Accepted unzip 6.0-8+deb7u4 (source amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 22 Oct 2015 12:59:24 +0000
Source: unzip
Binary: unzip
Architecture: source amd64
Version: 6.0-8+deb7u4
Distribution: wheezy-security
Urgency: high
Maintainer: Santiago Vila <sanvila@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
unzip - De-archiver for .zip files
Closes: 802160 802162
Changes:
unzip (6.0-8+deb7u4) wheezy-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix infinite loop when extracting password-protected archive.
This is CVE-2015-7697. Closes: #802160.
* Fix heap overflow when extracting password-protected archive.
This is CVE-2015-7696. Closes: #802162.
* Fix additional unsigned overflow on invalid input.
Checksums-Sha1:
983e8410c3496a796dddc07d6b5a33e5729797da 1676 unzip_6.0-8+deb7u4.dsc
f3f54bfc28760c590bea2e42ab615055045d693c 16408 unzip_6.0-8+deb7u4.debian.tar.gz
07e7eabcb5f9173aaa4e61eafa708ea1e51fd850 196196 unzip_6.0-8+deb7u4_amd64.deb
Checksums-Sha256:
b51e1fbc8df6dd1207e20a77bfc26098dddf3bdf1393b9d3874696ae225337cc 1676 unzip_6.0-8+deb7u4.dsc
9f2702bc4d2c558926a76298cc524eaec93d8da99f7540107217745f1f430764 16408 unzip_6.0-8+deb7u4.debian.tar.gz
aa1b9672d69c843214f565a29a77432f9ce1a6cf495c64cc3bf63245ed86324f 196196 unzip_6.0-8+deb7u4_amd64.deb
Files:
a59776bbffa09226be950bd397e05ace 1676 utils optional unzip_6.0-8+deb7u4.dsc
727356974f30d47a6f322ec433e14673 16408 utils optional unzip_6.0-8+deb7u4.debian.tar.gz
82323d4a754cd31b8daf97a5dcd4700a 196196 utils optional unzip_6.0-8+deb7u4_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJWKegIAAoJENzjEOeGTMi/C8sP+wXvdqUebQg+RbhJ63l7oMMt
V1y5Du7rPOjF3ZK4VvKBO3JHHoXIx1rh4nWskwXerhmwp0LwhsTUW7zMycGmW54D
mLcSj/lyWAces1FhidO6nZpGonNkwS0wyr3uV0neXhj4zNGHAd0CBzxVs866te6w
DGL344EKpCgPa0lhsWy6vv+W+HhDzXlsVzb1fIGrmcBPztFHWkBQjauPiAd8VHEx
7ktPYUNxL5ldfFpdjiAIY7fcbyETReIR9AZktK7/1wPzEvQq6A28bnAu5qOQc2fX
VxPnvETdGY7DII0tFMiZo6GdKeNobVK9kxe+ohnAC5Op27D1EAJx7jGj6hktjfJ4
7NQr7dFsYmnrKBtDWzaMEArqsH90kBSUqlayXZ6YYhNw0iEKKTxA1lWZ2wqIYnxh
nMQCAXhT+i8LiAJMzlImPwItfVG7+Jw6bBE569SMnUVW1y7NQZhZnHF7sDfKMGl4
4GLM1LGDT4AHfj+7E2n4rtWAbV7DYru2dDqBOAG/YtqO/P/zzXEpUoIGi9Boognt
Gp9g3PYII1RKza82VYQBdR10dPSPg6tdVYgwLWBnIONEUcKeXpHSSHcJVemKa2J2
2bZUo9vKFcj/BGmCPlu10b7VXftXPSgQEf+Q/gNxX+MXr/gmWSFEUhQF/ZJxhkdn
Umj1aRWiaxhOylaPpF3D
=+RMZ
-----END PGP SIGNATURE-----