-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 18 Jul 2019 19:03:02 +0200 Source: bzip2 Binary: libbz2-1.0 libbz2-dev bzip2 bzip2-doc Architecture: source amd64 all Version: 1.0.6-7+deb8u2 Distribution: jessie-security Urgency: high Maintainer: Anibal Monsalve Salazar <anibal@debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: bzip2 - high-quality block-sorting file compressor - utilities bzip2-doc - high-quality block-sorting file compressor - documentation libbz2-1.0 - high-quality block-sorting file compressor library - runtime libbz2-dev - high-quality block-sorting file compressor library - development Changes: bzip2 (1.0.6-7+deb8u2) jessie-security; urgency=high . * The original fix for CVE-2019-12900 introduces regressions when extracting certain lbzip2 files which were created with a buggy libzip2: https://bugs.debian.org/931278 Checksums-Sha1: 72628e0aabfbe50869184825c4b7c9200f89e3f1 2462 bzip2_1.0.6-7+deb8u2.dsc 3725a0554fa6bb654ef2728fef36bc06aed4e388 708737 bzip2_1.0.6.orig.tar.bz2 0e61bc49a5c666fa0b479bf9a28cb93769890433 61298 bzip2_1.0.6-7+deb8u2.debian.tar.bz2 1b9e666adc23b383de089205272080f663b0e902 43342 libbz2-1.0_1.0.6-7+deb8u2_amd64.deb 4c714b77a56df65a31ee1db3873b627adb96c65f 29060 libbz2-dev_1.0.6-7+deb8u2_amd64.deb 70a8245da2b564073f55473d326a59d24c9d2deb 46838 bzip2_1.0.6-7+deb8u2_amd64.deb 34d76c0c26c9ff30d6d2dfa415845a3ee46f37be 306352 bzip2-doc_1.0.6-7+deb8u2_all.deb Checksums-Sha256: 7f1f29e1c032ca64068eb0aa7b9e025b0c9e41218974d8fff3d255397fc691f5 2462 bzip2_1.0.6-7+deb8u2.dsc d70a9ccd8bdf47e302d96c69fecd54925f45d9c7b966bb4ef5f56b770960afa7 708737 bzip2_1.0.6.orig.tar.bz2 49b18ae614a6a92beaf846ae2d5df29687c6d09a158f57db548ff52b882f51b8 61298 bzip2_1.0.6-7+deb8u2.debian.tar.bz2 840403d0a9c9d723b49f5634141007da0dddad7bad0a99f475a96562f831cc18 43342 libbz2-1.0_1.0.6-7+deb8u2_amd64.deb c1b816d76d41bb67d4d3200322a8865cec703ed0902255ac267ab29d8d98c2ce 29060 libbz2-dev_1.0.6-7+deb8u2_amd64.deb 317c5f2e86178ad9ecbfb04209826353ac20b2fd93c191b6fb0c9b60a5d5da85 46838 bzip2_1.0.6-7+deb8u2_amd64.deb c39316ea3da3cf24ad8979d43e512276592805613b538e61934628faf70c9f15 306352 bzip2-doc_1.0.6-7+deb8u2_all.deb Files: e034d68ee021b4dd3dcc3eefa94f7aa8 2462 utils important bzip2_1.0.6-7+deb8u2.dsc 2a1df12bd405cc86790291797673753c 708737 utils important bzip2_1.0.6.orig.tar.bz2 59dda719f9584521990dfda49fecdac2 61298 utils important bzip2_1.0.6-7+deb8u2.debian.tar.bz2 576b5b2fca288954dcbe0492bbb3d6ca 43342 libs important libbz2-1.0_1.0.6-7+deb8u2_amd64.deb ecf0680e23686eaf822ee3d7f29d1129 29060 libdevel optional libbz2-dev_1.0.6-7+deb8u2_amd64.deb d1d0be653cf8601943d71caa90df0529 46838 utils standard bzip2_1.0.6-7+deb8u2_amd64.deb 253747b416444a37c240653bd9fa60b2 306352 doc optional bzip2-doc_1.0.6-7+deb8u2_all.deb -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl0wqjNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYRyk0EAC5GUf3mc2nbo99mksq2ij/jnZtfCNM Twj8xGzunQc/w/76P24/hKdTJxuuZuryC+MrHior6l/x/mR42WC66iHrghQ3eWvu XEGHFlKcXaJV6km8mE5r7HIEL9fKo0WjFXkgB83plgHbAAckZwILd7oAgA4lk2VY 6Mx1+6b5H39OMf6nvEvOwu/kiZddhj17qYPFKkG7H7MqHsHbow9kVkMISmIItGCH xUi7MkAiDfVYO4t4lWLhH2ZUuRFBOOYPQNJK5m3GNILWJW+vwqp2PIHZQ0EfEm+4 MSiRM43b4gKxEJASMztiz6jagtFasUB51efbHNCGSbJTyMfbgnURMn95jjwqxdwv KEd+WiEuJ8+4tLOgfdunWoWItd7gdlfWP0ooVNW1MdNw0J4pGFthbc8I21rfiBCH 0EUeUkd5UkfdUTTxajCcGqqPYIT3t2yxT/E1vVhRf2Z0+O/34GqtqZtrgtdI3+jN Ib8uuTcyQIo2wokNqY9c6Z6XX1EF56iR/xvgrM7VF9AHtPhsRDPy1dmhIfi5L+Ux Lx0uVLk2+ukEOz8ydjpMBIJcz5y8jUENU1BvqVWfiX49BdDC6BnNVVdqAtD5MYEL +7vTzM0CuPD4C/volDQabFhnqZ58HxiXLuoJHtitSGat+vSaD64RUyLTpD68fLtQ Qvtfx2TqzTywGw== =xn5D -----END PGP SIGNATURE-----
