Accepted unace 1.2b-10+deb7u1 (source amd64) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 24 Feb 2015 17:41:44 +0100
Source: unace
Binary: unace
Architecture: source amd64
Version: 1.2b-10+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Guillem Jover <guillem@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
unace - extract, test and view .ace archives
Closes: 775003
Changes:
unace (1.2b-10+deb7u1) wheezy-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Add 006_security-afl.patch patch.
CVE-2015-2063: Buffer overflow when reading bogus file headers
The header parser was not checking if it had read the needed data when
parsing the header from memory. (Closes: #775003)
Checksums-Sha1:
d4a28e1fe16469e29b97e14ea00c8183876dc43d 1757 unace_1.2b-10+deb7u1.dsc
54781d630644a68bb3d9338fa6a018b2d4553efb 27561 unace_1.2b.orig.tar.gz
348674d9c549751e31a45da8b802d825d72a2b5c 8551 unace_1.2b-10+deb7u1.debian.tar.gz
61828dedb70b0a814a2f8d19e9266346348427ec 19954 unace_1.2b-10+deb7u1_amd64.deb
Checksums-Sha256:
591b0604111b5e71d4671b9bd88001d17406f1140c59e045460cf8c5538bc2b4 1757 unace_1.2b-10+deb7u1.dsc
a5f3b7d0994b2c6aa3b95ac1196ee18605d8dbd0660f978f8d64b8583fb55490 27561 unace_1.2b.orig.tar.gz
f01ee6db9fcbd8889070967bc5ab8fd3d527e8d1ae7c39668d643d43ceed1de9 8551 unace_1.2b-10+deb7u1.debian.tar.gz
31984f0b9bf2da8dbba0e45d04baa0256e113a0c2918b1345b330942fd3128d9 19954 unace_1.2b-10+deb7u1_amd64.deb
Files:
436546b94338df370478557d8c8483d9 1757 utils optional unace_1.2b-10+deb7u1.dsc
51360df61997db28787b60ea7321d83f 27561 utils optional unace_1.2b.orig.tar.gz
cb39b954491b0b84915f52a0688f9fcf 8551 utils optional unace_1.2b-10+deb7u1.debian.tar.gz
386bd063199f1d5ec907c47babfc5768 19954 utils optional unace_1.2b-10+deb7u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJU7KqyAAoJEAVMuPMTQ89EsEEP/j/VUe1wDPSG8qPsgaf0bYfN
HQ8aIzOktuNzQgYGW3GWTzsfU3fgxraJODjAVZHeD6yizJxh/4x0k1SbxqeVJJKt
lMnk7Tf3/TYOdMFtlj6Nps8LQ1Lb908eltlYnNd955PSxjiLDLFLTyfQX88syJn+
9wz+hcQnGZ/c6HFErxeH4HUyapg/l+Vi28kpa7S89aWQsOTLd+clZ2NQmv0bsXjf
VrlLInhkEp4h22S1cl9OJcwD5H+6StJbUVos3jg3YsZZrBnxUQaww1DG2R/FYKh8
7d1NN0BxWQvjCHgfXAYrPgCeiIpvUhOj/Sb/kJIkI5cDUqA+1nri/dpYuGDEKmI6
51gle/jjQjsQagsJIVPK2IivsLHYror1u1jxpM6CFndukauhrHCem/0Yx7IqICRw
Q7JsYBbWWi1wplOcdRRBNN+//Ny/gZdmcM1m5a0BBwF0jkbLzh5d71GH8N9xx9vW
YgkXFAwnUBPAvty19nvuiu+J8ZVOvZ4bJ58nQJXUZNOZXA5YwZ3NIQljXsvWln9a
nIMonIr4zdqeVLKSXuoUJGenYKG7dL4+g8dL2TgL+F1jBX1Qj3NtWPhFKH27/CjJ
SNVCmd57UKi9nswupTM8B/QD/d1Vy85EYdCvXModgdXWMKIxbTVCkVsFPH+tpXFW
IDUDDv/5692cTwJ1dUNB
=tsx5
-----END PGP SIGNATURE-----
Reply to: