Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted aom 3.8.2-3 (source) into unstable
Date: Wed, 05 Jun 2024 18:49:07 +0000
Signed by: Jeremy Bicha <jeremy.bicha@canonical.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 05 Jun 2024 14:30:24 -0400
Source: aom
Built-For-Profiles: noudeb
Architecture: source
Version: 3.8.2-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Changed-By: Jeremy Bícha <jbicha@ubuntu.com>
Changes:
 aom (3.8.2-3) unstable; urgency=medium
 .
   * Team upload
 .
   [ Marc Deslauriers ]
   * SECURITY UPDATE: Integer overflow in img_alloc_helper
     - debian/patches/CVE-2024-5171-1.patch: fix integer overflows in calc
       of stride_in_bytes in aom/src/aom_image.c, test/aom_image_test.cc.
     - debian/patches/CVE-2024-5171-2.patch: avoid integer overflows in
       align_image_dimension() in aom/aom_image.h, aom/src/aom_image.c,
       test/aom_image_test.cc.
     - CVE-2024-5171
Checksums-Sha1:
 b325b8eb92d8da4adeee51af983dde713615e623 2280 aom_3.8.2-3.dsc
 cf2d7539beadd723940c56534c0eb5b889d683d6 22632 aom_3.8.2-3.debian.tar.xz
 a5ea1d800ecc33de2c042f09341c1de35db7eea2 14371 aom_3.8.2-3_source.buildinfo
Checksums-Sha256:
 caaf48f2bdbd06b65fee328f6b36f1faa8ccd0ae665cca525ff46f118135e6e8 2280 aom_3.8.2-3.dsc
 cf6c5bec2e640dde5b4f40cddc825d9bd17f33961b8a7698f64c2b22c31ca3f4 22632 aom_3.8.2-3.debian.tar.xz
 794ca55ae08bb76863c936a037860f350b71bbcdc4387f6af370d03b675eb857 14371 aom_3.8.2-3_source.buildinfo
Files:
 59f3b84e494a6b72239b27390f10f34a 2280 video optional aom_3.8.2-3.dsc
 350a081fdaca226606e5e4e201ac6e1d 22632 video optional aom_3.8.2-3.debian.tar.xz
 3e536b74ac8bedc5f0781227222e6103 14371 video optional aom_3.8.2-3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEETQvhLw5HdtiqzpaW5mx3Wuv+bH0FAmZgr04ACgkQ5mx3Wuv+
bH0fxxAA03Kx8Zph3qaXqgl0CnqLj5mdg3L22dKu253bFaensOgjlvVhqF2BoZ6o
fVxl6y+6yv2KWX1R9swyG1Xx0Gx4Fz0Q7b9dSIq65uCs7Y8SBcTLqiBs6bycuyqu
xqSXx46s8vKsLTLxUx6gdrTKlSCCZYKuB7cvg+D+DrYzz3CYES27MESpEikH/pMd
aCohe3T/Z3DXBou0nelMvx0k6NiG710Afk39CrTZ3ANioU5Be3Q4l5FHRmHLgBKW
RdA+2v25SoPCPMNQg9nOj/6rdgOWymqA4sjXE68EQLf3AYGq5c7FbOvy7U+a9utI
dGj8Zm89k9ruG1YMlAfU6S6/KmwyHo2WzFpgC8H2FAzdzw3F2Ck4KqFHJxJ74AFi
33ks0E9kGu/QLWfiwN/huWJAcN/VbkEGk0Gby6VyLvfEuLFsqvBRvGAQfzaJJNMU
Z3FiDRgL+bvfowxOm1oS72/1e3bHavA2tUFa/wTu6VdxX3CYb+bCN7n7iqw92CdW
/0oDTpthQRwHUix8oT6bKohojHjTYUg/ERphfctCsGqZAWK57VjQvekJigBn192o
t5kjw+Nt0BrTGfOrd/Ar3KRy8djwXkFPipwtP2UxUtKbSaJNcQYGvI7Vs8eQWBtN
Jktj8heUght5rJcKMmRbRn78w/3Dltl9Qwc9roPk/Siok8q9Wyg=
=Kx9A
-----END PGP SIGNATURE-----

News for package aom