-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 12 Jan 2018 21:33:46 +0100 Source: imlib2 Binary: libimlib2 libimlib2-dev Architecture: source Version: 1.4.10-1 Distribution: unstable Urgency: medium Maintainer: Markus Koschany <apo@debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: libimlib2 - image loading, rendering, saving library libimlib2-dev - image loading, rendering, saving library (development files) Closes: 868174 868177 868310 Changes: imlib2 (1.4.10-1) unstable; urgency=medium . * New upstream version 1.4.10. - Drop 02_fix-gif-with-no-cmap.patch. Fixed upstream. - Drop 03_CVE-2011-5326.patch. Fixed upstream. - Drop 04_CVE-2016-3993.patch. Fixed upstream. - Drop 05_CVE-2016-3994.patch. Fixed upstream. - Drop 06_CVE-2016-4024.patch. Fixed upstream. - Fixes invalid free in ARGB loader. Also add bug-868177-invalid-free.patch. Thanks to Jakub Wilk for the report. (Closes: #868177) - Fixes XPM loader: out-of-bounds read and PNM loader: heap-based buffer overflow. Thanks to Jakub Wilk for the report. (Closes: #868310, #868174) * Update debian/copyright and use copyright format 1.0. * Add get-orig-source target. * Repack the tarball and exclude the data directory because it contains fonts with unknown origin. * Declare compliance with Debian Policy 4.1.3. Checksums-Sha1: 0964342ce7af1db2a6c4465f6dd3e7682a06c74f 2218 imlib2_1.4.10-1.dsc 48883dfdc7cc0a2866e158c1e26ebadc4662ded5 448676 imlib2_1.4.10.orig.tar.xz 50d02eb326a6c4f9f959f032cb3153a683c068de 10504 imlib2_1.4.10-1.debian.tar.xz 1e0c01d734a53436772f3c9a34493fec80e0ee8c 7105 imlib2_1.4.10-1_amd64.buildinfo Checksums-Sha256: cbfa4f1a9fc8d428bc60eaf878de30c7b1fb9ad387570140ca9f8444f71b49a0 2218 imlib2_1.4.10-1.dsc c4c3e4fd9ea117b8564a6bd19c74948724739826e0785fbe16bfedce7153e0eb 448676 imlib2_1.4.10.orig.tar.xz 169d3a0421b2674524204b2a528a41d0da41650763c7e3a386675226df9b5ec8 10504 imlib2_1.4.10-1.debian.tar.xz c72c893b722d1e2f18bb0e558cfcb8e9ed5f0197bbedaeaf8377ab53394f9210 7105 imlib2_1.4.10-1_amd64.buildinfo Files: 0ef3938b1e5478b3aab1b6dc83db1658 2218 libs optional imlib2_1.4.10-1.dsc e43ad51634e6170d08771fd66e59e199 448676 libs optional imlib2_1.4.10.orig.tar.xz 7ab42bf4a40cf4943d7f7b288a834713 10504 libs optional imlib2_1.4.10-1.debian.tar.xz 3530fe1d852496aa4a9c9edec05ba5a4 7105 libs optional imlib2_1.4.10-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlpZHexfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkHw8P/1yDrR2uetT0t5/fNYCpfLkb/yRpaRYbot1a n6JB3tMRIuuxVME0u+05rrRww7mK1SrYIKJoHKKO6PKmgnkx9O+NT2lrbC0MX3YC hocxRdyhnRU8Yfy5MN88cAhu7I1iDPe+ZEykfaBWK64ZVlJhBWQTJk79aSn9BFsO CM6U3xOQDHh3hVdJL5WyPgeg0zrKTsgu/ffMZeq3UPycLse9mhTz73mJh3t3Pz0l fFzakJMnXcjYfGvzliaCnOSfipFDbYmx/eElAuCL13onuG4hDvH51xaZqMsOqKD8 wissPcRsH1swk18YDmsIMK/2f7dtfEjHxohUU/4R5zSvG4c586eWBsHWahZwEBJD mPwOHZa6BZ8Xye8H0tb3Jujs/NeVIW07kYn0Qt3MjNFm1nLQh6TqPGnCtBA9WPZ+ 5oxz9UbfHjZzF0iGuFNPSTOqvvty1ZF4bHmIxvbzZIDphhcvKjywVdq7F5sK23xc PcIp+nJYo2SaNGJnt8m2XeF8IC+uVc7EVRlgwTaGGpdNI4gZDZ5t6i0L5aWhDam8 srnFY+TB5q9PlR9/+RdS2bHAFumJ9cW6zKCwO4uq56lDQdIASO6ZRKj1wWfeXyzO h9timFUWOjVXZKfrrqtTxEXI31jlsr0s9hkB+pokrmXt/+FkF0/zICd9YAtqNaxs P0LBHkCL =zbKZ -----END PGP SIGNATURE-----
