Accepted libarchive 3.1.2-11+deb8u7 (source amd64) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 07 Feb 2019 13:04:01 -0500
Source: libarchive
Binary: libarchive-dev libarchive13 bsdtar bsdcpio
Architecture: source amd64
Version: 3.1.2-11+deb8u7
Distribution: jessie-security
Urgency: medium
Maintainer: Debian Libarchive Maintainers <ah-libarchive@debian.org>
Changed-By: Antoine Beaupré <anarcat@debian.org>
Description:
bsdcpio - Implementation of the 'cpio' program from FreeBSD
bsdtar - Implementation of the 'tar' program from FreeBSD
libarchive-dev - Multi-format archive and compression library (development files)
libarchive13 - Multi-format archive and compression library (shared library)
Changes:
libarchive (3.1.2-11+deb8u7) jessie-security; urgency=medium
.
* Non-maintainer upload by the LTS Security Team.
* Fix CVE-2019-1000019: Out-of-bounds Read vulnerability in 7zip
decompression, that can result in a crash (denial of service, CWE-125)
* Fix CVE-2019-1000020: vulnerability in ISO9660 parser that can result
in DoS by infinite loop (CWE-835)
Checksums-Sha1:
591696e41f6e74cd3721f391bb5cc8c0a6215aac 1982 libarchive_3.1.2-11+deb8u7.dsc
58dd6b879a00e0292e128caccd8c923e6c26892a 42656 libarchive_3.1.2-11+deb8u7.debian.tar.xz
05011a5906a3b7a20dcfd94a91bed6fdbc6ea157 434828 libarchive-dev_3.1.2-11+deb8u7_amd64.deb
4e79927ac7e02ae0c42aec5207de3d188872629a 271150 libarchive13_3.1.2-11+deb8u7_amd64.deb
e31ef34bfcafaa1e56da1b432789ee666cd646ce 54646 bsdtar_3.1.2-11+deb8u7_amd64.deb
5f6fe0b750c49ae4bd51011be80af36b795f22c5 40200 bsdcpio_3.1.2-11+deb8u7_amd64.deb
Checksums-Sha256:
36e8237ba3e554ed03e57a984f3bda296e40280671c9fbee7bc92aa181e3a5a8 1982 libarchive_3.1.2-11+deb8u7.dsc
188786a51ba927b8d498cb92c0939d66b771e7c5e974d399bddb6254c8f135b7 42656 libarchive_3.1.2-11+deb8u7.debian.tar.xz
3b5f07fa874e4b4d3abf4707e4f63cd006a9d1db2b4100283de74ff7989fd828 434828 libarchive-dev_3.1.2-11+deb8u7_amd64.deb
279f990382b6074d302913a87f48cad8ede1df7a390945c029b23015a5b7c2df 271150 libarchive13_3.1.2-11+deb8u7_amd64.deb
2a9edc94203a427966a53c79dacc99021ad961a2e8c478b16ff3fe78a6586af6 54646 bsdtar_3.1.2-11+deb8u7_amd64.deb
b149852b52a13cc9c991e9d74f969055cec0bcc7fe152351253f7009d43c368a 40200 bsdcpio_3.1.2-11+deb8u7_amd64.deb
Files:
832cc52c0a02dfc04c6fc780f116529f 1982 libs optional libarchive_3.1.2-11+deb8u7.dsc
3cf3372dd630ec4c6d9baa74d4b55fc2 42656 libs optional libarchive_3.1.2-11+deb8u7.debian.tar.xz
a20c5c0601a23a475e4b70ce0a6e3bfa 434828 libdevel optional libarchive-dev_3.1.2-11+deb8u7_amd64.deb
ae1b3423cfe5d69c7dda16bac6ae017d 271150 libs optional libarchive13_3.1.2-11+deb8u7_amd64.deb
3baee0842be12f726a6ca50d1fa5dfa5 54646 utils optional bsdtar_3.1.2-11+deb8u7_amd64.deb
0584c893887c8865e4df4480cf02e021 40200 utils optional bsdcpio_3.1.2-11+deb8u7_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEexZCBNCWcjsBljWrPqHd3bJh2XsFAlxcfFkACgkQPqHd3bJh
2XsUwwf/Z056V8Dm6oHnsr0pyh8suGwsDvjfdtzGm+5763rt5jr5aaAxCKoWn4a/
mT9pNV+lhMnsM4/v2Mdx5C/FFfZdxeBMSWgptDbBmy1ABdXFVUcMdUMpa4HXwFxq
4gzQ5dtWRid1m4tmWx1rSVszWgDzWQ+KDnDHhGo9XXSpHsm4dLoQVLNQUuW1fkoO
gG7u99K1RCwvcJqZZ74nSA/UBvS6LXFnrtjB8o6bOhC4J6MO4O+MGWe9XncPUKo5
mZ94mRHLkCxQ+u/9j3gx5VJamEEvaywsWVkjCoURnLzGye9eo3seRVWqTCusDZNU
dvhrI8YErznBrtERdIQSXgV/bLwkIg==
=N0VG
-----END PGP SIGNATURE-----
Reply to: