-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 23 Feb 2018 11:03:17 +0100 Source: freexl Binary: libfreexl-dev libfreexl1 libfreexl1-dbg Architecture: source amd64 Version: 1.0.0g-1+deb8u5 Distribution: jessie-security Urgency: high Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org> Changed-By: Bas Couwenberg <sebastic@debian.org> Description: libfreexl-dev - library for direct reading of Microsoft Excel spreadsheets - deve libfreexl1 - library for direct reading of Microsoft Excel spreadsheets libfreexl1-dbg - library for direct reading of Microsoft Excel spreadsheets - debu Changes: freexl (1.0.0g-1+deb8u5) jessie-security; urgency=high . * Add upstream patch to fix various heap-buffer-overflows. - heap-buffer-overflow in freexl::destroy_cell of FreeXL 1.0.4 https://bugzilla.redhat.com/show_bug.cgi?id=1547879 - heap-buffer-overflow in freexl.c:1805 parse_SST parse_SST https://bugzilla.redhat.com/show_bug.cgi?id=1547883 - heap-buffer-overflow in freexl.c:1866 parse_SST of FreeXL 1.0.4 https://bugzilla.redhat.com/show_bug.cgi?id=1547885 - heap-buffer-overflow in freexl.c:383 parse_unicode_string of FreeXL 1.0.4 https://bugzilla.redhat.com/show_bug.cgi?id=1547889 - heap-buffer-overflow in freexl.c:3912 read_mini_biff_next_record of FreeXL 1.0.4 https://bugzilla.redhat.com/show_bug.cgi?id=1547892 Checksums-Sha1: 60bdec0f93f44d0e3685c4f654186ec370ad9e95 2131 freexl_1.0.0g-1+deb8u5.dsc 2a5b1d3ebbaf217c7bda15b5b3f1e0222c6c1502 928371 freexl_1.0.0g.orig.tar.gz 0814b487dd42a6e9c2c2c84f028d642eee883897 15040 freexl_1.0.0g-1+deb8u5.debian.tar.xz a1bd3cb5ce8ffbac4883191fa48e8271bb249e45 31426 libfreexl-dev_1.0.0g-1+deb8u5_amd64.deb f0a9995ff891d9a8fa6e854a6ed1b5aee8c0f178 26962 libfreexl1_1.0.0g-1+deb8u5_amd64.deb cf2919d5e0da19e57582e2056421cd5fcad00ab1 54958 libfreexl1-dbg_1.0.0g-1+deb8u5_amd64.deb Checksums-Sha256: c19ab1b98b7dc2f3a637c476ad823f84df727c763bcd9e608239d56b9955b26c 2131 freexl_1.0.0g-1+deb8u5.dsc cf2b110f5fc7089fa61c7421f59caa4125b13087b4686ed82dba7abedf2ec266 928371 freexl_1.0.0g.orig.tar.gz 132f0eb77d46bb4383c10e28a49b7a7db35351d75608c940b2485d0eec976276 15040 freexl_1.0.0g-1+deb8u5.debian.tar.xz 4ae3933f8674b3bb0a740f701a3467731483fca07e89f36b9453f576dcb1e8ec 31426 libfreexl-dev_1.0.0g-1+deb8u5_amd64.deb 14c4280f1f5a179ccaa8a4e6b82b5dd76f12de49396fb11f6390c1c9c583b5aa 26962 libfreexl1_1.0.0g-1+deb8u5_amd64.deb edef7e6a39558f2d319633fa3f0eae31cfebb39457264457567a800b7700d812 54958 libfreexl1-dbg_1.0.0g-1+deb8u5_amd64.deb Files: 10d9568d403b1a999874f99f9e7b6a16 2131 libs optional freexl_1.0.0g-1+deb8u5.dsc 55e288206290079ed7c5db76e2101032 928371 libs optional freexl_1.0.0g.orig.tar.gz ef0b81ad5fc0aecc0ba3785ac42d440b 15040 libs optional freexl_1.0.0g-1+deb8u5.debian.tar.xz ade6b352a7d62690070ad4cccef90bf3 31426 libdevel optional libfreexl-dev_1.0.0g-1+deb8u5_amd64.deb 9bdd936b94baa06e4edfc94bab2b476d 26962 libs optional libfreexl1_1.0.0g-1+deb8u5_amd64.deb d4a1b82bd21c8b54eb887c9a5a8b297b 54958 debug extra libfreexl1-dbg_1.0.0g-1+deb8u5_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEgYLeQXBWQI1hRlDRZ1DxCuiNSvEFAlqWSZQACgkQZ1DxCuiN SvGmBw/+M/1AG9e143kpCMvypfNs0cLeeFUF7MCpc8DCJMdW20poINg8JlQL4rS+ 9/jll4+aI7blTfuAePPKpWGdSPpUca+DFK8HGhmJacMSIuhd97b3F/uTujmKjqcA Ql4m8SYZyRFJXmLrRXb3V5FB5xYelGhi+8RVhFLSLzXsF4K4TuVgxj0nLDx4aqMW wMp6stlJrTW9WYne9Dot3N+PZUHsHaQdAygC6X6aepPHPMa7/m7V10K7O2kgAkZt 0IzqmwODlifZWXmFw0nkP3hE51/jjZhgLd7nYnRnjugn8tqdhTK9XezdkUKHB7XU 98ll/OGyei/R43dG00dR7x6pUsDQ0hR8VZywvZNukkpCdeaZPL68JwVtLn6wIZPC SMSlz6rzGsVOuMAX85MoZcAwqTCc1A4j/Gq1HRqqNmrhezExFlidlR2fQZXi0L6x +WXgKipctlUTYoeTZH2BZ2u6+CEUjd0W+K+KJ+69AY/RWqXs2wFAVN9J9wdlFlVd 4ZUeWZ+uR+QHcGFwztjWEulXX63ZMBsSm1Q1FMkWkA1mNoabkjkRXTMmqKeTwj8V aF6t5/454oqRnlOqxMaeC1x35J1vq96+MMX1r2Vws7Tk59Qr04e6cxNHBQ+fevL2 Aoo0DkYQjmY3TbkDtzOkjeOv1B6zH1DW2kOs09BFtn4bSmJsbWE= =Rtks -----END PGP SIGNATURE-----