-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 05 Jun 2024 10:04:29 -0400
Source: gdk-pixbuf
Binary: libgdk-pixbuf2.0-common libgdk-pixbuf2.0-doc
Architecture: all
Version: 2.42.2+dfsg-1+deb11u2
Distribution: bullseye
Urgency: high
Maintainer: all Build Daemon (x86-csail-02) <buildd_all-x86-csail-02@buildd.debian.org>
Changed-By: Jeremy Bícha <jbicha@ubuntu.com>
Description:
 libgdk-pixbuf2.0-common - GDK Pixbuf library - data files
 libgdk-pixbuf2.0-doc - GDK Pixbuf library (documentation)
Closes: 1071265
Changes:
 gdk-pixbuf (2.42.2+dfsg-1+deb11u2) bullseye; urgency=high
 .
   [ Ian Constantin ]
   * SECURITY UPDATE: heap memory corruption (Closes: #1071265)
     - debian/patches/CVE-2022-48622-*.patch: adds checks for invalid ani files
       to gdk-pixbuf/io-ani.c.
     - tests/tests-images/fail/CVE-2022-48622.ani: test file.
     - debian/source/include-binaries: including binary test file.
     - CVE-2022-48622
Checksums-Sha1:
 45fddf5cd8c35a2374e5f0df7e5e0b945afd4827 8783 gdk-pixbuf_2.42.2+dfsg-1+deb11u2_all-buildd.buildinfo
 9f552464c84532b64b5b2e19ed7fdcb5048e08f1 319936 libgdk-pixbuf2.0-common_2.42.2+dfsg-1+deb11u2_all.deb
 49e30a53c6101b7b03db98240d5cafa5b82ecc29 173436 libgdk-pixbuf2.0-doc_2.42.2+dfsg-1+deb11u2_all.deb
Checksums-Sha256:
 47dc8efaa269e61c94545df75372b3b21bbe44ba76eeba009e79d60b4bbb63e4 8783 gdk-pixbuf_2.42.2+dfsg-1+deb11u2_all-buildd.buildinfo
 16b7cc07f77c09b1e858179ad6d5718f9fc57ee527263e60458498dffe8ae49e 319936 libgdk-pixbuf2.0-common_2.42.2+dfsg-1+deb11u2_all.deb
 fcffae774792543d80ecb3c8bc800f6eda435a53575ea222355ea0ed5677acb4 173436 libgdk-pixbuf2.0-doc_2.42.2+dfsg-1+deb11u2_all.deb
Files:
 2c8c84d7179df15b474eddba33eb8a54 8783 libs optional gdk-pixbuf_2.42.2+dfsg-1+deb11u2_all-buildd.buildinfo
 189c0dff12d284edf331bc44aaf357f0 319936 libs optional libgdk-pixbuf2.0-common_2.42.2+dfsg-1+deb11u2_all.deb
 ba56a94077ba544c6246e772223bf15c 173436 doc optional libgdk-pixbuf2.0-doc_2.42.2+dfsg-1+deb11u2_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEzcbx6nIE/ydHa1FFigL77i1GSVkFAmZ3LWsACgkQigL77i1G
SVnFwhAApPanTdbjsfb7Xplv0wiBOoRimJHLyRYvcuPldh4UIrxE6FbUzQTw6TYy
fJPCQYpH7GbtRIFVa6vVTHqOkVuo3J75GN5dB1YbVsvdgPsaJal2YZNIawwuCIqz
bdzT6AT0fqvYxz87hkZYTgN+cYf3WftzBMDGPrcCl68JvEx3KF+Y/0n5DkbC7Gdr
cxc5TgOi6/LztIg7Zs8b7nuPLg3BjZnJrdK0WaoE5XzSUsBPL70hmYafGpn244I9
qDiHTv4smWunZaGqLwXVOZLTtwdPe0zEvn5ylrlR8yaOQoMofVtxnpLpTkfrnJo8
47wHv3WOAZLiqCxB9gNZGaSvYKnk8rloJmEG07U+TfWkREJBuVNI+obsjmASwHup
mk6fJ9lQzCjoJpXRK4sIa18e0seNsrVeV4PWvF0Md871nFsss01KcyBUqyL/OWz5
1vpQxJSsj1jtOaq6AF5badyR9LIHKN1LzIrfhcBBEuW/tWzpcnUlTg9II/B0p2I9
Gzs5xcCxYcyi7ctMUXZ+Kco46SU7DydkJyi01v0n/sll7GOR4UtkiR9qw4oB+I1R
BHa3zjrhv0kSPi8SSrKj5uIUtKbaYcqTKruUFnemLQp2dy+w3zM7xb/Cw8qvCUta
h1+8BNMAq6Nuk4f8/+JMvzgtTlTS15+DhUZaB9B03Li9vP82IIw=
=ix9S
-----END PGP SIGNATURE-----