-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 24 May 2023 23:34:41 +0800 Source: docker-registry Architecture: source Version: 2.7.1+ds2-7+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: Debian Go Packaging Team <team+pkg-go@tracker.debian.org> Changed-By: Shengjing Zhu <zhsj@debian.org> Closes: 1035956 Changes: docker-registry (2.7.1+ds2-7+deb11u1) bullseye-security; urgency=high . * Backport patch for CVE-2023-2253 (Closes: #1035956) Catalog API endpoint can lead to OOM via malicious user input Checksums-Sha1: c73f8955de6a55093abdcd67a0ae533f64664ca0 2570 docker-registry_2.7.1+ds2-7+deb11u1.dsc 7fcf78fb98ea8b6342b64dda5764d02a00471374 360416 docker-registry_2.7.1+ds2.orig.tar.xz 519643b907b0ad66fa7f324021d7fad107e7ec94 12720 docker-registry_2.7.1+ds2-7+deb11u1.debian.tar.xz 8795da66c7654dc28527a4854fbc0adf705c6ed8 12308 docker-registry_2.7.1+ds2-7+deb11u1_amd64.buildinfo Checksums-Sha256: 987510da21297d8345b61c647c2a18501ebd50675ca7942858c88ad3ff21220b 2570 docker-registry_2.7.1+ds2-7+deb11u1.dsc 8c88406a11366bc5e89a9af10f1142007dcd429e9b29eed543bb2f904dd38294 360416 docker-registry_2.7.1+ds2.orig.tar.xz 33c2fee7a8cfea40ef548dc4b6df1f1f609bcfb2e6f4d93b4c27086d3b598989 12720 docker-registry_2.7.1+ds2-7+deb11u1.debian.tar.xz 53b47f9c4b2cc710d090d7b4e646fddaadab070710b53a7869f83bc9a9d50ca4 12308 docker-registry_2.7.1+ds2-7+deb11u1_amd64.buildinfo Files: f66263d499033b12b42e0404637f1c39 2570 utils optional docker-registry_2.7.1+ds2-7+deb11u1.dsc a49a6ed595c642309daf9cd0867b6f63 360416 utils optional docker-registry_2.7.1+ds2.orig.tar.xz 3087288296fd3bbcb1513ec49074539a 12720 utils optional docker-registry_2.7.1+ds2-7+deb11u1.debian.tar.xz feada9c425b979e6323aa5479f998d2d 12308 utils optional docker-registry_2.7.1+ds2-7+deb11u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQSRhdT1d2eu7mxV1B5/RPol6lUUywUCZG5EqgAKCRB/RPol6lUU yzlqAQCY/BAiYoA9JbbdOwrcK86CsD/9aLXMy5vvOENfQAziEwEAv0bmSqgSxjZT 8Aoz2xcrfnd9HwvSp5xmzj3CBs85kwo= =QtWy -----END PGP SIGNATURE-----