Accepted unzip 6.0-24 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 11 Jul 2019 18:03:34 +0200
Source: unzip
Architecture: source
Version: 6.0-24
Distribution: unstable
Urgency: medium
Maintainer: Santiago Vila <sanvila@debian.org>
Changed-By: Santiago Vila <sanvila@debian.org>
Closes: 931433
Changes:
unzip (6.0-24) unstable; urgency=medium
.
* Apply two patches by Mark Adler:
- Fix bug in undefer_input() that misplaced the input state.
- Detect and reject a zip bomb using overlapped entries. Closes: #931433.
Bug discovered by David Fifield. For reference, this is CVE-2019-13232.
Checksums-Sha1:
95b393f68128c8d0b6392f9c46068f0421745636 1344 unzip_6.0-24.dsc
4eb6b4a97af769ef197f7889050ba80d0f8d4aae 22064 unzip_6.0-24.debian.tar.xz
9f26f7bd3524b70a7ead460c7f2bb762f0ed7fe2 4862 unzip_6.0-24_source.buildinfo
Checksums-Sha256:
c2ae3430e7f80e3393ce654f8964a9b47a0510791f2f34e4b09d565457f62af8 1344 unzip_6.0-24.dsc
f11f6c939275201f52afb578e6625e470cd372c2e55e35e3f361d245b47c4961 22064 unzip_6.0-24.debian.tar.xz
9b4963ebf7789c4e99a0310db1a5bfa67d62201d0fad32bcc2435753ae2dec8a 4862 unzip_6.0-24_source.buildinfo
Files:
17529631e8f7c70ccb18256e24550ec4 1344 utils optional unzip_6.0-24.dsc
6311cf07e568328d7c85483de8cb8bf9 22064 utils optional unzip_6.0-24.debian.tar.xz
b86fb35651ff11ee559c31f1ca28f664 4862 utils optional unzip_6.0-24_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEE1Uw7+v+wQt44LaXXQc5/C58bizIFAl0nXloACgkQQc5/C58b
izLHGQf8D+gHv+sk+tQS5KGByTtcTs8Z06L9ZhWiHW0DOVFdalzeYZdO9F+VjZrX
iWNGwRUeFAkHvFQPnry09WLFgG+YhZvJlyA1b0bryZEyMt93XLkrhMPT54g+pbdY
i7oXsZogEFnS5pcmMN9TTr7UTwx76Go0GqeN/rA/RKoDor1wmtjHKFP4BcjwkBjv
1fWU+V5m/cib4/UI5QnaL90xAtRNcCQQELEDkPrsWHRX7f8/EKG4mSlgU92Sulm9
2lqj+AlZBm7BmAxBawa3deR9z/SXTswueFMdKy2ry9ij6GgCWpDMJy/kXn8e4W9s
0obpZbFXFI4cbPChe9WfOD0iovuuuQ==
=cKhs
-----END PGP SIGNATURE-----