-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 17 Oct 2016 21:36:24 +0200 Source: libarchive Binary: libarchive-dev libarchive12 bsdtar bsdcpio Architecture: source amd64 Version: 3.0.4-3+wheezy5 Distribution: wheezy-security Urgency: high Maintainer: Debian Libarchive Maintainers <ah-libarchive@debian.org> Changed-By: Jonas Meurer <mejo@debian.org> Description: bsdcpio - Implementation of the 'cpio' program from FreeBSD bsdtar - Implementation of the 'tar' program from FreeBSD libarchive-dev - Multi-format archive and compression library (development files) libarchive12 - Multi-format archive and compression library (shared library) Closes: 840934 840935 840936 Changes: libarchive (3.0.4-3+wheezy5) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * Fix CVE-2016-8687: Possible buffer overflow when printing a filename (Closes: #840936) * Fix CVE-2016-8688: Avoid out of bounds read when parsing multiple long lines. (Closes: #840935) * Fix CVE-2016-8689: Possible heap overflow reading corrupted 7Zip files. (Closes: #840934) Checksums-Sha1: 621e2ab5c910b481ed07508983fd0a4cd2039153 2264 libarchive_3.0.4-3+wheezy5.dsc b311f7bcbda69b49dc80dea72780cdd5c8d608f4 40120 libarchive_3.0.4-3+wheezy5.debian.tar.gz b0392afec09c4d161deb2729a566a169cdff2652 475232 libarchive-dev_3.0.4-3+wheezy5_amd64.deb 73c64c6526cab49d977dd1c4f7cfff63563e62d1 305176 libarchive12_3.0.4-3+wheezy5_amd64.deb d9938549e52b888e18337c45aefeed51c705a869 55616 bsdtar_3.0.4-3+wheezy5_amd64.deb 91f1bc8c76231387c4859736a939e0b8e2189a73 42178 bsdcpio_3.0.4-3+wheezy5_amd64.deb Checksums-Sha256: 8d82fa26250173c39ed81304b294d4b82111087528b9f33345d6bd5dae809728 2264 libarchive_3.0.4-3+wheezy5.dsc a362378d03cde97f9d7fc0750fec94512243bdd9a38f16920e78190a80bebe2a 40120 libarchive_3.0.4-3+wheezy5.debian.tar.gz 7250c68d9aeb1dadb1bddc13ef67b21681e3b9dff603c2b65658b52969c2f7fd 475232 libarchive-dev_3.0.4-3+wheezy5_amd64.deb 24fa648899e97b312fdf75448f4f48e59ed7853aba575c8df1da4e69d2f4b2e3 305176 libarchive12_3.0.4-3+wheezy5_amd64.deb df462785561e450f06408962ebeafc58b3fe3c42f1c2d80b6032b12b37ac40ef 55616 bsdtar_3.0.4-3+wheezy5_amd64.deb 35c3289bfdedca6a35444294ca271a057d3392cac1628a8ce74cfeb38fc2b117 42178 bsdcpio_3.0.4-3+wheezy5_amd64.deb Files: 57812f5191a2e782842eaf2f997e7ea6 2264 libs optional libarchive_3.0.4-3+wheezy5.dsc ca5477ffb5c91a736453ce91a165bb4e 40120 libs optional libarchive_3.0.4-3+wheezy5.debian.tar.gz ce1cd616730c2aa1d3d65f127ce790a9 475232 libdevel optional libarchive-dev_3.0.4-3+wheezy5_amd64.deb 7dfb319ef358e05eb07659759a7555c5 305176 libs optional libarchive12_3.0.4-3+wheezy5_amd64.deb ae83e1bc8f82f1aa20b323e18c1c31fb 55616 utils optional bsdtar_3.0.4-3+wheezy5_amd64.deb e2fc12c367963f78ef56839d3751f046 42178 utils optional bsdcpio_3.0.4-3+wheezy5_amd64.deb -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJYBTQxAAoJEFJi5/9JEEn+tpgP/iXMZE4X8Lde6Eo9X45akJzq wHjxX9MyEIeDYtHphSUN4GWm53r86Rw1NYxxU+latzdRg7kBgHc2At3bnGtiP1bA jRCNlyOOqP8ZkSViMgQdZMFRPUqj4XE1rOuvOCo07uwpDwIkbHtDfeJ/tmfdcOGY hnYZz8+5yZy+wOtnyQ0x84iX+ekeiiuT2zw/28UpWJmxOWfzY8vPgOZNx/fPTlnY SGE+gj/EEduvO6XmRI0LHm8zgU+4ye6BPNvehtLraH/wiJvXLsMTIIrgOpsKguis 7ZZXCJu0a4UVLa0L4HpEejP9DlNa8pNL12uXc/jk0akcLTQ8JANxhPAdcfvwNYFI y9Uvo3lgzDSCfqDjbxVnAva3gh1adEd1s/XeqBAn50BpLVWE4xRl+wtBBIYCz3EU PjyJuIxqKrd4hUhpAVPU4zwKsjZbYgOKk1JXSmxtPZ2ucdWFxuYk9uyNzoEHWVyi xoLRapXPgpnEBK2QNVRwNEeoAeSTkvxrhW12lnvGjAgBOUefiFOg9fiQhrhLwjrf Y1skkH6kVg8ARV/7J2NF/XvSDBB4LV4kUmgankUanUHOsiU1HlRHmjPuuI7CSLzg TN3iuO5l/Sc12MMFexygW+4mCUbrXnrOSPa8p2a9jpPJL3ACtlajGyze4Y3ARiH1 VntrHcB6+qeVEWyZlruS =9ldU -----END PGP SIGNATURE-----
