Debian Bug report logs -
#861738
libpodofo: CVE-2017-8787: heap based overflow in ReadXRefStreamEntry
Reported by: Xiaobo Xiang <xiangxb2112@gmail.com>
Date: Wed, 3 May 2017 10:57:01 UTC
Severity: normal
Tags: security, upstream
Found in version 0.9.5-3
Fixed in version libpodofo/0.9.5-7
Done: Mattia Rizzolo <mattia@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Mattia Rizzolo <mattia@debian.org>:
Bug#861738; Package libpodofo.
(Wed, 03 May 2017 10:57:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Xiaobo Xiang <xiangxb2112@gmail.com>:
New Bug report received and forwarded. Copy sent to Mattia Rizzolo <mattia@debian.org>.
(Wed, 03 May 2017 10:57:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: libpodofo
Version: 0.9.5
[summary]
I've found a heap based buffer overflow in libpodofo using libFuzzer.
PdfXRefStreamParserObject::ReadXRefStreamEntry(src/base/PdfXRefStreamParserObject.cpp:224)
[details]
in function PdfXRefStreamParserObject::ReadXRefTable(), the program get
nW[] array from file data, and does no check on it.
void PdfXRefStreamParserObject::ReadXRefTable()
{
pdf_int64 lSize = this->GetDictionary().GetKeyAsLong(
PdfName::KeySize, 0 );
PdfVariant vWArray = *(this->GetDictionary().GetKey( "W" ));
// The pdf reference states that W is always an array with 3 entries
// all of them have to be integers
if( !vWArray.IsArray() || vWArray.GetArray().size() != 3 )
{
PODOFO_RAISE_ERROR( ePdfError_NoXRef );
}
pdf_int64 nW[W_ARRAY_SIZE] = { 0, 0, 0 };
for( int i=0;i<W_ARRAY_SIZE;i++ )
{
if( !vWArray.GetArray()[i].IsNumber() )
{
PODOFO_RAISE_ERROR( ePdfError_NoXRef );
}
nW[i] =
static_cast<pdf_int64>(vWArray.GetArray()[i].GetNumber()); // get from
file data, without check.
}
std::vector<pdf_int64> vecIndeces;
GetIndeces( vecIndeces, static_cast<pdf_int64>(lSize) );
ParseStream( nW, vecIndeces ); // pass the array to ParseStream
}
the nW array will be passed to ParseStream Function, they are used to
calculate entryLen using add.
const size_t entryLen = static_cast<size_t>(nW[0] + nW[1] + nW[2]);
Followed are two while loop, in the second loop, program calls
ReadXRefStreamEntry:
void PdfXRefStreamParserObject::ParseStream( const pdf_int64
nW[W_ARRAY_SIZE], const std::vector<pdf_int64> & rvecIndeces )
{
char* pBuffer;
pdf_long lBufferLen;
const size_t entryLen = static_cast<size_t>(nW[0] + nW[1] +
nW[2]); // may be 0xffffffff
std::vector<pdf_int64>::const_iterator it = rvecIndeces.begin();
char* const pStart = pBuffer;
while( it != rvecIndeces.end() )
{
//.......
while( nCount > 0 )
{
if( (pBuffer - pStart) >= lBufferLen )
{
PODOFO_RAISE_ERROR_INFO( ePdfError_NoXRef, "Invalid
count in XRef stream" );
}
//printf("nCount=%i ", static_cast<int>(nCount));
//printf("pBuffer=%li ", (long)(pBuffer - pStart));
//printf("pEnd=%li ", lBufferLen);
if ( nFirstObj >= 0 && nFirstObj <
static_cast<pdf_int64>(m_pOffsets->size())
&& !
(*m_pOffsets)[static_cast<int>(nFirstObj)].bParsed)
{
ReadXRefStreamEntry( pBuffer, lBufferLen, nW,
static_cast<int>(nFirstObj) ); // calling ReadXRefStreamEntry
}
nFirstObj++ ;
pBuffer += entryLen; // heap out of bound read
--nCount;
}
//......
}
podofo_free( pStart );
}
in ReadXRefStreamEntry function,there are two loops, in the second loop,
program fetches data from pBuffer pointer and assigns it to nData[i], this
could result in out of bound read in the heap. Because pBuffer was modified
in ParseStream by "pBuffer += entryLen;" .
in my case, the nW[]=[1 -4 2] , entryLen=1-4+2=0xffffffff
I've recorded the value before the assignment sentence. the value of
pBuffer pointer is as follows:
pBuffer=0x621000019100
pBuffer=0x621000019101
pBuffer=0x621000019102
pBuffer=0x6210000190ff
after calling pBuffer+=entryLen for several times, the pBuffer will get
under overflow, when it returned to ReadXRefStreamEntry again, heap
overflow.
[crash log]
Below is my crash log:
./podofopdfinfo ./heap-overflow-ReadXRefStreamEntry
=================================================================
==23234==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x6210000190ff at pc 0x0000005bd7a4 bp 0x7fff686b0350 sp 0x7fff686b0340
READ of size 1 at 0x6210000190ff thread T0
#0 0x5bd7a3 in
PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry(char*, long, long
const*, int) podofo-0.9.5/src/base/PdfXRefStreamParserObject.cpp:224
#1 0x5bcf41 in PoDoFo::PdfXRefStreamParserObject::ParseStream(long
const*, std::vector<long, std::allocator<long> > const&)
podofo-0.9.5/src/base/PdfXRefStreamParserObject.cpp:156
#2 0x5bc9b0 in PoDoFo::PdfXRefStreamParserObject::ReadXRefTable()
podofo-0.9.5/src/base/PdfXRefStreamParserObject.cpp:118
#3 0x598894 in PoDoFo::PdfParser::ReadXRefStreamContents(long, bool)
podofo-0.9.5/src/base/PdfParser.cpp:858
#4 0x597720 in PoDoFo::PdfParser::ReadXRefContents(long, bool)
podofo-0.9.5/src/base/PdfParser.cpp:682
#5 0x594106 in PoDoFo::PdfParser::ReadDocumentStructure()
podofo-0.9.5/src/base/PdfParser.cpp:337
#6 0x593734 in
PoDoFo::PdfParser::ParseFile(PoDoFo::PdfRefCountedInputDevice const&, bool)
podofo-0.9.5/src/base/PdfParser.cpp:220
#7 0x59331e in PoDoFo::PdfParser::ParseFile(char const*, bool)
podofo-0.9.5/src/base/PdfParser.cpp:164
#8 0x540f4f in PoDoFo::PdfMemDocument::Load(char const*, bool)
podofo-0.9.5/src/doc/PdfMemDocument.cpp:256
#9 0x53fde9 in PoDoFo::PdfMemDocument::PdfMemDocument(char const*,
bool) podofo-0.9.5/src/doc/PdfMemDocument.cpp:102
#10 0x4b8021 in PdfInfo::PdfInfo(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&)
podofo-0.9.5/tools/podofopdfinfo/pdfinfo.cpp:25
#11 0x4bee20 in main
podofo-0.9.5/tools/podofopdfinfo/podofopdfinfo.cpp:110
#12 0x7fe5111a882f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#13 0x4b7ee8 in _start (podofopdfinfo+0x4b7ee8)
0x6210000190ff is located 1 bytes to the left of 4096-byte region
[0x621000019100,0x62100001a100)
allocated by thread T0 here:
#0 0x7fe512a0779a in __interceptor_calloc
(/usr/lib/x86_64-linux-gnu/libasan.so.2+0x9879a)
#1 0x591652 in PoDoFo::podofo_calloc(unsigned long, unsigned long)
podofo-0.9.5/src/base/PdfMemoryManagement.cpp:136
#2 0x591aa6 in
PoDoFo::PdfMemoryOutputStream::PdfMemoryOutputStream(long)
podofo-0.9.5/src/base/PdfOutputStream.cpp:77
#3 0x4db667 in PoDoFo::PdfStream::GetFilteredCopy(char**, long*) const
podofo-0.9.5/src/base/PdfStream.cpp:91
#4 0x5bccb1 in PoDoFo::PdfXRefStreamParserObject::ParseStream(long
