Accepted pypdf2 1.26.0-2+deb10u1 (source) into oldstable
- To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
- Subject: Accepted pypdf2 1.26.0-2+deb10u1 (source) into oldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Fri, 09 Jun 2023 19:52:25 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: pypdf2_1.26.0-2+deb10u1_source.changes
- Debian-source: pypdf2
- Debian-suite: oldstable
- Debian-version: 1.26.0-2+deb10u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=a1VDboID9XhpcpcPx9YCMAcnmcMMDs5h1h03W0uSVf8=; b=GcEp/e8eCxAnJ5wsqxuKE8W0u5 UpEQAmy++vrvbFInSF11sTLKWwouoobWlCMJjmkjDGxV0XKgs9OwPgTKqB/+P8xURcW5l3PKRvCPS GE2LCfO1SXyFJz/Emtd/7PUfbe5M4Faco7xsFVinLQslAgb2xnJrUNGm22fH6pIifAKQgOOMFfgQO gktFaVrk4uJh9dM6bL/aRV76jmhe09Q+mirY09QTn+EpQms8S/Tnsqm+Inbd7OxrRANIouwXvoRci uoVgmEyoSc/xXnRAjUOsbFsOhfKN975el7zJDw6ilzToZPjC4xobuExr7xiKc08JM3U2/ePXkL1Me Ie2O/XZg==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1q7i9p-00Fivh-Qv@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 9 Jun 2023 21:34:23 CEST
Source: pypdf2
Architecture: source
Version: 1.26.0-2+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
5712b9831a807e52f34f4663f2266ecb82ba37c1 1996 pypdf2_1.26.0-2+deb10u1.dsc
29859e086b6e78459feb660ba24f3b22773e11c1 199539 pypdf2_1.26.0.orig.tar.gz
40dd62006fc2f8aab95b08ce469580dcb0b1affc 4304 pypdf2_1.26.0-2+deb10u1.debian.tar.xz
eb5ccc95fdaf1b3ce55a851e6be9ce553ac89055 6934 pypdf2_1.26.0-2+deb10u1_amd64.buildinfo
Checksums-Sha256:
a4232efb2d68eae3e9710f2c0262bebb62991078a34df643dbb1900f9ab6c54d 1996 pypdf2_1.26.0-2+deb10u1.dsc
140b1fed792f487f2fd814eb0e832a5b6ef5ae362da302c1fc5a9786d5acb469 199539 pypdf2_1.26.0.orig.tar.gz
f3187e3fdd1ce15ab82f5eb5fa4c9538767489aef91b32be7a175a69149e661a 4304 pypdf2_1.26.0-2+deb10u1.debian.tar.xz
d7466939104f1873180b4865f5d73163734b870918d6883a34226e7b4b8ddf1a 6934 pypdf2_1.26.0-2+deb10u1_amd64.buildinfo
Changes:
pypdf2 (1.26.0-2+deb10u1) buster-security; urgency=high
.
* Non-maintainer upload by the LTS team.
* Fix CVE-2022-24859:
Sebastian Krause discovered that manipulated inline images can force
PyPDF2, a pure Python PDF library, into an infinite loop, if a maliciously
crafted PDF file is processed.
Files:
0705e770b8de3f824a2e12540fad5f79 1996 python optional pypdf2_1.26.0-2+deb10u1.dsc
3959e3a15606e4b6c0405487cefb4e21 199539 python optional pypdf2_1.26.0.orig.tar.gz
882a3c02cc24ae2b91f1401e849945e3 4304 python optional pypdf2_1.26.0-2+deb10u1.debian.tar.xz
9f125654f0eab8694d70670a370ec0f8 6934 python optional pypdf2_1.26.0-2+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmSDf0ZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk+dEP/igrm8PJgsg5mKKBoRXskiNChJLFevhCrM1q
khUE3JVCNs9bKt1j4JApHQu6lJcF+7LEk1nbro8PHxbrWynHnHcCEdMquuxxESWb
0kubxYPowM9cRqH9aZYNo3NHxhMZD0WXe2M3fj4ijUuyzkeD1ltbSduYb0NLq/g1
v3DRt/FT/e1+DPhrDUiRr1F6tumNiXiB8LDAhU+SKo2vqLJgX9WNQnxhBQ51/ZhS
rxPrmli7kwANXj/kQe+3PJTseWqyra2nkfLyhaamvHsEfRXg24PY/wccEd69Y4kl
XOVVim5V0JMv9EE4+lQnu9jRe42TiU1j21NYjOVjZAsFKWFDcHNMvPmT43bLpi2i
V/3vwY8lpZ8D8iHmqsjZrfQp5kxpb+86VFCMCBlfBKmPcTW9fKXcseVGzY/8NxVa
xTq142/2nzxNmAxCDdvEe8sW9D1J+loZCvG0AEca48qSv9cyecNOhk3SpGfExjs3
xB7rRlbRtUpQRumBjhAlPRzM2xwE+mBrRDGm1oAqsm+DXtzglbtoHCGyelql0X0b
8PRyAnWaQgm3V18RK1Bm5Ut3DVqDeylkg4si5799EDoTQMAvywZIzVIECk6gZCW7
bfi6yud+W0ktVX16p0lak1OAkfyaJ2mtIPo56ukIRAD7wnmX0DJScE/5/NxKkJ7m
G6CMf24u
=7QGh
-----END PGP SIGNATURE-----