Accepted libmobi 0.11+dfsg-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted libmobi 0.11+dfsg-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 28 May 2022 23:05:07 +0000
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=T67+JCROXhUytdEuDrgbRoOgMUSAPMxugSS4n/WH9o0=; b=ZVDVojKhAPDk4Guuha40cQEaiF NEOaMg7ylYtCCA4HYYS8BIa6yDrDOv/Y1MBAzwxfHo27xXO8wug9Bz3bhHrjnPXB31+KvT/8LdV8V t4jERJWL1Ig0eapkVdMR1V04CiZ4MiKcqU9c6LzoDKrTgmtZuVufk2UumLkU8K/3jaTEAvQDipjYc X8dUSZZ3buEGvy2zWZm1v9iKleDMfUnI1gZq6P9vH2LsQssVlf9+CbgVsqa9sNFOBfbCRbxfqYaNi 7XIRRlOcA4ysdOsaZmALUoEIJDDVfKZh29AxoILtRZUTSTZpqq921cjoSWUw5e3WWejMSUGYKQ4vf l2Cvc/sA==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1nv5UZ-000GyF-Oc@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 28 May 2022 15:38:22 +0000
Source: libmobi
Architecture: source
Version: 0.11+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Bartek Fabiszewski <debian@fabiszewski.net>
Changed-By: Bartek Fabiszewski <debian@fabiszewski.net>
Changes:
libmobi (0.11+dfsg-1) unstable; urgency=medium
.
* New upstream release.
.
* fixed multiple buffer over-reads and null pointer dereferences that can be
triggered with crafted input. The security impact of these bugs is low,
they can cause crashes. These bugs were identified by extensive fuzzing by
various researchers: jimoyong, dupingxin (NSFOCUS Tianji Lab), jieyongma
(TDHX ICS Security), cnitlrt, beidasoft-cobot-oss-fuzz, han0nly.
Some of these vulnerabilities has been assigned CVEs:
CVE-2022-1533, CVE-2022-1534, CVE-2022-1907, CVE-2022-1908.
* fixed potential leak in dictionary parsing on corrupt data
* improved portability of encryption key generation
* updated Xcode and MSVC projects
Checksums-Sha1:
930fa7696a7e83be1327dab2dcf16e2505f5688e 1847 libmobi_0.11+dfsg-1.dsc
f2bf33d7885a25d99611b4abeb5d778d0b7a2da8 1369040 libmobi_0.11+dfsg.orig.tar.xz
ead1238c70000f79d2974e34eede44d6c88d3710 8148 libmobi_0.11+dfsg-1.debian.tar.xz
9cef077796ca5049515d00e148f0a10aec310587 5395 libmobi_0.11+dfsg-1_source.buildinfo
Checksums-Sha256:
4f2d772a3e6bbd8d2a8902a060a6cda799c0c2b81d286e88db792810f1b61d2e 1847 libmobi_0.11+dfsg-1.dsc
1c5c3d780c69b0c143444ad91ca31d4eeac69d0b65e1c5f36c65b4c380236894 1369040 libmobi_0.11+dfsg.orig.tar.xz
6dff3c107e0532e932182cedae99f8ca1db4a3ad83266316719688dfca476de8 8148 libmobi_0.11+dfsg-1.debian.tar.xz
93629109b14b04239570ec4ada8ae31cd93bf89c5020965c1db26c7ef3407b34 5395 libmobi_0.11+dfsg-1_source.buildinfo
Files:
e088af38f0be425c2572694d11d7de02 1847 libs optional libmobi_0.11+dfsg-1.dsc
76c77a60dfdd5ba518a99cbb9abe781b 1369040 libs optional libmobi_0.11+dfsg.orig.tar.xz
7fc2b3d9bc71977c69b59d0acda66bd4 8148 libs optional libmobi_0.11+dfsg-1.debian.tar.xz
1b6f3127f48936fe8e8adba6476901b5 5395 libs optional libmobi_0.11+dfsg-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmKSoEsQHGJhZ2VAZGVi
aWFuLm9yZwAKCRAfXHqLRVZDFAGRC/9lvb4E7XcbUfelcXD/sKwZEesCiDSuOfSg
tFuSRx4vAgJJnJUb7vU44P96qPeUyMGn775HUnlHfkzK3iELZA2RsBalvwfFda4O
FI2l9hrNUBHtz2fzKv2PF7UAMg0RUtXT7fs15QqR7IIR2sr0d3UXQwEKmvWfWURy
aakV/2xbc8vajv6AGPh0Gi3RpbIwXx69lu0ZXTgrAOfzWvSoMp0Eid1Q0GUw/TIM
nskyrAkViSwfWS60RUXm+tHNA0dWTmKpqzDNRpTKI0hCVaj9D5hD18FQpimuzde5
7e3kvosIFx5RCSdg7nRk0u/xfUttWCppCWys3ChAO1yeV+D42teDqKUlhkqXVUuO
SpG0HssDoEvFsViguWEMNFUlHmdxZ8T6WPEQqQkuxQUKuXYZ6RTIejzyGBCE0sSB
gOUnyWjQVqOgm23uFuUWU3B1jrb38C4oleaG+nzP915eoExkcfd9eUoMc7QzGfqS
xH4sBZvTaoucQzZDkJiIL+vsouyrO5A=
=UPvg
-----END PGP SIGNATURE-----