-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 10 Dec 2019 16:34:27 +0100 Source: freeimage Binary: libfreeimage-dev libfreeimage3 libfreeimage3-dbgsym libfreeimageplus-dev libfreeimageplus-doc libfreeimageplus3 libfreeimageplus3-dbgsym Architecture: source amd64 all Version: 3.18.0+ds2-1+deb10u1 Distribution: buster-security Urgency: high Maintainer: Debian Science Maintainers <debian-science-maintainers@lists.alioth.debian.org> Changed-By: Hugo Lefeuvre <hle@debian.org> Description: libfreeimage-dev - Support library for graphics image formats (development files) libfreeimage3 - Support library for graphics image formats (library) libfreeimageplus-dev - C++ wrappers for FreeImage (development files) libfreeimageplus-doc - C++ wrappers for FreeImage (documentation) libfreeimageplus3 - C++ wrappers for freeimage (library) Closes: 929597 Changes: freeimage (3.18.0+ds2-1+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2019-12213: stack exhaustion caused by unwanted recursion in ReadThumbnail (Closes: #929597). * CVE-2019-12211: heap buffer overflow caused by invalid memcpy in PluginTIFF. Checksums-Sha1: fefc6245cb0f0dd938872db61158c4e29a1a754f 2393 freeimage_3.18.0+ds2-1+deb10u1.dsc 5c5f67837bd03cb2be596eb66d6edae735a4370d 1281524 freeimage_3.18.0+ds2.orig.tar.xz 9ee068a95cb08c8a3f729f7cb600b9b03bd0e7ab 22048 freeimage_3.18.0+ds2-1+deb10u1.debian.tar.xz 9e45ec8911bc8ec39c4c712bce059f8441d08359 8231 freeimage_3.18.0+ds2-1+deb10u1_amd64.buildinfo fd6e4fc10947c1dc40048211e9b17faf8197361a 45920 libfreeimage-dev_3.18.0+ds2-1+deb10u1_amd64.deb d4ce4ac9a69d0e7f2b25561a8c3335ae044f7da5 2253880 libfreeimage3-dbgsym_3.18.0+ds2-1+deb10u1_amd64.deb ab08bb23f05f1c2b3d8bd6fec3dbf0abc3599a4d 293676 libfreeimage3_3.18.0+ds2-1+deb10u1_amd64.deb e927a109ce050d70591804da3b18ffa817e42346 46080 libfreeimageplus-dev_3.18.0+ds2-1+deb10u1_amd64.deb b07ef20db937d0afb5afc5c7a3bc23a29f9d2eb3 168560 libfreeimageplus-doc_3.18.0+ds2-1+deb10u1_all.deb ff7ad76bc0f4eb68caa9d807dd762f19a9800381 43192 libfreeimageplus3-dbgsym_3.18.0+ds2-1+deb10u1_amd64.deb 3a58f0f915ea343074752a5c37e3e2d92d5d9d15 46952 libfreeimageplus3_3.18.0+ds2-1+deb10u1_amd64.deb Checksums-Sha256: 0b488c749a10ef02ff55fd51508824fe91203ece48604c3091d59b1cab543e2f 2393 freeimage_3.18.0+ds2-1+deb10u1.dsc 4425d04d4691084260848d67eb79949ea7c129d85c73a72066ba609fd3f3aa39 1281524 freeimage_3.18.0+ds2.orig.tar.xz ad7e5f584ba8a7514a29cef5aad6e840b3346899e80db4f5d9aeb13259b61afe 22048 freeimage_3.18.0+ds2-1+deb10u1.debian.tar.xz 73a0e2a5f7eb9d0cd2f04a8ee5321bae00578eced9dd6f9f5b246019d3731a91 8231 freeimage_3.18.0+ds2-1+deb10u1_amd64.buildinfo