gdk-pixbuf_2.42.12+dfsg-1_source.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Thu May 16 17:04:35 BST 2024
Thank you for your contribution to Debian.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 16 May 2024 15:25:37 +0100
Source: gdk-pixbuf
Architecture: source
Version: 2.42.12+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers at lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv at debian.org>
Changes:
gdk-pixbuf (2.42.12+dfsg-1) unstable; urgency=high
.
* Team upload
* New upstream release
- Reject malformed .ani files, including one category that can cause
memory corruption (CVE-2022-48622)
* d/rules: Keep .ani, .bmp, .icns, .ico, .pnm, .qtif, .tga, .xbm, .xpm
loaders enabled for now. They are weakly maintained, and no longer
enabled by default upstream to reduce security exposure, but disabling
them would be a feature regression, which we shouldn't do in the same
upload as a security fix.
* d/rules: Disable miscellaneous loaders for the udeb, which as far as
we know only needs PNG support
* d/copyright: Pre-generated HTML documentation no longer needs excluding
* Set high urgency for security fix
Checksums-Sha1:
e98ce6248b0a198e79c143096cc4cdb8c82925ba 3214 gdk-pixbuf_2.42.12+dfsg-1.dsc
aba2ae5adf39345bf8a808db1bea62fb25fd3915 6443656 gdk-pixbuf_2.42.12+dfsg.orig.tar.xz
592076b4668e451252693db7cd2a66f121bcf257 21576 gdk-pixbuf_2.42.12+dfsg-1.debian.tar.xz
b01eedb242398d995cd788b456e49fa99e65e50d 9064 gdk-pixbuf_2.42.12+dfsg-1_source.buildinfo
Checksums-Sha256:
812ca8729a97e91c754067ac296fc727884534868c987f36016bb972c49417b9 3214 gdk-pixbuf_2.42.12+dfsg-1.dsc
2fab7a828f1a017a235cd800cf0b47d83733037bade493337c46ed79e7ef3678 6443656 gdk-pixbuf_2.42.12+dfsg.orig.tar.xz
ae0b3a9c557c734ade86f68f5a4ae8413981e3b97ca5d8ae6dc60508ba26be46 21576 gdk-pixbuf_2.42.12+dfsg-1.debian.tar.xz
152716aa2d261162ece6df0fd5e52ea36a93135530bfd0764c35de78309e69c6 9064 gdk-pixbuf_2.42.12+dfsg-1_source.buildinfo
Files:
540b7857889a19b6560f8d4c9b584ba9 3214 libs optional gdk-pixbuf_2.42.12+dfsg-1.dsc
346ccfe90f473634cca1d3dee72ed03b 6443656 libs optional gdk-pixbuf_2.42.12+dfsg.orig.tar.xz
19dc3a5ec4b53ad7e3f2fd2826a67dd8 21576 libs optional gdk-pixbuf_2.42.12+dfsg-1.debian.tar.xz
6dee73c508c6790c59db563843cc7a55 9064 libs optional gdk-pixbuf_2.42.12+dfsg-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmZGLAsACgkQ4FrhR4+B
TE9vjBAAl5kxdF3ibm6McBSP49Kfj5NJc6/N+/aXZFzfJPQyenL9SgnpHhAG2o4r
9TAhzhxZcEHWM/mF/53lQja0+hWv+d7wtPrk90l14C97iXguFwaWTBe1gbLV4wUJ
fP9si/i6M9bydOQGswv+l/BsYHby4QZHKc3lH22UFn7uHfXlr8qWZDddmfjwryOQ
P1wYCmSqgxGXFjmZr3OxLwO4TUe7GrwDanMTBYxPKAqDpMrGKC2i8mwI7mUyiOXR
Arp1T5ksjMvaPRp//6qZxzgkii1Izv8AbWLOuhqNubcPwXmGbfSuyMM1LT10Ib+g
RVQaBJ/x4yfQOMwqn0ykSnAcd8ef3YUvhZZmwTt7TfXv3cIpx6bF26r0ml0EDyL1
WvKtriSQDxMQD1/U0pXtvVBGeSaglGV0v7+SbmsbgO7jCaNQBYLxhake8s9nRf3a
XsFHKhkoS1DgzOdfEckTU3i1EmsjhPgRWM2yanreJi+jDA60kh7YsY7iwW7nopNh
T6c4V0kah3J1bnaDV6NKZiHGYCq1MyX8LK0V0gin+1L4L2bq+J0xciVKO2ZHNlTB
ExaU8INyGBjXcMriVowpPID5RBs8y3WSDML/30EhUd7YJeMdB0pA5bwWeffK+7My
lvBkjqtRNyVVgz+f6XdTazaTaouguHM0vIPrtHFkiyph22rQxm4=
=B6dE
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnome-maintainers/attachments/20240516/1484e2ed/attachment.sig>
More information about the pkg-gnome-maintainers
mailing list