const*, std::vector<long, std::allocator<long> > const&)
podofo-0.9.5/src/base/PdfXRefStreamParserObject.cpp:127
#5 0x5bc9b0 in PoDoFo::PdfXRefStreamParserObject::ReadXRefTable()
podofo-0.9.5/src/base/PdfXRefStreamParserObject.cpp:118
#6 0x598894 in PoDoFo::PdfParser::ReadXRefStreamContents(long, bool)
podofo-0.9.5/src/base/PdfParser.cpp:858
#7 0x597720 in PoDoFo::PdfParser::ReadXRefContents(long, bool)
podofo-0.9.5/src/base/PdfParser.cpp:682
#8 0x594106 in PoDoFo::PdfParser::ReadDocumentStructure()
podofo-0.9.5/src/base/PdfParser.cpp:337
#9 0x593734 in
PoDoFo::PdfParser::ParseFile(PoDoFo::PdfRefCountedInputDevice const&, bool)
podofo-0.9.5/src/base/PdfParser.cpp:220
#10 0x59331e in PoDoFo::PdfParser::ParseFile(char const*, bool)
podofo-0.9.5/src/base/PdfParser.cpp:164
#11 0x540f4f in PoDoFo::PdfMemDocument::Load(char const*, bool)
podofo-0.9.5/src/doc/PdfMemDocument.cpp:256
#12 0x53fde9 in PoDoFo::PdfMemDocument::PdfMemDocument(char const*,
bool) podofo-0.9.5/src/doc/PdfMemDocument.cpp:102
#13 0x4b8021 in PdfInfo::PdfInfo(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&)
podofo-0.9.5/tools/podofopdfinfo/pdfinfo.cpp:25
#14 0x4bee20 in main
podofo-0.9.5/tools/podofopdfinfo/podofopdfinfo.cpp:110
#15 0x7fe5111a882f in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
SUMMARY: AddressSanitizer: heap-buffer-overflow
podofo-0.9.5/src/base/PdfXRefStreamParserObject.cpp:224
PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry(char*, long, long
const*, int)
Shadow bytes around the buggy address:
0x0c427fffb1c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c427fffb1d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c427fffb1e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c427fffb1f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c427fffb200: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c427fffb210: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa[fa]
0x0c427fffb220: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c427fffb230: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c427fffb240: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c427fffb250: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c427fffb260: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
==23234==ABORTING
[how to reproduce]
compile the podofo project with address sanitizer, and run the following
command
./podofopdfinfo ./heap-overflow-ReadXRefStreamEntry
[how to fix]
I think checking the value of the nW array to ensure they are positive will
work.
Please feel free to ask me if you have further question about this report.
Best Regards,
Xiang Xiaobo of VARAS@IIE
[Message part 2 (text/html, inline)]
[heap-overflow-ReadXRefStreamEntry (application/octet-stream, attachment)]
Information forwarded
to debian-bugs-dist@lists.debian.org:
Bug#861738; Package libpodofo.
(Thu, 04 May 2017 12:24:03 GMT) (full text, mbox, link).
Message #8 received at 861738@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hi Xiaobo!
On Wed, May 03, 2017 at 06:55:49PM +0800, Xiaobo Xiang wrote:
> I've found a heap based buffer overflow in libpodofo
Thank you for the bug report!
> Please feel free to ask me if you have further question about this report.
