-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 29 Aug 2019 08:28:17 -0400 Source: sdl-image1.2 Binary: libsdl-image1.2 libsdl-image1.2-dbg libsdl-image1.2-dev Architecture: source amd64 Version: 1.2.12-5+deb9u2 Distribution: stretch Urgency: medium Maintainer: Debian SDL packages maintainers <pkg-sdl-maintainers@lists.alioth.debian.org> Changed-By: Hugo Lefeuvre <hle@debian.org> Description: libsdl-image1.2 - Image loading library for Simple DirectMedia Layer 1.2, libraries libsdl-image1.2-dbg - Image loading library for Simple DirectMedia Layer 1.2, debugging libsdl-image1.2-dev - Image loading library for Simple DirectMedia Layer 1.2, developme Closes: 932755 Changes: sdl-image1.2 (1.2.12-5+deb9u2) stretch; urgency=medium . * Non-maintainer upload. * CVE-2018-3977, CVE-2019-5058: buffer overflow in do_layer_surface (IMG_xcf.c) (Closes: #932755). * CVE-2019-5052: integer overflow and subsequent buffer overflow in IMG_pcx.c. * CVE-2019-7635: heap buffer overflow in Blit1to4 (IMG_bmp.c). * CVE-2019-12216, CVE-2019-12217, CVE-2019-12218, CVE-2019-12219, CVE-2019-12220, CVE-2019-12221, CVE-2019-12222, CVE-2019-5051: OOB R/W in IMG_LoadPCX_RW (IMG_pcx.c). Checksums-Sha1: aac3a0677fa26bb78d16ff551246f2c7adf7b217 2167 sdl-image1.2_1.2.12-5+deb9u2.dsc ebe6b94f40e9d3e9616af21d50bc1766fe848e0a 12084 sdl-image1.2_1.2.12-5+deb9u2.debian.tar.xz f29a179dfe56e6e93e363053df6792d921dfb8fa 75690 libsdl-image1.2-dbg_1.2.12-5+deb9u2_amd64.deb 1f02958ea8c870171cfeb9a703d205f1cafcb282 39986 libsdl-image1.2-dev_1.2.12-5+deb9u2_amd64.deb 62d12211217554b84311d7629f56b283a9f45817 35496 libsdl-image1.2_1.2.12-5+deb9u2_amd64.deb 9eabc740599a5304d2e82ea1ceab1eecc7aec26f 10178 sdl-image1.2_1.2.12-5+deb9u2_amd64.buildinfo Checksums-Sha256: 6d259da8b8b622e178aa95ea60c476acc7475d5956614a2f0bde3865c1bf068f 2167 sdl-image1.2_1.2.12-5+deb9u2.dsc a329b684ec2b4d5a2269e6c17efb1b770810451bed245e85ce24d863e888ed98 12084 sdl-image1.2_1.2.12-5+deb9u2.debian.tar.xz c2c60e7d913d374e3419ae5eeee7def04739d470c2d213c3a2ae0dc3c1882513 75690 libsdl-image1.2-dbg_1.2.12-5+deb9u2_amd64.deb ab8471b96579aeccb82f71224c27f3ba8b7a923b31d83d78dae908720eb0dc9b 39986 libsdl-image1.2-dev_1.2.12-5+deb9u2_amd64.deb c66a61bdf073ef3af64b1c2b1740bef613c4a2b632fdf9d297be9946eafda83e 35496 libsdl-image1.2_1.2.12-5+deb9u2_amd64.deb aa5a5dbb25665e4633b5d18447a7f2bbf3f96f5d2b09310549ceab7ea38e2ebe 10178 sdl-image1.2_1.2.12-5+deb9u2_amd64.buildinfo Files: 9e2f25cf74295eba501bf8dcc77ec349 2167 libs optional sdl-image1.2_1.2.12-5+deb9u2.dsc c59a558c4e4df3aa6ec7f0ff054628bb 12084 libs optional sdl-image1.2_1.2.12-5+deb9u2.debian.tar.xz 1f1b50aa62d03e2980b546ebce6c47dc 75690 debug extra libsdl-image1.2-dbg_1.2.12-5+deb9u2_amd64.deb a4eaca98f0e69033d15c4bdef5c1c178 39986 libdevel optional libsdl-image1.2-dev_1.2.12-5+deb9u2_amd64.deb 3140e9ec7826d005f2a0c512fe72786f 35496 libs optional libsdl-image1.2_1.2.12-5+deb9u2_amd64.deb c1f42710d8614df3d845333772d158f3 10178 libs optional sdl-image1.2_1.2.12-5+deb9u2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQGzBAEBCgAdFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl1n1+IACgkQEeMFjl5E GkI41wv+KY8CaFMGBvUIqr1t8TEwT6K1WgLhAtmSubQbmvEw/hKo70//E2M6Q/x8 kzkKe4a81EnpwNnQykpz+Q1wGNkf+zoeIH8+dF3LSYLSXnDwRWnF/acq012JQvd8 MQjQsvQTxZwHwQqGyFWnsIZwAsP0WiQUUznUoJ0Yj+ipcP7Tg+QGZBF2HMCTmIZB 5CCvAJQ/WyyLeLiZ8hRIy/qo683FPHWpVejURKv3bx4cbhOUS2Lgs7EVLg1vMzqn 0so5BHf0ZqiAZ+8S6sY+DAdLw+8jxAztAs8eI6c3k9tsWiBzfzPkrUzvjs9e1c+V uI3wFVsOGOr2+C2xCphumHW3NePdxZtZVuuRECoqlFe6Z6kmIzHbEwz7BuSvibsT mPSxDb2oR7fe0T/AOowqvH0ZBazru0zU2eYTuC8EPLeUpNy0gV7qCUbzqiKAmtlg Krt7CHuAEVsYY7N29C+s/Qy9QCzc9lbIVEBllXESvpEQMKsStUVuvf0IZsoacKj0 H98PU2oR =ACg9 -----END PGP SIGNATURE-----
