Back to bchunk PTS page

Accepted bchunk 1.2.0-12.1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted bchunk 1.2.0-12.1 (source) into unstable
From: Markus Koschany <apo@debian.org>
Date: Mon, 06 Nov 2017 17:04:14 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1eBkoo-0007E3-Em@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 06 Nov 2017 17:35:51 +0100
Source: bchunk
Binary: bchunk
Architecture: source
Version: 1.2.0-12.1
Distribution: unstable
Urgency: high
Maintainer: Praveen Arimbrathodiyil <pravi.a@gmail.com>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 bchunk     - CD image format conversion from bin/cue to iso/cdr
Changes:
 bchunk (1.2.0-12.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2017-15953, CVE-2017-15954 and CVE-2017-15955.
     bchunk was vulnerable to a heap-based buffer overflow with an resultant
     invalid free when processing a malformed CUE (.cue) file that may lead to
     the execution of arbitrary code or a application crash.
Checksums-Sha1:
 249a0ca4dbd730a657ffd1df457633511c252f8f 1972 bchunk_1.2.0-12.1.dsc
 55a9267538f86877fd32ca374aad063cecacb240 5428 bchunk_1.2.0-12.1.debian.tar.xz
 542f6756eeda9b182b7595e31e5a4d9517f79182 5518 bchunk_1.2.0-12.1_amd64.buildinfo
Checksums-Sha256:
 5433b33b5c5c9326ad0e14c3d63728a14ab454ba6f1d7f7009a925fbf755880d 1972 bchunk_1.2.0-12.1.dsc
 8c7b530e37f0ebcce673c74962214da02aff7bb1ecc96a4dd359e6115f5c0f57 5428 bchunk_1.2.0-12.1.debian.tar.xz
 083a79240df7f5a0cade603b62bfa1216f09aee0d7d771a77f490ab75da36339 5518 bchunk_1.2.0-12.1_amd64.buildinfo
Files:
 2eddd7ad4a2b44715dd391f6613a370d 1972 otherosfs optional bchunk_1.2.0-12.1.dsc
 2d4452cb883741e37178f25f82d5dc01 5428 otherosfs optional bchunk_1.2.0-12.1.debian.tar.xz
 2d0f9030f6ff4818a671ba76b8e61cff 5518 otherosfs optional bchunk_1.2.0-12.1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAloAkFtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk0V0P/iXZOhk3FLOfxvnO4BknXqqvk9EVITJiSeiN
G9oS9ZCmb4NS090LJD42HOaKt51sqAkv/Eu1UM7R4FSyErDfijOU+IM+jBQsoJxn
qfDNHur+JR2Ib13MjWBJfFETmGY6KXQ5t4ngA5XeFzQ5/l7E1fCy9JBnkom/Xb//
gkWD0eYZBOkemlnyr4KBjG+pfcc2XuLlA6GMrrNOJzpRo8ur3uqhvExckF3Zsq6g
IzO3P19N0I8HvqR5yGY7ibl2MK8qfdALx52SQV8ywPHr8AfpQIxaT3iFUpRI80mn
T4G8b0C6Mq2FvZ3MjmHqYyauyiX8UIaS1b2fNNzk5OEbBABzRRLJXlD7gtAPZsMf
X0wlN4pGevv3Ls7HDj65rFJCWFGYJ0Y5Y3RNERCWdqKdxOKb2K4/s7jFw+THuyc8
PW2FgpS9vN3ohKiaFp5bDvxXjHt7uCZX92byOxKcpJ8JcgnffBXSoXpYabu1b+qM
LOx0KJV+rFvm9xEwPUnlNnrIDPSPR63j6Yx35hi5/o7X3qoxSUjbN1n7VTvhTMt1
kFaq7bKiaSHVPKOJcyu7bAcQUDnWXafyVX4lALhlH+j6VXDyqUHCyt7yj2MlZPnx
oZX1XP/ty4Xx8SiL940Pnu53NSSJ4NM6F8KtgZeoqoCawNgnIbdUAsUyayLdPf3S
7+va1mM3
=yMeY
-----END PGP SIGNATURE-----