Accepted lha 1.14i-2.woody4 (arm m68k hppa sparc source alpha ia64 powerpc i386 s390)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 13 Nov 2004 20:41:00 +0900
Source: lha
Binary: lha
Architecture: alpha arm hppa i386 ia64 m68k powerpc s390 source sparc
Version: 1.14i-2.woody4
Distribution: stable-security
Urgency: high
Maintainer: GOTO Masanori <gotom@debian.org>
Changed-By: GOTO Masanori <gotom@debian.org>
Description:
lha - lzh archiver
Changes:
lha (1.14i-2.woody4) stable-security; urgency=high
.
* debian/patch.redhat-sec2: Add one more security patch to fix:
- CAN-2004-0771 (-w working directory option buffer overflow)
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0771
- CAN-2004-0769 (buffer overflow can be executed arbitrary code
via long pathnames in headers, another issue of bug fixed in -9)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0769
- CAN-2004-0745 (execute arbitrary commands via a directory with
shell metacharacters in its name.)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0745
- CAN-2004-0694 (reserved number)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0694
taken from RedHat patch.
Files:
3454c413d765002b380be872b061e2df 558 non-free/utils optional lha_1.14i-2.woody4.dsc
2bf336ba32daaaa052f2dbc53d0d58eb 50860 non-free/utils optional lha_1.14i-2.woody4_i386.deb
2f1fd7c81e52f36ce5a25475c2628832 55008 non-free/utils optional lha_1.14i-2.woody4_s390.deb
598160bd48a7b16804b5cd106d86834c 60398 non-free/utils optional lha_1.14i-2.woody4_hppa.deb
5dd27c2c6f578798dbaed364d4759129 37613 non-free/utils optional lha_1.14i-2.woody4.diff.gz
6cae363f0bdb46f5b182789953fc91ac 57262 non-free/utils optional lha_1.14i-2.woody4_sparc.deb
852ffae003090226269acfa76fb9275f 65720 non-free/utils optional lha_1.14i-2.woody4_alpha.deb
ad3cb211a67637ef2d4f638d5c4bd5a7 49334 non-free/utils optional lha_1.14i-2.woody4_m68k.deb
c66e9c5ed114f5bc1555cd44a3fa95e5 56308 non-free/utils optional lha_1.14i-2.woody4_arm.deb
e9d9f4e67c93b0b58b05aacf5889753c 55878 non-free/utils optional lha_1.14i-2.woody4_powerpc.deb
ea1587b4f4a174f627e5ddd5699834eb 74464 non-free/utils optional lha_1.14i-2.woody4_ia64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBlg/HqIqasIZIJsMRAsrZAJ4xZvsY4+Cr52Uq8SgwkQ0l91shVwCcDTDy
Xq/hvFA6GxpnDwHzHNptXP0=
=NHJD
-----END PGP SIGNATURE-----
Accepted:
lha_1.14i-2.woody4.diff.gz
to pool/non-free/l/lha/lha_1.14i-2.woody4.diff.gz
lha_1.14i-2.woody4.dsc
to pool/non-free/l/lha/lha_1.14i-2.woody4.dsc
lha_1.14i-2.woody4_alpha.deb
to pool/non-free/l/lha/lha_1.14i-2.woody4_alpha.deb
lha_1.14i-2.woody4_arm.deb
to pool/non-free/l/lha/lha_1.14i-2.woody4_arm.deb
lha_1.14i-2.woody4_hppa.deb
to pool/non-free/l/lha/lha_1.14i-2.woody4_hppa.deb
lha_1.14i-2.woody4_i386.deb
to pool/non-free/l/lha/lha_1.14i-2.woody4_i386.deb
lha_1.14i-2.woody4_ia64.deb
to pool/non-free/l/lha/lha_1.14i-2.woody4_ia64.deb
lha_1.14i-2.woody4_m68k.deb
to pool/non-free/l/lha/lha_1.14i-2.woody4_m68k.deb
lha_1.14i-2.woody4_powerpc.deb
to pool/non-free/l/lha/lha_1.14i-2.woody4_powerpc.deb
lha_1.14i-2.woody4_s390.deb
to pool/non-free/l/lha/lha_1.14i-2.woody4_s390.deb
lha_1.14i-2.woody4_sparc.deb
to pool/non-free/l/lha/lha_1.14i-2.woody4_sparc.deb
Reply to: