-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 26 Aug 2021 21:03:02 +0200
Source: gthumb
Binary: gthumb gthumb-dbgsym gthumb-dev
Architecture: i386
Version: 3:3.6.2-4+deb10u1
Distribution: buster
Urgency: medium
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
 gthumb     - image viewer and browser
 gthumb-dev - image viewer and browser - development files
Closes: 948197
Changes:
 gthumb (3:3.6.2-4+deb10u1) buster; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2019-20326 (Closes: #948197)
     A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg()
     in extensions/cairo_io/cairo-image-surface-jpeg.c allows attackers to
     cause a crash and potentially execute arbitrary code via a crafted JPEG
     file.
   * additional fix in case orientation swaps width and height
Checksums-Sha1:
 c1831dd649bbff1c1cc5dc46db31f35482254fcf 4012952 gthumb-dbgsym_3.6.2-4+deb10u1_i386.deb
 01cef997ce728a3f44e3310684cd30e1009d6842 684864 gthumb-dev_3.6.2-4+deb10u1_i386.deb
 4ce2599249f41fb50561d0cea69df354df94ec0c 21311 gthumb_3.6.2-4+deb10u1_i386-buildd.buildinfo
 ae082dbfed899b2f35e444913608ebadba34ceb1 1016580 gthumb_3.6.2-4+deb10u1_i386.deb
Checksums-Sha256:
 6b68a77b8a6848546edfdbb36ff22beea77790004c8545824554cae379539937 4012952 gthumb-dbgsym_3.6.2-4+deb10u1_i386.deb
 991f8b0d793d4dbfa852f9b15878c4edae46e98a42ee9e4ecb3d99c703bb8806 684864 gthumb-dev_3.6.2-4+deb10u1_i386.deb
 b9dd901ac6b33da57f8e2188c35e04284ba9db5104908d3abdbd4299c3a7e3df 21311 gthumb_3.6.2-4+deb10u1_i386-buildd.buildinfo
 e6230fb5f1521682cbf6a420dbb4e418e692d4c2b0d7c169473ab84d252df010 1016580 gthumb_3.6.2-4+deb10u1_i386.deb
Files:
 732c51049988085b81a746848c247d0f 4012952 debug optional gthumb-dbgsym_3.6.2-4+deb10u1_i386.deb
 f4fd8024777a166df39115842baeeb62 684864 devel optional gthumb-dev_3.6.2-4+deb10u1_i386.deb
 bad7e60097b371e589e2a091be9dc996 21311 gnome optional gthumb_3.6.2-4+deb10u1_i386-buildd.buildinfo
 a24ff4ba56e312d9654c9fb3e36332d6 1016580 gnome optional gthumb_3.6.2-4+deb10u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEVvgiDm0iTi84B8TiOTy2rP5qAaMFAmFPknEACgkQOTy2rP5q
AaOwsRAAoiznKOImrCjmRyrsxAl5fNaNZBT5w6CyMUo+8hD9LJAj0m3ppt4up4bm
yV1DnBaoCOz9k8o5kM3nJUwHmoCLbavejGYyWqLmC+y8WgfCw6FywcdOv1RGtcKp
4yOsJ0V8VVZU1lYtxmQgLsl0aWEEJKatqn6BNiEDDw++i6ej6xHWK17gfGDNu0H2
Gss5kk9rm3mQkyxH7mF/gPGU1ys1lV/V/O4beNxkU5+NdEto2cWeX6WcbIrbhqXV
pP35t2ADMdJpb0rwPoJ1l8Pdzyg3iaSCGcn2acwiqPZaKkWgajSUGX5KQW3y77Lo
ApX1r2yhnhEHDVx+nnLAzbSCLFdEQpcY9B1G/5+nBoXsBEmizfhtbRWfME9XGJVE
4Bcp/Ai76c6ILGyifGBNGlUzLME2HLJniWPmbO7c+4hsf6FRHSNwGSLci9I/PB0n
kTNxtyUQXjv9OyGMD+svx5PiTuhWeAohngG5AMSnD5TN9mJPifQQdSHQTSUkCBIS
P1oP0TLDsyrix0dso7eeRjJHAuIBFBfTpgPmecRDvoL+VVtbudo6WU9cSu8iVKVB
BnKt73mgDNSAWzzsrslxIvOxIxrgwm3KbZaFFhDOGm6kN3mrrf2I0Od/X2Fb6rj6
73Alj2cKrt0bfeNZvwcmr5Ybm1Cp8M28xmtNYOIwRkY+Y2Nz8vs=
=+Ifv
-----END PGP SIGNATURE-----