Accepted libzip 0.11.2-1.2 (source amd64) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 20 Mar 2015 20:17:45 +0100
Source: libzip
Binary: libzip-dev libzip2 zipcmp zipmerge ziptorrent
Architecture: source amd64
Version: 0.11.2-1.2
Distribution: unstable
Urgency: high
Maintainer: Fathi Boudra <fabo@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
libzip-dev - library for reading, creating, and modifying zip archives (develo
libzip2 - library for reading, creating, and modifying zip archives (runtim
zipcmp - compare contents of zip archives
zipmerge - merge zip archives
ziptorrent - torrentzip zip archives
Closes: 780756
Changes:
libzip (0.11.2-1.2) unstable; urgency=high
.
* Non-maintainer upload.
* Add CVE-2015-2331.patch patch.
CVE-2015-2331: ZIP integer overflow leads to writing past heap boundary.
(Closes: #780756)
Checksums-Sha1:
82dabbee804504a392e507383a81c121d2b73e51 1912 libzip_0.11.2-1.2.dsc
e83e8369f497b87923c2dcbf224b9e4e9a0a16fe 4936 libzip_0.11.2-1.2.debian.tar.xz
Checksums-Sha256:
dd87b3cc2ebb29c3e4bd0f123dae19bd0cdaa6879d3cd6a0ff30a5e857a19548 1912 libzip_0.11.2-1.2.dsc
b7c60de18fca1aa5f529cda08a1f36c8d5be70c156f0ede2f9912d4be80f7d34 4936 libzip_0.11.2-1.2.debian.tar.xz
Files:
dedd5456363364460ce7bc5f9cd30e1f 1912 libs optional libzip_0.11.2-1.2.dsc
7ab53d5265f1e3592a84918963d804d5 4936 libs optional libzip_0.11.2-1.2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJVDHNaAAoJEAVMuPMTQ89ET0EP/3y0l8+fZD5fkdz2tQojqrVA
/2EdJD9anndZycAN1Dcke01jyL3Upb3NGZZc513RhdiuhGC0Y+PVKuh0EEG/k0+i
APdxhICjKLlrAKLzUlDI3ZLX9ecklEszfbfGdC8quPzAVbP4T940VqYwAEWF38O2
PnxJ63X752Vf+m0CCdUDV9iBw609srQ1KODBWMu0YUD3aOrU1Zpe38mg0uSO7scU
yFPGtX3l/ngslOZkSYOi44qmWcohPl/OSb8gE07vxyBcRaHZPXJKtMn+uI50uQG4
x1gO5bvWAbJQmUdkDdLJStOLmy+tAq3KbO2LimC5AeK2ona2gxHwqU/0xwfxW0d6
pLvglfP7jLRBgoWzc5nl4txZHePBRP84CRRk8tNziCv2qLOgvZnibuMA/4Z/TjAP
I3Ilq+R8gcw9KEe4NvaOXDJm5TqeGqXueAaKpkNyADRcjp8o9ipMXIGecB3bJBZS
r6EaTonwej3sGOrlCCEUFngiTnqHcVmLkVuBwVee78sEDk2OtTJvxk0wfOw8J6BE
NGsOEUrN9A02bhMJ0sQWakGK1zXLweC6YiCSuxNqAhI6xpMI/o03iuWpFOjuJwQR
zJCifXT0v9mIeR4zWEFwNLSpjT/bm1t6Vo5IFO+ooHe58HUvFkCJv74lTUd8JdGE
OxU2L+E0beXJailn7VSl
=ny0A
-----END PGP SIGNATURE-----