-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 19 Jan 2023 22:42:19 CET Source: libitext5-java Architecture: source Version: 5.5.13.2-1+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Checksums-Sha1: b5eeed29d4c34b39bc3283ef58f42706a825cc8c 2578 libitext5-java_5.5.13.2-1+deb11u1.dsc 51a5ca42ef60b3ab3f52067636d4f3072682a5d8 90674404 libitext5-java_5.5.13.2.orig.tar.xz 60d73673d7c17c3dd2e4a4defde4a0f4a4a00dba 197008 libitext5-java_5.5.13.2-1+deb11u1.debian.tar.xz 46a368ef195144958cb233abec4127cc1ec31d84 15277 libitext5-java_5.5.13.2-1+deb11u1_amd64.buildinfo Checksums-Sha256: 918383357f7b3b0c7b3006f149c0e454feb8f6f4ce4f0ea6d4127b71f2b72768 2578 libitext5-java_5.5.13.2-1+deb11u1.dsc a8d801f7103336077201783a1a44aae2ffdd4a9f0a420bc3a15b0cbc302d38af 90674404 libitext5-java_5.5.13.2.orig.tar.xz 872552d67c6b00d0500f6dbf8dd87611e1113af7624faa57cc11fbe9dffb32a8 197008 libitext5-java_5.5.13.2-1+deb11u1.debian.tar.xz adeb521b54180ea3d80b9cd81e5c80c38c71a263bce36f5358239d5a190b8e03 15277 libitext5-java_5.5.13.2-1+deb11u1_amd64.buildinfo Changes: libitext5-java (5.5.13.2-1+deb11u1) bullseye-security; urgency=high . * Team upload. * Fix CVE-2021-43113: It was discovered that the CompareTool of iText, a Java PDF library which uses the external ghostscript software to compare PDFs at a pixel level, allowed command injection when parsing a specially crafted filename. Files: 45bc00ad0f6acf8dbbe7faa11c171f7e 2578 java optional libitext5-java_5.5.13.2-1+deb11u1.dsc 1302086fc3ea7f27cf183157474f64a9 90674404 java optional libitext5-java_5.5.13.2.orig.tar.xz 436f01d07efca17919e5af77a576aa41 197008 java optional libitext5-java_5.5.13.2-1+deb11u1.debian.tar.xz 1c2bc8498f02ea446e17cb5598e5465c 15277 java optional libitext5-java_5.5.13.2-1+deb11u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmPJuXtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkncEP/3/v7ULSqOAiAtrAd169hs4sPJjluIR6YUcV kwZt8jrIFj/wkDX5KD/eyif9O0r7DKKSyP4UP1K2HxBNZ2WauclK1UY8R2i8717F I77YvohLf5Wih/PrjQV/TEcNuHeK+S83ossJ6Yo9drGqZpzgkffxDoWdbhFLWwD0 O6Ej2n0m7Ap81WKv7ZFXEaTbLjsDSHiK9l0/T54GNrAy/xNukl6dvbrKZk/ctJP9 ci14WNdUtYp8GTqc+IwIBewiky7muF5IDaEN6vkmI6B+N3gRDnuEY4oC5MsULLJs ofChVRrYnYDfx3qi6QJJmVCgD3KrwrDvrja0747kpcTMF1z1O9UuNQA+DenQmuuk IMCp3c31EJYZPM2wQIAtw2tCeeLkk2HhCmWpbWO3PJlnDKVgx03lkvMruVBNNX46 /GGJ7bGwm6Xeubw56BxQL1uro5gvyjpOArPaywwfFWaSS/rTiRT5pcYTc787q4Zn VYFk9RKcCEQwMP+kagtoTxpzf1NMgNl7tafgl5kL2N47kJCvSPXMvwHiul7LHNB9 +1LeDatrR6VC7jSn0sXyYNLjjnxvbOForjHrcCXVzd7Qxj6+HMi6p6Ewuj6NH74h CkqeI1KIBLHmQAj3GqmEYKUDQYp/+hOOV5cDuFDP7GNnumGb3aq4p3/IyX0T1s43 CRKFP6vQ =ISNU -----END PGP SIGNATURE-----