Accepted libgd2 2.0.36~rc1~dfsg-6.1+deb7u11 (source amd64) into oldoldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 19 Jan 2018 15:35:36 +1100
Source: libgd2
Binary: libgd-tools libgd2-xpm-dev libgd2-noxpm-dev libgd2-xpm libgd2-noxpm
Architecture: source amd64
Version: 2.0.36~rc1~dfsg-6.1+deb7u11
Distribution: wheezy-security
Urgency: high
Maintainer: GD team <pkg-gd-devel@lists.alioth.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
libgd-tools - GD command line tools and example code
libgd2-noxpm - GD Graphics Library version 2 (without XPM support)
libgd2-noxpm-dev - GD Graphics Library version 2 (development version)
libgd2-xpm - GD Graphics Library version 2
libgd2-xpm-dev - GD Graphics Library version 2 (development version)
Closes: 887485
Changes:
libgd2 (2.0.36~rc1~dfsg-6.1+deb7u11) wheezy-security; urgency=high
.
* CVE-2018-5711: Prevent an denial-of-service attack via a malicious GIF
image. A corrupt file could have exploited a signedness confusion leading
to an infinite loop. Furthermore, ensure that a GIF without "palette
entries" is treated as invalid after open entries have been removed.
(Closes: #887485)
Checksums-Sha1:
bb16f332e15d4c9b860721d6530fbf8bbfb2ce04 2429 libgd2_2.0.36~rc1~dfsg-6.1+deb7u11.dsc
e93c43f3c2283c6fe09793ac06a4a106374e0cb3 761899 libgd2_2.0.36~rc1~dfsg.orig.tar.gz
ebbb1635f8fcffacd556a035b9498d4813786fa7 34744 libgd2_2.0.36~rc1~dfsg-6.1+deb7u11.debian.tar.gz
fd949d9b0cc72f812e8fdea3b99269fc024c6846 172392 libgd-tools_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
b7a76e2f61b00acaafa0651c6ba7f80e613a3b31 377184 libgd2-xpm-dev_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
4768a416a8f7c5961e97da3753ecd6e8b4150d4f 374746 libgd2-noxpm-dev_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
fc597760363246ad3b60898f9a755019bc492675 235926 libgd2-xpm_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
5f085cd6f5078c6a0761862247779f1713b1389d 233508 libgd2-noxpm_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
Checksums-Sha256:
c90947b4e0011551f1b78936c20d1e8275ad40c15aa9389107894bbd31b93d59 2429 libgd2_2.0.36~rc1~dfsg-6.1+deb7u11.dsc
919df21310ad4a8b6155df01411138110589cc6c50b1bc414dc62aebb0a7f41a 761899 libgd2_2.0.36~rc1~dfsg.orig.tar.gz
83cab51096b75affb5f53728987b6eaaa3c29b423f332c6297aa6b230521a0d0 34744 libgd2_2.0.36~rc1~dfsg-6.1+deb7u11.debian.tar.gz
3abcf213fb528a164dfd826b7b4547266b6035712c5ec2037a4c9ab9992650e3 172392 libgd-tools_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
e52e11d01f8c9b28adecc85a8f4757722f52da45a91a47eaab2f52d269f32731 377184 libgd2-xpm-dev_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
81c2a721337f8d19004d82bb8cfd9535cc86d70c2a68bca8a74155de355a1ab3 374746 libgd2-noxpm-dev_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
1beaa8d760e9b34fba986183e90223ff4413ffed22b7e041a6843c3555e4e429 235926 libgd2-xpm_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
c4b7a5c7a137673adb354a8bce1e823f529f308e5fc246b406c6109bb96ecbd5 233508 libgd2-noxpm_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
Files:
0078a8eb2723fb39e27e3bfa59cbefdc 2429 graphics optional libgd2_2.0.36~rc1~dfsg-6.1+deb7u11.dsc
0f4d2fa45627af0e87fcb74f653b66dd 761899 graphics optional libgd2_2.0.36~rc1~dfsg.orig.tar.gz
799a39165cb2d62770313636fe59f739 34744 graphics optional libgd2_2.0.36~rc1~dfsg-6.1+deb7u11.debian.tar.gz
03ca2165207a1ef96340e4d947ac4499 172392 graphics optional libgd-tools_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
208a31a98718ae9f885954c4d62c0836 377184 libdevel optional libgd2-xpm-dev_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
59fa064dbc6505db3069b547dfdaded9 374746 libdevel optional libgd2-noxpm-dev_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
b51f0ea378e05ad61057ce653d5ed43e 235926 libs optional libgd2-xpm_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
8eef444b0984e79a443f03846d1de829 233508 libs optional libgd2-noxpm_2.0.36~rc1~dfsg-6.1+deb7u11_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlphetwACgkQHpU+J9Qx
HlgQlQ/+LGYKpYhVl6Bb/zF4gKz7rNTVhtIMtt7ryoj/9pTJE0pr1KcOExht5ukK
L2dxiFVEpSD+54taLKCRPE6wSFCwBt4E0rqJFx10U2R7nDDDmmiQ/83UScI7z+PA
CkcyXzXyDDgU1+McVU7ca1y5aTzQQScNujcj1iH+pVEmnhs+BncYxnsrWp7Oyp/0
rjb+55OhFZlaMS+1rp2KNFdzPC/WeAuc5+q1YwvfaJ8QDCUAU0thFb2lSPJJj+PZ
YPJBxu89J7VJo4L1nBTnt0VgBtxOdu0+Eh/cWCZbhtWSCipuyF/bxGiPhHUJ9taG
UM1orMMkN+wYP34YU5HAJWHqHs0tRZkxiB4yreH4rWvuWBwscXFJqQgGtyFvXCRM
BG0wQMF+zrpbh8+R+UXb6llbD71wSFN2MS1yx0dSp/eHlJOn71PcBRX6aI/fXpQi
FkUCXENG4UJTLZIF4QcG8yZOqaEp8f7CV0B5e+t5Q8PLwNIZQxjIpkQPEYP0oH1K
ujPYUiJHol9o6E+Q9t0qhWu+n7XS9FEufwfvCcu8hPWJjZBw6NW+eoO2Aah5gz0k
x/XYglrLNa22nb1XxzPpHjJ5wK6ESIoMPaINO1b2fAEhDCS6zN7Ycx+9bTX/nsIP
SYnIlCuS2/L9InXSaDwBVXcMMzNpLOMKrixvQiNa/yuWGMAiqU4=
=EKrj
-----END PGP SIGNATURE-----
Reply to: