-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 03 Oct 2023 11:59:05 +0200
Source: libxpm
Architecture: source
Version: 1:3.5.12-1.1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Julien Cristau <jcristau@debian.org>
Changes:
 libxpm (1:3.5.12-1.1+deb12u1) bookworm-security; urgency=high
 .
   * CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer()
   * CVE-2023-43789: out of bounds read on XPM with corrupted colormap
   * Avoid CVE-2023-43786: stack exhaustion in XPutImage()
   * Avoid CVE-2023-43787 (integer overflow in XCreateImage)
Checksums-Sha1:
 0b3a62c31960ea86b06c6a56e2c2959d02a48c2c 2133 libxpm_3.5.12-1.1+deb12u1.dsc
 c837dfca61080a40031a3d9a83ea284acb619ab7 529302 libxpm_3.5.12.orig.tar.gz
 d8eb5bfcb0708b31f43cc5af1deb1e4f43438959 22630 libxpm_3.5.12-1.1+deb12u1.diff.gz
Checksums-Sha256:
 a7e5148f8f701fb719f1942ce2586f67d2e8a80aa8f543c3a7a943680476b5fd 2133 libxpm_3.5.12-1.1+deb12u1.dsc
 2523acc780eac01db5163267b36f5b94374bfb0de26fc0b5a7bee76649fd8501 529302 libxpm_3.5.12.orig.tar.gz
 4ff8a893db351f9a3ab9528bba3f697ca987c567217c35186d10e9d8363dcfc4 22630 libxpm_3.5.12-1.1+deb12u1.diff.gz
Files:
 586a341c030f545b963cc28bd1f747b0 2133 x11 optional libxpm_3.5.12-1.1+deb12u1.dsc
 b286c884b11b5a0b4371175c5327141f 529302 x11 optional libxpm_3.5.12.orig.tar.gz
 ba4fc857da6a5c0681ce63cdcb49c440 22630 x11 optional libxpm_3.5.12-1.1+deb12u1.diff.gz

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEVXgdqzTmGgnvuIvhnbAjVVb4z60FAmUb5ngUHGpjcmlzdGF1
QGRlYmlhbi5vcmcACgkQnbAjVVb4z61qyA//SBIx97OWcKSx7vRWc4twwAd1ovpy
B+q+Op5Q+9eBfUHGXcw5ZDUghwKnbUYZv0+ZG3w617TGNAd6bx9u6NHgeY1/UwEz
r070O4J1EW06a2DUXsB6hPzP6dffJUZdw9QQ9zQxDyr2bwUeFku+avQROVJQVzYc
sEKn/5KkLyj5Pjp14yRdf7xjmDlJD/5t2G2gaBJcn6XhH6Zo9PH/s/hpY832T7a8
toGLvBc9f8/V2MiSqoTACJ7NPjXQWSxXV4QJj2h9vfAYs7pdaZTdHsuqQeeM9slh
81OgwRDA/g60IUIgMm71A/j5+f+EJd3Fioe3wcUhantYSxxFBmwAAJdzC82Wmwi6
7/QhmHngguZHzTRB5YH3LneITjYEuunM16Y54P+yaQw69lOZkjHnaMgiCvflGZVQ
wEfgiUeG2IWxcVvg4gC/64onDLgb6xlLx9U41NYwrwRaLYetpwTcioq54qZWt+Hx
77w80WyCt1Uh6bhXjq2LAcA4svn2/pqCWdbvavVhRZ28D7lBrzAJalpshRMXWlP+
ozbbtUDPo7a7J+px/KztCTjmcKpAOqszI+xpDnbHW2iUG6QlmvLVDZEccEEc02xf
7FMsowj1PXdxEUtfF4cqBbYlp4mZ7JXmEmux/P5ZgyAVBZh5MWwuUifj0avq0glS
zXhtF9ZvYsEwz5o=
=IOYp
-----END PGP SIGNATURE-----