Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted blender 2.79.b+dfsg0-7+deb10u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
Date: Mon, 11 Jul 2022 20:47:25 +0000
Signed by: Thorsten Alteholz <alteholz@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 26 Jun 2022 12:03:02 +0200
Source: blender
Architecture: source
Version: 2.79.b+dfsg0-7+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Changes:
 blender (2.79.b+dfsg0-7+deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2022-0546
     out-of-bounds heap access due to missing checks in the image loader
     could result in denial of service, memory corruption or potentially
     code execution
   * CVE-2022-0545
     integer overflow while processing 2d images might result in a
     write-what-where vulnerability or an out-of-bounds read vulnerability
     which could leak sensitive information or achieve code execution
   * CVE-2022-0544
     Crafted DDS image files could create an integer underflow in the
     DDS loader which leads to an out-of-bounds read and might leak
     sensitive information.
Checksums-Sha1:
 8f4bac18e0dfb6680c8c3cc47fd4fe4e631825ea 3045 blender_2.79.b+dfsg0-7+deb10u1.dsc
 f448bebbb3433f87ea86b89fa14f673346984e37 228544 blender_2.79.b+dfsg0-7+deb10u1.debian.tar.xz
 26f7c0092b050f7e1e464ad8a5a60bd2ea03504d 22379 blender_2.79.b+dfsg0-7+deb10u1_amd64.buildinfo
Checksums-Sha256:
 1f5bd9646d4bde74a47efec2558457d4989da3cb6dea9a9edebdcb01a362b1cb 3045 blender_2.79.b+dfsg0-7+deb10u1.dsc
 56da815dfb0ce06c935c8dddbe18e5a57766351e60a9e1046e9c78bf8b34782f 228544 blender_2.79.b+dfsg0-7+deb10u1.debian.tar.xz
 0a39758da53c1f688897b3b4811331bdbcd1965b5f0772cd2815aca36f1a3fac 22379 blender_2.79.b+dfsg0-7+deb10u1_amd64.buildinfo
Files:
 3146053b577dd0b4bff047b9cafe3b73 3045 graphics optional blender_2.79.b+dfsg0-7+deb10u1.dsc
 e28313b3fb6f8ab3f71379ead3d43be4 228544 graphics optional blender_2.79.b+dfsg0-7+deb10u1.debian.tar.xz
 3949e744363905774ad8176c3b8c9abe 22379 graphics optional blender_2.79.b+dfsg0-7+deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmK98bdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR2LvD/9k/t6bqDmYiBh0YrHMTsp8bngC/13x
03iNImlLHgsb2mFD2oRWkppW8uAgA72kIEtXEU1n+pQ58LQtpQ0i1YTYtqjwLOgM
BxcqbojHCjqM22x1PpUMSSQzCRsmj1Rwl7T143Rkl+uDD7htou5F/ACuRgyNjk+f
YoRA6cT3vi8h1TwdzDNJnJM9gA9MlxmYLiiJhOCuD/zQ/476JBA4O2dfMqfNT9cn
ssWNI9nhoXt+OUWlvqv6NoX/0J/btylUYlfd3yIuozJYJUt2a2utl/mXeow1Ott0
F4u7ufZcLBI48U6fub4z6oC1p7taoZaEiln7iHzvNOcrKrwI4Ufm2/8KBDFXwWRN
ke0cAKiXEaTZv8Y686ge8uXCpcQEAFSBpjFlmzvB7EodMEfQw4gqSSsALUVxxU+F
WozIG1oAjc55SbMhqxPc7yxtwgW50L1nMTnn4UCxtPoyT8+6g+ilPH9xfXsiJbcN
neSUvebMxPapWqWjRul06wRMovEGXW2YKnxq+n2Ug4C5G3Q8lGdv04fLgG+4Wd3O
J0nqERuCTsL1fj3GEwGZmhRAmt831URmZnduTiCaHWuH+tmn68zxIfLiiWbCniBf
bta0erztPfwj5N7NloIa18OvzthaQ2wN+Lh5EOldJ9Jx9Qc9kurFhgLcZUgoJV2p
apEZIEjR+m9BsQ==
=/DgH
-----END PGP SIGNATURE-----

News for package blender