Back to libjpeg-turbo PTS page

Accepted libjpeg-turbo 1:2.0.3-1~exp1 (source) into experimental

To: debian-experimental-changes@lists.debian.org, debian-devel-changes@lists.debian.org
Subject: Accepted libjpeg-turbo 1:2.0.3-1~exp1 (source) into experimental
From: Mike Gabriel <sunweaver@debian.org>
Date: Thu, 19 Dec 2019 13:34:15 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1ihvwV-0007LJ-94@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 19 Dec 2019 13:48:20 +0100
Source: libjpeg-turbo
Architecture: source
Version: 1:2.0.3-1~exp1
Distribution: experimental
Urgency: medium
Maintainer: Ondřej Surý <ondrej@debian.org>
Changed-By: Mike Gabriel <sunweaver@debian.org>
Changes:
 libjpeg-turbo (1:2.0.3-1~exp1) experimental; urgency=medium
 .
   * New upstream release.
     - CVE-2019-2201: TurboJPEG: Properly handle gigapixel images Prevent
       several integer overflow issues and subsequent segfaults that occurred
       when attempting to compress or decompress gigapixel images with the
       TurboJPEG API. 64-bit tjbench: Fix signed int overflow/segfault.
   * debian/patches:
     + Cherry-pick 0001_CVE-2019-2201-followup.patch from upstream.
       64-bit tjbench: Fix signed int overflow/segfault.
       Following-up on the fix for CVE-2019-2201.
   * debian/control:
     + Bump Standards-Version: to 4.4.1. No changes needed.
   * debian/rules:
     + Re-add uscan-based get-orig-source target (to ease my day for upstream
       tarball retrieval).
Checksums-Sha1:
 ae56d6b87b4a6252511dcd315daed0564aebcfd4 2339 libjpeg-turbo_2.0.3-1~exp1.dsc
 539363a444f92421c098a1a3e7cebfda48d4cfb3 2161279 libjpeg-turbo_2.0.3.orig.tar.gz
 9f8857507000c5bf4daa1e8f9c3e0edf1b9b3dd6 80416 libjpeg-turbo_2.0.3-1~exp1.debian.tar.xz
 75f631bfc0f4f9ae00da3b7f776ca9eb56a2548d 7412 libjpeg-turbo_2.0.3-1~exp1_source.buildinfo
Checksums-Sha256:
 d83d2fdb9da3c3c62a76b8b105e743e1e3a166a07df5db64bf12257f6c0421e2 2339 libjpeg-turbo_2.0.3-1~exp1.dsc
 4246de500544d4ee408ee57048aa4aadc6f165fc17f141da87669f20ed3241b7 2161279 libjpeg-turbo_2.0.3.orig.tar.gz
 33d2ea8d6775ba6dad11d044636480a5077c0bd8e7e8f0b78e4ae029c7ccbc1e 80416 libjpeg-turbo_2.0.3-1~exp1.debian.tar.xz
 15146ea7607de990ab90ba212c6b6dfe3b341b5c5bcfe2ba7ca505201bc90516 7412 libjpeg-turbo_2.0.3-1~exp1_source.buildinfo
Files:
 67125f8bf130dfd30a40003f68835039 2339 graphics optional libjpeg-turbo_2.0.3-1~exp1.dsc
 bd07fddf26f9def7bab02739eb655116 2161279 graphics optional libjpeg-turbo_2.0.3.orig.tar.gz
 9950f9aaa95345909614d7c28962d897 80416 graphics optional libjpeg-turbo_2.0.3-1~exp1.debian.tar.xz
 71ef17a668e299be62b9fa575c7e9461 7412 graphics optional libjpeg-turbo_2.0.3-1~exp1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAl37drgVHHN1bndlYXZl
ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxsCcP/0PxFyF0JtlnJ/I4NtDZxJiODjpk
7MEcLJ6027qd1fxXvcl8aBj8akZOSgB6TIM3GPREVsxHXQZlEANN4xW9gYQxFeAP
zulC+s4x5BbOxibTqZEvzCRBJqhL4TmhoTA3XA0N61TNlKLUOQAd02vj8mTe54rD
UU85We0VizInA7q+IBM1wZL5mN+dTqthl4uCiDy7pEQKKQmx4YcNco0yP2QZwEFG
BBA5/HoAMTEw8xt1/b4iNJXvrilIk9kltzwGym/tOcPkDM80gXDwT8ZiVdoGyAzr
L1p6CctAyhF6YFkzQKeQ8/fRVtFKApKiWDLF5q/DwfQvLa19UxKaSAvBaVWjlrNw
kCMInX/moUe1zAmsjOJ7fTCb+PvAIQ4HtwSqx94n9pKxwWkZdZOF7zP/8Enzu5R6
UIiwJewPyAHePMuoVO/8ZLfRDlka9Y2fFucQkbb8FSv/z0H5Z/mlmMU3c9JwoYTT
3TEOsNsQIBRN8YD/JXQ7dl98YwnsIoqCh5RPLpEIj/A73ea6c87yGnyPw+TQ+zZ6
iSXnjNuZDVL7JAZ9XOYTZArn7x1+RtS+az8I3pMSnF+zyMkdkODddBAltFmqTxGN
VVrtHmRYAP+RxTw8XDHi4/Y5wkR2kphScPWIa2xSuFTnmEilVNtDP85Aiy3/vNf5
Q3ok60gynNxIaKFe
=oAnU
-----END PGP SIGNATURE-----