Accepted dpkg 1.16.17 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 25 Nov 2015 22:34:58 +0100
Source: dpkg
Binary: libdpkg-dev dpkg dpkg-dev libdpkg-perl dselect
Architecture: source amd64 all
Version: 1.16.17
Distribution: wheezy-security
Urgency: high
Maintainer: Dpkg Developers <debian-dpkg@lists.debian.org>
Changed-By: Guillem Jover <guillem@debian.org>
Description:
dpkg - Debian package management system
dpkg-dev - Debian package development tools
dselect - Debian package management front-end
libdpkg-dev - Debian package management static library
libdpkg-perl - Dpkg perl modules
Closes: 798324
Changes:
dpkg (1.16.17) wheezy-security; urgency=high
.
[ Guillem Jover ]
* Fix an off-by-one write access in dpkg-deb when parsing the .deb magic.
Reported by Jacek Wielemborek <d33tah@gmail.com>. Closes: #798324
* Fix an off-by-one write access in dpkg-deb when parsing the old format
.deb control member size. Thanks to Hanno Böck <hanno@hboeck.de>.
Fixes CVE-2015-0860.
* Fix an off-by-one read access in dpkg-deb when parsing ar member names.
Thanks to Hanno Böck <hanno@hboeck.de>.
.
[ Updated programs translations ]
* Catalan (Jordi Mallach).
.
[ Updated man page translations ]
* Fix incorrect translation in German (Helge Kreutzmann)
Checksums-Sha1:
dc85f886687b24fdd0eb476388e704bcf25c1110 1960 dpkg_1.16.17.dsc
2573b422a5aa67464c53dabc4eeb43ff44f7b040 3806316 dpkg_1.16.17.tar.xz
994bcc29756cf36abd416e3ba6a95625cc4257ac 702054 libdpkg-dev_1.16.17_amd64.deb
0fa355c4a4dbf3d850b9f3a4fb48438e2aa860b6 2662834 dpkg_1.16.17_amd64.deb
d75a476a62a3662d55f1a6d5ebe11c669702bcae 1165346 dselect_1.16.17_amd64.deb
83d8725992b3f66582235911296f94fb11c4d002 1363258 dpkg-dev_1.16.17_all.deb
43304a79ce13a922ea8099850e6c29f7532460bc 964040 libdpkg-perl_1.16.17_all.deb
Checksums-Sha256:
d0b6fc4b038bd1006a84d89602b1311054ce184c66be8d1b56e33b717ce6020c 1960 dpkg_1.16.17.dsc
4b2bd4c7725b78424e781049e628f20e6017a5dc847ba85d29e08f04e8c85a4a 3806316 dpkg_1.16.17.tar.xz
f340e5a46aa07236609f97908fcdad8e6021a499c8f5f8d55dcdbbc1cebf957a 702054 libdpkg-dev_1.16.17_amd64.deb
561b106818253b23cc7af7c801b5779138c141dac1d59de0895cb996790d06d4 2662834 dpkg_1.16.17_amd64.deb
f7f2a99a3c130155dff06295107c644289e298e5c486a2e46ef06d4dcb6b9f9c 1165346 dselect_1.16.17_amd64.deb
8a5738e142130d0490e6439bcd2533dad7d3f93138318ee7244ab5294cecb9b6 1363258 dpkg-dev_1.16.17_all.deb
4653c323f02428d2c2f5d6ae4c5567295e288f04d51503f846bbce434aacbf5a 964040 libdpkg-perl_1.16.17_all.deb
Files:
2b314e6b617de3a64754483d90f42ef7 1960 admin required dpkg_1.16.17.dsc
0a88e4f676c09e5b43ebd9b27caebdac 3806316 admin required dpkg_1.16.17.tar.xz
e5f6ee479e932231ab1c3dbee4187c13 702054 libdevel optional libdpkg-dev_1.16.17_amd64.deb
97ed0691db824b2e32eef37e66955bf5 2662834 admin required dpkg_1.16.17_amd64.deb
cf3cef9ccd8e4a7c50b43689e8492bcd 1165346 admin optional dselect_1.16.17_amd64.deb
c0f9a9357aa1f9c54673ee643426213e 1363258 utils optional dpkg-dev_1.16.17_all.deb
daa35589c8f16b55ba4db9baa3f1cfae 964040 perl optional libdpkg-perl_1.16.17_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJWVthrAAoJELlyvz6krlej1tsP/0xEJoPEHTm+XC0pOE6ZRanO
M9e2Z/r9PPhNQtjM23yO0dL2VmYHA2S3YhB+0CqrPM25x3w+rMeKsoRMFAEMd8pK
eLV9w8E3Q86972ksmhq0v6ks2bUMgAmFXIwvxscn+p1PPzDZVr2zoVKSnzKj8P4l
WyNn3EvAorupppGj5jKA+i23n2o6JUzcp2KV3TcO5lvCku3sHCtYy6SBSFjrXuOd
/dM8741dk7ezse+BxGiWHfuPpyHYyN739FVQ1krQ8K/p9c0wRBMeejh4wcQMMy8z
i9G2kuNerWXIFGPbLigytFKYA+eNNGHxeYTGcJfeLnphdN7gGIMbwUB1AerrGR3D
DYum6+zK4OGymb36iSsMb0FwfXvZwNZpoKTPGdzLOjnpor6ggJK0Ew8bKQd44GmE
6JfRvxaNUS0a31OtkGTBo2XpqlwifWHfdhTCYA4K8tKtbnFXYB7ciqnOGwCPXyb0
yqSHRDvTdHzfD+xC+8ymVm79Pg6Um+y/tohahPFD7Wyhx8wwrcSAJN8kbGwtEolC
LXay8bJ+is+ZGpf5+2JjkxYQM3BiJzQbiNDae/OgpYzVd4c52RHXiTvYVJKdrpbp
L9/JlqoAsVaQ3uGPeyBBgLzMo/6Y9jIBa0ePidq9uevVEGhS2uSEpTVluNMQd9m+
DN1zMdGKNS7CaHBnRYGY
=ndpI
-----END PGP SIGNATURE-----
Reply to: