libebml_1.2.2-2+deb7u1_amd64.changes ACCEPTED into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Fri Apr 8 09:49:20 UTC 2016
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 29 Mar 2016 19:10:15 +0200
Source: libebml
Binary: libebml3 libebml-dev
Architecture: source amd64
Version: 1.2.2-2+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Multimedia Maintainers <pkg-multimedia-maintainers at lists.alioth.debian.org>
Changed-By: Markus Koschany <apo at debian.org>
Description:
libebml-dev - access library for the EBML format (development files)
libebml3 - access library for the EBML format (shared library)
Changes:
libebml (1.2.2-2+deb7u1) wheezy-security; urgency=high
.
* Non-maintainer upload.
* Add CVE-2015-8789.patch.
Fix use-after-free vulnerability in the EbmlMaster::Read function.
* Add CVE-2015-8790.patch.
Fix EbmlUnicodeString::UpdateFromUTF8 function that allowed
context-dependent attackers to obtain sensitive information from process
heap memory via a crafted UTF-8 string.
* Add CVE-2015-8791.patch.
Fix EbmlElement::ReadCodedSizeValue function that allowed context-dependent
attackers to obtain sensitive information from process heap memory via a
crafted length value in an EBML id.
Checksums-Sha1:
c1d5ee3d7a3df92058d3a33c113b02a0fa3dc26b 2215 libebml_1.2.2-2+deb7u1.dsc
f8ef2e044b79b6e4f777b20c0e0e2382c16fbafc 60802 libebml_1.2.2.orig.tar.bz2
8cf421643c09639b364e32537d8497e2bdea2067 6895 libebml_1.2.2-2+deb7u1.debian.tar.gz
a531fc806e67842666ff923c3aa37aa10dc34ae5 64080 libebml3_1.2.2-2+deb7u1_amd64.deb
3188e80d311949ab0240532cfb26d350f196233e 102876 libebml-dev_1.2.2-2+deb7u1_amd64.deb
Checksums-Sha256:
0f648a4c8d37d20e9968f5ff3c790410c1a474e1e54cd0c453c8c16efebf3557 2215 libebml_1.2.2-2+deb7u1.dsc
476b08c6436a96c024a53e788e7c945ce9b41cd8654165763444aa7e5245b7a5 60802 libebml_1.2.2.orig.tar.bz2
b2629195bdd8088f3612a48300bc8a4bdf2535dd2757f46d41ae74bb45a3273d 6895 libebml_1.2.2-2+deb7u1.debian.tar.gz
4df1757fd889dff17be980dfec1dea494d5315857d533cb69021e24485daa6c2 64080 libebml3_1.2.2-2+deb7u1_amd64.deb
991bbb304a4bf60d539f99cbb70f4633ff5a62acb01249c5a77545d5b02815f1 102876 libebml-dev_1.2.2-2+deb7u1_amd64.deb
Files:
bf26aa457e43e0ce7ca03e2fec2ed44c 2215 devel optional libebml_1.2.2-2+deb7u1.dsc
726cc2bd1a525929ff35ff9854c0ebab 60802 devel optional libebml_1.2.2.orig.tar.bz2
029929f7d8a7302a5ccfecc21ac7c02e 6895 devel optional libebml_1.2.2-2+deb7u1.debian.tar.gz
8fd38ed348a3896525692a36df72c6b2 64080 libs optional libebml3_1.2.2-2+deb7u1_amd64.deb
46e194ac4a3b3127902e9a8cc71cd345 102876 libdevel optional libebml-dev_1.2.2-2+deb7u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQJ8BAEBCgBmBQJW+rd1XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1HkF18QAJqTC+r+9lIsXkxWbdM45wTw
AR2wL+Vb7dkxxV6IhkvRo+QXOmEbxO5MCI7e0cq3aiUeC2ov9NTIgK5zbp8TpyGr
4Tpz7ovVoeoWLQFLDFphN3nsEDfoU5sY+oKQEfvSSgEKLeNUpQGDy/FFvO3lcg9P
R0z7O9vk8l0Zeahw6vuH3Nhc3jkg844QROskpUtbZ9prFApT8qp1f3mThgcVk59M
oCt7L11rhUn5N23RoUpwc43hGUsGhnz070Qtgtr4ErjBvGOtcarVbuNDTjjZM//F
HyrHG6hz0w6PRIoIS3lnFiaED+SQiIorYi7TETbQcrh1EVryLz/U67vLSyBKyaLz
F6XXtY3EibqrYsh+MGb0O9s7dA1I8/XxkNe5TbSu48TfDU/ljOR+fUhnXtG9cP7E
TbgR1pVd9tyUyDAhcFNP0DdkWH0cyAXZ8l4Px/hnsVAvlDLBW0qx/+XT7TujzQ3c
TbGO2GwMUFHyI0STyuhLaMylir9HTE6Vckczbl1TlKzZPNkuOb6HNbgw0jgM+6M9
Sl6jxqVOOJRGGorSyH6LWf7ifh8029QJoujuMS/sXiWdSbJdMP7ifWDZ2+4vQaFn
GKR2TeN5J6UzLdE4r1KKU6YhajSyVRQ7SqzXXKnUrnOz2je4s0hI6t0nqYToUmO4
I5GKD3F6xsYnyKHeKwMI
=PrMV
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the pkg-multimedia-maintainers
mailing list