atril: CVE-2017-1000083

Debian Bug report logs - #868500
atril: CVE-2017-1000083

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: atril: CVE-2017-1000083

Date: Sun, 16 Jul 2017 08:19:43 +0200

Source: atril
Version: 1.16.1-2
Severity: grave
Tags: security
Justification: user security hole

Hi,

the following vulnerability was published for atril.

CVE-2017-1000083[0]:
Evince command injection vulnerability in CBT handler

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-1000083
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000083

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Message #12 received at 868500@bugs.debian.org (full text, mbox, reply):

From: Santiago Ruano Rincón <santiagorr@riseup.net>

To: 868500@bugs.debian.org

Subject: Re: atril: CVE-2017-1000083

Date: Tue, 18 Jul 2017 15:21:10 +0200

[Message part 1 (text/plain, inline)]

Control: tags -1 + patch

On Sun, 16 Jul 2017 08:19:43 +0200 Salvatore Bonaccorso <carnil@debian.org> wrote:
...
> the following vulnerability was published for atril.
> 
> CVE-2017-1000083[0]:
> Evince command injection vulnerability in CBT handler
...

Please, find attached the patch backported from evince's fix.

Cheers,

  -- Santiago

[1-CVE-2017-1000083-comics-Remove-support-for-tar-and-tar-like-command.patch (text/x-diff, attachment)]

[signature.asc (application/pgp-signature, inline)]

Message #19 received at 868500@bugs.debian.org (full text, mbox, reply):

From: Mike Gabriel <sunweaver@debian.org>

To: Santiago Ruano Rincón <santiagorr@riseup.net>

Cc: 868500@bugs.debian.org

Subject: Re: atril: CVE-2017-1000083

Date: Fri, 21 Jul 2017 21:26:46 +0000

[Message part 1 (text/plain, inline)]

On  Fr 21 Jul 2017 12:01:13 CEST, Santiago Ruano Rincón wrote:

> El 21/07/17 a las 09:50, Mike Gabriel escribió:
>> Hi Santiago,
>>
>> On  Fr 21 Jul 2017 11:46:08 CEST, Santiago Ruano Rincón wrote:
>>
>> > Hi,
>> >
>> > El 20/07/17 a las 21:50, Salvatore Bonaccorso escribió:
>> > > Hi Santiago
>> > >
>> > > On Wed, Jul 19, 2017 at 03:05:29PM +0200, Santiago Ruano Rincón wrote:
>> > > > El 18/07/17 a las 15:21, Santiago Ruano Rincón escribió:
>> > > > > Control: tags -1 + patch
>> > > > >
>> > > > > On Sun, 16 Jul 2017 08:19:43 +0200 Salvatore Bonaccorso
>
> […]
>
>>
>> Please provide the .debdiff of your upload with the original bug report, so
>> we can weave it into the packaging Git.
>
> Sorry, here it is.
>
> Santiago

Thanks! Git has been updated for the 1.16.1-2.1 upload.

Mike
-- 

mike gabriel aka sunweaver (Debian Developer)
mobile: +49 (1520) 1976 148
landline: +49 (4354) 8390 139

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: sunweaver@debian.org, http://sunweavers.net

[Message part 2 (application/pgp-signature, inline)]

Message #24 received at 868500@bugs.debian.org (full text, mbox, reply):

From: ZenWalker <scow@riseup.net>

To: 868500@bugs.debian.org

Subject: (no subject)

Date: Sat, 22 Jul 2017 01:00:22 +0000

we don't need to remove the tar support

it was fixed in the upstream with this patch:

https://github.com/mate-desktop/atril/commit/f4291fd62f7dfe6460d2406a979ccfac0c68dd59.patch

Message #33 received at 868500-close@bugs.debian.org (full text, mbox, reply):

