-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 03 Mar 2017 05:56:37 +0100 Source: radare2 Binary: radare2 libradare2-1.1 libradare2-dev libradare2-common Architecture: source amd64 all Version: 1.1.0+dfsg-3 Distribution: unstable Urgency: high Maintainer: Sebastian Reichel <sre@debian.org> Changed-By: Sebastian Reichel <sre@debian.org> Description: libradare2-1.1 - libraries from the radare2 suite libradare2-common - arch independent files from the radare2 suite libradare2-dev - devel files from the radare2 suite radare2 - free and advanced command line hexadecimal editor Closes: 856329 856572 856574 856579 Changes: radare2 (1.1.0+dfsg-3) unstable; urgency=high . * Add upstream patches to fix security bugs - CVE-2017-6415 (Closes: #856572) The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file. - CVE-2017-6387 (Closes: #856574) The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DEX file. - CVE-2017-6319 (Closes: #856579) The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file. * Add small patch from Graham Inggs to fix FTBFS when linked with as-needed (Closes: #856329) Checksums-Sha1: 5208ac94ae508307c672e7f7d431f8274fe4663c 2234 radare2_1.1.0+dfsg-3.dsc ccdf5cb75d729b652bffb008a3ffe2d643efe9f6 22136 radare2_1.1.0+dfsg-3.debian.tar.xz 4ec8d9f3ca6b6b3987b2eb4c11d1a18de83848d7 8646280 libradare2-1.1-dbgsym_1.1.0+dfsg-3_amd64.deb d6c69c235a927530b1ddaf3f657d0b33d5f197f6 2055308 libradare2-1.1_1.1.0+dfsg-3_amd64.deb 307db6f7edf3827ac64a41097801d20b0beef7ea 521830 libradare2-common_1.1.0+dfsg-3_all.deb 00275158435cd5ef1c7cba3f9a3c9f1398e61513 146504 libradare2-dev_1.1.0+dfsg-3_amd64.deb 28e41af0a9e9a5c5fbcd9ceca27b650611bb4905 294944 radare2-dbgsym_1.1.0+dfsg-3_amd64.deb cc37ea5365b9f57ffc575cb24b6dbae5c8abe51b 8319 radare2_1.1.0+dfsg-3_amd64.buildinfo 6c3b9af6e40f296775dbff44b8390ce5b13bce74 151500 radare2_1.1.0+dfsg-3_amd64.deb Checksums-Sha256: 99d1b32790aafcb25eb2160394fa2b7bf2e0de1401c943d32d1e0c1c240b4580 2234 radare2_1.1.0+dfsg-3.dsc 1a4356760fa07e4dfac4a82bbc2a68dac179f5deb297664fc5b34500d474c764 22136 radare2_1.1.0+dfsg-3.debian.tar.xz 0a70b4ca7e30565adb661cca09c94410d13e5f1ea6be87599b3dfe0412dbacef 8646280 libradare2-1.1-dbgsym_1.1.0+dfsg-3_amd64.deb f8a8de070de2e8f62088f701706f8f406f57419de22609ade6e37d6a6d633f91 2055308 libradare2-1.1_1.1.0+dfsg-3_amd64.deb 1da8b467b7b305d05a2493a056b52e82238689e7dd386f10ab61e262f2f6bb48 521830 libradare2-common_1.1.0+dfsg-3_all.deb 3f8dfad320a584e76e35e3f49a16f8ea2d73482cc63150e38bea3ef76b56ed32 146504 libradare2-dev_1.1.0+dfsg-3_amd64.deb ca64bf1f344384e1a87a23db6a0fb96d6ddebbe963fd848cae242d9e2fe68df7 294944 radare2-dbgsym_1.1.0+dfsg-3_amd64.deb 720dc6a9256c0c3e99e7c72cf15f622639a20d155d29fdd885362ec670631b0f 8319 radare2_1.1.0+dfsg-3_amd64.buildinfo 7d0635966e0b4020b90716623667c63b04b8a4619914253e4dd30ff5dfe9dda5 151500 radare2_1.1.0+dfsg-3_amd64.deb Files: 402d53d96d9bcc71213b6484bc677450 2234 devel extra radare2_1.1.0+dfsg-3.dsc 3b4810720cb4f981e029d6c8de038bb1 22136 devel extra radare2_1.1.0+dfsg-3.debian.tar.xz b78af8d980501a71a7b184f522e92db2 8646280 debug extra libradare2-1.1-dbgsym_1.1.0+dfsg-3_amd64.deb 39d8895d4cf176c878bd98db1b1530c6 2055308 libs extra libradare2-1.1_1.1.0+dfsg-3_amd64.deb b77d89db78dcd067d16df1dd0ee45165 521830 devel extra libradare2-common_1.1.0+dfsg-3_all.deb 72fe501a22c4c18987372cbf4aaa8c4a 146504 libdevel extra libradare2-dev_1.1.0+dfsg-3_amd64.deb f234b38ee8bbf5b25ab550aa859eceff 294944 debug extra radare2-dbgsym_1.1.0+dfsg-3_amd64.deb ec0b5df8ae6d3ffc6f1638ff970c6700 8319 devel extra radare2_1.1.0+dfsg-3_amd64.buildinfo 78fc7badef976a86a7374835335e2a89 151500 devel extra radare2_1.1.0+dfsg-3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYuQEUAAoJENju1/PIO/qa0qcP/2Pyuvaucwff3B7U+tXm9JmP Mf8Xce/gdzPt4W3MvMwJMFz6omX8stHy3lMziawd9FbALy/XiLmS81pHu68t4YY8 eafYKU5KIWNn8HXXPcHGRe1bR9wx8NwHUlKJf6kfiGwN9FXmJWnrI6ABdYgFJ1br 1Xej6y1qyOtclXLHymntfh9xCek6oiLiOWX+2HXu0QHI56juWZUXTCZ7Uk4TnpTR IU3Hx/uZk+dAw9O5TavTBRma/yelzxVeALmhgECAwlzEZurrZPp1C4IjflrgxKKH dV6y50pA8w1pSdfQCWH1IccciPR5Berwf8QS2PAI11r8H8t4sk4BzNcrJqCUGlPs SnsZ4WLYsq2AqsNdOtUKIjqPTs+WCKv4cJPZ80oK+QbgxfHwM1SZN8KroErx7m9X 7hS5+hENmJRVqfjlr8QXBN/X+amqqU2zxbmybHwEr2eqpzAjiMElV5tUEdkdFKwx nUR0wIbOIoer9fSQzwgQ+iW2rgK6zRpzeQgtX27bpKBqFYXrNmYH3SMUutSgMaks gdjGTBk6o4WTR2sLyoNZHffGOaJZtpglL2fYi78oSiXo+D+8CSz9QZ07SKlLi9kZ Psebt24i1eIXQh3w5DnI51bpiPME3lVNzsSng4wF29H8CYhp+M9EsLNzMBytqK3b cuMz8j4Rsiqk/7tuERlG =urXq -----END PGP SIGNATURE-----