Back to liblouis PTS page

Accepted liblouis 3.24.0-2 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted liblouis 3.24.0-2 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Fri, 02 Jun 2023 18:19:04 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: liblouis_3.24.0-2_source.changes
Debian-source: liblouis
Debian-suite: unstable
Debian-version: 3.24.0-2
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=DPcRzNm6Zai5ijjDY6x6qNXAZJn4OGbwfdwoxW9+rDU=; b=jPoQLTwUsm/Ri5TVDuyzSTDu55 hoZ+NcB8VYVapL/qjbG1hgyUTJOFc8rjfptGQ/yJzy6Z/jIv+YAcadx7F62+iobURw3AgLCwppo/Q wU03MG5fVNnDEzGVtWdKriKgUVZkLLLV9b1atMf/0GJDhh08I1XVZEjsN9zLk1vKgg3tc4qzqEMrJ eDwYCg48yLctuBXou7YCbEaipqp9qBppHykLdALxpVRJuOoSlPfUveoHm3rSu+n8t+jWq6KgRk0+H 69XchCJ4AH7cuAYic5smX+vMozUox5oiKmgco9XWgd3Hdws7J0jI/bCXcguiLa8wuARYl7JOMN3mV dvuEZD0A==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1q59Me-006mJT-UH@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 02 Jun 2023 10:05:57 -0300
Source: liblouis
Built-For-Profiles: noudeb
Architecture: source
Version: 3.24.0-2
Distribution: unstable
Urgency: high
Maintainer: Debian Accessibility Team <pkg-a11y-devel@alioth-lists.debian.net>
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa@canonical.com>
Closes: 1033202
Changes:
 liblouis (3.24.0-2) unstable; urgency=high
 .
   * Team upload
   * SECURITY UPDATE: Denial of service (Closes: #1033202)
     - debian/patches/CVE-2023-26767.patch: check the length
       of path before copying into dataPath in
       liblouis/compileTranslationTable.c, liblouis/liblouis.h.in.
     - CVE-2023-26767
   * SECURITY UPDATE: Buffer overflow
     - debian/patches/CVE-2023-26768-1.patch: check filename before
       coping to initialLogFileName in liblouis/logging.c.
     - debian/patches/CVE-2023-26768-2.patch: replace the magic
       number with a define in liblouis/logging.c.
     - CVE-2023-26768
   * SECURITY UPDATE: Buffer overflow
     - debian/patches/CVE-2023-26769-1.patch: check path length
       before coping into tableFile in liblouis/compileTranslationTable.c.
     - debian/patches/CVE-2023-26769-2.patch: fix format in
       liblouis/compileTranslationTable.c.
     - debian/patches/CVE-2023-26769-3.patch: add parentheses for
       define expression in liblouis/compileTranslationTable.c.
     - CVE-2023-26769
Checksums-Sha1:
 eb87831291930726c49dd0ad11d057a0a00928b0 2349 liblouis_3.24.0-2.dsc
 1a7200dee5a1bfd652990792b9bfd621213ebae8 12956 liblouis_3.24.0-2.debian.tar.xz
 baa1d4406bc6832cd7a42ad757de008588ec0b31 7102 liblouis_3.24.0-2_source.buildinfo
Checksums-Sha256:
 62e8ae545a7e43dac44e5f8b660e659909d785af35f070f1ac79c2affb0904f9 2349 liblouis_3.24.0-2.dsc
 878510275cb455c83760bf12f2a5de43dabc3367f50d402482f39ff3d7e574eb 12956 liblouis_3.24.0-2.debian.tar.xz
 acdd5a8f165a25612d4c92d09de6d650b19e0a7fa4a716f8ef57acb3ee550e86 7102 liblouis_3.24.0-2_source.buildinfo
Files:
 c0f32866d6f53c62a97f07c7ac9c33d6 2349 libs optional liblouis_3.24.0-2.dsc
 872438ae7d3bfe3bd85ad4270427e9e5 12956 libs optional liblouis_3.24.0-2.debian.tar.xz
 b61c2bec586dc75fd92e7e380eedbd94 7102 libs optional liblouis_3.24.0-2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEETQvhLw5HdtiqzpaW5mx3Wuv+bH0FAmR6LvYACgkQ5mx3Wuv+
bH35oQ//So3VFZP3E9u7FryKQ6zjefDYjd73GoldSitNtjhHL5XAerf1ticMAmDQ
HegTTBAsYVunP0nyMMY8KYqfu/lmTgBDp497Vba2BUHStkdD90lOWiaB3njfiorp
0pwL5DkrsgJ7/KXD6F7dOJLTe35HwEw/JWfytEnCnw6GyLwSnIeMBcalZYlLvri6
W+xHcMGwZIx1LNaPd0OrwtS+WhO/WFIvB1ZbWVzBYvy9uU+b3UFQDezH5PkY4GTa
S0jS7gNEsN0JWOCmxKLC5xfhEBHMzkw7GTQTH3LbXMSnfd/bxkgTXD15VlntNCX6
GxOk5hle8XZu0NBRqQL0m5dZQbz9+JpzBzKemDi+Vd8WJbktcOmRL5/L1P9UK3BB
R6F53Cl2tJlTKTaxYyxCu4qEdreRMTCDfbFfF8/IImdGwN7NLgYbjSOEave943mK
32abYzX+H4RgspaZwdQNGwDUsDHKkQA/1VsGEW3iDY3vJukE3X/1FBfLa3Xt2bij
YzsoJNHxXQHDmAmTKDAWel1X6HGS5B+9R9B5P5D8jbMzhjSemwPj5gO3szHba7r2
bgKllT41wo0s7L6tjEhZk/jj4Z6bwAV8USacAytHgcMbsHG1DV4DElKaOt+GdjlV
lI0KU0XzLxDPb8VF+yJ592gdIuo1TmBYyN93FRnEn3gmo1R5AGM=
=DXXu
-----END PGP SIGNATURE-----