Accepted libphp-phpmailer 5.2.9+dfsg-2+deb8u5 (source all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 27 Dec 2018 09:46:16 +0530 Source: libphp-phpmailer Binary: libphp-phpmailer Architecture: source all Version: 5.2.9+dfsg-2+deb8u5 Distribution: jessie-security Urgency: medium Maintainer: Debian PHP PEAR Maintainers Changed-By: Abhijith PA Description: libphp-phpmailer - full featured email transfer class for PHP Changes: libphp-phpmailer (5.2.9+dfsg-2+deb8u5) jessie-security; urgency=medium . * Non-maintainer upload by the Debian LTS Team. * Possible regression update for CVE-2018-19296.patch: Removing accidently added DKIM_private_string which introduced only from 5.2.17 Checksums-Sha1: a73c9511f0db9d42974bfe6b4cf38cab7f58e8c7 2155 libphp-phpmailer_5.2.9+dfsg-2+deb8u5.dsc 17f9c7b40747f1a8189a09b3d03946e0bdeed8cc 9232 libphp-phpmailer_5.2.9+dfsg-2+deb8u5.debian.tar.xz 9542ae38c0387ff2c69a9077b7a32e446c13b28b 131792 libphp-phpmailer_5.2.9+dfsg-2+deb8u5_all.deb Checksums-Sha256: aa0edc34828d1d439c4d53ba1e0fa860504823f898d78e74d3db0de8622cd82f 2155 libphp-phpmailer_5.2.9+dfsg-2+deb8u5.dsc e1e08057158536187e001aff25ea91d60f062ea2a3064838be81c12cb4a3ea9c 9232 libphp-phpmailer_5.2.9+dfsg-2+deb8u5.debian.tar.xz c9bd1dcd09524c7ec57806d3f44ac68b3283adf2167023438d4775da6087a5bf 131792 libphp-phpmailer_5.2.9+dfsg-2+deb8u5_all.deb Files: 244fc8a4ace2d92e388ca4c42ee9fedc 2155 php optional libphp-phpmailer_5.2.9+dfsg-2+deb8u5.dsc 0d4ab1d9cf78a7d94ac38fde31395f8d 9232 php optional libphp-phpmailer_5.2.9+dfsg-2+deb8u5.debian.tar.xz 8caec5e2ceb6c16102443e0bfb8ab15a 131792 php optional libphp-phpmailer_5.2.9+dfsg-2+deb8u5_all.deb -BEGIN PGP SIGNATURE- iQJIBAEBCgAyFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAlwk8tEUHGFiaGlqaXRo QGRlYmlhbi5vcmcACgkQhj1N8u2cKO93Sg/7BS/qhpMUiYucAWK9kNdgB+1QxcDE xtlZV15Gf3RtVeQwXmsG0WrH2ZbVQw+GZJRZNKZ30ZPMO6EciOxht1o0p6hcxkiD d/Cp2/AilNvkBJAijTzP6eBZHvhyW8proBNtbT4L547ejyz0PCy3YAGfDzqZgNLE eOT5Oz/BupL4kmkQ/bt+Q02UNzw0B4wIbDXbbPfvp8BBCw1m+WwtiOlbTbB8yrHe W91FhBZvnGCrjSgpTNqY3/AfPSmlv7IqoAS8zBPN4WSkTkbWgjMalPLu3GlKdKGk Xuu+lEPubmj4CHYz/wpRgwtL4T9lajwIGmBFeDLvNvw0GaEGrPdBU7KWf3Ik4VMF liN8uU6E1UYWxazB58FZaUuTUxWTSqn3+RG7rfj42HAaIGUsRJh3SmWqYDt6XQXQ /r/GDguepdS6xmpUKkPxAMJtCHr1/+cnmxvvlpy8JmpZEt593V2UEczgUodpoMvC lRjOZoVYq8QGOdxhTw/Yjs1NheTx6BIwGF7SibgXq5t6UTxqvkuvAAw4K4gP/HXb nUO874KBBO7WLfwHTiskxQD4bNbOvqh5MPr8BqQ+Ux2ysmy02aTJmdd1CfSZP9NM TA1oDJsFcq3czH0EGW7kd6ABMNuvtDWMGei7Nv5Q0v3ibr03Zm3pJ9XDCOAL9sOi XjYIiLM1vUcMWF0= =5JFo -END PGP SIGNATURE-
