-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 11:59:05 +0200 Source: libxpm Binary: libxpm-dev libxpm4 libxpm4-dbgsym xpmutils xpmutils-dbgsym Architecture: mipsel Version: 1:3.5.12-1.1+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: mipsel Build Daemon (mipsel-osuosl-05) Changed-By: Julien Cristau Description: libxpm-dev - X11 pixmap library (development headers) libxpm4 - X11 pixmap library xpmutils - X11 pixmap utilities Changes: libxpm (1:3.5.12-1.1+deb12u1) bookworm-security; urgency=high . * CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer() * CVE-2023-43789: out of bounds read on XPM with corrupted colormap * Avoid CVE-2023-43786: stack exhaustion in XPutImage() * Avoid CVE-2023-43787 (integer overflow in XCreateImage) Checksums-Sha1: e175aaf9ff9572d4967aff0033ed012588b3e78e 104056 libxpm-dev_3.5.12-1.1+deb12u1_mipsel.deb 329f0fca46d25ab3484058a37d163e0282fd8c6f 103392 libxpm4-dbgsym_3.5.12-1.1+deb12u1_mipsel.deb 2bdd7707fcd1fa8ded621987327d2a10e635dade 44052 libxpm4_3.5.12-1.1+deb12u1_mipsel.deb 89551d50192215d8feed45d26d84aca8dcfaaf2a 7584 libxpm_3.5.12-1.1+deb12u1_mipsel-buildd.buildinfo 916a6691b8dafd28bc7e0e20f4c08a8f29f01839 55060 xpmutils-dbgsym_3.5.12-1.1+deb12u1_mipsel.deb 9165a1222a5953ff9583dee8c74ace15ba619f10 36544 xpmutils_3.5.12-1.1+deb12u1_mipsel.deb Checksums-Sha256: ffe60a0633fb1703ed28126db64a9a8ce4ad1d03ab9d5f11a5931515788071ca 104056 libxpm-dev_3.5.12-1.1+deb12u1_mipsel.deb 035a0c457e468c897b266a78c041e516120e27ae5ed391c898e000ff310f7fa3 103392 libxpm4-dbgsym_3.5.12-1.1+deb12u1_mipsel.deb 63e2e78985ebde3f825c16b1fe40f6453620af49ab38e6b8a531dba6ba748a65 44052 libxpm4_3.5.12-1.1+deb12u1_mipsel.deb cee3d6a04431c5c19a1ac194c6ce15f67d68cd99f07c338946dc78c99c4cc530 7584 libxpm_3.5.12-1.1+deb12u1_mipsel-buildd.buildinfo 7fdab4c2cd7f410f3b9a5b5780a39baa40ada0a63d550f4c9e2f021b30b887c0 55060 xpmutils-dbgsym_3.5.12-1.1+deb12u1_mipsel.deb 86c841058f6490867fda8ff0acb495aa9cecf66bc5601affb7ba43e82bee1cc1 36544 xpmutils_3.5.12-1.1+deb12u1_mipsel.deb Files: 36ea74783296fb81360b073258023e7a 104056 libdevel optional libxpm-dev_3.5.12-1.1+deb12u1_mipsel.deb 69d7d501b5fdd7f1838ee8ebf6b73d43 103392 debug optional libxpm4-dbgsym_3.5.12-1.1+deb12u1_mipsel.deb e69a378c7d2963c6f5633d0133b12105 44052 libs optional libxpm4_3.5.12-1.1+deb12u1_mipsel.deb ec114bdf277c72d2512cc555459caaf1 7584 x11 optional libxpm_3.5.12-1.1+deb12u1_mipsel-buildd.buildinfo ada12363e216d0e48ef3a5e961831181 55060 debug optional xpmutils-dbgsym_3.5.12-1.1+deb12u1_mipsel.deb 5969f62394b062fdf3f3aea16515560e 36544 x11 optional xpmutils_3.5.12-1.1+deb12u1_mipsel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7FUbSrfgk+qhJhySoQbzkdO+xGgFAmUb6uoACgkQoQbzkdO+ xGgMbg//Q2eGyq31zUMy52FKQyhlG1WttSixoB6u8TnQGiwaJnbJvekXNCwdvJkD f0XslooKF2mT5Mee49nau7CSoO+W4XmnN3ZLXTSPlakOn9a5NYEz84+MPMRB0Jm3 vrkQpfNZj260DeKBn6G6CinEd70axwdKzP8eRaFwYFerdp6A+QKrHSKhxtw8CFr2 JHAyazADj2Skko+rMdNBPhTL85T0y5xFQqzJngcMBSdCsvG52/e/lb8QBawm5lhs NhmYY7rCRbxrgoOzVsI4+aFt6F3s6d/jk6y6tVe/oHzLlUNamZ/Rf2KXHjW0NFkv j4yLmVMe0g7sWqC/q+c2pTU1qmX1eBxv8mrvyYThft8axQqj1F/7TwqCf5Z+4ZPO 2yifiuSUiSB88lHhFWhZxvTBo+3OXc7ntal6GBhxZUp+pfxAdA4Zm9cDc/0YnvCN UvoxLre3lPu81U3T6egRnwk0oT0RaiSmsQfeFlzgMehxlFn2dMm5t60oe7+j277w VFmnnBBuw+sKb/0HxO8QyRMTofB7/AXiw/WI0cMy77JiUIhp5XohD4RJ2h2udOdy 1OahVffAchQ4exPXH/GtEbwYmnkKnhOwcGoOsvQpgESC+2CDnfmZuVzEOdvbNbBU qOeWpSQAZ4Gz+ZXvUkzPHP74a4Axvp+fwiEgoXIElye00QYzN5w= =KS3R -----END PGP SIGNATURE-----