-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 11:59:05 +0200 Source: libxpm Binary: libxpm-dev libxpm4 libxpm4-dbgsym xpmutils xpmutils-dbgsym Architecture: s390x Version: 1:3.5.12-1.1+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: s390x Build Daemon (zani) Changed-By: Julien Cristau Description: libxpm-dev - X11 pixmap library (development headers) libxpm4 - X11 pixmap library xpmutils - X11 pixmap utilities Changes: libxpm (1:3.5.12-1.1+deb11u1) bullseye-security; urgency=high . * CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer() * CVE-2023-43789: out of bounds read on XPM with corrupted colormap * Avoid CVE-2023-43786: stack exhaustion in XPutImage() * Avoid CVE-2023-43787 (integer overflow in XCreateImage) Checksums-Sha1: a67248c387526620d29e978f0fbcc5c3e50efb33 103648 libxpm-dev_3.5.12-1.1+deb11u1_s390x.deb f12aa7180395c6a2e259fe4c49e730fa9c073114 103044 libxpm4-dbgsym_3.5.12-1.1+deb11u1_s390x.deb 5dcca2a1f0ef463faadabf91596fa1b75faaebd0 48076 libxpm4_3.5.12-1.1+deb11u1_s390x.deb fbcbee2005c3339618dbf8c61644d7e3caf92ccb 7813 libxpm_3.5.12-1.1+deb11u1_s390x-buildd.buildinfo d10b2f54ec763aac086d5a1bcb69bae961aee85b 55088 xpmutils-dbgsym_3.5.12-1.1+deb11u1_s390x.deb d1877c4552fdfc216356f8dcbb48f3dac8a14cef 38892 xpmutils_3.5.12-1.1+deb11u1_s390x.deb Checksums-Sha256: 78ae60a1e329836d484c3bfe2b030deb1b216dd8acfada145b03409561803ea0 103648 libxpm-dev_3.5.12-1.1+deb11u1_s390x.deb 63e33ec590d4aa6c68cb0bba5c509b2cc6d628fdd82e14ad613414178b0a6213 103044 libxpm4-dbgsym_3.5.12-1.1+deb11u1_s390x.deb 60e5cf1312410ff94353ed714c8cd82874a778a9d4d2ab1af2cf9fe777bf2204 48076 libxpm4_3.5.12-1.1+deb11u1_s390x.deb 9fc4b387398cbe2eb0e3ba9c466c2e002520efaf6c29d0efad9ceab540577013 7813 libxpm_3.5.12-1.1+deb11u1_s390x-buildd.buildinfo aa54ca1a5585ab5802d21ee7cdf9bb08fc9e7eacb6cf1e0e65e93b303ef13116 55088 xpmutils-dbgsym_3.5.12-1.1+deb11u1_s390x.deb 95870975d47cc5fca8d2b008818c33582cb1f7a2c3a3ce01029b061d429dec67 38892 xpmutils_3.5.12-1.1+deb11u1_s390x.deb Files: d683f95d9503c2d39f8ad9de55150a08 103648 libdevel optional libxpm-dev_3.5.12-1.1+deb11u1_s390x.deb 0c102770d943ab7b9ae9c06d4d5f7677 103044 debug optional libxpm4-dbgsym_3.5.12-1.1+deb11u1_s390x.deb 41b913f8af9371466d97ffdbb31bba4a 48076 libs optional libxpm4_3.5.12-1.1+deb11u1_s390x.deb 53ba9603153f46e5fca501963fd8653d 7813 x11 optional libxpm_3.5.12-1.1+deb11u1_s390x-buildd.buildinfo e828463dfab194ea9949cf3665302faf 55088 debug optional xpmutils-dbgsym_3.5.12-1.1+deb11u1_s390x.deb fd3e529977d5a4644921847f718575b4 38892 x11 optional xpmutils_3.5.12-1.1+deb11u1_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEETdQgQHyJW2hcXsTC6b+AMjGgQHgFAmUb+DAACgkQ6b+AMjGg QHi3fw/8Dw2coMAyKED7K9TpFe2/cirlXOfSjP5VJZxFH0P1qu2H3Dy5/JnN7mKN qPtMeVg4UgpBWlhNHytlVWojKqEr2LnDApGk3W2GSGDnyiQKtJ00ljbvrk6vuawZ HsLNPElK91vZ140Oqd04/bluJtzjoYXNdzYQYLbuPjkDzi4lgnwMyJSrLz4xTHD2 Ko7gwclym9iz0491Zx/acarhyXeqKtFHZH6CXQJfVpg8hdwMCX56FIuDRXO7sU1I diQenukGVGg2BZBw0Pdb+4OObFSdCSZOwW7SfGF1uJBwLJNL9VnPeQcHd4cvN0wW Jt+XwviOuuL/GArfpYSsNu8J1QCFdRWZvrl4UMsHx78/pwvh4fo4EY1h8nWGe0uy SAFEbtuQK4ts2lcAJ6oKLtLvyS3XfVffd5Inz/WA6gf51f9C5Z6Ssl/+YxIqu/Nw r4HS2FcOVNJRmPd+UcQ7CiL4XOhtXVRcz8ZF4KGogVcRwdQZv2JMUns/xxRHqkSh s56Dje5o96ymp+k1NfjBH73jTlKc0lKUwEdjBNohF971G8l/jS2quHk6giv5ZfkB Lr8FdVcXDzM+VrXho8dZJI5/OQQ6Fsajm3gKSO/4uobOPRHfTgdRrgLuHDEwDVXW Boh38+Nv/HAwWmxcPgCNLYKXk+bwoW38gCsrt/BHA30qkUbIZGM= =WbOn -----END PGP SIGNATURE-----