From: Santiago Ruano Rincón <santiagorr@riseup.net>

To: 868500-close@bugs.debian.org

Subject: Bug#868500: fixed in atril 1.16.1-2+deb9u1

Date: Sat, 22 Jul 2017 21:17:19 +0000

Source: atril
Source-Version: 1.16.1-2+deb9u1

We believe that the bug you reported is fixed in the latest version of
atril, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 868500@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Santiago Ruano Rincón <santiagorr@riseup.net> (supplier of updated atril package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 21 Jul 2017 06:59:09 +0200
Source: atril
Binary: atril atril-common libatrilview3 libatrilview-dev libatrildocument3 libatrildocument-dev gir1.2-atril
Architecture: source
Version: 1.16.1-2+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: MATE Packaging Team <pkg-mate-team@lists.alioth.debian.org>
Changed-By: Santiago Ruano Rincón <santiagorr@riseup.net>
Description:
 atril      - MATE document viewer
 atril-common - MATE document viewer (common files)
 gir1.2-atril - GObject introspection data for Atril
 libatrildocument-dev - MATE document rendering library (development files)
 libatrildocument3 - MATE document rendering library
 libatrilview-dev - MATE document viewing library (development files)
 libatrilview3 - MATE document viewing library
Closes: 868500
Changes:
 atril (1.16.1-2+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload
   * Add 0001-CVE-2017-1000083-comics-Remove-support-for-tar-and-tar-like-command.patch
     Fixes a command injection vulnerability in CBT handler. CVE-2017-1000083
     (Closes: #868500)
Checksums-Sha1:
 b81cba34e81a6a31363922d52c419e32290682e2 2890 atril_1.16.1-2+deb9u1.dsc
 5ee0a110b6ecacde4bdfaaa35cad197a3ddcc56c 1305180 atril_1.16.1.orig.tar.xz
 6fbe08895066f5ce31b4d4c924a5bb4dc0e5bf21 15332 atril_1.16.1-2+deb9u1.debian.tar.xz
 e33bc6c37b640de627fdfc0b5cad032327485aa9 16006 atril_1.16.1-2+deb9u1_source.buildinfo
Checksums-Sha256:
 aa61dec257dbca8b9fe578220448f9cbb1c087838dc3fb7e0e6198db789cf692 2890 atril_1.16.1-2+deb9u1.dsc
 7d0017af51933411466785a342bcc8b216df45b6a934d73d5773dae211bae4a3 1305180 atril_1.16.1.orig.tar.xz
 4a9a2a6a8cbe4dc45642257f55511f2525615a5cc163672b21c0d72cbc5fa3f2 15332 atril_1.16.1-2+deb9u1.debian.tar.xz
 cf62f32e74f54acb36a8a8b8ce4d77f292f6a1b2987a40297cac7542d55351dc 16006 atril_1.16.1-2+deb9u1_source.buildinfo
Files:
 a34072c83c2f8bd616632d7e73d8b786 2890 x11 optional atril_1.16.1-2+deb9u1.dsc
 5b420e04cf3eabc8fbe50ad02743c956 1305180 x11 optional atril_1.16.1.orig.tar.xz
 8141a230b45676265d84ee0798052a64 15332 x11 optional atril_1.16.1-2+deb9u1.debian.tar.xz
 90f0fed33739c5fab26b5824bad9d4d5 16006 x11 optional atril_1.16.1-2+deb9u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZBjBLN3JFZ8LzvKD3m/9uMjWSL0FAllxxwwACgkQ3m/9uMjW
SL1d7w//e38mg1/jakNmn3jF00bQJ7QpZTK0ZkwAghFtFi5FX5MY4l3Xv/pBNeot
axrFcbjLkU9C+9zK5iVPnBUyvPhsAgAFiEd51R62bduSuZYMIvj6EdHAn1PeaxJL
m6OEeRJhQg+DBG6Ys+8zdPz/h7AdkdTJnTiH+T+w4gpywJ4WfzwDZPJQ29BYZ8lM
jTWi3pOoI0Q2ZvwN1d40aNS1PkbrjKxT3pVHSoLZyoTnMvlJdgivuRIIe2NC5hqf
H25Pi3OxRYqogPLMzKES5CaVvaAaBLu2rgSMVG/PL+jhyPRGEFylMgqK0/UH72vE
lgOfHYjRgx7DAsrlj1GewjxbpX8ndwx4AArM1qtUuQDvovfY8/yqEKSTilcMdaMM
njhexh9r7iR7YmgA+vsa6JyscajAMO+cdrhkhyPLdLIe6EW2RgzFNMKBBD+pCt+v
9EUIlNYS3VvGBz8sFM2v3WeTSC03QZR+YO1FclT6wx6Zs+IHSv3yKmS/AZyqkrmb
xb2n475YJNt/v10dYiEasV+iw2/G3uNYZTclDzvqsLJ1BMFp9qj0zp5D2GVi/S4d
dKm/rUEPn3wyUVCmmvNQHZbQJxMNwtmLQIpxztJ9bNFFziLRh40j1YNDBnPDx6t4
o2egynL3I2iyYxCyBU+2B/cQI7OQWeXly9sIG+KwUbls/c1RBlI=
=7Zr4
-----END PGP SIGNATURE-----

