Debian Package Tracker
Register | Log in
Subscribe

upx-ucl

efficient live-compressor for executables

Choose email to subscribe with

general
  • source: upx-ucl (main)
  • version: 4.2.4-1.1
  • maintainer: Robert Luberda (DMD)
  • arch: any
  • std-ver: 4.7.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 3.95-1
  • oldstable: 3.96-2
  • old-sec: 3.96-2+deb11u1
  • stable-bpo: 4.2.2-3~bpo12+1
  • testing: 4.2.4-1.1
  • unstable: 4.2.4-1.1
versioned links
  • 3.95-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.96-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.96-2+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.2.2-3~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.2.4-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • upx-ucl (2 bugs: 0, 2, 0, 0)
action needed
A new upstream version is available: 5.0.1 high
A new upstream version 5.0.1 is available, you should consider packaging it.
Created: 2025-02-23 Last update: 2025-05-21 23:31
2 security issues in buster high

There are 2 open security issues in buster.

1 important issue:
  • CVE-2024-3209: A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects the function get_ne64 of the file bele.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259055. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
1 issue postponed or untriaged:
  • CVE-2023-23456: (needs triaging) A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file.
Created: 2024-04-05 Last update: 2024-04-05 21:00
lintian reports 1 error high
Lintian reports 1 error about this package. You should make the package lintian clean getting rid of them.
Created: 2024-01-19 Last update: 2024-01-19 11:36
1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:
  • CVE-2023-23456: A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file.
Created: 2023-01-13 Last update: 2023-04-13 21:09
1 bug tagged patch in the BTS normal
The BTS contains patches fixing 1 bug, consider including or untagging them.
Created: 2025-01-06 Last update: 2025-05-22 02:01
Build log checks report 1 warning low
Build log checks report 1 warning
Created: 2024-01-12 Last update: 2024-01-12 03:19
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.7.0).
Created: 2025-02-21 Last update: 2025-04-16 07:27
news
[rss feed]
  • [2025-04-26] upx-ucl 4.2.4-1.1 MIGRATED to testing (Debian testing watch)
  • [2025-04-16] Accepted upx-ucl 4.2.4-1.1 (source) into unstable (Matheus Polkorny) (signed by: Carlos Henrique Lima Melara)
  • [2024-12-11] Accepted upx-ucl 3.96-2+deb11u1 (source) into oldstable-security (Sylvain Beucler)
  • [2024-09-02] upx-ucl 4.2.4-1 MIGRATED to testing (Debian testing watch)
  • [2024-08-30] Accepted upx-ucl 4.2.4-1 (source) into unstable (Robert Luberda)
  • [2024-04-23] Accepted upx-ucl 4.2.2-3~bpo12+1 (source amd64) into stable-backports (Debian FTP Masters) (signed by: Boyuan Yang)
  • [2024-01-21] upx-ucl 4.2.2-3 MIGRATED to testing (Debian testing watch)
  • [2024-01-19] Accepted upx-ucl 4.2.2-3 (source) into unstable (Robert Luberda)
  • [2024-01-12] Accepted upx-ucl 4.2.2-2 (source) into unstable (Robert Luberda)
  • [2024-01-11] Accepted upx-ucl 4.2.2-1 (source) into unstable (Robert Luberda)
  • [2023-05-11] upx-ucl REMOVED from testing (Debian testing watch)
  • [2021-10-16] upx-ucl 3.96-3 MIGRATED to testing (Debian testing watch)
  • [2021-10-14] Accepted upx-ucl 3.96-3 (source) into unstable (Robert Luberda)
  • [2020-06-07] upx-ucl 3.96-2 MIGRATED to testing (Debian testing watch)
  • [2020-06-05] Accepted upx-ucl 3.96-2 (source) into unstable (Robert Luberda)
  • [2020-03-08] Accepted upx-ucl 3.96-1 (source) into unstable (Robert Luberda)
  • [2019-08-05] upx-ucl 3.95-2 MIGRATED to testing (Debian testing watch)
  • [2019-07-29] Accepted upx-ucl 3.95-2 (source amd64) into unstable (Robert Luberda)
  • [2018-08-31] upx-ucl 3.95-1 MIGRATED to testing (Debian testing watch)
  • [2018-08-28] Accepted upx-ucl 3.95-1 (source amd64) into unstable (Robert Luberda)
  • [2018-08-10] upx-ucl 3.94-5 MIGRATED to testing (Debian testing watch)
  • [2018-08-05] Accepted upx-ucl 3.95~git20180805-1 (source amd64) into experimental (Robert Luberda)
  • [2018-08-05] Accepted upx-ucl 3.94-5 (source amd64) into unstable (Robert Luberda)
  • [2017-12-28] upx-ucl 3.94-4 MIGRATED to testing (Debian testing watch)
  • [2017-12-22] Accepted upx-ucl 3.94+git20171222-1 (source amd64) into experimental (Robert Luberda)
  • [2017-12-22] Accepted upx-ucl 3.94-4 (source amd64) into unstable (Robert Luberda)
  • [2017-09-07] upx-ucl 3.94-3 MIGRATED to testing (Debian testing watch)
  • [2017-09-01] Accepted upx-ucl 3.94-3 (source amd64) into unstable (Robert Luberda)
  • [2017-08-10] Accepted upx-ucl 3.94+git20170810-1 (source) into experimental (Robert Luberda)
  • [2017-08-09] Accepted upx-ucl 3.94+git20170809-1 (source) into experimental (Robert Luberda)
  • 1
  • 2
bugs [bug history graph]
  • all: 3
  • RC: 0
  • I&N: 3
  • M&W: 0
  • F&P: 0
  • patch: 1
links
  • homepage
  • lintian (1, 0)
  • buildd: logs, checks, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
  • debian patches
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 4.2.4-1.1
  • 1 bug

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing