-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 24 Jun 2019 19:03:02 +0200 Source: bzip2 Binary: libbz2-1.0 libbz2-dev bzip2 bzip2-doc Architecture: source amd64 all Version: 1.0.6-7+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Anibal Monsalve Salazar <anibal@debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: bzip2 - high-quality block-sorting file compressor - utilities bzip2-doc - high-quality block-sorting file compressor - documentation libbz2-1.0 - high-quality block-sorting file compressor library - runtime libbz2-dev - high-quality block-sorting file compressor library - development Changes: bzip2 (1.0.6-7+deb8u1) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2019-12900 BZ2_decompress: Fix out-of-bounds write when there are many selectors * CVE-2016-3189 bzip2recover: Fix potential use-after-free Checksums-Sha1: 39a5e09058fe9e58111a083ee5e4426380c3f0eb 2462 bzip2_1.0.6-7+deb8u1.dsc 3725a0554fa6bb654ef2728fef36bc06aed4e388 708737 bzip2_1.0.6.orig.tar.bz2 6ab195411d04513dd563c1505f050c924f49498d 60383 bzip2_1.0.6-7+deb8u1.debian.tar.bz2 930f60988901739c8a76cc822be1b9729ba3bff6 43178 libbz2-1.0_1.0.6-7+deb8u1_amd64.deb e6a6ec9ed1b48ae326f26607c2c417e06d212f91 29004 libbz2-dev_1.0.6-7+deb8u1_amd64.deb ed500aea1f936bcdc2782e964b0287c1bd8c627e 46730 bzip2_1.0.6-7+deb8u1_amd64.deb e7441703077a2e3d13598349d46c08dd845adfec 306246 bzip2-doc_1.0.6-7+deb8u1_all.deb Checksums-Sha256: 9c4ee0d881c4e63e13882b970a3448b90cb84bf5ca78acddec8ced296d2672b8 2462 bzip2_1.0.6-7+deb8u1.dsc d70a9ccd8bdf47e302d96c69fecd54925f45d9c7b966bb4ef5f56b770960afa7 708737 bzip2_1.0.6.orig.tar.bz2 853d42f87bdc559714b0bb35b207853b99d5b6b9763e7f4a85a79772ef681172 60383 bzip2_1.0.6-7+deb8u1.debian.tar.bz2 a4fb72ac31c53f102311c0bef3af8a0fc1b2e28aa7984b9a2052218c3af1bddf 43178 libbz2-1.0_1.0.6-7+deb8u1_amd64.deb 183477fcb5fcba032c5a87f30be3fd4a24c003297d068c24d02f26bd2afe9638 29004 libbz2-dev_1.0.6-7+deb8u1_amd64.deb 5314da59b674b86172fbbad5349c137b563c662cd6768f87a83f203bba5660b7 46730 bzip2_1.0.6-7+deb8u1_amd64.deb 7b86873a1cb05fef6c55a693b387dacd27f28d497fa1eeb95ca39a47086a3b42 306246 bzip2-doc_1.0.6-7+deb8u1_all.deb Files: bfc51b38c6e75867009f4e58d9c7abee 2462 utils important bzip2_1.0.6-7+deb8u1.dsc 2a1df12bd405cc86790291797673753c 708737 utils important bzip2_1.0.6.orig.tar.bz2 eec152fd6ad10493f97298472b82746c 60383 utils important bzip2_1.0.6-7+deb8u1.debian.tar.bz2 4fdcc377450cbc0363a2acb576b5e196 43178 libs important libbz2-1.0_1.0.6-7+deb8u1_amd64.deb 55b98569cbf0cc7d22b599e9c5c31ff8 29004 libdevel optional libbz2-dev_1.0.6-7+deb8u1_amd64.deb bc8d8ffa1320e29f675fd3f9b66266ac 46730 utils standard bzip2_1.0.6-7+deb8u1_amd64.deb cfab1e8905b261a941d1592fe097c2b3 306246 doc optional bzip2-doc_1.0.6-7+deb8u1_all.deb -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl0RD35fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYR7cfD/46CSQFd0oLUEvqjw6O4dUYP49zBsq/ T3Is8nb9BqO1mfN4n30H5CTacOaan9OXR+MbWRLO0q/vgpuXcILV1ULYAEQPNmkm Ds8eMQplhRvVgzYM5HZo3A8ngjHoyzuc+v/AaoVRpKROwX8MAP+OH5XIl6KvlrPO yJOjCcsY+GmWGoYbVouzsdO3lS42gDOJ339Pblnk68UCXnPVpxbVnAGtrc95Qhi2 qyw9fnfUKrXn8wULFGDdaD2HNkbiL7Fij4e/hsdwOBNkQwYPHgS8m30yh/kuBPqK XzwolsobFUbOtXfr5kojviKwSZ6byoVv6nuqQ5X9rsmCw5m0uRVPf4YKf7TjqihZ RfZpEllamOjtTLBRdGCrIdekWmnOBUjza1tqVSyUagjLF+QmXY2jGE3KUff7h99i XBqk5GpWMczhyK5FWxr9RjvM0LGKTQJoEkYLw6NVSAh6hp8ISeldgxrx/NgJF1ue wOmBv4nmt+UeZ2AXImFhuu7YUltGEWyCHobheM179z6YRAbgnqr8zxm9X+1hBVsL ZnAWf8XdVd4vVlbcwNrsBhtuEfCh31IFQ4Vqyu5qI5ExRTV8uhU4NPim/VFurbt3 JirTAzXC2rAO0OcPb8hSKEUOq9YL9GsUWoXSwGWMwGTAEnx9hhxVbdG48/NOgOQ3 NvANqSyyqO2PCQ== =CCuD -----END PGP SIGNATURE-----