Accepted graphicsmagick 1.3.20-3+deb8u5 (source amd64 all) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 26 Dec 2018 09:51:39 +0100 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick3 libgraphicsmagick1-dev libgraphicsmagick++3 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: source amd64 all Version: 1.3.20-3+deb8u5 Distribution: jessie-security Urgency: high Maintainer: Laszlo Boszormenyi (GCS) Changed-By: Hugo Lefeuvre Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick++3 - format-independent image processing - C++ shared library libgraphicsmagick1-dev - format-independent image processing - C development files libgraphicsmagick3 - format-independent image processing - C shared library Closes: 916719 916721 916752 Changes: graphicsmagick (1.3.20-3+deb8u5) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2018-20184: heap-based buffer overflow in the WriteTGAImage function (tga.c) (closes: #916721). * CVE-2018-20185: heap-based buffer over-read in the ReadBMPImage function (bmp.c) (closes: #916719). * CVE-2018-20189: assertion failure in ReadDIBImage (coders/dib.c) (closes: #916752). Checksums-Sha1: a2e79241ff734a350550325f38d593ed74d166ea 2457 graphicsmagick_1.3.20-3+deb8u5.dsc 5a73dc055bcb47ad2d94e1b164a1f31c5443c388 209136 graphicsmagick_1.3.20-3+deb8u5.debian.tar.xz e7484046147bcc1928389c9371a4f7dda911e84d 796882 graphicsmagick_1.3.20-3+deb8u5_amd64.deb ae7dde337fe227e6049ac50fb9fc130e9cf0a7a3 1105084 libgraphicsmagick3_1.3.20-3+deb8u5_amd64.deb 31299e16ffeb1e5f274e0617713f04f601698ffa 1291966 libgraphicsmagick1-dev_1.3.20-3+deb8u5_amd64.deb 7a45223cd455965711adbe08f50d08299bd3e994 119420 libgraphicsmagick++3_1.3.20-3+deb8u5_amd64.deb 4f0ccfdc0ec1d9b3c1af3e5317c55bed834d853a 301640 libgraphicsmagick++1-dev_1.3.20-3+deb8u5_amd64.deb 0e4f5db71c9bb0324ee8788c378af0acf311ae3c 77496 libgraphics-magick-perl_1.3.20-3+deb8u5_amd64.deb c4f60cff58b3eefb315a41364f036dfc49758274 2221078 graphicsmagick-dbg_1.3.20-3+deb8u5_amd64.deb e224a5542c4352c875dfe8af4c041cd2fe793d28 29384 graphicsmagick-imagemagick-compat_1.3.20-3+deb8u5_all.deb 3d7271b13154266f9bf69c5acd46ec4b775df888 32890 graphicsmagick-libmagick-dev-compat_1.3.20-3+deb8u5_all.deb Checksums-Sha256: f7be7295571ea11835f37a2ee4d3501b668f37cb3e8fb53c9095c1b02089f138 2457 graphicsmagick_1.3.20-3+deb8u5.dsc aa6b05590d659a5b2101d4b60a82cd81917bece632b8b5930f18b884432ea643 209136 graphicsmagick_1.3.20-3+deb8u5.debian.tar.xz d415812b2298c8db9935be2e24a9296911e2b3032d5c98272ec4c89f3d12cdbd 796882 graphicsmagick_1.3.20-3+deb8u5_amd64.deb 59e97cd1be859b2b252c14bf2bb886cb35d9658a920ed2e99bf40f0ef634891e 1105084 libgraphicsmagick3_1.3.20-3+deb8u5_amd64.deb bd911840b1bc5895f46b306dd6db69f773ee28c70793dcaf2eb894183e1cd2ee 1291966 libgraphicsmagick1-dev_1.3.20-3+deb8u5_amd64.deb 8d555423f021ef07c46231a28e5a45199d810e17a3638b986d1a70a258622864 119420 libgraphicsmagick++3_1.3.20-3+deb8u5_amd64.deb c9f3bbcf6486d0e81f19a5b40cf309d8f205dd3bce3eef0df370b84156b932af 301640 libgraphicsmagick++1-dev_1.3.20-3+deb8u5_amd64.deb 4b9d32853f8bb32ca323703db7e683d28cf4157f58aebc9ce5f20615fea7b748 77496 libgraphics-magick-perl_1.3.20-3+deb8u5_amd64.deb 