Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted htmldoc 1.9.11-4+deb11u3 (source) into proposed-updates->stable-new, proposed-updates
Date: Sun, 29 May 2022 18:32:08 +0000
Signed by: Håvard F. Aasen <havard.f.aasen@pfft.no>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 15 May 2022 10:13:03 +0200
Source: htmldoc
Architecture: source
Version: 1.9.11-4+deb11u3
Distribution: bullseye
Urgency: medium
Maintainer: Håvard Flaget Aasen <haavard_aasen@yahoo.no>
Changed-By: Håvard Flaget Aasen <haavard_aasen@yahoo.no>
Changes:
 htmldoc (1.9.11-4+deb11u3) bullseye; urgency=medium
 .
   * CVE-2022-24191
     Infinite loop in the gif_read_lzw function can lead to a
     pointer arbitrarily pointing to heap memory and resulting
     in a buffer overflow.
   * CVE-2022-27114
     Integer Overflow bugs in image.cxx, malloc function may
     return a heap block smaller than the expected size, and
     it will cause a buffer overflow/Address boundary error in
     the jpeg_read_scanlines function.
   * CVE-2022-28085
     A heap buffer overflow in the function pdf_write_names
     in ps-pdf.cxx may lead to arbitrary code execution and
     Denial of Service (DoS).
Checksums-Sha1:
 141a843959a758f13a27a4e46162e17acec534d9 1340 htmldoc_1.9.11-4+deb11u3.dsc
 2f825e65b8696ae22a5403b614b33653b4094f0b 22192 htmldoc_1.9.11-4+deb11u3.debian.tar.xz
 19c0587dac467642c08c8f01635c8d67554c6440 8341 htmldoc_1.9.11-4+deb11u3_amd64.buildinfo
Checksums-Sha256:
 d5dcb63b38befa15055bad498f77cbb5f75a4f071b68436b867fe510ba44dc27 1340 htmldoc_1.9.11-4+deb11u3.dsc
 7a4f63f09d99af31fb9db04b4a3408d65a797ac2b2c8c33cf48f456714ce73ed 22192 htmldoc_1.9.11-4+deb11u3.debian.tar.xz
 207557d240a68e46ca401ca34b5cdebebb94915069df0031f5c66d78da68095c 8341 htmldoc_1.9.11-4+deb11u3_amd64.buildinfo
Files:
 c95e4193b8a1789a7731a3a0329e2afd 1340 web optional htmldoc_1.9.11-4+deb11u3.dsc
 f01c157f1de1830b6ae3e6e775956070 22192 web optional htmldoc_1.9.11-4+deb11u3.debian.tar.xz
 e6ec1fe8cd5cf0c58f94fe86a9538b7a 8341 web optional htmldoc_1.9.11-4+deb11u3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iI0EARYIADUWIQRlk5EXUZxDorKy9cv5N3WY8EyDCgUCYpKGWRccaGFhdmFyZF9h
YXNlbkB5YWhvby5ubwAKCRD5N3WY8EyDCqhFAQDQLkyChU1/kji86eCdmJRceKdA
1uO61TAGkk8ZnJRYMwD8D/nxFRunJ7i0nVRbQLn8lgQrPTrPbb0F01nspOSdTgU=
=VK+p
-----END PGP SIGNATURE-----

News for package htmldoc