-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 22 Mar 2019 11:46:25 +0100 Source: libmatio Architecture: source Version: 1.5.13-2 Distribution: unstable Urgency: medium Maintainer: Debian Science Team <debian-science-maintainers@lists.alioth.debian.org> Changed-By: Sébastien Villemot <sebastien@debian.org> Closes: 924185 Changes: libmatio (1.5.13-2) unstable; urgency=medium . * Fix security issues + fix-reading-vars-from-mat-v5.patch: new patch backported from upstream. Fixes CVE-2019-9026, CVE-2019-9027, CVE-2019-9028, CVE-2019-9029, CVE-2019-9030, CVE-2019-9031, CVE-2019-9032, CVE-2019-9033, CVE-2019-9034, CVE-2019-9035, CVE-2019-9038. + fix-printing-vars-from-mat-v5.patch: new patch backported from upstream. Fixes CVE-2019-9037. + avoid-int-mult-overflow.patch: new patch backported from upstream. Fixes CVE-2019-9036. + d/copyright: mention two files added by the latest patch. (Closes: #924185) Checksums-Sha1: 079459bf990214170ab04df21e6e152c8e11c4a3 2107 libmatio_1.5.13-2.dsc bc88ff3f3398c65b9416a016191304965276ab0f 22352 libmatio_1.5.13-2.debian.tar.xz 0216193adf7541816cba3f2866ddc37a8316be8f 9111 libmatio_1.5.13-2_amd64.buildinfo Checksums-Sha256: 21b55c13702ec3ee24e800b889780a0d4414fb40219881cab079e1754a4a85c4 2107 libmatio_1.5.13-2.dsc b1c5ca2aba50967186139602a9759c8705ef20624ae66dfb3535d9f7225b1baf 22352 libmatio_1.5.13-2.debian.tar.xz 896fff5677e68104f13733535abdee854073b5b6b76ce6e01bd990344e340559 9111 libmatio_1.5.13-2_amd64.buildinfo Files: a30fa7c5c285755368b3565c8cea700d 2107 libs optional libmatio_1.5.13-2.dsc d10233323ffb780c344c9e22ee07c802 22352 libs optional libmatio_1.5.13-2.debian.tar.xz dcfcec220e7d7fa7836412f907df5c8e 9111 libs optional libmatio_1.5.13-2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEU5UdlScuDFuCvoxKLOzpNQ7OvkoFAlyUwIIACgkQLOzpNQ7O vkoOrA//SUkd0DzWE9osHmUdS9G76dcfx+LNdxLHrKPqtd22jZFJxouF2J4Cj+LF x2/bd2m7bUf9yhgObFykMlSziA9RB1tteP2CDGC9cQblD8bePwmaE8tTLMSxHzEK xrBJgEk/oM6D/bFBjXIuTHB46o6SazJzBg/wQWAsthiB2J92C7e2gPC9+9p1CeTV 3+3ijQSkyTsfT0i57YA0/FRVVNM4j+xavnGU3+f1K/P1psHrgd4rTCW8m42VRZ6q XYPfQKpxlUabF2QGNJ40O4NnJvt7yNQABQ4hrOmno0Zzbu6+8siRxNSfHnwR/qN1 X2vQttX5qNmPf2PfwVbtMdn0tsuEKAxqyXwIPgtYSUrdwdKfBC0jiVBKlnrPXfbS 14Os2srsShg9ePrvStIITrhj4xvhrIy4rK42YWohiWook2/oWHtm+7/TN7Ch94VB 2x/tRFbIX+Qg+BriJ6Xilotrvey8VwXUhLFTsnFSik4vBvsogO+xfV3LcQYeUcpu SntJ8jGX58tAUBOGrxsWzxP1p64EP+ZVJ4g6E4M4ATNFNLlRdbin9XjyP3j9yXGA tcslzf5TGjEA2wwbv8wr6WhUljAyq0McCJ96qtay6FhEMPOySKNEJqLiv9siw6gh YRyh3ZDXUUFN58y7dGkl4cpqLK0iru7gQD9Wr9EW/0DHegUb//g= =hmil -----END PGP SIGNATURE-----
