-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 29 Mar 2016 19:10:15 +0200 Source: libebml Binary: libebml3 libebml-dev Architecture: source amd64 Version: 1.2.2-2+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: libebml-dev - access library for the EBML format (development files) libebml3 - access library for the EBML format (shared library) Changes: libebml (1.2.2-2+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload. * Add CVE-2015-8789.patch. Fix use-after-free vulnerability in the EbmlMaster::Read function. * Add CVE-2015-8790.patch. Fix EbmlUnicodeString::UpdateFromUTF8 function that allowed context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string. * Add CVE-2015-8791.patch. Fix EbmlElement::ReadCodedSizeValue function that allowed context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id. Checksums-Sha1: c1d5ee3d7a3df92058d3a33c113b02a0fa3dc26b 2215 libebml_1.2.2-2+deb7u1.dsc f8ef2e044b79b6e4f777b20c0e0e2382c16fbafc 60802 libebml_1.2.2.orig.tar.bz2 8cf421643c09639b364e32537d8497e2bdea2067 6895 libebml_1.2.2-2+deb7u1.debian.tar.gz a531fc806e67842666ff923c3aa37aa10dc34ae5 64080 libebml3_1.2.2-2+deb7u1_amd64.deb 3188e80d311949ab0240532cfb26d350f196233e 102876 libebml-dev_1.2.2-2+deb7u1_amd64.deb Checksums-Sha256: 0f648a4c8d37d20e9968f5ff3c790410c1a474e1e54cd0c453c8c16efebf3557 2215 libebml_1.2.2-2+deb7u1.dsc 476b08c6436a96c024a53e788e7c945ce9b41cd8654165763444aa7e5245b7a5 60802 libebml_1.2.2.orig.tar.bz2 b2629195bdd8088f3612a48300bc8a4bdf2535dd2757f46d41ae74bb45a3273d 6895 libebml_1.2.2-2+deb7u1.debian.tar.gz 4df1757fd889dff17be980dfec1dea494d5315857d533cb69021e24485daa6c2 64080 libebml3_1.2.2-2+deb7u1_amd64.deb 991bbb304a4bf60d539f99cbb70f4633ff5a62acb01249c5a77545d5b02815f1 102876 libebml-dev_1.2.2-2+deb7u1_amd64.deb Files: bf26aa457e43e0ce7ca03e2fec2ed44c 2215 devel optional libebml_1.2.2-2+deb7u1.dsc 726cc2bd1a525929ff35ff9854c0ebab 60802 devel optional libebml_1.2.2.orig.tar.bz2 029929f7d8a7302a5ccfecc21ac7c02e 6895 devel optional libebml_1.2.2-2+deb7u1.debian.tar.gz 8fd38ed348a3896525692a36df72c6b2 64080 libs optional libebml3_1.2.2-2+deb7u1_amd64.deb 46e194ac4a3b3127902e9a8cc71cd345 102876 libdevel optional libebml-dev_1.2.2-2+deb7u1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJW+rd1XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkF18QAJqTC+r+9lIsXkxWbdM45wTw AR2wL+Vb7dkxxV6IhkvRo+QXOmEbxO5MCI7e0cq3aiUeC2ov9NTIgK5zbp8TpyGr 4Tpz7ovVoeoWLQFLDFphN3nsEDfoU5sY+oKQEfvSSgEKLeNUpQGDy/FFvO3lcg9P R0z7O9vk8l0Zeahw6vuH3Nhc3jkg844QROskpUtbZ9prFApT8qp1f3mThgcVk59M oCt7L11rhUn5N23RoUpwc43hGUsGhnz070Qtgtr4ErjBvGOtcarVbuNDTjjZM//F HyrHG6hz0w6PRIoIS3lnFiaED+SQiIorYi7TETbQcrh1EVryLz/U67vLSyBKyaLz F6XXtY3EibqrYsh+MGb0O9s7dA1I8/XxkNe5TbSu48TfDU/ljOR+fUhnXtG9cP7E TbgR1pVd9tyUyDAhcFNP0DdkWH0cyAXZ8l4Px/hnsVAvlDLBW0qx/+XT7TujzQ3c TbGO2GwMUFHyI0STyuhLaMylir9HTE6Vckczbl1TlKzZPNkuOb6HNbgw0jgM+6M9 Sl6jxqVOOJRGGorSyH6LWf7ifh8029QJoujuMS/sXiWdSbJdMP7ifWDZ2+4vQaFn GKR2TeN5J6UzLdE4r1KKU6YhajSyVRQ7SqzXXKnUrnOz2je4s0hI6t0nqYToUmO4 I5GKD3F6xsYnyKHeKwMI =PrMV -----END PGP SIGNATURE-----