Back to lrzip PTS page

Accepted lrzip 0.631+git180528-1+deb10u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 12 May 2022 20:53:05 -0400
Source: lrzip
Architecture: source
Version: 0.631+git180528-1+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Changes:
 lrzip (0.631+git180528-1+deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security updates:
     Two issues that allow remote attackers to cause a denial of service via a
     crafted lrz file:
     - CVE-2018-5786: Resolve a potential infinite loop and application hang in the
       get_fileinfo function.
     - CVE-2021-27345: Resolve a null pointer dereference.
     * CVE-2021-27347: Resolve a use after free.
     - CVE-2020-25467: Resolve a null pointer dereference.
     - CVE-2022-26291: Resolve a multiple concurrency use-after-free.
     A memory corruption issue:
     - CVE-2022-28044: Resolve a potential heap corruption.
Checksums-Sha1:
 57e2235ab0f60b8928c126b8168821cdd05f0c07 1291 lrzip_0.631+git180528-1+deb10u1.dsc
 f85ef5597367c795efcbcd235747ec073c8cb00b 200908 lrzip_0.631+git180528.orig.tar.xz
 4ba28a5f12e892cd0e1248ebf5d60cf163634e84 10952 lrzip_0.631+git180528-1+deb10u1.debian.tar.xz
 648230920b6d4a370567e680f9d5cdaf2ab5fdc1 5262 lrzip_0.631+git180528-1+deb10u1_source.buildinfo
Checksums-Sha256:
 66b55fb9b37edf718f40de6941e5a395c3ee298af7111b3bd52c051ba4302ce8 1291 lrzip_0.631+git180528-1+deb10u1.dsc
 006772b04772846e0caa4973ebada8868b294d0fd31c0a712350dea7e7dbe783 200908 lrzip_0.631+git180528.orig.tar.xz
 f8c49f24910436706edf872a9b3e092ebb09c76f143170815d447c3f38042f81 10952 lrzip_0.631+git180528-1+deb10u1.debian.tar.xz
 82bc4944897f7011499dc89214c602521c9273edc9ab3574d7377ff2b1a9fdb7 5262 lrzip_0.631+git180528-1+deb10u1_source.buildinfo
Files:
 f78918dafa7973d3c97bc21c8071d277 1291 utils optional lrzip_0.631+git180528-1+deb10u1.dsc
 efc958c4ad722963c9c6f01afb0d2311 200908 utils optional lrzip_0.631+git180528.orig.tar.xz
 27b2ba256eaa648c502bfee977349d79 10952 utils optional lrzip_0.631+git180528-1+deb10u1.debian.tar.xz
 66c0083683d5e06e35989f52962c6ff7 5262 utils optional lrzip_0.631+git180528-1+deb10u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iIoEARYKADIWIQTumtb5BSD6EfafSCRHew2wJjpU2AUCYofuShQcc3RlZmFub3JA
ZGViaWFuLm9yZwAKCRBHew2wJjpU2O8tAQC+f3q0B652PG+NyxS1MG6xPg/sk69T
h+zgVLLj53gc+QEAgIFKBE46+vLo8ZRauodaKWonx2R75OI7p5rC8wfIiAg=
=BpAN
-----END PGP SIGNATURE-----