-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 11:59:05 +0200 Source: libxpm Binary: libxpm-dev libxpm4 libxpm4-dbgsym xpmutils xpmutils-dbgsym Architecture: i386 Version: 1:3.5.12-1.1+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) Changed-By: Julien Cristau Description: libxpm-dev - X11 pixmap library (development headers) libxpm4 - X11 pixmap library xpmutils - X11 pixmap utilities Changes: libxpm (1:3.5.12-1.1+deb11u1) bullseye-security; urgency=high . * CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer() * CVE-2023-43789: out of bounds read on XPM with corrupted colormap * Avoid CVE-2023-43786: stack exhaustion in XPutImage() * Avoid CVE-2023-43787 (integer overflow in XCreateImage) Checksums-Sha1: f98cf6c7b65a25d85ca73d1b2e44f70ca737c5de 107688 libxpm-dev_3.5.12-1.1+deb11u1_i386.deb f95eb70bb2ae5a463188b7b713b1b7525c1a74ef 90716 libxpm4-dbgsym_3.5.12-1.1+deb11u1_i386.deb aa35cb0ca10ed3b555c9cf206831ebb340619573 51664 libxpm4_3.5.12-1.1+deb11u1_i386.deb 4b7963c187a49bb3fd2d024cb935b8a28dfdbd60 7804 libxpm_3.5.12-1.1+deb11u1_i386-buildd.buildinfo 0857acd83b5cc9c1eb9308ed5bdeb9e55d318ee8 50552 xpmutils-dbgsym_3.5.12-1.1+deb11u1_i386.deb 4580e0e7f4b6d0b6a775e1e0bfae7e5ab67a7091 40752 xpmutils_3.5.12-1.1+deb11u1_i386.deb Checksums-Sha256: f239cbd234aa9a2433b6a1ff69dd180b298eb9b07024dabc08ddf2708426519e 107688 libxpm-dev_3.5.12-1.1+deb11u1_i386.deb 5b18d2ce0a88a34aedb655648c80da5e2d3dd3cc2ee972402180774b527463e3 90716 libxpm4-dbgsym_3.5.12-1.1+deb11u1_i386.deb 142935c2feb418d10ad3d0184d3514df2a327595d0cd748404628c922c32df10 51664 libxpm4_3.5.12-1.1+deb11u1_i386.deb 5a80d72fc6d8df0f9e68c9f276cb949fcc8945f7eeb561967e4c3f5350ee223e 7804 libxpm_3.5.12-1.1+deb11u1_i386-buildd.buildinfo 91df183dba7ca57b1b20e198c390db12689f152b7d1d20ed3639e0359d1b7874 50552 xpmutils-dbgsym_3.5.12-1.1+deb11u1_i386.deb 1641ddef4f741be40ebf18c258e863dbb86b0bcf16115da082ceaf1ec1c7b83c 40752 xpmutils_3.5.12-1.1+deb11u1_i386.deb Files: 03c9a5019ab6fb977091d19f433a24b5 107688 libdevel optional libxpm-dev_3.5.12-1.1+deb11u1_i386.deb 077a6e371524422a3533f928e012e4a8 90716 debug optional libxpm4-dbgsym_3.5.12-1.1+deb11u1_i386.deb b3216fb3fecd833362d785c0ffb3a99e 51664 libs optional libxpm4_3.5.12-1.1+deb11u1_i386.deb 8451c519aff0b198b06e5892c28cf76a 7804 x11 optional libxpm_3.5.12-1.1+deb11u1_i386-buildd.buildinfo 9a649726d257f92fd3cc54ec35b5636a 50552 debug optional xpmutils-dbgsym_3.5.12-1.1+deb11u1_i386.deb c276ddd231f516eac87b36675eabc7ca 40752 x11 optional xpmutils_3.5.12-1.1+deb11u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOtJZa9Q/HRv7PgxxkF7E12VCox0FAmUb7UAACgkQkF7E12VC ox0mVBAAlAwasr2wrC7hgFl1Mo0EXNJQWHk4nGBg6w0fLP5R2at6ShFJVYhbtWMp qFBNf1SOi67ir27DwqaNg1v/DS+iDRWbQ7EF4WWqMyV2lW/h2y7l05gI1x+MJ2QA juu7BqayNHjnOLA0Qo4cxYl7C/UdH11TXEZK3+waxPxwmYGDDMvKgd5uL9qFv+LW W9cWiwJ3TvUvTGPJkP9qgo7Sfr8iVpwr4ynLG5fD+o+93VYNiubwyJBdLMx/2T0y Q2j58SuRAMM7G8ajkvMj6T+WYkonK5/+bylq5q5Yp9KynSGXTLPeeHYGTsc5tn87 2Pc6OqhV4hxOdVd9Cr+ygO/8UraBnMcyaaTCOwFXstKkhBF3xap1LL4aGrt6vDSh hfUbLf2AT1KCviiomWtLWNmV6xozHuEn9g+Fm0O9MdQ+jGNUEJq/JGHfIRgGhseU b/iG6HUIVR0L6rDJKGsf1a7oRzcmmK5D1Kkyw41SFtAWVagvJycv8ATfQSt9K0kw n1vBn03vZthF+saKEs72514SDIr16vgwZjhQAO27jQDcF9a5VEmnAC50oFasZYvz bGeGR9tpky5PeDKHc9+6ZV5U9pGDUMz6yrHFHDdbpyumJJO6peK1ngWiwKISPxlJ U7pODJ4HLhJdiE6VIE15y1A68jBbANCvdKEBNJaxU4Dl0FkR8to= =4jKy -----END PGP SIGNATURE-----