-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 29 Aug 2021 19:03:02 +0200 Source: squashfs-tools Binary: squashfs-tools squashfs-tools-dbgsym Architecture: source amd64 Version: 1:4.3-12+deb10u1 Distribution: buster-security Urgency: high Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: squashfs-tools - Tool to create and append to squashfs filesystems Changes: squashfs-tools (1:4.3-12+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2021-40153 unsquashfs unvalidated filepaths allow writing outside of destination. Checksums-Sha1: c988d3e678d7c8a50198933347f6b6f10d89ac27 2070 squashfs-tools_4.3-12+deb10u1.dsc a615979db9cee82e4a934a1455577f597d290b41 182550 squashfs-tools_4.3.orig.tar.gz 3f7cc63a2cd0e5223cb201bc4b5b976a0aa8c3b4 28324 squashfs-tools_4.3-12+deb10u1.debian.tar.xz 45b09112e59a97a72c6bf7e6e1294577344fed5c 364408 squashfs-tools-dbgsym_4.3-12+deb10u1_amd64.deb fdff8054ec8e62a9a7a5ca93fbc7699b77bb7f57 6250 squashfs-tools_4.3-12+deb10u1_amd64.buildinfo 79f8c9eb3b73de0f94ff6705ddad93560dcc43c8 125540 squashfs-tools_4.3-12+deb10u1_amd64.deb Checksums-Sha256: bf917e63ad2f3c3bbd4508249f48445aec0952ed9c9d9d5d41c4e64cabbb091f 2070 squashfs-tools_4.3-12+deb10u1.dsc 0d605512437b1eb800b4736791559295ee5f60177e102e4d4ccd0ee241a5f3f6 182550 squashfs-tools_4.3.orig.tar.gz 1bba2bfcf49810be566c932e9b1e321e64978777ae0654f0e43aa9ad5c786b33 28324 squashfs-tools_4.3-12+deb10u1.debian.tar.xz 21fa9984c0d1d635fb8695ea2bb7b432b4ec8f3e1ff49cc866fc736fa062c14d 364408 squashfs-tools-dbgsym_4.3-12+deb10u1_amd64.deb 14faf915c7b4e8b6eef1ee40ea8875cf0cdfe20fc3f8cc592a96f189f2ccf113 6250 squashfs-tools_4.3-12+deb10u1_amd64.buildinfo 6be794867039bdbdd88b26878a1c426d47e81f22362971425790865b3ca38c3e 125540 squashfs-tools_4.3-12+deb10u1_amd64.deb Files: fa8cf492af92ed0896d1f3c6caee3687 2070 kernel optional squashfs-tools_4.3-12+deb10u1.dsc d92ab59aabf5173f2a59089531e30dbf 182550 kernel optional squashfs-tools_4.3.orig.tar.gz 19a9c133730df5c69f4c1364d2ce46ad 28324 kernel optional squashfs-tools_4.3-12+deb10u1.debian.tar.xz 32f5af28cdb53ebf1fb6a0053b5ba752 364408 debug optional squashfs-tools-dbgsym_4.3-12+deb10u1_amd64.deb b26e85d4b3008db461926d61a235af58 6250 kernel optional squashfs-tools_4.3-12+deb10u1_amd64.buildinfo 34d76d450f674f8417b4de8fc4b267ba 125540 kernel optional squashfs-tools_4.3-12+deb10u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmEzEbVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYR4jgD/9md2/UzT1jciamHqoSQNnA0Xc+dQVE UpCXW/dCZnDGLDsRfGPXq2Q/5XfAbFPDufPiHhTdA4VwFs9JiClJbgY/4QAydSp8 mVMcJ6VfwoPWYkjvLsxiBoeKnp7PBQWotJmuNbpIghE8h7FU+JYVzqrDZ1PrFjn1 xWyZuswQLfbUmbbF8LDoft9DM8+daXeV1VNtGwNOud2tuJ/AbKfEtcnr+b5rFtRt i+l+lyFfBzCZQcwayiLUhr47mtWNQBp6otIHnVh4S0oRmk15grt8jvUTxkbYE+0v f99Cbse3h3U1upukQkfTgpjEcDsLl6D/SvV1TQ3fTJt56nZ4tUVzpH4Bg60Z8bKr Qg0VOuGE8nfV13rxHwMsU8V1elzsg5/980EtvP7yMkx18OU4vpUVucfgUlAUgqrj og8C6vUVjaWJmHX3MjYgUrSI+mEj8GInMaNKP2KCms9mkFynNZI89mDlBrS2quia +JyZ+bj1yL+O19nFES6Ydwa13JITotyrrdJF0xXiEW1bVwXW5cN+ndux4IanJF5H IURs+LFzg0BGWbg92NWinURHpKrP1/g+fVvgoMjg+aqNSQINBXflFi1OwVMqemP5 pJXafKYzSF3OQWOIKeedZPD+I97VPBw4YU7VZ+SiHUsTgvnFC9miNDbkjR57sJo2 DAMbq91V7iZf+g== =Bvey -----END PGP SIGNATURE-----