-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 27 Oct 2019 10:03:02 +0200 Source: libarchive Binary: bsdcpio bsdtar libarchive-dev libarchive-tools libarchive-tools-dbgsym libarchive13 libarchive13-dbgsym Architecture: source all amd64 Version: 3.3.3-4+deb10u1 Distribution: buster-security Urgency: medium Maintainer: Peter Pentchev <roam@debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: bsdcpio - transitional dummy package for moving bsdcpio to libarchive-tools bsdtar - transitional dummy package for moving bsdtar to libarchive-tools libarchive-dev - Multi-format archive and compression library (development files) libarchive-tools - FreeBSD implementations of 'tar' and 'cpio' and other archive too libarchive13 - Multi-format archive and compression library (shared library) Changes: libarchive (3.3.3-4+deb10u1) buster-security; urgency=medium . * Non-maintainer upload by the LTS team. * CVE-2019-18408 Fix use after free in case parts of the archive are corrupt but the archive contains several headers. Checksums-Sha1: bc4295fc6c14080bbff26c42edb5968678538557 2548 libarchive_3.3.3-4+deb10u1.dsc 499a8f48a895faff4151d7398b24070d578f0b2e 6535598 libarchive_3.3.3.orig.tar.gz 6ee83c838b25eb3290acb981b9ad2a60fdbd7c1d 19876 libarchive_3.3.3-4+deb10u1.debian.tar.xz 004ef2d93b0143603c83a8de5bc8b2c5d01aa20a 25020 bsdcpio_3.3.3-4+deb10u1_all.deb 75340da4265b3a064eb2030e3b9159c76d5cb211 25016 bsdtar_3.3.3-4+deb10u1_all.deb 0696db9abb4ca0bef6bf3641c0106ae1b50cd96f 484536 libarchive-dev_3.3.3-4+deb10u1_amd64.deb 5cda9ea7b80b751cac737e24d12f28ce1fbba038 89148 libarchive-tools-dbgsym_3.3.3-4+deb10u1_amd64.deb cd9c3b4b3ff784c74cead8bb512a2e0f59095cb9 77168 libarchive-tools_3.3.3-4+deb10u1_amd64.deb 4c4d4da1da771b57c6e1026d674a3a42e8467d85 872832 libarchive13-dbgsym_3.3.3-4+deb10u1_amd64.deb 300cf59860c578c5d6b3c762dac9c1cd8b228403 313404 libarchive13_3.3.3-4+deb10u1_amd64.deb 23d934cf5d833909bb36286263cdceb818b4330b 8311 libarchive_3.3.3-4+deb10u1_amd64.buildinfo Checksums-Sha256: e7d1aaa2866bb72a6c11fa3306243399d3265702a58a6e9711012bbe15d16479 2548 libarchive_3.3.3-4+deb10u1.dsc ba7eb1781c9fbbae178c4c6bad1c6eb08edab9a1496c64833d1715d022b30e2e 6535598 libarchive_3.3.3.orig.tar.gz fefbe7c0686d6496bb526be4c00634d2992355dfab7d9be6bb2eb53dcf1f8bc7 19876 libarchive_3.3.3-4+deb10u1.debian.tar.xz fbd5102c16383caa46b7a8cf6f8ccdb97c72aff1f267d5eb02b255a1696ae985 25020 bsdcpio_3.3.3-4+deb10u1_all.deb b3052cf9608d240e92cf1e7f9123a85cf9e7504b2c86a0160da3f012af8c7c63 25016 bsdtar_3.3.3-4+deb10u1_all.deb b38e16c360bf9c973a302a75f25743e2ff4378c96dcce590280b45b254ed7f10 484536 libarchive-dev_3.3.3-4+deb10u1_amd64.deb 487d434d76dc938b624cc3ec68a3da2dc2a7c63a6c5b3111bf02e8d47a789741 89148 libarchive-tools-dbgsym_3.3.3-4+deb10u1_amd64.deb 878613ab54253d74030b3bd2edeac789a4997430d95192a2cc8675f2c364383a 77168 libarchive-tools_3.3.3-4+deb10u1_amd64.deb fcce11a3e665b39982d7f5aed34e964990b52097d21f6a5fbca7758696f36487 872832 libarchive13-dbgsym_3.3.3-4+deb10u1_amd64.deb 2d333d0fcc49138d0411ce3442671058cc1f7e1a9a85a62ea63d4f2184bc4c04 313404 libarchive13_3.3.3-4+deb10u1_amd64.deb 7887ffb835bed23614ed6930b99a53814abeb89fd5494a1da41aa8b0154c04b9 8311 libarchive_3.3.3-4+deb10u1_amd64.buildinfo Files: 679f2601cc3ef3c101ea59e36897483f 2548 libs optional libarchive_3.3.3-4+deb10u1.dsc 4038e366ca5b659dae3efcc744e72120 6535598 libs optional libarchive_3.3.3.orig.tar.gz 5ed14d7b70ba9363b260f35ecc3b4591 19876 libs optional libarchive_3.3.3-4+deb10u1.debian.tar.xz 12d7819d9f88627b60adc3ceb73f28b1 25020 oldlibs optional bsdcpio_3.3.3-4+deb10u1_all.deb 0f877e0cf41e481c1d157a199f55556f 25016 oldlibs optional bsdtar_3.3.3-4+deb10u1_all.deb d519a8ccf5cabfac33190d0569bc0eb2 484536 libdevel optional libarchive-dev_3.3.3-4+deb10u1_amd64.deb a40905456f4684edcfbcf7e9d932104c 89148 debug optional libarchive-tools-dbgsym_3.3.3-4+deb10u1_amd64.deb a73a587dccb846f1f381e8805971ced9 77168 utils optional libarchive-tools_3.3.3-4+deb10u1_amd64.deb ad12109bf86c04b39b76e40b82df378f 872832 debug optional libarchive13-dbgsym_3.3.3-4+deb10u1_amd64.deb b8c97cd2548de71d442e11b63fa5ba69 313404 libs optional libarchive13_3.3.3-4+deb10u1_amd64.deb e2f5c1b3bda65bc33fceb827383403d5 8311 libs optional libarchive_3.3.3-4+deb10u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl26ANJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYR1vvD/9u7w0zAJnZPtcKnRgcCdgYKhV7Bfqj QFsKoMcUmYTs2InM0/0AaEBLqXxg/grpScCuqEpVU9CYvCq0F+fm0KHPwIUYeeZL BD9iqCXboRO5PyrUecWWm6vQdqq11F/j733PLKRz9VlOquWwjcE/LWZgouc0DBpA RFOc/Gc8L1zbxXu5Nk1QyYzsoJGLfpnAhoD+BHBlNY2eNuLnOQtfTUOznhRbtvYT DHJpD8Sm9AbnE6YvXT9Ss07yj0VIUeoyaz3+0jfDLBqJcuQ9evgAk0EMxbr0jza7 rHIBZ/YsEzD0ioaOVnQTnIZKjlS9Y9KvAkSmNgGL00xAGuKNr+caD5YxvT3Y+iHb lf18j7Hsx1DRecOL2/QdtqN4gAeC9/zp/6iFAG5/okvSVIJ5Hab0vePW6t5IYTqv fSNv4SG2CuMKeBjT0JUS0cKs1UkjIOg37Wr05b0PSDRDhAlkXuGbi1c09YIELbVd MOiG/S6+qK/YjxhG0QXd45snkRiBqNA8MHsVF9G5csCHMR9UgjWzKZNg9/WeDKD4 Okamocp61pxEbs/3n0Abiv10aNqncRwFUp5p42yxh0xRGA5WihBFdajj3uH2DJ0u C1nbYaz0nOWVRvoc3rHhvS6X0DzHlPts8aWxaVyBy5IYYm3B16zZ4vIeFMX38W5D zV19yka9CxKCeA== =hTDV -----END PGP SIGNATURE-----