Debian Package Tracker

From: Laszlo Boszormenyi (GCS) <gcs@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted unzip 6.0-16+deb8u1 (source amd64) into proposed-updates->stable-new, proposed-updates
Date: Sat, 31 Oct 2015 21:18:42 +0000
Signed by: Laszlo Boszormenyi <gcs@c64.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 22 Oct 2015 12:51:52 +0000
Source: unzip
Binary: unzip
Architecture: source amd64
Version: 6.0-16+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Santiago Vila <sanvila@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
 unzip      - De-archiver for .zip files
Closes: 802160 802162
Changes:
 unzip (6.0-16+deb8u1) jessie-security; urgency=high
 .
    * Non-maintainer upload by the Security Team.
    * Fix infinite loop when extracting password-protected archive.
      This is CVE-2015-7697. Closes: #802160.
    * Fix heap overflow when extracting password-protected archive.
      This is CVE-2015-7696. Closes: #802162.
    * Fix additional unsigned overflow on invalid input.
Checksums-Sha1:
 a35718aa518e18a15dfb53a3b63d30d97543b9ec 1685 unzip_6.0-16+deb8u1.dsc
 abf7de8a4018a983590ed6f5cbd990d4740f8a22 1376845 unzip_6.0.orig.tar.gz
 cf31bacbd1ed2a003c5b0fc0b00de74962998c9d 15372 unzip_6.0-16+deb8u1.debian.tar.xz
 9e00bf478436027b7f7f2869db9b8cc9dc85e3cc 161794 unzip_6.0-16+deb8u1_amd64.deb
Checksums-Sha256:
 26178443053c58792692ad3dc1f78df3719360b38b2aae5cb820768dd3c30c12 1685 unzip_6.0-16+deb8u1.dsc
 036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37 1376845 unzip_6.0.orig.tar.gz
 e24d2a7f93e717ba69c5f1d8f68884cf0c20008e1d525268b0f6133bdc14c46a 15372 unzip_6.0-16+deb8u1.debian.tar.xz
 79604b090126c9904680469b2630e3b8f8cd5bdb8b90c69b1b31f9d019837f70 161794 unzip_6.0-16+deb8u1_amd64.deb
Files:
 72063177ca672fc005166298749299c0 1685 utils optional unzip_6.0-16+deb8u1.dsc
 62b490407489521db863b523a7f86375 1376845 utils optional unzip_6.0.orig.tar.gz
 9585bf3617df6fc0a15e1b292701ed14 15372 utils optional unzip_6.0-16+deb8u1.debian.tar.xz
 370eca35d7eeb03e7ca10b7c82c300b9 161794 utils optional unzip_6.0-16+deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWKef1AAoJENzjEOeGTMi/oeoP/jokgmFVWIJmvkC1B4ghLmfc
8ROxOuVq2qR/10q12eaz6q/R3jVcyLavTVyvfu4a9zo51UHdvbwVE6IGLVQxnGly
ukmZJuRSp8dpqxvSrECkxojawCM6M+jPEweOGWz0Y8XBAyTy9UG8rsGJenIcSHfR
PTxu/+4KAwnsAohq/wRaKcSBWxva0o3y1AjAqPEvhtljsGodtZRXmbbmih9plwR0
LHskP//0wLKJz9jocmHtI1ys6NhUBjujj9oEum9uL1g3wFNgIzMa0R4ow9jYsxz3
9TMRm98fylMQMqp8+RXyVUL7AhybTSUlv/ss7paxDqBSs3BSw2zVrqMiO/TmQF7B
thWFcPKC9FPjCKChdLdfiy+Pkq1GzZm7xFspJ0i7yxAZ2IL5XQOWOh6g0TdgnnVN
A+DYlEcF3yvUAFw4kHovFrl5+wJX1OLGLhfbGXD8EoC46cCG4RwRPsK+T2BQO0fD
KM34wIlahbbW/3SBP8yqwhstYfQ3PwFKFJJwh48GohkbMyzv5zlz9T8W5ZvjVcsr
r2mQx/m+nFxRyl2PvUkfYYFbheE+1wx/Hv0tCjYen7ybUGscY/5Da1sR09LJR1UU
e8c61jn/dU9bOx410Nd/cLktS1vhWArKHKOnbQctaPs0qzJzFNAeJADqKQlMmSWK
Kzcybm79CoPvTnBnGorA
=FLX8
-----END PGP SIGNATURE-----

News for package unzip