Back to lrzip PTS page

Accepted lrzip 0.641-1+deb11u1 (source) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted lrzip 0.641-1+deb11u1 (source) into proposed-updates->stable-new, proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Thu, 26 May 2022 20:32:18 +0000
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=Kj1Uqmnybmjk5POKhkEaLSX5OiVIb8LDgvk5cBFd/fY=; b=Cv9FaD0mFlmQq+yONXkjPPIawV WG/jpFLxqadu+dh35SQboI0jdLBfV/Eg+sOqGJ16oQl39FkheDKouJ+4gXZBsDihmsztoSXUefaZC DwQxbdW9Yxw31a4G3l4txlqAlmnAgaqDZi2+SXYeIe8P8Uh8OJaVdADG8P8qKhb8h3MzD4Cr0nNMI M7+wLpYUCtUr5aXRtLhdVrMjWiQCuw3kbnxxbjVyEKbH+94+ypk791lVVl0CEC9ed5pD1mS1WE77/ atynNdCUhUtkqpF0zgdBhRBdtP+dycKxejFlpDQN/AqKJiuUPwtw0WTLZRAjPo4Tsa0P5oPinAruO 5PAlKEwA==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1nuK9a-000BYl-Gp@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 13 May 2022 19:39:31 -0400
Source: lrzip
Architecture: source
Version: 0.641-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Changes:
 lrzip (0.641-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security updates:
     Two issues that allow remote attackers to cause a denial of service via a
     crafted lrz file:
     - CVE-2018-5786: Resolve a potential infinite loop and application hang in the
       get_fileinfo function.
     - CVE-2022-26291: Resolve a multiple concurrency use-after-free between
       the functions zpaq_decompress_buf() and clear_rulist().
     A memory corruption issue:
     - CVE-2022-28044: Resolve a potential heap corruption.
Checksums-Sha1:
 38a67591f0845f9d9674fa7e17117a3d58ec031c 1236 lrzip_0.641-1+deb11u1.dsc
 c8c070e206b8ecf707c15406689355344ebb2f67 262761 lrzip_0.641.orig.tar.gz
 2a0a5e268e29c25c34687b887f66e5dbe99a1700 9664 lrzip_0.641-1+deb11u1.debian.tar.xz
 2bc1658c6c8a9e2f5c4a6f4437a07eab9d11e731 5247 lrzip_0.641-1+deb11u1_source.buildinfo
Checksums-Sha256:
 251d7265feca46adc383f312ef0287b6c38bcc0cd516038261a1e2b9aaa30410 1236 lrzip_0.641-1+deb11u1.dsc
 9b6b4bb1ae76dafbaab96ec9d50d41af5fed45a6c4f2e06feea828c2cd8025c0 262761 lrzip_0.641.orig.tar.gz
 a9c78824c082abf5c230abcf0947fdaa839258b7e0d869cfc772f9e2bc71c79c 9664 lrzip_0.641-1+deb11u1.debian.tar.xz
 006723ca8799c86175cacdb670bfcf63246acb7bde23b7f8138a0b0ea5e392fb 5247 lrzip_0.641-1+deb11u1_source.buildinfo
Files:
 9ed69c38d49b44abeeee77e17eae8fa0 1236 utils optional lrzip_0.641-1+deb11u1.dsc
 91f15333c4df7dc848d241d8470fb7c0 262761 utils optional lrzip_0.641.orig.tar.gz
 dc610d6c51d0b2d7a5fa4744f6720a36 9664 utils optional lrzip_0.641-1+deb11u1.debian.tar.xz
 3a906e4fff5b8e7a2348cef1df62de4d 5247 utils optional lrzip_0.641-1+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iIoEARYKADIWIQTumtb5BSD6EfafSCRHew2wJjpU2AUCYofuVxQcc3RlZmFub3JA
ZGViaWFuLm9yZwAKCRBHew2wJjpU2PvxAQDjrBElKxlDVbTWNPWmkw/we3MCVf6T
02Lo4z1B1CGfYwD/Ry4WxxIfsCeDqzXRjJ2gSZ24Fs8hQxH+o57B3FBiugs=
=+RHb
-----END PGP SIGNATURE-----