Back to gthumb PTS page

Accepted gthumb 3:3.4.4.1-5+deb9u1 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 18 Jul 2019 16:57:48 -0300
Source: gthumb
Binary: gthumb gthumb-data gthumb-dev
Architecture: source all amd64
Version: 3:3.4.4.1-5+deb9u1
Distribution: stretch
Urgency: medium
Maintainer: Herbert Parentes Fortes Neto <hpfn@debian.org>
Changed-By: Herbert Parentes Fortes Neto <hpfn@debian.org>
Description:
 gthumb     - image viewer and browser
 gthumb-data - image viewer and browser - arch-independent files
 gthumb-dev - image viewer and browser - development files
Closes: 912290
Changes:
 gthumb (3:3.4.4.1-5+deb9u1) stretch; urgency=medium
 .
   * debian/patches/
     - cve-2018-18718.patch file (Closes: #912290)
       CVE-2018-18718 - CWE-415: Double Free
       The product calls free() twice on the same memory address, potentially
       leading to modification of unexpected memory locations.
 .
       There is a suspected double-free bug with
       static void add_themes_from_dir() dlg-contact-sheet.c. This method
       involves two successive calls of g_free(buffer) (line 354 and 373),
       and is likely to cause double-free of the buffer. One possible fix
       could be directly assigning the buffer to NULL after the first call
       of g_free(buffer). Thanks Tianjun Wu
       https://gitlab.gnome.org/GNOME/gthumb/issues/18
Checksums-Sha1:
 9c82776a4a933a7a47ff84e87a015cc5d76af8bc 2665 gthumb_3.4.4.1-5+deb9u1.dsc
 add30eb9782a2476c5ec6357bc5d63dc34d5214c 3420356 gthumb_3.4.4.1.orig.tar.xz
 893e7138ddeb58b900767cc5d4e614c66702ea32 32056 gthumb_3.4.4.1-5+deb9u1.debian.tar.xz
 5bd295a2560e0f476d352dc0c09562ae690a2c2f 1758936 gthumb-data_3.4.4.1-5+deb9u1_all.deb
 7745e1b48e329ef47c66d7961029084058ce307a 4041090 gthumb-dbgsym_3.4.4.1-5+deb9u1_amd64.deb
 623a958b8d30d58567df30128b29d0baa8db61d6 608578 gthumb-dev_3.4.4.1-5+deb9u1_amd64.deb
 d9d887adea7a7eb2a28c52885c66637eed9b4e8a 21201 gthumb_3.4.4.1-5+deb9u1_amd64.buildinfo
 5977708e9b25a512e286f2b4335d0679cd8b3f66 886518 gthumb_3.4.4.1-5+deb9u1_amd64.deb
Checksums-Sha256:
 7b159a3e1cf13a2bad678e9181a4f39018fceb3c133c0c629b20f7b0bf6c5cf8 2665 gthumb_3.4.4.1-5+deb9u1.dsc
 4dc63bb1cc1f139259bba7f9fd1735182f16ba37254119a9f9c3e13a898a9533 3420356 gthumb_3.4.4.1.orig.tar.xz
 66e7518575d5a6db09bc565cc9f7a5350a217f0e39c901fe54b982dff38980c7 32056 gthumb_3.4.4.1-5+deb9u1.debian.tar.xz
 5c98b6412cd40070365b534ebc8279cbdafddbe277dd5ef755fdda3bedfc9411 1758936 gthumb-data_3.4.4.1-5+deb9u1_all.deb
 4c172c7dfc0eea889d00b5e0513cf9ee658c1ec15c520e26d45d170ce603d711 4041090 gthumb-dbgsym_3.4.4.1-5+deb9u1_amd64.deb
 3cec623abe95dd27aa64ff4a28c656f7a7743c70a953a29456d67cbffc50cb37 608578 gthumb-dev_3.4.4.1-5+deb9u1_amd64.deb
 7c19d62a52c671fc38832418359c3a1a25ef6c124b2e452486ac08921f5002ee 21201 gthumb_3.4.4.1-5+deb9u1_amd64.buildinfo
 206b7c4a9b7e2eb4249688e0322efe21d97dfa0eadb5e6b76b00f8b69eef184e 886518 gthumb_3.4.4.1-5+deb9u1_amd64.deb
Files:
 0d920461dca0badc181b2284748a5959 2665 gnome optional gthumb_3.4.4.1-5+deb9u1.dsc
 1745a756007f2a905c341131ae7d89f9 3420356 gnome optional gthumb_3.4.4.1.orig.tar.xz
 397530abc1bac8c7293739db23eb00d4 32056 gnome optional gthumb_3.4.4.1-5+deb9u1.debian.tar.xz
 eac06d1ce797414d14a3694d63a2a3de 1758936 gnome optional gthumb-data_3.4.4.1-5+deb9u1_all.deb
 8b8ae913230a7c28399f3fa194157840 4041090 debug extra gthumb-dbgsym_3.4.4.1-5+deb9u1_amd64.deb
 a422ff9e24f14b8e281615cdb801c05f 608578 devel optional gthumb-dev_3.4.4.1-5+deb9u1_amd64.deb
 c108093a102ca0e75677239d977e8808 21201 gnome optional gthumb_3.4.4.1-5+deb9u1_amd64.buildinfo
 6c90a7d986c1dac0fd499d13e274b820 886518 gnome optional gthumb_3.4.4.1-5+deb9u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE6OBDRWqw8055UbKI8ASs5PATHs8FAl0zAdcACgkQ8ASs5PAT
Hs9CgQ//Ua6P2Fz4PTgNHM27rCCfVu3KhK86U08gtaxRckYSfaIa8jm5hEgbtCw8
Ny7Qn00NpnCDDtolvX1fewkK/PjSqLGCxGDoRY91Bc+GQH1JZIEy+0A7Tzpj2Fdm
r2HpkipoyoUC5YoY0NEmS0Zc9r560r4SDelqgEtzr35DEdaJ42tzCvJtHC8l5hEU
O0W8LXajjTmndy+ewZbYKl1Tv+sFd8HxqQNJcL1dFRR9TzSor83N6p1vxwmxUwEu
ln4gVg3TZxNrDCMBbTV5gwxAZj3cVKXPCzJZGRyVhRaGZ9/ShqgJohlyegSmPPIK
6uy70OmVgYGdqnR5NOYxCJd6mr5YFOpT4szowTU4X5B2jPuMHCgugjr9FRS2s0QX
Rhy47ideVokZbgj8KSOu51Y2mYvxj0fwI8nW272H6/12uV4OrMFS/kwEiV9kNXEI
kHeZGOndCw3tQjUd5a7tPTvljpHZT5pijYVhWyX2g0aSLeEvHaVfqzhRguzv+LZ/
mkTiAj6wiqcEEJ8mzsqLmxo8JT0PCwpSTM41lyEFgtBCn0BiA1DYvSjU3OALCKgs
/no+gsdxR5VptVnHl7MXuP+1If75Bl8MiUmqV+qcZd6mVdR0L4UGkd3z+VsXFSHQ
DcSjq9Q4UFi84v4DFCgGVvhJzbjlrT2meEnM51qKX6KzWYyXlbo=
=Acne
-----END PGP SIGNATURE-----