Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted qpdf 8.4.0-2+deb10u1 (source) into oldoldstable
Date: Tue, 29 Aug 2023 17:50:29 +0000
Signed by: Thorsten Alteholz <alteholz@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 28 Aug 2023 19:03:02 +0200
Source: qpdf
Architecture: source
Version: 8.4.0-2+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Jay Berkenbilt <qjb@debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Changes:
 qpdf (8.4.0-2+deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2018-18020
     crafted files could create recursive calls for a long time, which
     allows remote attackers to cause a denial of service
   * CVE-2021-25786
     crafted files allow remote attackers to execute arbitrary code
   * CVE-2021-36978
     a heap-based buffer overflow might occur when a certain
     downstream write fails
Checksums-Sha1:
 851d022a5fbc64f9068d166c17f7342656d8cc40 2231 qpdf_8.4.0-2+deb10u1.dsc
 b16325a88a09ed4b0684e569f060c406f8b208ef 16981811 qpdf_8.4.0.orig.tar.gz
 f98bcf5c5eb4d774eb8076da50b5983c9b238326 833 qpdf_8.4.0.orig.tar.gz.asc
 8d1ab196d6634dd69092c977c54c1149d566246d 16148 qpdf_8.4.0-2+deb10u1.debian.tar.xz
 e2b5f1902acfc20fc9e3da5142094fc99fe8679b 6992 qpdf_8.4.0-2+deb10u1_amd64.buildinfo
Checksums-Sha256:
 51de114137fbaefd98846b70e25ec72b98dbc774191aaf8f463149b8668e2c7d 2231 qpdf_8.4.0-2+deb10u1.dsc
 39018f3bff700c68e41f6d44ea9f7842e2a5af200a80b2cdec7fa32a4abac4a0 16981811 qpdf_8.4.0.orig.tar.gz
 ede2199865bea24fb3cdd20894032cefbd4a53b50e40d54d00732a2ce166eb09 833 qpdf_8.4.0.orig.tar.gz.asc
 39ab90b66d5f69de01a36d1d0ff70d34ce2dc154759714519edddaf62e7652ae 16148 qpdf_8.4.0-2+deb10u1.debian.tar.xz
 e0f14e1038b15bf78967a1c7ddc7b81abfd2ae6839a20066c2d4a09190cb8e7c 6992 qpdf_8.4.0-2+deb10u1_amd64.buildinfo
Files:
 4bf7b45104346117ca9a3906c81b3474 2231 libs optional qpdf_8.4.0-2+deb10u1.dsc
 60a66cf8cbdb3bb0d3bcf5b2f53ec06b 16981811 libs optional qpdf_8.4.0.orig.tar.gz
 55b3274697a158c118ab115522df3fee 833 libs optional qpdf_8.4.0.orig.tar.gz.asc
 7fdc3ff71e38c9952c99d032a61f8482 16148 libs optional qpdf_8.4.0-2+deb10u1.debian.tar.xz
 edabc828b3dec83b055afdf88012adec 6992 libs optional qpdf_8.4.0-2+deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmTuLDNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR0SQD/oDhuKAPRybe3khLr0+GEirVm73vwOt
w90Yq1ijlmcru+/Emhoy6CdvLKukDC8TAXYCkpgtGswt82+ICMFjHEQ+tdKpiJeb
BDqMSuhxA6/8sCK4N8GPJkbZRfYphmTz+QO1aq1QQh8jW9hQSORHc0GsWkkzjhvn
RVkASa9Ll8CBZRk+v9Jj7K11A8SoXPs/aA3OCPNAnxn2pu/BE2YzR57KZ6l09alm
8tBxe6g8bYESkoxCQpyRWGzNmiO/PxP3WM1WJ+jeo9zyMB373+b5c8yB1h7a+DPp
hRZWZzTzFcn8NI7EMxuYK/yg7JDttEHcUngUys+x5YwsbVS8y4yCbbQ7ImDWTKFW
HIT23szeIrtARm/7DAKA8S23FkXQKYXuxDW2/OOj8kzZUKL2XOKiwiIkfRz8CET2
3KGrDB+NiY7Nh2mLbaqEZci6Uok6PMmZcrtQjKmb2oYU1eifbvahNGvkF8DnoNAP
O+cfWSh6Actdba6Et1elMrdXyCQbQmRrB949+dXYiCS0KrkduTzcGtCGEdlgcbZl
w7moYuuZGZ8e0swwm6dJZUBNGdIICyMvpt5GnR8siw/wpHbYYwJxdU2z135+erX+
XHJMYAKO7M/eQOgunsqP+zH4k9nvCJziyM0LuP3/1g5uwkO+bjqX52z4BiDrX8u2
/mrAx5bq26EBHA==
=4e1v
-----END PGP SIGNATURE-----
News for package qpdf
