3+SUwnJR /J09iZQg==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1qjMPc-004ffk-LI@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 21 Sep 2023 18:05:28 CEST
Source: gsl
Architecture: source
Version: 2.5+dfsg-6+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Dirk Eddelbuettel <edd@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
a06d66396d3d39e41b5b84f1891861d312747619 2235 gsl_2.5+dfsg-6+deb10u1.dsc
c4b211e31aaed8f7dcb93a65692be28b91d9e9ce 6724547 gsl_2.5+dfsg.orig.tar.gz
62ef73831fbbbd726453ba27c3dc2e2da0fa2244 21024 gsl_2.5+dfsg-6+deb10u1.debian.tar.xz
8ed23c6251f3ea16acca3d4bfe38358c95e7a4fe 5993 gsl_2.5+dfsg-6+deb10u1_source.buildinfo
Checksums-Sha256:
2291317bbd91e64f9a571ea1a92079134a2d9e1977cb975745ae59d47bad5e30 2235 gsl_2.5+dfsg-6+deb10u1.dsc
904339a3ca8a3f884e4d83440138411fbe19f3e60ce57076c679e2c3c832864e 6724547 gsl_2.5+dfsg.orig.tar.gz
6de678a84b403c8ef60efb0e63c986e3977e0dd15223c1c88ea5cbb7a52c97e2 21024 gsl_2.5+dfsg-6+deb10u1.debian.tar.xz
b01f5aff4dc24d4a482a9fe0c558793b123837fc7bd136cfe6837f041aca92cf 5993 gsl_2.5+dfsg-6+deb10u1_source.buildinfo
Changes:
gsl (2.5+dfsg-6+deb10u1) buster-security; urgency=high
.
* Non-maintainer upload by the LTS team.
* A buffer overflow can occur when calculating the quantile value using the
Statistics Library of GSL (GNU Scientific Library). Processing a
maliciously crafted input data for gsl_stats_quantile_from_sorted_data of
the library may lead to unexpected application termination or arbitrary
code execution.
Files:
19033d5c35c25f1151b03388f6c972aa 2235 math optional gsl_2.5+dfsg-6+deb10u1.dsc
2ec54e89bdbaa641b668e147e6215115 6724547 math optional gsl_2.5+dfsg.orig.tar.gz
d38b6306c6e577108f798528339c1e03 21024 math optional gsl_2.5+dfsg-6+deb10u1.debian.tar.xz
dc76589af342a61cafdb6e51a946ac99 5993 math optional gsl_2.5+dfsg-6+deb10u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmUMac1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkHMoQAJ8nd5ZA5yVtjD9Ts6rcH5lzrerzYlH8qLdK
eAkLoMki+eF6BRY49AfIh4OT1ZeRcrvoU41CRmFfqpPfXmrbgS3oLLB3b+/OU07N
I/7Ob7/fvQhaevBBBrxGqdulr7qhXx1CEq6O3VJAs+j6h/Zgfd/HcPcHjmvAUT1l
CMNvb2ujy0pql0a3XgYttLxf5ygDFdkzkZ7gtJ3AuzyR9jDgCgNl+eFLWwdZrfFk
6HLjnvhwgTIKytOEeAOiSS+kcT7RxOW1OmUT+cjuxvoDllbvVuCZcaJtQNHKxEBd
JJ+kQLaXzZv8SroB5Yl14f7W7cQzpIezVeiNAma1y06WsZAqNytV7yjW7FYDjdM4
59sVopCZrGAa4cZz8+y+osze/GYKhsJ/NT1qdmHCaEUyEzDp4WW33+9oSmAKmXDd
TwFXmNkMH7kD+bSITAgSjt4uRWkO+gdXyx6kD4Ao41skyNHlW3SnXVdVJ0bwK6AS
QpnweCfvYG+NthGVbWV3LVcXB/hHMIBi6fBSiXpqTV2C7NMR654ZZjCZcrHkNtw5
zhtfKHvfMoXwEaC/xiGPMZQDahq3apbdmqk//NOUma+WFUCU6Ln90W20HCFfk2Xh
f2R4P6OtE4QdjrEznAJ1sDu46OULMfsd/xIQOryC824DzytRxoJ38i4m0PpIhsSJ
8HUMxFfH
=CadC
-----END PGP SIGNATURE-----