Debian Package Tracker

From: Hugo Lefeuvre <hle@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted sdl-image1.2 1.2.12-11 (source) into unstable
Date: Thu, 08 Aug 2019 13:53:18 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 24 Jul 2019 20:30:03 -0300
Source: sdl-image1.2
Architecture: source
Version: 1.2.12-11
Distribution: unstable
Urgency: medium
Maintainer: Debian SDL packages maintainers <pkg-sdl-maintainers@lists.alioth.debian.org>
Changed-By: Hugo Lefeuvre <hle@debian.org>
Closes: 932755
Changes:
 sdl-image1.2 (1.2.12-11) unstable; urgency=medium
 .
   * Non-maintainer upload with permission of maintainers.
   * Multiple security fixes (Closes: #932755):
     - CVE-2019-5058: buffer overflow in do_layer_surface (IMG_xcf.c).
     - CVE-2019-5052: integer overflow and subsequent buffer overflow in IMG_pcx.c.
     - CVE-2019-7635: heap buffer overflow in Blit1to4 (IMG_bmp.c).
     - CVE-2019-12216, CVE-2019-12217,
       CVE-2019-12218, CVE-2019-12219,
       CVE-2019-12220, CVE-2019-12221,
       CVE-2019-12222, CVE-2019-5051: OOB R/W in IMG_LoadPCX_RW (IMG_pcx.c).
Checksums-Sha1:
 4e4be93248b44fb9f8fd8ff4b2cac59e93d3d141 2056 sdl-image1.2_1.2.12-11.dsc
 e10fbc678c098f8606fbdcd1099203cb97fa020c 12576 sdl-image1.2_1.2.12-11.debian.tar.xz
 61c6557b202651784041eba012ff5b8e2404fd9e 10619 sdl-image1.2_1.2.12-11_amd64.buildinfo
Checksums-Sha256:
 50e31b27c70018b68ca2f96e0eac715dc4219f54abd57d2223b633f08bb6b2bb 2056 sdl-image1.2_1.2.12-11.dsc
 5dc284425daac9142e5925c15544c3be52b5e299572d1c2fdacfd83d139a056e 12576 sdl-image1.2_1.2.12-11.debian.tar.xz
 c160056e682ff3d12059ac4916c6e05234f265f99d2b9a9a211ee04289a38683 10619 sdl-image1.2_1.2.12-11_amd64.buildinfo
Files:
 61d23b3e26f9fa036144d57efc82558f 2056 libs optional sdl-image1.2_1.2.12-11.dsc
 32f98cdc26b16915ad1c3eaf476a046d 12576 libs optional sdl-image1.2_1.2.12-11.debian.tar.xz
 39b93b9cdcd52facc68e7a50186c49dd 10619 libs optional sdl-image1.2_1.2.12-11_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQHDBAEBCgAtFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl1MJUgPHGhsZUBkZWJp
YW4ub3JnAAoJEBHjBY5eRBpCGAQL/18FvtQ4PBza17AwYyzDCabkMJ0T7n7WikB7
Gdf6ud7WRkXFYaM7kmRZYvs271hW7SdwkICakgwUwuVsoMTh4nmBqk+kqgUlKDYx
og2ohQO5Nwg2gmzkN+yAEH6yX5LyE7rlh6ceLt2WApR9O/gOUM3iCkUFlOpJz0Ml
U95QI4U7NuenMTsQy7KNOXtgyK7pNUUODq8J4xl73OBXLlME1UsNt4SA38kF/eqU
Zi4dfPXrYASHggBO8Mmtc2KISiPUCBWyAL/Lc2SY3/lDFoRTcdkt2ObXniqK3IYU
/2WdMBtp4UyDrc9QkOKhsJcvS+UmNSJPMmvqkzLvwmUA9hGqhOkK9id0sdboARwm
x7UpquEIw2FD1TrKjxbQxaJ7aU9syOSoO5NDBcdTPYDfHj+XX6h6/Tj9fjexceGj
jmLGwVrLQyl6AGt2AENjK9vlUcHAUcLPwvHlGCxsXrcZja8Ra+T6FvPLuEKjYjqO
DHyyChBoBwIVRfJEZdHkkE+A+VuVcA==
=QlHU
-----END PGP SIGNATURE-----
News for package sdl-image1.2