These days I'm running low on spare time, so I'd like you to check
whether this issue is among the CVEs already reported for libpodofo (you
can see a summary in
https://security-tracker.debian.org/tracker/source-package/libpodofo)
Those CVEs are all "recent" (as in: filed less than 2 months ago) and
upstream is slowly finding its way among those.
If it's not, I'd appreciate if you could check whether this is still
present in the upstream SVN repository
https://svn.code.sf.net/p/podofo/code/podofo/trunk .
I'd also find useful if you could file a CVE request at
https://cveform.mitre.org/ (and report back)
I can take care of forwarding this bug report to the upstream mailing
list (https://sourceforge.net/p/podofo/mailman/podofo-users/) after it.
Thank you in advance!
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
more about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Mattia Rizzolo <mattia@debian.org>:
Bug#861738; Package libpodofo.
(Fri, 05 May 2017 04:54:02 GMT) (full text, mbox, link).
Acknowledgement sent
to <cve-request@mitre.org>:
Extra info received and forwarded to list. Copy sent to Mattia Rizzolo <mattia@debian.org>.
(Fri, 05 May 2017 04:54:02 GMT) (full text, mbox, link).
Message #13 received at 861738@bugs.debian.org (full text, mbox, reply):
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
> [Suggested description]
> The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in
> base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote
> attackers to cause a denial of service (heap-based buffer over-read)
> or possibly have unspecified other impact via a crafted PDF file.
>
> ------------------------------------------
>
> [Vulnerability Type]
> heap-based buffer over-read
>
> ------------------------------------------
>
> [Affected Product Code Base]
> podofo - 0.9.5
>
> ------------------------------------------
>
> [Affected Component]
> PdfXRefStreamParserObject::ReadXRefStreamEntry(src/base/PdfXRefStreamParserObject.cpp:224)
>
> ------------------------------------------
>
> [Attack Type]
> Remote
>
> ------------------------------------------
>
> [Attack Vectors]
> via a crafted pdf file
>
> ------------------------------------------
>
> [Reference]
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861738
>
> ------------------------------------------
>
> [Discoverer]
> Xiang Xiaobo of VARAS@IIE
Use CVE-2017-8787.
- --
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJZDAEZAAoJEHb/MwWLVhi20RAP/3iSSjw0o4nngQi0CYe7Wjj8
X/bb7YczHNPPWRp7kjkysatfx5pzLkSIs0fbhvZbafZSvB6wwqtfYC5QutWj+kEx
wK86SKbngMM9vt1APRvnBs9gm9cBWzkGAozy7G/7e/ABKfDdx2byx9hiiBsw+rDu
ljtXn+4dSwzaZlSpVWL1GS5GdYKTMHkBSfB89x/O5bspelvT72twxonFhPxk4gJl
96FgIR1lAIka4s7pUQri0asM26F9OAEdGpVoY3DRv4kL2imUAghtC06VkDey9j5F
VzfBwaIiK/x1Qiq2BHe2jclIPzDV1ncJr4iPBK9vvcSsbEDIsK5W4PVxOST+cZXk
M73NnynvxX8xJ4lcaBaLXz7p4HcM9G4/vAGz64C0fLl/AWY0zQ95dGEXQSNV1blm
DIG1fhu9oKjeKPgeORdlIISAQ8rfbuqPptdUeEUX+kh+O5jGutw6SrFJxzX2x8hz
dwox3XTjkvUl3QezsFI0Cp6tMM5dvgmZAldW3HNiB5fAvsCy4EAmfolPHckXpEmG
MuzXtKUKVtfz2gZEyudGxxkHKPdTM6Uorh8xqTu1TA37xKt6ZwRt0Ftm6AFTvCZf
fARVmbmzvPjUk9BhtalpU9dTwSakqXgYIH7VyCsnDU3985rwXV53q008tp7YEWz7
XrRo8TYll9zJJwDHE7W0
=YCNg
-----END PGP SIGNATURE-----
Marked as found in versions 0.9.5-3.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Fri, 05 May 2017 09:27:02 GMT) (full text, mbox, link).
