Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted libmtp 1.1.8-1+deb8u1 (source amd64 all) into oldoldstable
Date: Sun, 05 Apr 2020 14:10:20 +0000
Signed by: Dylan Aïssi <daissi@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 28 Mar 2020 14:33:25 +0100
Source: libmtp
Binary: libmtp9 libmtp-common libmtp-runtime libmtp-dev libmtp-dbg libmtp-doc mtp-tools
Architecture: source amd64 all
Version: 1.1.8-1+deb8u1
Distribution: jessie-security
Urgency: medium
Maintainer: Alessio Treglia <alessio@debian.org>
Changed-By: Dylan Aïssi <daissi@debian.org>
Description:
 libmtp-common - Media Transfer Protocol (MTP) common files
 libmtp-dbg - Media Transfer Protocol (MTP) debugging symbols
 libmtp-dev - Media Transfer Protocol (MTP) development files
 libmtp-doc - Media Transfer Protocol (MTP) library documentation
 libmtp-runtime - Media Transfer Protocol (MTP) runtime tools
 libmtp9    - Media Transfer Protocol (MTP) library
 mtp-tools  - Media Transfer Protocol (MTP) library tools
Changes:
 libmtp (1.1.8-1+deb8u1) jessie-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2017-9831:
      An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx
      function of the ptp-pack.c file allows attackers to cause a denial of
      service (out-of-bounds memory access) or maybe remote code execution by
      inserting a mobile device into a personal computer through a USB cable.
   * CVE-2017-9832:
      An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function)
      allows attackers to cause a denial of service (out-of-bounds memory
      access) or maybe remote code execution by inserting a mobile device into
      a personal computer through a USB cable.
Checksums-Sha1:
 61bf273de8189a4db9ad4ddc915750a5704bd136 2370 libmtp_1.1.8-1+deb8u1.dsc
 6528da141b9f8a04fc97c0b01cf4f3a6142ff64f 757109 libmtp_1.1.8.orig.tar.gz
 05ba929f30bbeb39fe260d29c33eda61ae6dd057 26652 libmtp_1.1.8-1+deb8u1.debian.tar.xz
 19c52f730f40cbaf73bf9e3f9a692686b5c58c54 184440 libmtp9_1.1.8-1+deb8u1_amd64.deb
 48cf90babe8509b0f744078dec79229c9c34564b 64544 libmtp-common_1.1.8-1+deb8u1_all.deb
 132de3457f49fe02d8231d624e33569945974671 45948 libmtp-runtime_1.1.8-1+deb8u1_amd64.deb
 d96f2685386064f6286d3cdfe5dc853b64ddefd2 50154 libmtp-dev_1.1.8-1+deb8u1_amd64.deb
 36352bf9ae51817a7cf9429f4bca9ce3ed1b11b8 273980 libmtp-dbg_1.1.8-1+deb8u1_amd64.deb
 8d3d85ce64c3ffae66631309daf24baa8518fce4 312366 libmtp-doc_1.1.8-1+deb8u1_all.deb
 d65726a061ce3b5234580b88df2d92cd0c5fd3a5 73094 mtp-tools_1.1.8-1+deb8u1_amd64.deb
Checksums-Sha256:
 3043a544cb0bc8fc547a667a11fb99c9b5aceaa06686a53784caf472111c41f2 2370 libmtp_1.1.8-1+deb8u1.dsc
