Back to lrzip PTS page

Accepted lrzip 0.631+git180528-1+deb10u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted lrzip 0.631+git180528-1+deb10u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Thu, 26 May 2022 20:33:17 +0000
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=nUL+nylkvGMZ5ju8v6/ah4PAeWXMPe/Ai1CRtX2PMbs=; b=obdcslNG38fY/bo2xx7lQFcIDK RddINYSbEDbTMsDVEfH5VRoBvjCVgcZ8e8TdBJGKne7MmQtz5NOQcXJufmVnpDMfXs2qe0N+lnrMb JujZdzrO8zm/OVuz0uiMuXsIQ93jVcj4QhMPOx6Yt59eMRJ2/96Gd4k/OoZlIzURX+xVm8PPoDw++ jAgLFB/Y43cLKisYa4MLMVKByUmO9KTjy90ng/iWl+lWTXroy3Isp+mpn3Y39I2XC9fp5RI56V+Xd 4HiQQiP+PA/UJ7/XNtqrc5IWqXL0l3tH/qu1bBkxfIQT5Qp5MVzzXf9kRLt9gM6XDt+ew4xRwLQQG UKsTaXkw==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1nuKAX-000BqW-PA@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 12 May 2022 20:53:05 -0400
Source: lrzip
Architecture: source
Version: 0.631+git180528-1+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Changes:
 lrzip (0.631+git180528-1+deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security updates:
     Two issues that allow remote attackers to cause a denial of service via a
     crafted lrz file:
     - CVE-2018-5786: Resolve a potential infinite loop and application hang in the
       get_fileinfo function.
     - CVE-2021-27345: Resolve a null pointer dereference.
     * CVE-2021-27347: Resolve a use after free.
     - CVE-2020-25467: Resolve a null pointer dereference.
     - CVE-2022-26291: Resolve a multiple concurrency use-after-free.
     A memory corruption issue:
     - CVE-2022-28044: Resolve a potential heap corruption.
Checksums-Sha1:
 57e2235ab0f60b8928c126b8168821cdd05f0c07 1291 lrzip_0.631+git180528-1+deb10u1.dsc
 f85ef5597367c795efcbcd235747ec073c8cb00b 200908 lrzip_0.631+git180528.orig.tar.xz
 4ba28a5f12e892cd0e1248ebf5d60cf163634e84 10952 lrzip_0.631+git180528-1+deb10u1.debian.tar.xz
 648230920b6d4a370567e680f9d5cdaf2ab5fdc1 5262 lrzip_0.631+git180528-1+deb10u1_source.buildinfo
Checksums-Sha256:
 66b55fb9b37edf718f40de6941e5a395c3ee298af7111b3bd52c051ba4302ce8 1291 lrzip_0.631+git180528-1+deb10u1.dsc
 006772b04772846e0caa4973ebada8868b294d0fd31c0a712350dea7e7dbe783 200908 lrzip_0.631+git180528.orig.tar.xz
 f8c49f24910436706edf872a9b3e092ebb09c76f143170815d447c3f38042f81 10952 lrzip_0.631+git180528-1+deb10u1.debian.tar.xz
 82bc4944897f7011499dc89214c602521c9273edc9ab3574d7377ff2b1a9fdb7 5262 lrzip_0.631+git180528-1+deb10u1_source.buildinfo
Files:
 f78918dafa7973d3c97bc21c8071d277 1291 utils optional lrzip_0.631+git180528-1+deb10u1.dsc
 efc958c4ad722963c9c6f01afb0d2311 200908 utils optional lrzip_0.631+git180528.orig.tar.xz
 27b2ba256eaa648c502bfee977349d79 10952 utils optional lrzip_0.631+git180528-1+deb10u1.debian.tar.xz
 66c0083683d5e06e35989f52962c6ff7 5262 utils optional lrzip_0.631+git180528-1+deb10u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iIoEARYKADIWIQTumtb5BSD6EfafSCRHew2wJjpU2AUCYofuShQcc3RlZmFub3JA
ZGViaWFuLm9yZwAKCRBHew2wJjpU2O8tAQC+f3q0B652PG+NyxS1MG6xPg/sk69T
h+zgVLLj53gc+QEAgIFKBE46+vLo8ZRauodaKWonx2R75OI7p5rC8wfIiAg=
=BpAN
-----END PGP SIGNATURE-----