-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 06 Jan 2020 22:13:27 +0100 Source: fig2dev Architecture: source Version: 1:3.2.7b-3 Distribution: unstable Urgency: medium Maintainer: Roland Rosenfeld <roland@debian.org> Changed-By: Roland Rosenfeld <roland@debian.org> Closes: 946628 946866 Changes: fig2dev (1:3.2.7b-3) unstable; urgency=medium . [ Debian Janitor ] * Add missing colon in closes line. * Set upstream metadata fields: Archive, Bug-Submit (from ./configure). . [ Roland Rosenfeld ] * Update upstream metadata and add several fields. * 31_CVE-2019-19746: Reject huge arrow types causing integer overflow. This fixes CVE-2019-19746 (Closes: #946628). * 30_CVE-2019-19555: Add test to the patch. * 32_fgets2getline: Replace most calls to fgets() by getline() in read.c. This fixes CVE-2019-19797 (Closes: #946866). Checksums-Sha1: 92f67f03a5ad1c7f382b63e078dcf7b1f1ecde09 2232 fig2dev_3.2.7b-3.dsc 9c13e49ab34baac8baa985cc0af57609d4123618 228772 fig2dev_3.2.7b-3.debian.tar.xz 7476f69b9b1952e3935875c53f8cc98ba71a664b 8989 fig2dev_3.2.7b-3_source.buildinfo Checksums-Sha256: 4ea06726d71284dfa2470e2a9b84c841217d281b67a9552f9ddeecbc1b7b20bb 2232 fig2dev_3.2.7b-3.dsc ea7c2bdff463a1f66db5cd317e2d3a8a89a839383a3355d72d14114291a0df41 228772 fig2dev_3.2.7b-3.debian.tar.xz c21237cfa412fa1ef3aa99a7587eeae97a8b802058e52294868eacbc73027ef4 8989 fig2dev_3.2.7b-3_source.buildinfo Files: 6aec2e5f6c2825a847eedec2c8347927 2232 graphics optional fig2dev_3.2.7b-3.dsc 24e4725f411241a0d5053826f751db3b 228772 graphics optional fig2dev_3.2.7b-3.debian.tar.xz bb6843611522534d77610efa25339295 8989 graphics optional fig2dev_3.2.7b-3_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEErC+9sQSUPYpEoCEdAnE7z8pUELIFAl4ToyYACgkQAnE7z8pU ELLcGhAAn1yxBuOzcQgUPUdyYwAaoldr0hheTJsjXdk12Dz+SyzH2EyqZqrfgoZA fYnkifFncQjzRH7vkhuVZEw6mtC1D0TeG9bmM1XdTVnW3kWMqlvC0H0Rqe+sMeY4 HikFdO+b+TGv3RnZFkSpqni9eZnOsognF/MVc/TunztbhXgvhjca9QHzbM1tpdeL Vb0qsDN6uX/3i2eGgFYMX40S0fU968eSj7HcTtr8CR9Z05euHP1Cz0syhfRles7x k7qaNXioqok6zWPidcQP6Jc5qQhUV7nAl6LQKE8ZttVOxs7qtrnPW0teZfmBqWo7 JkJXpVN0TaKh/0V21de+BGxgLzmctUAQQ5xuA13bq6A6s0Ox43mSD3fGHl8rr5yQ 58GyPOi0C/Jw9J9gAs9FZuVrX0MI78Omza55GxZkMgszweuZINBOaNO8wiJwWO2p IaQRKsB87aZdXYSJUZNE/jhE3rJkkti589w2Ur6xpgflziLgfsKnvOxxAoBC/do6 aOPCyzEPdJrg7odCDcAlb77cAiy3hS1fdRwKYUqIqbhtSrtYHgKwAChjTv1NSo/m W0p6io/zau5vysDXUnwPw1cheQSriQ8DQn2Zzk1q8hKaIEsTHz83s5v57mpGAFh8 fpKVb6mVJFW7ui/G70hW9EnNc/AdBc4gDEkxSzlE99gKQo9tPtQ= =645g -----END PGP SIGNATURE-----