Message #38 received at 868500-close@bugs.debian.org (full text, mbox, reply):

From: Santiago Ruano Rincón <santiagorr@riseup.net>

To: 868500-close@bugs.debian.org

Subject: Bug#868500: fixed in atril 1.8.1+dfsg1-4+deb8u1

Date: Sat, 22 Jul 2017 21:18:40 +0000

Source: atril
Source-Version: 1.8.1+dfsg1-4+deb8u1

We believe that the bug you reported is fixed in the latest version of
atril, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 868500@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Santiago Ruano Rincón <santiagorr@riseup.net> (supplier of updated atril package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 21 Jul 2017 07:00:08 +0200
Source: atril
Binary: atril atril-dbg atril-common libatrilview3 libatrilview-dev libatrilview3-dbg libatrildocument3 libatrildocument-dev libatrildocument3-dbg
Architecture: source all amd64
Version: 1.8.1+dfsg1-4+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: MATE Packaging Team <pkg-mate-team@lists.alioth.debian.org>
Changed-By: Santiago Ruano Rincón <santiagorr@riseup.net>
Description:
 atril      - MATE document viewer
 atril-common - MATE document viewer (common files)
 atril-dbg  - MATE document viewer (debugging symbols)
 libatrildocument-dev - MATE document rendering library (development files)
 libatrildocument3 - MATE document rendering library
 libatrildocument3-dbg - MATE document rendering library (debugging symbols)
 libatrilview-dev - MATE document viewing library (development files)
 libatrilview3 - MATE document viewing library
 libatrilview3-dbg - MATE document viewing library (debugging symbols)
Closes: 868500
Changes:
 atril (1.8.1+dfsg1-4+deb8u1) jessie-security; urgency=high
 .
   * Non-maintainer upload
   * Add 0003-CVE-2017-1000083-evince-comics-remove-tar-commands-support-3-10-3.patch
     Fixes a command injection vulnerability in CBT handler. CVE-2017-1000083
     (Closes: #868500)
Checksums-Sha1:
 ac1da8eefdb9b260dda5f96c0de7a81773677f5e 2978 atril_1.8.1+dfsg1-4+deb8u1.dsc
 1373d4119fe224d8a6515fd3a4d8a56f0ef00c4a 894092 atril_1.8.1+dfsg1.orig.tar.xz
 ba2ad685871ed1945ba37be7d13bbdba288bdb35 13984 atril_1.8.1+dfsg1-4+deb8u1.debian.tar.xz
 952f6bbbf2a53a3b2be82ca75ba1c44682cb7149 392578 atril-common_1.8.1+dfsg1-4+deb8u1_all.deb
 028c84784badc4076afa4da1b330a572bc1d50a7 152518 atril_1.8.1+dfsg1-4+deb8u1_amd64.deb
 84b03b9d6eb44c2574c44e8aa1b5cc569d785785 705828 atril-dbg_1.8.1+dfsg1-4+deb8u1_amd64.deb
 bceb347659f0684a6e9a46d343e1698437c892df 94126 libatrilview3_1.8.1+dfsg1-4+deb8u1_amd64.deb
 bfbd8959233539f337fd6c938cfddc214342c6db 13950 libatrilview-dev_1.8.1+dfsg1-4+deb8u1_amd64.deb
 68cd4b9301c725b0cf629ead6e695bc753d1b8fb 310632 libatrilview3-dbg_1.8.1+dfsg1-4+deb8u1_amd64.deb
 e49179ff4710a7b3b253065e1e702ce0983392ca 183198 libatrildocument3_1.8.1+dfsg1-4+deb8u1_amd64.deb
 e879a8fdf5a334c8d06739de88daeae2d0b8acec 24100 libatrildocument-dev_1.8.1+dfsg1-4+deb8u1_amd64.deb
 dba4d343edc35fb5aadec24cc7b5d9f6a2307a84 549242 libatrildocument3-dbg_1.8.1+dfsg1-4+deb8u1_amd64.deb
Checksums-Sha256:
 1a397ddb0f77ee92b66234a6225f212488ae0735ff85f31e04560a9bf0fd880e 2978 atril_1.8.1+dfsg1-4+deb8u1.dsc
 4405c1ccbfa41870aaed97701d6be28cc487f1411788ad6f77d104ce9cf6ecc1 894092 atril_1.8.1+dfsg1.orig.tar.xz
