-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 12 Jan 2014 14:37:45 +0100 Source: graphviz Binary: graphviz libgv-guile libgv-lua libgv-perl libgv-php5 libgv-python libgv-ruby libgv-tcl libgraph4 libcgraph5 libcdt4 libpathplan4 libgvc5 libgvc5-plugins-gtk libgvpr1 libxdot4 libgraphviz-dev graphviz-doc graphviz-dev Architecture: source all amd64 Version: 2.26.3-16.1 Distribution: unstable Urgency: medium Maintainer: David Claughton <dave@eclecticdave.com> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: graphviz - rich set of graph drawing tools graphviz-dev - transitional package for graphviz-dev rename graphviz-doc - additional documentation for graphviz libcdt4 - rich set of graph drawing tools - cdt library libcgraph5 - rich set of graph drawing tools - cgraph library libgraph4 - rich set of graph drawing tools - graph library libgraphviz-dev - graphviz libs and headers against which to build applications libgv-guile - Guile bindings for graphviz libgv-lua - Lua bindings for graphviz libgv-perl - Perl bindings for graphviz libgv-php5 - PHP5 bindings for graphviz libgv-python - Python bindings for graphviz libgv-ruby - Ruby bindings for graphviz libgv-tcl - Tcl bindings for graphviz libgvc5 - rich set of graph drawing tools - gvc library libgvc5-plugins-gtk - rich set of graph drawing tools - gtk plugins libgvpr1 - rich set of graph drawing tools - gvpr library libpathplan4 - rich set of graph drawing tools - pathplan library libxdot4 - rich set of graph drawing tools - xdot library Closes: 734745 734804 Changes: graphviz (2.26.3-16.1) unstable; urgency=medium . * Non-maintainer upload. * Add CVE-2014-1235.patch patch. CVE-2014-1235: buffer overflow vulnerability in yyerror() introduced by original fix for CVE-2014-0978. (Closes: #734745) * Add CVE-2014-1236.patch patch. CVE-2014-1236: buffer overflow from user input (the regexp in chkNum would accept arbitrary long digit list) (Closes: #734745) * Enable hardened build flags. Thanks to Moritz Muehlenhoff <jmm@debian.org> (Closes: #734804) * Add fix-missing-format-string.patch patch. Fixes missing format strings for printf and fprintf calls. Checksums-Sha1: 8859d3b7ec311a42ab1cecab9e71ebf844ffed92 3252 graphviz_2.26.3-16.1.dsc a3fd95b291426e19a0350d944074cda1951b7452 55041 graphviz_2.26.3-16.1.debian.tar.gz b2b4ae7d5eefbb85670e4e435d3365ee8c7d70ee 2306676 graphviz-doc_2.26.3-16.1_all.deb 73c185899dfab1e3f4733802c32cdf03d7a5bc61 47842 graphviz-dev_2.26.3-16.1_all.deb 61ba959f9dff97ca9d9f8f224095cb6423865cae 308186 graphviz_2.26.3-16.1_amd64.deb 8147430e0091e3d19a809f979b203c43e60ad6d8 65758 libgv-guile_2.26.3-16.1_amd64.deb b21d9312f0adf6c63b898133f45996984d030c74 74558 libgv-lua_2.26.3-16.1_amd64.deb 6509455e59fe4a4e02bf6da04d84f6629400e3e6 80340 libgv-perl_2.26.3-16.1_amd64.deb d105e88943d71277fa88b140d06d70449e6fa01a 71162 libgv-php5_2.26.3-16.1_amd64.deb 013033fcaa8b1c8bf34c306d20dd96dc96fa5c77 