Debian Package Tracker

From: Jordi Mallach <jordi@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted libytnef 1.5-6+deb8u1 (source amd64) into proposed-updates->stable-new, proposed-updates
Date: Sat, 27 May 2017 12:33:36 +0000
Signed by: Jordi Mallach i Pérez <jordi@mallach.net>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 04 May 2017 09:26:53 +0200
Source: libytnef
Binary: libytnef0 libytnef0-dev
Architecture: source amd64
Version: 1.5-6+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Jordi Mallach <jordi@debian.org>
Description:
 libytnef0  - improved decoder for application/ms-tnef attachments
 libytnef0-dev - improved decoder for application/ms-tnef attachments
Changes:
 libytnef (1.5-6+deb8u1) jessie-security; urgency=high
 .
   * Security upload.
   * Fixes for the following vulnerabilities:
     [CVE-2017-6298] Null pointer dereference
     [CVE-2017-6299] Infinite loop / DoS in TNEFFillMapi function
     [CVE-2017-6300] Buffer overflow
     [CVE-2017-6301] Out of bounds read
     [CVE-2017-6302] Integer overflow
     [CVE-2017-6303] Invalid write and integer overflow
     [CVE-2017-6304] Out of bounds read
     [CVE-2017-6305] Out of bounds read and write
     [CVE-2017-6306] Directory traversal in SanitizeFilename function
     [CVE-2017-6800] Invalid memory access (heap overrun) in handling
                     LONG data types
     [CVE-2017-6801] Missing check for fields of size 0
     [CVE-2017-6802] Potential buffer overrun in compressed RTF streams
Checksums-Sha1:
 c6cd0693a20746cda406a942f9dd91712d5f2102 1824 libytnef_1.5-6+deb8u1.dsc
 c3ab7daacea5cfff69c57c6b58ca6c160a9e2df6 221312 libytnef_1.5-6+deb8u1.debian.tar.xz
 9db077b2b748490a11cbf837aa0a600b2a5c259e 20580 libytnef0_1.5-6+deb8u1_amd64.deb
 9a1b8345d977228aae585999a79fe123730cfe45 24820 libytnef0-dev_1.5-6+deb8u1_amd64.deb
Checksums-Sha256:
 1ab649652d1943df6443bdaba666ade26999f60f6a6621bdcbe571fad84370f7 1824 libytnef_1.5-6+deb8u1.dsc
 4b5969bbedefdabfd2793fe7ca345f78025e2e3fa239bdda9139a1a5ec837b46 221312 libytnef_1.5-6+deb8u1.debian.tar.xz
 07ea31453c25400160149d21a3125885dccbfc88a73120bf36136e486dd4ec01 20580 libytnef0_1.5-6+deb8u1_amd64.deb
 c9d50e49fe17f487597fefe02ece8a15b3ac8fdb7631ab2cbe67b181ae4d2714 24820 libytnef0-dev_1.5-6+deb8u1_amd64.deb
Files:
 1041938562ea4612eccd5617895da2e1 1824 utils extra libytnef_1.5-6+deb8u1.dsc
 ca4231e2fd8c661aa35c39ba9b711e10 221312 utils extra libytnef_1.5-6+deb8u1.debian.tar.xz
 c0fee47728a8bcc84cb4331d1cff339c 20580 libs extra libytnef0_1.5-6+deb8u1_amd64.deb
 ecec2bf0653bec81b833f215c9525af4 24820 libdevel extra libytnef0-dev_1.5-6+deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE6BdUhsApKYN8KGoWJVAvb8vjywQFAlkK2rwACgkQJVAvb8vj
ywSlUQ//euIQfiZO0Kt+3YIo6/DxK+YC2BRC9YluWAkgB7rNYtchr9YB07meHKaz
CxShraqEY70Qzrxg3Z19T0QvkY9qziHxY208BPRMF1rlwtibGpTmYDeL4aFwJgo9
aa1JC/Y1J2nZz/waUiqDex1RT9b0iehvK04QE8ui0s+fOwKrc9M3CZN/l0y0kKxw
8rhxNM3IelOud1cGHKZsavIzoWhXg19ePiSMZWxMiSRKgiadyzqJoJOJ1W3LBKzz
l96JPGVBdRZ2ZYFMSN+FtWrYtoeLl/jW6Yh+MA5hglFRp3jLcX9ZZ5o4SErOpZmF
KKK7s1U1ZcCfYGM/1qONgZUiDnDNLGM8GK6kAkVCUIS/R75+tBnXDmWJaFlYR7a+
YPPUe+rcJx3bHd6pNccPqj0RCCzTkUGmmi/4gdRjE2oI5qeIEzuOA8YFGO2U0pCT
Z+RnSihAnv5wNqJrUQJpjtJOp9seLRiabd9wULJbcfJ4qDeMAvUQ0Xt8OlYT5Wjx
/FBtQyfjnqYOqPsqLMEZIPhsz0f6JABSlTwiIv+eTDGLdcOZNQvtXdHxVvwvs+jO
LIwR3hrsxchQsimyhlu/uHg85/Iyw+9nk0r5g6H+HNrUGxwyEEsw0ywyN8nnlMQO
WS9IDVDQVR+KkW9uc32ziMkvUb5Sk1IpHAiOlpe673CVh0SQB2A=
=6O79
-----END PGP SIGNATURE-----
News for package libytnef