 c211c8b4ff2fe20539d8f5ce4f9db96152763eeb0c090ea8a3793e2ab3d3ec44 13984 atril_1.8.1+dfsg1-4+deb8u1.debian.tar.xz
 0ca22ef95602103c552a2ae8d6dbb999daada52fe0dfc9d30d3e06fa32dce0ab 392578 atril-common_1.8.1+dfsg1-4+deb8u1_all.deb
 7a59937f6956bd28f7f0227d185c09930ac64037ad0e1aae66b11ce49f3ac56b 152518 atril_1.8.1+dfsg1-4+deb8u1_amd64.deb
 76aa4097340cd86ea5dc25f40c925d9a972bbbc5c93cd5385afa46bb4da792d8 705828 atril-dbg_1.8.1+dfsg1-4+deb8u1_amd64.deb
 40074a009d45ddb47e771dfc4a98090ea8a3c01e33d114b97e2e956ef8f1f458 94126 libatrilview3_1.8.1+dfsg1-4+deb8u1_amd64.deb
 ac24ab6b834e9107fd727e510894be479c7dc1e7def6c4828797ffb98981b4e2 13950 libatrilview-dev_1.8.1+dfsg1-4+deb8u1_amd64.deb
 365d5f9c219c0c698aee027589d7b18261284c68672e1e38002211597d8e8dac 310632 libatrilview3-dbg_1.8.1+dfsg1-4+deb8u1_amd64.deb
 4f629e0cb6c18e730e69f94f77c0eed31fadbcf86d139e214b9fb1ad57faa83e 183198 libatrildocument3_1.8.1+dfsg1-4+deb8u1_amd64.deb
 5281584f1abafb2e9369ae193b37a015054a7f563ec7cb1646edb3ea98cfcc38 24100 libatrildocument-dev_1.8.1+dfsg1-4+deb8u1_amd64.deb
 ef0a0c8d9aba357646cbb522ae5a04b0dc00c5e9024142da030b4d106572845e 549242 libatrildocument3-dbg_1.8.1+dfsg1-4+deb8u1_amd64.deb
Files:
 cb2107692abfd2ea19af67494c701a35 2978 x11 optional atril_1.8.1+dfsg1-4+deb8u1.dsc
 44df9fcc478f90ad483b1bd32dd2a67a 894092 x11 optional atril_1.8.1+dfsg1.orig.tar.xz
 e6bbc203450f957f462bdfbaca3b45b4 13984 x11 optional atril_1.8.1+dfsg1-4+deb8u1.debian.tar.xz
 5aa09164d50c90a5d6a1e8f662af7847 392578 x11 optional atril-common_1.8.1+dfsg1-4+deb8u1_all.deb
 1501082bdf2f96232b4278b8c58c8be5 152518 x11 optional atril_1.8.1+dfsg1-4+deb8u1_amd64.deb
 5fba1dc90a84b6a3bc68fb022a5cf786 705828 debug extra atril-dbg_1.8.1+dfsg1-4+deb8u1_amd64.deb
 f0c7805988bd295993aceb201c8bfebd 94126 libs optional libatrilview3_1.8.1+dfsg1-4+deb8u1_amd64.deb
 8ff65c5c3b6c92283ddd0854ae261737 13950 libdevel optional libatrilview-dev_1.8.1+dfsg1-4+deb8u1_amd64.deb
 e2b2427d8e5666630e0b5f6fa86d41d8 310632 debug extra libatrilview3-dbg_1.8.1+dfsg1-4+deb8u1_amd64.deb
 cc0664b079950308d9db45e2a67a45d9 183198 libs optional libatrildocument3_1.8.1+dfsg1-4+deb8u1_amd64.deb
 429c2f6bde4ac2fac6a6c94c946349d0 24100 libdevel optional libatrildocument-dev_1.8.1+dfsg1-4+deb8u1_amd64.deb
 ca92dc27a5803026c12f8541a9f34cb3 549242 debug extra libatrildocument3-dbg_1.8.1+dfsg1-4+deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZBjBLN3JFZ8LzvKD3m/9uMjWSL0FAllxxFkACgkQ3m/9uMjW
SL2Raw/9FvLOZGUDtMvQoY8RhQffAzQBStIBGmAnWHOsNoY7/xa3zT86W52Hsrk4
8fppqdX2ZhF0vZE27B1Qs7y843k+iG34bOWiI5JDXPsZ612sVa/RtCyk5IuTczzP
/knZfYUw6lW84Rzfi5sIE7iQ2Is+stAla2Q5VlSJ+HzvPjhz9dUv7JDSdIyMtUVw
U4hDhvXg0Gg7G3E0aX8v+iLlfaWN46SjbFXzYlJj52u+qM0Gt2hH1LWUqogEm6UY
X/+1QSWadLoWsETrieuLAF3NsxBgXn1DCKERNoPrFEA6hfHP//TOGkXSkIXlrAwT
YEXw8GP3bxIQzTl3xOl1lSLi9EBbagyJNjXH1GR0Doz45rVtrkH8VU1u2Q9cWait
E0aqlpS6YNGQ8YU686GOKi+2vV2ycU+fi+gyK36tBMiPDahYbTJArOzR/lDrsQAD
bqjrq66Qg717nKr/7lwhbMMKs70LiHUvrjI2UWaWW5z6w3pWKFx8G3ezCMHqcqGY
LK/Kz256s+cFUnwyibYTJAfbzvb/IFfTt/naMr7NzkvUHYlD+s49oE0xvB4GIe4w
DsN7K3vufjx4cgyxSx7CsoTkHRIF+Hz/Tv2BpGi2jU76KoOzKYYFxx66wS8Nivtx
LFAFiR053TMhEKu9UuB9m+YA/Y25vaAAxhPFlxN+81H5QTomeJg=
=npQ1
-----END PGP SIGNATURE-----

