Format: 1.8 Date: Mon, 02 Oct 2023 16:12:10 -0400 Source: libxpm Binary: libxpm-dev libxpm4 xpmutils Architecture: i386 i386_translations Version: 1:3.5.12-1ubuntu0.20.04.2 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libxpm-dev - X11 pixmap library (development headers) libxpm4 - X11 pixmap library xpmutils - X11 pixmap utilities Changes: libxpm (1:3.5.12-1ubuntu0.20.04.2) focal-security; urgency=medium . * SECURITY UPDATE: stack exhaustion from infinite recursion in PutSubImage() in libx11 - d/p/0004-test-Add-test-case-for-CVE-2023-43786-stack-exhausti.patch - d/p/0005-Avoid-CVE-2023-43786-stack-exhaustion-in-XPutImage.patch - CVE-2023-43786 * SECURITY UPDATE: integer overflow in XCreateImage() leading to a heap overflow in libx11 - d/p/0006-test-Add-test-case-for-CVE-2023-43787-integer-overfl.patch - d/p/0007-Avoid-CVE-2023-43787-integer-overflow-in-XCreateImag.patch - CVE-2023-43787 * SECURITY UPDATE: out of bounds read in XpmCreateXpmImageFromBuffer() - d/p/0001-Fix-CVE-2023-43788-Out-of-bounds-read-in-XpmCreateXp.patch - CVE-2023-43788 * SECURITY UPDATE: out of bounds read on XPM with corrupted colormap - d/p/0003-Fix-CVE-2023-43789-Out-of-bounds-read-on-XPM-with-co.patch - CVE-2023-43789 Checksums-Sha1: ee4413ea516ec44b68379cbfa5b41cbb7e8b729e 90464 libxpm-dev_3.5.12-1ubuntu0.20.04.2_i386.deb ee4a7ea1a51a28744414b39f1d670e11430c6171 94932 libxpm4-dbgsym_3.5.12-1ubuntu0.20.04.2_i386.ddeb ed789063c5a0803b1bfa7fc74eddeed05df6e5bc 36480 libxpm4_3.5.12-1ubuntu0.20.04.2_i386.deb 9a5798591a780e386cd42e703a5b5f8d3c1d2670 7577 libxpm_3.5.12-1ubuntu0.20.04.2_i386.buildinfo 6f5dc01c02c73b8b95455c484768d573d9bc3527 2175 libxpm_3.5.12-1ubuntu0.20.04.2_i386_translations.tar.gz 6a678825a67f5e1db89778bf3cc38248a4ccc64b 47484 xpmutils-dbgsym_3.5.12-1ubuntu0.20.04.2_i386.ddeb fb62ab2adaa659f5a4635cd79c166bbcfc9a0115 22956 xpmutils_3.5.12-1ubuntu0.20.04.2_i386.deb Checksums-Sha256: 9a640007e14b60138c48d1fcdb744bb913cfaab35af4109cab00c76c1efc9db4 90464 libxpm-dev_3.5.12-1ubuntu0.20.04.2_i386.deb 977d6cb72aecf31496048d5be286204c6d0f9c95e99c6dfd7e4ead5b4d727ff5 94932 libxpm4-dbgsym_3.5.12-1ubuntu0.20.04.2_i386.ddeb a985beff3c9cd255f995a813fb37be6eb92926f0cb9c11218584ee294a9face0 36480 libxpm4_3.5.12-1ubuntu0.20.04.2_i386.deb 756545aaadb32798cbcee9bd059cd907d943a894cc252e49311e9969b77362ef 7577 libxpm_3.5.12-1ubuntu0.20.04.2_i386.buildinfo 02fadfb464f2c30cd9d5dc95c1d93832bf1e0394b9937f7b02a96f76667ebb2f 2175 libxpm_3.5.12-1ubuntu0.20.04.2_i386_translations.tar.gz 26adc61895c5a21c3634d12f3c610c925b544c546853e0cdc7669079f68372fd 47484 xpmutils-dbgsym_3.5.12-1ubuntu0.20.04.2_i386.ddeb 9b88c73cd621aae199f25ccb68db4c89543dcf500637b1d8832cbba09db86658 22956 xpmutils_3.5.12-1ubuntu0.20.04.2_i386.deb Files: 0fece42010e6a9cbde931adc4b097b8f 90464 libdevel optional libxpm-dev_3.5.12-1ubuntu0.20.04.2_i386.deb 7327255a24aaf5a431c048275e0fa005 94932 debug optional libxpm4-dbgsym_3.5.12-1ubuntu0.20.04.2_i386.ddeb 240c9f17de52fe1dd76c0b3f9e8ac2e1 36480 libs optional libxpm4_3.5.12-1ubuntu0.20.04.2_i386.deb 20862c729844d82c9d9d14f28e0f9e3a 7577 x11 optional libxpm_3.5.12-1ubuntu0.20.04.2_i386.buildinfo f5da66336b2422e50f7ec29b7c0f7e7a 2175 raw-translations - libxpm_3.5.12-1ubuntu0.20.04.2_i386_translations.tar.gz 8e9421c3811c032cae463e25bdd2d733 47484 debug optional xpmutils-dbgsym_3.5.12-1ubuntu0.20.04.2_i386.ddeb 98980bac2b2da6573f644851cd41d958 22956 x11 optional xpmutils_3.5.12-1ubuntu0.20.04.2_i386.deb Original-Maintainer: Debian X Strike Force