-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 28 Jan 2017 14:03:06 +0100 Source: unzip Binary: unzip Architecture: source amd64 Version: 6.0-16+deb8u3 Distribution: jessie Urgency: medium Maintainer: Santiago Vila <sanvila@debian.org> Changed-By: Santiago Vila <sanvila@debian.org> Description: unzip - De-archiver for .zip files Closes: 847485 847486 Changes: unzip (6.0-16+deb8u3) jessie; urgency=medium . * Update patch 12-cve-2014-9636-test-compr-eb to follow revised patch "unzip-6.0_overflow3.diff" from mancha (patch author). * Fix CVE-2014-9913, buffer overflow in unzip. Closes: #847485. Patch by the author. * Fix CVE-2016-9844, buffer overflow in zipinfo. Closes: #847486. Patch by the author. Checksums-Sha1: 9574933b0a600e8b9d5bf1672519747249eb6e7e 1339 unzip_6.0-16+deb8u3.dsc 417505dba6d15ec94e28c95e1c463e0f60f95287 16120 unzip_6.0-16+deb8u3.debian.tar.xz 92912244f022011d97b27962690676f1cba773dc 161682 unzip_6.0-16+deb8u3_amd64.deb Checksums-Sha256: b1a3191a99f7c245d8e29ee0866d5c2b8e9deb191095ae8312dd59a95e616b79 1339 unzip_6.0-16+deb8u3.dsc 8e50ca0ac7d8e00d595a329c91dec7a7e1a1b998857f54062cd26b88c2e3d3b8 16120 unzip_6.0-16+deb8u3.debian.tar.xz 1ccc48a0a5d9a5fd655f7d319ca788f4de6cc65a7d33b525f2c5010a2fe9e224 161682 unzip_6.0-16+deb8u3_amd64.deb Files: 087f65fdd58bc2aba483a5bd1d12dbfe 1339 utils optional unzip_6.0-16+deb8u3.dsc 3ba68e7bb521a1459f63f0c0f62a7e34 16120 utils optional unzip_6.0-16+deb8u3.debian.tar.xz 269e48fdeac25e3b73dc8a32e37c8307 161682 utils optional unzip_6.0-16+deb8u3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJYjJblAAoJEEHOfwufG4syAiUH/RL2M13oEDNel0lXoLC/HZS8 cfW1b7j+2VCmhZLW+L4asG0qVgV1Ux7ja8prsGU+9pp/TLnBTb67Tt3Nv3Ld4RYj fO6tNYEz66odusSs5CLlAoPmU1FAOV5QpDOPgEnX3UvdgLO6EdIhB8hphrxt9Pdj X3igUhAqyzPx9xVcl5eXTCuSgAF0XuzIZdMLdaaC1p+pqvDwN4q9oG42c667KI9G xHs5BipXRrl530Lj/slIkQ4dNpAaBCDD9MBnnFfWx31tyj6ZX6s5wVcM8PUANrOu /5dSfSQ6KutpnDO35LvUGjLnFhURwtrXgPCeq2fGwHdvw49fJYZ5sffnpPdA89Q= =rSgz -----END PGP SIGNATURE-----
