Accepted gthumb 3:3.6.2-2 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted gthumb 3:3.6.2-2 (source) into unstable
From: Herbert Parentes Fortes Neto <hpfn@debian.org>
Date: Tue, 30 Oct 2018 12:53:11 +0000
Message-id: <[🔎] E1gHTWB-0008NO-V9@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 30 Oct 2018 09:06:29 -0300
Source: gthumb
Binary: gthumb gthumb-data gthumb-dev
Architecture: source
Version: 3:3.6.2-2
Distribution: unstable
Urgency: medium
Maintainer: Herbert Parentes Fortes Neto <hpfn@debian.org>
Changed-By: Herbert Parentes Fortes Neto <hpfn@debian.org>
Description:
 gthumb     - image viewer and browser
 gthumb-data - image viewer and browser - arch-independent files
 gthumb-dev - image viewer and browser - development files
Closes: 912290
Changes:
 gthumb (3:3.6.2-2) unstable; urgency=medium
 .
   * debian/patches/
       - cve-2018-18718.patch file (Closes: #912290)
         CVE-2018-18718 - CWE-415: Double Free
         The product calls free() twice on the same memory address, potentially
         leading to modification of unexpected memory locations.
 .
         There is a suspected double-free bug with
         static void add_themes_from_dir() dlg-contact-sheet.c. This method
         involves two successive calls of g_free(buffer) (line 354 and 373),
         and is likely to cause double-free of the buffer. One possible fix
         could be directly assigning the buffer to NULL after the first call
         of g_free(buffer). Thanks Tianjun Wu
         https://gitlab.gnome.org/GNOME/gthumb/issues/18
Checksums-Sha1:
 c871540b7fc0351e2b4add5281ca58f956a9d99d 2284 gthumb_3.6.2-2.dsc
 0db2b52850a435342aad80f65b465b40603e97c7 31452 gthumb_3.6.2-2.debian.tar.xz
 0cc1eb8ad87766ed3328ae7e21c1f2e911c79470 20424 gthumb_3.6.2-2_amd64.buildinfo
Checksums-Sha256:
 04cdc1607bb66fd14f11955dec44fa077f0a756a21c593535345e9a59f9d16fc 2284 gthumb_3.6.2-2.dsc
 f4769c2e8ebe803ac3863d6152bdbfa12245d45a357ddf376e79da26e45999e4 31452 gthumb_3.6.2-2.debian.tar.xz
 0f9964fde0a6b47c92ce6c75d8f339a93082fc01c8042d699af2021da14941d7 20424 gthumb_3.6.2-2_amd64.buildinfo
Files:
 00b96578ad14b4d1545d498e6d60aaf5 2284 gnome optional gthumb_3.6.2-2.dsc
 92c0b38c4185eaf106ff79d2a60ab5cc 31452 gnome optional gthumb_3.6.2-2.debian.tar.xz
 42612cfb45a535130e0cc6a308a783e2 20424 gnome optional gthumb_3.6.2-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCgAuFiEEbiJhr5LBUJGFGPlCVSVvKKxgYRoFAlvYTk4QHGhwZm5AZGVi
aWFuLm9yZwAKCRBVJW8orGBhGnX8EACTZ39YhRMyO8/ylNOFrQOYxffnvxjIb4Qb
1j3zRYG//jg4oKQmiY9WNGNb0rQKZFJwDpveFJg/lKDCNyiQCaqFIrigwmps6yie
S/7ILPuN/SewjaqTKlkYro2G6xsIe5PeU6fWN0WOGB3RV7NWE8HBMJOiLNiJ9b6R
1QNcHMUQo4jTHYbpg8PRnYoS1d82G3/Z0zir7ZXmi2EXDvVMIUiUZn3iy1LiLQXl
dpse5LMccx89qWgaFh+qYxgReq8JuUcA38goHU2ZdFx0fTUSkvLY2MSZ5EdDq3um
y66YYQV1oMMfOFzp8GoO5ocnw8rHOsnGwY8eaT2dBZZ6jDKjNdelGpj/LR58fn0Z
MMIIyxGOVXXOnu5Z1eKzZn+dBeHtMTBNXM4whPONYtyTYMjfHXE7ot5VAK0eJDQZ
sJnQdBlq6ZI3pgcL9SxqadvFpuU9Fi/3jFVmLVro17BA3Z4+bmIoiBOuBtUTjomZ
Br5RYwwfAXE1qgTklX7U7GdNHmuJ4BaVHSPsZonW+mkZaEsohgEk0Jk3sUjBBIUG
bl7u14fYGTrgXdRdON1oP3NODrG5GrBqPvu9PWojkCLSML/La3HeU6W7vc9jmNlZ
cafhGcNLhQF8ePcBaREAHue/KklyXpU7DAskv5J37ncHGvbNlnaHQ07CySLjrSRK
DANfo9hNjw==
=qrNA
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted easymock 4.0.1-1 (source) into unstable
Next by Date: Accepted mbrola 3.02b+dfsg-2 (source) into unstable
Previous by thread: Accepted easymock 4.0.1-1 (source) into unstable
Next by thread: Accepted mbrola 3.02b+dfsg-2 (source) into unstable
Index(es):
- Date
- Thread