559081b11d304beb0e6358e8c0a31480a18ef78449830bad4984defe43eff629 2221078 graphicsmagick-dbg_1.3.20-3+deb8u5_amd64.deb 875e2db18feda255cc0b8aa92c82169dbb303f8a5b61980147c1fd5cbfdfd635 29384 graphicsmagick-imagemagick-compat_1.3.20-3+deb8u5_all.deb 762ee306967cd656cdfc68c828ad88323e3eaf8d0dd205ffbd2b8176f3014ef9 32890 graphicsmagick-libmagick-dev-compat_1.3.20-3+deb8u5_all.deb Files: a269221c3d6b3a2b591e695746d62a59 2457 graphics optional graphicsmagick_1.3.20-3+deb8u5.dsc 7631f32a154a910d9eaec6b7be0b7e1a 209136 graphics optional graphicsmagick_1.3.20-3+deb8u5.debian.tar.xz f24c7b2d9a23459d6e1fe73f8728d7ef 796882 graphics optional graphicsmagick_1.3.20-3+deb8u5_amd64.deb 73d3e50c98133a83ba941f54b1a43be8 1105084 libs optional libgraphicsmagick3_1.3.20-3+deb8u5_amd64.deb d5f48c3a5a4f19cb5c4557a590bf1bcf 1291966 libdevel optional libgraphicsmagick1-dev_1.3.20-3+deb8u5_amd64.deb 4e297730ae9d4de837d3cc265ee8891f 119420 libs optional libgraphicsmagick++3_1.3.20-3+deb8u5_amd64.deb bf41fa3068f68bbc0fbefcac14f61087 301640 libdevel optional libgraphicsmagick++1-dev_1.3.20-3+deb8u5_amd64.deb d6b5a928ceef21b5cb35f4b154d67feb 77496 perl optional
Accepted ghostscript 9.06~dfsg-2+deb8u13 (source all amd64) into oldstable
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 27 Dec 2018 13:26:27 + Source: ghostscript Binary: ghostscript ghostscript-x ghostscript-doc libgs9 libgs9-common libgs-dev ghostscript-dbg Architecture: source all amd64 Version: 9.06~dfsg-2+deb8u13 Distribution: jessie-security Urgency: high Maintainer: Debian Printing Team Changed-By: Lucas Kanashiro Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati ghostscript-x - interpreter for the PostScript language and for PDF - X11 support libgs-dev - interpreter for the PostScript language and for PDF - Development libgs9 - interpreter for the PostScript language and for PDF - Library libgs9-common - interpreter for the PostScript language and for PDF - common file Changes: ghostscript (9.06~dfsg-2+deb8u13) jessie-security; urgency=high . * Non-maintainer upload by the Debian LTS team. * Fix CVE-2018-19134: the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue because of failure to check whether the Implementation of a pattern dictionary was a structure type. * Fix CVE-2018-19478: Attempting to open a carefully crafted PDF file results in long-running computation. Checksums-Sha1: 62a894400dc740c0b70a1b14b02c970243508179 2896 ghostscript_9.06~dfsg-2+deb8u13.dsc 0599b1ceb95f6b0215c4db0031645c9f2a5f8542 18454793 ghostscript_9.06~dfsg.orig.tar.gz 59bd1ae67d4ae4e0e7279d7cf837a95ce93b268d 152804 ghostscript_9.06~dfsg-2+deb8u13.debian.tar.xz cd1146b0cb1c605e2b1e55f5f54f1aad7e3b74a5 4956496 ghostscript-doc_9.06~dfsg-2+deb8u13_all.deb ab691c66db5a83666996d818b23c9f55b5708ec6 1972516 libgs9-common_9.06~dfsg-2+deb8u13_all.deb