Debian Package Tracker

From: Markus Koschany <apo@debian.org>
To:
Subject: Accepted discount 2.2.2-1+deb9u1 (source amd64) into stable->embargoed, stable
Date: Fri, 14 Sep 2018 20:16:47 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 13 Sep 2018 22:43:24 +0200
Source: discount
Binary: discount libmarkdown2 libmarkdown2-dev
Architecture: source amd64
Version: 2.2.2-1+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Alessandro Ghedini <ghedo@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 discount   - implementation of the Markdown markup language in C
 libmarkdown2 - implementation of the Markdown markup language in C (library)
 libmarkdown2-dev - implementation of the Markdown markup language in C (dev files)
Changes:
 discount (2.2.2-1+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2018-11468, CVE-2018-11503, CVE-2018-11504 and CVE-2018-12495.
     Several heap-based buffer over-reads were found in discount that allowed
     remote attackers to cause a denial-of-service via specially crafted files.
Checksums-Sha1:
 e2fb0ed4cdb2b1c214c05f281fa0b3f17caa310c 2169 discount_2.2.2-1+deb9u1.dsc
 a9a8dbb0e06f7fe09f534a76f5a0a9a32d0d5499 111571 discount_2.2.2.orig.tar.gz
 517eaa3c9fc904d42fcbd453e193164584b8c3ea 5772 discount_2.2.2-1+deb9u1.debian.tar.xz
 580b42ba1e41b3ba9c103d1e7b57896e2494e4ec 32172 discount-dbgsym_2.2.2-1+deb9u1_amd64.deb
 e864c15d055d035b63564c64b1ec063423296c30 7079 discount_2.2.2-1+deb9u1_amd64.buildinfo
 8cac6daf26af393b4b5f04534ce8ccc11c9f5a32 22770 discount_2.2.2-1+deb9u1_amd64.deb
 bfd8c74a7166d92609bb4ad885dd258388314a08 75832 libmarkdown2-dbgsym_2.2.2-1+deb9u1_amd64.deb
 4bf5788468685a7354a6b45223b0fce90b0feef2 22566 libmarkdown2-dev_2.2.2-1+deb9u1_amd64.deb
 ee6bff77e7beb0ebdb429ba7f5397ffcfb5f9f18 35524 libmarkdown2_2.2.2-1+deb9u1_amd64.deb
Checksums-Sha256:
 cad7e9ee7f69c9f32b779b1271f14fa66c10bf7877a2464aea8ee00c0ff9c1c4 2169 discount_2.2.2-1+deb9u1.dsc
 94dabda30832b027e49eb26b4a0f36ae3a73247fc9bd066d7f83af8e50e29734 111571 discount_2.2.2.orig.tar.gz
 1beb1bf00d09a34063d8e3e98901985818926b251ed0146a7ee77318bfc2820c 5772 discount_2.2.2-1+deb9u1.debian.tar.xz
 74336a14e06bcdd04c55973a3917cb72766cca04e1572d4e6f70e58fd284bd2a 32172 discount-dbgsym_2.2.2-1+deb9u1_amd64.deb
 03263579b54ffce61e705db396a4655aadd431458424a8f46b380f90f974dc30 7079 discount_2.2.2-1+deb9u1_amd64.buildinfo
 059224e31cfc8f935252badae3fe7f74f334fdc0f66374220584f31dd543fd4d 22770 discount_2.2.2-1+deb9u1_amd64.deb
 a0ae8d6ef4d1bb542f29cc3cd0d7a6438c9b8ccf51b1dbd8bd3319a08826d3bb 75832 libmarkdown2-dbgsym_2.2.2-1+deb9u1_amd64.deb
 d94eb4f82f2bc8df2a8ab5eb138ba5445633d08439b22f09178ed79e73e8e836 22566 libmarkdown2-dev_2.2.2-1+deb9u1_amd64.deb
 d1c90f23db0d9fce3ed0a8b9434fc594e36533d43a3589946ddc4172e4f77bf7 35524 libmarkdown2_2.2.2-1+deb9u1_amd64.deb
Files:
 07623194f8c57a134e7912fad8cffee6 2169 text optional discount_2.2.2-1+deb9u1.dsc
 c6556af37f3c9ff189f87fb95b9b5ab8 111571 text optional discount_2.2.2.orig.tar.gz
 e92ca672192e161c8d97fedca4eb6423 5772 text optional discount_2.2.2-1+deb9u1.debian.tar.xz
 f8560df96fabb2d7e60679cafa0338d7 32172 debug extra discount-dbgsym_2.2.2-1+deb9u1_amd64.deb
 298517ee37d7d1930a7777d820feb147 7079 text optional discount_2.2.2-1+deb9u1_amd64.buildinfo
 eaca164b2cc6424601925804b016fb09 22770 text optional discount_2.2.2-1+deb9u1_amd64.deb
 9b068882af72726eeeec7b8d32a75f42 75832 debug extra libmarkdown2-dbgsym_2.2.2-1+deb9u1_amd64.deb
 e671fbe7b7d4548c1fa43c6b8c78ad03 22566 libdevel optional libmarkdown2-dev_2.2.2-1+deb9u1_amd64.deb
 072611f4ee1100cc5d4016e72a7704ba 35524 libs optional libmarkdown2_2.2.2-1+deb9u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAluazb1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkRxoP/j1PGksKIXevnLNlEXQHf5H4f8gN99vWgxOB
a4ofzuMhCE5suZkJlMNiwZzEaArdXyRchrF2MoH+mnjJuDPQ0Xe+Jm1vWaeMk6I9
JhPVLal6BkV4Kgnex9UbkaVwDmaam5DiukJ/I9Aj1ue+F/ESz5y6zyxloFu5QwzO
KPOnl9nFdvfWrxWlG6OESRTdlmwLrY3jaLTV2p69WDKl1RJupifqDwSksM2cmDNi
vEsIbw6q5fVqy4OiFNClHy8EmZiA1/pxXsPDNzWPqCEuMCRY8qCW9dBJz/TyEhFK
Oikt+BgdievAL7vINv9IjwyXL8qPyiNPK3D2CE9waernbZz8mk5C09PcsoULnuCg
SpD+9ma/ihhwc+OQyvC+/Av3v67ziTneY9MEREi9gBtrlPRxOmw1z1t5twVt1mCE
ogZ+NJagnp4U50VNLWQYxtTu73Loc8y/TRIhmS/VY/1aOQX0bG5RfbcuQ1ak6Gh1
VU5kjaoJLm3kZjpeAjeuKQU3A5j/KA/6Wyx/tJMDgfFwvbayzotvwK7CD9KFSoIk
kbJVVe4LC1w+3k8HGr9PgFuxLRwXvYVrgObqx5PQZfyshZzsdP2rK0zhJR5m0AiA
mi5O4jaObh3w64XIPYTJRhu5/r8fBsVSaT+jPWvB8bDxYnDD69AXPLc9NMFktDe0
qeCPlsHm
=Msca
-----END PGP SIGNATURE-----
News for package discount
