-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 16 Nov 2005 16:56:39 +0100 Source: gtk+2.0 Binary: libgtk2.0-dev libgtk2.0-0-dbg gtk2-engines-pixbuf libgtk2.0-0 libgtk2.0-doc gtk2.0-examples libgtk2.0-bin libgtk2.0-common Architecture: source i386 all Version: 2.6.10-2 Distribution: unstable Urgency: medium Maintainer: Sebastien Bacher <seb128@debian.org> Changed-By: Sebastien Bacher <seb128@debian.org> Description: gtk2-engines-pixbuf - Pixbuf-based theme for GTK+ 2.x gtk2.0-examples - Examples files for the GTK+ 2.0 libgtk2.0-0 - The GTK+ graphical user interface library libgtk2.0-0-dbg - The GTK+ libraries and debugging symbols libgtk2.0-bin - The programs for the GTK+ graphical user interface library libgtk2.0-common - Common files for the GTK+ graphical user interface library libgtk2.0-dev - Development files for the GTK+ library libgtk2.0-doc - Documentation for the GTK+ graphical user interface library Closes: 309437 315083 323209 339431 Changes: gtk+2.0 (2.6.10-2) unstable; urgency=medium . [ Sebastien Bacher ] * Patch from Ubuntu update, thanks Martin Pitt. * SECURITY UPDATE: Arbitrary code execution and DoS. * Add debian/patches/010_xpm-colors-overflow_CVE-2005-3186.patch: - io-xpm.c: Add check to XPM reader to prevent integer overflow for specially crafted number of colors (Closes: #339431). - CVE-2005-3186 * Add debian/patches/011_xpm-colors-loop_CVE-2005-2975.patch: - io-xpm.c: Fix endless loop with specially crafted number of colors. - CVE-2005-2975 . * debian/rules: - fix confusing cp usage. . [ Loic Minier ] . * Update FSF address. [debian/copyright] * Remove "Copyright:" line, the whole file expresses the copyright already. (Closes: #323209) [debian/copyright] * Backport patch from the 2.8 branch removing the warning introduced somewhere in 2.6 when length wraps in calculation in gdk_property_get. (Closes: #315083) [debian/patches/064_gdk-property-get-no-warning.patch] * Add ${misc:Depends} to all packages. * Remove libgtk2.0-0 dependency from libgtk2.0-common to break the circular dependency; cross your fingers, don't hold your breath. (Closes: #309437) Files: 3563b30a4289c32184c55ba195036708 2141 libs optional gtk+2.0_2.6.10-2.dsc 6b971feecb17c4791472aa96acdea3a3 47597 libs optional gtk+2.0_2.6.10-2.diff.gz 7c5d80d99cae36830180239b26a493fa 3138308 misc optional libgtk2.0-common_2.6.10-2_all.deb af323f59755f3e06ffae3e6b13d3e3aa 2328124 doc optional libgtk2.0-doc_2.6.10-2_all.deb eb201ab2646f4cea2663316c08514ed2 2052200 libs optional libgtk2.0-0_2.6.10-2_i386.deb 894a6ec816c55e5bc085d911a55afb8f 18192 misc optional libgtk2.0-bin_2.6.10-2_i386.deb fae0ba120610c486f2a5515eeb61f351 2208758 libdevel optional libgtk2.0-dev_2.6.10-2_i386.deb 7f70323d835bea802bafd6096a610992 3533168 libdevel extra libgtk2.0-0-dbg_2.6.10-2_i386.deb 4dc3b71e3311d5cffa8496d6790f924b 281144 x11 extra gtk2.0-examples_2.6.10-2_i386.deb 2e7ece79ea1ec06a22a05de5cf3e7057 65358 graphics optional gtk2-engines-pixbuf_2.6.10-2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFDe2QPQxo87aLX0pIRAqNNAJ90/qfcwJjzU3NaowscTVjDY79lZwCgr1jX 1s2lgI1Zb20EQSzGlh2jTDg= =nUeE -----END PGP SIGNATURE----- Accepted: gtk+2.0_2.6.10-2.diff.gz to pool/main/g/gtk+2.0/gtk+2.0_2.6.10-2.diff.gz gtk+2.0_2.6.10-2.dsc to pool/main/g/gtk+2.0/gtk+2.0_2.6.10-2.dsc gtk2-engines-pixbuf_2.6.10-2_i386.deb to pool/main/g/gtk+2.0/gtk2-engines-pixbuf_2.6.10-2_i386.deb gtk2.0-examples_2.6.10-2_i386.deb to pool/main/g/gtk+2.0/gtk2.0-examples_2.6.10-2_i386.deb libgtk2.0-0-dbg_2.6.10-2_i386.deb to pool/main/g/gtk+2.0/libgtk2.0-0-dbg_2.6.10-2_i386.deb libgtk2.0-0_2.6.10-2_i386.deb to pool/main/g/gtk+2.0/libgtk2.0-0_2.6.10-2_i386.deb libgtk2.0-bin_2.6.10-2_i386.deb to pool/main/g/gtk+2.0/libgtk2.0-bin_2.6.10-2_i386.deb libgtk2.0-common_2.6.10-2_all.deb to pool/main/g/gtk+2.0/libgtk2.0-common_2.6.10-2_all.deb libgtk2.0-dev_2.6.10-2_i386.deb to pool/main/g/gtk+2.0/libgtk2.0-dev_2.6.10-2_i386.deb libgtk2.0-doc_2.6.10-2_all.deb to pool/main/g/gtk+2.0/libgtk2.0-doc_2.6.10-2_all.deb