Format: 1.8 Date: Sat, 23 Sep 2017 13:27:40 +0200 Source: jbig2dec Binary: libjbig2dec0-dev libjbig2dec0 jbig2dec Architecture: s390x Version: 0.13-5 Distribution: artful-proposed Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Jonas Smedegaard Description: jbig2dec - JBIG2 decoder library - tools libjbig2dec0 - JBIG2 decoder library - shared libraries libjbig2dec0-dev - JBIG2 decoder library - development files Closes: 863279 Changes: jbig2dec (0.13-5) unstable; urgency=medium . * Add DEP-3 header to patch 1001. * Advertise DEP-3 format in patch headers. * Add patches cherry-picked upstream: + Fix decoder error on JBIG2 compressed image. + Tidy up unused code. + Add sanity check on image sizes. + refine test for "Denial of Service" images + Prevent SEGV due to integer overflow. + Prevent integer overflow vulnerability. + Bounds check before reading from image source data. + Plug leak of parameter info in command-line tool. + Fix memory leak in case of error. + Make clipping in image compositing handle underflow. + Fix double free in error case. + Do bounds checking of read data. + Do not grow page if page height is known. + Fix SEGV due to error code being ignored. Closes: Bug#863279; CVE-2017-9216. Thanks to Salvatore Bonaccorso. + Allow for symbol dictionary with 0 symbols. * Update watch file: Use substitution strings. * Stop put aside auto-generated header file during build: No longer shipped upstream. * Modernize cdbs: + Do copyright-check in maintainer script (not during build). + Relax to build-depend unversioned on cdbs. + Stop build-depend on licensecheck. * Declare compliance with Debian Policy 4.1.0. * Update copyright info: + Use https protocol in file format URL. + Fix rename License section AGPL-3 → AGPL-3+. * Tighten lintian overrides regarding License-Reference. Checksums-Sha1: 2119020e4ff04073c99aaf25e0d1d1e3b9e57a83 17052 jbig2dec-dbgsym_0.13-5_s390x.ddeb 5b40b487f0acd6f77e4629c922a317da63be3fb6 7391 jbig2dec_0.13-5_s390x.buildinfo 900ec03f24c5ab189377764874f366e0ab019f81 22508 jbig2dec_0.13-5_s390x.deb e28b36594c9f2cfdcd45b985e859af831efd706c 94234 libjbig2dec0-dbgsym_0.13-5_s390x.ddeb 027c54e66f00b0b2c1083e9a87fb47b6ba0a52cd 54682 libjbig2dec0-dev_0.13-5_s390x.deb 001638cd7b65c19b4b1f86b307f1b539fa9b6f5d 53872 libjbig2dec0_0.13-5_s390x.deb Checksums-Sha256: e99083615f40ef2a8907359c51678757b20d2d4f718ffa1f811dead169abe218 17052 jbig2dec-dbgsym_0.13-5_s390x.ddeb b017f0c859d2c0a00036d83fe520ab19c386218c50a21f15f85dd787c25b710f 7391 jbig2dec_0.13-5_s390x.buildinfo eb77249441ac191571729f2baa396d86f7d0dc01d0da1483fe834416b4d3448c 22508 jbig2dec_0.13-5_s390x.deb d910bed53d1db02560bb6537c4bb8f167682cf832ee398b4766c9e340e856260 94234 libjbig2dec0-dbgsym_0.13-5_s390x.ddeb 97d65ed24b15e023ff8058f00440bbec52c9b320b3580e5290fab66be922e7e3 54682 libjbig2dec0-dev_0.13-5_s390x.deb 8787b784e0a6a0fd247301c55e1502c099535d270ef97ca6db82a79ab61830a9 53872 libjbig2dec0_0.13-5_s390x.deb Files: 26223b8546b10f3d91aec10fc848eb10 17052 debug extra jbig2dec-dbgsym_0.13-5_s390x.ddeb b9189f6128088f739fc38a9396bd7a1b 7391 libs optional jbig2dec_0.13-5_s390x.buildinfo dc54e5bf03fec06331298f599e25e1d2 22508 graphics optional jbig2dec_0.13-5_s390x.deb e1f20f8489ce3b545c15c4edba2f23ff 94234 debug extra libjbig2dec0-dbgsym_0.13-5_s390x.ddeb baf88646e8a64a57b6f9bc8ed765eb05 54682 libdevel optional libjbig2dec0-dev_0.13-5_s390x.deb d46b38f912e9800fc12532a6a3621e63 53872 libs optional libjbig2dec0_0.13-5_s390x.deb