 3f9e87536aa40e560d0c153a505e38096b1df5ea15fad783691e9a8ca4dd2282 757109 libmtp_1.1.8.orig.tar.gz
 602162fed64ea98afc21529658d17eb1c9b396f428fd1e4a46c5012a40c06b26 26652 libmtp_1.1.8-1+deb8u1.debian.tar.xz
 f93332e219f4a02f16ab3412ab9881812218cbff433deb97a56c563429b6ef10 184440 libmtp9_1.1.8-1+deb8u1_amd64.deb
 d676a61bc6b80d4a91650da9ff68499af5ccba0cb2395772f0e683df4225ea7e 64544 libmtp-common_1.1.8-1+deb8u1_all.deb
 f3483420a8952f2b8e9ac16cc2c4a69be74e1461e96f7f31e3fcf9fdfe3075bf 45948 libmtp-runtime_1.1.8-1+deb8u1_amd64.deb
 ebaaa8840d6cce9a148ac48633aa07651fbd764b00aa7ee3660566bdea921f15 50154 libmtp-dev_1.1.8-1+deb8u1_amd64.deb
 5836b3a6ee43a35eaf39c171195fed36d64ea3d1aff63f0e8192469f35c9199d 273980 libmtp-dbg_1.1.8-1+deb8u1_amd64.deb
 bc9a8cda25be86376844181f32de2f1e0b5b2bfcf0e5cb92e70479dc19154b52 312366 libmtp-doc_1.1.8-1+deb8u1_all.deb
 949a3fcf105ea707088e97df13617ec790ab94a7a4afaa8c4c8f31104c50dabc 73094 mtp-tools_1.1.8-1+deb8u1_amd64.deb
Files:
 a2045524bfe4331c5e7259225b340404 2370 libs optional libmtp_1.1.8-1+deb8u1.dsc
 f76abc22fdbe96e96f0066e0f2dc0efd 757109 libs optional libmtp_1.1.8.orig.tar.gz
 7a0fa0d5488ed9483e5854bb5442d011 26652 libs optional libmtp_1.1.8-1+deb8u1.debian.tar.xz
 0f69dbadeff2c1e5cc488be62b2f5ba1 184440 libs optional libmtp9_1.1.8-1+deb8u1_amd64.deb
 936e7b5153016c695d72a9b9bb687138 64544 libs optional libmtp-common_1.1.8-1+deb8u1_all.deb
 c99a132a029d3470b8bbb304c843a5dc 45948 libs optional libmtp-runtime_1.1.8-1+deb8u1_amd64.deb
 96975d7a461b982fea6f1e730489cbca 50154 libdevel optional libmtp-dev_1.1.8-1+deb8u1_amd64.deb
 102b639d34142190baf799f8bd41076f 273980 debug extra libmtp-dbg_1.1.8-1+deb8u1_amd64.deb
 1e59e8ee70b1d4609f16967829039138 312366 doc optional libmtp-doc_1.1.8-1+deb8u1_all.deb
 69dd471916e3fb32c5c864cad0752eb7 73094 utils optional mtp-tools_1.1.8-1+deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmjwHvQbeL0FugTpdYS7xYT4FD1QFAl5/aMwACgkQYS7xYT4F
D1TpuQ//eoxIwbXFzFzbsRruxC5boV5sz60JZr8M9p703WnQnaRNxkmqyRtbuNNn
dRyvcONJt7tAN0JbIVHrN623E6X0TzVywYOAl3ngrSfBD81asoloQj3uDppuXKk+
23o1YVmh72JDvdPEp2AAUUPfV+cJs1Kxc6vu36gJZpPG6Rp53AWtKwlZKN4skpY0
iRkQkQfiwFnuKIWKipz3nDDkqkErOkqiCSi2sEmjIQkZZfzZt0NjaCNuUa8K0aA/
oD8cMOz4W5S3k4TnCqd6gI8SBqoEBNiFrVi7aQiGgEE5PYX1tU5gLZtzp/5O4RVl
Y4O/ErdAxNHYfr5y68XS4P34x9pDAkkBHAyq7Yayyiz4vg/Qufs5Hic30tQDg1z5
RR8H0SeL23wu4CSlIjuG+bHzaCyTZCj/Je6YLuOXO7EOF4RnH9tPtKH4VP/ocLEQ
lTiHTQxM2DV2YxEGeHvoaASc5IkfMrv16fH2h1BCtH3abK5jGVDp9r2efD/V1fvP
UKZtZPj0uA+f/Fa3saZcWfYSdCLVhDZFPrIySdxvpteAoEiEShCAzJs+rjo+Eifn
PpQBXh/MI6uXpdVbQNcDRpQyaLfjqT694xUkFT9XNJirmzBD8CNqzjBXFpCI9Ezy
iq4hq+UFXT3SknZEuh/Lw5VGWDad89PxqD6fQJOm12BZ+lEHR80=
=ug83
-----END PGP SIGNATURE-----
News for package libmtp
