-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 28 Jun 2018 18:05:24 +0200 Source: exiv2 Binary: exiv2 libexiv2-14 libexiv2-dev libexiv2-doc Architecture: source Version: 0.25-4 Distribution: unstable Urgency: medium Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org> Changed-By: Maximiliano Curia <maxy@debian.org> Description: exiv2 - EXIF/IPTC/XMP metadata manipulation tool libexiv2-14 - EXIF/IPTC/XMP metadata manipulation library libexiv2-dev - EXIF/IPTC/XMP metadata manipulation library - development files libexiv2-doc - EXIF/IPTC/XMP metadata manipulation library - HTML documentation Closes: 901706 901707 Changes: exiv2 (0.25-4) unstable; urgency=medium . [ Roberto C. Sanchez ] * CVE-2018-10958: denial of service through memory exhaustion and application crash by a crafted PNG image. * CVE-2018-10999: a heap-based buffer over-read via a crafted PNG image. * CVE-2018-10998: denial of service through memory exhaustion and application crash by a crafted image. * CVE-2018-11531: a heap-based buffer overflow and application crash by a crafted image. * CVE-2018-12264: integer overflow leading to out of bounds read by a crafted image. (Closes: #901707) * CVE-2018-12265: integer overflow leading to out of bounds read by a crafted image. (Closes: #901706) . [ Maximiliano Curia ] * Bump debhelper build-dep and compat to 11 * Bump to Standards-Version 4.1.4 * Update Vcs fields * Migrate to automatic dbgsym packages * Drop parallel and autotools_dev from dh call * Update watch file * Release to unstable Checksums-Sha1: 80ee36cc670b30382d795e0e43071ff40daac3a6 2237 exiv2_0.25-4.dsc 5a2a810137b3cc0b921300eda8cd8e5a446267c6 26800 exiv2_0.25-4.debian.tar.xz 3cdf36daa348335c38ddc2752895d8f0584990e0 7783 exiv2_0.25-4_source.buildinfo Checksums-Sha256: 144b9d823f69b93737dee5567d4483e1cb24654bf6f2f48fd0e8cd04bf204fe8 2237 exiv2_0.25-4.dsc 21eb7f23d4e56afbd802c931fbc805ddec488b85be074972d15eaf8b1af0e936 26800 exiv2_0.25-4.debian.tar.xz 0730e3a518b9e50f9eade71b7171efdcc0164a1fd8c3d0748a38f7a85f953d59 7783 exiv2_0.25-4_source.buildinfo Files: 5284f473af5414e346fa8575f1eb8d5e 2237 graphics optional exiv2_0.25-4.dsc efe097b65e2c735a5a283be5254a3e23 26800 graphics optional exiv2_0.25-4.debian.tar.xz 22b2cadfb3a12118e3f7d135b292a902 7783 graphics optional exiv2_0.25-4_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE+JIdOnQEyG4RNSIVxxl2mbKbIyoFAls1B6kACgkQxxl2mbKb Iyot9RAAsyHIJZ0U3LPAEL0eO/oXkQoHOetMjqLf4dVwkHxnJVX9VMrbIU+FkHcC qnqcJoFEzMCQMI1Dz2TMV5LutSQRnro/TErbHuhp5yRbVFJJjAbnh0u/sC/RBf30 wt5stsbMuXK7mA1XZiXMq4uCoRk2bTRtt/f9MoEbjV/P9ase/V9HYhDk+8ympqAu 4orI/C7OP9lA1OHRPB01UsmXb4vze2YYilrRhmNua5aeqdTN9iLeLQuobQg0yNl+ 6iwT1QV3HD5FQfn5GTFOvF4xeTqUZwtQY0dJWPUVvMbqhEs6dHL2x3WaCmdhL3XX MzqtnDSOy1NeXluVswjlPa7YgQtkuWibZ5OwaPP1DPVpoofI32luVqQXlCDlyiFj +BPM4JHTme9ETpKhuUmaQeVRISnUXZf+9Oqpu4gLoG5AMyJ95uEHBCQ2bV1y2ITQ yChvyquBiiPGmLR78zlDoHxgXJ8q0MsLIDVqC45gGG4+O2Z9u8ziu26G0zdeL9hA FnN8Hl3YmykjUx01nGaMdmC5nwqO3DjOzboOP8b4BJfoRHUfBlKXFww8AjRvs7sE UXcvNgilfqeX/l/M4bSvHQE9nBYa4gV78tY4hxBC8RLzWkfXgibB3EbAqhXUFFVM xgOxus8oi3cOVY8hiLqznwkKoU18Lm+6aR0sZ24CrJxhmwagnu0= =28Rh -----END PGP SIGNATURE-----