Message #43 received at 868500-submitter@bugs.debian.org (full text, mbox, reply):

From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

To: 868500-submitter@bugs.debian.org

Subject: Bug#868500 marked as pending

Date: Mon, 24 Jul 2017 08:21:15 +0000

tag 868500 pending
thanks

Hello,

Bug #868500 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:

    https://anonscm.debian.org/cgit/pkg-mate/atril.git/commit/?id=d382faf

---
commit d382faf262ab92735199ada02c622e30a1dda27f
Author: Santiago Ruano Rincón <santiagorr@riseup.net>
Date:   Mon Jul 24 10:20:01 2017 +0200

    upload to jessie-security (debian/1.8.1+dfsg1-4+deb8u1)

diff --git a/debian/changelog b/debian/changelog
index a4e94f8..c1fd0c5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+atril (1.8.1+dfsg1-4+deb8u1) jessie-security; urgency=high
+
+  * Non-maintainer upload
+  * Add 0003-CVE-2017-1000083-evince-comics-remove-tar-commands-support-3-10-3.patch
+    Fixes a command injection vulnerability in CBT handler. CVE-2017-1000083
+    (Closes: #868500)
+
+ -- Santiago Ruano Rincón <santiagorr@riseup.net>  Fri, 21 Jul 2017 07:00:08 +0200
+
 atril (1.8.1+dfsg1-4) unstable; urgency=medium
 
   * debian/patches:

Message #48 received at 868500-close@bugs.debian.org (full text, mbox, reply):

