-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 08 Sep 2017 09:30:27 +0100 Source: libarchive Binary: libarchive-dev libarchive12 bsdtar bsdcpio Architecture: source amd64 Version: 3.0.4-3+wheezy6+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian Libarchive Maintainers <ah-libarchive@debian.org> Changed-By: Chris Lamb <lamby@debian.org> Description: bsdcpio - Implementation of the 'cpio' program from FreeBSD bsdtar - Implementation of the 'tar' program from FreeBSD libarchive-dev - Multi-format archive and compression library (development files) libarchive12 - Multi-format archive and compression library (shared library) Closes: 874539 Changes: libarchive (3.0.4-3+wheezy6+deb7u1) wheezy-security; urgency=high . * CVE-2017-14166: Prevent remote attackers from causing a denial of service via a heap-based buffer over-read using a specially-crafted .xar archive. (Closes: #874539) Checksums-Sha1: e62a855fa552c7296aa556249ef0d18f4b1b5b71 2324 libarchive_3.0.4-3+wheezy6+deb7u1.dsc 81bf817aa512ad67af583c7a2dab79743e418899 3632806 libarchive_3.0.4.orig.tar.gz f0e77067213eddaeefaa8f73733f85cf826f7e38 43609 libarchive_3.0.4-3+wheezy6+deb7u1.debian.tar.gz 1d9991d106619151e15e6a29f0b6c32686854214 475050 libarchive-dev_3.0.4-3+wheezy6+deb7u1_amd64.deb db138697eaf37c35bd7e7f39c53762c6d259ce62 305232 libarchive12_3.0.4-3+wheezy6+deb7u1_amd64.deb 2b30980145a02c9af16efb35d085c81c8dc520f2 55796 bsdtar_3.0.4-3+wheezy6+deb7u1_amd64.deb 65e26a304b3f3117862f172c92e8027745252e9e 42220 bsdcpio_3.0.4-3+wheezy6+deb7u1_amd64.deb Checksums-Sha256: e749bb642fc46ebdfab406ca2a03661bb19b52c2a24d59f7a09218efee34f2e3 2324 libarchive_3.0.4-3+wheezy6+deb7u1.dsc 76e8d7c7b100ec4071e48c1b7d3f3ea1d22b39db3e45b7189f75b5ff4df90fac 3632806 libarchive_3.0.4.orig.tar.gz 1d4bc66bdeb594a2a6f78c0a96da3a490da83a9da7a625ebbc99c1a7036449f5 43609 libarchive_3.0.4-3+wheezy6+deb7u1.debian.tar.gz 9e936d0aed229dd46097e3d8c0fbedcc0ad976f824ab48efb0a4534b94d4a48b 475050 libarchive-dev_3.0.4-3+wheezy6+deb7u1_amd64.deb ef0f4aa50bf3181403d6ca7eb258c1150c9a2d90b3ed447f2ed53502a2651104 305232 libarchive12_3.0.4-3+wheezy6+deb7u1_amd64.deb c21807bd795f39cc3f65e8038a94d989ddb2c071514cedd2d03c4db5542025d5 55796 bsdtar_3.0.4-3+wheezy6+deb7u1_amd64.deb 565b023a5ddb3ed1593cef3d78271374e2d05be1829a91f271a191dbb3747731 42220 bsdcpio_3.0.4-3+wheezy6+deb7u1_amd64.deb Files: 1c9dd0ec6b61e3f4bff39f18be7a8f5e 2324 libs optional libarchive_3.0.4-3+wheezy6+deb7u1.dsc af443ca9a10ddbcbf00f7ae34ca7fc16 3632806 libs optional libarchive_3.0.4.orig.tar.gz e65279ad74e641f3373a1b6c12dfbe8d 43609 libs optional libarchive_3.0.4-3+wheezy6+deb7u1.debian.tar.gz 9c6314fbafd84c6bf61ef15c176104fd 475050 libdevel optional libarchive-dev_3.0.4-3+wheezy6+deb7u1_amd64.deb 1b932e936a72a8202d476a526feb4a5a 305232 libs optional libarchive12_3.0.4-3+wheezy6+deb7u1_amd64.deb 2ac516f46ca2c6f3e1247e0c1c3f82a6 55796 utils optional bsdtar_3.0.4-3+wheezy6+deb7u1_amd64.deb a659aad1eef34812d1d6d5ef75640cbd 42220 utils optional bsdcpio_3.0.4-3+wheezy6+deb7u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlmyWNUACgkQHpU+J9Qx Hli/bQ/+Pry+n7WY7Vy0OdD7PgXYEQ5mVyt562RKRt5TRL2kVVOZ9Zn1jwMLxDUr SkYloIIWlnxVANd36gUcWwphTGccFCVEnhXvEVdIWkVNXahvcmWay7u7hEwq2Ukm 9hCWm95uD9pg06cz7v43MLPzFrJOsHPJffLFzkAWjYqBZDSsiC3DlwF534vFzcrM pe4VRWxA1jEPPiKRCVbzHTzCFZTTnpYmobjOLjiZnwjXAremp4l72PK514AdlJDs ods/94O1JD7ql7TefJJwXLczNYdoFUI3gThGrbw9/3ylxmyYprzHTXAr+DZRyoWy /S4ymW9waxrc2agdHiYUl2brpx/rP7v0Wtj+XY81W0zQE6R2kiNm17OVEWo4ddWz ZhzaFDlaXP9FQW5p+ToCQGg5vapil+yaTuqmiCeU57FgUCmmMUQa1g8SDs1D35ug 6XX6kc9RiotCI+JbWLvvkeF8dkcbe2EkcOSrN2W/paSI9Vdj5PnWxpDVcieXDVyh WUFTD/xZR0ZaSwy7mXxfiLD2ViQVA83I6GFeKV0Vx61fqffIR0hDkQwrMDoYAkLe 0MM5z+h/MwWW3JLUbd62syC50iDZbH/Wtjg0LPuXhTMsfXnfxCO4PxokEZl71hP6 xhiTy0YuTXKKNKXhkKlltJ23JrP/RIVAeK9Ox6/39NnMOVSGZag= =WfRR -----END PGP SIGNATURE-----
