-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 06 Apr 2021 22:42:24 +0800
Source: umoci
Architecture: source
Version: 0.4.7+ds-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team <team+pkg-go@tracker.debian.org>
Changed-By: Shengjing Zhu <zhsj@debian.org>
Changes:
umoci (0.4.7+ds-1) unstable; urgency=medium
.
* Team upload.
* New upstream version 0.4.7+ds
CVE-2021-29136: malicious layer with symlink entry for "/" allows
overwriting of host files
Checksums-Sha1:
9b7d79522cb5c63e852a15d1b566f4646cc55fc4 2124 umoci_0.4.7+ds-1.dsc
bef0b23cd78351b03161d7397aab7d0db1ba2eab 1010796 umoci_0.4.7+ds.orig.tar.xz
b0e85864c20e3e9dd7e2194166bc146c739908c5 4244 umoci_0.4.7+ds-1.debian.tar.xz
b1e98d5f6e85f663688e24c5622b575155f30a37 8965 umoci_0.4.7+ds-1_amd64.buildinfo
Checksums-Sha256:
613402a8fb02296133d9f79060391508c7ab35360e343eb433b3965ef7d2b51c 2124 umoci_0.4.7+ds-1.dsc
1b00b2b851d109e4554e52a5db52cb7b9411e46efc672ac89f3ce2ee5c635d0b 1010796 umoci_0.4.7+ds.orig.tar.xz
c6cfc244eab7d93e0190dea271e3e3aa1976071b60699ba17ff72a3b0a4645ed 4244 umoci_0.4.7+ds-1.debian.tar.xz
01534c8a2163b5545a35b74600805bc0d2e1ef70ab19f6054ad7b383393cc9b1 8965 umoci_0.4.7+ds-1_amd64.buildinfo
Files:
acba057e04a4c888a287ebca47b682b2 2124 devel optional umoci_0.4.7+ds-1.dsc
76d9f19a5922aacfaeda5b1ae964910b 1010796 devel optional umoci_0.4.7+ds.orig.tar.xz
dcfb98edc7e83c8d4f8295437344c3a5 4244 devel optional umoci_0.4.7+ds-1.debian.tar.xz
a86eb5bacbb2407caba28924a4871df6 8965 devel optional umoci_0.4.7+ds-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iIYEARYIAC4WIQTiXc95jUQrjt9HgU3EhUo4GOCwFgUCYGx0GhAcemhzakBkZWJp
YW4ub3JnAAoJEMSFSjgY4LAWpmUBAJdcxXbj+l+Ihdicm6A1DRuAJhNUVhsFeDj8
Hk8RCITzAQCrLzjVGqwVwJGr/XSLCATbWPsEzGaKr+Pr0ykHF3anAw==
=pdO2
-----END PGP SIGNATURE-----
