Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted exiv2 0.25-4+deb10u1 (source) into proposed-updates->stable-new, proposed-updates
Date: Thu, 09 Jul 2020 19:17:09 +0000
Signed by: Roberto C. Sanchez <roberto@familiasanchez.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 23 Jun 2020 18:11:23 -0400
Source: exiv2
Architecture: source
Version: 0.25-4+deb10u1
Distribution: buster
Urgency: medium
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Roberto C. Sanchez <roberto@debian.org>
Changes:
 exiv2 (0.25-4+deb10u1) buster; urgency=medium
 .
   * Non-maintainer upload by the Security Team.
   * Minor adjustment to the patch for CVE-2018-10958 and CVE-2018-10999.  The
     initial patch was overly restrictive in counting PNG image chunks.
   * CVE-2018-16336: remote denial of service (heap-based buffer over-read) via
     a crafted image file.
Checksums-Sha1:
 82db90c36af7036accc8168febf386e85dd4e527 2269 exiv2_0.25-4+deb10u1.dsc
 8627c0daa51c8dcf86dc08ef3db794c6a107ea9d 28380 exiv2_0.25-4+deb10u1.debian.tar.xz
 e60ef9160a8a885299a09508b5f15209dad91be4 9155 exiv2_0.25-4+deb10u1_amd64.buildinfo
Checksums-Sha256:
 905e3daa3b0de7b738b6df35df7a734d8f91c680293195249016e3593c11ffc1 2269 exiv2_0.25-4+deb10u1.dsc
 ecace695d346625c1bfce21859409008afedcef3021b7fe4f94edfc13def2454 28380 exiv2_0.25-4+deb10u1.debian.tar.xz
 d871ac08c40f07d59979272ff0da715371a7539c3eeb2160ba56a500bca168ba 9155 exiv2_0.25-4+deb10u1_amd64.buildinfo
Files:
 2f97a80663e2576bd526713b8cc152a6 2269 graphics optional exiv2_0.25-4+deb10u1.dsc
 2cfeb5c81dbf9296974330e110940bee 28380 graphics optional exiv2_0.25-4+deb10u1.debian.tar.xz
 e8f0ca86ac2abbf67fb904b875a3ca7b 9155 graphics optional exiv2_0.25-4+deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAl7yg7oACgkQLNd4Xt2n
sg+vFA//YV9/0aehSw9vCRPfHFmhHKYAQKMhF+G9gxVEMk7hq5wqTrdvg8E33+1N
D7dPEwaoUyp6+Sxo/aV7hvAjGxwunGq8EVm/OZpIcW5O6Rvfg0coe3smxUrnmQvb
JtWSE0TpyTLD64X3ijYGVkZUTch5e2tDHgqs3ao/Qx8j0yOMmLT9Hk5iZkWd1ouz
jlZ+WF/T5W9dVRra61aGyjmGu3p5tXWXYdri+sOHRAOe0mPCs5htITNm9Qepnhxh
6lAl0TIlogo77iNIBQxBXNRnv8eQTfv+ONStf4VXJaVhvBQzhACrnsc5u7Ut9SW5
FLwfI+upzSv3o35N482wSbvUyUyuBl4Oihiq0LPg5EDBNrShWP6iKmjyjxTeKxsT
YaPKavX+Qe/mn+73SOQcNggVJSfpWltk/vaARksWLD9qDJWQvXkY12/ORk7pchfv
htBuXKd1AZPi4s1k2yRMCuPj8kEi3VsW7IFrC8kyxOiGlPVUgtuMMuGdQ2Jb+OkA
tMHHlYIGDimwN583y1WYpckf7vJ9xfhJWGWORN0IFKpRHqoJasV4kMl2wnX7xboB
iVylB4XOhWspL6GCcOyeuyBV0YI1ElOW+V56NNONudvGjtRuOjJivqizQUftqlxh
uTC4hlLZqFaB/6BOfz5HviBIY/X+oT1DvHwudVEP1Quhc1dOnkk=
=TKEr
-----END PGP SIGNATURE-----

News for package exiv2