1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted openexr 2.5.4-2+deb11u1 (source) into proposed-updates

    From Debian FTP Masters@21:1/5 to All on Sat Dec 10 20:20:02 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Sat, 10 Dec 2022 15:03:52 CET
    Source: openexr
    Architecture: source
    Version: 2.5.4-2+deb11u1
    Distribution: bullseye-security
    Urgency: high
    Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel@lists.alioth.debian.org>
    Changed-By: Markus Koschany <apo@debian.org>
    Checksums-Sha1:
    5e02983d0c476b13a5813ca3cbe07429d9862359 2467 openexr_2.5.4-2+deb11u1.dsc
    13a75bed4e3bfc10ff1304599b8de3613844971b 27535491 openexr_2.5.4.orig.tar.gz
    23b0c22a137c3d9dc2ccf99edcf62b4b45173605 25788 openexr_2.5.4-2+deb11u1.debian.tar.xz
    ddb131a8c56e364b77b28ba24dc6c4ccb3bbfef8 8662 openexr_2.5.4-2+deb11u1_amd64.buildinfo
    Checksums-Sha256:
    2807eaffae0d6ffde4e5414bfdf3fb89c2216b46dda5d9e4daefd14236bec3c5 2467 openexr_2.5.4-2+deb11u1.dsc
    dba19e9c6720c6f64fbc8b9d1867eaa75da6438109b941eefdc75ed141b6576d 27535491 openexr_2.5.4.orig.tar.gz
    83fba965ff63da0ba233b7cf7aca946e25b43ce15b8653b52291f07ce081bc1b 25788 openexr_2.5.4-2+deb11u1.debian.tar.xz
    800b8a4e611d6fa9da4c3d02cfa47822bc8537553deea55ca68ff446c55ea003 8662 openexr_2.5.4-2+deb11u1_amd64.buildinfo
    Closes: 990450 990899 992703 1014828
    Changes:
    openexr (2.5.4-2+deb11u1) bullseye-security; urgency=high
    .
    * Non-maintainer upload.
    * Fix CVE-2021-3598, CVE-2021-3605, CVE-2021-3933, CVE-2021-3941,
    CVE-2021-23215, CVE-2021-26260 and CVE-2021-45942.
    Multiple security vulnerabilities have been found in OpenEXR, command-line
    tools and a library for the OpenEXR image format. Buffer overflows or
    out-of-bound reads could lead to a denial of service (application crash) if
    a malformed image file is processed.
    (Closes: #992703, #990450, #990899, #1014828, #1014828)
    Files:
    992773b63b8311e663418af41ab15609 2467 graphics optional openexr_2.5.4-2+deb11u1.dsc
    e84577f884f05f7432b235432dfec455 27535491 graphics optional openexr_2.5.4.orig.tar.gz
    98e9c23b8a1015c2541d283eead967ec 25788 graphics optional openexr_2.5.4-2+deb11u1.debian.tar.xz
    2d8e495ef3a9b17b78dcb6000802b8ac 8662 graphics optional openexr_2.5.4-2+deb11u1_amd64.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmOUkc5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkY/IQALcxDCQOzT3U85D7EM1osUTjmhx3XppUhPFc sLNsXYFNdHWZYlwdeRRkRMVcYfpIRx5HiIORK78JRGGMGhoWIpYidnpYm9DapZfb tywRnMEvQeqOoKs144yvHq3orsMyIp9YrYZsN659xU1ftlfyJmCrucpIO0VE+Cv6 cwixGcvIODFBhqMf4Q7hIOitPbM45QR4m/fX72LuEgkn3JTVudx/UaD6PaLC1+0p qFC7D67Z6iINrnCAWeLAShlTEi+HS0HXL4lquQnfTHRQn0gUEpn79Ut6yyG0Ak3g DOiyVbnsRg2FD3gf7TYcO4YMs0EA4XQCm9pAXnJ8xd4pnSL8qKGR/vJRgMYnRJrT lT/PvZn7YfhnBYfuggCJJSp7h/+5mX8+XfDPe0t7IXO5s6Xm1AI/jr75bV7l0DVs 7CN3OvXBVWf7RdwAEMMsBP6bM2XPaYc7ufCJyGoHNUMHfKDlJ1xrXNsLZNGh7DpH 8iS8yvYjyvNq/cTq73Ztm53UAPyxLRToGxg6D7jmUTYyr+ZuPYCh5wEwbMGHWojy S7vLQXpY8Z9Sc9V7XY8V7MQDsWqrBiKTHFhO4LZ7WMxqhgpw4GwvBiTtbaVf5rSS UswFngAj6RL4rFGw3MesiVfaL0bTyZyFcUQ/XJ5JySsmkyVhpvxpP/gqgzqvk35O
    5xrzzVLQ
    =Kw3W
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)