-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 08 Apr 2015 18:01:45 +0200 Source: libgd2 Binary: libgd-tools libgd2-xpm-dev libgd2-noxpm-dev libgd2-xpm libgd2-noxpm Architecture: source i386 Version: 2.0.36~rc1~dfsg-5+deb6u1 Distribution: squeeze-lts Urgency: high Maintainer: GD team <pkg-gd-devel@lists.alioth.debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: libgd-tools - GD command line tools and example code libgd2-noxpm - GD Graphics Library version 2 (without XPM support) libgd2-noxpm-dev - GD Graphics Library version 2 (development version) libgd2-xpm - GD Graphics Library version 2 libgd2-xpm-dev - GD Graphics Library version 2 (development version) Closes: 744719 Changes: libgd2 (2.0.36~rc1~dfsg-5+deb6u1) squeeze-lts; urgency=high . * Non-maintainer upload by the Squeeze LTS Team. * Fix NULL pointer dereference when reading XPM files with a crafted color table as per CVE-2014-2497 (Closes: #744719) * Fix buffer read overflow when reading invalid GIF files as per CVE-2014-9709 Checksums-Sha1: ab395b49674c63948d4090120602fc6d33a43698 2337 libgd2_2.0.36~rc1~dfsg-5+deb6u1.dsc e93c43f3c2283c6fe09793ac06a4a106374e0cb3 761899 libgd2_2.0.36~rc1~dfsg.orig.tar.gz 7d6f66c60cb61b3aa963af633cfe262df359db8e 26762 libgd2_2.0.36~rc1~dfsg-5+deb6u1.debian.tar.gz 39d963be36b0647aff6c4f7860276c4f46f18e87 167782 libgd-tools_2.0.36~rc1~dfsg-5+deb6u1_i386.deb d5f9f81310ab1bf109777f550c4018e3d7c9591c 363186 libgd2-xpm-dev_2.0.36~rc1~dfsg-5+deb6u1_i386.deb 57173ec041ea0aa2050a7bcb357f0363a1990101 361648 libgd2-noxpm-dev_2.0.36~rc1~dfsg-5+deb6u1_i386.deb 3a5ed369ebb102fda350e5c555ba58bb01bceb3c 225076 libgd2-xpm_2.0.36~rc1~dfsg-5+deb6u1_i386.deb 6941736700ac43f6b8c83b39daa6bc9b31809189 222156 libgd2-noxpm_2.0.36~rc1~dfsg-5+deb6u1_i386.deb Checksums-Sha256: 10956194957df39f54f21bce9679d772eb5786c46da787f9dceefe229db36088 2337 libgd2_2.0.36~rc1~dfsg-5+deb6u1.dsc 919df21310ad4a8b6155df01411138110589cc6c50b1bc414dc62aebb0a7f41a 761899 libgd2_2.0.36~rc1~dfsg.orig.tar.gz b798a89b5bf85d2802c8391f2c1787e72df4835e9ec899692ec0a48deaa2d144 26762 libgd2_2.0.36~rc1~dfsg-5+deb6u1.debian.tar.gz 4300351e5fd02c9043ae9d77418a5dcc2e04ceaac6f0184661806216dfed94bf 167782 libgd-tools_2.0.36~rc1~dfsg-5+deb6u1_i386.deb a7985a75aec63e585060ba16e729d0af6337e58532b2270d0d656eeca704f378 363186 libgd2-xpm-dev_2.0.36~rc1~dfsg-5+deb6u1_i386.deb 82f734d81701c92a2f5426f77be2b90751683682705414681b99223248f1ead1 361648 libgd2-noxpm-dev_2.0.36~rc1~dfsg-5+deb6u1_i386.deb 3c23d9c7ca2b8b9dc74bba6d6e193bcccd332894baaaa1042568a23bab3ef0fb 225076 libgd2-xpm_2.0.36~rc1~dfsg-5+deb6u1_i386.deb e5c2e73361429aa308b6cf5aa238ec93880934489afb93403e0f40fa5ae33ec7 222156 libgd2-noxpm_2.0.36~rc1~dfsg-5+deb6u1_i386.deb Files: c0d5db79602bad942427cabd0533a395 2337 graphics optional libgd2_2.0.36~rc1~dfsg-5+deb6u1.dsc 0f4d2fa45627af0e87fcb74f653b66dd 761899 graphics optional libgd2_2.0.36~rc1~dfsg.orig.tar.gz 56cc5e01a7674f00ad2cb58226f9b15a 26762 graphics optional libgd2_2.0.36~rc1~dfsg-5+deb6u1.debian.tar.gz 893e78cee533205a71a82a2f5c7685d1 167782 graphics optional libgd-tools_2.0.36~rc1~dfsg-5+deb6u1_i386.deb cdc546bf56403b243b479ff36468779c 363186 libdevel optional libgd2-xpm-dev_2.0.36~rc1~dfsg-5+deb6u1_i386.deb cd3a1ba6a4d23b0c273d8b2cffb2b310 361648 libdevel optional libgd2-noxpm-dev_2.0.36~rc1~dfsg-5+deb6u1_i386.deb 6e2573bfde45633aa3d7e7f9dcfc181d 225076 libs optional libgd2-xpm_2.0.36~rc1~dfsg-5+deb6u1_i386.deb 0db8f88f02b43a6bad50ac1a1dce04ff 222156 libs optional libgd2-noxpm_2.0.36~rc1~dfsg-5+deb6u1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJVJVS0XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHKo8P/10nTCarql+Ompr4EXsgYHx+ iKgyKh82KQJoyra6IymvnnkNkaHGjYB2kQ7BKKHWnB+6f9Ckt4GLwCEbB8uD+duD nwG/A3qFllY2FK4yDOv4cpxLX41IhslSOhMFlr5SBdlHRK8AfFR1Zd7MKgc2ajNX BKdsfb2m/WHl9j1Q69DQqiiaxLCDId7xOBQO+5YxXW8gyCl37n8XFBfE5L1NJBBM HMw3aTu9Qe15dE8DnK6rfWB32ftIu4d4Y+yUT7Ta1jWDkzHhc1JJi+QkezFxWCFA OlaRTsIbqfwYH3x/Uvf/80LwN9A3UvCpwdWgBoI8oppyGf8tyoUMDUvuOYJfm3jk oZS1R7e9fcd9TyS2zGBuKbUVlVJSi6zC76A7mUQzWXtR1nwckqbEDFtpYedxnOnM TSfcg3/AU/vH/K0/aXJx3tdkO9xGB5c01ghLUjFGR7EkDXapemV3UPeFhRJAgsbW w6fV4OIBjkV3EiH45e6RHZ8Dz9O3XCrvssRk3KlOADM4obHYAYi3Ic9jg2T0Q3eX ho+DhOz/v7raQaMbp0fgfaFsklq+DBbAdpz3sTxIOQaguayLLUXdYILHrltIkrvI jj98mUcHK/l9tvY6PxaeNFrDOgJkytp5AXZzPrFd5knQifbQnHXbwk8kD/uYmSE2 fVOi6gquS8gVki4287Tc =DnDi -----END PGP SIGNATURE-----