Accepted libitext5-java 5.5.13.2-1+deb11u1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted libitext5-java 5.5.13.2-1+deb11u1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sun, 22 Jan 2023 13:47:58 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: libitext5-java_5.5.13.2-1+deb11u1_source.changes
- Debian-source: libitext5-java
- Debian-suite: proposed-updates
- Debian-version: 5.5.13.2-1+deb11u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=S+yTCtUHe31D+aVnPNZ2LE2UR58H9ZtOsq1CgyhxB7E=; b=dVpUMyhjhMBcTg68iqKe3NBtIM 7fM8K3rLIY84QKM0Yk5La3NlNTWJxE/m48p1aD6LyUB1lm/gSWwLX/VxsxRMHDeov/BtIYLgi2mhM NEIQQTABpFRbuD3gsozktDulqgMJOcLSIqQdromsRerZRxT/83AOd6aGYTr32hQ5v31ZYTJMtiOee ZCykXn66X4aSQ4qxXOZLoqwV18Ip1oQsFxrKeVic9HX8XHSQyf3eA2muBGWFLUvoHfGR77o8wdRew 9TfPAMO/4MZXs7dYHub8GLrm4GnFM8IffAj8iuNibu+qm8BElknJrLMTBWYLKOGSXgqiHT7l1mFiL gEqqRQyw==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pJahS-00FSSf-N5@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 19 Jan 2023 22:42:19 CET
Source: libitext5-java
Architecture: source
Version: 5.5.13.2-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
b5eeed29d4c34b39bc3283ef58f42706a825cc8c 2578 libitext5-java_5.5.13.2-1+deb11u1.dsc
51a5ca42ef60b3ab3f52067636d4f3072682a5d8 90674404 libitext5-java_5.5.13.2.orig.tar.xz
60d73673d7c17c3dd2e4a4defde4a0f4a4a00dba 197008 libitext5-java_5.5.13.2-1+deb11u1.debian.tar.xz
46a368ef195144958cb233abec4127cc1ec31d84 15277 libitext5-java_5.5.13.2-1+deb11u1_amd64.buildinfo
Checksums-Sha256:
918383357f7b3b0c7b3006f149c0e454feb8f6f4ce4f0ea6d4127b71f2b72768 2578 libitext5-java_5.5.13.2-1+deb11u1.dsc
a8d801f7103336077201783a1a44aae2ffdd4a9f0a420bc3a15b0cbc302d38af 90674404 libitext5-java_5.5.13.2.orig.tar.xz
872552d67c6b00d0500f6dbf8dd87611e1113af7624faa57cc11fbe9dffb32a8 197008 libitext5-java_5.5.13.2-1+deb11u1.debian.tar.xz
adeb521b54180ea3d80b9cd81e5c80c38c71a263bce36f5358239d5a190b8e03 15277 libitext5-java_5.5.13.2-1+deb11u1_amd64.buildinfo
Changes:
libitext5-java (5.5.13.2-1+deb11u1) bullseye-security; urgency=high
.
* Team upload.
* Fix CVE-2021-43113:
It was discovered that the CompareTool of iText, a Java PDF library which
uses the external ghostscript software to compare PDFs at a pixel level,
allowed command injection when parsing a specially crafted filename.
Files:
45bc00ad0f6acf8dbbe7faa11c171f7e 2578 java optional libitext5-java_5.5.13.2-1+deb11u1.dsc
1302086fc3ea7f27cf183157474f64a9 90674404 java optional libitext5-java_5.5.13.2.orig.tar.xz
436f01d07efca17919e5af77a576aa41 197008 java optional libitext5-java_5.5.13.2-1+deb11u1.debian.tar.xz
1c2bc8498f02ea446e17cb5598e5465c 15277 java optional libitext5-java_5.5.13.2-1+deb11u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmPJuXtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkncEP/3/v7ULSqOAiAtrAd169hs4sPJjluIR6YUcV
kwZt8jrIFj/wkDX5KD/eyif9O0r7DKKSyP4UP1K2HxBNZ2WauclK1UY8R2i8717F
I77YvohLf5Wih/PrjQV/TEcNuHeK+S83ossJ6Yo9drGqZpzgkffxDoWdbhFLWwD0
O6Ej2n0m7Ap81WKv7ZFXEaTbLjsDSHiK9l0/T54GNrAy/xNukl6dvbrKZk/ctJP9
ci14WNdUtYp8GTqc+IwIBewiky7muF5IDaEN6vkmI6B+N3gRDnuEY4oC5MsULLJs
ofChVRrYnYDfx3qi6QJJmVCgD3KrwrDvrja0747kpcTMF1z1O9UuNQA+DenQmuuk
IMCp3c31EJYZPM2wQIAtw2tCeeLkk2HhCmWpbWO3PJlnDKVgx03lkvMruVBNNX46
/GGJ7bGwm6Xeubw56BxQL1uro5gvyjpOArPaywwfFWaSS/rTiRT5pcYTc787q4Zn
VYFk9RKcCEQwMP+kagtoTxpzf1NMgNl7tafgl5kL2N47kJCvSPXMvwHiul7LHNB9
+1LeDatrR6VC7jSn0sXyYNLjjnxvbOForjHrcCXVzd7Qxj6+HMi6p6Ewuj6NH74h
CkqeI1KIBLHmQAj3GqmEYKUDQYp/+hOOV5cDuFDP7GNnumGb3aq4p3/IyX0T1s43
CRKFP6vQ
=ISNU
-----END PGP SIGNATURE-----