-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 13 Jul 2017 00:05:39 +0200 Source: radare2 Binary: radare2 libradare2-1.6 libradare2-dev libradare2-common Architecture: source amd64 all Version: 1.6.0+dfsg-1 Distribution: unstable Urgency: medium Maintainer: Sebastian Reichel <sre@debian.org> Changed-By: Sebastian Reichel <sre@debian.org> Description: libradare2-1.6 - libraries from the radare2 suite libradare2-common - arch independent files from the radare2 suite libradare2-dev - devel files from the radare2 suite radare2 - free and advanced command line hexadecimal editor Closes: 864533 866068 867369 Changes: radare2 (1.6.0+dfsg-1) unstable; urgency=medium . * New upstream release - Fix for CVE-2017-9520 (Closes: #864533) The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted DEX file. - Fix for CVE-2017-9949 (Closes: #866068) The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GNU GRUB 2.02. - Fix for CVE-2017-10929 (Closes: #867369) The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a read overflow in the grub_disk_read_small_real function in kern/disk.c in GNU GRUB 2.02. * Switch to Debian Standard Version 4.0.0 Checksums-Sha1: f25629c512dc8223b9c1a004a4119fe9c02147ec 2269 radare2_1.6.0+dfsg-1.dsc 3b6f2fe3d50927c6b7a3a4bf5daa1415ca5ba740 3348948 radare2_1.6.0+dfsg.orig.tar.xz 79bde54afc0e1aefbe9ba8a8787dbbd8d981f358 13176 radare2_1.6.0+dfsg-1.debian.tar.xz 629f52dfc9a1beb871a5873df4219e0e7191e5cb 9448094 libradare2-1.6-dbgsym_1.6.0+dfsg-1_amd64.deb aa4ec388797efa1c933ed4498ddabd7b36058478 2306342 libradare2-1.6_1.6.0+dfsg-1_amd64.deb fc71f2d5ff7056055a9df9e6027104cadba3503f 518092 libradare2-common_1.6.0+dfsg-1_all.deb f8adbde6b6fed4280ba6a9843870efc84c914728 147284 libradare2-dev_1.6.0+dfsg-1_amd64.deb 1f2f4b27b05b8cb5d73bc7f73c9a5829a214c523 308990 radare2-dbgsym_1.6.0+dfsg-1_amd64.deb c3613185d451953beb429249ad63b4b97a97ed00 8593 radare2_1.6.0+dfsg-1_amd64.buildinfo 3dbd414e8129d9261ad97b3cabb1789cf5f73b29 155298 radare2_1.6.0+dfsg-1_amd64.deb Checksums-Sha256: 9ac2103cba025194890923f715a5e37dbee6de90c5ad04840e89a94b3141edb3 2269 radare2_1.6.0+dfsg-1.dsc e7e36a11fec2b1ed1c3188b2e44d4aa2e61f7d3dcb9def8e3107be4fdf93375e 3348948 radare2_1.6.0+dfsg.orig.tar.xz 1e7be220b97c41d35f3082b894dd7a3b3dc32a52dab72a84de80823712450901 13176 radare2_1.6.0+dfsg-1.debian.tar.xz 07b85797580ec56f5d46d5c639640abc5dbbb628b22c176f61a8cace6eebdc9c 9448094 