-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 12 Aug 2017 13:21:35 +0200 Source: libraw Binary: libraw10 libraw-bin libraw-dev libraw-doc Architecture: source amd64 all Version: 0.16.0-9+deb8u3 Distribution: jessie-security Urgency: high Maintainer: Debian Shotwell Maintainers <pkg-shotwell-maint@lists.alioth.debian.org> Changed-By: Matteo F. Vescovi <mfv@debian.org> Description: libraw-bin - raw image decoder library (tools) libraw-dev - raw image decoder library (development files) libraw-doc - raw image decoder library (documentation) libraw10 - raw image decoder library Changes: libraw (0.16.0-9+deb8u3) jessie-security; urgency=high . * debian/patches/: patchset updated - 0003-Fix_CVE-2017-6886.patch added | CVE-2017-6886, CVE-2017-6887: | Fix various buffer overflows that can be exploited | via crafted input files. Thanks to Emilio Pozuelo Monfort (pochu) for the patch. Checksums-Sha1: 14cead4473579defa07fa1c72e47574b14abdf05 2368 libraw_0.16.0-9+deb8u3.dsc 492239aa209b1ddd1f030da4fc2978498c32a29b 1472935 libraw_0.16.0.orig.tar.gz 84853e3d959834a7e997732bd1aa8d371fc5a91f 28364 libraw_0.16.0-9+deb8u3.debian.tar.xz 3a6e4e4fc9bab6d07bad1abe425ef2658a347f0e 218412 libraw10_0.16.0-9+deb8u3_amd64.deb 8d0f1bd6f659f5c0af3ee18d32876e4f781f444f 63114 libraw-bin_0.16.0-9+deb8u3_amd64.deb fdb66a810e78ad8602e4bab9c0a6b29e2404076d 222116 libraw-dev_0.16.0-9+deb8u3_amd64.deb 960893cc77bc4e3fe673423d666fcf335db82771 109584 libraw-doc_0.16.0-9+deb8u3_all.deb Checksums-Sha256: 0f55bbeddb07c36a37fb6a4f248191f51f2425bd393200fbcc59546eef0a28de 2368 libraw_0.16.0-9+deb8u3.dsc 71f43871ec2535345c5c9b748f07813e49915170f9510b721a2be6478426cf96 1472935 libraw_0.16.0.orig.tar.gz 8f5b19a1cfd2cdbdcb96808f834408bb3b46d688c101476cf0fd169b2bcf1cc3 28364 libraw_0.16.0-9+deb8u3.debian.tar.xz 85aad5749a77279be058d38235317d2895c16d4310a3559536737aca292c0a31 218412 libraw10_0.16.0-9+deb8u3_amd64.deb 12ef800b0cb3cccca5f7261e3bd5e03ff49d12d894dd9ba4b61f93cae7dab2ff 63114 libraw-bin_0.16.0-9+deb8u3_amd64.deb 9734e78cd42495bb382d65ca134ebee10c108c88b1bf6cef007a9f6e87910117 222116 libraw-dev_0.16.0-9+deb8u3_amd64.deb 5de8ef0f308477498457f1f218ee05185f84b79ff820523dfa10c8b894bf6c5c 109584 libraw-doc_0.16.0-9+deb8u3_all.deb Files: ee7c6ba65f23316739fa35c00ef851e4 2368 libs optional libraw_0.16.0-9+deb8u3.dsc 21f569be043057b754d87e3062e2345a 1472935 libs optional libraw_0.16.0.orig.tar.gz 90317c73b4a761a2c5a3e553c4fcbfbd 28364 libs optional libraw_0.16.0-9+deb8u3.debian.tar.xz d6bcd5a197dfaa5cdc483157a4dff2e3 218412 libs optional libraw10_0.16.0-9+deb8u3_amd64.deb 8d8fbe7157c1b8b675c4d2dd8b2d3ddd 63114 graphics optional libraw-bin_0.16.0-9+deb8u3_amd64.deb 6194b6bf31aa1094bf4138d83392b490 222116 libdevel optional libraw-dev_0.16.0-9+deb8u3_amd64.deb 7f01d8fd5a761f2c71a8f1ac828e0cf0 109584 doc optional libraw-doc_0.16.0-9+deb8u3_all.deb -----BEGIN PGP SIGNATURE----- Comment: Debian powered! iQKTBAEBCgB9FiEE890J+NqH0d9QRsmbBhL0lE7NzVoFAlmPbRxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEYz REQwOUY4REE4N0QxREY1MDQ2Qzk5QjA2MTJGNDk0NEVDRENENUEACgkQBhL0lE7N zVoiFw/5AY0UX/m8OL3NWdZmxMlfl0nG2T7tkehajU4x7z3aB5AqbE6bE4/XIdBZ tpK/1MIP2hPxW8fpk9xJLs20lLB+ulKl73FXCvalELLOH1v+oNMfYsM7noZeSlVg beFUW7aYhzOg/EjgypA5vADHjVXrSuqwVXf/tOMv4vbiyfXDE/Ua4AdaKniopie8 Gt63WZ0vYTylJ1PCJty8GR4k5tICh9/5CCEZRNmf/f2YzWY6uXzsjZyUbQIm2GG2 R6FLw0z8Kvz+VC6vuQHo0tCyMflIw/nSAFj/Ogpn+cQoHtYWKENaMeFStvZKuMeq 4tKP6irbzXuQ97vUdsSyNUQnqxOCcTPrkmDiclQkBhRkUT7LIANjIS/GHKhjQloU Q47gqzBe+2kANhf16TOXANhOMLpgrI9XpzJlDhdXK+NQbfHt6Igu/4oKzc9DoJeW wuanZEngiBDBnE/3QxtbuvCSy8T41vBMRVzIOKSYm3SjjFSpwwvKMQpYRIzA51vl /pjrNeVR0a2GlNYYizCE5jIo3SoZRnlWNDAUcSnas1IVCQYtDyc0SbCY/3Lp6Wd/ JBAA9w408qpUvBTNrYvN/cC9uLDYYqczwZ7H+QhRQmiACJlNMkSOu3/HyqJIOLDX 5OavgmXJSqcRUhBC3ikRBFTkacdTK1yevtOi8jPE7SdnSwKohDY= =6l1l -----END PGP SIGNATURE-----