Debian Package Tracker

From: Markus Koschany <apo@debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted bchunk 1.2.0-12+deb7u1 (source amd64) into oldoldstable
Date: Thu, 02 Nov 2017 22:30:13 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 02 Nov 2017 15:59:38 +0100
Source: bchunk
Binary: bchunk
Architecture: source amd64
Version: 1.2.0-12+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Praveen Arimbrathodiyil <pravi.a@gmail.com>
Changed-By: Markus Koschany <apo@debian.org>
Description: 
 bchunk     - CD image format conversion from bin/cue to iso/cdr
Changes: 
 bchunk (1.2.0-12+deb7u1) wheezy-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2017-15953, CVE-2017-15954 and CVE-2017-15955.
     bchunk was vulnerable to a heap-based buffer overflow with an resultant
     invalid free when processing a malformed CUE (.cue) file that may lead to
     the execution of arbitrary code or a application crash.
Checksums-Sha1: 
 9d12cb93adc7a031cc6801ebc9cfb1fc41b4e344 1987 bchunk_1.2.0-12+deb7u1.dsc
 a328e4665eb5e51df63d8d27d1d75ecc74bdef9e 15078 bchunk_1.2.0.orig.tar.gz
 7fdd4a8dcbfd7d0e3e7ba1f0c2dc5e27fdf35310 5900 bchunk_1.2.0-12+deb7u1.debian.tar.gz
 f6905962d74399e914ba79b77a5feef76e1d4c4c 15146 bchunk_1.2.0-12+deb7u1_amd64.deb
Checksums-Sha256: 
 332375e9a5ec1eed94c770472b5f0bb465fc47c4ef51f2881dde351cfd0c57df 1987 bchunk_1.2.0-12+deb7u1.dsc
 afdc9d5e38bdd16f0b8b9d9d382b0faee0b1e0494446d686a08b256446f78b5d 15078 bchunk_1.2.0.orig.tar.gz
 0460bc32069d7f9956668f9217fcc9a53fa3b7d8bd7b3fd729726b84f9ae1cdd 5900 bchunk_1.2.0-12+deb7u1.debian.tar.gz
 60947eefa6bc51062c7d1e6abfc16ac2950949df8e358c11c1028c7e9d839afe 15146 bchunk_1.2.0-12+deb7u1_amd64.deb
Files: 
 45bd63660300f226f839549a80ff4707 1987 otherosfs optional bchunk_1.2.0-12+deb7u1.dsc
 6a613da3f34f9a303f202d2e9731d231 15078 otherosfs optional bchunk_1.2.0.orig.tar.gz
 4d7e0e64aa579b98f328c8a2d5342d0a 5900 otherosfs optional bchunk_1.2.0-12+deb7u1.debian.tar.gz
 ff559f24eee87902112bb7218c6b64ea 15146 otherosfs optional bchunk_1.2.0-12+deb7u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAln7malfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk/5kP/RMRVs0iio11QGAcKd0XCBKLz79h9u7Slr3V
7Npf3b3UFAhr9bH93M8T2y5atoKk+jn6QuH+oeMti4jJZD9Q/VwySdg5HUt0qLZW
H5qY/YBrE9i0glgCz3bdh6yQli7YAaRULyzJs+2xTgKasLIsawQvrYD/RBEw+voK
7hUQIz6oGERB7VGKn4wjQT06Ndej/iumht7XmpJEJLncPxLiiomhyDh4Q8q9OFcW
dqjNdAl7qm9dl9DkWnCD5DBMJvSS381H32lWjDKH54DzkQdBrMKpGyjQjVBV/Vw4
6bQOFv2xBYn1yKtQgYWHP3T+Hk3F4JIW2VWaO1H8VBu04h6VZcVm5UCaSvFbZc3z
pQEsyEOa2/yZZsSeHWCp8YlrLudM9Z/eBAip8JhtHHey+6oQuILDr77MAhzuE/r+
hIq4se5NcrvVvSpUjr0x3fqzn0kM1XhTkhHH4hH2K5zxz9fbuGFNZ3gQrvjK0P5Q
Vp0SdLJbBhDGzTPX6Gox7ELjwsI8wEq90zpWfUx45lo2r5MAv1+0KimueOr+2TCd
0Dn+EWEJ0aNJqrI8xYhvemsSR5jQrPW+yw3lz2Tzu6wfxONwtUOHTjk+7mcmO3cj
tOegjg/LyqWlQphqQt4f2kB5ZpRBeeQVJ85EEqMZekyEpTpLUO8dfw0Ox78AgNrL
dD383f59
=EhQn
-----END PGP SIGNATURE-----
News for package bchunk
