Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-experimental-changes@lists.debian.org> , <debian-devel-changes@lists.debian.org>
Subject: Accepted libraw 0.20.0-1 (source amd64 all) into experimental, experimental
Date: Tue, 04 Aug 2020 10:00:16 +0000
Signed by: Matteo F. Vescovi <mfv@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 30 Jul 2020 00:09:36 +0200
Source: libraw
Binary: libraw-bin libraw-bin-dbgsym libraw-dev libraw-doc libraw20 libraw20-dbgsym
Architecture: source amd64 all
Version: 0.20.0-1
Distribution: experimental
Urgency: medium
Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org>
Changed-By: Matteo F. Vescovi <mfv@debian.org>
Description:
 libraw-bin - raw image decoder library (tools)
 libraw-dev - raw image decoder library (development files)
 libraw-doc - raw image decoder library (documentation)
 libraw20   - raw image decoder library
Closes: 954886
Changes:
 libraw (0.20.0-1) experimental; urgency=medium
 .
   [ Matteo F. Vescovi ]
   * New upstream release
     This release fixes CVE-2020-15503:
     | LibRaw before 0.20-RC1 lacks a thumbnail size range check.
     | This affects decoders/unpack_thumb.cpp,
     | postprocessing/mem_image.cpp, and utils/thumb_utils.cpp.
     | For example,
     | malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs
     | without validating T.tlength.
   * debian/: SONAME bump 19 -> 20
   * debian/control:
     - debhelper bump 12 -> 13
     - S-V bump 4.4.0 -> 4.5.0 (no changes needed)
     - RRR set
   * debian/tests/smoketest: path adapted
   * debian/copyright: entries for unused files and licenses removed
   * debian/rules: drop useless files installation
   * debian/libraw20.symbols: missing and new symbols added
 .
   [ Sebastien Bacher ]
   * debian/tests/build: use the correct compiler for
     autopkgtest cross-testing. (Closes: #954886)
Checksums-Sha1:
 5f12feee60635e82b920c1b568ed4b1eb700b1fe 2339 libraw_0.20.0-1.dsc
 ec9b5e9db38e713dbd06eab6a35999d39fb70187 518515 libraw_0.20.0.orig.tar.gz
 982d0d78d1dbf4d7bddd5b96450336babb91430a 22664 libraw_0.20.0-1.debian.tar.xz
 7fc1cb530313c9e76080bd714f4cf8a0a3015f5f 167564 libraw-bin-dbgsym_0.20.0-1_amd64.deb
 8b926bc31d807a49307640a22b608bc3322a4501 92404 libraw-bin_0.20.0-1_amd64.deb
 d9b2fd213124d68a81566e4972ce769ae1259e9e 394552 libraw-dev_0.20.0-1_amd64.deb
 8c1ff7116f952c17e13778ff0993d9744010ca2e 89404 libraw-doc_0.20.0-1_all.deb
 606558c4f78eea9a93094f6669ebae979a4fdb05 734816 libraw20-dbgsym_0.20.0-1_amd64.deb
 3e485c28543c8eea90fe639e419b3af82136668d 349612 libraw20_0.20.0-1_amd64.deb
 6a6fbcd1f9017d5308864fc505a44fb3870534e5 7128 libraw_0.20.0-1_amd64.buildinfo
Checksums-Sha256:
 aceb7b2d5fd3d55570d163b507e05cd5e40c057c9b66f07c2619509fb7f9c635 2339 libraw_0.20.0-1.dsc
 ad5b5a28828c5c4c86a77fb64aee83d2d2c064c319482b87b45eb9ac8b1f6028 518515 libraw_0.20.0.orig.tar.gz
 3b4dfd45eacc1a5f105c897d494690b8996fa79dfd560d18ed116a7d714d6931 22664 libraw_0.20.0-1.debian.tar.xz
 fdd017bc10f23772dbcddf56ed6f6e8c35a62279cdd53f3c7b26f425c0510a64 167564 libraw-bin-dbgsym_0.20.0-1_amd64.deb
 04b496d04522d7242d8198981b9aef3c2041e8310100e45f9b4743f121c1a21d 92404 libraw-bin_0.20.0-1_amd64.deb
 156160aa1070efda764246d62200a3be2962e58978f8cd1b8997a32426b76679 394552 libraw-dev_0.20.0-1_amd64.deb
 7b985b70ccc7d872cdfd84b8d0cb423fd1d565e87eac844d73b784d4452044a4 89404 libraw-doc_0.20.0-1_all.deb
 f33daf82d2ac2df34b17c2ebe02b909c2e73ad0f7c9a3abe3d6f45977d47bdde 734816 libraw20-dbgsym_0.20.0-1_amd64.deb
 4f8cdda8b05b82fc51a1ff40a48285fdda73bf8f45020c4071cd5f041db507fb 349612 libraw20_0.20.0-1_amd64.deb
 0dce29b656e11bcd93fd0563dedd62d28b6c576a98a1226831909d35ba44b10b 7128 libraw_0.20.0-1_amd64.buildinfo
Files:
 53de2a48960bc6048ccbaadce5d65cd8 2339 libs optional libraw_0.20.0-1.dsc
 00ceab1bcc4be9a95a21f4f27435e3bf 518515 libs optional libraw_0.20.0.orig.tar.gz
 e687c3ea75b49f71040b9a858491e129 22664 libs optional libraw_0.20.0-1.debian.tar.xz
 30451a0a022571074c931ad152586902 167564 debug optional libraw-bin-dbgsym_0.20.0-1_amd64.deb
 b27dfa9811f1e80e39165876b5cbc716 92404 graphics optional libraw-bin_0.20.0-1_amd64.deb
 bc2342e66930497dc080f44c9f1b0cb8 394552 libdevel optional libraw-dev_0.20.0-1_amd64.deb
 0e6eaefed41f92a8a2d487c6ef98e772 89404 doc optional libraw-doc_0.20.0-1_all.deb
 9168698455b6bca73dfc6672a4eb86bc 734816 debug optional libraw20-dbgsym_0.20.0-1_amd64.deb
 0c50425fe33a675b3d8bf6b75bebba5c 349612 libs optional libraw20_0.20.0-1_amd64.deb
 78fd4e1880afe816416ca3c18846a7a2 7128 libs optional libraw_0.20.0-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----
Comment: Debian powered!

iQKTBAEBCgB9FiEE890J+NqH0d9QRsmbBhL0lE7NzVoFAl8h9OBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEYz
REQwOUY4REE4N0QxREY1MDQ2Qzk5QjA2MTJGNDk0NEVDRENENUEACgkQBhL0lE7N
zVrTfA/9FHEUnAhfpoB8DCYi86hRy5fEp1Om4FTCZH+aUrbLnInngoa74gfyEaoD
ddfwC/o0O5WxhDEIHXOw4stVE3K9IKSdkc2MOPKY6XNpFjSVOkmq1HkuCNVRaTXZ
eS7d14WmjMMddOfjUh7kugPsdW2+GVUfMNBcm2t+0MSbfqiwoxXa22fn67hSoMpn
6k17sPKWHPbWJy4fVlRFYvaNUEVWLv2jYFv+k9wYPmp1R4Q90ZkeeRDaK62DULfb
m/fPuh3DwWelWKPDJ/2yV57P/0xsp8F1LHODlBlfaQDfM39UozS9kJNIQSZ3zdlC
CPylkP1gD4sCZHW/baQ3SNQSl86Xr4HYDkmu+xDZRVkTwlWuYljraYQN1ZqNmVnj
V7uSXIZF5JmWXCO1gQnpHLunon+cWabcnJC0D7q9XS4KsD67JIDPmGLwGsoqkw0Z
uLeJBCvrb7V6GZy3GJPksKP1pxDYvhm9sBVpdbpp4G0rBWTlp/lyU/Hbc26vkmGZ
i2BCU1kDS+GKNx7qbsXx5ap9LoM9bL+aXMk/SsghL/Qn4Almnwh8g7pMMU3LSPXF
+UACE2h6sMbVOzOQLHYlWV2MkCUNkMtijJDFcYJprfxuX7l1QBaX2e0gWrb+C8Ap
ujEcIwq4FBesVdUDD5ubK4xIXg24BdPM7QmsKxmzlECSdT1C+xY=
=X9uj
-----END PGP SIGNATURE-----
News for package libraw