f18811adec798031b4acfea526797433c7429b5a 85788 ghostscript_9.06~dfsg-2+deb8u13_amd64.deb 8aaa9a841f42c4aa0ada059e10dddea09591b147 77046 ghostscript-x_9.06~dfsg-2+deb8u13_amd64.deb 6aed5385cc825f405299bc2e7e26d065a4ea7776 1919888 libgs9_9.06~dfsg-2+deb8u13_amd64.deb ec6a85edffb5b7b7884a443ce53359a547f124e0 2123584 libgs-dev_9.06~dfsg-2+deb8u13_amd64.deb 3665fc611f938babe4b802061c270d748c52ce49 4884582 ghostscript-dbg_9.06~dfsg-2+deb8u13_amd64.deb Checksums-Sha256: b321a0f0a38a13e663d6e6afb5f0735c6aab34805bb98103b5ffcddff8470820 2896 ghostscript_9.06~dfsg-2+deb8u13.dsc 4a98384df28f0a1cc90943292714311ce33d600c6358c24c80e182a40592dbbf 18454793 ghostscript_9.06~dfsg.orig.tar.gz c074b38ac7c0eee92e91385a2a50b10350bc0a3487ec1b217238da324112d85f 152804 ghostscript_9.06~dfsg-2+deb8u13.debian.tar.xz 5d6163336e203e64359f9db07c92be1cd00e161180547ff4824060b450538b60 4956496 ghostscript-doc_9.06~dfsg-2+deb8u13_all.deb eebb942ab9660adc76a62ea4c29e7a651e596de04d5fb32c0d3085d005ee9593 1972516 libgs9-common_9.06~dfsg-2+deb8u13_all.deb 730ba714c0f6ce944bf79cc2e19fcf86428b396835f6567cc85d305fa6b5e2f8 85788 ghostscript_9.06~dfsg-2+deb8u13_amd64.deb 76f24b966b5b328294cdbccd84347eaddb39ba278f9bb97cfd5e16fa30752168 77046 ghostscript-x_9.06~dfsg-2+deb8u13_amd64.deb ce5be548e6cbdddabb319cc93ea88fb84106651244b38048c56983f117e7c390 1919888 libgs9_9.06~dfsg-2+deb8u13_amd64.deb 3b7739c59472e7406ad2fabe6c2f698924379dfbf6f63ab3bd43f433e46d4186 2123584 libgs-dev_9.06~dfsg-2+deb8u13_amd64.deb d114b66bdc77aa0442b043be080df4ffb8120598887dc52f953b04ace0930c67 4884582 ghostscript-dbg_9.06~dfsg-2+deb8u13_amd64.deb Files: 42a30c94da5201e95c5da77b49b1d2da 2896 text optional ghostscript_9.06~dfsg-2+deb8u13.dsc 68d22f8b67369af932d9f0a396a1f63d 18454793 text optional ghostscript_9.06~dfsg.orig.tar.gz 20dbb27b84c3bf2296c98bd8f67b6a21 152804 text optional ghostscript_9.06~dfsg-2+deb8u13.debian.tar.xz 9bdf9115296b4c212367d529ff5fbe3d 4956496 doc optional ghostscript-doc_9.06~dfsg-2+deb8u13_all.deb d5b296d7e071bf3f913d3acad735a2ff 1972516 libs optional libgs9-common_9.06~dfsg-2+deb8u13_all.deb a4e09844f329d6761b51d418fcf46ec5 85788 text optional ghostscript_9.06~dfsg-2+deb8u13_amd64.deb 13163c5a18d4fa580b856d1e5502135a 77046 text optional ghostscript-x_9.06~dfsg-2+deb8u13_amd64.deb cd8f46656b3d35305eedc5dbb5e3ea73 1919888 libs optional libgs9_9.06~dfsg-2+deb8u13_amd64.deb 60fa51e1c65070c7945d716e2bb3ad54 2123584 libdevel optional libgs-dev_9.06~dfsg-2+deb8u13_amd64.deb 6dd1cf7914b2b4c7a6fc82a680582469 4884582 debug extra ghostscript-dbg_9.06~dfsg-2+deb8u13_amd64.deb -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAlwk1bkACgkQ+COicpiD yXwbxhAAg6lhEz0APmaEf/Co3OQTNE9I3f8HrOikf9hAsrf9Lfd/k48okD+Oje/f p6/IjNyd6Jwmyqt2i1iAH7WOP2QABg5fAzfZrFZycAwLCSduw5MAsGeHOQmAeiTZ 1yu1lqPMrW8cR330PDQZMV9US/A7pq1bRKk1y6w2CVb9b/Jc0groUnuEBDLXKsRt