-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Mar 2015 19:03:02 +0100 Source: unace Binary: unace Architecture: source i386 Version: 1.2b-7+deb6u1 Distribution: squeeze-lts Urgency: high Maintainer: Guillem Jover <guillem@debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: unace - extract, test and view .ace archives Closes: 775003 Changes: unace (1.2b-7+deb6u1) squeeze-lts; urgency=high . * Non-maintainer upload by the Squeeze LTS Team. * Add 006_security-afl.patch patch. CVE-2015-2063: Buffer overflow when reading bogus file headers The header parser was not checking if it had read the needed data when parsing the header from memory. (Closes: #775003) * Add 005_format-security.patch Fix format-security build failures. Checksums-Sha1: 4330f42549a4f02835d47be52f84a88014570b8f 1833 unace_1.2b-7+deb6u1.dsc 54781d630644a68bb3d9338fa6a018b2d4553efb 27561 unace_1.2b.orig.tar.gz 36759633e7d3a6a4cd2f4bfed2740c9d550c6e0a 7816 unace_1.2b-7+deb6u1.diff.gz 3f7f723e5509142236079c7f075b11f7f16da4f3 16852 unace_1.2b-7+deb6u1_i386.deb Checksums-Sha256: 1a09b9cbaf52efbe5b32ff6cc2bb0de2bbecc2655901e89ab69e6c6abd1b21e5 1833 unace_1.2b-7+deb6u1.dsc a5f3b7d0994b2c6aa3b95ac1196ee18605d8dbd0660f978f8d64b8583fb55490 27561 unace_1.2b.orig.tar.gz 52210a697190574ada3b2b8011db38f8202c60374c0075af437f7b763c003b3f 7816 unace_1.2b-7+deb6u1.diff.gz f14986a765754dd0120d1540f2e182a51d5c97feccc9ae3b553768c93198f63f 16852 unace_1.2b-7+deb6u1_i386.deb Files: 311fa77ef6dd29bbc44280b049578869 1833 utils optional unace_1.2b-7+deb6u1.dsc 51360df61997db28787b60ea7321d83f 27561 utils optional unace_1.2b.orig.tar.gz 78a2ac6f851826ad37c1898443938ec8 7816 utils optional unace_1.2b-7+deb6u1.diff.gz 3821c9e136bd129e0ee162153869266f 16852 utils optional unace_1.2b-7+deb6u1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJU9gCKXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHiTkP/3NxcagLX/EBdEQLJ08/bn6f hFiOO/60nTN2HIyRcoXpombfp4MdL0BWsC3NsByYhgBLRRkbt+JkFubV83CJInTO t0IBbFJB5FRvc5oXzPi9PsHRYGtXKkFhSjh8GJC/tb+dHRfVgzHhQb85gNzSsbyW 4qAwTUzeqBYfGLZYYw5YiaWfWhRATpkya71nzZndRYA1nTVRBQDJLTMNP1yOWQSz +D5GbJ+Op5o59gizVKn/wk2CaTqWcwIpj05KIBC2YE4pymUwOcc2bjBZidvDyfpK 47rXWF9eK5kStUEgrffPVvdB5I4Fx0OI5IAxIPhQ+mO0SCvikyGR4nneIno5JVaI jjNI1K3I0lgWfGKTOrv7z/QuMjV7BNn2D6kt4IYyAOC7zz1y5UfFExdHzewZYHnc MiaID+BJRC9c7NEzofGQR5GgVV9lgKqzuk8eKbti38G9jBhczRNk7hBi2w3Wb/MY CDxdmh/tI+jERtpsLnGDf5uNdahbfsfnnovGN6gomF0FCAYVEWpNq/dbUoJ7z5y1 TZswA+cwrWAl5f5ZFbip8WKOS771IS+rMRznhYoQYhxrX/5r6rC0mBm1ZqBs86FS 9G0flZvgUScS4MQjvsJigwBkPmoR3s8LzsYBDA013C4+1AFGCjrJy7nS5coWA1YG s/I9DUPpMaM2cxTl/Cph =YRLg -----END PGP SIGNATURE-----
