-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 21 Nov 2009 14:57:51 +0100 Source: gimp Binary: libgimp2.0 gimp gimp-data libgimp2.0-dev libgimp2.0-doc gimp-dbg Architecture: source all amd64 Version: 2.6.7-1.1 Distribution: unstable Urgency: high Maintainer: Ari Pollak <ari@debian.org> Changed-By: Nico Golde <nion@debian.org> Description: gimp - The GNU Image Manipulation Program gimp-data - Data files for GIMP gimp-dbg - Debugging symbols for GIMP libgimp2.0 - Libraries for the GNU Image Manipulation Program libgimp2.0-dev - Headers and other files for compiling plugins for GIMP libgimp2.0-doc - Developers' Documentation for the GIMP library Closes: 553234 555929 556750 Changes: gimp (2.6.7-1.1) unstable; urgency=high . * Non-maintainer upload by the Security Team. * This update fixes the following security issues: - CVE-2009-3909: integer overflow in PSD file loader leading to a heap-based buffer overflow (Closes: #556750). - CVE-2009-1570: integer overflow in BMP file loader leading to a heap-based buffer overflow (Closes: #555929). * Add ${shlibs: Depends} to depends of libgimp-dev (Closes: #553234). Checksums-Sha1: 063b8df139c9c8110c438566179419dbd4763da7 1948 gimp_2.6.7-1.1.dsc ab6ff9a2cf1c329ae2eb1cb0187a970588dccfd6 45057 gimp_2.6.7-1.1.diff.gz 8f9f036586de837879d08bb4804cf68b0ffb84c6 11045246 gimp-data_2.6.7-1.1_all.deb 89a21721083320452d60a2911708ffef13b0af6a 1074066 libgimp2.0-doc_2.6.7-1.1_all.deb ac2773b706e928585bcc5bde6e144c2a2e4516df 1134256 libgimp2.0_2.6.7-1.1_amd64.deb c88679fc7bb5e98b4bd9909d94a4ce5f7e150b5f 4913686 gimp_2.6.7-1.1_amd64.deb e8c5a3044a7212a0427d9e72e363f68037bc3f47 157090 libgimp2.0-dev_2.6.7-1.1_amd64.deb e0b9139e61bc0fdeef84a32d8512bb26ccf811c4 13797466 gimp-dbg_2.6.7-1.1_amd64.deb Checksums-Sha256: feabc12a63edfa8cbc442ec093650679ce55760dc7a871aeb520191ff9648e2e 1948 gimp_2.6.7-1.1.dsc 190631712ba66e5c7eed75c2891983b0609d370025e2cf5fd67fa31ee11ef7fb 45057 gimp_2.6.7-1.1.diff.gz c1c3f9a9bcb18b359a9e90f7f2623c919822ab4690b9e0d1ed21913134be9740 11045246 gimp-data_2.6.7-1.1_all.deb 31a80b404d04183ee7c67baa405d54d17e0baa9cfe406177d0d864f3091d579d 1074066 libgimp2.0-doc_2.6.7-1.1_all.deb 5c525373f768842fc67fdac006c9bab60238700a180b31ed6b2f70b106eb6fa7 1134256 libgimp2.0_2.6.7-1.1_amd64.deb 834eab4106583c3b49b1ef7dc89fa0c8fde164826c34e040afc8857925011e97 4913686 gimp_2.6.7-1.1_amd64.deb 46b6701c74647ad12ba19107d3510719e07df9ea4395f06e06df8fd767b90ab4 157090 libgimp2.0-dev_2.6.7-1.1_amd64.deb 082597a1f3d44f2921833ce7349e9a8565ff762be2eb141925991c1cb14a8a8a 13797466 gimp-dbg_2.6.7-1.1_amd64.deb Files: e29a8a246b41c7d6e54be9ecf9baa237 1948 graphics optional gimp_2.6.7-1.1.dsc 3062c9c69a9e59510a73e51eec9380d7 45057 graphics optional gimp_2.6.7-1.1.diff.gz e78b4cd448fade3f1b1d0779475cdf04 11045246 graphics optional gimp-data_2.6.7-1.1_all.deb 4f7d8b438535940543f8ff261ebb6849 1074066 doc optional libgimp2.0-doc_2.6.7-1.1_all.deb c361ee0407cc79179b2ba6f0ca5f8533 1134256 libs optional libgimp2.0_2.6.7-1.1_amd64.deb ed7eefbb4b320b668f2a9a1bcb78c9f2 4913686 graphics optional gimp_2.6.7-1.1_amd64.deb c0344fa18150e41d010a6b72cd390224 157090 libdevel optional libgimp2.0-dev_2.6.7-1.1_amd64.deb 0c2def267e3fbee92e099fceb72f6ded 13797466 debug extra gimp-dbg_2.6.7-1.1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAksIGKQACgkQHYflSXNkfP/vlgCgmjlof7ifhjQ0EWR4Q85jz81Q vgAAoK7mIt2hal/2gTaJ2h/CnzHNNJjY =3jGU -----END PGP SIGNATURE----- Accepted: gimp-data_2.6.7-1.1_all.deb to main/g/gimp/gimp-data_2.6.7-1.1_all.deb gimp-dbg_2.6.7-1.1_amd64.deb to main/g/gimp/gimp-dbg_2.6.7-1.1_amd64.deb gimp_2.6.7-1.1.diff.gz to main/g/gimp/gimp_2.6.7-1.1.diff.gz gimp_2.6.7-1.1.dsc to main/g/gimp/gimp_2.6.7-1.1.dsc gimp_2.6.7-1.1_amd64.deb to main/g/gimp/gimp_2.6.7-1.1_amd64.deb libgimp2.0-dev_2.6.7-1.1_amd64.deb to main/g/gimp/libgimp2.0-dev_2.6.7-1.1_amd64.deb libgimp2.0-doc_2.6.7-1.1_all.deb to main/g/gimp/libgimp2.0-doc_2.6.7-1.1_all.deb libgimp2.0_2.6.7-1.1_amd64.deb to main/g/gimp/libgimp2.0_2.6.7-1.1_amd64.deb
