Accepted lrzip 0.631-1+deb9u1 (source) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 01 Aug 2021 22:51:17 +0200
Source: lrzip
Binary: lrzip
Architecture: source
Version: 0.631-1+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
lrzip - compression program with a very high compression ratio
Changes:
lrzip (0.631-1+deb9u1) stretch-security; urgency=high
.
* Non-maintainer upload by the LTS team.
* Fix CVE-2017-8844, CVE-2017-8846, CVE-2017-9928, CVE-2017-9929,
CVE-2018-5650, CVE-2018-5747, CVE-2018-5786, CVE-2018-10685,
CVE-2018-11496.
Several security vulnerabilites have been discovered in lrzip, a
compression program. Heap-based and stack buffer overflows, use-after-free
and infinite loops would allow attackers to cause a denial of service or
possibly other unspecified impact via a crafted file.
Checksums-Sha1:
183233a237b8db63ab60ee8d869c652d1f5ed8f5 1982 lrzip_0.631-1+deb9u1.dsc
49143bf5433270133ac9adff429e5d6c248e9019 522158 lrzip_0.631.orig.tar.bz2
0a4dd296cb04c93268439d100bcdd2e0608cb2b4 18692 lrzip_0.631-1+deb9u1.debian.tar.xz
7ef876f696f3c97cd2d4c33c8dcd59f31b4e077b 6372 lrzip_0.631-1+deb9u1_amd64.buildinfo
Checksums-Sha256:
148974258c733dc554235ea07aecdf41e79ffd1a9af75418cf5142af38e9606a 1982 lrzip_0.631-1+deb9u1.dsc
0d11e268d0d72310d6d73a8ce6bb3d85e26de3f34d8a713055f3f25a77226455 522158 lrzip_0.631.orig.tar.bz2
aae1dfa65b93f9850ea18e671196a2344277aca2b731f6cf9c1999df8cdc55aa 18692 lrzip_0.631-1+deb9u1.debian.tar.xz
0ac01e9b26c6f50b431f2cafb2b4f919063b8c631d66ea5eea2711e2574f01b2 6372 lrzip_0.631-1+deb9u1_amd64.buildinfo
Files:
7eb628727b09999df99a7b836f2b9734 1982 utils optional lrzip_0.631-1+deb9u1.dsc
28f6e69ff4a6f9771dd4eb142df135b6 522158 utils optional lrzip_0.631.orig.tar.bz2
0f2bb85894ce1d49209986c040da850a 18692 utils optional lrzip_0.631-1+deb9u1.debian.tar.xz
9a1c7fdbc8aa0c023c1cf3af79b8be35 6372 utils optional lrzip_0.631-1+deb9u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmEHDR1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkP/MP/1DTChzGfW/BBRb8qqqOyPYjPQKfA+bGzNTU
lKE6K3V2SX8+eReb7WLmIyd/51Mvx4V9enL+f0nXivFWdBNzJwb6YkXTP2DZCBny
5XiMQOuWXL++iL4+AOwZxpXWaBSD3TMW7XxxIRl6bNzrLoJbH6Uq0E6AKZke0t9D
nV3kRMKBagyPKlh5aEYTcYAq3bmKezKMfelPNGNDMaNiQbmVKYhz6+GVARhDUW7D
XhGsS2ftx1/MftOB0TBgTEWPN+c0ha+kIu2Gk9q2GusG2bmMm6JF3DIbvn0qQDEU
CCNytrj6Gs1fll9wlbjTv6ZNZjKAjYVhHOpmotRAQr7ug6/N8NnPxYa5oFoa4XMZ
xki6qfR8JSSGw4JRcAOGfxCwHqZ/RN0HS2+LoLI25V49R8lkjD5Wq5uVu0fnsWyQ
mZHW5Q/xlXmxOzI9hWNPoLisN2PHIpiOYtNpBIJgTT5oPivOrIWZGeugUW4z3ceA
PFZnKW52x1X8E/QjC4qB6d9/HzMWYf6f8mXrngoP7idYA4KIQDgZnqQEfBWQ2YXZ
TxUY3qmxAJAaZgkNe63BNIquL76nNwnQAI0NBReCKrnCR63yPsaB3Bj17o5hiZw8
EAoQuer/hHuNgT3ZNyUackNQH5L/hbbqh/spM+VaJNsvhMjWqW9CGpX53HVoXjwl
rcYQs7YZ
=LZjw
-----END PGP SIGNATURE-----