Debian Package Tracker

From: Salvatore Bonaccorso <carnil@debian.org>
To: <>
Subject: Accepted procps 2:3.3.12-3+deb9u1 (source) into stable->embargoed, stable
Date: Tue, 22 May 2018 15:36:19 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 17 May 2018 12:56:41 +0200
Source: procps
Binary: procps libprocps6 libprocps-dev
Architecture: source
Version: 2:3.3.12-3+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Craig Small <csmall@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description: 
 libprocps-dev - library for accessing process information from /proc
 libprocps6 - library for accessing process information from /proc
 procps     - /proc file system utilities
Changes:
 procps (2:3.3.12-3+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * top: Do not default to the cwd in configs_read(). (CVE-2018-1122)
   * ps/output.c: Fix outbuf overflows in pr_args() etc. (CVE-2018-1123)
   * proc/readproc.c: Fix bugs and overflows in file2strvec(). (CVE-2018-1124)
   * pgrep: Prevent a potential stack-based buffer overflow (CVE-2018-1125)
   * proc/alloc.*: Use size_t, not unsigned int. (CVE-2018-1126)
Checksums-Sha1: 
 c147a45e28d2f7427086c6016e446db1a995073d 2333 procps_3.3.12-3+deb9u1.dsc
 ff473ea8b3bc995b5caa4e68819e8a35cc565a16 840540 procps_3.3.12.orig.tar.xz
 8a23e3f3a0395015cdecbdd01b99ba5904e2d7af 33320 procps_3.3.12-3+deb9u1.debian.tar.xz
Checksums-Sha256: 
 0a9977b3577de224b4db2c957d8825faca13e131bd79daace4a9f3b4cbdeb067 2333 procps_3.3.12-3+deb9u1.dsc
 042fcc93e1850aee4c193c51c03f369293fb64fe47e37b38852be6693d12a3af 840540 procps_3.3.12.orig.tar.xz
 2645283a93fe698eb93a560ee0fd8897ecc7a8997bb65e2e1537f91dc788e3e7 33320 procps_3.3.12-3+deb9u1.debian.tar.xz
Files: 
 09f3d548c71a804053c3148e107e5cbd 2333 admin important procps_3.3.12-3+deb9u1.dsc
 8816d9cb9b860a2b5256cd6f48618ddb 840540 admin important procps_3.3.12.orig.tar.xz
 9b078e78fddd43cc5ff2df66873633b7 33320 admin important procps_3.3.12-3+deb9u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlr9s5RfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EdHwQAKKrKCr3Gf0k6zQtpp2RIunP4zM5Qs1G
GDlwcDixxTdVYSezvDbUGAS4mEnfIPfpDPoomeoflimqq3Uh+K0b5hl8yKUwcYSt
NVMa7DZ++sq4Puj3xOehf8xDJm7qyp65NWJb0LpwsFYEyPA7JcXKpSUCzZw4K+Sl
BsqDHg+fpWXTO2cLMqd2XUByOeBvO5lAbVuer+neYXRS8wRON30vCSEADUU/qwRZ
mWQVvCE5O1OeppEhvt3oYHIr0gpY5xUo3lpzBEqlNk4W6CcvPSiNGqZRM2S2WdDJ
zWDY3QcMaBw8gwtke0CbQl40YJY8qwyMJb+DlK1hANz+M9/b2yZ6iRLY9yv0JdL1
5KTlUIJ5SogJiHHjhHx7yTKqqmgSCRrFVXuvsgDxSSW5vy95D7zIxK5h2t+LZYwQ
+ApT4JPOU276SS4RxBiXBAcpYga9t9YzM/iJRejR1hFwah9D/qRSnontRMPjsBm+
zYFdVyuYQaFUS2e+BVY6s/v0EX9xprP2XeXj0CpxFxPtvty2m0kpHmEr/CN6nALy
OB5BRSYwzhfkJywFf7sLgB5aKl4tqgJql4ttZkU6WjrxEZIPwAI+LhLh4CIjjy+H
FXkxxUbv6TwwW35uy1H7np7elHLQj7cbHnamo8UwEOLPEeTvijPgaNceYrUdxnb2
GpByc7mWxYey
=kDh4
-----END PGP SIGNATURE-----
News for package procps
