[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted libarchive 3.1.2-11+deb8u7 (source amd64) into oldstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 07 Feb 2019 13:04:01 -0500
Source: libarchive
Binary: libarchive-dev libarchive13 bsdtar bsdcpio
Architecture: source amd64
Version: 3.1.2-11+deb8u7
Distribution: jessie-security
Urgency: medium
Maintainer: Debian Libarchive Maintainers <ah-libarchive@debian.org>
Changed-By: Antoine Beaupré <anarcat@debian.org>
Description:
 bsdcpio    - Implementation of the 'cpio' program from FreeBSD
 bsdtar     - Implementation of the 'tar' program from FreeBSD
 libarchive-dev - Multi-format archive and compression library (development files)
 libarchive13 - Multi-format archive and compression library (shared library)
Changes:
 libarchive (3.1.2-11+deb8u7) jessie-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * Fix CVE-2019-1000019: Out-of-bounds Read vulnerability in 7zip
     decompression, that can result in a crash (denial of service, CWE-125)
   * Fix CVE-2019-1000020: vulnerability in ISO9660 parser that can result
     in DoS by infinite loop (CWE-835)
Checksums-Sha1:
 591696e41f6e74cd3721f391bb5cc8c0a6215aac 1982 libarchive_3.1.2-11+deb8u7.dsc
 58dd6b879a00e0292e128caccd8c923e6c26892a 42656 libarchive_3.1.2-11+deb8u7.debian.tar.xz
 05011a5906a3b7a20dcfd94a91bed6fdbc6ea157 434828 libarchive-dev_3.1.2-11+deb8u7_amd64.deb
 4e79927ac7e02ae0c42aec5207de3d188872629a 271150 libarchive13_3.1.2-11+deb8u7_amd64.deb
 e31ef34bfcafaa1e56da1b432789ee666cd646ce 54646 bsdtar_3.1.2-11+deb8u7_amd64.deb
 5f6fe0b750c49ae4bd51011be80af36b795f22c5 40200 bsdcpio_3.1.2-11+deb8u7_amd64.deb
Checksums-Sha256:
 36e8237ba3e554ed03e57a984f3bda296e40280671c9fbee7bc92aa181e3a5a8 1982 libarchive_3.1.2-11+deb8u7.dsc
 188786a51ba927b8d498cb92c0939d66b771e7c5e974d399bddb6254c8f135b7 42656 libarchive_3.1.2-11+deb8u7.debian.tar.xz
 3b5f07fa874e4b4d3abf4707e4f63cd006a9d1db2b4100283de74ff7989fd828 434828 libarchive-dev_3.1.2-11+deb8u7_amd64.deb
 279f990382b6074d302913a87f48cad8ede1df7a390945c029b23015a5b7c2df 271150 libarchive13_3.1.2-11+deb8u7_amd64.deb
 2a9edc94203a427966a53c79dacc99021ad961a2e8c478b16ff3fe78a6586af6 54646 bsdtar_3.1.2-11+deb8u7_amd64.deb
 b149852b52a13cc9c991e9d74f969055cec0bcc7fe152351253f7009d43c368a 40200 bsdcpio_3.1.2-11+deb8u7_amd64.deb
Files:
 832cc52c0a02dfc04c6fc780f116529f 1982 libs optional libarchive_3.1.2-11+deb8u7.dsc
 3cf3372dd630ec4c6d9baa74d4b55fc2 42656 libs optional libarchive_3.1.2-11+deb8u7.debian.tar.xz
 a20c5c0601a23a475e4b70ce0a6e3bfa 434828 libdevel optional libarchive-dev_3.1.2-11+deb8u7_amd64.deb
 ae1b3423cfe5d69c7dda16bac6ae017d 271150 libs optional libarchive13_3.1.2-11+deb8u7_amd64.deb
 3baee0842be12f726a6ca50d1fa5dfa5 54646 utils optional bsdtar_3.1.2-11+deb8u7_amd64.deb
 0584c893887c8865e4df4480cf02e021 40200 utils optional bsdcpio_3.1.2-11+deb8u7_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEexZCBNCWcjsBljWrPqHd3bJh2XsFAlxcfFkACgkQPqHd3bJh
2XsUwwf/Z056V8Dm6oHnsr0pyh8suGwsDvjfdtzGm+5763rt5jr5aaAxCKoWn4a/
mT9pNV+lhMnsM4/v2Mdx5C/FFfZdxeBMSWgptDbBmy1ABdXFVUcMdUMpa4HXwFxq
4gzQ5dtWRid1m4tmWx1rSVszWgDzWQ+KDnDHhGo9XXSpHsm4dLoQVLNQUuW1fkoO
gG7u99K1RCwvcJqZZ74nSA/UBvS6LXFnrtjB8o6bOhC4J6MO4O+MGWe9XncPUKo5
mZ94mRHLkCxQ+u/9j3gx5VJamEEvaywsWVkjCoURnLzGye9eo3seRVWqTCusDZNU
dvhrI8YErznBrtERdIQSXgV/bLwkIg==
=N0VG
-----END PGP SIGNATURE-----


Reply to: