Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted openexr 2.5.4-2+deb11u1 (source) into proposed-updates
Date: Sat, 10 Dec 2022 19:17:13 +0000
Signed by: Markus Koschany <apo@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 10 Dec 2022 15:03:52 CET
Source: openexr
Architecture: source
Version: 2.5.4-2+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
 5e02983d0c476b13a5813ca3cbe07429d9862359 2467 openexr_2.5.4-2+deb11u1.dsc
 13a75bed4e3bfc10ff1304599b8de3613844971b 27535491 openexr_2.5.4.orig.tar.gz
 23b0c22a137c3d9dc2ccf99edcf62b4b45173605 25788 openexr_2.5.4-2+deb11u1.debian.tar.xz
 ddb131a8c56e364b77b28ba24dc6c4ccb3bbfef8 8662 openexr_2.5.4-2+deb11u1_amd64.buildinfo
Checksums-Sha256:
 2807eaffae0d6ffde4e5414bfdf3fb89c2216b46dda5d9e4daefd14236bec3c5 2467 openexr_2.5.4-2+deb11u1.dsc
 dba19e9c6720c6f64fbc8b9d1867eaa75da6438109b941eefdc75ed141b6576d 27535491 openexr_2.5.4.orig.tar.gz
 83fba965ff63da0ba233b7cf7aca946e25b43ce15b8653b52291f07ce081bc1b 25788 openexr_2.5.4-2+deb11u1.debian.tar.xz
 800b8a4e611d6fa9da4c3d02cfa47822bc8537553deea55ca68ff446c55ea003 8662 openexr_2.5.4-2+deb11u1_amd64.buildinfo
Closes: 990450 990899 992703 1014828
Changes:
 openexr (2.5.4-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2021-3598, CVE-2021-3605, CVE-2021-3933, CVE-2021-3941,
     CVE-2021-23215, CVE-2021-26260 and CVE-2021-45942.
     Multiple security vulnerabilities have been found in OpenEXR, command-line
     tools and a library for the OpenEXR image format. Buffer overflows or
     out-of-bound reads could lead to a denial of service (application crash) if
     a malformed image file is processed.
     (Closes: #992703, #990450, #990899, #1014828, #1014828)
Files:
 992773b63b8311e663418af41ab15609 2467 graphics optional openexr_2.5.4-2+deb11u1.dsc
 e84577f884f05f7432b235432dfec455 27535491 graphics optional openexr_2.5.4.orig.tar.gz
 98e9c23b8a1015c2541d283eead967ec 25788 graphics optional openexr_2.5.4-2+deb11u1.debian.tar.xz
 2d8e495ef3a9b17b78dcb6000802b8ac 8662 graphics optional openexr_2.5.4-2+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmOUkc5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkY/IQALcxDCQOzT3U85D7EM1osUTjmhx3XppUhPFc
sLNsXYFNdHWZYlwdeRRkRMVcYfpIRx5HiIORK78JRGGMGhoWIpYidnpYm9DapZfb
tywRnMEvQeqOoKs144yvHq3orsMyIp9YrYZsN659xU1ftlfyJmCrucpIO0VE+Cv6
cwixGcvIODFBhqMf4Q7hIOitPbM45QR4m/fX72LuEgkn3JTVudx/UaD6PaLC1+0p
qFC7D67Z6iINrnCAWeLAShlTEi+HS0HXL4lquQnfTHRQn0gUEpn79Ut6yyG0Ak3g
DOiyVbnsRg2FD3gf7TYcO4YMs0EA4XQCm9pAXnJ8xd4pnSL8qKGR/vJRgMYnRJrT
lT/PvZn7YfhnBYfuggCJJSp7h/+5mX8+XfDPe0t7IXO5s6Xm1AI/jr75bV7l0DVs
7CN3OvXBVWf7RdwAEMMsBP6bM2XPaYc7ufCJyGoHNUMHfKDlJ1xrXNsLZNGh7DpH
8iS8yvYjyvNq/cTq73Ztm53UAPyxLRToGxg6D7jmUTYyr+ZuPYCh5wEwbMGHWojy
S7vLQXpY8Z9Sc9V7XY8V7MQDsWqrBiKTHFhO4LZ7WMxqhgpw4GwvBiTtbaVf5rSS
UswFngAj6RL4rFGw3MesiVfaL0bTyZyFcUQ/XJ5JySsmkyVhpvxpP/gqgzqvk35O
5xrzzVLQ
=Kw3W
-----END PGP SIGNATURE-----
News for package openexr
