-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Oct 2023 11:59:05 +0200 Source: libxpm Binary: libxpm-dev libxpm4 libxpm4-dbgsym xpmutils xpmutils-dbgsym Architecture: armhf Version: 1:3.5.12-1.1+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: arm Build Daemon (arm-ubc-06) Changed-By: Julien Cristau Description: libxpm-dev - X11 pixmap library (development headers) libxpm4 - X11 pixmap library xpmutils - X11 pixmap utilities Changes: libxpm (1:3.5.12-1.1+deb11u1) bullseye-security; urgency=high . * CVE-2023-43788: out of bounds read in XpmCreateXpmImageFromBuffer() * CVE-2023-43789: out of bounds read on XPM with corrupted colormap * Avoid CVE-2023-43786: stack exhaustion in XPutImage() * Avoid CVE-2023-43787 (integer overflow in XCreateImage) Checksums-Sha1: c7fa674f6d35b4f359e186ce62012054f7c7b6e8 100244 libxpm-dev_3.5.12-1.1+deb11u1_armhf.deb ba7548f4b97e50bc2336939b9bc8de4305dee4de 100988 libxpm4-dbgsym_3.5.12-1.1+deb11u1_armhf.deb b8df5702c9b3a6feaf7e0ff5271246080f0207ad 44472 libxpm4_3.5.12-1.1+deb11u1_armhf.deb 3a7ac3b505c4d41b93f223c8e7f18a062717b792 7778 libxpm_3.5.12-1.1+deb11u1_armhf-buildd.buildinfo b6ac2a7c35875ad582a750dc55cd655217df8df0 54576 xpmutils-dbgsym_3.5.12-1.1+deb11u1_armhf.deb 0551ccdeb5d8cf43c159ac5cdd300a6e23124e94 37264 xpmutils_3.5.12-1.1+deb11u1_armhf.deb Checksums-Sha256: a1bb3d291c508de5b646097a13459b40bf823a31e77eb0d9c01fd31d51a30f0f 100244 libxpm-dev_3.5.12-1.1+deb11u1_armhf.deb d6558fd3fd1cac6d5144286daa41e67c65df776df37f9e7e538002223c746e57 100988 libxpm4-dbgsym_3.5.12-1.1+deb11u1_armhf.deb 0c444b0493d80913226210cdf1fe5c614561237737d24a90cd371840a1ffe111 44472 libxpm4_3.5.12-1.1+deb11u1_armhf.deb 259eaceca66204c6751960a9f31713046352f68aa5da834c920a9e79b166a43e 7778 libxpm_3.5.12-1.1+deb11u1_armhf-buildd.buildinfo 1fb9910b9b69e7a85092b9a2690e1e9a7eb75c12e305a04526bd2b0df3ab088f 54576 xpmutils-dbgsym_3.5.12-1.1+deb11u1_armhf.deb 468771e379d097b53665bbd4f4be2f7b3a89af8dd0a2edc549ddb33af6859472 37264 xpmutils_3.5.12-1.1+deb11u1_armhf.deb Files: 0cf5e98511ef999a23ef2d456d29f0d2 100244 libdevel optional libxpm-dev_3.5.12-1.1+deb11u1_armhf.deb 9d529a1253ff520208bd4959c72284da 100988 debug optional libxpm4-dbgsym_3.5.12-1.1+deb11u1_armhf.deb 6bbbbb1ac4fb76c6bcb3d1f0ddcbac7d 44472 libs optional libxpm4_3.5.12-1.1+deb11u1_armhf.deb 9d92222712679a7464649cdaea09ced9 7778 x11 optional libxpm_3.5.12-1.1+deb11u1_armhf-buildd.buildinfo 89c601a1d2663d02fa22e5689659e93a 54576 debug optional xpmutils-dbgsym_3.5.12-1.1+deb11u1_armhf.deb 31cdcd0f23378727afa3f653be927527 37264 x11 optional xpmutils_3.5.12-1.1+deb11u1_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEdkvJoTVAIZVYaO9cyYck2apzqqMFAmUb7jEACgkQyYck2apz qqMKcg/9ElXw2Fe6+9GInXATtduend5uup6R4AYi1mV7zDMvuxtA+t5CNiYNC1Nk ijnzCr4IbvvWTFAY0QqB8d8pBI6uptFrot8zG9d80WAQymB/briAXQ08lik1biXo wLZarltEhrz66uwI4TMSXryeeSY0+0U78yCCqMU/J3JmJCaAATGNBayO2hwVz0tt +47k0wDVp1S0p5k3BoSLjz0UetnzhczovWZoW0sVtdLTSlKC6HnT2wegmK2uP1Aj AfV/POl+ImajDHyMQKMy6+DJ9hdolOLtm0862adiGnfa9oeQ88494P8Okqf08Tbq TUhDLKI1hfq9anipWp2r6GNkCkBgh4Tmm3SynVhWTjOWxYqt8VOb1sEXAwCL/ipM G8UVJLzs+A8BgDY54YZ+Yr5rBALSq8OiJjPvPzpi2Pgw8XpyV2hchJeJ19A/Vb8X kSRTDV8aRJ5bHHjtsCB+KPHx5xymAs9ep6uNeCT+UHGa3oOYvUNGolt6+Qqnv9yI JvxsPT+QwG7dqKcUGJxZWlBsmwAgm/J3w0n5mQERDKxH9pkieeGDQgMTlbP3QiYE E/EzlFuB721rB/6zQuqg6cZ0LdnmEWL51+kpyQTKctHuLYMj3tmlhhaU/su8pN+n Y5d8R2yfCbkmOVwOQkZkKsqykBWgp3ZgkJClyQMILqTu5WU1hyc= =LDMY -----END PGP SIGNATURE-----