-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 25 Nov 2015 22:34:58 +0100 Source: dpkg Binary: libdpkg-dev dpkg dpkg-dev libdpkg-perl dselect Architecture: source amd64 all Version: 1.16.17 Distribution: wheezy-security Urgency: high Maintainer: Dpkg Developers <debian-dpkg@lists.debian.org> Changed-By: Guillem Jover <guillem@debian.org> Description: dpkg - Debian package management system dpkg-dev - Debian package development tools dselect - Debian package management front-end libdpkg-dev - Debian package management static library libdpkg-perl - Dpkg perl modules Closes: 798324 Changes: dpkg (1.16.17) wheezy-security; urgency=high . [ Guillem Jover ] * Fix an off-by-one write access in dpkg-deb when parsing the .deb magic. Reported by Jacek Wielemborek <d33tah@gmail.com>. Closes: #798324 * Fix an off-by-one write access in dpkg-deb when parsing the old format .deb control member size. Thanks to Hanno Böck <hanno@hboeck.de>. Fixes CVE-2015-0860. * Fix an off-by-one read access in dpkg-deb when parsing ar member names. Thanks to Hanno Böck <hanno@hboeck.de>. . [ Updated programs translations ] * Catalan (Jordi Mallach). . [ Updated man page translations ] * Fix incorrect translation in German (Helge Kreutzmann) Checksums-Sha1: dc85f886687b24fdd0eb476388e704bcf25c1110 1960 dpkg_1.16.17.dsc 2573b422a5aa67464c53dabc4eeb43ff44f7b040 3806316 dpkg_1.16.17.tar.xz 994bcc29756cf36abd416e3ba6a95625cc4257ac 702054 libdpkg-dev_1.16.17_amd64.deb 0fa355c4a4dbf3d850b9f3a4fb48438e2aa860b6 2662834 dpkg_1.16.17_amd64.deb d75a476a62a3662d55f1a6d5ebe11c669702bcae 1165346 dselect_1.16.17_amd64.deb 83d8725992b3f66582235911296f94fb11c4d002 1363258 dpkg-dev_1.16.17_all.deb 43304a79ce13a922ea8099850e6c29f7532460bc 964040 libdpkg-perl_1.16.17_all.deb Checksums-Sha256: d0b6fc4b038bd1006a84d89602b1311054ce184c66be8d1b56e33b717ce6020c 1960 dpkg_1.16.17.dsc 4b2bd4c7725b78424e781049e628f20e6017a5dc847ba85d29e08f04e8c85a4a 3806316 dpkg_1.16.17.tar.xz f340e5a46aa07236609f97908fcdad8e6021a499c8f5f8d55dcdbbc1cebf957a 702054 libdpkg-dev_1.16.17_amd64.deb 561b106818253b23cc7af7c801b5779138c141dac1d59de0895cb996790d06d4 2662834 dpkg_1.16.17_amd64.deb f7f2a99a3c130155dff06295107c644289e298e5c486a2e46ef06d4dcb6b9f9c 1165346 dselect_1.16.17_amd64.deb 8a5738e142130d0490e6439bcd2533dad7d3f93138318ee7244ab5294cecb9b6 1363258 dpkg-dev_1.16.17_all.deb 4653c323f02428d2c2f5d6ae4c5567295e288f04d51503f846bbce434aacbf5a 964040 libdpkg-perl_1.16.17_all.deb Files: 2b314e6b617de3a64754483d90f42ef7 1960 admin required dpkg_1.16.17.dsc 0a88e4f676c09e5b43ebd9b27caebdac 3806316 admin required dpkg_1.16.17.tar.xz e5f6ee479e932231ab1c3dbee4187c13 702054 libdevel optional libdpkg-dev_1.16.17_amd64.deb 97ed0691db824b2e32eef37e66955bf5 2662834 admin required dpkg_1.16.17_amd64.deb cf3cef9ccd8e4a7c50b43689e8492bcd 1165346 admin optional dselect_1.16.17_amd64.deb c0f9a9357aa1f9c54673ee643426213e 1363258 utils optional dpkg-dev_1.16.17_all.deb daa35589c8f16b55ba4db9baa3f1cfae 964040 perl optional libdpkg-perl_1.16.17_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWVthrAAoJELlyvz6krlej1tsP/0xEJoPEHTm+XC0pOE6ZRanO M9e2Z/r9PPhNQtjM23yO0dL2VmYHA2S3YhB+0CqrPM25x3w+rMeKsoRMFAEMd8pK eLV9w8E3Q86972ksmhq0v6ks2bUMgAmFXIwvxscn+p1PPzDZVr2zoVKSnzKj8P4l WyNn3EvAorupppGj5jKA+i23n2o6JUzcp2KV3TcO5lvCku3sHCtYy6SBSFjrXuOd /dM8741dk7ezse+BxGiWHfuPpyHYyN739FVQ1krQ8K/p9c0wRBMeejh4wcQMMy8z i9G2kuNerWXIFGPbLigytFKYA+eNNGHxeYTGcJfeLnphdN7gGIMbwUB1AerrGR3D DYum6+zK4OGymb36iSsMb0FwfXvZwNZpoKTPGdzLOjnpor6ggJK0Ew8bKQd44GmE 6JfRvxaNUS0a31OtkGTBo2XpqlwifWHfdhTCYA4K8tKtbnFXYB7ciqnOGwCPXyb0 yqSHRDvTdHzfD+xC+8ymVm79Pg6Um+y/tohahPFD7Wyhx8wwrcSAJN8kbGwtEolC LXay8bJ+is+ZGpf5+2JjkxYQM3BiJzQbiNDae/OgpYzVd4c52RHXiTvYVJKdrpbp L9/JlqoAsVaQ3uGPeyBBgLzMo/6Y9jIBa0ePidq9uevVEGhS2uSEpTVluNMQd9m+ DN1zMdGKNS7CaHBnRYGY =ndpI -----END PGP SIGNATURE-----