libradare2-1.6-dbgsym_1.6.0+dfsg-1_amd64.deb 74be59ad793313487d13692a9ae034cc020e222eb53105c48b390b295f0a1a97 2306342 libradare2-1.6_1.6.0+dfsg-1_amd64.deb 7d1f049558926cd93fa126488f903c8b8295524119eee05c67dd9e0eebe659ed 518092 libradare2-common_1.6.0+dfsg-1_all.deb 1d927aa74215213deeda33cbc56d7416fadc6661bb3d92007214ee4e3495191c 147284 libradare2-dev_1.6.0+dfsg-1_amd64.deb 110f2b03201bf62b9646a60b6b72671422a0ed03d70eb6bb987c0a0c7e3a7896 308990 radare2-dbgsym_1.6.0+dfsg-1_amd64.deb f8377e2df3f27540ce53b64b1ed9c4eb8357df501c246c677a440d7ad4ac20e0 8593 radare2_1.6.0+dfsg-1_amd64.buildinfo 753346ef1cb6f3e4574d56f97902f10b910b8444a3f017c56a9a601c6a32bfe8 155298 radare2_1.6.0+dfsg-1_amd64.deb Files: c46f610d786d0aa925667446b17963cb 2269 devel extra radare2_1.6.0+dfsg-1.dsc 1b0161b67340ee9cab038bf5acdeaa37 3348948 devel extra radare2_1.6.0+dfsg.orig.tar.xz 40ac8ee72b16bc8fbd21f1aa09c340e6 13176 devel extra radare2_1.6.0+dfsg-1.debian.tar.xz 6f8082a8bdf4829764ce17583d0231fe 9448094 debug extra libradare2-1.6-dbgsym_1.6.0+dfsg-1_amd64.deb 583ec606496c7c3727fa9c4ce29fb1d2 2306342 libs extra libradare2-1.6_1.6.0+dfsg-1_amd64.deb d6dff180416f721d5fe28485615f40b2 518092 devel extra libradare2-common_1.6.0+dfsg-1_all.deb 0089cf5ec1e4047cee14433d85d1c87d 147284 libdevel extra libradare2-dev_1.6.0+dfsg-1_amd64.deb a6d51b171427e410416118c4c47213ec 308990 debug extra radare2-dbgsym_1.6.0+dfsg-1_amd64.deb 2c714db5f8fdb7e55716397de17209c6 8593 devel extra radare2_1.6.0+dfsg-1_amd64.buildinfo 12131b43dc8bd2ed1264e077a9a233b9 155298 devel extra radare2_1.6.0+dfsg-1_amd64.deb -----BEGIN PGP SIGNATURE----- iQJDBAEBCAAtFiEE72YNB0Y/i3JqeVQT2O7X88g7+poFAllnKaAPHHNyZUBkZWJp YW4ub3JnAAoJENju1/PIO/qa4CUQAIj0zSofXfGCJe5hxEshYFtX55mJDCLJehGY rxRuTMyZyRVr3CwF8GAy0oEG0wfltBeiO2xjpHU45JwsbGVDlUy/fxZUw2FO9vZf XJVJmWlpE8xlqrKHs6D+LsxsRcnkpMXF/V9zJODrdP+phx2OCdN0SSrav+wyXmdn F4aJMU2MaAZXlSfskX76QxIJxb5q9WHI1iAphyYwLx7Z83C2f8SxhtVsIQ2cCCMn MlXReUzjBoPn61P8fACghLNcDfZPbGouU8tS65jhN8mKKDnCwxiKn3xIGuNmPNdD kt9xX9G0wcbv/y7kKMULfxh2Vo8c8LVVqOm/EStWYv5g4Z5Q2ZXhJ8PnT+8x/JM/ zeoh1VOceVntFFMGqjS8GineNr/ifUOHsqz+84eilycrsV9Sai5+nryyI7RFEM9Z GF9luSUFfTZjCeef0RO7qBonJ3i5qn5StFbzeVDk++IhG/yWS5app1ahnQqOw7T2 Vkp3tksl3orf4rO9NFvG6zz/2XFFFl5tiXlpOiGegTmssZ3O79mWMsOeSGbH4bb4 WxX09vvJrXGQKCfhVdDLxB8wyabMrSFEtfzkGYOdAPv0ZNbQWfs6wLMZfL9v1uYz VOmZ+GYk2zgEMnNcRWhcdvulbvqIyqherkPeQcOSpfAALvxVlWoU5bL00oKHvQ6O 33Fu96n1 =oteU -----END PGP SIGNATURE-----
