Format: 1.8 Date: Sat, 23 Sep 2017 13:27:40 +0200 Source: jbig2dec Binary: libjbig2dec0-dev libjbig2dec0 jbig2dec Architecture: ppc64el Version: 0.13-5 Distribution: artful-proposed Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Jonas Smedegaard Description: jbig2dec - JBIG2 decoder library - tools libjbig2dec0 - JBIG2 decoder library - shared libraries libjbig2dec0-dev - JBIG2 decoder library - development files Closes: 863279 Changes: jbig2dec (0.13-5) unstable; urgency=medium . * Add DEP-3 header to patch 1001. * Advertise DEP-3 format in patch headers. * Add patches cherry-picked upstream: + Fix decoder error on JBIG2 compressed image. + Tidy up unused code. + Add sanity check on image sizes. + refine test for "Denial of Service" images + Prevent SEGV due to integer overflow. + Prevent integer overflow vulnerability. + Bounds check before reading from image source data. + Plug leak of parameter info in command-line tool. + Fix memory leak in case of error. + Make clipping in image compositing handle underflow. + Fix double free in error case. + Do bounds checking of read data. + Do not grow page if page height is known. + Fix SEGV due to error code being ignored. Closes: Bug#863279; CVE-2017-9216. Thanks to Salvatore Bonaccorso. + Allow for symbol dictionary with 0 symbols. * Update watch file: Use substitution strings. * Stop put aside auto-generated header file during build: No longer shipped upstream. * Modernize cdbs: + Do copyright-check in maintainer script (not during build). + Relax to build-depend unversioned on cdbs. + Stop build-depend on licensecheck. * Declare compliance with Debian Policy 4.1.0. * Update copyright info: + Use https protocol in file format URL. + Fix rename License section AGPL-3 → AGPL-3+. * Tighten lintian overrides regarding License-Reference. Checksums-Sha1: acd6c03300945af1403ba40c0259fea3171fa60b 18308 jbig2dec-dbgsym_0.13-5_ppc64el.ddeb 2094db6a239db62c7ea89ae6e48200553eb2ab7b 7590 jbig2dec_0.13-5_ppc64el.buildinfo 9a61a09d9bff0dd63ec4e9f35c13eef887df1a98 23048 jbig2dec_0.13-5_ppc64el.deb 8e589dd693f9083a612da663b15041b2fd86e298 99606 libjbig2dec0-dbgsym_0.13-5_ppc64el.ddeb 1cbe490db845dd3e323deb4bd646c2828f40b22b 59300 libjbig2dec0-dev_0.13-5_ppc64el.deb 8efc2f4b102417ca9726a73f2f6851317e776d9c 57364 libjbig2dec0_0.13-5_ppc64el.deb Checksums-Sha256: 00782561dcd6566cff1aa63740245dad46422289308cef7330707a66ab7abfa5 18308 jbig2dec-dbgsym_0.13-5_ppc64el.ddeb 03d3fe12a5125550ef9289e8483e1ad930d575525ec138867e24bee2c0f95885 7590 jbig2dec_0.13-5_ppc64el.buildinfo 87ebb2c86d44e74ac58bb7c6a5596d73d1b4692d6a5522b3a37d471eddb8fe3b 23048 jbig2dec_0.13-5_ppc64el.deb 4883956ede6dee44c154cd0da930f4ad3442ac72406dc65416224bc9d472961b 99606 libjbig2dec0-dbgsym_0.13-5_ppc64el.ddeb cb5b2d1bebe6fc9882ab50684f15db26f7da4a450c0c7f9cd8d6c02a7893417e 59300 libjbig2dec0-dev_0.13-5_ppc64el.deb ddf7f733115f43339e626bf166c39aa1bedb80e00c38662b4dda8f0e096b916c 57364 libjbig2dec0_0.13-5_ppc64el.deb Files: 1dc1418fbace17f07f3e92215170a4b1 18308 debug extra jbig2dec-dbgsym_0.13-5_ppc64el.ddeb 7c615cd2ccee9106e1796bce7fe3db87 7590 libs optional jbig2dec_0.13-5_ppc64el.buildinfo 486dcfef988d41659adf9b37a592eba9 23048 graphics optional jbig2dec_0.13-5_ppc64el.deb 15e6cbf39bf5903c05b7bf9b89255057 99606 debug extra libjbig2dec0-dbgsym_0.13-5_ppc64el.ddeb 9d71336da9b48d22c6861526bd23f94c 59300 libdevel optional libjbig2dec0-dev_0.13-5_ppc64el.deb 4a24e641602afb936a3c4aac37bfac6e 57364 libs optional libjbig2dec0_0.13-5_ppc64el.deb