-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 20 Feb 2018 22:05:40 +0000 Source: zziplib Binary: zziplib-bin libzzip-0-13 libzzip-dev Architecture: source amd64 Version: 0.13.56-1.1+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: LIU Qi <liuq...@gmail.com> Changed-By: Chris Lamb <la...@debian.org> Description: libzzip-0-13 - library providing read access on ZIP-archives - library libzzip-dev - library providing read access on ZIP-archives - development zziplib-bin - library providing read access on ZIP-archives - binaries Changes: zziplib (0.13.56-1.1+deb7u2) wheezy-security; urgency=high . * CVE-2018-6869: Fix an uncontrolled memory allocation in the __zzip_parse_root_directory function of zzip/zip.c; Remote attackers could leverage this vulnerability to cause a denial of service via a specially-crafted zip file. Checksums-Sha1: 6eddf2208cd0e733bff708eab5325c63cdd48c46 1986 zziplib_0.13.56-1.1+deb7u2.dsc 5afd0fa6e7ace0fb45e768d2acaafea16c1bd941 680150 zziplib_0.13.56.orig.tar.gz f492c2800c1c5f63ceba474eb9d94ca08f34631b 20752 zziplib_0.13.56-1.1+deb7u2.diff.gz 5c643a2904069ccd6c7ea669fb8fe1762784c8d2 41358 zziplib-bin_0.13.56-1.1+deb7u2_amd64.deb 69cef2831f6151dfd56eb8a0a5a9d40a11951f0c 56884 libzzip-0-13_0.13.56-1.1+deb7u2_amd64.deb 99e9b96974c0d5e07e0790c7641ddba40a061415 147160 libzzip-dev_0.13.56-1.1+deb7u2_amd64.deb Checksums-Sha256: 01969fe2022ee6a30c9db68467e35d4baa82ae10fddde46b19443b84d65cc677 1986 zziplib_0.13.56-1.1+deb7u2.dsc 03d5cede1336d69bc1b060da90a5b786bb7987c84129c9110df806508165c4b0 680150 zziplib_0.13.56.orig.tar.gz 80d0428a86f3a6a890928eeef8fc3d86004d9003cf59679095fb0098b36a1b72 20752 zziplib_0.13.56-1.1+deb7u2.diff.gz 9746eaa2e9be55a134694ca00b92a45d3bb3ce8fa73a197bcc80e5ac2d8d0744 41358 zziplib-bin_0.13.56-1.1+deb7u2_amd64.deb 359c921b3d77244002be95a894917f44449d532ed62f8fda58dca2c8040bfe47 56884 libzzip-0-13_0.13.56-1.1+deb7u2_amd64.deb 11d184b6e907b6f5c37bec39ff4c111e251ec022bfbecb98f5e9630151fab20f 147160 libzzip-dev_0.13.56-1.1+deb7u2_amd64.deb Files: 42d3b0caa3b3e8cad4ec00911e0b7859 1986 libs optional zziplib_0.13.56-1.1+deb7u2.dsc 729e291af8de84b54eca93e8283f016e 680150 libs optional zziplib_0.13.56.orig.tar.gz 54f1b802746d492bfe082afa89cf65ef 20752 libs optional zziplib_0.13.56-1.1+deb7u2.diff.gz 1e3488d0d8ecb609942b9202a111af49 41358 utils optional zziplib-bin_0.13.56-1.1+deb7u2_amd64.deb 3087a1faf5ee29060d3471612e676e87 56884 libs optional libzzip-0-13_0.13.56-1.1+deb7u2_amd64.deb 9218526c955944a3c6491a9f5625676f 147160 libdevel optional libzzip-dev_0.13.56-1.1+deb7u2_amd64.deb
-----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlqMozUACgkQHpU+J9Qx HlgudxAAgwr8gv5ySLX3tO4WeC833IWD2022a/HM6Blv8UgfOXIkwPtFKZqNEc8l GsCpia6Cd6RtczyDQQGQkmpCPL23cdhLLZOtssXGKtmhDgpHLOO1Z4/+Qcbl1TlO BhDpCwhO3giB4bWHIZq3y+0zZdDC7IgEgMA3NkY3R55LEpH/DlVJT4PVuLeuY+Xh quam8fQM4+NChPMqGSlscotV7yOElW6033FPzpQkFrwflPk3ThuniUEpawMjc6J4 Yqqt5TOQLC9yPmj2y3WGFcuUiLvVLzWcwzRhd3UiBe7JjPeut5JKLfvV19v2Eciz cNKOCiOIbL16babG+7HZA+LHqufjfOX0rwG17sFkCVLroGZlJ2fW8SLtco2f2Tdw Img6POSk5Aqpoy3K69wZXVeFmoJVHHYg8owPwoXoeNA9BfgsHfNjPSj2f8mF5M/B a36j4CVxORG5GPCk8o/jleSxukrPbVCFd0ETYHVNU12/dZpPVR8j75aSYfcUjpQD xqM30n5VWBDTrpRYF9dnlmvj/flM8frEK8nPP+iIaaWY2LCu84pBkzciMUONzmsB GD2+aZM1+w0pfI3uud7F7CAdhzri9Cwaiv6i6Z3c1AVBk1Cjira2WN6a2BnYAmnX 4rTLb8HNqFzGNlK3Z/PJWndrPSeQcI+VNBeF0+uMF27/L6I4wEA= =LnGj -----END PGP SIGNATURE-----