-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 11:59:05 +0200 Source: libxpm Binary: libxpm-dev libxpm4 libxpm4-dbgsym xpmutils xpmutils-dbgsym Architecture: arm64 Version: 1:3.5.12-1.1+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: arm Build Daemon (arm-ubc-02) Changed-By: Julien Cristau Description: libxpm-dev - X11 pixmap library (development headers) libxpm4 - X11 pixmap library xpmutils - X11 pixmap utilities Changes: libxpm (1:3.5.12-1.1+deb11u1) bullseye-security; urgency=high . * CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer() * CVE-2023-43789: out of bounds read on XPM with corrupted colormap * Avoid CVE-2023-43786: stack exhaustion in XPutImage() * Avoid CVE-2023-43787 (integer overflow in XCreateImage) Checksums-Sha1: 1bc3f13303d6f773546255431307216da1d08a59 103996 libxpm-dev_3.5.12-1.1+deb11u1_arm64.deb 2b891d004385221af2f9ad22ce3cbf6bf10370d5 103112 libxpm4-dbgsym_3.5.12-1.1+deb11u1_arm64.deb b194e486b4b9df62890cf3157d217a9880138a17 47416 libxpm4_3.5.12-1.1+deb11u1_arm64.deb 42ad815d5b54394a3a7f501570da2004bc11a94e 7847 libxpm_3.5.12-1.1+deb11u1_arm64-buildd.buildinfo 50a988238b33fba8dbd795d27976752c66264a7c 55552 xpmutils-dbgsym_3.5.12-1.1+deb11u1_arm64.deb a976b0d956b4f0d8f57f42ee62e36e74dd3b1ae8 38872 xpmutils_3.5.12-1.1+deb11u1_arm64.deb Checksums-Sha256: 4c311c21180a2005b7739caa5e7dc47679f6963fe143b7cf5d39788832158073 103996 libxpm-dev_3.5.12-1.1+deb11u1_arm64.deb 1ce8dbfa3adaeb3c136ab483638b1705001c75e08fb889e9cdba83c037e17d74 103112 libxpm4-dbgsym_3.5.12-1.1+deb11u1_arm64.deb 83ba23ecaaf3f7b700f1ec2c1e349b5a63f3c8cdceb43cc78eb353e16051427d 47416 libxpm4_3.5.12-1.1+deb11u1_arm64.deb c4616004eeded6a60120e63f0ef862cef8b1776e02317115133ee5d0b23b4702 7847 libxpm_3.5.12-1.1+deb11u1_arm64-buildd.buildinfo 387dfc410aa598ddaec77ba554cff5f9de3f5f6675ca0b2c096bbdddd12607d1 55552 xpmutils-dbgsym_3.5.12-1.1+deb11u1_arm64.deb 4b975d94b7965b88ed1056be76c6ee53b5e372efca74cd689066b24e5c1c87a3 38872 xpmutils_3.5.12-1.1+deb11u1_arm64.deb Files: a3123a7e9bb0fde7174a1a2c15216948 103996 libdevel optional libxpm-dev_3.5.12-1.1+deb11u1_arm64.deb 576fd5ded0c01610f74861cd49b08ace 103112 debug optional libxpm4-dbgsym_3.5.12-1.1+deb11u1_arm64.deb 0076b444d94cb56ce3392cb891139aeb 47416 libs optional libxpm4_3.5.12-1.1+deb11u1_arm64.deb 6f05543c87fa3e37115d71a4fa289458 7847 x11 optional libxpm_3.5.12-1.1+deb11u1_arm64-buildd.buildinfo 6ca2c6471e7f655969a55e4e43a95e24 55552 debug optional xpmutils-dbgsym_3.5.12-1.1+deb11u1_arm64.deb 217a3728e0aaceb0e3fe2684149728c2 38872 x11 optional xpmutils_3.5.12-1.1+deb11u1_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEuIolmszDbgxUhBbrMZO3llZhjs8FAmUb7XEACgkQMZO3llZh js+V+w/9FOeUo4DZISRsSBQpSwfI7nwwnJFSHqexsi1nkYDbGMvFRr+27JU1vzPs 6YxykzG4IStqOtgfquSnj2Y7bOXOQbfw11h/wmrAJnhkr1au4r2U+mxKTVD8m6Ec hnHkEceleNWV8UkOtyYy4dEFNu8OKeK1dS+VzpToByoSMk4JGFVEBLq2VvFg5wLO uwkNRipx4NlTZCPFb1+9rmnpdco7ckoMJ/SaWr5Q9mDos3yu+aLwJLOzedHBxw4Q 9zSsP+xHHw93vAqf/nkVZsKgJU5ekXmYn51ZkOBw3PQEOjPgK3eIIrsCkrK6ZqY3 CNVTIETHsWMVJJ7YZh0Ln0SRjMWLRve18r3DAdrxQcRsBtzPy4xtfmeE1JLsPHZc YxGr7K09LtHlIGKmd0pJKo3YbtedT7rqUxLQthsSjf97fx7Hz8mCrzofQ/EmNpZ9 u5rEUNK/HJNaqEZbWIASAcx6WmaubHq4EfFFH6LxWVDTrJdpeNjnnKq+W0Hw9qBF Tpaij4uNe7iE7JBDfF+vccGUvXPQ2MX+pkCSmpwrTgknID3vuCzjfq6M1jrrxhYq MlUVtSdoX/g03n3UYXs4wXfb8/aPxansjHE+9JmiL0iblqVVCB1ECf4g6pfAqm5M ktk2HyKTPkcAnx5NTLZWzfXQ7ydV5BEevIF2p/+0cu+dO9kWRm4= =gVEH -----END PGP SIGNATURE-----