No longer marked as found in versions 0.9.5.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Fri, 05 May 2017 09:27:03 GMT) (full text, mbox, link).
Added tag(s) security and upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Fri, 05 May 2017 09:30:06 GMT) (full text, mbox, link).
Changed Bug title to 'libpodofo: CVE-2017-8787: heap based overflow in ReadXRefStreamEntry' from '[bug report][libpodofo]heap based overflow in ReadXRefStreamEntry'.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Fri, 05 May 2017 09:30:07 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Mattia Rizzolo <mattia@debian.org>:
Bug#861738; Package libpodofo.
(Mon, 05 Jun 2017 13:27:08 GMT) (full text, mbox, link).
Acknowledgement sent
to Ola Lundqvist <ola@inguza.com>:
Extra info received and forwarded to list. Copy sent to Mattia Rizzolo <mattia@debian.org>.
(Mon, 05 Jun 2017 13:27:08 GMT) (full text, mbox, link).
Message #26 received at 861738@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hi
While investigating this for the long term support I found a way to fix this.
However when testing it with the libpodofo-utils package I could not
reproduce the problem. This means that the problem is not worth fixing
in wheezy. However you may be interested in the patch so here it is.
Best regards
// Ola
--
--- Inguza Technology AB --- MSc in Information Technology ----
/ ola@inguza.com Folkebogatan 26 \
| opal@debian.org 654 68 KARLSTAD |
| http://inguza.com/ Mobile: +46 (0)70-332 1551 |
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /
---------------------------------------------------------------
[CVE-2017-8787.patch (text/x-patch, attachment)]
Message sent on
to Xiaobo Xiang <xiangxb2112@gmail.com>:
Bug#861738.
(Sun, 12 Nov 2017 15:03:14 GMT) (full text, mbox, link).
Message #29 received at 861738-submitter@bugs.debian.org (full text, mbox, reply):
Control: tag 861738 pending
Hello,
Bug #861738 in libpodofo reported by you has been fixed in the Git repository. You can
see the commit message below, and you can check the diff of the fix at:
https://anonscm.debian.org/git/collab-maint/libpodofo.git/commit/?id=e4be7fd
(this message was generated automatically based on the git commit message)
---
commit e4be7fdb46e12413d1e55161963ce0317070dc2d
Author: Mattia Rizzolo <mattia@debian.org>
Date: Sun Nov 12 15:52:43 2017 +0100
Add upstream patch for CVE-2017-8787
Closes: #861738
Signed-off-by: Mattia Rizzolo <mattia@debian.org>
Added tag(s) pending.
Request was from Mattia Rizzolo <mattia@debian.org>
to 861738-submitter@bugs.debian.org.
(Sun, 12 Nov 2017 15:03:14 GMT) (full text, mbox, link).
Reply sent
to Mattia Rizzolo <mattia@debian.org>:
You have taken responsibility.
(Sun, 12 Nov 2017 15:24:08 GMT) (full text, mbox, link).
Notification sent
to Xiaobo Xiang <xiangxb2112@gmail.com>:
Bug acknowledged by developer.
(Sun, 12 Nov 2017 15:24:08 GMT) (full text, mbox, link).
Message #36 received at 861738-close@bugs.debian.org (full text, mbox, reply):
Source: libpodofo
Source-Version: 0.9.5-7
We believe that the bug you reported is fixed in the latest version of
libpodofo, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 861738@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mattia Rizzolo <mattia@debian.org> (supplier of updated libpodofo package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 12 Nov 2017 15:36:06 +0100
Source: libpodofo
Binary: libpodofo-dev libpodofo-utils libpodofo0.9.5
Architecture: source
Version: 0.9.5-7
Distribution: unstable
Urgency: medium
Maintainer: Mattia Rizzolo <mattia@debian.org>
Changed-By: Mattia Rizzolo <mattia@debian.org>
Description:
libpodofo-dev - PoDoFo development files
libpodofo-utils - PoDoFo utilities
libpodofo0.9.5 - PoDoFo - library to work with the PDF file format
Closes: 854600 860930 861738
Changes:
libpodofo (0.9.5-7) unstable; urgency=medium
.
