-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 23 Jun 2024 18:25:00 +0200 Source: indent Architecture: source Version: 2.2.12-1+deb11u1 Distribution: bullseye Urgency: low Maintainer: Santiago Vila <sanvila@debian.org> Changed-By: Santiago Vila <sanvila@debian.org> Closes: 1036851 1049366 1061543 Changes: indent (2.2.12-1+deb11u1) bullseye; urgency=low . * Restore the ROUND_UP macro and adjust the initial buffer size. Patch from the author, backported from 2.2.13. Fix memory handling problem. Closes: #1036851. * Apply two patches by Petr Písař <ppisar@redhat.com>. - Fix an out-of-buffer read in search_brace()/lexi() on an condition without parentheses followed with an overlong comment. - Fix a heap buffer overwrite in search_brace(). Closes: #1049366. This one is CVE-2023-40305. * Fix a heap buffer underread in set_buf_break(). Closes: #1061543. Patch by Petr Písař <ppisar@redhat.com>. This is CVE-2024-0911. Checksums-Sha1: afbc3cf64ca70f96faa5982ab5492f9235eba7f1 1422 indent_2.2.12-1+deb11u1.dsc 2edc75eab44d299f28c192576dea8135496ba7c4 7548 indent_2.2.12-1+deb11u1.debian.tar.xz 63485617a7b8f52b2c98b182415cfde67229ce3a 5632 indent_2.2.12-1+deb11u1_source.buildinfo Checksums-Sha256: a04a1522e1f51b43b53530f657314bce3e6816f4c56befb0d9534d91a5619487 1422 indent_2.2.12-1+deb11u1.dsc c7340890eb5d68e54d42887445c4a381d2fdc472e2e2e87ae9f2db32d40f61e9 7548 indent_2.2.12-1+deb11u1.debian.tar.xz 1356191ccec03e6af318b8550a11689915c515d1788d680ebeca4b289f6f2026 5632 indent_2.2.12-1+deb11u1_source.buildinfo Files: 328baeac6001744a986aa325025eecdd 1422 devel optional indent_2.2.12-1+deb11u1.dsc 96e0d5482a2d5fe686f0eb6c0db36708 7548 devel optional indent_2.2.12-1+deb11u1.debian.tar.xz 6490e39867536b9b3d55fa0a260efde1 5632 devel optional indent_2.2.12-1+deb11u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEE1Uw7+v+wQt44LaXXQc5/C58bizIFAmZ4TdcACgkQQc5/C58b izI+9Af/XWxKvoWzGeuVM6QtATVS7lNPDPOPdTwyvm9cykA+lXdLsg3JeyVf/VMk EafNNyjyiiF1GzyNxoQlisX+0djPCCD3Ng6f5ViXeRluWPtS+9CjbcTRCfdb/LuX ZZednyw7T+g4ZBBJzTqvlpHBnuLODzEyXyEmyFJwWs2iYzs804/aINJjAgCT8y3T ouwJr8/Bc+8Al2gtGu8TWH2iP/jn1NF3J/EgdX1vzz7xhipLBYI6K937xahN0C/O ytKWkdCC6yYnK4IrUj5+TuWBdV+DyiczDXzwUAB5vbeOL8J0oa/4BSPwPOoEtb2N mgAxpZU3PC0iLIingqhpJvFDKWtG9w== =yiqs -----END PGP SIGNATURE-----