-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 18 Oct 2016 15:17:15 +0200 Source: libxrender Binary: libxrender1 libxrender1-udeb libxrender1-dbg libxrender-dev Architecture: source amd64 Version: 1:0.9.7-1+deb7u3 Distribution: wheezy-security Urgency: high Maintainer: Debian X Strike Force <debian-x@lists.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: libxrender-dev - X Rendering Extension client library (development files) libxrender1 - X Rendering Extension client library libxrender1-dbg - X Rendering Extension client library (unstripped) libxrender1-udeb - X Rendering Extension client library (udeb) Changes: libxrender (1:0.9.7-1+deb7u3) wheezy-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2016-7949 and CVE-2016-7950. Tobias Stoeckmann from the OpenBSD project has discovered a number of issues in the way various X client libraries handle the responses they receive from servers. Insufficient validation of data from the X server could cause out of boundary memory writes in the libXrender library potentially allowing the user to escalate their privileges. Checksums-Sha1: 1763ac6f4340415faa47cb8870d638369c14870c 2295 libxrender_0.9.7-1+deb7u3.dsc a52523ae5fe92bdfd3712d8c2858200737a0fbee 21235 libxrender_0.9.7-1+deb7u3.diff.gz ea64bebffbeb64f50518c11e004d4a4f3775281c 33466 libxrender1_0.9.7-1+deb7u3_amd64.deb 88fda2fbbf5aca1dd27ce5a4132f2e5f60a05897 15030 libxrender1-udeb_0.9.7-1+deb7u3_amd64.udeb 40b2df049c6dbbba898b59e9913c84a071a3977f 137806 libxrender1-dbg_0.9.7-1+deb7u3_amd64.deb f28bb4b8007d9e3a84e203e7e2c4d7a9afb81a43 42140 libxrender-dev_0.9.7-1+deb7u3_amd64.deb Checksums-Sha256: ebd70ff531bd0c38a99265638fe0121f33f4f3d3d822643269352b5bbf88beee 2295 libxrender_0.9.7-1+deb7u3.dsc 35bc64e73c2024639ad25a0f1cc41ad2d80af7be1219eec059a2809c4ad767c2 21235 libxrender_0.9.7-1+deb7u3.diff.gz e863feeb034a437462cb3dea0f122fb5e94f4e049c5911161c76bd51f8683aed 33466 libxrender1_0.9.7-1+deb7u3_amd64.deb c8394afd01bdc4d9e9000f6e44556c8a562144eb13b9981eb53a100ff3dadfb8 15030 libxrender1-udeb_0.9.7-1+deb7u3_amd64.udeb 00bb6b060abd0bada423f787153e35d0181d0c626e213e2cce621352f04f8c66 137806 libxrender1-dbg_0.9.7-1+deb7u3_amd64.deb 56c7a04e50e6b24a8a1283010277d79f30d6e0eae3b4a0a948a96d83c717394b 42140 libxrender-dev_0.9.7-1+deb7u3_amd64.deb Files: c6e02770f3f806eeb6ca1082e1451b70 2295 x11 optional libxrender_0.9.7-1+deb7u3.dsc 6eadb84cfad7945334abb4803a00cd66 21235 x11 optional libxrender_0.9.7-1+deb7u3.diff.gz eea0174ee6fb9a653d30b45bc5d644b4 33466 libs optional libxrender1_0.9.7-1+deb7u3_amd64.deb 37e225676138343e7b8b4cee1e375d0c 15030 debian-installer optional libxrender1-udeb_0.9.7-1+deb7u3_amd64.udeb d50ee4eee9bd2e0476d37140f9289738 137806 debug extra libxrender1-dbg_0.9.7-1+deb7u3_amd64.deb e486fc54e665a9d806267a195a7a6e0e 42140 libdevel optional libxrender-dev_0.9.7-1+deb7u3_amd64.deb Package-Type: udeb -----BEGIN PGP SIGNATURE----- iQKMBAEBCgB2BQJYBiWtXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE OUFEMTRCOTUxM0I1MUU0DxxhcG9AZGViaWFuLm9yZwAKCRDZrRS5UTtR5BlGEACi AeSyJkSYegRRtjaCTgITkev2VO4+gnDYKWl0nXNdaLXFg+uH7chRdZNCqWEL0ILm Kdzgorg6SNlqJZgN7hx2Qbfl4fo3MDjYF6dxGVyFdx6wA8eKQqcTy8j+yYWz+Fym jjKoAs3bh51z1kUpOKCyU/ju632ZrDKs+sfJmOkVcjjUbbJdx7aV+W1v2f9LY4us AOQhJ07HVR3Zl+O+RN9/VcswCWNVcjaz+vCqWAmEYK+d4EXvFGwrdoHEuLW3h5vm jCcA//QiUH2LNg/f2e+tbPitiiISUBQN4lAXCRSsQz2M7bVXLfpj2/dN3OaNDMNR c7v/3MCuKFFI86/Xv0YiX0mBoq/m47TX7sPkC8PLDzJWifpp3IEew1KxDibFU0aB CtKiyz/JfovDm6vmxPDw3AQ44l1ERiasDjA4OMCSlSLWNh84JlaznP/h3txqwyP8 zXtKdf3uDIavEoR5Jq2IQ6uJxw1AjBKvTQnhR2yXAbNHNgwaz53dg7JjAstIbzDd LfuISS7WABkeapSlL8BuSsNROEZS1yuZWdFZ5E2PybK407sE+kFFgYR0S2DU/Ygt eibBQtkM9vNghh+1DFQ+xv5oG08ANrlidVelIUFyGWjvkPZpP0zdiWeQe1F1c5qs pL6Z+ZY5gNrFJ6k7qPLZmfCL7j91MJLcriJyTepraA== =1WGG -----END PGP SIGNATURE-----
