libebml_1.3.0-2+deb8u1_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates

Debian FTP Masters ftpmaster at ftp-master.debian.org
Fri Apr 8 09:47:52 UTC 2016



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 29 Mar 2016 18:58:48 +0200
Source: libebml
Binary: libebml4 libebml-dev
Architecture: source amd64
Version: 1.3.0-2+deb8u1
Distribution: jessie-security
Urgency: medium
Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers at lists.alioth.debian.org>
Changed-By: Markus Koschany <apo at debian.org>
Description:
 libebml-dev - access library for the EBML format (development files)
 libebml4   - access library for the EBML format (shared library)
Changes:
 libebml (1.3.0-2+deb8u1) jessie-security; urgency=medium
 .
   * Non-maintainer upload.
   * Add CVE-2015-8789.patch.
     Fix use-after-free vulnerability in the EbmlMaster::Read function.
   * Add CVE-2015-8790.patch.
     Fix EbmlUnicodeString::UpdateFromUTF8 function that allowed
     context-dependent attackers to obtain sensitive information from process
     heap memory via a crafted UTF-8 string.
   * Add CVE-2015-8791.patch.
     Fix EbmlElement::ReadCodedSizeValue function that allowed context-dependent
     attackers to obtain sensitive information from process heap memory via a
     crafted length value in an EBML id.
Checksums-Sha1:
 53bbd7b76eb540d95c4216afba21d0c4f613db0c 2234 libebml_1.3.0-2+deb8u1.dsc
 5a49ae3fddfe4b514f76d5743b29b23e0ecbc935 59359 libebml_1.3.0.orig.tar.bz2
 b939756c8474ed99f218e75e9bf76b58795458b6 6544 libebml_1.3.0-2+deb8u1.debian.tar.xz
 c8bbb60e37b1a425c031dd45604e07df0df22aa2 56016 libebml4_1.3.0-2+deb8u1_amd64.deb
 8bf013f20f4f54a136a69f7767cb20469f7ac0ae 79986 libebml-dev_1.3.0-2+deb8u1_amd64.deb
Checksums-Sha256:
 36302995a64520e69c7050bf5afcd06b1bb38c7dcbe5f9ffb5c48db3377226ab 2234 libebml_1.3.0-2+deb8u1.dsc
 83b074d6b62715aa0080406ea84d33df2e44b5d874096640233a4db49b8096de 59359 libebml_1.3.0.orig.tar.bz2
 b9a81d945e58211976cfbf140c90fa95c8b650b4e3e5b085a24a412e7291b97f 6544 libebml_1.3.0-2+deb8u1.debian.tar.xz
 39edcda293914a8bbff38b1be0e8e6ea669d709b7e41077ef8126765ba41703b 56016 libebml4_1.3.0-2+deb8u1_amd64.deb
 7a35f8aedeeffd50989e225ca8b75e676da9875a57f49f44ee0f217ea54a652d 79986 libebml-dev_1.3.0-2+deb8u1_amd64.deb
Files:
 e435e3c5aadf773fd852075951335e41 2234 devel optional libebml_1.3.0-2+deb8u1.dsc
 efec729bf5a51e649e1d9d1f61c0ae7a 59359 devel optional libebml_1.3.0.orig.tar.bz2
 bb05a0c42a71f51d6d660e9924d5d309 6544 devel optional libebml_1.3.0-2+deb8u1.debian.tar.xz
 058988a144b2a77fe3a5a317ebe8f832 56016 libs optional libebml4_1.3.0-2+deb8u1_amd64.deb
 ac4c74ef063280126c0efa81a4cf5d9b 79986 libdevel optional libebml-dev_1.3.0-2+deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJW+tvAXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkSzkP/RF08yCdUGvy+vRUl6UKoQsp
7eOU0CFEHhsyDSiE9fmbegb/giPWl6LXJpCvhkEmXA9EVFKPXl45QonjC2rEkFTq
Y/OSIQWg5AVScc2aPdVKn1Jvyn+XsfPaL5We1PwMCcfpXZMktoK6xpzLMfkZzi6I
UlVzBIszL4zld/Hva9fhTBuVhj6IMIVZXVhFWeun8ehdbyB9Tk9dNTCR1bk4mZpm
+sY9a5Cf2jIDuxF39LVrLi1dwtvjm2E5pCnYPATIc9lwm9X9YotbgBGCPBWIwJwZ
HAnUIjLIohrK2oiZTINgW6xf+josvRdxvxlpSvJX0tYoIzvPcdK1Go7BOo86i7pJ
bo5zVbzDwX5C81ydBStoXmF9h8avot/vhrFJ4C6naRwaG3ZGP5NFq/8F+vZ+xBn7
n+Xk3EROosQxqahOsQbkAiD2knIKOdoIgQwPuhYE3fzvCh6vFDSU/2IVaB80nkNH
6Dl2Qq8Phzuv+MXHQjFuh+pB4wamttNkBtcNGMDAX0+TawXIVgQzoyVUBqFNs37Q
jzJ6vhzSLbAxMBa8SurNZVJd9w7ZZBCPU9uUoyU9cukHNJiHuFrBIenSvTruCkeW
r26HCT0e5uqCzvs5uiqUs77Xb48rpp3vlLTZqkSV6BvcKkh9BeBD/giv74GMeHAe
Gfwma34je8N4WkcNVifU
=v0xM
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the pkg-multimedia-maintainers mailing list