Accepted tiff 4.0.10-4 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted tiff 4.0.10-4 (source) into unstable
From: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Date: Sat, 02 Feb 2019 21:50:25 +0000
Message-id: <[🔎] E1gq3BB-000DgS-7d@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 02 Feb 2019 18:34:29 +0000
Source: tiff
Architecture: source
Version: 4.0.10-4
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Closes: 902718 908778 913675 921157
Changes:
 tiff (4.0.10-4) unstable; urgency=high
 .
   * Backport security fixes:
     - CVE-2018-12900: heap-based buffer overflow in
       cpSeparateBufToContigBuf() cause remote DoS (closes: #902718),
     - CVE-2018-17000: NULL pointer dereference in _TIFFmemcmp() cause DoS
       (closes: #908778),
     - CVE-2018-19210: NULL pointer dereference in TIFFWriteDirectorySec()
       cause DoS (closes: #913675),
     - CVE-2019-6128: TIFFFdOpen() memory leak (closes: #921157).
   * Update watch file.
   * Update Standards-Version to 4.3.0 .
Checksums-Sha1:
 fd2d79ee73e8fda214410ba2cba13b24b848e43a 2173 tiff_4.0.10-4.dsc
 dde956fd05e3e6692415d5f20ff60ee6628d4b51 21580 tiff_4.0.10-4.debian.tar.xz
 58d0e8826c69414ada678a83b516ccbc21652b3d 12301 tiff_4.0.10-4_amd64.buildinfo
Checksums-Sha256:
 3c5d339cd5dbb59c1e97bf8687c36e0ed75aefe79fc248f749931897060a641e 2173 tiff_4.0.10-4.dsc
 eed80359456ae1437426be3894ed594ac6d6051306afee6093abdc65a07887b0 21580 tiff_4.0.10-4.debian.tar.xz
 1987e6a2a6663329e4a392520197720df46d9c0fa874080942a82f607db871af 12301 tiff_4.0.10-4_amd64.buildinfo
Files:
 686f89cb05d7cd2df787834c09cfdfbb 2173 libs optional tiff_4.0.10-4.dsc
 527aa96aafa8ef13bd81ace4b0812da6 21580 libs optional tiff_4.0.10-4.debian.tar.xz
 14f213a51a89f8e0c73d672387de1fb4 12301 libs optional tiff_4.0.10-4_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAlxWDVIACgkQ3OMQ54ZM
yL90vA/+Oy5yQQvux23pGN5ycpEm70GouG30NvVebcy6PQM/lihu+t2u3YxJE7nj
KgtUX80p+qfBzaji9EfaI3xSW3OGa1AMfx1B0/NL8uqdm5hiGathCvLJLsXrx9Qi
CH7MleH3OzCDIlzJYAnm6/OCkw7RijBCN/1szavVjBud3f4jBVODF0/MfCHoekCm
GxbBeSLf+kgQTj1ej0s3/3rvWeoAki/wY8Ym6RuP2VEepMCbF8SbeWCHJJ6RLzze
vz2sJIxUOyg0vIeMBikDJwku6YfmyLMrM42EOxfuewUhqmyqZWUDcN0XZQmkel3u
1HfCwG7mquVF8UHJYdVbBGOKh5EOo1/2nL/vbyYhrUZyPnQl7ppZFIAYq9w/WE+8
MmJVxx2oyYI1g8GiSymEgfIWif4XfykICNcKYvdnSk1pcZD4DqI+RIiEZaPTRBqw
uqWCRSrwBC65p3YSO0tdWG7kWeZNz8YMobaoK5QXMiEm/WPFfe4T4E7DcPj7Zn68
smCxmRCG9jQSI6Vl4GT+1+v5Ibg5NE256PlgWJ3bwpUUwqjcAgBBV6Vv08iJBtxS
XkjFE5/niyssy7QpWH1M7XygIeZUe814SKMhgMhjzmxvZNQ0I+SPrzqiznRKMN1x
eBI7pQLXbBqRPg8zY1v+VtSN6LcBANzfWt5rTWVUVGArWGz/J5I=
=vejK
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted nvidia-graphics-drivers 390.87-7 (source) into unstable
Next by Date: Accepted dpkg-www 2.58 (source) into unstable
Previous by thread: Accepted nvidia-graphics-drivers 390.87-7 (source) into unstable
Next by thread: Accepted dpkg-www 2.58 (source) into unstable
Index(es):
- Date
- Thread