Accepted tnef 1.4.9-1+deb8u3 (source amd64) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 29 May 2017 15:03:02 +0200
Source: tnef
Binary: tnef
Architecture: source amd64
Version: 1.4.9-1+deb8u3
Distribution: jessie-security
Urgency: high
Maintainer: Kevin Coyner <kcoyner@debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
tnef - Tool to unpack MIME application/ms-tnef attachments
Closes: 862442
Changes:
tnef (1.4.9-1+deb8u3) jessie-security; urgency=high
.
* Non-maintainer upload by the Wheezy LTS Team.
* CVE-2017-8911 (Closes: #862442)
An integer underflow has been identified in the unicode_to_utf8()
function in tnef 1.4.14. This might lead to invalid write
operations, controlled by an attacker.
Checksums-Sha1:
aa6d113bfae4f8f04da35978c9c2b669557dcd84 1884 tnef_1.4.9-1+deb8u3.dsc
d42ccbe3d41e797fb4133f2e01120680101e8782 3952575 tnef_1.4.9.orig.tar.gz
1214174f0d7d5fa6409e511262a516314eeb6e9a 7248 tnef_1.4.9-1+deb8u3.debian.tar.xz
d368e2a9fe77021a12f4949d71267b859d896a63 48066 tnef_1.4.9-1+deb8u3_amd64.deb
Checksums-Sha256:
84bc6fe7224c3b7f4ca71996405fa750122f7255c4d054253bb6a4f2897a2330 1884 tnef_1.4.9-1+deb8u3.dsc
c4d64ec48f79681a11ee45b38c6b2177ce2d0a8c8f99733e90d462bd27eee6af 3952575 tnef_1.4.9.orig.tar.gz
edfa164182caec008c08d7378e630fb83473c96bc4d0698ca1aea09ff7dad490 7248 tnef_1.4.9-1+deb8u3.debian.tar.xz
5d063045886feec721c2470cd6e7f332a0d0883a4c770f2073acdc535fe51352 48066 tnef_1.4.9-1+deb8u3_amd64.deb
Files:
efa5fcccfc0284dcfdc93867aebfe9a8 1884 text optional tnef_1.4.9-1+deb8u3.dsc
83a3a8fe0c15c9bbe2a8dae74c46b761 3952575 text optional tnef_1.4.9.orig.tar.gz
21b000e1aeffbbda48a2842c3200b440 7248 text optional tnef_1.4.9-1+deb8u3.debian.tar.xz
700ebfd94d50fb3804adca7c0e682bca 48066 text optional tnef_1.4.9-1+deb8u3_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlku8X5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR2AIEACj3hNomMMI7ZV7+omqzKmPI3Jse/2R
mRhHlHyxkgyQs3HXEWIqqyBt2nBWS3ejJijYFQOHsThaQosOhCxqg1jvNSgNmi32
q3sWY2X9s2bK5WIEr+MribTJ/MBd1JE1NEdGD/INL4rlf39Tu3S1VhWXJpLo2BVF
4OYFg/VMrlJirnLrXjt6mma7Mc/OethSSl6bBhk+Hnv2vvNiGHJOFU2zhvLA+UA1
BYJAOEUOv2CPZvnZrtPT4T6wukPyCaCEbLlDWdI1U58q1lIMAhxgEt+w07ylHk88
5BdTc8jFHJIACs5X7OChxgsvCvEM1fKjOwdIMImjdUHN1JmSiypRN6rVA3wmwKU0
y9hNCT0QpaABnrHgjwaMkT8VZQ0Cw8hxidQMA3iKK9VYbpNoape1tpLGBvbjjoGg
9wdFu6mJoGhdGOY19US/9214XdP4pa9/tvzTOJ195Eww363UPhwfXl0sDQbDjgyN
ayBoCuwIUXV3Ra/Drif4y9eTNQIDskbmUimJuWpXFhYqlyx7A2j7y6WZS10TEblS
e/60cjRih5mDFMPU9XQ4J3ipqHnpzMnfwvbw5uKYWL/dKulGUduIGOgPC5tHBMmh
4qlQmAo2Yqr+3MHmsSMndJBQ5fJFJSTafdjwD+9NBEcjrIIG1nNdxnOMzWZ8sPNn
IwjDqr9cmvvTBg==
=UdB2
-----END PGP SIGNATURE-----