Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted openimageio 2.0.5~dfsg0-1+deb10u2 (source) into oldoldstable
Date: Sun, 06 Aug 2023 22:20:22 +0000
Signed by: Markus Koschany <apo@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon,  7 Aug 2023 00:05:18 CEST
Source: openimageio
Architecture: source
Version: 2.0.5~dfsg0-1+deb10u2
Distribution: buster-security
Urgency: high
Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
 6ab36c86003b80b2d5a867bf68878880af873076 2961 openimageio_2.0.5~dfsg0-1+deb10u2.dsc
 df942ee6b726b8c921f99f6783439bc344a48a54 44432 openimageio_2.0.5~dfsg0-1+deb10u2.debian.tar.xz
 450371e8e86cdddeea48e0126244d728a11a968d 27127 openimageio_2.0.5~dfsg0-1+deb10u2_amd64.buildinfo
Checksums-Sha256:
 ff6f2e125e1f2ebd3a1e418af0f38f698581c1cf48fa3bd096ad3f00860e0bce 2961 openimageio_2.0.5~dfsg0-1+deb10u2.dsc
 7389d0990de124787bd20dd10929a8a2f148a28187cce03a7f773ee3d62dfc4f 44432 openimageio_2.0.5~dfsg0-1+deb10u2.debian.tar.xz
 702cac6b785210485d7e213c6ac61bd93b1b54668538100ddb075dc17bc35795 27127 openimageio_2.0.5~dfsg0-1+deb10u2_amd64.buildinfo
Changes:
 openimageio (2.0.5~dfsg0-1+deb10u2) buster-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2022-41649, CVE-2022-41684, CVE-2022-41794, CVE-2022-41837,
     CVE-2023-24472 and CVE-2023-36183.
     Multiple security vulnerabilties have been discovered in OpenImageIO, a
     library for reading and writing images. Buffer overflows and out-of-bounds
     read and write programming errors may lead to a denial of service
     (application crash) or the execution of arbitrary code if a malformed image
     file is processed.
Files:
 fbea5904e86130cc9e12fd2f557adda7 2961 libs optional openimageio_2.0.5~dfsg0-1+deb10u2.dsc
 108c527bb65d45c86a8e1fd76c584fff 44432 libs optional openimageio_2.0.5~dfsg0-1+deb10u2.debian.tar.xz
 9b2cd52b7e36a5c2cc044b64e79be3d4 27127 libs optional openimageio_2.0.5~dfsg0-1+deb10u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmTQGS5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkurYQAItP3mocxl1TRicsWiUNVjxVjcJyCbkQZQNw
LMgZ5uoFamkglSmO9RCC0MMclnaXfRWlma3cP2n4UF/lgHeSmcz/s17FuF3Hjf3k
Zs/yIucKhWAC6S9U00mgThAozVx0cj8G4sXSab2BNRVcGMnRdPYjWadZI9Xu4LCV
D2EUw4zv43YwZW+UMbgPxCV/PpswmWIae3GGcl9XUdrwox54CNo/eePl5tmP9Iie
6okr/C0+oaeFwovJxW7ZEbIj/Ptn7Np5qa8bcQUsOKFifIQ3JltIzXZN52tPxkhc
gHuuRw9wI3CfPe3geKZoHezcPIqBLv2PCbuuG76imxkc5zRmln2HPmMFFMX799Zv
9kAmYqCqbGEeSz5War613cQlWs/MSViSvaGN37O/XTu2rCykFdxb5HglHL97aEVL
4LntlH8+ppqg4TOBhOLH9ocLwSp5Ptx4wcZPvT5siNfbUBAu6kg1lVxTOWMvZiUE
G+RUrnh2rgs/g+G1tCrPR6kWvS7TPPTjMgNmON3+y4oqYQxLFDQEP1RhOEKeMXn9
nI7rXsso5gbbhNBzYDxC8BQbdFfrwa/brot5X1t3ui4yCUx2d4fMZELJWT+0cCj3
6CdduV6j7x7mhtnApywXQrY2gaXsZks8mmErbiuy/Ouriu6ZTP9t4aQ0m4p00ddU
vjKuH9QX
=F5oQ
-----END PGP SIGNATURE-----

News for package openimageio