-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 22 Dec 2014 19:16:10 +0100 Source: unzip Binary: unzip Architecture: source amd64 Version: 6.0-13 Distribution: unstable Urgency: medium Maintainer: Santiago Vila <sanvila@debian.org> Changed-By: Santiago Vila <sanvila@debian.org> Description: unzip - De-archiver for .zip files Closes: 773722 Changes: unzip (6.0-13) unstable; urgency=medium . * Apply upstream fix for three security bugs. Closes: #773722. CVE-2014-8139: CRC32 verification heap-based overflow CVE-2014-8140: out-of-bounds write issue in test_compr_eb() CVE-2014-8141: out-of-bounds read issues in getZip64Data() Checksums-Sha1: f7b1be73e9039266337b9f6d962c0d455b4350a7 1311 unzip_6.0-13.dsc 5663fba14ac26549c487c573d6df6a4db673f13d 13512 unzip_6.0-13.debian.tar.xz c42b7221cde3acc12f6197620ea28a2752eab299 160690 unzip_6.0-13_amd64.deb Checksums-Sha256: 029ccdf813e6fd884139b7ba904e4ba5e5356fbb26a56a42ae5e618424989ac4 1311 unzip_6.0-13.dsc 1278b3d077ea388f59b1890ea34a1791b524c7634d52bbdb9f733cd0906d975b 13512 unzip_6.0-13.debian.tar.xz 7ca14e05e59c115f7b056b6ff8cec8851258f528012a3f2a735478f19dd99f39 160690 unzip_6.0-13_amd64.deb Files: af8c8bc702b4343e6942d72e9fc7b41e 1311 utils optional unzip_6.0-13.dsc b66659905826c0725bdb98a336bb156d 13512 utils optional unzip_6.0-13.debian.tar.xz c93df3e23ec23a456f63d6a1aebd4962 160690 utils optional unzip_6.0-13_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJUmGBpAAoJEEHOfwufG4syNy4H/AntJeXy8XyizN0YYvfETMEG q/CbIqj28GKty/PPVhQXjPVdaK0RGzbp0Oq/wUEVn1ww+tQgZnxKcR7/4z/nX2fd 6+uv+NzuLsx7d6bAoOFJIxOYhfqAQCWxZHtE8b+TDEd9YFC/Z82Ib9G8VrQdOdaU 4UFLjw0waPBZJ2eGG6+vB+E+vwkB/hPYMG87Unj7373IF5vhB52Eb6ikdTd7ZbH6 fBLstEcgnq/gskxhN3YxSKnTci50/2VCsjo8Y1im1Moc94nllvDvWfvWXWEOkCmQ B5Ucf0LzWqGQC4vuEqRCrAYgh7vqtdGQOvM1mPPz3lIl4cJ8rxrDrONRdzF0otQ= =D/bI -----END PGP SIGNATURE-----