From: Santiago Ruano Rincón <santiagorr@riseup.net>

To: 868500-close@bugs.debian.org

Subject: Bug#868500: fixed in atril 1.16.1-2.1

Date: Mon, 24 Jul 2017 10:03:54 +0000

Source: atril
Source-Version: 1.16.1-2.1

We believe that the bug you reported is fixed in the latest version of
atril, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 868500@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Santiago Ruano Rincón <santiagorr@riseup.net> (supplier of updated atril package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 21 Jul 2017 06:59:09 +0200
Source: atril
Binary: atril atril-common libatrilview3 libatrilview-dev libatrildocument3 libatrildocument-dev gir1.2-atril
Architecture: source
Version: 1.16.1-2.1
Distribution: unstable
Urgency: high
Maintainer: MATE Packaging Team <pkg-mate-team@lists.alioth.debian.org>
Changed-By: Santiago Ruano Rincón <santiagorr@riseup.net>
Description:
 atril      - MATE document viewer
 atril-common - MATE document viewer (common files)
 gir1.2-atril - GObject introspection data for Atril
 libatrildocument-dev - MATE document rendering library (development files)
 libatrildocument3 - MATE document rendering library
 libatrilview-dev - MATE document viewing library (development files)
 libatrilview3 - MATE document viewing library
Closes: 868500
Changes:
 atril (1.16.1-2.1) unstable; urgency=high
 .
   * Non-maintainer upload
   * Add 0001-CVE-2017-1000083-comics-Remove-support-for-tar-and-tar-like-command.patch
     Fixes a command injection vulnerability in CBT handler. CVE-2017-1000083
     (Closes: #868500)
Checksums-Sha1:
 5693b0b9df584d3aa8fda3e7c8467602edc3c323 2870 atril_1.16.1-2.1.dsc
 43b9fab4c55e27225baabf97247cfbf7a61781df 15312 atril_1.16.1-2.1.debian.tar.xz
 ff4971994c1ecf2145ae51d07230dd6cdccfb738 15986 atril_1.16.1-2.1_source.buildinfo
Checksums-Sha256:
 dc88f16c84baa9e0315613b49649726c796344e3b29b827d62374aed59739e3d 2870 atril_1.16.1-2.1.dsc
 6a46ef75cdb19fe7cc09834fc2ed5e0baf642116bbe28877aef6f024e7cf85c6 15312 atril_1.16.1-2.1.debian.tar.xz
 3d8d775f9f9bbfbb3bc02be0f0f0aa75f1b11db85ae2c88fa73ad16d2532d296 15986 atril_1.16.1-2.1_source.buildinfo
Files:
 af559ee89947e1b31dd4f8214de958ec 2870 x11 optional atril_1.16.1-2.1.dsc
 0e964604a648204f2c0e66225beb3423 15312 x11 optional atril_1.16.1-2.1.debian.tar.xz
 ad5e541a901be6e7cff1945a1135c1b3 15986 x11 optional atril_1.16.1-2.1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZBjBLN3JFZ8LzvKD3m/9uMjWSL0FAllxywIACgkQ3m/9uMjW
SL2nnhAAsIcuQJKjZQjElYUX+kb4RJ3RC4yuIfhAABqtKyQ7aoyDP+ScH4kFGpQM
dKvU5JDjFfGZkcrSE3So48wyLT9chC3NMm1q84aumj8ZwyxPLOG39Q9TFXFlOWo/
butyCOX6EFFqLt0R0bqvzclxrNO6ECO2SAMI/t7qCm0zuvW3C4SyWzXFtYkR57/v
X0hCRMCGQ1lmsBqIzJJOvOklA/NjiFNCA9WCMbI5xvbU+U9Wx0YgGtBCzvAiQtlz
xWda2FZYECX98cPGB3xjmsuvXxUpYpfbAJ29TOA9Jl+uEnRXhKIZ7cscrfgeHhLh
EF0yHI5stl7mPlTf5+rdEUXyFefgUKRDVpkuz7ISnWeUOF5bLj5zlsra138uiSJ2
aGNT4KSNM/laViYBkli44TZifmQJ3Oo6PPc8yUBwErPzHh9vwOqAiE6tTyMeANpd
+fX4eQKQxqo6GYC0/cjxia/MIivrC0xpNJYVHHY2bPYJtvnsblWVBEqJO6XlV0Zy
i1VMG6fOey+7CMAoYg2n/Lu9+6pteTk6b8+mRW+2ujcrRgOe+eufyJ+4AwO5cO3F
DiHxQfe/oi+2RMQVTFgiBIrgvddcPxT4v6PPV4ElXY+UZpihMeNCywus7FN13eYu
b2ltkrdtGdyYwlyS3FipRVaN/N92hkylcLAqU//4oR0zvDQIAT0=
=y+X8
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.