74254 libgv-python_2.26.3-16.1_amd64.deb 2e141d472a61334457772eec6819cf075a1ccf25 68962 libgv-ruby_2.26.3-16.1_amd64.deb 43d66d60c13f9e19c68e97369092642bd8cd0d4c 525666 libgv-tcl_2.26.3-16.1_amd64.deb 98d040f22073c6f5bd09d10cb92f48ffd6f8d2b7 68646 libgraph4_2.26.3-16.1_amd64.deb 4f24c9601f9c7ea077171fdfbca9b75e36c9b062 79594 libcgraph5_2.26.3-16.1_amd64.deb 97ec1e0ca283c72238dd49b6b71fb363478a5dab 57622 libcdt4_2.26.3-16.1_amd64.deb b1194def7c583f3c82c1e3df75fa8862f70c2867 61850 libpathplan4_2.26.3-16.1_amd64.deb b41c053328f76070937f568151d6fd6f86e80dc0 435724 libgvc5_2.26.3-16.1_amd64.deb 4c99df38aa49e530b10e0e6718b7be90271477f8 58234 libgvc5-plugins-gtk_2.26.3-16.1_amd64.deb 238ee29246a9e5f43c94e8c73c205c1924fb0637 204924 libgvpr1_2.26.3-16.1_amd64.deb 30903eceeb6bc4dab5211a74d94c9b534bce012d 52502 libxdot4_2.26.3-16.1_amd64.deb 3f464930aed4dd8646095e15807c001daade25ad 97440 libgraphviz-dev_2.26.3-16.1_amd64.deb Checksums-Sha256: a6d902cefb1d808f664efed09cf74c6874d77d666c70e77b550da4d39e6dea11 3252 graphviz_2.26.3-16.1.dsc 4b0e9ed81c3a39b54984091d64a51b957082723187362118086465cd95ea1aba 55041 graphviz_2.26.3-16.1.debian.tar.gz e52b7039e60bbd9d6f21828e2f8594f89e69dd01ffcbe1e55e01a07475a33330 2306676 graphviz-doc_2.26.3-16.1_all.deb 2ea127d1b6ccc20161374713ec1b79903462a03bfd9d22d6c94295c5378b6f61 47842 graphviz-dev_2.26.3-16.1_all.deb cb266e7da6fb88dc3434946831027027c6bcb164a6f53d0a8687adc01af0eeff 308186 graphviz_2.26.3-16.1_amd64.deb 2dfad7ad4bc466e69b653d6b4f409ce4020770206195e1fefb58dba500f819f1 65758 libgv-guile_2.26.3-16.1_amd64.deb 387632d8b95cdcd548d468741ae6c2f026c44add5b8765fc98cc848eab92f98d 74558 libgv-lua_2.26.3-16.1_amd64.deb 2e58cac2443b6e2532ca93035dd226bd27d84aebafbc74503722fb9d4d972a66 80340 libgv-perl_2.26.3-16.1_amd64.deb fc711bfc9ed28de32fc4b8bb0b09f0cd194de824118c8c8071b4abc53eeca279 71162 libgv-php5_2.26.3-16.1_amd64.deb d85e0378adf1f465b4d979bdaaf261f649cfdb0bd92faaa94136703bb0d12736 74254 libgv-python_2.26.3-16.1_amd64.deb 2a289bf8f8e98a2d032c1c3134ad8120f1e9f027fbec74c54e612bd80ede8e4d 68962 libgv-ruby_2.26.3-16.1_amd64.deb 0c20978c3f46fa4715ee395a3b6f9ee28a095c866e197acef41d4d6774524f1b 525666 libgv-tcl_2.26.3-16.1_amd64.deb a5908f31163388b6fd6a5f01c87c74c7bac85dd9196973043246fbcafe5a4007 68646 libgraph4_2.26.3-16.1_amd64.deb c1da9b0931115aa2ebf3ccc56352c4b60941b2d13cb82810a0d943fec3eaf7e4 79594 libcgraph5_2.26.3-16.1_amd64.deb 18bf518f3c30df1aa05fbdf212e0aace97cd1793256792886189ff5b01877fc5 57622 libcdt4_2.26.3-16.1_amd64.deb 3b8a8ef6593d4edfcc72b9d2537d078f8cdaab17fe1341d8b31e19013aff4462 61850 libpathplan4_2.26.3-16.1_amd64.deb 1f769c463fa882af9c74064843865c01da0c58fbcceb9dceacc801347024129c 435724 libgvc5_2.26.3-16.1_amd64.deb 2facf78249338a75f3f5de131e1efe2ecac23edb92d6475b8a546e484c7593e5 58234 libgvc5-plugins-gtk_2.26.3-16.1_amd64.deb 9e9b2862002fbbc0e382b64f425a3be0b22806cc2cd772fb6526ed3246a2ffe7 