Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted lrzip 0.631-1+deb9u1 (source) into oldstable
Date: Sun, 01 Aug 2021 21:20:11 +0000
Signed by: Markus Koschany <apo@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 01 Aug 2021 22:51:17 +0200
Source: lrzip
Binary: lrzip
Architecture: source
Version: 0.631-1+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 lrzip      - compression program with a very high compression ratio
Changes:
 lrzip (0.631-1+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2017-8844, CVE-2017-8846, CVE-2017-9928, CVE-2017-9929,
     CVE-2018-5650, CVE-2018-5747, CVE-2018-5786, CVE-2018-10685,
     CVE-2018-11496.
     Several security vulnerabilites have been discovered in lrzip, a
     compression program. Heap-based and stack buffer overflows, use-after-free
     and infinite loops would allow attackers to cause a denial of service or
     possibly other unspecified impact via a crafted file.
Checksums-Sha1:
 183233a237b8db63ab60ee8d869c652d1f5ed8f5 1982 lrzip_0.631-1+deb9u1.dsc
 49143bf5433270133ac9adff429e5d6c248e9019 522158 lrzip_0.631.orig.tar.bz2
 0a4dd296cb04c93268439d100bcdd2e0608cb2b4 18692 lrzip_0.631-1+deb9u1.debian.tar.xz
 7ef876f696f3c97cd2d4c33c8dcd59f31b4e077b 6372 lrzip_0.631-1+deb9u1_amd64.buildinfo
Checksums-Sha256:
 148974258c733dc554235ea07aecdf41e79ffd1a9af75418cf5142af38e9606a 1982 lrzip_0.631-1+deb9u1.dsc
 0d11e268d0d72310d6d73a8ce6bb3d85e26de3f34d8a713055f3f25a77226455 522158 lrzip_0.631.orig.tar.bz2
 aae1dfa65b93f9850ea18e671196a2344277aca2b731f6cf9c1999df8cdc55aa 18692 lrzip_0.631-1+deb9u1.debian.tar.xz
 0ac01e9b26c6f50b431f2cafb2b4f919063b8c631d66ea5eea2711e2574f01b2 6372 lrzip_0.631-1+deb9u1_amd64.buildinfo
Files:
 7eb628727b09999df99a7b836f2b9734 1982 utils optional lrzip_0.631-1+deb9u1.dsc
 28f6e69ff4a6f9771dd4eb142df135b6 522158 utils optional lrzip_0.631.orig.tar.bz2
 0f2bb85894ce1d49209986c040da850a 18692 utils optional lrzip_0.631-1+deb9u1.debian.tar.xz
 9a1c7fdbc8aa0c023c1cf3af79b8be35 6372 utils optional lrzip_0.631-1+deb9u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmEHDR1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkP/MP/1DTChzGfW/BBRb8qqqOyPYjPQKfA+bGzNTU
lKE6K3V2SX8+eReb7WLmIyd/51Mvx4V9enL+f0nXivFWdBNzJwb6YkXTP2DZCBny
5XiMQOuWXL++iL4+AOwZxpXWaBSD3TMW7XxxIRl6bNzrLoJbH6Uq0E6AKZke0t9D
nV3kRMKBagyPKlh5aEYTcYAq3bmKezKMfelPNGNDMaNiQbmVKYhz6+GVARhDUW7D
XhGsS2ftx1/MftOB0TBgTEWPN+c0ha+kIu2Gk9q2GusG2bmMm6JF3DIbvn0qQDEU
CCNytrj6Gs1fll9wlbjTv6ZNZjKAjYVhHOpmotRAQr7ug6/N8NnPxYa5oFoa4XMZ
xki6qfR8JSSGw4JRcAOGfxCwHqZ/RN0HS2+LoLI25V49R8lkjD5Wq5uVu0fnsWyQ
mZHW5Q/xlXmxOzI9hWNPoLisN2PHIpiOYtNpBIJgTT5oPivOrIWZGeugUW4z3ceA
PFZnKW52x1X8E/QjC4qB6d9/HzMWYf6f8mXrngoP7idYA4KIQDgZnqQEfBWQ2YXZ
TxUY3qmxAJAaZgkNe63BNIquL76nNwnQAI0NBReCKrnCR63yPsaB3Bj17o5hiZw8
EAoQuer/hHuNgT3ZNyUackNQH5L/hbbqh/spM+VaJNsvhMjWqW9CGpX53HVoXjwl
rcYQs7YZ
=LZjw
-----END PGP SIGNATURE-----
News for package lrzip
