Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted advancecomp 1.20-1+deb9u1 (source) into oldoldstable
Date: Wed, 29 Dec 2021 20:20:12 +0000
Signed by: Adrian Bunk <bunk@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 29 Dec 2021 19:27:47 +0200
Source: advancecomp
Binary: advancecomp
Architecture: source
Version: 1.20-1+deb9u1
Distribution: stretch-security
Urgency: medium
Maintainer: Piotr Ożarowski <piotr@debian.org>
Changed-By: Adrian Bunk <bunk@debian.org>
Description:
 advancecomp - collection of recompression utilities
Changes:
 advancecomp (1.20-1+deb9u1) stretch-security; urgency=medium
 .
   * Non-maintainer upload by the LTS team.
   * CVE-2018-1056: Out-of-bounds heap buffer read in advzip.
   * CVE-2019-8379: NULL pointer dereference in be_uint32_read().
   * CVE-2019-8383: Invalid memory access in adv_png_unfilter_8().
   * CVE-2019-9210: Integer overflow in advpng with invalid PNG size.
Checksums-Sha1:
 c7dd1da022c040d1f84f8f495ec4ab99f60dcdb5 1789 advancecomp_1.20-1+deb9u1.dsc
 970141b4d1935a2821268ce59cca60d308f5eb09 1198459 advancecomp_1.20.orig.tar.gz
 b03522bde7685851d7c6cba7c38d1377a27b58f1 5108 advancecomp_1.20-1+deb9u1.debian.tar.xz
Checksums-Sha256:
 4733e09112a3c9a402163a9d9a8f5e83ba069d7d3c0bf4d5d305f93735562cff 1789 advancecomp_1.20-1+deb9u1.dsc
 590a447cfc7ab3a37ec707e13967a0046a81a888c561ebaff5415b1e946da67b 1198459 advancecomp_1.20.orig.tar.gz
 6bda90aeb5c1fb017098fbd5a1756e8dfe05fce7546a2c54b1d7ed8cb0994112 5108 advancecomp_1.20-1+deb9u1.debian.tar.xz
Files:
 8b1a8e605dcc7a67729b6f54d061cbf9 1789 utils optional advancecomp_1.20-1+deb9u1.dsc
 c53a2c3a806fab1d3a99a1f1be83f148 1198459 utils optional advancecomp_1.20.orig.tar.gz
 d30af8828542e1a6a24578719f3610b7 5108 utils optional advancecomp_1.20-1+deb9u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmHMwBIACgkQiNJCh6LY
mLF5hw/+OAdGaLTlEnMVeUi7T7giQUzUfBWKhXveJ6ysREMTT83dqRZ2ezYvZ2tp
6vTMcan41txKMcabUwC05m/Ort3VvTzl8My54aX/vpQJctrlcx2RzIOw2To1XOZY
XrsAfWhIe2nib0xD0b4TVrahTXNLlQoZllPHQUbXhMQsg/qyxn1JfESyWwRuT+93
i5Af96rjAhO2KMNL0E8YwM88q1Wn26M3hjaCnQFSVY0PUibzwuUiCnIhxGMRWeM1
GWYui4XrRxRUisI1+T4bhOu13ejs39HuWo3WaCZTUvMtRzyo+gDct055dx5w1NYL
lhyWN2Xuza6GwttU+X2LDU/xEtXKBTfGVjFH1Lqac1Zm/dVeXPwED4yYVq8cY2Fa
sa+PLWFaQe9IckVB4ls69jTa/KcnaEcNaUy3FhGW3brCjaXxRnC6r6Lwucze+H92
/iFm8mCInhNrIzwye/r5Uk2bUCiMFHi8yT/laQ+GhwPARHtXpJBtpMhaSKevjh5v
eIKZ9ePxUYueswAxUjcG9SPunzUOLnKgsXbgNJalE1TDN0RZfJSMS/u1gt4qr9CN
VD59LwfBsCtzHFTXTEVY7gJk2v+dVOwYqwnPlbpGh1H+V0zzTUFX9YGdA4xP+9G1
/I7VFParuanL0974+gyTG4EoPjNaP8+ivfbcbThVH6sajeBLL9I=
=HyeG
-----END PGP SIGNATURE-----

News for package advancecomp