204924 libgvpr1_2.26.3-16.1_amd64.deb 342189a177da445c864a157aee71fa6f06382e285628976873dc2a2ad5366574 52502 libxdot4_2.26.3-16.1_amd64.deb 560e97f7621bb6508494cbfb61708527507a3cbf6ac474e39359aeb59922baec 97440 libgraphviz-dev_2.26.3-16.1_amd64.deb Files: 4abc7efd26f50d214738dccfe531d80a 3252 graphics optional graphviz_2.26.3-16.1.dsc fdd970fc14a8945aaf1fa131db200600 55041 graphics optional graphviz_2.26.3-16.1.debian.tar.gz 7148df9f2615e8730e83b70bd4d63716 2306676 doc optional graphviz-doc_2.26.3-16.1_all.deb e7b55b3a04b37b32f35e414146a2abb8 47842 devel optional graphviz-dev_2.26.3-16.1_all.deb 6830457ca2ddda9fe3d7d2aaa88d386a 308186 graphics optional graphviz_2.26.3-16.1_amd64.deb b2844c3095d4f9bcc8780f981e515fe9 65758 interpreters optional libgv-guile_2.26.3-16.1_amd64.deb 1f8a3c395cbd588902d93907c9ee988f 74558 interpreters optional libgv-lua_2.26.3-16.1_amd64.deb 1ee81e46fd37455327598df3542972a6 80340 perl optional libgv-perl_2.26.3-16.1_amd64.deb 21d8a24a6d4659a987f778329f3b7b50 71162 php optional libgv-php5_2.26.3-16.1_amd64.deb c0f25da5224599201ce7f0dfe5b0c9e9 74254 python optional libgv-python_2.26.3-16.1_amd64.deb 081a51435aff627f71c6faeb5ec1a9d3 68962 ruby optional libgv-ruby_2.26.3-16.1_amd64.deb 0437af12f37044e683f43fdb80d6d67f 525666 interpreters optional libgv-tcl_2.26.3-16.1_amd64.deb 6fd0d1ba48a13dbd0bad9ae4e7ad7088 68646 libs optional libgraph4_2.26.3-16.1_amd64.deb 4b8ac042e6ec92fd5e5c68c5907b3cae 79594 libs optional libcgraph5_2.26.3-16.1_amd64.deb 808735ee55893169bc388ac0cd82fe05 57622 libs optional libcdt4_2.26.3-16.1_amd64.deb cd3ab41e46e78c9469cb398e8986af56 61850 libs optional libpathplan4_2.26.3-16.1_amd64.deb d95d0b8c874fa36c8966242a057de59c 435724 libs optional libgvc5_2.26.3-16.1_amd64.deb 7958278b2e29a373c99d994f0ecb57ee 58234 libs optional libgvc5-plugins-gtk_2.26.3-16.1_amd64.deb 7bb03c958e91a03afae483b106b92ea9 204924 libs optional libgvpr1_2.26.3-16.1_amd64.deb be299c84bf874f40f4e05386b2fe8a44 52502 libs optional libxdot4_2.26.3-16.1_amd64.deb 118c9d000c997c0be8e9d6ee94b3bdb8 97440 libdevel optional libgraphviz-dev_2.26.3-16.1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJS0sAMAAoJEAVMuPMTQ89EO2QP/3k+5aDuCOV8jH378UmE309W cvW3YblqcYMWunIpYX07+GNkff6tCIyzLe3Js8w9z9Wj0LXk0WbV6Bq/byEoQ3+8 QEoWC16LeakgzGRd5QLHlZfe8QN6ezLWrsSROuCYZiyZl2ycrnKkTq0TVkkmFFYA pPJOxmyqf7fPsLWp652r/qtidSO6ncCHhkx+gg4gUUOXVtU+QpOlADuN+gtR9G0n KoJoblYckp5ydxstMtlezNr6rjOme0a7Ay/A0eZBHvmYYmfpL4y3kqRMQjmFrJGb 5+9FVsKlV2jym6uE6gzA3NYJ/IcwbPDQ0JjGnwlkYDefaT0uywffziBfZkmbfpBn uMYc8MwXTD/AwzVXMjNN2Usrhn/F8tpPAwe+TKlXui1BSm1KRkmwxPu65ULd1tZN BYODo+nlizdm9ByEcMcr/eLxSVpWl4FKN2BoASHU98dMCY6sNsY27aWoQpomYfeE ieCGAB92ZRfa6s5e+4e0sNCT4r5dihGSaL+9KhNhoMRqEgqdIj4uVPsy7rBSviQV Hz8m4AX1tua/fwYVDX/1GdaUdnh702wGea6fagudgQKWM1AdfxWh/2MiMAPDvt/R bcJAmQPAWPN1Fyuzc9/3IGJF0pIicG9E7keJTVOIEoqyJRirjT5mrxVcheSGx3na sgRjQ7E8dJSeo+oOcHH3 =IFtn -----END PGP SIGNATURE-----