Debian Package Tracker

From: Salvatore Bonaccorso <carnil@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted jbig2dec 0.13-4~deb8u2 (source) into proposed-updates->stable-new, proposed-updates
Date: Sat, 27 May 2017 12:32:38 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 16 May 2017 22:35:00 +0200
Source: jbig2dec
Binary: libjbig2dec0-dev libjbig2dec0 jbig2dec
Architecture: source
Version: 0.13-4~deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian Printing Team <debian-printing@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 860460 860787 860788
Description: 
 jbig2dec   - JBIG2 decoder library - tools
 libjbig2dec0 - JBIG2 decoder library - shared libraries
 libjbig2dec0-dev - JBIG2 decoder library - development files
Changes:
 jbig2dec (0.13-4~deb8u2) jessie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Prevent integer overflow vulnerability (CVE-2017-7885) (Closes: #860460)
   * Prevent SEGV due to integer overflow (CVE-2017-7975) (Closes: #860788)
   * Bounds check before reading from image source data (CVE-2017-7976)
     (Closes: #860787)
Checksums-Sha1: 
 a50833266dc9fe415549d27f0243425c0cd06b2d 2297 jbig2dec_0.13-4~deb8u2.dsc
 fe48a2632bfef531b771b3469ddd4e4bd640dc69 25752 jbig2dec_0.13-4~deb8u2.debian.tar.xz
Checksums-Sha256: 
 7d7c3038f5989460cf31f8463dca25dc58b9754640032ff8dc0eac70737075a0 2297 jbig2dec_0.13-4~deb8u2.dsc
 aa43ed412a7516d219385eac5e19569a2f5f996a76d641752b10c2baa971a576 25752 jbig2dec_0.13-4~deb8u2.debian.tar.xz
Files: 
 8c7092a134bafc8a231481bc5bca211c 2297 libs optional jbig2dec_0.13-4~deb8u2.dsc
 634ce3c77a142ce53c18be1efada8df8 25752 libs optional jbig2dec_0.13-4~deb8u2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlkb2ZpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EpcYP/jhs5xfSYa6rI6uCpvXCJekOK0JSSJGK
fRVcvbhwDJBOc8ODBzBc8uqV4mxI+bORo+Fthmdukke0VGsTVyRqjL+rbXAJg7Qg
+248H1H3guGAcXwNB44pV6oU94a0q5+1x81gVZ84XY1khUF4vQ//S1mxI8IanXW5
mUrUhpahJAFAYFubT4yh4PRnhgwEILoAuTetlyWyRyUjhcxRJO0D/k3rTjlErQrk
GGbMDbeKvoJfrG9AuYmjfDmK4a51LnRV2FgWBqB157H48EfmsZDh8GkpPCe+Vtnr
mlB07pBJjLNRVs6IIlEaK0ldfaNiWHFZOCxwLeJoc9sq8Za1OAOMftkLF4jYJNDA
/DuAUnNDyxNCvraDzrMqEzEt9jD/EszHwfYE+mks88Hxxbv5PX1iuPy2vaEGaBZn
+7r/KBMaeoTE3Nggm20XI0Sv7LXmdeDujmMOk/N0+OLkF2yJ1FzkYA6H5kj6P/pB
5dBTOWP199NHF7dCLD57GD5d1iuHCy2VkLoPL2caLrw0cF031SgOq3v30ToDnt9Y
QbmHtmXYeEcgIpLIlAJE9gK/7tjWKWMTDdROJpLBG5ljA5UzNOmJmO9qyKUqKsfK
1DVfVXnm1O9WxvyqMeOP4Vg4pn5DCMFrKVGhntw9NqfY0KTy7GTemK/Z3YPk3NlY
NQX7hETmQN+9
=GyeA
-----END PGP SIGNATURE-----

News for package jbig2dec