Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted djvulibre 3.5.28-2 (source) into unstable
Date: Mon, 10 May 2021 18:19:13 +0000
Signed by: Barak A. Pearlmutter <bap@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 10 May 2021 18:56:59 +0100
Source: djvulibre
Architecture: source
Version: 3.5.28-2
Distribution: unstable
Urgency: high
Maintainer: Barak A. Pearlmutter <bap@debian.org>
Changed-By: Barak A. Pearlmutter <bap@debian.org>
Closes: 988215
Changes:
 djvulibre (3.5.28-2) unstable; urgency=high
 .
   * bump policy version
   * Include Fedora 3.5.27 patches, foward ported, taken from djvulibre.spec in
     https://src.fedoraproject.org/rpms/djvulibre.git
     - Patch0: djvulibre-3.5.22-cdefs.patch                    (forward ported)
     - #Patch1: djvulibre-3.5.25.3-cflags.patch              (disabled in Fedora)
     - Patch2: djvulibre-3.5.27-buffer-overflow.patch        (UPSTREAMED)
     - Patch3: djvulibre-3.5.27-infinite-loop.patch          (UPSTREAMED)
     - Patch4: djvulibre-3.5.27-stack-overflow.patch         (UPSTREAMED)
     - Patch5: djvulibre-3.5.27-zero-bytes-check.patch       (UPSTREAMED)
     - Patch6: djvulibre-3.5.27-export-file.patch              (forward ported)
     - Patch7: djvulibre-3.5.27-null-dereference.patch       (UPSTREAMED)
     - Patch8: djvulibre-3.5.27-check-image-size.patch         (forward ported)
     - Patch9: djvulibre-3.5.27-integer-overflow.patch         (forward ported)
     - Patch10: djvulibre-3.5.27-check-input-pool.patch        (forward ported)
     - Patch11: djvulibre-3.5.27-djvuport-stack-overflow.patch (forward ported)
     - Patch12: djvulibre-3.5.27-unsigned-short-overflow.patch (forward ported)
     These address a number of crashes and security issues, including
     CVE-2021-3500 (closes: #988215)
Checksums-Sha1:
 7321f851726bb9de444628e5c52e7fc47c59ee26 2388 djvulibre_3.5.28-2.dsc
 ac82b11c61abb73edd91b71d4e8a20441120e7bb 17420 djvulibre_3.5.28-2.debian.tar.xz
 b8594de859efe32b0118b7d3c5be04244e49c78b 8524 djvulibre_3.5.28-2_source.buildinfo
Checksums-Sha256:
 0b5f31e70a8f81afec47e67e9465dbece7756f0c7f88da643f0dda82bf78a1ba 2388 djvulibre_3.5.28-2.dsc
 6f85dcd7cdb856cc3e4a31fc381e73a6cab717c90e058f474fb4d2ab29635d91 17420 djvulibre_3.5.28-2.debian.tar.xz
 b4025e155bd0ece5cbc1e59496e0147a8aff116ad6a5a7a6d9e316d2ea62ecca 8524 djvulibre_3.5.28-2_source.buildinfo
Files:
 b31b44b272c6a801df44b90b9b0a1cea 2388 libs optional djvulibre_3.5.28-2.dsc
 9ffd44e3eb32ad6d8e780b5d63ce6307 17420 libs optional djvulibre_3.5.28-2.debian.tar.xz
 8379aa60e0d9658f46e5ef8e66071456 8524 libs optional djvulibre_3.5.28-2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJDBAEBCgAtFiEE+nZaz+JE7Dn2AefCmesepNIze4gFAmCZdWwPHGJhcEBkZWJp
YW4ub3JnAAoJEJnrHqTSM3uIoJoQAIrtFrsP5hgILkbL4g4ECsfzht9O6JqzTkzl
za0an0e37SygywnsjxStvKXXtyJNvTcv+iT2WI+Ylqcoj/i2VqSoAbb3mfZPf+PS
nwxf+e37+/+ZtsxyG1m0FnkhtEII9Q2nvxpqvj14vlJYXI7Be/86Q2mzXxsj4j0Y
OsiCzA0w3LiBVK7N0oD12ll8P9osG9XLHgGwwXaraPByo8YsLpIOaMqh13ufdj2Q
zwUUW/YxsfGtFBy8da1G+Qd6DR8gjDPOOA/OoXJaBG1TIy8ffHlhgfQ337pKYuY7
ti7489mWCCSTYqURFTTyP/w1jT6VE0uA7fnlgT7cwtP93M7CdCfh9kcfagbV0JKM
h1QzzPjSERUG3XmBv4KUnnYdhLmWjlyrx8EUR5WvSpvisJwmlz/2Q5H8LKH/C9wu
ATa41Gi/CR678EFGKEB6zdBzepuwQag3TX7lo9CBv8gxw3UbyT8AsV5EAO/Nifz3
itcnyPJ+Rsf7fzCKsieK7WMDBARZING4NxEI/uUh3TUE7RXS1vbUlE3Bqu96Vsyh
mSD43REgrduTjy13o2QrgSbc0wT66rU1Tn8TnBvleiTzOgtsGyFMD6OhHxpjVoN7
9F16meND/ms+QZth7d0Xtl125KOO3VuMwDqG7Neb9j6i686zT3eLGl7RBXhrqYe9
scNjcq89
=7vWo
-----END PGP SIGNATURE-----
News for package djvulibre
