-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 24 Mar 2016 18:03:02 +0100 Source: fuseiso Binary: fuseiso Architecture: source i386 Version: 20070708-3+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: David Paleino <dapal@debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: fuseiso - FUSE module to mount ISO filesystem images Closes: 779047 Changes: fuseiso (20070708-3+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the Wheezy LTS Team. * debian/patches (Closes: #779047): (patches copied from the Squeeze version) + CVE-2015-8837 Add 02-prevent-buffer-overflow.patch. Prevent stack-based buffer overflow when concatenating strings to an absolute path name. Prevention is done by checking that the result will stay under the maximum path length as given by the platforms PATH_MAX constant. + CVE-2015-8836 Add 03-prevent-integer-overflow.patch. Prevent integer overflow in ZISO code. Bail out if a ZF block size > 2^17 is to be read. Checksums-Sha1: 151f3bda79f1226f0fe019f3d51439c19224ef7f 2051 fuseiso_20070708-3+deb7u1.dsc 4b3069f535af53477172359eaaab90e5b827f8e9 339470 fuseiso_20070708.orig.tar.gz e5edbc80df95be06d50e0a24ffba6090db38e586 5178 fuseiso_20070708-3+deb7u1.debian.tar.gz 32d0ae73be7a5c78a08083bef222b476ff8a2251 22724 fuseiso_20070708-3+deb7u1_i386.deb Checksums-Sha256: a3088ae7e50389002823b4fd72a811735ffd23d5bb3e8a14326946203194780d 2051 fuseiso_20070708-3+deb7u1.dsc 9bc183a99f0025d01f30ac3f3622b2602b0ad58dfb5d3acce9063d144bf77193 339470 fuseiso_20070708.orig.tar.gz 668730b73d858179950e408d4cdb7c67aebc3981ef7035e5675639a5679a4636 5178 fuseiso_20070708-3+deb7u1.debian.tar.gz bdc581832d950a74f05e3ba80c3fcd35b1db4d52740dfd33e93f8067878f5b29 22724 fuseiso_20070708-3+deb7u1_i386.deb Files: b1ff3fefdf6a07ada1648a7f9be0d7a2 2051 admin optional fuseiso_20070708-3+deb7u1.dsc 30a0e7a3cf577664001e471ba12b6fb4 339470 admin optional fuseiso_20070708.orig.tar.gz e86de53189d8ec0c484e3282a2a7e2b6 5178 admin optional fuseiso_20070708-3+deb7u1.debian.tar.gz 0dc6671b43d9d6c02d669d76fe709279 22724 admin optional fuseiso_20070708-3+deb7u1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJXAqnmXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHgn0P/ifEl8cC36kuUQ0TVIKV8amn NKxG4AKeMvG+fCHyvePxJd2uDOx837wpBFeuTYt5PAQBYAjBeLskpZrMu/mbkala zGAW4qTuGQ9HTmtcekkAVYuCVFwmaUBgV3UCTS4Dacd7CJlt/8DiNn0zyn8Jf2de 3oB+7vPQsRrDqKVoxzeE0M+e9pF3oAMTDDo0/9Zj5Evl+CKvTe4fC1y8bxPj2ZtB +t+V3rPXZpfnHE/wlwNbl5iMO7MkSp//PlEZWF1wgs65obKUaixZEfwmSYVA9Xby OdJA+w9mHIgW4qoLujWmzbhpyNHZpYYdtsL6AMh3xshJMEzNNDjTJyqPnhgdH3Iy P1gSZtZ0tGtRe05V2tq6VsHKDIHZI0o7tjigUhqaugKt/BIW38CGEBjwXSq93uoG ziczrZtoTl730W3HxKFp+lTOarAk7ok6uHXdZ/IdTQwl7BJobiN5VQmPYFx/xaI6 o8EQXANTUgfBOPdGH74k4xAtLET7J2O37sTw6C5/Zq5wTvzM+jpfmS439k8hA+zH fNKPDF97dp3AZQCYcisaU2tUDy0hbgHpCRTFNVwAdBxuBjxyaoOraHpuwZfCZpAY D18gGQkxlwbwqgapycIFBhL7RaCbfbXnDSApGTyVPh67A186gT6vU2RrrPGmFy6z zVcvLEYXhuX40Zf3MfB8 =FNzq -----END PGP SIGNATURE-----