c1b610a683cf6b0053c8cdf862fcf0a0d825b73860a9f6473f81bf07f7464d22 45920 libfreeimage-dev_3.18.0+ds2-1+deb10u1_amd64.deb 743af84a4da0644f2815d7572270c4dad836402c921c7bf1f2653ec661e2d968 2253880 libfreeimage3-dbgsym_3.18.0+ds2-1+deb10u1_amd64.deb 838abede562c882fb34fd64b91468a175bef72b466aa8e326e6e3c92638f226b 293676 libfreeimage3_3.18.0+ds2-1+deb10u1_amd64.deb 90dd8c7a66a099dda7cab6316e3f6cdc381fe8d76fd9212765b40f1afebfd7aa 46080 libfreeimageplus-dev_3.18.0+ds2-1+deb10u1_amd64.deb e589a71170b63652cae70ee48f61184d89f844895d037f3b0964c28e3877add1 168560 libfreeimageplus-doc_3.18.0+ds2-1+deb10u1_all.deb e5979575b9ad362c4aa372864efcb9e321266044b3f66dbb64627f8aa9be50df 43192 libfreeimageplus3-dbgsym_3.18.0+ds2-1+deb10u1_amd64.deb 0cd5fd7b029d5c78861bc4d30299c42fe3e4d2c4daa141084df49ffb9787b15e 46952 libfreeimageplus3_3.18.0+ds2-1+deb10u1_amd64.deb Files: c8d4dda2dc783dea8eff335e7bbc262c 2393 libs optional freeimage_3.18.0+ds2-1+deb10u1.dsc bf8d7f34b419266773255855aadfd808 1281524 libs optional freeimage_3.18.0+ds2.orig.tar.xz 0a127cd64c3266825d1b82ccb8837307 22048 libs optional freeimage_3.18.0+ds2-1+deb10u1.debian.tar.xz ab95d56eb286ab316a7f4be5bfee233a 8231 libs optional freeimage_3.18.0+ds2-1+deb10u1_amd64.buildinfo 7b030ac480add7da5326f42bef283f64 45920 libdevel optional libfreeimage-dev_3.18.0+ds2-1+deb10u1_amd64.deb 1f9e6f71772b94a3db5bf50897dfcfd4 2253880 debug optional libfreeimage3-dbgsym_3.18.0+ds2-1+deb10u1_amd64.deb 7bff242ed1f9a29ecb39a8871e01085b 293676 libs optional libfreeimage3_3.18.0+ds2-1+deb10u1_amd64.deb 0c43f5ae84ec0a43e5740a03dbbbff76 46080 libdevel optional libfreeimageplus-dev_3.18.0+ds2-1+deb10u1_amd64.deb d0e3bd259bb9a3ddec7165448005918f 168560 doc optional libfreeimageplus-doc_3.18.0+ds2-1+deb10u1_all.deb b6d7b8214a3d7157c8254e3de7ee4b0d 43192 debug optional libfreeimageplus3-dbgsym_3.18.0+ds2-1+deb10u1_amd64.deb 3fde1eb7bb187a177dba3b37a89be403 46952 libs optional libfreeimageplus3_3.18.0+ds2-1+deb10u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQGzBAEBCgAdFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl4GZyYACgkQEeMFjl5E GkIZQgv/UlckSb0ska46omjpNjnqk8Kcv6dBVlTBxCIv1/dVe/Zp+ftBtcwwDxXc +11eqqpcfQfsP0prphSYdAzStTCsNck3nHU0sLuiMkL1kJEdK+SiQCyJ7Ihs6k/Q 6+IzzYIzCh1noH009Gtna+UXE5xWQb2vOrUeSyq7yhqv/jwDnwNQL1yMHqL+vS7T /UyDRwzqlikvhxJGSOsQFOI6TXPL20yQjXwBP7gOY/rgPw6MADc5HNkQEiDDm8Gf mob5ZSd5e4p7Ftt7z53kb7foxT11eO7TmJwnhNcvBQ/9Ru10OAn3X5UEabINd+XN aHLWCCxm5rQqlVGlT3xpmsXP+WpY/anTAjtN81yHvk3Oii5MkPgatjvh6bEa6JTl KeK1FzENNkjtg8/rn1BrdktVD5jqpKh+gZEHWMyXVQwKeruaNfWXRxgDEOmlM9JW 6n5g1eLSIq3BFSL7uxxzlD/3LscKjnQ58QYoIg6uYIp85EwDqqxl/sNpTmuwwtgX duckd0/K =XLa2 -----END PGP SIGNATURE-----