* Add upstream patches for security issues:
+ CVE-2017-5852 Closes: #854600
+ CVE-2017-7994 Closes: #860930
+ CVE-2017-8787 Closes: #861738
* debian/control:
+ Bump Standards-Version to 4.1.1:
- Move from priority extra (deprecated) to optional.
+ Declare that libpodofo can be built without root: R³:no.
Checksums-Sha1:
583cea79dc889f439569e0c5b580afef4a2a3e03 2158 libpodofo_0.9.5-7.dsc
ecfbf316c83bc70b2a6de8b5a2b9c3c0fed828a8 17076 libpodofo_0.9.5-7.debian.tar.xz
7ed86d8d0650640844bafbbe9fcb4beebd13f981 8380 libpodofo_0.9.5-7_amd64.buildinfo
Checksums-Sha256:
689ae5801f0c7b82ec21a59fdc325e8a13d940c614bd8dba54712a21887049db 2158 libpodofo_0.9.5-7.dsc
1dde26ea68feeed2e69cda73ba3800d9a40f83b49a00fcff50ffca3f773cd96c 17076 libpodofo_0.9.5-7.debian.tar.xz
68dd7097b2153a8ebd55866d2ce4fea18965e9957bd7e9fd6fdad1c6fc4f7f35 8380 libpodofo_0.9.5-7_amd64.buildinfo
Files:
f3fdfe4f86a218e800533f533def1408 2158 libdevel optional libpodofo_0.9.5-7.dsc
963699ed102d44b6d543eba193f619bf 17076 libdevel optional libpodofo_0.9.5-7.debian.tar.xz
fa884094c9a4f5614675a1e25977abc0 8380 libdevel optional libpodofo_0.9.5-7_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAloIYXoACgkQCBa54Yx2
K604Qg//c2NDfAuE+OkbipkrgWNKyodI1BPkcrrrt2JnUXGaVK4MVNWZU7xUliED
SLAxRjz15JWLL4d59ZMWWuqWygLk2dNHsBgnuNmTQSA+pUkZTKSRgieBbC/NdFzU
DgjXp1gX75za7h9JzvtvMsbpmMpnqpgrBbIIrCyKB4lM1plr/67TQ1IG2TyilnuJ
rHEcfp0ePWvY5xAgtu+c2c9Nn6WiqZsJbb2zgeD/ZvmMymLfVZelC8q2cZEWSnAi
vnkM9KrWlM8a1t4PFhQqzp86MKAebpGsrp5pqDnJ8U+7zKYP6ZqVR/Lr7f4HlqhC
P7kC7lBUiIrIOhJIVPWKWseejBNKIvV2k+y1vWR7hanZiRICsAaXgSM+TkiTa6B0
LZndIxAk1zLqytmshNt4t3djxfhX375ACUjfz5/vf3HRf0BXFNC3yhrdWoklxY+B
eRKructXQnWnFDO2xKQIUWodORnemBSZTci9eOrpoZvb8iMci+SMC2xPAKwbn/pJ
FnzgLcf0q1aBo4ZpSlBG5JZPeC1ItAFQF6Xz4nuK73WcLrLQVFnJAqBDXwksOCiZ
fGN/9UpXJkknDkNiUjppid0ARjYCwM9/q+5JIbfaJ4rvkHuA+BlYDX1Z5qS8qKvk
YD2gChCmuhwsEyZLC0A7isjt4T9orEQpeRX0X/25SnsdnJHuc3c=
=XbaS
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sat, 16 Dec 2017 07:26:48 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:27:37 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon