Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted exiv2 0.25-3.1+deb9u3 (source) into oldoldstable
Date: Sun, 29 Aug 2021 18:20:12 +0000
Signed by: Utkarsh Gupta <utkarsh@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 29 Aug 2021 23:12:52 +0530
Source: exiv2
Architecture: source
Version: 0.25-3.1+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Debian KDE Extras Team <pkg-kde-extras@lists.alioth.debian.org>
Changed-By: Utkarsh Gupta <utkarsh@debian.org>
Closes: 950183 986888 987277 991705 991706
Changes:
 exiv2 (0.25-3.1+deb9u3) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * CVE-2021-31291 (Closes: #991705)
     The fix for CVE-2021-31291 also required to backport a few patches that
     fix some (harmless) CVEs alongside:
       - CVE-2019-20421 (Closes: #950183)
       - CVE-2021-3482  (Closes: #986888)
       - CVE-2021-29457 (Closes: #987277)
       - CVE-2021-29473 (Closes: #991705)
   * CVE-2021-31292 (Closes: #991706)
Checksums-Sha1:
 8015507131afcc29ae70b99c8ec61c40d6d727ab 2333 exiv2_0.25-3.1+deb9u3.dsc
 adb8ffe63916e7c27bda9792e690d1330ec7273d 5434325 exiv2_0.25.orig.tar.gz
 698186eecd42872e3479f045c50d61a578b7a91a 30632 exiv2_0.25-3.1+deb9u3.debian.tar.xz
 527231169d548b1564f6bd821052ac807e391ded 6196 exiv2_0.25-3.1+deb9u3_source.buildinfo
Checksums-Sha256:
 1681d8b63c10edc3eb823e82998b9ff27ac3e6bae847cf919c981ce7e98a4025 2333 exiv2_0.25-3.1+deb9u3.dsc
 c80bfc778a15fdb06f71265db2c3d49d8493c382e516cb99b8c9f9cbde36efa4 5434325 exiv2_0.25.orig.tar.gz
 f95c1970e2fec29ec8492a835bc48b13dbdff19470ddd44be98483486cf65ff3 30632 exiv2_0.25-3.1+deb9u3.debian.tar.xz
 8e0884ddd75234d76eda0904964c7d87e644cf29ba53a1b7ffef915e1efe4787 6196 exiv2_0.25-3.1+deb9u3_source.buildinfo
Files:
 d0b03fe9721d0b3802c27410e5775a5c 2333 graphics optional exiv2_0.25-3.1+deb9u3.dsc
 258d4831b30f75a01e0234065c6c2806 5434325 graphics optional exiv2_0.25.orig.tar.gz
 141003a1cff4d23bc57aed48042bcd62 30632 graphics optional exiv2_0.25-3.1+deb9u3.debian.tar.xz
 de84e859c6af4d156f894b95d0d4a5a4 6196 graphics optional exiv2_0.25-3.1+deb9u3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCAAxFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmErygMTHHV0a2Fyc2hA
ZGViaWFuLm9yZwAKCRCCPpZ2BsNLliN2D/wM50r3PBbwXXzE5BwonNguLO4fJB6A
W220sax+11/Nz/WgmFvMVocN77SqbydBkuDghgxtAmJCssgPhXbQdAtiqbSMjKxD
uj7iDOaqszxO4vVb4QvPoHNAqxIdnbTba9eKCg45HZT7IDVSA/3lJlqfkNvxRb9K
JNuNkenc0wSEundj3UBwTMW/LLW7iKi/qevUMjh9dy77/IzmBoch+Fsnb/0+ZMGR
inOQuhEMJ7KNXF/tDzS3vlZN/eVIBB5C4pIKQ/3IN/nvacRmcyiNZUlAvG+L8raB
Ww445hf3CdPrw9qcNjm2cvaab9ioNvKI7cbLbuGrIBrTko8wGnssYiHOr1+FTZdd
29pKmpjxfd1mWOVhpRjAe1xwE2TnimcKKCOxW1ei80i6Y8NeZ9qdL8Ac4IVm/rcF
bJ4AkDH0z1ArwMp1RioXMEpd0eYhtS9Pc57NaFYvJrrcqC3Yit8kfedZ+pkvn55Y
t8CIdChPmPIGNPN3ZLtyrGYs24Wvd4m9Yk5TEuQe+v1yzb00xA/TBgLzEHZGjchT
Q9gxUMEyX3/FaAyoonq6II0uGcGhRs0Y3x2xplNdRkL26ZlpZyVL6HMZX9EWIsld
AFJg2c117TvpbJG5di0Pnx0YQf6AxO2mdMWJbC6N9+Ar61P5qLElJf0e4kkSQK7l
QOZBI9tSgi1Vxw==
=eGhx
-----END PGP SIGNATURE-----

News for package exiv2