Accepted fribidi 1.0.5-3.1+deb10u2 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 05 Apr 2022 22:03:02 +0200
Source: fribidi
Architecture: source
Version: 1.0.5-3.1+deb10u2
Distribution: buster
Urgency: high
Maintainer: Debian Hebrew Packaging Team <team+hebrew@tracker.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Closes: 1008793
Changes:
fribidi (1.0.5-3.1+deb10u2) buster; urgency=high
.
* Non-maintainer upload by the LTS Team.
* CVE-2022-25308
stack-buffer-overflow issue in main()
* CVE-2022-25309
heap-buffer-overflow issue in fribidi_cap_rtl_to_unicode()
* CVE-2022-25310
SEGV issue in fribidi_remove_bidi_marks()
(Closes: #1008793)
Checksums-Sha1:
ba655227805d2dbb26a931cb8e0ab433e5d50ac7 2483 fribidi_1.0.5-3.1+deb10u2.dsc
c57592b9c4aea1a6ee3c9e45681252cd2855b258 10964 fribidi_1.0.5-3.1+deb10u2.debian.tar.xz
264cb9c519bb884a1c67544654a3cc3f669f16c4 7264 fribidi_1.0.5-3.1+deb10u2_amd64.buildinfo
Checksums-Sha256:
05af0ac7fee456f2c3762578ad207555e99d97fee90ddbe8a8bbff2b7a8066af 2483 fribidi_1.0.5-3.1+deb10u2.dsc
e6cc7ca3c7658e7ca105b80e4eeea31ef6bebb292d01df9c04b6e39148e4b119 10964 fribidi_1.0.5-3.1+deb10u2.debian.tar.xz
55e168f265e13f10950da9585e4c30a05728995002182e2074d1b4be8556ce70 7264 fribidi_1.0.5-3.1+deb10u2_amd64.buildinfo
Files:
e22273be9c556f83cd5587dda9ebae60 2483 libs optional fribidi_1.0.5-3.1+deb10u2.dsc
8212dac0537ba9bbfcf80940dc596ba8 10964 libs optional fribidi_1.0.5-3.1+deb10u2.debian.tar.xz
5724531928b8bfe5f1bff752e436d97a 7264 libs optional fribidi_1.0.5-3.1+deb10u2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmLtpetfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR/FJD/0Z+eYuDkxTI2+AKROMJvhY0QY12uAE
Bboa/gDDWj54NbRxXSpK0M4c/XvH1CHE99YrD2g3IvcqzOJkGgQH1x9blh43K4ts
f63GMy3z8ub5GOA3/6rYnWMXHAOFxc5S5CR6XAQyw32IeY9DK0MEg+Ullm24MoQK
aNty/+2oo26hd78OmBdzNvY0p0hQvKXaGDNSq9dN6H7SdqnMPzJXMwhGVJ2aMSOI
XkwzB2tJ8hiYj5tTGh5YHyKu75K/Kd0VRbJ7ascode7tcWnsqpf7F8GCKTM3PG3/
O3ih8nquaYMRrGm8XjLSZQ+fq14gTvvLEm40L8UnFd4Xjr7EyECvCWOOHt7C2euy
HhjrFecv9Ryo8FEYPUn0EbS7FyCwLU56/IBALr8YnMi3q4Vr3a6cs8OVU3799mAg
L9kMp923kA2dFh/r4van5zWYhd+VAVe1GwQKm3aqMGM0Vq94IajsIa05Or3geBR7
4psToVIW/caEuqGkbado/45PLsXTtMYcMf03eYHIZNQILoeDqkoS98J/Dz6rqjOe
0uDVwal+MAgEyVs7Krnt28XSJO8t/ZILYQ37vQH3uttjUJMqvQN0FZA1/jE1k0U8
iIJ7Smn/b7TOV4iLeMphbkKqn5Bd+4yXwjt8lQ84Ebo0yJwkXAxk2AyR6sjhkiLw
BptHan8VRV0sLg==
=sKvi
-----END PGP SIGNATURE-----
Reply to: