-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 11:59:05 +0200 Source: libxpm Binary: libxpm-dev libxpm4 libxpm4-dbgsym xpmutils xpmutils-dbgsym Architecture: arm64 Version: 1:3.5.12-1.1+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: arm Build Daemon (arm-arm-04) Changed-By: Julien Cristau Description: libxpm-dev - X11 pixmap library (development headers) libxpm4 - X11 pixmap library xpmutils - X11 pixmap utilities Changes: libxpm (1:3.5.12-1.1+deb12u1) bookworm-security; urgency=high . * CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer() * CVE-2023-43789: out of bounds read on XPM with corrupted colormap * Avoid CVE-2023-43786: stack exhaustion in XPutImage() * Avoid CVE-2023-43787 (integer overflow in XCreateImage) Checksums-Sha1: 8d17471d8d4a5afc812adf0a13ffed6ba2b06068 102492 libxpm-dev_3.5.12-1.1+deb12u1_arm64.deb 4bf985e0fe965e806dc216c9582408d60c629673 102352 libxpm4-dbgsym_3.5.12-1.1+deb12u1_arm64.deb 9b3e924bc3ee17dd569981da0ba2d432426f2b52 45376 libxpm4_3.5.12-1.1+deb12u1_arm64.deb ffd9edaf418b73ba624d49975fb7d3f2290f1e04 7745 libxpm_3.5.12-1.1+deb12u1_arm64-buildd.buildinfo 52797e36a92699639cfc00fc73049448c65194db 54740 xpmutils-dbgsym_3.5.12-1.1+deb12u1_arm64.deb a71c317d5c4d57a313feef9affb74f7d0c909772 36636 xpmutils_3.5.12-1.1+deb12u1_arm64.deb Checksums-Sha256: cbae5ecc6297055952fa218939a938d1edb5f6bb9fa94bd6c0781298d9a2cbdb 102492 libxpm-dev_3.5.12-1.1+deb12u1_arm64.deb 2701cdc83945d93fec8c2d68ec8808d9e8db678ca57005e60b04c3ef69840b88 102352 libxpm4-dbgsym_3.5.12-1.1+deb12u1_arm64.deb fdd2948e5681a144cdad816003ab11081ca748e26fcb9573262134cc3479ba4f 45376 libxpm4_3.5.12-1.1+deb12u1_arm64.deb 4c0824d790319a62f090f2ab065e1033cfde070aa29de77827527b8865f24197 7745 libxpm_3.5.12-1.1+deb12u1_arm64-buildd.buildinfo 8b6f82b56b3960248e329510d50f302985728824a2a4cb3a55889116f05cea53 54740 xpmutils-dbgsym_3.5.12-1.1+deb12u1_arm64.deb 32eb187e361e3a59890310db920d58209fadd48f349d5e61e79692e9c11dd79d 36636 xpmutils_3.5.12-1.1+deb12u1_arm64.deb Files: 436ab0ede771d460837cd46076e10484 102492 libdevel optional libxpm-dev_3.5.12-1.1+deb12u1_arm64.deb 80430cc321e05bc3474b6250afeaa59e 102352 debug optional libxpm4-dbgsym_3.5.12-1.1+deb12u1_arm64.deb 696370bac34600d38600a2de084d6fd3 45376 libs optional libxpm4_3.5.12-1.1+deb12u1_arm64.deb 11aaeddcee534435e86cfddaa60f1478 7745 x11 optional libxpm_3.5.12-1.1+deb12u1_arm64-buildd.buildinfo 909dd05456b079dfab901db6d423683d 54740 debug optional xpmutils-dbgsym_3.5.12-1.1+deb12u1_arm64.deb f6e6baecd50a5c380fa32a069ac2ae41 36636 x11 optional xpmutils_3.5.12-1.1+deb12u1_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEmUDOxnfDwdc47jJKqoc2e3yvTA0FAmUb6xkACgkQqoc2e3yv TA3zEA/9FhVAcMyuwJ9EiCxSialy+kdwp4+f20u3rj0EjHjApOrIL4/eyH3X7B/v 2MRpJxLDfMCMa+LumXWvGiWSySeflbGlvB2YVr8ywOyHNKNjjMihi36jQ3I2Fy86 6cZnFd1LG1nepfSA9fBx9UuF19tTr9XcmHTCkRBeKhaufr/sKo5ZO9bOqkhKg8pG uVFE5lIkpGAhl2O6IN1qHNkkL0jynbGhwRgLJa5yoVRTQGpEO+jQRV65ILm9t+xF F3QgK41h2rYvU3/EkGaXN92QUqYvx7iIga7lXYrMAjorCFwKKk12LHmpophuSzvY qSwhntnisiDK+duLnBviR5dbEcxJjxcNQXb2oVDrZomoGec2E4HdOtTnwg+D/7hz tprT+/EVv3B2OFoTBFRvzdDQuoixEbamHVA0ouT+o1lts2Da2nt/U/OqbtL/VEH3 NK4y5i+K5jHK2TdzY1YlJZH6/QnXF9ETDHRU1XEhQWlIoFSRsWHKu4HKkBof1lPJ lgJgKXRBj96f3/ogWJ2aI6o6vOCJ8t0YL7vZJ4cYcWHaJ6DOhSPvO7hcVUk5+Y7N zGq4gDJrMq325Be67h12cna1aMN6XflOkJ3rq9OnZ3q8gVgb65ei+mC6it5+N9SQ Ws8Gh+vreDV1ScILZwG60jY0nvdJa+Pa0DJO+GiN4sM8a5PH/cw= =CDBp -----END PGP SIGNATURE-----