-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 08 Feb 2023 20:16:03 +0100 Source: ncurses Architecture: source Version: 6.2+20201114-2+deb11u1 Distribution: bullseye Urgency: medium Maintainer: Craig Small <csmall@debian.org> Changed-By: Sven Joachim <svenjoac@gmx.de> Closes: 1009870 1029399 Changes: ncurses (6.2+20201114-2+deb11u1) bullseye; urgency=medium . * New patch CVE-2022-29458.diff: add a limit-check to guard against corrupt terminfo data (report/testcase by NCNIPC of China, CVE-2022-29458), fix backported from the 20220416 upstream patchlevel (Closes: #1009870). Thanks to Thorsten Alteholz for the patch. * New patch fix_crash_on_very_long_tc-use_clause.diff, cherry-picked from the 20230121 patchlevel: correct limit-check when dumping tc/use clause via tic -I (report by Gabriel Ravier, Closes: #1029399). * Use bullseye as the release in the Salsa CI pipeline. * Add a lintian override for source-is-missing in the Ada documentation (see #1019980). Checksums-Sha1: 0e0ba4212a99b1b2567cdf36d8768ba0586cb1a5 4138 ncurses_6.2+20201114-2+deb11u1.dsc 3f8699c09bf514499e67cb6c7c6e99530bc9ee4c 53556 ncurses_6.2+20201114-2+deb11u1.debian.tar.xz ca26e8b8cfaf86c4aa9bd3965c6859a3c82ec6c8 5895 ncurses_6.2+20201114-2+deb11u1_source.buildinfo Checksums-Sha256: 7ba568bfdd893cf88fe48093273d168a3fda1e74f9fdd7af5a8970baeab55011 4138 ncurses_6.2+20201114-2+deb11u1.dsc 24f38ec08bc231c7cd5f598b50e10a00b10b46b50aef9c05b9379dc361aed537 53556 ncurses_6.2+20201114-2+deb11u1.debian.tar.xz b6e3d33f64d9ce28d085b21f4c2c9c6f1b1018e2f94843d1518ff9198f4a3e44 5895 ncurses_6.2+20201114-2+deb11u1_source.buildinfo Files: 2449b835dc0ffe9f1d97d695ff9edabb 4138 libs required ncurses_6.2+20201114-2+deb11u1.dsc ee13982f78f223e775ef5b14b3a3a1f3 53556 libs required ncurses_6.2+20201114-2+deb11u1.debian.tar.xz 177eb62a4c8fd07e369f740b7ba0d275 5895 libs required ncurses_6.2+20201114-2+deb11u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEKF8heKgv5Jai5p4QOxBucY1rMawFAmPj9Y4ACgkQOxBucY1r MayyxRAAnU9jYzz5AnPSLk+FJkfENWc9zWfVCd+2yV/RLon1MRMswF+kJ3qGfdt2 V8sPnTKJV8Jb1NuCEEHEY9HAtEIV2RI6Eq71/19W1SjFskXxTaBNoacKQr4xGtN7 hDmY3wV4oPjleO+rKJRF0KvG0j9KPKQXDNYI5wyoAOwyXEOXfxQRVY2Jp0F6PbXz ZkO0e5EwE4E6MH4Hqi1QbplKmsSJjEY5dtbxCsmMdOpVwNbXKZvWLudB70+d9XVC AR4aRX/N2c5+S1E0FyyQW0kDpVZ5M7F3BHHzNJbbE+VT1/Hl3kwyYy8QOnGPL9YE QWx/04YjgL7AGsRcTScSY4ocBbulLbOjtWbBAwwUkhRas2vS6HjY1qs+2ovTg9zi NX1GSBY4Hdh2ZhnvI+rmBNmxTT1r10MjhVXde+ul1z+5XPxmrlLAfyNLsUdZ9UHm rcS2qxtSWzcWrXIfKVDLX0hm3hhP1NV7bdMQaLeP0hBTPCsJOzcuRxSi9z+FCBtA WZcGAlOGD5QeZwvpncZ2Yb8mkmb+MkDPWcl9GcbT1fiUiHXhyx6VF+zFiYIDnLRV IH1IILbCSY6SVV6ccCl+iiyNWuW1Gfnx3w4XiqpwVCj2O29wtI3SZTpjIrqdK2zJ fKu2wHIC2BR4GcryoJaSKHA6dPzDFDhBroJC6h+y68QLx+eH1uI= =TKSv -----END PGP SIGNATURE-----