Accepted htmldoc 1.9.3-1+deb10u4 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 15 May 2022 20:00:35 +0200
Source: htmldoc
Architecture: source
Version: 1.9.3-1+deb10u4
Distribution: buster
Urgency: medium
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Håvard F. Aasen <havard.f.aasen@pfft.no>
Changes:
htmldoc (1.9.3-1+deb10u4) buster; urgency=medium
.
* Non-maintainer upload.
* CVE-2022-24191
Infinite loop in the gif_read_lzw function can lead to a
pointer arbitrarily pointing to heap memory and resulting
in a buffer overflow.
* CVE-2022-27114
Integer Overflow bugs in image.cxx, malloc function may
return a heap block smaller than the expected size, and
it will cause a buffer overflow/Address boundary error in
the jpeg_read_scanlines function.
* CVE-2022-28085
A heap buffer overflow in the function pdf_write_names
in ps-pdf.cxx may lead to arbitrary code execution and
Denial of Service (DoS).
Checksums-Sha1:
d4eb32138169c94c82c50a794884313db82c64de 1566 htmldoc_1.9.3-1+deb10u4.dsc
300a4f78fb03396b99eaedb5a7f2fccf957e5c27 22276 htmldoc_1.9.3-1+deb10u4.debian.tar.xz
7cda4a31b485f9747b180217eafe72528c70e168 7738 htmldoc_1.9.3-1+deb10u4_amd64.buildinfo
Checksums-Sha256:
8e1e4f2696946b06d42a26828880c38c1fa8abe6ca7ea5dccf13b6dc78c7e2cb 1566 htmldoc_1.9.3-1+deb10u4.dsc
30288effd536a21534130f669ad88ae06eb449fae82c1de4795817f3a945a949 22276 htmldoc_1.9.3-1+deb10u4.debian.tar.xz
95cf42a88ba61db91ce1016bfb1e34d7158b47f4ebd12b7327e71dd3746d748c 7738 htmldoc_1.9.3-1+deb10u4_amd64.buildinfo
Files:
39002b9c440e2892ff2fdc313ac08386 1566 web optional htmldoc_1.9.3-1+deb10u4.dsc
a00e9cf17f8c114a314466035b1b864a 22276 web optional htmldoc_1.9.3-1+deb10u4.debian.tar.xz
9906b0e2c22266ce787d116e1418385f 7738 web optional htmldoc_1.9.3-1+deb10u4_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iI0EARYIADUWIQRlk5EXUZxDorKy9cv5N3WY8EyDCgUCYu35axccaGF2YXJkLmYu
YWFzZW5AcGZmdC5ubwAKCRD5N3WY8EyDCqkYAP93PwGKQVZbV+gf1ac46KgHLkTM
ZISgP69L8HibyikxVAD/dMakcoMdhbA+rIzIanmJhbw7G3uU2ALajQCDt7c9SAM=
=w6t/
-----END PGP SIGNATURE-----
Reply to: