-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 26 Oct 2019 10:03:02 +0200 Source: libarchive Binary: libarchive-dev libarchive13 bsdtar bsdcpio Architecture: source amd64 Version: 3.1.2-11+deb8u8 Distribution: jessie-security Urgency: medium Maintainer: Debian Libarchive Maintainers <ah-libarchive@debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: bsdcpio - Implementation of the 'cpio' program from FreeBSD bsdtar - Implementation of the 'tar' program from FreeBSD libarchive-dev - Multi-format archive and compression library (development files) libarchive13 - Multi-format archive and compression library (shared library) Changes: libarchive (3.1.2-11+deb8u8) jessie-security; urgency=medium . * Non-maintainer upload by the LTS team. * CVE-2019-18408 Fix use after free in case parts of the archive are corrupt but the archive contains several headers. Checksums-Sha1: 81be07e1451ff3050d84c74f73cb8a54a0daf0e6 2486 libarchive_3.1.2-11+deb8u8.dsc 6a991777ecb0f890be931cec4aec856d1a195489 4527540 libarchive_3.1.2.orig.tar.gz d100f6232dd239774205eec60181d20405ccb970 42980 libarchive_3.1.2-11+deb8u8.debian.tar.xz 6f6d971877211271d627729010d9665b26d3fc94 435158 libarchive-dev_3.1.2-11+deb8u8_amd64.deb b2c853c183745723e4fcc7bb9b187a1679f16b00 271292 libarchive13_3.1.2-11+deb8u8_amd64.deb 7d7775afaa14046a3cc7be6171c77c77d02c171e 54722 bsdtar_3.1.2-11+deb8u8_amd64.deb f411b472085880ac7b06feabec6311bad3214311 40228 bsdcpio_3.1.2-11+deb8u8_amd64.deb Checksums-Sha256: 282d42b1f90db39e1d902c55124f8c8262e5ec27988b5013dfc8b933ae4a911f 2486 libarchive_3.1.2-11+deb8u8.dsc eb87eacd8fe49e8d90c8fdc189813023ccc319c5e752b01fb6ad0cc7b2c53d5e 4527540 libarchive_3.1.2.orig.tar.gz 3954fdbdddacb2d59c643222d023b475e1fc305d570f3ed7510d7e8851a2b38c 42980 libarchive_3.1.2-11+deb8u8.debian.tar.xz 6fb971db939ca595b52cc5f535c83a6d4569462286a420ed97e84c01e5d0fe19 435158 libarchive-dev_3.1.2-11+deb8u8_amd64.deb 4b00c2f845e143c0c16ac45ca836566a4def26862bbdb3f6af97136f79d0da59 271292 libarchive13_3.1.2-11+deb8u8_amd64.deb 7e36e0bf3aa513bbcbe066e0f602404f62125bd67e81dba7253aae1a798efc48 54722 bsdtar_3.1.2-11+deb8u8_amd64.deb 450f020fb4da07801524b0a0fcbff16f51fd25da8e90bee4515760f9e27e54d8 40228 bsdcpio_3.1.2-11+deb8u8_amd64.deb Files: b72f6d3d8f75812da40d747d8ece880a 2486 libs optional libarchive_3.1.2-11+deb8u8.dsc efad5a503f66329bb9d2f4308b5de98a 4527540 libs optional libarchive_3.1.2.orig.tar.gz 488251ef013b7b3a7a95b897ca8e804e 42980 libs optional libarchive_3.1.2-11+deb8u8.debian.tar.xz 29640f609789924f9b4af007037cf855 435158 libdevel optional libarchive-dev_3.1.2-11+deb8u8_amd64.deb d9aaa15b172f258818f98fdd543915aa 271292 libs optional libarchive13_3.1.2-11+deb8u8_amd64.deb da1a15a0daee570c652bace11a54b578 54722 utils optional bsdtar_3.1.2-11+deb8u8_amd64.deb 0903dff28ed8c25b15ed0688c0b561ff 40228 utils optional bsdcpio_3.1.2-11+deb8u8_amd64.deb -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl20icNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYRyi1D/wIgvMguHP22s58mqsbzqrPxixEBGYX 5jCUZbOT5ZwbTMe+Uf8UJwerKiN+lDFzUjV3pfF+S5jNZHLVFHWSknd77jV9qEAU hzDTUQ0BMtFEFSqqb7o/JZ9+Wt1GN1XxV3u82EbHZUs6zhb3XXmbwqcN9t1XNM6Q xJ7rcXORS92s69l0VOfiEPau45DGb5ZvHqAnXc6YkirDvYCL/cTFJCBMvVjWLguH 3tSN0qCbEgEcFBpo8xtaxgfKOe2YD/gI5ow58PLUee7jss6eHOTyx4aO9vtNCAS1 mL/91eFDfCF6CF6R5JsamNWozQjbJVQpvy00jpJhBo+CLhqQabsC7fjg3D5C2NM1 MOZCciRXGs40TALsqLsE4j82D1pMQYpTppdNZEezfne6hdDvz0qGxcA9yKQHXiIT RPIU/G/rg8Vt28E0XQup2P6mwGf/W6fhQiLZsKv+ALja49kB0Z6J/lzb6u9Db5G5 9HKE6zrWONUTCkeUronR77+Y+cBVRp274twQfKZzv9RSYajsKrdxhZVjJ4CntMmW mnNh9Qx2FywD5xH3QL2fsXZiZWq1jSOJKN+9RG0TN3RIVWc+FjiUACiLsx9AQtXS wDSpmKTSqHezbFSSnll/z8a3ZP/VBExbb9ioUA39w2dvE+vFhEF+ksS/Y7UHRND5 TR5MfqwOYrzo5g== =ox1N -----END PGP SIGNATURE-----
