-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 05 Mar 2018 18:03:38 +0000 Source: leptonlib Binary: libleptonica-dev liblept3 leptonica-progs Architecture: source armhf Version: 1.69-3.1+deb7u2 Distribution: wheezy-security Urgency: medium Maintainer: Jeff Breidenbach <jab@debian.org> Changed-By: Santiago R.R. <santiagorr@riseup.net> Description: leptonica-progs - sample programs for Leptonica image processing library liblept3 - image processing library libleptonica-dev - image processing library Closes: 890548 891932 Changes: leptonlib (1.69-3.1+deb7u2) wheezy-security; urgency=medium . * Non-maintainer upload by the Debian LTS Team. * Fix CVE-2018-7440: gplotMakeOutput command injection vulnerability (Closes: #891932). * Fix CVE-2018-7186: gplotRead() and ptaReadStream() read strings into stack buffers using fscanf() without a length limit (Closes: #890548) Checksums-Sha1: 984d38d842602a318910e8f7870dd388836b2dfd 1889 leptonlib_1.69-3.1+deb7u2.dsc b2f32dbcd1b768922bc6ce2d7896767f5a2592c6 11574 leptonlib_1.69-3.1+deb7u2.debian.tar.gz 18bdd3050f79c74fb003f0a09491e3d6bb0ac2d2 1066502 libleptonica-dev_1.69-3.1+deb7u2_armhf.deb 55b04f6ed0a4f9e3a47205269c8f17123935e108 648622 liblept3_1.69-3.1+deb7u2_armhf.deb aeb871a5806810f98af259b7a88d0a56df8c683d 176204 leptonica-progs_1.69-3.1+deb7u2_armhf.deb Checksums-Sha256: 1a5c736f28681d913332bdcff13d87029717fcba08fad845a0d3cafb4b362453 1889 leptonlib_1.69-3.1+deb7u2.dsc 2a0dd7be7c6407c6b9674ef90982633d3fc3ffd78e24fdf71a75f7bbde11c24f 11574 leptonlib_1.69-3.1+deb7u2.debian.tar.gz 9a2e840a45a7be6ba924310a9452c642014822f159e3f3942e98919072091771 1066502 libleptonica-dev_1.69-3.1+deb7u2_armhf.deb 873b738de63344dfb85076ccdaf3f26a2619f9eb6a68d3e8d8f1882334fbf03b 648622 liblept3_1.69-3.1+deb7u2_armhf.deb cadc8dbb6fbfbfbb46519dc0fce4b7dc40c44d1da637b2248e01a811fbcc60f6 176204 leptonica-progs_1.69-3.1+deb7u2_armhf.deb Files: 8273df08e573915613ca122f022d6dc3 1889 graphics optional leptonlib_1.69-3.1+deb7u2.dsc d9adedf1de31338c4333118790fc08e0 11574 graphics optional leptonlib_1.69-3.1+deb7u2.debian.tar.gz 278fa52b11184bd7cdcb0277cf360669 1066502 libdevel optional libleptonica-dev_1.69-3.1+deb7u2_armhf.deb 058a10265a2db24febfebe46d881f6ff 648622 libs optional liblept3_1.69-3.1+deb7u2_armhf.deb cf9ec0d9261befdd40487a2952dfc15f 176204 graphics optional leptonica-progs_1.69-3.1+deb7u2_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEwUqnBPVvaa0NAVzHFX/a4RXx4q0FAlqfBccACgkQFX/a4RXx 4q1DNg//e0QM4cfSGc2SwOQAjf1yz4jJEww+uMi+7BS2utZnku+3VHy1FwQPVQ4j yPN2U2GriCaigZnVq6nmjYjY7r6YQjErxuAzKw8BKB1yzRXuXvqgsvIa2dUcaAq1 1D/L+/Y6VJXnGr5pUD9A9V2fFV7Ng1iifwSK5jG3p9nU1UNI83gwNLYxzsssiz7X 4Pwznv4QfVpDcIvIZ6z0tf4SJmo3w4j0326W9qOh1tm1OqnAANSPCItbxL7dJfL1 a/3BntzFMO+QSJ2L/FzS1fLgcUaoFsKg0mz5cvKhjtW52JmMFrG1/46s5IA8F2vL QdVqUDcgJFMQ7hZejJtZJm6BheKdcRTlEoj2bERLYOq7SuVy681thgEHkAj1HIbg XyvmFNi8kZ8EiMyBRK1NZwpN7Kl8HFQP7JepcidcWoRi99fiRGFxfHsmbnBT+aft IimRD2yclpwnWsdsSNa6fIFV+KkP0LYS1Ov6gT14w33IXnyjkpFCTnfVfJyVj9nI HQXM5ug0GEK+NuKn1VWOO9uzVnuJT6FJuoECOQA6DE8sHLKvmXCJ4I+pQ6QHq6c/ 4JKCCBMC/bHLo5ZgjB2Ee7Chs827q7mNlU0uuCDdq4f9F2SJAE0w+2InQL3k42/v wuATBGwVuACIb9IrcQbVeGnDEnh9ZTEzmsXTi1S0FRtY2AK/fBM= =s7FN -----END PGP SIGNATURE-----