Debian Package Tracker

From: Markus Koschany <apo@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted binaryen 89-1 (source) into unstable
Date: Thu, 29 Aug 2019 15:04:02 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 29 Aug 2019 16:04:13 +0200
Source: binaryen
Architecture: source
Version: 89-1
Distribution: unstable
Urgency: medium
Maintainer: Markus Koschany <apo@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Closes: 936024
Changes:
 binaryen (89-1) unstable; urgency=medium
 .
   * New upstream version 89.
     - Fix CVE-2019-15758:
       Missing validation rules in asmjs/asmangle.cpp can lead to an Assertion
       Failure at wasm/wasm.cpp in wasm::asmangle. A crafted input can cause
       denial-of-service, as demonstrated by wasm2js.
     - Fix CVE-2019-15759:
       Two visitors in ir/ExpressionManipulator.cpp can lead to a NULL pointer
       dereference in wasm::LocalSet::finalize in wasm/wasm.cpp. A crafted input
       can cause segmentation faults, leading to denial-of-service, as
       demonstrated by wasm2js.
       Thanks to Moritz Muehlenhoff for the report. (Closes: #936024)
   * d/control: Build with python3. Add python3.patch to avoid a FTBFS.
Checksums-Sha1:
 abef65943bd11dfda6722960e931859d7747ed0c 1975 binaryen_89-1.dsc
 67149cba137268c75f2e9baafa1ccce83c9c597f 2942509 binaryen_89.orig.tar.gz
 768cec59fd714077b7732e8535f5642e991cf75f 3240 binaryen_89-1.debian.tar.xz
 3bd3a5f44cb0b20dd70e5b28e76c25a95db66303 7154 binaryen_89-1_amd64.buildinfo
Checksums-Sha256:
 8c7ca9c35331faae5396aa2e4e89e489c58a9b7abb26c64e031bb6d823cb6ff2 1975 binaryen_89-1.dsc
 e8b35e751cc9b90ce4c4a9d309595ee9c3afac2964fd0c4cc06c12ec43f6d55e 2942509 binaryen_89.orig.tar.gz
 2dc90efef1a6cbae8d0a28ac00a982e28b1f7488362287353434cc4ef1dc63c2 3240 binaryen_89-1.debian.tar.xz
 531f9f89cc1bdffff071c8edcf8798cc66f38b7fa85ad265ad729c76244b23f2 7154 binaryen_89-1_amd64.buildinfo
Files:
 29523f1df50f22aea4560f7babf655fe 1975 devel optional binaryen_89-1.dsc
 370a6c81ce109398cca47a65e37b74ce 2942509 devel optional binaryen_89.orig.tar.gz
 5955f8e7631a3a8a519261e132c8f83e 3240 devel optional binaryen_89-1.debian.tar.xz
 6ae66953bf682986b52b7f3743a4aeb4 7154 devel optional binaryen_89-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl1n4AZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkPncP/3EOR3ohOpI4Ul+tXr6vP97gfFVZAbNOk3HV
y9XpW2XFRO/xnfvvC78Mi4+q1ZEUpEpNqrtWgeIs9xXynKee717facvl7CogN008
62dzAWqxlWm5ipjJLZkGHHJQ5/Ye46i0x+/6b8K6XdwCCj2FxO5Iw0gYSmMxSYGn
SlLPtv5VlgiRzS8NIpu8c9P81HbhM4MMNj/sAV6gfxWMNe9kqiusJA16MWqvkNMB
MJ98s3gAqcXwDFj5KtgVC3rWc1Vp56kQtqB8JOAnGzN5/i677E01lT3OZBWHPEyh
iqmsOwUu+bn029VbVloOsNtaNC2zScCWK9QUdS/eEbhUXvcnHG1LhJOW9u5TaWYw
eY7hkqPiTyuU9azxQ9nOXoUL2240vOtXgqSwWvOBaPgI08nZ9eniXVTahSs6EWkX
hxlh2vJhgeJjIIcaEVvlraN5ntmh7dQ/gbsTSnl+tcLxIaqngEpIR6GUId0isuGr
to6uuB0Z8LaL3hPs6tKQgzuqTkWQsLo6vf+hz+BGHBsnXjEatF3PF5fkh3lU9NIA
6JawEuoAidIIRgOZBqf1viheQvhTNROHP7Tr82KsfH1VAeHFYHFOZKLXHvFP10um
XQsaR+ZtongME2CftWJ0UdbYRZBes0/Fzq0C3n1TM5XSjLpT0bpPUTNts21UOKWo
8zCKMEKc
=0psC
-----END PGP SIGNATURE-----
News for package binaryen
