-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 26 Jun 2022 12:03:02 +0200 Source: blender Architecture: source Version: 2.83.5+dfsg-5+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Changes: blender (2.83.5+dfsg-5+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2022-0546 out-of-bounds heap access due to missing checks in the image loader could result in denial of service, memory corruption or potentially code execution * CVE-2022-0545 integer overflow while processing 2d images might result in a write-what-where vulnerability or an out-of-bounds read vulnerability which could leak sensitive information or achieve code execution * CVE-2022-0544 Crafted DDS image files could create an integer underflow in the DDS loader which leads to an out-of-bounds read and might leak sensitive information. Checksums-Sha1: 1dab57a7fc7d49d278c7421b3152e951d9ef0a3e 3127 blender_2.83.5+dfsg-5+deb11u1.dsc bf2a7088556998db1859ac4c587a9d648146574f 38512 blender_2.83.5+dfsg-5+deb11u1.debian.tar.xz 574d36d348c8eed821f77cf811f71a4c19285704 21614 blender_2.83.5+dfsg-5+deb11u1_amd64.buildinfo db33ff54102e1f025afdc9dc8161ca37e30e7cf1 39052564 blender_2.83.5+dfsg.orig.tar.xz Checksums-Sha256: cf641896397c42d8975ff9c398edf828d3ef9512ca39c4520b633624d9e2fc54 3127 blender_2.83.5+dfsg-5+deb11u1.dsc 92e48f8f2f60e530b137a1df0b26d7673098b40fb9e97a42576ab1dd30eef6a7 38512 blender_2.83.5+dfsg-5+deb11u1.debian.tar.xz eda710a50d3bff15f3cf3913c2d2989ac4f51ee28815fd6ce7e16678f239f6d4 21614 blender_2.83.5+dfsg-5+deb11u1_amd64.buildinfo ae32ebd7123fbd4fd66828e6b00c766e6af5d837133e61f1d73fa778ae456abd 39052564 blender_2.83.5+dfsg.orig.tar.xz Files: 307395f9cac2d90caa7577f0cb215e49 3127 graphics optional blender_2.83.5+dfsg-5+deb11u1.dsc ef978aef27912c11a702a24aa442bdcd 38512 graphics optional blender_2.83.5+dfsg-5+deb11u1.debian.tar.xz 80087ca1d18f32900851fa91fd5a25c4 21614 graphics optional blender_2.83.5+dfsg-5+deb11u1_amd64.buildinfo d687814905161a78f04365ad6de4ee43 39052564 graphics optional blender_2.83.5+dfsg.orig.tar.xz -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmLCDftfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYR3NFD/9AxukBwoAzrLoO1Tw/nr8Q4uxRxfZU AkG4KAGryXe6g2V2NJSAV9pEdRoGJMEiGw1tpJfsGVqg2wa+diPdNyljDrovAEmh ZUsbPg4kHIaVd88hq6+tioYakKjJgcHn6C2Uk94Xq1ViI5PzE2NvFCSsoQ16JbyR DIb5ryBltMETuktfRdsHeWK1Qz/OZ0nZZeoaJaQXL/RbnoQEeTpJIJW5Wc/nGcpq bfCAcdBxrV/8dAIqQHx7aLdi3KALTLcQNUKPsLLSBrLTUvMzg6MD2mvaKe+iXibI 8UopboZCS7TkRETINUMzgW0agX75LXG7m5kAFCy6DJWu17GV9tvt4co7t34QkuJR FYAiWvjlXX5bKMP5rMvwUAKrf6Elk2WUnl7QtkiS8W2oy7x5YT/ARui0vsBJ7kKo wyJTnLWja8zODI6+NWRB7eruWdm0Ly7ibJnYaipqNwKozyN0b8aufoiI2rQIAN7/ RX2tZq9Xkh4ieik1qQDsGDersNUdaHirwcZcFJ4D2XcHYBUmva4qPJkk6L7P6PPH 11ENrPUZkq+wicyuESsI+0NZkjbgdFVcyw0Kua1Rd7rm0EvuS1nuKydgu13sfSSQ b/Dyxat3Xdg6VscXus4gD1nbjCP2i/MchUSsva6vDZLHN4yW7T/tUM1VDyubmXOP S9EQyObcrN+gUA== =mEAw -----END PGP SIGNATURE-----
