Debian Package Tracker

From: Thorsten Alteholz <debian@alteholz.de>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted libgd2 2.1.0-5+deb8u12 (source amd64) into oldstable
Date: Wed, 30 Jan 2019 19:00:19 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 30 Jan 2019 19:03:02 +0100
Source: libgd2
Binary: libgd-tools libgd-dev libgd3 libgd-dbg libgd2-xpm-dev libgd2-noxpm-dev
Architecture: source amd64
Version: 2.1.0-5+deb8u12
Distribution: jessie-security
Urgency: high
Maintainer: GD team <pkg-gd-devel@lists.alioth.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
 libgd-dbg  - Debug symbols for GD Graphics Library
 libgd-dev  - GD Graphics Library (development version)
 libgd-tools - GD command line tools and example code
 libgd2-noxpm-dev - GD Graphics Library (transitional package)
 libgd2-xpm-dev - GD Graphics Library (transitional package)
 libgd3     - GD Graphics Library
Changes:
 libgd2 (2.1.0-5+deb8u12) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2019-6977
     Fix for potential double free in gdImage*Ptr()
   * CVE-2019-6978
     Fix for a heap-based buffer overflow, exploitable with
     crafted image data.
   * CVE-2018-1000222
     Fix for a double free vulnerability by a crafted image,
     that can result in remote code execution.
   * CVE-2018-5711
     Fix for a integer signedness error that leads to an
     infinite loop via a crafted GIF file.
Checksums-Sha1:
 0ff7db24c084109d25d3b634f0ecfb5a8d2395e7 2514 libgd2_2.1.0-5+deb8u12.dsc
 66c56fc07246b66ba649c83e996fd2085ea2f9e2 2004304 libgd2_2.1.0.orig.tar.xz
 5504be24f74a1c4d0bac68199ea9b53e033e3e65 42428 libgd2_2.1.0-5+deb8u12.debian.tar.xz
 16bf18599837e64f2d87333858e772b54cf20e45 42902 libgd-tools_2.1.0-5+deb8u12_amd64.deb
 85fa2dc51b1d8702d2e440a8b24e560c9044799f 287996 libgd-dev_2.1.0-5+deb8u12_amd64.deb
 82501c03296552e8c813db86b1d39f76d908cf77 148720 libgd3_2.1.0-5+deb8u12_amd64.deb
 095d09db081bd4290efba2fc307b3f133a8ca859 315794 libgd-dbg_2.1.0-5+deb8u12_amd64.deb
 5858a09dd7acb9ba0cc768ef8755c91f6013bdc0 1240 libgd2-xpm-dev_2.1.0-5+deb8u12_amd64.deb
 ed6adee3d5f025b8f650e6d2b020eeea666a964d 1238 libgd2-noxpm-dev_2.1.0-5+deb8u12_amd64.deb
Checksums-Sha256:
 060e8b9c6d7faff8acdbf9586b8aa6e2fcedd86cdca74906f4defb54ecab8015 2514 libgd2_2.1.0-5+deb8u12.dsc
 fa6665dfe3d898019671293c84d77067a3d2ede50884dbcb6df899d508370e5a 2004304 libgd2_2.1.0.orig.tar.xz
 232f55450a4f24cea3e291553d2a91f48fc86daac798a57119f65552148147f1 42428 libgd2_2.1.0-5+deb8u12.debian.tar.xz
 bbb13423b772ab2ffcd24d65b55a1b548ba95566db6c486955030d5f495fd460 42902 libgd-tools_2.1.0-5+deb8u12_amd64.deb
 d0046c684936a270c5cf28858710ac86d800afc95d8aeadd459aa687849bacbc 287996 libgd-dev_2.1.0-5+deb8u12_amd64.deb
 054e4375b0e44218fec3a70fdd2289dca1d7cd13c31296580c7e4601fb683801 148720 libgd3_2.1.0-5+deb8u12_amd64.deb
 512986b3333007ba436098274a3fe6d5ad3eb4ce2d98b6fef684973d7498578f 315794 libgd-dbg_2.1.0-5+deb8u12_amd64.deb
 620f197d769a9ecab476a30fa0bfd469d0af735cec047feef73e549219535aed 1240 libgd2-xpm-dev_2.1.0-5+deb8u12_amd64.deb
 5f9e1400c7b766d3e0c7c4cee76853dca77c0fc7609f374376b013a91b45be44 1238 libgd2-noxpm-dev_2.1.0-5+deb8u12_amd64.deb
Files:
 573fd3ddc5c3afaa7e81eac6a70ed074 2514 graphics optional libgd2_2.1.0-5+deb8u12.dsc
 03588159bf4faab9079849c8d709acc6 2004304 graphics optional libgd2_2.1.0.orig.tar.xz
 94cac624eee7557d5b0e939bb298c392 42428 graphics optional libgd2_2.1.0-5+deb8u12.debian.tar.xz
 359163f7c23e564004f7aabed20180b0 42902 graphics optional libgd-tools_2.1.0-5+deb8u12_amd64.deb
 db0d9546c16b3562ef03acd9a8e95b8a 287996 libdevel optional libgd-dev_2.1.0-5+deb8u12_amd64.deb
 1d913ead22b32b9be853d8548640b4f5 148720 libs optional libgd3_2.1.0-5+deb8u12_amd64.deb
 889748e12f05313dc46c1bb583ca7e9b 315794 debug extra libgd-dbg_2.1.0-5+deb8u12_amd64.deb
 f446b72d36cfc7115ccb41b9f1781f68 1240 oldlibs extra libgd2-xpm-dev_2.1.0-5+deb8u12_amd64.deb
 ffcb723a3f7358559fea2aaffec45e35 1238 oldlibs extra libgd2-noxpm-dev_2.1.0-5+deb8u12_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlxR8W9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR1zDD/4qd/lodyxLTmrIXTsBFw9p7ctBfuW2
2m/YQvudGSvmBkZuXIxtCtPBBMNjE7mGmJBME7vKpoLsylU2+DuEqioUovyoTcsn
nsPACKFNzDgwQXNh3OVKEyKnnc8GKxaxTlEraGW+Irshtulrl2N+VRITKasXosfa
rJlVR89KFxSWDgOrFDTkSECmRjl6L5G+zMxtAJmZt4FN0WDU0k3dudzD1wHn5xfv
zjLO6td7XeY5T+7xQXHdpTOkqo9/EHO7AgIh+AdtEs2Z8U5fb0otNp/aQOcuGlBx
6z0nukyNz1K8j7VDYMi5PhF3DgUlGf19O71ZUaB4OiEk8gfObAfs+0ffTBtzKmq9
+5oE81Mq8+50lhDIx7vjCvOcgAYZpOFjrrGP74gbzJywUoz80gNTgvuj/R1hm+RI
VhBDEwmdFmFf1Xf5pdA2daw/Y4MvRrz1tC92MlgmAkjUNxSd5aj3qGU7M8YI8NYQ
0H9SU1X30dve1Z2Obq6GtvCyxisKRq2oNFjdmkGOPacii0vY0mbXmI4TfxCHneDa
ohxCG2LZHT5W+bn3hnJBu2pRIbK2IbEmrWo+hO/vvilt4ghTc84KHMzG/1dJD4eP
lhzIi2R2M91zlHI+7zEF+Hds5t4rehvK964NsxTPAqCIOmEf+MXY5arcdxAt+1Jp
hTyVKd5VhNpt+Q==
=rkLC
-----END PGP SIGNATURE-----
News for package libgd2
