-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 27 Jul 2019 13:19:47 -0300 Source: libsdl2-image Binary: libsdl2-image-2.0-0 libsdl2-image-dbg libsdl2-image-dev Architecture: source amd64 Version: 2.0.1+dfsg-2+deb9u2 Distribution: stretch Urgency: medium Maintainer: Debian SDL packages maintainers Changed-By: Hugo Lefeuvre Description: libsdl2-image-2.0-0 - Image loading library for Simple DirectMedia Layer 2, libraries libsdl2-image-dbg - Image loading library for Simple DirectMedia Layer 2, debugging s libsdl2-image-dev - Image loading library for Simple DirectMedia Layer 2, development Closes: 932754 Changes: libsdl2-image (2.0.1+dfsg-2+deb9u2) stretch; urgency=medium . * Non-maintainer upload. * Multiple security issues (Closes: #932754): - CVE-2018-3977: buffer overflow in do_layer_surface (IMG_xcf.c). - CVE-2019-5052: integer overflow and subsequent buffer overflow in IMG_pcx.c. - CVE-2019-7635: heap buffer overflow in Blit1to4 (IMG_bmp.c). - CVE-2019-12216, CVE-2019-12217, CVE-2019-12218, CVE-2019-12219, CVE-2019-12220, CVE-2019-12221, CVE-2019-12222, CVE-2019-5051: OOB R/W in IMG_LoadPCX_RW (IMG_pcx.c). Checksums-Sha1: e71b662d56139854f26ace32ea8717f86af37711 2218 libsdl2-image_2.0.1+dfsg-2+deb9u2.dsc a03ea2d15632d77b487dd60f408d76fa4c1879bc 9956 libsdl2-image_2.0.1+dfsg-2+deb9u2.debian.tar.xz 2702c2a07a13ac6d4d7b4c79813cdab7982ccba0 39686 libsdl2-image-2.0-0_2.0.1+dfsg-2+deb9u2_amd64.deb 51a339f1fd65882df61bd5cdd128bb942c3d1a93 93072 libsdl2-image-dbg_2.0.1+dfsg-2+deb9u2_amd64.deb 487997aa1a3bd890e6b3c4c3955a7f125d3e54a0 44582 libsdl2-image-dev_2.0.1+dfsg-2+deb9u2_amd64.deb ebcea5f005876edc5d4bee6992e6d7be7abe3627 11614 libsdl2-image_2.0.1+dfsg-2+deb9u2_amd64.buildinfo Checksums-Sha256: 0e76f5dbb614248676c0a2201e267cf7830c7935bc100c0b2efbf8e8a81f8d95 2218 libsdl2-image_2.0.1+dfsg-2+deb9u2.dsc 7d205e0b4268d7795cd62b232ecd817298fc861c05e3dc13b680c4fd4b3538d0 9956 libsdl2-image_2.0.1+dfsg-2+deb9u2.debian.tar.xz 4fb1943a4eaa1661a2e3ce437d721a9b78f5faa6a810aa24e63cf5071d054822 39686 libsdl2-image-2.0-0_2.0.1+dfsg-2+deb9u2_amd64.deb 40958d47163ae1ca83f0e2af88d7ae9d331b60b18dd92db154d4f43d66d8345c 93072 libsdl2-image-dbg_2.0.1+dfsg-2+deb9u2_amd64.deb 8a9f0abefcd0121bbbacc41dfa984ecde24d2f580a37270f290ae768f1ee11b5 44582 libsdl2-image-dev_2.0.1+dfsg-2+deb9u2_amd64.deb d622f1f78eef8bf3afd138c5d8977e803cf62823a7cdc77e7fa981d3cabd44c0 11614 libsdl2-image_2.0.1+dfsg-2+deb9u2_amd64.buildinfo Files: cd8a0b53c64edaa44491e67f4b1708d8 2218 libs optional libsdl2-image_2.0.1+dfsg-2+deb9u2.dsc 97022c1c4d9075d546474962f997e582 9956 libs optional libsdl2-image_2.0.1+dfsg-2+deb9u2.debian.tar.xz 47cc959dfb31476812acc8e93f4bfa1b 39686 libs optional libsdl2-image-2.0-0_2.0.1+dfsg-2+deb9u2_amd64.deb 331f8c988360f86b33d3d73269e2f53c 93072 debug extra libsdl2-image-dbg_2.0.1+dfsg-2+deb9u2_amd64.deb 772d5fd3c2038c1c84679b2084a2b325 44582 libdevel optional libsdl2-image-dev_2.0.1+dfsg-2+deb9u2_amd64.deb 10b2967ddf869aef5ee0678a21579936 11614 libs optional libsdl2-image_2.0.1+dfsg-2+deb9u2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQHDBAEBCgAtFiEEeDb9QWtkMa2LX4zREeMFjl5EGkIFAl08xOgPHGhsZUBkZWJp YW4ub3JnAAoJEBHjBY5eRBpC++8L/jsE6+Yx2T391x2vyKtQkdsRwUBDgKPkZAZM rosU3COkJho0NMHT0XAmvctCDAV7ZrsOdnqE9ZUKRvfluOeyfwM7t446bOIOz5cM 8nTR2S4Sq0jkZj+plYuJbvj6THfzLFDZfhu+3Oj2qRd3DGitXKJh6NWnMtGr1H9Z X9yeRrRJgLf5iD8ceD5cscqIkyAz4STy+mxDRSE4iDug1ezsAKz6e2oojJeT4OM5 XDPk9ZCg/HxvCazetYYD6AhO6qbrQ7IPg9gTMF393FVUxks3owzJr/2GiyVUJGQ/ 1nTYMxycPjXYDHyLZuA2E7Y7KvHKaxss839qzJAcxgm+pSaaAZxdGmeo/6zPzl4H EjdENXb/nbbGPzWpU9gzxQDg7UG2MejugEr1XoNe011CcfLPvlBEzWCjDlfvbLUQ ebjElYG4vpfsKvTdHK9rOQOSo9NdF3M45lUU+L+tDCjG1VYhR2rMGHGwmFmivwMu JdvzMIT34qpK3yG9Uf1FzKQmN37qVw== =FkhZ -----END PGP SIGNATURE-----