-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 05 Apr 2022 22:03:02 +0200 Source: fribidi Architecture: source Version: 1.0.8-2+deb11u1 Distribution: bullseye Urgency: medium Maintainer: Debian Hebrew Packaging Team <team+hebrew@tracker.debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Closes: 1008793 Changes: fribidi (1.0.8-2+deb11u1) bullseye; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2022-25308 stack-buffer-overflow issue in main() * CVE-2022-25309 heap-buffer-overflow issue in fribidi_cap_rtl_to_unicode() * CVE-2022-25310 SEGV issue in fribidi_remove_bidi_marks() (Closes: #1008793) Checksums-Sha1: a1fb967e60210200df5ceab384275d3afea6d018 2481 fribidi_1.0.8-2+deb11u1.dsc 82b16ed5227f88cc1d0d21bfb2c70252ac1a4c69 10360 fribidi_1.0.8-2+deb11u1.debian.tar.xz b50d86f01480062fca360ab71efdadfc7122658e 7658 fribidi_1.0.8-2+deb11u1_amd64.buildinfo Checksums-Sha256: 21c35e9e2e1a9665e0d1fb8f449299085fb471bb8f4ecfd1a1afc388eb1dd2ac 2481 fribidi_1.0.8-2+deb11u1.dsc 62dc4a73351c71ac903f9428a5ebf5e32c0ff49a1a6a08dc95d9ce03e3f48a21 10360 fribidi_1.0.8-2+deb11u1.debian.tar.xz 24c8d0d7a1357077c655e89ad60d861c0abca41ac90619689528447294c14246 7658 fribidi_1.0.8-2+deb11u1_amd64.buildinfo Files: a5cb97c44517ef5cd6c772a367e49bad 2481 libs optional fribidi_1.0.8-2+deb11u1.dsc 33f0fd1a7b36537b9301c62848a04ede 10360 libs optional fribidi_1.0.8-2+deb11u1.debian.tar.xz 057cad8427a0e2b49090e09c6cdba7ea 7658 libs optional fribidi_1.0.8-2+deb11u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmKVN9dfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYR37JD/9xF3qvuHf2AZXF+4BB5+/Rvx6avTys d3pVqdKuacjDFApFmINioulbdMNeiYDTrF9zb88Z9c3E/lutHpgjp0MMM/3xFjYU 4qBpuORV2P6GijtSO3Z8azEeoFJHQLhj5u5es29ukmD/y1NiYw8CKZtv43ioZzZv Dw+wRQ+P1Qf3zbcx1VuUq6HIwsLP1kY9mpYFY/CYfX3E8GkuCm+WMwcEdA60Hv8W iOpj5dwpcXNZimrqbDM4BRIXdYNwH8m9MXslNxFWEqmKm2rQpoJz6K/enY6DqRCT i+/RtMDnTtzGFuI8z1h00uUpRXuq8kObH3RTmhf+EmVGpKjpDCaG9jbrJdidrDVw cpLeY0ZSQcv95WCjvcD/McBI3VvcktGZKD/xcv0TxzUgepcc88hwJD+H6E68z26s GcZmXUmzmsZ/pRsQ4WYeG2JR7uXQacJmPcFLDxkKuU8Y/eqgU4J6j3gormkexV88 l9J7DjmL9xDg9Xx+z7W2Ag1pfC/Fz0N53w/1F6HwdwKs7bbKSigf5gEah6lXdBtL iYpZWh5/mggEFSZhobDMo4CUAVNf5tXOfUJ0vCj1jwsfnekOf4daaGyLDXFpHAUj qVQM2g/HYU/+QeJZNLkQuY7waN90mhmASHB4HoJBuwDIV12bp8gNRTJ6DXFyuFew XBSBwQLEoIXvcA== =oM4I -----END PGP SIGNATURE-----