-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 24 Jul 2021 19:03:02 +0200 Source: aspell Binary: aspell aspell-dbgsym libaspell-dev libaspell15 libaspell15-dbgsym libpspell-dev Architecture: s390x Version: 0.60.7~20110707-6+deb10u1 Distribution: buster-security Urgency: high Maintainer: s390x Build Daemon (zani) Changed-By: Thorsten Alteholz Description: aspell - GNU Aspell spell-checker libaspell-dev - Development files for applications with GNU Aspell support libaspell15 - GNU Aspell spell-checker runtime library libpspell-dev - Development files for applications with pspell support Closes: 991307 Changes: aspell (0.60.7~20110707-6+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2019-17544 It was discovered that Aspell incorrectly handled certain inputs which leads to a stack-based buffer over-read. An attacker could potentially access sensitive information. . [ Agustin Martin Domingo ] * CVE-2019-25051 (Closes: #991307) objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow Checksums-Sha1: 639e59d94f0a46aa5a25c2366c48c7b865674cdc 560880 aspell-dbgsym_0.60.7~20110707-6+deb10u1_s390x.deb c0297e66d6d8c8d5ca9b23a90bd86ea57c990269 7443 aspell_0.60.7~20110707-6+deb10u1_s390x-buildd.buildinfo 8af9e2dfe8136d4be960ff7872f3b5f5c5ed180d 222568 aspell_0.60.7~20110707-6+deb10u1_s390x.deb 21c98149eaa28df7b7e89ddc85586e0af539cfa0 32856 libaspell-dev_0.60.7~20110707-6+deb10u1_s390x.deb bdeb667e0c3c19f70c76806f0ef78ac3d8eee376 2845040 libaspell15-dbgsym_0.60.7~20110707-6+deb10u1_s390x.deb 7f32b26e592ff5456f1a0c7176e4ec0f4bea1096 299496 libaspell15_0.60.7~20110707-6+deb10u1_s390x.deb 90d32593a1482b2ca29f53814382909374b5717a 29948 libpspell-dev_0.60.7~20110707-6+deb10u1_s390x.deb Checksums-Sha256: 21e7d24dac15982ca35e8518357ab651408c28a3aec45c7a7ab0189743f138ff 560880 aspell-dbgsym_0.60.7~20110707-6+deb10u1_s390x.deb 4c9d806e9d2277a051ae27a8d27c6fbea54149d362c9247625427fbf8adf176b 7443 aspell_0.60.7~20110707-6+deb10u1_s390x-buildd.buildinfo c01f6358008675072df5b00ec0b4c0544d16d03b7474305efc1a93fef3631116 222568 aspell_0.60.7~20110707-6+deb10u1_s390x.deb ba78cfb07ef9b77f2ba403e79f074fe615cde90a81f85b99c2ac8f1cea53f8b3 32856 libaspell-dev_0.60.7~20110707-6+deb10u1_s390x.deb 179348248ba20afe4e7a91ca9c0525c7139ca4eecb54f94324b62bb4d44cf34a 2845040 libaspell15-dbgsym_0.60.7~20110707-6+deb10u1_s390x.deb 8b3543981eaae552164abd61c2247e8a54be35ab40e313e1b7aaedd4f2af8d8e 299496 libaspell15_0.60.7~20110707-6+deb10u1_s390x.deb 418071d2a5915759f17e437ebb74bc0cd93c976cf6e0e50322be223b5a22b64f 29948 libpspell-dev_0.60.7~20110707-6+deb10u1_s390x.deb Files: c2839fcaae58796ba829652c7035a005 560880 debug optional aspell-dbgsym_0.60.7~20110707-6+deb10u1_s390x.deb 87903d3d0742b4f74df2dd28612f7b1c 7443 text optional aspell_0.60.7~20110707-6+deb10u1_s390x-buildd.buildinfo 8e35a85f408039f939244ea29f15fc24 222568 text optional aspell_0.60.7~20110707-6+deb10u1_s390x.deb f00a92910e7e52597d2b35f27da58131 32856 libdevel optional libaspell-dev_0.60.7~20110707-6+deb10u1_s390x.deb a3a647c903f749808119f6e09d375f8b 2845040 debug optional libaspell15-dbgsym_0.60.7~20110707-6+deb10u1_s390x.deb a7d0e4415bff81266fa5f4a22425ebe0 299496 libs optional libaspell15_0.60.7~20110707-6+deb10u1_s390x.deb 39f62213ef30f5e83ed0b260d4d9f2a7 29948 libdevel optional libpspell-dev_0.60.7~20110707-6+deb10u1_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEojOFpcHXAua7nE2yC6cttUtB7SYFAmEEiqgACgkQC6cttUtB 7Sa8Wg/+LpH24UNhmCBjMVznGBq3PjF48fGNmIvTM45XBR54QYHwZxM9ITOueYE8 jVrmciTyBR2919oTiqd0xjJiUSAmInijUC813FVYFUe0ycNVUqbA0Q8S617/IFe2 7iFFXcafZOH9wPEqlGWIkt18XjOo41/fBLNA5/c6KK07UwNA4bx8YAG8S8swuvL7 N0Jz7UcmiFLaqd8fJx/0oqG2yl7v26XAzmBJNM85Fd2Ovk0p4Mw12RfAOIar/wAf FeK+V61r+U6Sur73U2UNQBB72lSuD0Z8b3a0/EfnBhPOVeWlaxIv/nr4vyjmfLJ0 vv4i4w/aQdoRc7SPYmU8Ib94Yq0n+PSxJFOeyHfyuhwAwlFcwGs8iE2HD4naLTFd Eg5VAaE24JkvwEM2dHmtWXAiYZJKwx9bRKEGIu88UXgkYQ1mdzrgK1GV4fSWvgmw ulpwZeLMiK4+L+sII/m1+HABTjC7cRq9i1fI4byjYjBM/OWtoTxeUgcwWwaP5Lf2 sqcIX61xiLNlL7MmNC9zk2sqcbcFOZPkpi6Cl+2pPzaQ7UfXFb1fbbNF+IrF149u dLeAiJJJCya2kafOUAC8W1LIWL+1oChqvWDHzaQV4rWTHYnDB4S6jPjZD8lUucSv sYF0TO4ULXR6t/z5dk5piTKYyjRMRn+5FCDhNrqdfo0S4lOST3g= =8HDL -----END PGP SIGNATURE-----