-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 21 Jul 2023 19:59:53 +0200 Source: pandoc Architecture: source Version: 2.9.2.1-1+deb11u1 Distribution: bullseye Urgency: high Maintainer: Debian Haskell Group <debian-haskell@lists.debian.org> Changed-By: Guilhem Moulin <guilhem@debian.org> Closes: 1041976 Changes: pandoc (2.9.2.1-1+deb11u1) bullseye; urgency=high . * Non-maintainer upload. * Add d/salsa-ci.yml for Salsa CI. * Fix upstream test suite and make sure it is run at build time (cf. #1010179). * Fix CVE-2023-35936 and CVE-2023-38745: Arbitrary file write vulnerability via specially crafted image element in the input when generating files using the `--extract-media` option or outputting to PDF format. (Closes: #1041976) Checksums-Sha1: 20f2ea7559a71e0bd65d544dde97c6195d1f5558 8433 pandoc_2.9.2.1-1+deb11u1.dsc 7301459b9d1a562eed79a073bda76f800e1e4a2c 60096 pandoc_2.9.2.1-1+deb11u1.debian.tar.xz 5c7fab8032e3aefd3f32aec30b57c8a41a6fc2e7 21633 pandoc_2.9.2.1-1+deb11u1_amd64.buildinfo Checksums-Sha256: 261f6f0d0251d7930b37d1be8d8511e6909fbd3c8e5553a20e98061145afd0fe 8433 pandoc_2.9.2.1-1+deb11u1.dsc 8fd8db70231c3fe9a12c8ea5d18ffe6aef551d933b9a311e1225a110f5353cbd 60096 pandoc_2.9.2.1-1+deb11u1.debian.tar.xz b5d498abbb56a213ad1a7904996ba2aaaf73aa6a975a5cc69db6a9734fee6db5 21633 pandoc_2.9.2.1-1+deb11u1_amd64.buildinfo Files: 87be9f7d0ccb08a46b36164b2b369b73 8433 text optional pandoc_2.9.2.1-1+deb11u1.dsc 287ab20e9c07133bc276341fdc087fd0 60096 text optional pandoc_2.9.2.1-1+deb11u1.debian.tar.xz 2649b36f46d93e9295b4f10da3a24f35 21633 text optional pandoc_2.9.2.1-1+deb11u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmTAMeQACgkQ05pJnDwh pVJPgw//f/CMO0bWBXHrE3qEbZm8Ba7BipKL9czYMJAYzsywSw/Sgiu7U5IMXofr U1v6n47gdiMwOUO4Dn10tlUT2ggqFP8S7qhOBnqVoucamAzX/sqGbE6oUVE6CUpM l15VjvJAx9+ZpRESHWJoVRCRQ1PbdnikVJC+duvnJp21+ToifY2bP858L1t9eJAB DCvInVXZc/wZTQ39eftRasGUgrDPkneUo/m/wDRGLVgz+HSmeeseW6FdyXHMUNql bD3QZIuO9RiHlg2YeKgAWM0skoyvDPRbq8Rt60p9Lyoc9YeS4RF+opdjwYA+HaHP h3NZLTq/O5AhTJsMU5whuolXK5A7HT3sCT2oto+DTgGEXcpoXjrwTcB0/yWuIxHZ tc2pQtxY9CKmWz5kBsPPUyD8d/C8AR9tNzbtr3JLMt7LKKcsn+1gbljznLn1NEr6 YNJbQRBCipH3+sByMTDmAOcwq4PbnTe2XiUyywFJDE63Q5kT1Ru8cezYgD3qEW3x elw3RXqTmFAuqfSlcT0MNz20Bh3wsEyv+qKvL63RuC9NPq9EhpL42CmiqBnSRRJr mNoKNeoC05Z1avmFio17qo7liKPJhfDK+l0dAR+0ABkCgW8pHV3cRhimZl9o0dCI Ya8junlwubU1QLceipbUCx08/NQ6ZRSIe3ux6HIcBL12TPklIB4= =E6bc -----END PGP SIGNATURE-----
