-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 27 Jan 2015 20:20:04 +0100 Source: jasper Binary: libjasper1 libjasper-dev libjasper-runtime Architecture: source i386 Version: 1.900.1-7+squeeze4 Distribution: squeeze-lts Urgency: high Maintainer: Roland Stigge <stigge@antcom.de> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: libjasper-dev - Development files for the JasPer JPEG-2000 library libjasper-runtime - Programs for manipulating JPEG-2000 files libjasper1 - The JasPer JPEG-2000 runtime library Closes: 775970 Changes: jasper (1.900.1-7+squeeze4) squeeze-lts; urgency=high . * Non-maintainer upload by the Squeeze LTS Team. * Add 07-CVE-2014-8157.patch patch. CVE-2014-8157: dec->numtiles off-by-one check in jpc_dec_process_sot(). (Closes: #775970) * Add 08-CVE-2014-8158.patch patch. CVE-2014-8158: unrestricted stack memory use in jpc_qmfb.c (Closes: #775970) Checksums-Sha1: 7cd93b0068da7d2a7d293ebeaa7b17ef70bb75ce 1844 jasper_1.900.1-7+squeeze4.dsc a20dc389f5962661b7ab81777c8316f8faee3a99 1143400 jasper_1.900.1.orig.tar.gz b3f592bf84e9ba221f3cbe7e81a3d38e5d394071 54228 jasper_1.900.1-7+squeeze4.diff.gz 72e169e5908ddea8375580fbd38bb8fa2e89317a 145940 libjasper1_1.900.1-7+squeeze4_i386.deb 85ce0dfbd3df7415961a03b8f27f3543e3ecc84b 551340 libjasper-dev_1.900.1-7+squeeze4_i386.deb 03609b3e519ed38cf1c9a28dfcaea888a5c68568 24162 libjasper-runtime_1.900.1-7+squeeze4_i386.deb Checksums-Sha256: d080a0ffd1cccb2323bed63fcf78cd5d262235e07f15eeff1e6b01c36f39cd55 1844 jasper_1.900.1-7+squeeze4.dsc 6cf104e2811f6088ca1dc76d87dd27c55178d3ccced20db8858d28ae22911a94 1143400 jasper_1.900.1.orig.tar.gz 9dd7b1bb053c718db3dda72f52afaf639e6c183b3953e515104f3413d88ab3e3 54228 jasper_1.900.1-7+squeeze4.diff.gz 168e7a467e0ff035a81bd9c573a4d76088d9460da9f4e75a9789b3fea37864d6 145940 libjasper1_1.900.1-7+squeeze4_i386.deb 578f96892bc2b85fb06030fbadf68c762c603bd7753f7cf3c35ffb40e6741412 551340 libjasper-dev_1.900.1-7+squeeze4_i386.deb 2fef285147853a988650e7bf9e2c6f364a405f9279198c57eeac95d701478962 24162 libjasper-runtime_1.900.1-7+squeeze4_i386.deb Files: 723dcee390db604c6c4ad3a7f1294ed8 1844 graphics optional jasper_1.900.1-7+squeeze4.dsc 4ae3dd938fd15f22f30577db5c9f27e9 1143400 graphics optional jasper_1.900.1.orig.tar.gz e3338284fe5af40355e0234d24a0ec9d 54228 graphics optional jasper_1.900.1-7+squeeze4.diff.gz 1df57f8b03bb6260d6f95bff9b25d524 145940 libs optional libjasper1_1.900.1-7+squeeze4_i386.deb ed414f0b072b17e52d23c4c5a70fa9bc 551340 libdevel optional libjasper-dev_1.900.1-7+squeeze4_i386.deb 8b8fea6e008d61b15c63febc38ee7427 24162 graphics optional libjasper-runtime_1.900.1-7+squeeze4_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJUyAfMXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHt4EP/303ypvFGQ3R7qDes4aVdfyn O9kV8yC+cHiZzsxQWO9TOg1IqBExdjwD1uaWYgS3InOSqOfbptbomD+bxV25YQ+b BNFPmNSjEVmvH//KcdiRL1ai1M1/GfLEBOgMpftMksy+787RYDJZfGqnESbCbTfS fYLm8x1ESt82pB4f6jbnNQW4mdbwKBLxFSOaS4Cen/VvnuCGsbfWaCZklPG4hUIQ RcRuZJHyjZ2kXepPEQUkWbhdbm8wTuN97FyGV39u7HV3pDoCz3n0tAdktF8AeHud dQqDNBsDN/SlV36IUfqQeeOxBg3SDGHNhK7pn4gJ4GW7jbpoR32qZy0n/ozBAYmn BQiiFQnYLHkynJOpApGkTXnQ/SEtuvNKCZK3G4dpMNO3PYxbJbGDfZ4AgOtX83YL n7PFNFSbBwOJLXykfzKVJWRa/H02w35H0aG9veglGk7KGtQjTzxioKpox5ox65zj cOK2y2bTE2W91pil7g46G9c05NucqOWVWicwWrsHM/hA3RZAcsdzYImEMhBDKpQE P1L73VkEn4tPX+EWdFJu2GueZOArJqQly7dd89pQDRkbuZGTAhBg/lP/ZBdEN7Dd B5seIt/hoNhcK7/PfKneHiWoHdTufHZVxM9Ey8ZIH4r0pmLlPSFhpHAXn0HtaGCJ xpCPBCcj93TU+JNgOOM1 =l8sW -----END PGP SIGNATURE-----