Accepted leptonlib 1.79.0-1.1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 18 Apr 2021 10:03:02 +0200
Source: leptonlib
Architecture: source
Version: 1.79.0-1.1
Distribution: unstable
Urgency: medium
Maintainer: Jeff Breidenbach <jab@debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Closes: 985089
Changes:
leptonlib (1.79.0-1.1) unstable; urgency=medium
.
* Non-maintainer upload by the LTS Team.
(Closes: #985089)
* CVE-2020-36277
denial of service (application crash) via an incorrect left
shift in pixConvert2To8 in pixconv.c
* CVE-2020-36278
heap-based buffer over-read in findNextBorderPixel in ccbord.c
* CVE-2020-36279
heap-based buffer over-read in rasteropGeneralLow, related to
adaptmap_reg.c and adaptmap.c
* CVE-2020-36280
heap-based buffer over-read in pixReadFromTiffStream, related
to tiffio.c
* CVE-2020-36281
heap-based buffer over-read in pixFewColorsOctcubeQuantMixed
in colorquant1.c
Checksums-Sha1:
0ed580ac3c65b6f1e04c8f479c6933c374803fda 2123 leptonlib_1.79.0-1.1.dsc
0af3994a8d71a4d2282ef2d4fe4b94a6563cf6b3 8960 leptonlib_1.79.0-1.1.debian.tar.xz
e61ccc956749f5cff164cffdd96dd8d25fe6dfde 8858 leptonlib_1.79.0-1.1_amd64.buildinfo
Checksums-Sha256:
76b94cbd61b25f2b091eb776c290ec157b706ed284a81c431111ab936c587123 2123 leptonlib_1.79.0-1.1.dsc
1cfe676e5b4480431395b69c7ca4bb3d696cf25484ef5538068cfd9f850ef042 8960 leptonlib_1.79.0-1.1.debian.tar.xz
2cc64e6a5ce623696c4943d04de47fbbaaafa3d0ec66dad3cfe2514c69c1fb7c 8858 leptonlib_1.79.0-1.1_amd64.buildinfo
Files:
3354cb7b2dc97a1db456403608b4bcdb 2123 graphics optional leptonlib_1.79.0-1.1.dsc
f9d433b74f0985934ed52bc52b0d1f5a 8960 graphics optional leptonlib_1.79.0-1.1.debian.tar.xz
4bb8066a0d415b76e3c154f9c75057bd 8858 graphics optional leptonlib_1.79.0-1.1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmB8aahfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR1TcEADBCucmYHviTrpQmZBNLxzM4bdM0YwB
TCGIs8VOH+/JN6qpRDTy6/8nuVSnd16SgeE+8StZiPqnBACEVWCJl5TH/hYAR7kZ
Bge7gejVUU8TPirSTVWlzVqSduB5gKOBYWAR0flxMgtGjfvm9keCdYWyDAI+fFN2
jUKz2TSFKOF6HurH0MmaTrgtMRfP3vrBLlN4nbL4ryQ8atvi3a4fsh9USOrQtAXD
0kv4Vw+nr1LGUZkM/YyQFTBlwVLYZheQ42RWXzBWmArjNQjT5l0BpZHEDVULvGvz
Lp/4ehrBKp9NQQPueHA2Nm7Z8CBij+ABNrgCfhcOK5t3pcq9keujRkcR7uQ2Q6vl
SIJyXRg2q/LNF4v3HnXr30NgABX2pXrHt+NYAS8JEIMNvDQzBt3zIfdCQHRBdFYm
oPxlWyLaMTdRuhKl7jDVw4xqbjZzB9wY1lYwdQNZxeDLA3zC2kv4OQtihMsFJcKq
zsPGTmPgK1Wdneo+pgvHQd4F8N65VZiYX0PyU9nfW9ipHVFQof79hihfslgerwGA
9DM06hAdVC3ScDHM6w7NMTrqETWLebw2KwaM7s6SRIkf3++fA2LlxlpHe0JJMWJU
QPGS942/liN1sGlvanjFlGtGBhfy68CC9HScM40OGY+fSX9/FUAqu21ei+Z5hlxa
nTd0aqOxqZfDfA==
=wNmg
-----END PGP SIGNATURE-----