Accepted libraw 0.14.6-2+deb7u1 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 28 May 2015 14:15:10 +0200
Source: libraw
Binary: libraw5 libraw-bin libraw-dev libraw-doc
Architecture: source all
Version: 0.14.6-2+deb7u1
Distribution: wheezy
Urgency: high
Maintainer: Debian Shotwell Maintainers <pkg-shotwell-maint@lists.alioth.debian.org>
Changed-By: Matteo F. Vescovi <mfv@debian.org>
Description:
libraw-bin - raw image decoder library (tools)
libraw-dev - raw image decoder library (development files)
libraw-doc - raw image decoder library (documentation)
libraw5 - raw image decoder library
Closes: 786788
Changes:
libraw (0.14.6-2+deb7u1) wheezy; urgency=high
.
* debian/patches/: patchset updated
- 0001-Fix_CVE-2015-3885.patch added (Closes: #786788)
| Integer overflow in the ljpeg_start function
| in dcraw 7.00 and earlier allows remote attackers
| to cause a denial of service (crash) via a
| crafted image, which triggers a buffer overflow,
| related to the len variable.
Checksums-Sha1:
e4e8a18afbaa866534b61b07004e9666d7a0c7c9 2120 libraw_0.14.6-2+deb7u1.dsc
c5cffaa69b4908518ad2db5b3561dddc739b7328 7376 libraw_0.14.6-2+deb7u1.debian.tar.xz
ef45a501deb613983f8099f366236a7d08741655 114478 libraw-doc_0.14.6-2+deb7u1_all.deb
Checksums-Sha256:
9fe6e304ada617655a24009d8c17eaba77fe9d1b5200d3915f476d29f3475ed6 2120 libraw_0.14.6-2+deb7u1.dsc
7cdc1f966a6803b964b8e253ed5f3379065f2177827a3c669dab9c248bcd89f2 7376 libraw_0.14.6-2+deb7u1.debian.tar.xz
27376e6666594a880d6c767e61851e76d4c610d927d5d6b28ff73810cdc8fdec 114478 libraw-doc_0.14.6-2+deb7u1_all.deb
Files:
ef49ba947125fc4e64f0552233616798 2120 libs optional libraw_0.14.6-2+deb7u1.dsc
e3202919175029ad3829966b8fdc013b 7376 libs optional libraw_0.14.6-2+deb7u1.debian.tar.xz
34420c67716e62b347f06242691c6f97 114478 doc optional libraw-doc_0.14.6-2+deb7u1_all.deb
-----BEGIN PGP SIGNATURE-----
Comment: Debian powered!
iQJ8BAEBCgBmBQJVfZDPXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGM0REMDlGOERBODdEMURGNTA0NkM5OUIw
NjEyRjQ5NDRFQ0RDRDVBAAoJEAYS9JROzc1ap5UQAIYSE44DK8oYrZqSKzSViNN3
p+KgEt2E0xUHP27bdUd1pnLEWj9gZY5/Uku3TZbx3rxFThqbLc3xxww3grSRifXH
+5otwH+ECkS+HAelZ3psw7chTLDc1nNVPUteaPgQV2Qp0F6xH9JcDh7KndfWbDnU
F78vs6NVNdNyEm6hBvKvXOtSFxDysduN/VljKyrIUKSdH1khNPUGnNA9ooBdOoI5
tpF6R1yqArZ3phAJaGYNjYjNp2Iu/zWSpbePNwfm57jR58rIJ/EezolkjGecBa2+
ey8+vZOoy7StzYEiE/UcwLLxQvePOCIASBCSiIrBKQwvff8m07sqNi7OXQtTBK4C
LlDIH9j1jHyb0WTubXUVS+Zgu22ywTT6hgRTbY8twlY/+LrPgZfTyLTCe48wPUE4
nTVu4Aum2kxpKT2MtllcZ3MPN8Fu82pJz5XvoNZ5kLrebWTjG+ekZ5AGSwqf4oJ6
rWV+tgtX+eJOV8IU2k/iZedywPCHLz/ve771DJ1/SKSdaStRPVWfpoRRWqYVv/qE
TDLW6nGpO8bTX1/2QVEJGvFTvWNNpP+4tnmvLQHhuSbXvgsA+pOlzM0WoQHgxE/4
jx7PXrESe/+ZrTXO97qgiMz9rP5hKrIwISkrNWFeT/B1m+77sZqReTep7EY/Wehw
kD+tSEmLDPjQDQjze0bq
=ceS/
-----END PGP SIGNATURE-----
Reply to: