Back to bsdiff PTS page

Accepted bsdiff 4.3-17 (source amd64) into unstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 29 Oct 2016 07:34:37 +0300
Source: bsdiff
Binary: bsdiff
Architecture: source amd64
Version: 4.3-17
Distribution: unstable
Urgency: medium
Maintainer: Jari Aalto <jari.aalto@cante.net>
Changed-By: Jari Aalto <jari.aalto@cante.net>
Description:
 bsdiff     - generate/apply a patch between two binary files
Changes:
 bsdiff (4.3-17) unstable; urgency=medium
 .
   * debian/patches
     - (20): New. Closes: CVE-2014-9862
       Description: No check for negative values on the number of bytes to
       read from the "diff" and "extra" streams, allowing an attacker
       controlling the patch file to write at arbitrary locations in the
       heap.
       https://security-tracker.debian.org/tracker/CVE-2014-9862
Checksums-Sha1:
 6a329062b0f941b93e9656113ee448b30b34328e 1792 bsdiff_4.3-17.dsc
 7539a764ce0e26a22002f590e9017ea1d1a12328 6268 bsdiff_4.3-17.debian.tar.xz
 cfce6a4c39c33e2b302bea1ae07dac1e09ac64db 14054 bsdiff-dbgsym_4.3-17_amd64.deb
 ecb908377cb25114c838dfeaae82bcf30ba070d7 14948 bsdiff_4.3-17_amd64.deb
Checksums-Sha256:
 57f66c86656ffcb54d37308dcc7041049032a6b86017878b7d27322ab29d8d61 1792 bsdiff_4.3-17.dsc
 73a223bb4bdfcf78ceab2609786f6638facddf0db46729679fc700916c0246ac 6268 bsdiff_4.3-17.debian.tar.xz
 eb81fc19522ec92f0668f2fc437d18f57ec972b954f52ff48895ee6131fc7a55 14054 bsdiff-dbgsym_4.3-17_amd64.deb
 79d072690aec85fb6737bfedb116768eba8dc8f88b72fb8da18b21a588e3e984 14948 bsdiff_4.3-17_amd64.deb
Files:
 698124a52ed8e4a8f123d08d4236d824 1792 utils optional bsdiff_4.3-17.dsc
 4d41d379bb0111036cb901f1d1fb7362 6268 utils optional bsdiff_4.3-17.debian.tar.xz
 bafdab5f2feb5f253a0928b6552bf4bb 14054 debug extra bsdiff-dbgsym_4.3-17_amd64.deb
 e8a8e6fba9ba6a1e488ff12bea9f902a 14948 utils optional bsdiff_4.3-17_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJYFiwjAAoJECHSBYmXSz6W3moP/iC5PRO5d/Ehq5TYoKAcbnvr
arcY/p+AqsFfbbCIz+ra3766U/aIYUnlkc71R/MID7EeQnW+FmjdnNluUpbPY0Gz
fjpq50VXg+TjujLWWDcwb6EtUp4VTdNx48fRopVxfCucTJn3yAKPlwM8qHqGuXxe
4aEuU8Jzx0FYrPKDeIbsiR0dF4KhiXpozMHaxnz5+/wJmvg08Vu/awR/QV6XbCj3
RhxBC+3V76LlD8HX+bZHMJlzW/Ru8M/5GNUq3a3V0aDvUtHir1Ezc0BWC+Ir9+HN
fSBgLDw0PvN4ayrExpN7RAEY5Lxvp3zZuzNNYREdApkToeewRT2UQ9xeZ+F5HKaW
V2kyBux5JqApVohMrK/RBNDZ53ynoD0T9Tdq5VnJsB1cdqnz7w5ZGJIL4TJV684n
lEiMT1Ti+Nbi6veR72mSiks9jEMQtlGBhvqVm3W7dAuV1xI4D8XwRr3CNmpibWTT
VZLL76/QAzYSuquhL3LrvNvVEAh9SKZeQHLTb8rsRXzOpDxzDKpYXgBzp0nX2Cxt
Rp5mxOWk/5xKn/QBvO/InNPy1kaNUZ3LwmzD7IOu3BSaOVOfPDQp5ZUuaE8/4CGJ
Q5rPnjmoBw2fDW39WFsZbOrULEH/7UtqYLs1ScdkFFwOZOvOyllJ5coaJde4ep38
eykEZzmZY3oGDm8VWFXU
=45kw
-----END PGP SIGNATURE-----