Accepted libxpm 1:3.5.12-1+deb10u2 (source) into oldoldstable
- To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
- Subject: Accepted libxpm 1:3.5.12-1+deb10u2 (source) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Thu, 05 Oct 2023 09:30:19 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: libxpm_3.5.12-1+deb10u2_source.changes
- Debian-source: libxpm
- Debian-suite: oldoldstable
- Debian-version: 1:3.5.12-1+deb10u2
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=vvyiYTVNyK8B6RZaSBnBSD8/bicExJBNw1M6fGFP+oI=; b=ve+KWWzAQZV9PT1PBO0uh4VQc5 9OBAD+ZQIBOQZEBm4BgQXXMQYKeUaUXU8KzgnqXwEns2LdhmHAOF8qVR82RHZGvIar18yiZZazCOh xnv1UpA9V1tazHfYyQYy9cYiGvt0kv4PfEAVzf2LLARTOK0LbE3YY7Tfo0bvBRxfbnqCBSwSGjXQc coU9kriulbyRlsU/jP4qijxqWvscj0gJKu+shmfXVw5vMR2/N9Jebg8nnDN/cHbTwoQEhBHQ+2o5u hoRpPoMece5vJDpOZNN5YLBDemq0X3hQFnGBjk6rPK60jYsjdRfdt1ueTycUeOEhvxe9x4nKPgMBP rLgtuZHg==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1qoKgV-00EPmD-QF@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 05 Oct 2023 11:18:55 +0200
Source: libxpm
Architecture: source
Version: 1:3.5.12-1+deb10u2
Distribution: buster-security
Urgency: medium
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Emilio Pozuelo Monfort <pochu@debian.org>
Changes:
libxpm (1:3.5.12-1+deb10u2) buster-security; urgency=medium
.
* Add check to avoid triggering CVE-2023-43786 in libX11.
* Add check to avoid triggering CVE-2023-43787 in libX11.
* CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer
* CVE-2023-43789: out of bounds read on XPM with corrupted colormap
Checksums-Sha1:
23a6d1a71bd9ecc682755c50faf4d275f8e734da 2122 libxpm_3.5.12-1+deb10u2.dsc
c837dfca61080a40031a3d9a83ea284acb619ab7 529302 libxpm_3.5.12.orig.tar.gz
3402258322d882b1a1b3bf172394c781eb2e7cce 16828 libxpm_3.5.12-1+deb10u2.debian.tar.xz
7761c3880b8fc0c2ca9e98a977fcd3bbcfa01127 6669 libxpm_3.5.12-1+deb10u2_source.buildinfo
Checksums-Sha256:
9f0872713d7a6bcfbf51d9c8e1969bad66d29c24fac7207bf1351b8dc21cce1c 2122 libxpm_3.5.12-1+deb10u2.dsc
2523acc780eac01db5163267b36f5b94374bfb0de26fc0b5a7bee76649fd8501 529302 libxpm_3.5.12.orig.tar.gz
b8e137edeeb96beb59f1fa09c7a25ff9d4af9cf2f9040f483ecc7bf7386897ee 16828 libxpm_3.5.12-1+deb10u2.debian.tar.xz
bef77158b08f5cad0e3cf3acd687231dc45154c1b6680fa46a60c3e511b0cba7 6669 libxpm_3.5.12-1+deb10u2_source.buildinfo
Files:
21cbbdcfd1601af2fd29f3546601e84a 2122 x11 optional libxpm_3.5.12-1+deb10u2.dsc
b286c884b11b5a0b4371175c5327141f 529302 x11 optional libxpm_3.5.12.orig.tar.gz
672882b14a07791d324e83788651deb1 16828 x11 optional libxpm_3.5.12-1+deb10u2.debian.tar.xz
fc3aff1474fa285b9123c4f86b9a74dd 6669 x11 optional libxpm_3.5.12-1+deb10u2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmUef9MACgkQnUbEiOQ2
gwL9cRAAs2ijlOgbSzMlqwT4Dl5Nx7OF3D3s7zc9807zAwfn0hyIpS1sfFJVKwvn
eM0EER7+Vn5eSjJmC4WQcmFTt32LJe0iIy/stWMceO375rrcFSrXe8ouju/N/R8R
5Gb98o5AamwRNDBrTSFFTU37AjaB6qVauc8kWWecgKUOBT5mHKK5K0R44jNfvTyN
aiGA1eT2HL3++yiLHu9yqxnbpVpgCiRTKejXWwGxtZl+BRQsyu8fANWzoY8eLkZ7
U8SgLgnApIXe6ECXsInd/x8mHJirXRgQVZQfwBlCpusLXyDYRitczB53yA9ucHe8
t9g92n1tqIfuYCOl4MmclWCA+Uj56pRp1ROHOFnoDKs13EqcENZIo38MOe+58AS4
f8rSMV3DeVwla0j9Vm/7yY8KHHe2gN7unHBL0/A/mz3DF0qTv4Pv5cn7OjiJnqV5
R/BKXwHsOiZCTAbKIolJsYuxMkY9qMbMTNyPK22JSFw5HprZdNTUSzqh/6U4pSl4
EmhPZZ5c0D6SusETYN8qDGfU0uNSUFuHG+l73E+K1GlvwVlwc9OAtQkX9CFghNFY
jdgBrQh18pIpBTZQ7//aVM8ApZ5fcPwURj+ckG1ZfzxmDJCuEhaNCFD0kGD1g7rN
NR+88WVOjLAmzN9TGw0o5x++E97kg47hiyHe7r3/pTECscXZFfE=
=Ujaa
-----END PGP SIGNATURE-----