-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 26 Aug 2021 21:03:02 +0200 Source: gthumb Binary: gthumb gthumb-dbgsym gthumb-dev Architecture: mips Version: 3:3.6.2-4+deb10u1 Distribution: buster Urgency: medium Maintainer: mips Build Daemon (mips-manda-01) Changed-By: Thorsten Alteholz Description: gthumb - image viewer and browser gthumb-dev - image viewer and browser - development files Closes: 948197 Changes: gthumb (3:3.6.2-4+deb10u1) buster; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2019-20326 (Closes: #948197) A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file. * additional fix in case orientation swaps width and height Checksums-Sha1: 2e34a6d100531e007ca8ab201468037bd90b80dc 4370968 gthumb-dbgsym_3.6.2-4+deb10u1_mips.deb 5045ebfee52a9139319c95527c779468a204784f 684468 gthumb-dev_3.6.2-4+deb10u1_mips.deb 33ad8050b77efe4e7fc4500f9b645ca465bd4456 21134 gthumb_3.6.2-4+deb10u1_mips-buildd.buildinfo 1d5fbbba92817a760f37564f1207eb3b417650d7 797876 gthumb_3.6.2-4+deb10u1_mips.deb Checksums-Sha256: 360d6a69c39d84a195746368bc8d988b3120d38a8bf4d1a0685ad432054b7078 4370968 gthumb-dbgsym_3.6.2-4+deb10u1_mips.deb 333457d31a88e5a2fe63b62fe1506774bd2a566d50e27259766b6a80a33b3819 684468 gthumb-dev_3.6.2-4+deb10u1_mips.deb 014ca7be537dcd0a8153571a9199eb1b97eccf4f3e6e017f7c3ca315985df35b 21134 gthumb_3.6.2-4+deb10u1_mips-buildd.buildinfo b217bcad90e226f8531e54c729e1c62df65faa2cad58f369de09c277a2683a6f 797876 gthumb_3.6.2-4+deb10u1_mips.deb Files: 2df6b149b66cb14b8a887f1d1e564fe9 4370968 debug optional gthumb-dbgsym_3.6.2-4+deb10u1_mips.deb ca5d5aca9bf0a6bea68c3ab84a8e0838 684468 devel optional gthumb-dev_3.6.2-4+deb10u1_mips.deb 787f6af26bbc5828a1f1a6fa37ba88b8 21134 gnome optional gthumb_3.6.2-4+deb10u1_mips-buildd.buildinfo d55239320539c292303e178fa4a27106 797876 gnome optional gthumb_3.6.2-4+deb10u1_mips.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEhnMg2w1ioN6Y4CfNHxQ53MmvhPIFAmFPjg8ACgkQHxQ53Mmv hPK7cA//VV6XAnKOE2H8MEOh2MeSu0YFcinc384+GsqWuGY7JVeasB1LHMDi2/km 0blW8SbZMqncSTmS6GVdhv67jl4irBWw2Zbptcxl+eMVOMTpZQfEWcCwSGZlVZhJ QfUcuWlsylT6pMC5N1pw7sk2IeiC56hRSnTCgICdmFXmWmKQijN9wNhABeWYtpb2 ABv2Y+UOxMCX2TRPiTdhC6gbhh9ESLnUeanoNRFQTJuB/oWBwv9iji6UwBhGWJ8E r7/zZpxPApSBePDky43xb2ILyiMmvc4rVFjeCLt6dry9XQJIZIHoiVrWt8NU9GMc oBy0V+Ux8jCgDCD/7gvwjhYiVyb8KaxIipWgkglo7ztYxOKllJ2zBJl+2qAsegZD R36+TL5+0zhtA1C8zYhZxJqGHiGXI4jn41WKnfEVKSS/itWLYjQ+MHUi00WDEZoq tY5G8ZH395vpi7jX2rFT+WWEBwXu353O1mWU/j2GYH5zgydABy9kkrjO5HXjkxf0 ac00ArvWBw7FVnU5LGusD0jpbEKhm60lRrAVSCyOVluwB1b8pVPSO00bsF4/PhGO HLVxdtRzJoAxqIlDqeFLRI+sixUBPbf38rPh6N06/ZjG0n8gs2le3n2hy5MgludJ Zi3li71wNvnnQhOJpiizP4nff00VPPAKQkDZ8JBZED+ovpWwa8E= =MhZa -----END PGP SIGNATURE-----