Accepted libmspack 0.5-1+deb9u2 (source) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 02 Aug 2018 19:18:37 +0200
Source: libmspack
Binary: libmspack0 libmspack-dev libmspack-dbg libmspack-doc
Architecture: source
Version: 0.5-1+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Marc Dequènes (Duck) <Duck@DuckCorp.org>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Description:
libmspack-dbg - library for Microsoft compression formats (debugging symbols)
libmspack-dev - library for Microsoft compression formats (development files)
libmspack-doc - library for Microsoft compression formats (documentation)
libmspack0 - library for Microsoft compression formats (shared library)
Closes: 904799 904800 904801 904802
Changes:
libmspack (0.5-1+deb9u2) stretch-security; urgency=high
.
* Non-maintainer upload.
* Add security related patches:
- 0b0ef9344255 ("kwaj_read_headers(): fix handling of non-terminated
strings") CVE-2018-14681 (Closes: 904799).
- 4fd9ccaa54e1 ("Fix off-by-one error in chmd TOLOWER() fallback")
CVE-2018-14682 (Closes: 904800).
- 72e70a921f0f ("Fix off-by-one bounds check on CHM PMGI/PMGL chunk
numbers and reject empty filenames.") CVE-2018-14679,
CVE-2018-14680 (Closes: 904802, 904801).
Checksums-Sha1:
5c9f0fbfedf31f1cd33e111a60e6c0c685ee096f 2106 libmspack_0.5-1+deb9u2.dsc
cc17071c87465b1a8264767583dd7b670abbf2b6 7124 libmspack_0.5-1+deb9u2.debian.tar.xz
fe512a9b15125f8394dcd4876559292f7cf94f0a 6116 libmspack_0.5-1+deb9u2_source.buildinfo
Checksums-Sha256:
e3fbbfed0730969d85c86b27b79e3dd4b6464bfa7ceba7c42b905c738ec6228a 2106 libmspack_0.5-1+deb9u2.dsc
ba4541e19644fa172eb7112cf4e1592935ada70dcff62bc678c8d6b464f27b23 7124 libmspack_0.5-1+deb9u2.debian.tar.xz
78818be2e122b1ff8eaac88ea05000e539c8a56246dace3b6233f0e1bd767846 6116 libmspack_0.5-1+deb9u2_source.buildinfo
Files:
6834b0ae397e7c36eab83fba42655fd4 2106 libs optional libmspack_0.5-1+deb9u2.dsc
d09b9886f5632e7ffe82fe0075293003 7124 libs optional libmspack_0.5-1+deb9u2.debian.tar.xz
e89db6738dc56a7826dbf6f9d32ff475 6116 libs optional libmspack_0.5-1+deb9u2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEErHvQgQWZUb1RregAT+XjJihy5MwFAltjP0gACgkQT+XjJihy
5MyVhw//aeKT+0VC1b6C6mVdfSv+h3WS8dMuMNJglNow02Bue0w+xIK8RXa+I5Q2
WdKVJBs3wa4SxqhBqyJFqq5vP31tM99fDGgAPlttZrkkJ84YJFWF2MSGC3GV8zTQ
NHvZ3iIvw9xj6DxCWcQHX2uTfSAJD4HYY4+argiCkiq2kBHQcqvItSjh77gN6BYr
uPaPkU6826NXq3Nn15rvWtHBKPpFjTPiLQBNvNlEoZxgyQ67k/wPNT4kxScOUju+
UjK5UGuSPjS43d5i/eHFotvBvM47CjS5/8bKtVDjS9n92829MPsVF1w0+pd3aW9t
iXcEhnEIXeyPfBh4HZJzxV+isK6YDlxhLkC9wC3eA30Lw532AEXPRbwitGKug+bj
3GK31Gj6d9eQtrcNR9wuBncs00iPCTiZlDTA14SDRs12hHdd7z9+8cQRE6X2vYro
G5UTvJbioqY3hDlp27Rwyt0OjuaKzSwzN9FtzFaWjaAUNyb4Ss0CIWnnH+dqF3Us
W2LlNm+IpZPdyJMFX+4R0SXzwB4YlQNroSGPLzYPnONgWZguoHaVs9S61LWu2X++
W7Q1rgdWLy/2alR7z7xQNECVTt2bOrN8TRr03ZPuoCMBoF44ce5hXYyzvPxnylfG
K6rA7fkGBLwZrW636YrrdT9Fto6uGBF+t2sr5mEc9cj1GFB1BB8=
=uktX
-----END PGP SIGNATURE-----