Debian Package Tracker

From: Markus Koschany <apo@debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted gnulib 20140202+stable-2+deb8u1 (source all amd64) into oldstable
Date: Wed, 10 Oct 2018 21:20:21 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 10 Oct 2018 21:44:14 +0200
Source: gnulib
Binary: gnulib git-merge-changelog
Architecture: source all amd64
Version: 20140202+stable-2+deb8u1
Distribution: jessie-security
Urgency: medium
Maintainer: Ian Beckwith <ianb@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 git-merge-changelog - git merge driver for GNU ChangeLog files
 gnulib     - GNU Portability Library
Changes:
 gnulib (20140202+stable-2+deb8u1) jessie-security; urgency=medium
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2018-17942:
     Ben Pfaff disvovered that the convert_to_decimal function in the GNU
     Portability Library contains a heap-based buffer overflow because memory is
     not allocated for a trailing '\0' character during %f processing.
Checksums-Sha1:
 740912607fb276712b245a27be0e39d540997aed 2188 gnulib_20140202+stable-2+deb8u1.dsc
 d25ef06212fa2099591ff9dc5aeb8543e805a99f 5297856 gnulib_20140202+stable.orig.tar.gz
 ed9a0f6f3950d7a00afb3ebda0803e302db6f6df 290244 gnulib_20140202+stable-2+deb8u1.debian.tar.xz
 b47ea63217d7d2740e57854c481e58154c6bc010 4555456 gnulib_20140202+stable-2+deb8u1_all.deb
 10c0a4224df6529734f8d646ec1823b05436fad7 951960 git-merge-changelog_20140202+stable-2+deb8u1_amd64.deb
Checksums-Sha256:
 74e24bb048f873a7a679808c5bd21e949aeccb9348683b75deac2bb1e14c8326 2188 gnulib_20140202+stable-2+deb8u1.dsc
 9f028f48e60f066bf511a969c519da705eeefb20d54a80dce88afd0935a845e1 5297856 gnulib_20140202+stable.orig.tar.gz
 7fcd2e9aa2a37024ca1033570206a127a9dc706f3dc927857fd963b3406a9747 290244 gnulib_20140202+stable-2+deb8u1.debian.tar.xz
 d104bd2d5c781c738ad62c1abb66d5abcc98df5395a6449dd2928d4c59098ad1 4555456 gnulib_20140202+stable-2+deb8u1_all.deb
 9ab81d9d8ed32dece2a66f3c56b57a4af7168a0f0a4b9be2fa9b5420cee4fb9b 951960 git-merge-changelog_20140202+stable-2+deb8u1_amd64.deb
Files:
 f61fbe5e81a5655ed737ff47476e2ffc 2188 devel optional gnulib_20140202+stable-2+deb8u1.dsc
 5fc03f07046c2349449db963602b9522 5297856 devel optional gnulib_20140202+stable.orig.tar.gz
 51bb5e7e3e69ce016ca5a8a3c4277ff6 290244 devel optional gnulib_20140202+stable-2+deb8u1.debian.tar.xz
 996c6832e6dc1d1907b94e581e5ca00a 4555456 devel optional gnulib_20140202+stable-2+deb8u1_all.deb
 f3f2e1452ec967d09a7a439536fd7691 951960 devel optional git-merge-changelog_20140202+stable-2+deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlu+al1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkeIYP/1n0iyMfihcjxDDhSfApZRCTB6OVUQ4sb/b6
jle32UTl5AFgzvighpY9qpMsbvX5jfsqxKX2cpAK46LZEKIVcolmEj6fXYgIe9Yq
Zla0Ijyxl7nMHQgPYojErgk5AcWgE8QyYdN5ovHjKNX2pVkNUmYMR5bGqWgfgMp+
XhWM2ZBBE6ftcQdSyIeiqnOSRbDmTUsavmtETvVelVQuaRrWYgnhlSb8Tla/KV8/
9AWd5Wy4ek4f1lIqZnw+kWpgrA16pdVsqgIuldrNoNyK9DIFmNp5RcISem334okO
87XhGHSheu8HrLUM0BWdMfIuWJoIXAg+s0bgiJ0IAmNrsQpPUx+qDtLXSU4JoTMf
dwiztDsSnByazK82doIM7XqLaz9vC4ZCqjcH3DE+/kTJfuF9CnZgelAssZk2mQln
1SKRgw+IPpFO6tiFPG8QHfEKhQBZMqPGtc4xQzv8EnCph2Xe6o4gf3zWlXIeX7bg
AVVg8tj+iPnJIrcHPg/celNicmXNPBv5DWfprq1S6eFZITobrsNoGOAn4Y5E6CvR
fs83j/IagaJx7Yw4bNqeBBI1IduRE0Avo1LgY/JWWd2QImu1KuRC9zAvIhLRek3a
GaKwJO+dsgGUJz6bcA1Q8QmqU4tQg9J2kviUcxvoPIfJAQEwsaf2EXoEvW61E+e6
h+dBk0ee
=TIxa
-----END PGP SIGNATURE-----
News for package gnulib
