Accepted ia32-libs-gtk 20150804 (source amd64) into squeeze-lts
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 04 Aug 2015 10:19:55 +0200
Source: ia32-libs-gtk
Binary: ia32-libs-gtk
Architecture: source amd64
Version: 20150804
Distribution: squeeze-lts
Urgency: low
Maintainer: Debian ia32-libs Team <pkg-ia32-libs-maintainers@lists.alioth.debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description:
ia32-libs-gtk - GTK+ ia32 shared libraries
Changes:
ia32-libs-gtk (20150804) squeeze-lts; urgency=low
.
* Packages updated
.
[ cairo (1.8.10-6+build1) squeeze-lts; urgency=medium ]
.
* Rebuild against libx11-dev fixed for CVE-2013-7439.
.
[ libwmf (0.2.8.4-6.2+deb6u2) squeeze-lts; urgency=medium ]
.
* Non-maintainer upload by the Debian LTS team.
* Add patch to fix CVE-2015-4695: meta_pen_create heap buffer overflow
Thanks to Fernando Muñoz <fernando@null-life.com>. #784205
* Add patch to fix CVE-2015-4696: wmf2gd/wmf2eps use after free
Thanks to Caolán McNamara <caolanm@redhat.com> for the patch.
#784192
.
[ libwmf (0.2.8.4-6.2+deb6u1) squeeze-lts; urgency=medium ]
.
* CVE-2015-4588: Add RLE Decoding check
Fix taken from Redhat BZ
https://bugzilla.redhat.com/show_bug.cgi?id=1227243
* CVE-2015-0848: Only DecodeImage if pixel is one byte
Fix taken from Redhat BZ
https://bugzilla.redhat.com/show_bug.cgi?id=1227243
#787644
.
[ qt4-x11 (4:4.6.3-4+squeeze3) squeeze-lts; urgency=high ]
.
* Non-maintainer upload by the Debian LTS team.
* Add CVE-2014-0254.patch prepared by Salvatore Bonaccorso. Squeeze LTS
does not support kfreebsd so the side effect on those architectures
can be safely ignored.
* This update includes fixes for multiple security issues:
- CVE-2014-0254: information leak through world-readable shared memory
segments
- CVE-2015-0295 and CVE-2015-1858: denial of service through crafted BMP file
- CVE-2015-1859: denial of service through crafted ICO file
- CVE-2015-1860: denial of service through crafted GIF file
#779550, #783133
Checksums-Sha1:
ccfbaed893365ad0a176a08a5df1b70e5b906dc7 1558 ia32-libs-gtk_20150804.dsc
adcd70d20f983d92fe1bb9b7c1f6984622cfb2e4 246873471 ia32-libs-gtk_20150804.tar.gz
4893d838d1b7d688f90b4287cdd1b29eb2d8ae0e 14473114 ia32-libs-gtk_20150804_amd64.deb
Checksums-Sha256:
6abb1057b8f16dbaab7c5780daec4959c552498dce70582fc7bac06a8c43b5a9 1558 ia32-libs-gtk_20150804.dsc
5f7ddb466fe198af5393f7e53b8d95dcac7e242b6dcf09e9f978a3893838cf23 246873471 ia32-libs-gtk_20150804.tar.gz
d067f82e79d2e9e03b23c6a368123896d7c17eaade3556f53625c3c13a6f3c66 14473114 ia32-libs-gtk_20150804_amd64.deb
Files:
2dcee484e795b6f4743f9a3b701441e0 1558 libs optional ia32-libs-gtk_20150804.dsc
fb7089f39ec67a3e45ee4e69f581a062 246873471 libs optional ia32-libs-gtk_20150804.tar.gz
1505cc49bcc1c34a0356b1c4274d4a83 14473114 libs optional ia32-libs-gtk_20150804_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJVwIfwAAoJEFb2GnlAHawEaocH/2DXLU2eF7XiB+3rsCJgn8RW
sJ9DGv+tvjTTBHLWzGqSe2BdEdjRgYGylTUj+g2jLx2+LC7KNhakUZQ7EREa76vE
6th/barfqf8FaegCWZhcI6RtycljCh0Sk48YnEaIINwuxcu4j9gCw6hkSoQHt3Z7
gcEiwW0wiKxTwdYTGoZp9kEm3OVZSvsQhLFRrf4mQP6sJ9pWbVgrt24slY8wIPJ4
23pSP/52LsYLzodcmLB9YMD2kplrYErsKsr9VWuz3lhIntQDNupnK7sbcerJL9yg
4FR0GLwF55Avw1UJcnTNNrsZzeQPdiobPZKjhgs8q+xXaKK+d337wxULLs1xrt8=
=5EEX
-----END PGP SIGNATURE-----