Accepted upx-ucl 3.96-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted upx-ucl 3.96-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sun, 08 Mar 2020 23:19:48 +0000
Message-id: <[🔎] E1jB5D2-0009v4-9v@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 08 Mar 2020 13:48:26 +0100
Source: upx-ucl
Architecture: source
Version: 3.96-1
Distribution: unstable
Urgency: medium
Maintainer: Robert Luberda <robert@debian.org>
Changed-By: Robert Luberda <robert@debian.org>
Closes: 947471
Changes:
 upx-ucl (3.96-1) unstable; urgency=medium
 .
   * New upstream version:
     + fixes heap-based buffer over-read and invalid memory address dereference
       in canUnpack()  (CVE-2019-20021, CVE-2019-20053, closes: #947471).
   * Remove no longer needed patches: 02-Ignore-malformed-ElfXX_Shdr.patch,
     and 03-Malformed-input.patch.
   * Add autopkgtest checks for #947471.
   * Replace debian/compat with build-dependency on debhelper-compat.
   * Add upstream metadata file.
   * Standards-Version: 4.5.0.
Checksums-Sha1:
 d803b1527b606ae73a41ca61d4a526e69f88cf81 1867 upx-ucl_3.96-1.dsc
 53c36d5ba589ded10a6bbd1c58cb74c466ca3204 792524 upx-ucl_3.96.orig.tar.xz
 1ae535da52b28ea297cafb3cea4e48d40ab391d4 57256 upx-ucl_3.96-1.debian.tar.xz
 5aac61297d59bdb6beb1856679046eb39b0f8b58 6050 upx-ucl_3.96-1_amd64.buildinfo
Checksums-Sha256:
 27bf5d0754fe54da6b1492390b149098fca0499135ea594dcb7f8b4887a37101 1867 upx-ucl_3.96-1.dsc
 47774df5c958f2868ef550fb258b97c73272cb1f44fe776b798e393465993714 792524 upx-ucl_3.96.orig.tar.xz
 c5a74cc5550a9d42d8a45c0d62c427e38159b642dbc826caf656b968e9129627 57256 upx-ucl_3.96-1.debian.tar.xz
 46dc7a285b9063b069650b969303863714355fefbb63c50be7e26c373469a78f 6050 upx-ucl_3.96-1_amd64.buildinfo
Files:
 6d32b55a57cab305a8555adf41d70d10 1867 utils optional upx-ucl_3.96-1.dsc
 bf5564f33fe9062bc48b53abd4b34223 792524 utils optional upx-ucl_3.96.orig.tar.xz
 36f008166f43bed9a9687771b3604119 57256 utils optional upx-ucl_3.96-1.debian.tar.xz
 4445a92da7b78a1951868e21cabfc738 6050 utils optional upx-ucl_3.96-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEENeh2+rTTcy6TtNI3Yx3nVTvor9QFAl5k7fQACgkQYx3nVTvo
r9QJXRAAjSNsvaqLvleZuTiTnKwZgPvTM+QZXex1KIdAsCttfaqN4pKU7vgFPR95
q62SMJI/LL2+VJ3q5UK84CrlICUyf3qYSzRphU8SURuM91O3/ETLwccYRouLhNB6
OgBvfU9ayK/qh5eRluIkPk5OLG4ZNBMU5870BGOnllbs7LLHiYAClFJiKJBPwObr
Q2Q6LPKvD6ZALQwC8hMwJyXJtCFSAlYTZ1y5jKa6jfaoXzqFL5MJsMsJus8GHFI9
Np3ZpEu8GPNI+60r+95FH6n0P+wbk+F32Ci58zuQBXeQmzmmaptDJbpTD+NUekrJ
P2Et335xVuwLtNjvWnzpDLRS4U3SRB+dTs8vwCFMBLQEVjP+ROBcH3VO/cKaaBcm
l8CLZUCwXO/xC003r1aabAe2BO9nRe/ZVA8xIA584UOILCn7RRaHPRwTgsODNYMW
lQWyUt3OuINe8u6i3zEQafxtGpkSXo5aNkPBJXfD6WN8qXd9WyMpIbUtP5/M6jfE
lhTd/N9RLQ14J5ilPNI8zPXto4gkgu9/xAhCXPEnK/DMNjiowpUGn81pxH+hexIZ
MFINQ1ZSe7pmtANEvPkOzKkDGCcHs3I3AxiiB4mKK3TcLkEWPc0JcRsqQJIjuDNP
sB1zRlBHRf1tuLQ1upRgAQIqHPlNG3vNaxYxhAPkzmukSsdAh2Y=
=Zfvv
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted mahimahi 0.98-1.1 (source) into unstable
Next by Date: Accepted heimdall-flash 1.4.2+dfsg-1 (source) into unstable
Previous by thread: Accepted mahimahi 0.98-1.1 (source) into unstable
Next by thread: Accepted heimdall-flash 1.4.2+dfsg-1 (source) into unstable
Index(es):
- Date
- Thread