-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 23 Jun 2012 16:51:00 +0200 Source: libvorbisidec Binary: libvorbisidec-dev libvorbisidec1 Architecture: source i386 Version: 1.0.2+svn18153-0.1 Distribution: unstable Urgency: medium Maintainer: Daniel Kahn Gillmor <dkg@fifthhorseman.net> Changed-By: Luk Claes <luk@debian.org> Description: libvorbisidec-dev - Integer-only Ogg Vorbis decoder, AKA "tremor" (Development Files) libvorbisidec1 - Integer-only Ogg Vorbis decoder, AKA "tremor" Closes: 669196 Changes: libvorbisidec (1.0.2+svn18153-0.1) unstable; urgency=medium . * Non-maintainer upload by the Security Team. * New upstream version to fix security issues. * CVE-2008-1419: correctly handle codebook.dim==0 case * CVE-2008-1423: check for absurdly huge codebooks * CVE-2008-2009: sanity check for underpopulated Huffman trees * CVE-2009-3379: multiple vulnerabilities MFSA 2009-63 * CVE-2012-0444: fix decoding memory corruption Closes: #669196 * Add libogg-dev dependency to avoid FTBFS. * Don't ship .la file. Checksums-Sha1: 51a7c3e8d8a9f09728f79d5155099a01f748cb95 1343 libvorbisidec_1.0.2+svn18153-0.1.dsc e1f8e5281a92029a1bb325ecb247a6d9c8bf7199 149060 libvorbisidec_1.0.2+svn18153.orig.tar.gz eafa7d16b51ea2e6883487ebeec7a8f97713966d 5465 libvorbisidec_1.0.2+svn18153-0.1.diff.gz 455898f67321dfbb71d7c1bdd37726bdb29d6616 116296 libvorbisidec-dev_1.0.2+svn18153-0.1_i386.deb 9d6ef49f6b48b8a6c562faf34c19e1b07cf22f71 84400 libvorbisidec1_1.0.2+svn18153-0.1_i386.deb Checksums-Sha256: b09629aa10ac820645bea4f7feb6da94f2f0f7eca8547f80ab337059b0a653f3 1343 libvorbisidec_1.0.2+svn18153-0.1.dsc 4dc8c224289da3479fc10ce4e49ffbb85c790eb2fe55ef480934a265ee0a6782 149060 libvorbisidec_1.0.2+svn18153.orig.tar.gz d8b2bdad174f5b8236c2a8345b657d350cea586a8f7523e2e4c0cf768be039e4 5465 libvorbisidec_1.0.2+svn18153-0.1.diff.gz 35e0f03c34a7239c47c74cfb018ec7c1bf6b159abdaa5dd14079e682a521866b 116296 libvorbisidec-dev_1.0.2+svn18153-0.1_i386.deb 4761cf066fedfc04d63f58af21114ff3cfaf9da854e03c1032b8eedc73a76414 84400 libvorbisidec1_1.0.2+svn18153-0.1_i386.deb Files: ff1aef0eab0c2837920c167775a28d41 1343 libs extra libvorbisidec_1.0.2+svn18153-0.1.dsc 4190859414c5d6760e316b5cf00fe7c5 149060 libs extra libvorbisidec_1.0.2+svn18153.orig.tar.gz 25e11d3c90bc9a50d79944a68234bcb8 5465 libs extra libvorbisidec_1.0.2+svn18153-0.1.diff.gz f64b9179344fac293be4f2403d904302 116296 libdevel extra libvorbisidec-dev_1.0.2+svn18153-0.1_i386.deb c68dc83e2febc085f3c499cbb03f44da 84400 libs extra libvorbisidec1_1.0.2+svn18153-0.1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAk/l6XEACgkQ5UTeB5t8Mo2X7QCeLvfeP4pTSDf25LXiLXy844it lwoAn3ovau9ADDKo0uV69imFtcQhi6W5 =Qtwx -----END PGP SIGNATURE----- Accepted: libvorbisidec-dev_1.0.2+svn18153-0.1_i386.deb to main/libv/libvorbisidec/libvorbisidec-dev_1.0.2+svn18153-0.1_i386.deb libvorbisidec1_1.0.2+svn18153-0.1_i386.deb to main/libv/libvorbisidec/libvorbisidec1_1.0.2+svn18153-0.1_i386.deb libvorbisidec_1.0.2+svn18153-0.1.diff.gz to main/libv/libvorbisidec/libvorbisidec_1.0.2+svn18153-0.1.diff.gz libvorbisidec_1.0.2+svn18153-0.1.dsc to main/libv/libvorbisidec/libvorbisidec_1.0.2+svn18153-0.1.dsc libvorbisidec_1.0.2+svn18153.orig.tar.gz to main/libv/libvorbisidec/libvorbisidec_1.0.2+svn18153.orig.tar.gz
