-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 20 Jun 2022 22:05:21 +0100 Source: libsdl2 Architecture: source Version: 2.0.14+dfsg2-3+deb11u1 Distribution: bullseye Urgency: medium Maintainer: Debian SDL packages maintainers <pkg-sdl-maintainers@lists.alioth.debian.org> Changed-By: Simon McVittie <smcv@debian.org> Changes: libsdl2 (2.0.14+dfsg2-3+deb11u1) bullseye; urgency=medium . * d/gbp.conf: Set branch for Debian 11 updates * d/p/Always-create-a-full-256-entry-map-in-case-color-values-a.patch: Avoid out-of-bounds read while loading malformed BMP file. libsdl-org/SDL#5042 upstream, CVE-2021-33657. * d/p/Fixed-potential-buffer-overflow-in-YUV-conversion.patch: Avoid out-of-bounds read during YUV to RGB conversion. libsdl-org/SDL#5043 upstream, no known CVE ID. Checksums-Sha1: acee1de27069bd461c6ed0f1fce71a304c20aab4 3064 libsdl2_2.0.14+dfsg2-3+deb11u1.dsc 377f22f11990f9d09b309e443ef40d399279629e 30492 libsdl2_2.0.14+dfsg2-3+deb11u1.debian.tar.xz ce44233cf379b4e02228f7dff8ff50f0e4a33983 10835 libsdl2_2.0.14+dfsg2-3+deb11u1_source.buildinfo Checksums-Sha256: bb8f27b879dccc10dd9b13a4b03907d76063ed1a581a26805093e9ad524c37a6 3064 libsdl2_2.0.14+dfsg2-3+deb11u1.dsc 86d0a729705a95f834a9a13f62ef4c3bc06b8c22fd7c40c0a40889afcaba2003 30492 libsdl2_2.0.14+dfsg2-3+deb11u1.debian.tar.xz 8f4b813bc14d6f3d40c59554bb403c314ef0a9490cf3a01bd6e31ecfdcc1a9ee 10835 libsdl2_2.0.14+dfsg2-3+deb11u1_source.buildinfo Files: 78006d3dcc418c419b7290fda110929e 3064 libs optional libsdl2_2.0.14+dfsg2-3+deb11u1.dsc 515b653a89da7ace20f82e24086536ab 30492 libs optional libsdl2_2.0.14+dfsg2-3+deb11u1.debian.tar.xz 1acd4b6f330eb41e577b2d801d0525cd 10835 libs optional libsdl2_2.0.14+dfsg2-3+deb11u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmK8FwQACgkQ4FrhR4+B TE9svA//RGPiVannYhME3VTXsjXNGOOrrTdqVMoJR2a50JbEFGxcVrgGKIdY4+oD tQP0Ctx7IJldBWq8YwbORHpbAWkZmVzg8lLIwVcR6PbTpmnW+oLbrZPScE//yGlW CflWd9kngpIJ3zzkbQ1tfvnDKUnLn7vYCsEDL/YUS53Dp0BuS7bf1Zn9/qUx/xuS W6T4BOSf8s2JS40Uf30RgG2qTYhGeyGrK5q9ChAJPON/ueP1a7qGswKkC0y7w1HX 46QK23IAMFXnS6VLVqaNZwZea/3jTHcSB8GTxTiPBSEG3R0o2tY/iV+POZEnGjUk uqVRMNGMxrnNOaDGUyy15MRkErlBD2kQuUdGONsUxASjPJ2595pXxxgw/jYIxp/j XiAwux7tl/OombKbyWs1zoehSwdsctw0hKvgEB6H+cH3as2oWNxD0/3sBdlJEnuF PYfszoq8S8VbWkRRk1EWu6yf6XlsjzKBdF4fq365CqWIhpEpvFJCMPs9gqr0DJuY zORX/pISxWoTr2oR+hivcRNPPXNADLiuhrkS5SxSOhuTv21+srR89LustMFtlp8t 8ozst8TSNUO5MUXKosx7ME4z6M091YmZ0K4fUdXgNe0MF7Vz/NcAmO6jBm8hx4z3 ThACI/P7mZNc1cEqca+vy2VLM8bEz3A+rgq+VaAul6yMyHJpbiE= =Fggu -----END PGP SIGNATURE-----