-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 04 Aug 2015 10:19:55 +0200 Source: ia32-libs-gtk Binary: ia32-libs-gtk Architecture: source amd64 Version: 20150804 Distribution: squeeze-lts Urgency: low Maintainer: Debian ia32-libs Team <pkg-ia32-libs-maintainers@lists.alioth.debian.org> Changed-By: Thijs Kinkhorst <thijs@debian.org> Description: ia32-libs-gtk - GTK+ ia32 shared libraries Changes: ia32-libs-gtk (20150804) squeeze-lts; urgency=low . * Packages updated . [ cairo (1.8.10-6+build1) squeeze-lts; urgency=medium ] . * Rebuild against libx11-dev fixed for CVE-2013-7439. . [ libwmf (0.2.8.4-6.2+deb6u2) squeeze-lts; urgency=medium ] . * Non-maintainer upload by the Debian LTS team. * Add patch to fix CVE-2015-4695: meta_pen_create heap buffer overflow Thanks to Fernando Muñoz <fernando@null-life.com>. #784205 * Add patch to fix CVE-2015-4696: wmf2gd/wmf2eps use after free Thanks to Caolán McNamara <caolanm@redhat.com> for the patch. #784192 . [ libwmf (0.2.8.4-6.2+deb6u1) squeeze-lts; urgency=medium ] . * CVE-2015-4588: Add RLE Decoding check Fix taken from Redhat BZ https://bugzilla.redhat.com/show_bug.cgi?id=1227243 * CVE-2015-0848: Only DecodeImage if pixel is one byte Fix taken from Redhat BZ https://bugzilla.redhat.com/show_bug.cgi?id=1227243 #787644 . [ qt4-x11 (4:4.6.3-4+squeeze3) squeeze-lts; urgency=high ] . * Non-maintainer upload by the Debian LTS team. * Add CVE-2014-0254.patch prepared by Salvatore Bonaccorso. Squeeze LTS does not support kfreebsd so the side effect on those architectures can be safely ignored. * This update includes fixes for multiple security issues: - CVE-2014-0254: information leak through world-readable shared memory segments - CVE-2015-0295 and CVE-2015-1858: denial of service through crafted BMP file - CVE-2015-1859: denial of service through crafted ICO file - CVE-2015-1860: denial of service through crafted GIF file #779550, #783133 Checksums-Sha1: ccfbaed893365ad0a176a08a5df1b70e5b906dc7 1558 ia32-libs-gtk_20150804.dsc adcd70d20f983d92fe1bb9b7c1f6984622cfb2e4 246873471 ia32-libs-gtk_20150804.tar.gz 4893d838d1b7d688f90b4287cdd1b29eb2d8ae0e 14473114 ia32-libs-gtk_20150804_amd64.deb Checksums-Sha256: 6abb1057b8f16dbaab7c5780daec4959c552498dce70582fc7bac06a8c43b5a9 1558 ia32-libs-gtk_20150804.dsc 5f7ddb466fe198af5393f7e53b8d95dcac7e242b6dcf09e9f978a3893838cf23 246873471 ia32-libs-gtk_20150804.tar.gz d067f82e79d2e9e03b23c6a368123896d7c17eaade3556f53625c3c13a6f3c66 14473114 ia32-libs-gtk_20150804_amd64.deb Files: 2dcee484e795b6f4743f9a3b701441e0 1558 libs optional ia32-libs-gtk_20150804.dsc fb7089f39ec67a3e45ee4e69f581a062 246873471 libs optional ia32-libs-gtk_20150804.tar.gz 1505cc49bcc1c34a0356b1c4274d4a83 14473114 libs optional ia32-libs-gtk_20150804_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJVwIfwAAoJEFb2GnlAHawEaocH/2DXLU2eF7XiB+3rsCJgn8RW sJ9DGv+tvjTTBHLWzGqSe2BdEdjRgYGylTUj+g2jLx2+LC7KNhakUZQ7EREa76vE 6th/barfqf8FaegCWZhcI6RtycljCh0Sk48YnEaIINwuxcu4j9gCw6hkSoQHt3Z7 gcEiwW0wiKxTwdYTGoZp9kEm3OVZSvsQhLFRrf4mQP6sJ9pWbVgrt24slY8wIPJ4 23pSP/52LsYLzodcmLB9YMD2kplrYErsKsr9VWuz3lhIntQDNupnK7sbcerJL9yg 4FR0GLwF55Avw1UJcnTNNrsZzeQPdiobPZKjhgs8q+xXaKK+d337wxULLs1xrt8= =5EEX -----END PGP SIGNATURE-----
