Accepted libsdl1.2 1.2.15+dfsg2-8 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted libsdl1.2 1.2.15+dfsg2-8 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Mon, 01 Aug 2022 20:36:59 +0000
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=cfsHX7dP5jMJT2Gg2PYpkm7hauc9mU3EurmJL6PtdZk=; b=fbyOY3c2NdiotSDQseWDHnQjey KcBemAnfpKcdOvnhpl6+AKU+FndvjjSiTlk3/F/iK7nsdsM2D0/g29s3YbLEiAEG56i/eXxOyhJTI 4UPDAQBA55AeXFxTi6aQFmVpZpZv1OwiJ17+ri854brrVjd3b36qKlBLLG18Gf22YNAsTHttycKbS ZVM3depsdubEltpHtdu+Got2uaByFFG7F8rBvO4wY8xKJ5enVOyG1ijp7ofMW3pmubM1Mz2Q2dAFK dpgmvjBLV6Q88WMKjAzyE4gAsLz5+ub4KojW84pvJJhLC09VU5w6E/H9QFucKTDQZy2K6FgNHU7ZN LJix7EJA==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1oIc9r-007Qsx-5m@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 01 Aug 2022 11:51:13 +0100
Source: libsdl1.2
Architecture: source
Version: 1.2.15+dfsg2-8
Distribution: unstable
Urgency: medium
Maintainer: Debian SDL packages maintainers <pkg-sdl-maintainers@lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Closes: 1016352
Changes:
libsdl1.2 (1.2.15+dfsg2-8) unstable; urgency=medium
.
* Team upload
* d/p/SDL_x11yuv.c-fix-possible-use-after-free.patch:
Add patch from upstream to fix a use-after-free (CVE-2022-34568)
(Closes: #1016352)
* d/p/SDL_bmp.c-reject-bmp-files-with-zero-bpp.patch:
Add patch from upstream to reject .bmp files claiming to be 0 bits
per pixel.
This does not have a CVE ID, but seems like the sort of thing that
could cause denial of service via a crash or infinite loop.
* d/patches: Improve patch metadata by syncing with upstream commits.
In particular, various patches for audio- and image-related buffer
overflows are now correctly attributed to Petr Písař of Red Hat.
Some were split into commits differently upstream, so the patch filenames
do not correspond 1:1.
No functional changes, other than some ppc64le-specific code now being
correctly #ifdef'd out on other architectures.
* d/patches: Sort patch series with non-upstream patches last
Checksums-Sha1:
de758853c2ddcb558739dd3c46171ef4c12b7b30 2387 libsdl1.2_1.2.15+dfsg2-8.dsc
10f40b81cc703016ffae5d3cb51fa6d050c63fb1 57556 libsdl1.2_1.2.15+dfsg2-8.debian.tar.xz
95c127364706d83111dde7fc0a7630758a55be87 8622 libsdl1.2_1.2.15+dfsg2-8_source.buildinfo
Checksums-Sha256:
ff6cf187235703226f91af9d636255c5d7141bf1a693aa37293ceeb11430cc33 2387 libsdl1.2_1.2.15+dfsg2-8.dsc
f1e294c33ad395f3b0dc473ff33b84405ac7fc465e3c9d2a25fee576a96e9fc7 57556 libsdl1.2_1.2.15+dfsg2-8.debian.tar.xz
81e7c0c47e3fa9885a728880bb086b9f2ecfe83069280d69c363b833acb428a9 8622 libsdl1.2_1.2.15+dfsg2-8_source.buildinfo
Files:
72ed92acf07c938a09d8896394ff3478 2387 libs optional libsdl1.2_1.2.15+dfsg2-8.dsc
b1361c4bca212fd85c538e23bf197d69 57556 libs optional libsdl1.2_1.2.15+dfsg2-8.debian.tar.xz
81ac6be9dcfec6733de6425f5ea7fc29 8622 libs optional libsdl1.2_1.2.15+dfsg2-8_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmLoNv0ACgkQ4FrhR4+B
TE+9yRAAuRUYG3hGrE041wHycMGVDDYWYuxdN/FT0MoBhua5vTHo4MqUXfauEvAV
95g8+lhpJD7N1VzA6895Dk9APNA2SlDaS3qLea3rzmagxJr5Ct6KvzUpzoW8CjFg
lZNsw+2gfSaWLPtYYucd3zxxZRUrpy63oqQzQ+tnSbGsMrmE+N1DXM1QvI6Jw29P
wbns9NU6yfYqO+Sbm6gVbdxbjaK/1WP38QImBCRmiEiPgM18FVWjI/yaxEtZqomn
T97F95ZN57wjx2B14h3vuK4mi35Phv7G2wbTg1XtWxmJg+4U+VT4u1Gf3CPw+Jeu
GrlUgzG6iFOcLWMNZpHIsWmtCbWIH0ixhqb8qDCTCdyQdTlPrQ+rmKyoVYpMyaOH
m49pubRF1CeQhqAdutqemc5cDdpCmM+q1RuxMON1D8k7Vi3RcO1qwjpy5Z1VyEUu
GXy3fdrb0jYY1oG9v1b17TPsns3pOXw/+PJgVYiDvgjOCjurS0jfk7FnA1fXzA7m
0dLKWqsGR9RTMdgICI57iYEU6dDP+dymEe5zxFarq64mXXyT2qTOObfcrwY3Fsey
4FRDRFWDU4AF+iXWEgROsRm6MXeSTiUbRcIprkkg/B8Qn4Fy8ZZoQS5E1oTiAfw4
JBGGoTF7nJe5y523UvkTn8MnCfFNjcXm0NgUTHWEnGAgAIVQYVM=
=ei9r
-----END PGP SIGNATURE-----