Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted libxpm 1:3.5.12-1.1~deb11u1 (source) into proposed-updates
Date: Sun, 12 Feb 2023 19:32:11 +0000
Signed by: Salvatore Bonaccorso <carnil@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 25 Jan 2023 21:19:41 +0100
Source: libxpm
Architecture: source
Version: 1:3.5.12-1.1~deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Changes:
 libxpm (1:3.5.12-1.1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Rebuild for bullseye
 .
 libxpm (1:3.5.12-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Fix CVE-2022-46285: Infinite loop on unclosed comments
   * Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height
   * configure: add --disable-open-zfile instead of requiring -DNO_ZPIPE
   * Fix CVE-2022-4883: compression commands depend on  $PATH
   * Prevent a double free in the error code path
   * Use gzip -d instead of gunzip
   * debian/rules: configure: Set explicitly runtime paths for {,un}compress
     and gzip.
Checksums-Sha1: 
 8fb8e6122347203c953c24a963d5a802ae8375c2 2259 libxpm_3.5.12-1.1~deb11u1.dsc
 137590d2e2add47a6160079cce68bd6a9b3a1f51 14685 libxpm_3.5.12-1.1~deb11u1.diff.gz
Checksums-Sha256: 
 8e5868cf0cdb57eb45e092b0605daf5aa21d45a28d065ef1be93fdc291fb5062 2259 libxpm_3.5.12-1.1~deb11u1.dsc
 c589470f31997e94b3c9754966d4be1cf0ebc5a5ce802b0838dd6887986f7d45 14685 libxpm_3.5.12-1.1~deb11u1.diff.gz
Files: 
 4de8599b9dab4302e103d077d43346f7 2259 x11 optional libxpm_3.5.12-1.1~deb11u1.dsc
 06830be78e863115624fa24cc1ac1e6c 14685 x11 optional libxpm_3.5.12-1.1~deb11u1.diff.gz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmPetFlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EFi0P/1Yi+8VjXHUGcHclbXFueF9GfMFRMy9I
ZHUMziv5kQnmWt8NE4erIy/xsq9J9zseYZKJTtmq+lTPgYpQJM9GL0dzvhHgci91
8Ae8klPIyfFv6pkbMyN810a0KU+FKWx00Tf5rBf219tmPeeJ4GC/qb4nbdIsMG9d
Phdk2fNx1RzuMvVdaH+atD4q31VxmLkk3EwHXckdiPdaYWcnDWlsISRFl5+760VL
fXniWghse1lNe2L/gWWx45Oc2kCitjEIvDmbOgyBdaAEFRU5447nWqq/3ST0Ja4E
/0TI4M3EeEyh/PCApI9pyvoQ69YcBmduAQjzJeVGohBO1VAPrenEMZLcw3Feegof
44C0Vsqv61lo3AxoajsNfm457vRowr4XEOKF95HOtIz3xUkKHYXw7kHpTMrgtKJG
QwOJ6Y8emeHn8MYJVKv/VVi4bLHYa618NVaTpFihlXOqj4rdoULOr3SetO9xBnlh
IGsc6aN6E6/TZYCBuzKQ/xujD+TeAMg8wJ1D7NPvkFsXAKvx+o0KMfWfULYYZoef
69s1Y38kPFt9RQqWMjxEbGB92L0+LjKfsZFpG+pWIWR8d6SWpEq3N6a6Gd7HbEAa
y6pVlH3w+wVd19Rb7Xh0OvL3uhkxjOU9TuVOoLbnrTCf+06sPSIZQfq1I/1WdgEf
3XEixE+jHnCQ
=OpzB
-----END PGP SIGNATURE-----

News for package libxpm