-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 14 Jul 2016 10:53:07 +0200 Source: libgd2 Binary: libgd-tools libgd-dev libgd3 libgd-dbg Architecture: source amd64 Version: 2.2.2-29-g3c2b605-1 Distribution: unstable Urgency: medium Maintainer: GD team <pkg-gd-devel@lists.alioth.debian.org> Changed-By: Ondřej Surý <ondrej@debian.org> Description: libgd-dbg - Debug symbols for GD Graphics Library libgd-dev - GD Graphics Library (development version) libgd-tools - GD command line tools and example code libgd3 - GD Graphics Library Closes: 829014 829062 829694 Changes: libgd2 (2.2.2-29-g3c2b605-1) unstable; urgency=medium . * Imported Upstream version 2.2.2-29-g3c2b605 + [CVE-2016-5766]: Fix Integer Overflow in _gd2GetHeader() resulting in heap overflow (Closes: #829014) + [CVE-2016-6128]: Fix invalid color index not handled, can lead to crash (Closes: #829062) + [CVE-2016-6161]: Add upstream patch to fix gif: avoid out-of-bound reads of masks array + [CVE-2016-6132]: Fix out-of-bounds read in the parsing of TGA files (Closes: #829694) + [CVE-2016-6214]: Fix read out-of-bands was found in TGA + Fix another out-of-bounds read in read_image_tga (upstream #248) * Remove patches merged upstream Checksums-Sha1: 909ea3dabdf150dcefac7ea72142c14e216aa7d0 2410 libgd2_2.2.2-29-g3c2b605-1.dsc dcbb179ada29ff7d6b106042699550e94fef5dff 1831552 libgd2_2.2.2-29-g3c2b605.orig.tar.xz c2c5ea2cc05491ba34588ec4edd53a2fed727e60 22728 libgd2_2.2.2-29-g3c2b605-1.debian.tar.xz 02ec24d0b94201602fa73fe2a777cabdcb995645 301204 libgd-dbg_2.2.2-29-g3c2b605-1_amd64.deb 230e502983037a5030232e5e5ff0b87e9c016ae5 272240 libgd-dev_2.2.2-29-g3c2b605-1_amd64.deb 259d95c8ce6ae63f0763659919f7364c8a96b0c3 37730 libgd-tools_2.2.2-29-g3c2b605-1_amd64.deb 6af004c776465bd3692e31d850e3c9ca62ac8cbc 133338 libgd3_2.2.2-29-g3c2b605-1_amd64.deb Checksums-Sha256: 7a137f4bc72a1e15cc71c2a6198d2961aff1ba99095f44bd51aa7cd34cdd8ce1 2410 libgd2_2.2.2-29-g3c2b605-1.dsc f327ede0051ec08041211a418c059970cc2ec4d9ad4a27b21bc150a0ca1ebcb1 1831552 libgd2_2.2.2-29-g3c2b605.orig.tar.xz 25b52a9a81615721bf2939c6b6fcc497034f15aafb9d9c8b64364dbd35754dcf 22728 libgd2_2.2.2-29-g3c2b605-1.debian.tar.xz fe69d6e5f5b857e45c72de8382cc3678754b97ab7a3e244eda5eafa5fe17842f 301204 libgd-dbg_2.2.2-29-g3c2b605-1_amd64.deb 003784884bf863b28ba040aeb62935626ce8d071c94b293adaa82d99b5cbe18c 272240 libgd-dev_2.2.2-29-g3c2b605-1_amd64.deb 07dbfeb58119419e43a974b53e4f7563cd7950b443260fc9dafeb415d8f8ad9a 37730 libgd-tools_2.2.2-29-g3c2b605-1_amd64.deb c4d3b1f8e1929d0382ef4aa234c98622c0f3f3b42473bbfae4f9066b9cf844db 133338 libgd3_2.2.2-29-g3c2b605-1_amd64.deb Files: a9ee064f12c19bde0a1795473794c6de 2410 graphics optional libgd2_2.2.2-29-g3c2b605-1.dsc d2db003478d451b45886d9fa784aba62 1831552 graphics optional libgd2_2.2.2-29-g3c2b605.orig.tar.xz db9b25e23bff75d6f6065f0d5483183a 22728 graphics optional libgd2_2.2.2-29-g3c2b605-1.debian.tar.xz 7275cc4972c01be8b2d67afa1c6c3664 301204 debug extra libgd-dbg_2.2.2-29-g3c2b605-1_amd64.deb 040a58abc161a54396b3c3ef3895d790 272240 libdevel optional libgd-dev_2.2.2-29-g3c2b605-1_amd64.deb 6b3b0d297458a536040e4e42dd324ef8 37730 graphics optional libgd-tools_2.2.2-29-g3c2b605-1_amd64.deb 051ae20be3e6012d5659afc769144400 133338 libs optional libgd3_2.2.2-29-g3c2b605-1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJXh1S6XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzMEI5MzNEODBGQ0UzRDk4MUEyRDM4RkIw Qzk5QjcwRUY0RkNCQjA3AAoJEAyZtw70/LsH84EQAKDWSF7edJ9LTBGf3MdRcHN+ /P8CdzScEzCrZ8o0euA+tAa3V8XjBbcsfLmKYjoLbAd31Jf2fDFGQS+dVnJHTdM6 oOlpNF53HVGjy7bvbUQFj52fFTQpH9RvdkycNiSZmexxw9mrFxh0x+uAuGEoEK2i /u3LG6mhmnYYYZaPmaOcO0nXojpduBu82ovMOdk4oL9NqXS9vfWoiWevla45KjZC b4GMI9YAgVbhd8nhUh8LGrPHX2uGRtTKz6rILeF79p6/mTTIW00cHK54iIoQxxm1 ZYi7VoJYwINOq0tKY+AqoJL5iTJqGzRiYGXr1srUGbRzm0ZDbgcgKInStEgWzhSk 31Eg2m83ZTauleL2yfv+h/g8yeLS0CiwIx1EaIT0DtNr7SKjW2BCb34m0r3hdt1e xOP69ljgHAzVbai6jwFJkUpBLZe28xm4Me/MyMo3ao5zr2CwiU6Wjozu3w3hLLrS Jbh5aquK5nH7qc9mWd8V4ve+RNkIdsuohwmdaKK3dFSqFdfxN+6grv+QmL2NB/k0 iq7uzaAdiVO3kGnZDQ+1aTidT3I4GABC8bgdWo09NSQZDsDbFLwrCb07d9yC5GBN MFGgcTksGrI3XepjVIeH6jlz3bGb3QkZZOCOkTravVyDWmzhaa/qOGrf76fw1COa gX6xmgnAKx2tRMmjZ4l6 =hUh9 -----END PGP SIGNATURE-----
