Accepted libonig 5.9.5-3.2+deb8u2 (source amd64) into oldoldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 17 Jul 2019 14:56:48 +0200
Source: libonig
Binary: libonig2 libonig2-dbg libonig-dev
Architecture: source amd64
Version: 5.9.5-3.2+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Jörg Frings-Fürst <debian@jff-webhosting.net>
Changed-By: Markus Koschany <apo@debian.org>
Description:
libonig-dev - Development files for libonig2
libonig2 - Oniguruma regular expressions library
libonig2-dbg - Debugging symbols for libonig2
Changes:
libonig (5.9.5-3.2+deb8u2) jessie-security; urgency=high
.
* Non-maintainer upload by the LTS team.
* Fix CVE-2019-13224:
A use-after-free in onig_new_deluxe() in regext.c allows
attackers to potentially cause information disclosure, denial of service,
or possibly code execution by providing a crafted regular expression. The
attacker provides a pair of a regex pattern and a string, with a multi-byte
encoding that gets handled by onig_new_deluxe().
Checksums-Sha1:
577835fd247352a443aea137c52b2867424b55f1 2052 libonig_5.9.5-3.2+deb8u2.dsc
804132e1324ef8b940414324c741547d7ecf24e8 587874 libonig_5.9.5.orig.tar.gz
6cd0c735502eb29b4f19000f0aaf1a3d1fd1398d 8856 libonig_5.9.5-3.2+deb8u2.debian.tar.xz
a3d58474f99934541e7f45d59e7ec4f519be0405 118194 libonig2_5.9.5-3.2+deb8u2_amd64.deb
c38cd75b5dbc143af574552d04e4f30bd04e6be3 200780 libonig2-dbg_5.9.5-3.2+deb8u2_amd64.deb
29fde0a527633d79d33af846b6055d7d0eda90b4 79500 libonig-dev_5.9.5-3.2+deb8u2_amd64.deb
Checksums-Sha256:
9f18307e1a4dcbf0e4eb6f9270e16a4d1184da8734064be12967515798dc6350 2052 libonig_5.9.5-3.2+deb8u2.dsc
9f49ae7819a5f47e25449d0e4b010d479f7868a24a7b9884b47041b49a76438a 587874 libonig_5.9.5.orig.tar.gz
0ef168eeb768792e8d28489ccdfbc60d12df64825e7cc2f2f340ba0b2d79a45d 8856 libonig_5.9.5-3.2+deb8u2.debian.tar.xz
2d3fa4ee3633d791a1f4111f21e8ff4ee13f8b2ee44f3bb08d6844e506ec8632 118194 libonig2_5.9.5-3.2+deb8u2_amd64.deb
a49b35e44d25d8dacb795c36ec6e797bccde98308098bd319c8ecdf9110c2cb9 200780 libonig2-dbg_5.9.5-3.2+deb8u2_amd64.deb
c2e7a78a86526553540734ba7e544948eb8a74d81a3f611e7935001d331d006f 79500 libonig-dev_5.9.5-3.2+deb8u2_amd64.deb
Files:
85210f4889c44465221ff5d187d9629c 2052 libs extra libonig_5.9.5-3.2+deb8u2.dsc
970f98a4cd10021b545d84e34c34aae4 587874 libs extra libonig_5.9.5.orig.tar.gz
f5a13615f57395da29ea5eb4c560dc95 8856 libs extra libonig_5.9.5-3.2+deb8u2.debian.tar.xz
b911c28b28f7b26fa214c6511b2c118e 118194 libs optional libonig2_5.9.5-3.2+deb8u2_amd64.deb
461cc6b4485c38ff6285f272d855a5f2 200780 debug extra libonig2-dbg_5.9.5-3.2+deb8u2_amd64.deb
f7cf35a6d4990614e05c555961fee67f 79500 libdevel optional libonig-dev_5.9.5-3.2+deb8u2_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl0vHqJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkyvAP/A8ozF1tpueiujv9d2S18Xbo7iv+Fnb0oFCl
hw38ieIV3Zi7pjXHb+aqv+C31beHYZYAID8pWDktYravaO5FPS3n24RUxWNt2fDc
dQdqU0NeuGvclNqtRyRoAHM52qQ7UJE/XIt4Vsp8/mtO3g/5b5XcfWeBytr0dgHp
j8QBW8LlM2BfyhecP5ADO3cPu1sm/7wq1/NDdM5hH2vFO+YIVOnEeWSckIE69Cl+
cMKLLnbRp4WCsVrdhyyCNChqx9ah+XAJhRWDU0O8dt/mpWsHmFco1tvnlPqIsgXI
saJ54SOja9qDDJz1rR0qRCitjh5Kz/zr4Tg8gudj3VqOVliCd8IflRqp1Fr4IugM
8GZOtIIGdw8Uv+GzzujQ6h8VA3lAL8tg+kIJi83hkm6uF3SAQ12r9ht73vcMjVHx
6KySt/GGKC3yFGQo7k9QycCpJL3D+RKJqwlK3M3F6TNV21qd3zzWFlZG/p9FT/Rx
FWEdXkmYDjtqMtNlxsZ5CpdmTbN9IIIXYP5ZYMz2WZxCIg0Gx7X46HPl87VkaM88
5r0mQQZxHJfmrGgyfQObUP5adHmvGTIHN4WtERJANAHtzl9BxgSExZS5jZiB0Rzu
edIP7VP9+tsyw4zfiMO4aWFMX38rs6UBkZlBqMqMQISQDlvtadvsUW2+eoKtlsCN
OAjG/428
=rs/p
-----END PGP SIGNATURE-----
Reply to: