-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 11:59:05 +0200 Source: libxpm Binary: libxpm-dev libxpm4 libxpm4-dbgsym xpmutils xpmutils-dbgsym Architecture: ppc64el Version: 1:3.5.12-1.1+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) Changed-By: Julien Cristau Description: libxpm-dev - X11 pixmap library (development headers) libxpm4 - X11 pixmap library xpmutils - X11 pixmap utilities Changes: libxpm (1:3.5.12-1.1+deb12u1) bookworm-security; urgency=high . * CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer() * CVE-2023-43789: out of bounds read on XPM with corrupted colormap * Avoid CVE-2023-43786: stack exhaustion in XPutImage() * Avoid CVE-2023-43787 (integer overflow in XCreateImage) Checksums-Sha1: 151f54191daf25fca620b6e7a4835e6620b05bf4 110116 libxpm-dev_3.5.12-1.1+deb12u1_ppc64el.deb fe88af81b298652a9116270e4c6435f4db881b52 106056 libxpm4-dbgsym_3.5.12-1.1+deb12u1_ppc64el.deb c664a23792139c483890f8ffd9533853b280ffca 53320 libxpm4_3.5.12-1.1+deb12u1_ppc64el.deb 36cfad8e74fbba1b96ecc7231aa4735cfb05f049 7760 libxpm_3.5.12-1.1+deb12u1_ppc64el-buildd.buildinfo 0af64469a664363df0995aca5aa07c65a66d6094 57100 xpmutils-dbgsym_3.5.12-1.1+deb12u1_ppc64el.deb 1a7e221adf9a02305e683b629232c0b35fe31669 40440 xpmutils_3.5.12-1.1+deb12u1_ppc64el.deb Checksums-Sha256: 3b87efd97a045599d9db935c30b7dce0ea9d3fbd4aab12d692045caa8e5eaf26 110116 libxpm-dev_3.5.12-1.1+deb12u1_ppc64el.deb 48cdd0c72df5af4ccde4c179e06d8df080e278ea1eaca855f1007437d8f44a36 106056 libxpm4-dbgsym_3.5.12-1.1+deb12u1_ppc64el.deb a45cd451956a7cf9ffcaf5d80a919eb8f47a41d6428fe23e889f2027d585c3d1 53320 libxpm4_3.5.12-1.1+deb12u1_ppc64el.deb 3bc36acd2bbf07233c1aef245a616eb5d6c71893c07aae9333220c616927ba96 7760 libxpm_3.5.12-1.1+deb12u1_ppc64el-buildd.buildinfo d2d87fc7998a8ff8a69eb0609be9828531bc7a32f8b84640437778a6b1b1ea66 57100 xpmutils-dbgsym_3.5.12-1.1+deb12u1_ppc64el.deb d58841fa371bbb513fed4fde4a7b80cf9553732d90db6f2612f7177eca5321f7 40440 xpmutils_3.5.12-1.1+deb12u1_ppc64el.deb Files: de8327a7784d5951f477bb99b8214a40 110116 libdevel optional libxpm-dev_3.5.12-1.1+deb12u1_ppc64el.deb b7605791a82acc1316b893e8f6431deb 106056 debug optional libxpm4-dbgsym_3.5.12-1.1+deb12u1_ppc64el.deb be554854456d9fd9b47ee6596f88128f 53320 libs optional libxpm4_3.5.12-1.1+deb12u1_ppc64el.deb 94db7b7abcf22ec1fd34a4095ee1f949 7760 x11 optional libxpm_3.5.12-1.1+deb12u1_ppc64el-buildd.buildinfo b4ee5596a913296d1c3116eb6abd853f 57100 debug optional xpmutils-dbgsym_3.5.12-1.1+deb12u1_ppc64el.deb 83f922bae65484fb3cbdc2532a21dd77 40440 x11 optional xpmutils_3.5.12-1.1+deb12u1_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEHDNCkvGgp2XShfnByW8ECaj2byoFAmUb64cACgkQyW8ECaj2 byrtIg//Vqyy9QlLYDSmFSn6LR+QGyYUavHTrGbVqmcxeOuz4MStsqgzr1nWIMQ+ PGWv7JuGwuvKxk0ItszPg6qYcr3aXiDAZVjyJFQm0oPkMSzG7pjSE5PYGaSk5Tcu n+hmRRcKgSvaxI5lzYXasWAe5qcx4lCAkjQ70iCKHfTX3vVDuf4oMTfQmRChNwJM zypP+LSXUDlf67Hi0fRv/gmPb0718weCww9l2Ow9U/9i9vLqlqBvPEiYcC3JPKWB 55rO7i8uvBqa0F5mCDJVdLUweqPjgiWn2kWRWo6RgYN59UlrM47pBFBIHvojue+9 d+2lMNWMC9s7bI7QwPXDs0ATPM/YdKkZXgG3fIRI7/QZ8lCsXzhNXW/8v1i/V1HG Fgz9yPN6H+Vb/RxgPMDeaxVpl0f8ABNmP6knSkmD+g2Ba8ZastLzQIH7xUKh7BER wUt7bpAUxelCpsnY5MuY32vvI4mEzUOKqenpu2nENU4Zz46aBHQkETHRe6BiT0+C nl3eOw+yOaY5rUW3R6W44m5oO1rdsxrxCSTlVM6IV/TpFXfeKTPUyVQT1YWDAPU5 MPBm3tPxfhzz4h7hkrfxxE5z+FzzC2P2LMGJI1wXA01jybyl1jRbnrqQaPtajV5J KyIKgjhnncupfUHyJ81vu/xsFAOQXj9etvGCRUJcKrRmTU+k5M8= =Usok -----END PGP SIGNATURE-----