Debian Package Tracker

From: Thorsten Alteholz <debian@alteholz.de>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted bsdiff 4.3-15+deb8u1 (source amd64) into oldoldstable
Date: Tue, 26 Nov 2019 18:40:23 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 26 Nov 2019 19:03:02 +0100
Source: bsdiff
Binary: bsdiff
Architecture: source amd64
Version: 4.3-15+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Jari Aalto <jari.aalto@cante.net>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
 bsdiff     - generate/apply a patch between two binary files
Changes:
 bsdiff (4.3-15+deb8u1) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2014-9862
     With a crafted patch file an integer signedness error in bspatch
     could be used for a heap based buffer overflow and possibly
     execution of arbitrary code.
Checksums-Sha1:
 f28de97522d0e2b88689de6948b3a647cff6d96b 2003 bsdiff_4.3-15+deb8u1.dsc
 0c0a89d604fc55ef2b5e69cd18372b2972edd8b8 5740 bsdiff_4.3.orig.tar.gz
 c13c308a4cd53c08ada0f48a7cfccb6415d0fcdc 5596 bsdiff_4.3-15+deb8u1.debian.tar.xz
 265a5a5f462a08123a4e7d20710d39e54dfd320e 14790 bsdiff_4.3-15+deb8u1_amd64.deb
Checksums-Sha256:
 baff83b5c92705124810c28dbbc5744c976f48064d95af62093eb64321f0afcd 2003 bsdiff_4.3-15+deb8u1.dsc
 18821588b2dc5bf159aa37d3bcb7b885d85ffd1e19f23a0c57a58723fea85f48 5740 bsdiff_4.3.orig.tar.gz
 79122d4a05f72225f0bcf3a7d271de4c110e4e440d0742691cc3a6949354d70f 5596 bsdiff_4.3-15+deb8u1.debian.tar.xz
 2bef0482c3fda4d84088b742dcf3a8b3cc4518fd5f9aa4dfdcec315a1db7ed76 14790 bsdiff_4.3-15+deb8u1_amd64.deb
Files:
 1fb6b4e3495d50352b4658e72323eed9 2003 utils optional bsdiff_4.3-15+deb8u1.dsc
 e6d812394f0e0ecc8d5df255aa1db22a 5740 utils optional bsdiff_4.3.orig.tar.gz
 6feaf2b5f1320b7eaec39900f399914d 5596 utils optional bsdiff_4.3-15+deb8u1.debian.tar.xz
 313b4ce5444a80b1d06110a9a40b58ac 14790 utils optional bsdiff_4.3-15+deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl3dbtJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR5xSEAC+coMyL1e6nH0QwzzR2oF/nk/fGRc0
vb52o65qZSHc2qoobWARZmSSE8QaQUaqFwG8XVq4nuK6GOafMRWwLnglQuFdwPGl
sLVVsmkJZUW4mjKt8UFrq323o7LnlrO14t9LcgOoVPsAvXMRt6fhMKuobCCIzqaO
iYaaOcFh39ws91BN0ptgUBRgXym3RK0RFkrK3AxvRVsuoEB16wNn5qf04GuSrSzz
1UP/HtS4Z1V05z9z4FOX2oZYzrLnLrAtHXcEeLFM3iGmLbcoLH/FoC6CMGaliGWN
mWviO5l5YWr/dlUX9iLUngkRja3XachSW0q9I6b+URXfpILmOwMpWBAWnqkDtwJq
8BbzTejMpC1yMO3/OUzmuBVs2vIn0dbtjM8BNJY91CP0rpSNEp+TfJkPpsQfJNc3
bjV6wbgv/TTsAaIq52cXv0o8kYvlRbKyOfugR8PsXqKwii5zFQ+JJudOLBsTDF8S
kGMEcukt95/60GOx808X5BWFixOASFT4DdglUHq8yGHgPjiekcaTLfS37Z+lyolc
HmA3LR3lbAWzTH9fOYVfWKA+pIZ2oVc6YKcyEWVES9Ei81DJvm8CbP+96Ak68DJj
Uo980/h8ICFU/SVVHCnuFRY3Iuf2Olh8EjjObwEFGBsKApxb19Q8FNZBcwrY+ZPI
OPgndJWo2d4bNQ==
=hykb
-----END PGP SIGNATURE-----
News for package bsdiff
