Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Hi Please unblock package jbig2dec It fixes three CVEs (which as well were addressed in a DSA): https://www.debian.org/security/2017/dsa-3855 +jbig2dec (0.13-4.1) unstable; urgency=high + + * Non-maintainer upload. + * Prevent integer overflow vulnerability (CVE-2017-7885) (Closes: #860460) + * Prevent SEGV due to integer overflow (CVE-2017-7975) (Closes: #860788) + * Bounds check before reading from image source data (CVE-2017-7976) + (Closes: #860787) + + -- Salvatore Bonaccorso <car...@debian.org> Tue, 16 May 2017 20:08:21 +0200 unblock jbig2dec/0.13-4.1 The full debdiff is attached t othis mail as debdiff against the current version in testing. Thanks in advance already, Regards, Salvatore -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init)