Accepted virglrenderer 0.7.0-2+deb10u1 (source) into oldstable
- To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
- Subject: Accepted virglrenderer 0.7.0-2+deb10u1 (source) into oldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 07 Dec 2022 16:30:21 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: virglrenderer_0.7.0-2+deb10u1_source.changes
- Debian-source: virglrenderer
- Debian-suite: oldstable
- Debian-version: 0.7.0-2+deb10u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=+fIVORV5CPz2ICF9SShjrS/XOEFvVpYtOcif4D8gKV4=; b=LLnV77NiYiJYi+k/SWoLP/pcc/ vr0eMIMi/lhgMFPNWXYC457Ah7qqWOJxCM67mTjphr+gSOllXNuZSiE+7OHgItu2CWpmnLj++Y48a q+yRC/XFbgN/eiat/Jq2khioTGoX3dg8UVfvgRYKtT2shwYJMRKL+xxy7JSmXIsFU9oREHK0s/Bhd vdXNc4euUZuZPkjYD8M5bZSCXQiuyOpBje+4kPWWv67tqkKkGFX1ds4+wKsN76ZsqzHimiHp2JKT7 tGBwmTsJr2wYXeHmdaiGyO0w9KyBwMm0t3fQXhaft6PR/atbIGjETxxmQdmjUzzz3kEQ5Pgpa0PdR NaGo6QMQ==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1p2xJN-00Ffr1-H6@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 07 Dec 2022 17:13:46 +0100
Source: virglrenderer
Architecture: source
Version: 0.7.0-2+deb10u1
Distribution: buster-security
Urgency: medium
Maintainer: Gert Wollny <gewo@debian.org>
Changed-By: Tobias Frost <tobi@debian.org>
Closes: 946942 949954 1009073
Changes:
virglrenderer (0.7.0-2+deb10u1) buster-security; urgency=medium
.
* Non-maintainer upload by the LTS Security Team.
* Cherry-picking upstream fixes for:
- CVE-2019-18388, CVE-2019-18390
- CVE-2019-18389, CVE-2019-18391 (Closes: #946942)
- CVE-2020-8002, CVE-2020-8003 (Closes: #949954)
- CVE-2022-0135 (Closes: #1009073)
- Cherry-pick commit that avoid crash if illegal resource
is provided. (Upstream issue #143)
* Update test suite with changes needed by the CVE patches.
* Add test_fuzzer_formats targeting above CVEs.
* Enable test suite in d/rules, but ignore result (as the test
needs to use OpenGL, this might not be available on the buildds.)
Checksums-Sha1:
e3a91d9ceb9a8cbfc687eb30223a7c33a74e4e60 2081 virglrenderer_0.7.0-2+deb10u1.dsc
31d4545facb7e884aca929408632749b65a99416 590102 virglrenderer_0.7.0.orig.tar.bz2
f91a229f1dff1b9534c819a705e6cf89355a6949 13444 virglrenderer_0.7.0-2+deb10u1.debian.tar.xz
e6136c61a0ea19b6c481db73beb655b1add28c7a 9525 virglrenderer_0.7.0-2+deb10u1_amd64.buildinfo
Checksums-Sha256:
ad31ad9f68f38d32e22beafa5b6c5acf482ae9107685fd7f5b9ad9b69933d5d2 2081 virglrenderer_0.7.0-2+deb10u1.dsc
15ec0290ca0a2d175d6e5dc695938640c53d2c020e0c0f8a781045d3c27b2a10 590102 virglrenderer_0.7.0.orig.tar.bz2
3daf2f2776213748f2f61cf3d172db607440b738721e322eb5d75d87a1e770d5 13444 virglrenderer_0.7.0-2+deb10u1.debian.tar.xz
0745855e7cd2f22ef6babba4498830ce2fde584bfc020bd4e285ec77ec35677c 9525 virglrenderer_0.7.0-2+deb10u1_amd64.buildinfo
Files:
c5a02d756c3d152ffd1ec845062df620 2081 libs optional virglrenderer_0.7.0-2+deb10u1.dsc
f46ff65025c869c0ae86ba337cc699c2 590102 libs optional virglrenderer_0.7.0.orig.tar.bz2
5b290142711b3ab1440e96544d198c0e 13444 libs optional virglrenderer_0.7.0-2+deb10u1.debian.tar.xz
79a14d6d0e1b9f195b30b09993e93154 9525 libs optional virglrenderer_0.7.0-2+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmOQvPoACgkQkWT6HRe9
XTa9YA/+M4GhUqWVNGQDjcwD2fqek+VOIK5KeyIU6KMfZa/VBJBulSltGpoibzNl
qo7Ku0B77N2CrsDtFkogf/FE7m1OWiDl3VocbQ0R6jHB65xfrP6RWyyFkxHcGtiA
OBtcHFo1kYp6qf+9KwqLYAMoTdu8wvkPZHDuVmSGo6BkLqFuvD45KwDvOdQuxB8c
Jfj/TXmWyiBX+ffmiqui27TQtJaapFzkyqUDBbc9YnFSFD+302SmMKLy1BkiNwr4
NvUU0ioX6nQnsV9d0o4JpIIU+LlkaAVyjyBvj/PESrLJNiXpni19RlYMiqQ+4xDs
DytAq/Gfe4avXDCjdFg+K1FlXYXkovAr8aFnH5kRcPVbBiTAMxppGHICLVGWpRhU
TuKLy9Onz254lxcL37ch7LLVbBuW54rajY3ES2r2qrtb5sucMezrM61xNYaIN543
bp3qXAUBWZxqqtF+lwPnqYrFIBZxhYuH4YPkp8q9bgJb8QBi4DFGQPU5Gyef8A1R
2vY/CgprhARLwLf1FL33PmIL/ITUQyu4x2n0zgxAbfeOLSJVk97gNiceZhPACvo3
t1buOAc4EoFMasNEiejX3jy5x8FZ+QhlD4ZRJuYLw8C8bGa4/fXw8/BGmuj20plB
j/SUSZNMVNcGzAj9oyu/FVSa+iwJyWQWFoT7FLkATkqUrRTPF38=
=1tPC
-----END PGP SIGNATURE-----