Accepted htmldoc 1.9.11-4+deb11u3 (source) into proposed-updates->stable-new, proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted htmldoc 1.9.11-4+deb11u3 (source) into proposed-updates->stable-new, proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sun, 29 May 2022 18:32:08 +0000
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=JZh6pnDkmVmPoEtsr7cZku2nw/9G1lBiN752O6sC2jg=; b=cyK1Pi5MTyOL4askV0MJuua8Vg mu3JtUVJMn2R8wrUVggLAg1rgFUw0KS9v/WHdd3z9B8E3TyM4S/H3YmGybwbwfBsPNDb7u9SJQ/WM 4izqR730OAtJZ66b7+xsKYL+DmhwC7ytx2poKxoQWjJxUUHc7FMK8df2Oi2YG8MnhJG+NsHAe/oTs bgLxUPOVO8o2xEl18Eg6O015QVYrET193qJkNsQzFGaieIh1962oCnpGFdwRbzrOD04X1TrQHyDuM okCo6hzoXYKWIXqjuiRH/CTABR+cGhmGf+NNFOByu1Fyi7/Vw2AWqZVoHA8F6OdlT1b6rL5oILef+ QspCUd/Q==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1nvNhw-0004oH-Gs@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 15 May 2022 10:13:03 +0200
Source: htmldoc
Architecture: source
Version: 1.9.11-4+deb11u3
Distribution: bullseye
Urgency: medium
Maintainer: Håvard Flaget Aasen <haavard_aasen@yahoo.no>
Changed-By: Håvard Flaget Aasen <haavard_aasen@yahoo.no>
Changes:
htmldoc (1.9.11-4+deb11u3) bullseye; urgency=medium
.
* CVE-2022-24191
Infinite loop in the gif_read_lzw function can lead to a
pointer arbitrarily pointing to heap memory and resulting
in a buffer overflow.
* CVE-2022-27114
Integer Overflow bugs in image.cxx, malloc function may
return a heap block smaller than the expected size, and
it will cause a buffer overflow/Address boundary error in
the jpeg_read_scanlines function.
* CVE-2022-28085
A heap buffer overflow in the function pdf_write_names
in ps-pdf.cxx may lead to arbitrary code execution and
Denial of Service (DoS).
Checksums-Sha1:
141a843959a758f13a27a4e46162e17acec534d9 1340 htmldoc_1.9.11-4+deb11u3.dsc
2f825e65b8696ae22a5403b614b33653b4094f0b 22192 htmldoc_1.9.11-4+deb11u3.debian.tar.xz
19c0587dac467642c08c8f01635c8d67554c6440 8341 htmldoc_1.9.11-4+deb11u3_amd64.buildinfo
Checksums-Sha256:
d5dcb63b38befa15055bad498f77cbb5f75a4f071b68436b867fe510ba44dc27 1340 htmldoc_1.9.11-4+deb11u3.dsc
7a4f63f09d99af31fb9db04b4a3408d65a797ac2b2c8c33cf48f456714ce73ed 22192 htmldoc_1.9.11-4+deb11u3.debian.tar.xz
207557d240a68e46ca401ca34b5cdebebb94915069df0031f5c66d78da68095c 8341 htmldoc_1.9.11-4+deb11u3_amd64.buildinfo
Files:
c95e4193b8a1789a7731a3a0329e2afd 1340 web optional htmldoc_1.9.11-4+deb11u3.dsc
f01c157f1de1830b6ae3e6e775956070 22192 web optional htmldoc_1.9.11-4+deb11u3.debian.tar.xz
e6ec1fe8cd5cf0c58f94fe86a9538b7a 8341 web optional htmldoc_1.9.11-4+deb11u3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iI0EARYIADUWIQRlk5EXUZxDorKy9cv5N3WY8EyDCgUCYpKGWRccaGFhdmFyZF9h
YXNlbkB5YWhvby5ubwAKCRD5N3WY8EyDCqhFAQDQLkyChU1/kji86eCdmJRceKdA
1uO61TAGkk8ZnJRYMwD8D/nxFRunJ7i0nVRbQLn8lgQrPTrPbb0F01nspOSdTgU=
=VK+p
-----END PGP SIGNATURE-----