-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 20 Sep 2019 08:31:51 +0800 Source: libstb Architecture: source Version: 0.0~git20190817.1.052dce1-1 Distribution: unstable Urgency: medium Maintainer: Yangfl <mmyangfl@gmail.com> Changed-By: Yangfl <mmyangfl@gmail.com> Closes: 932660 934966 Changes: libstb (0.0~git20190817.1.052dce1-1) unstable; urgency=medium . [ Boyuan Yang ] * New upstream snapshot + Include upstream CVE fixes: - CVE-2019-13217: heap buffer overflow in start_decoder() - CVE-2019-13218: stack buffer overflow in compute_codewords() - CVE-2019-13219: uninitialized memory in vorbis_decode_packet_rest() - CVE-2019-13220: out-of-range read in draw_line() - CVE-2019-13221: issue with large 1D codebooks in lookup1_values() - CVE-2019-13222: unchecked NULL returned by get_window() - CVE-2019-13223: division by zero in predict_point() (Closes: #934966) * debian/rules, Makefile: Make sure the package cross-builds correctly (Closes: #932660) * debian/libstb0.symbols: Add new symbols Checksums-Sha1: fba07136b497cb3cb4947818ac2876bb34b03e5a 2054 libstb_0.0~git20190817.1.052dce1-1.dsc e9e3b566bd563f149a5f2543decd8e5a09d43898 1357962 libstb_0.0~git20190817.1.052dce1.orig.tar.gz c4eb8cd8561ba443d430d2fa0acabd6978dacc2c 10440 libstb_0.0~git20190817.1.052dce1-1.debian.tar.xz 3be243110fda26a693e5c104c380c8f5049be5f3 6327 libstb_0.0~git20190817.1.052dce1-1_amd64.buildinfo Checksums-Sha256: b0277b679de6f73afe8e1397d36420247b97d26e6fd8545a2a4751e43342e374 2054 libstb_0.0~git20190817.1.052dce1-1.dsc 466e7af7c4c8c435e5270d3b7aabf15bc580bf231a3e1fb84655c7a252e75ea2 1357962 libstb_0.0~git20190817.1.052dce1.orig.tar.gz 3c860e90ec67d5d6b0f1eaa303ab552a8b933d5868e122eec5f5c7912db54631 10440 libstb_0.0~git20190817.1.052dce1-1.debian.tar.xz 18443309de815dc00454495f87cdb3e85561e5ecb9a7ce82da4664b813f5254f 6327 libstb_0.0~git20190817.1.052dce1-1_amd64.buildinfo Files: b8a38f171c973487a10184f3d395929e 2054 libs optional libstb_0.0~git20190817.1.052dce1-1.dsc 3fbf7d65d6755bc4c55c8dbcef57273d 1357962 libs optional libstb_0.0~git20190817.1.052dce1.orig.tar.gz 265e5eca14584889087f6ab72c4727de 10440 libs optional libstb_0.0~git20190817.1.052dce1-1.debian.tar.xz 76d4e08067750fa94d1532579d07485c 6327 libs optional libstb_0.0~git20190817.1.052dce1-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEfncpR22H1vEdkazLwpPntGGCWs4FAl2EP7kACgkQwpPntGGC Ws7F+A/+IZbLe3Y95MMAwFiPa06PNo5SRJitNw81DdK/hDt4dSIrM7fp+T6zxtpm vmJrgIeRm+icBjGa/zQAG6P6GB5dSH9hMPJaP4LaPgCroiKn/7oNrZzFlw/gqTEy ArddaOjgo2bvPJN7JPHNiiz8s4AFbQVj/Na9pPORqqSlad8exHJ94QP1KbvC+BSf cs0L495ABaQb49IsUtrJ6gcqfsdVljuypMU//yoO5hAubM1JqzLNafObNnAz8QeF KpRGD7nDot/Hx4yG661nlitOUMvjtoFe3lZEBPklpb4bGNv1okthx3iAI0FDCNut 0Ns5DLZbl8rxCmYsFA3QdUweMLUenHmQ8wfsszY2v+fOEmg2oER+zW0eF+zNOWwL 2urqsI7GBXl66Vw9yZxYIMouQeWKgQ65O+L5rtXlmr3emNhIQFl4cSQH4eb3sJvT g6d9vtpY6XjA3y91IqOTeWQOsYANdTGOuo70lKhJaWlVjt+wpHcNtBxMSc5quVyl Nbnx49fTTQ2gcarvaGSszsi1CbBRhMSCKMrdYQzpPft/zO6RggYoeBnZC6+H/u9d 7KZxMFmKX2LlAqVOCJzNy7hAfh4JIKe6sDQ7pacvXGhw7fVZnGmPgc8M53w+UXZ2 ba8zzrXnDXThinP7Y6bndxQrgSYpJMC70fWsInNvKrDHWFCPaQ8= =cOXB -----END PGP SIGNATURE-----
