Accepted unadf 0.7.11a-3+deb7u1 (source amd64) into oldstable

Tue, 20 Sep 2016 20:44:45 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 21 Sep 2016 03:27:21 +0100
Source: unadf
Binary: unadf
Architecture: source amd64
Version: 0.7.11a-3+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Debian QA Group <packa...@qa.debian.org>
Changed-By: Chris Lamb <la...@debian.org>
Description: 
 unadf      - Extract files from an Amiga Disk File dump (.adf)
Closes: 838248
Changes: 
 unadf (0.7.11a-3+deb7u1) wheezy-security; urgency=high
 .
   * CVE-2016-1243: Fix stack buffer overflow caused by blindly trusting on
     pathname lengths of archived files. Stack allocated buffer sysbuf was
     filled with sprintf() without any bounds checking in extracTree() function.
     (Closes: #838248)
 .
   * CVE-2016-1244: Correct execution of unsanitized input. Shell command used
     for creating directory paths was constructed by oncatenating names of
     archived files to the end of the command string. (Closes: #838248)
Checksums-Sha1: 
 615aee980f21ef85ed80098407ab76a0a8036a85 1700 unadf_0.7.11a-3+deb7u1.dsc
 63c05f97302ff67f5d7ff2d9e33f9a66196f9578 209458 unadf_0.7.11a.orig.tar.gz
 040ce52a550612474ac0d8e3af5169429e6b48ad 21762 
unadf_0.7.11a-3+deb7u1.debian.tar.gz
 4bd6b2041f4d1c7431ae20503b2a335168f1ace0 119676 
unadf_0.7.11a-3+deb7u1_amd64.deb
Checksums-Sha256: 
 db4a5a7defcec018da390d90f58710ba0d5f59f33b16450e0407f3d2866c1576 1700 
unadf_0.7.11a-3+deb7u1.dsc
 fa9e0e34b1b0f4f4287905a3d485e3bba498451af98d6c12be87ab3a2b436471 209458 
unadf_0.7.11a.orig.tar.gz
 ed723ed04624b6337d42e47ce40217bc218c7be64098fe0ba316b5d01a91a841 21762 
unadf_0.7.11a-3+deb7u1.debian.tar.gz
 7f415e272a7105734f7102bd8ceb42c2700672d41803a2aadf213490edcd5336 119676 
unadf_0.7.11a-3+deb7u1_amd64.deb
Files: 
 613e73c52d252e3e0fd426c8c8f320bd 1700 utils optional unadf_0.7.11a-3+deb7u1.dsc
 63c21eeb61e1473d8dd214e0b39cb819 209458 utils optional 
unadf_0.7.11a.orig.tar.gz
 32c3c4f104526bbea523dfbbd942dd9b 21762 utils optional 
unadf_0.7.11a-3+deb7u1.debian.tar.gz
 a601b5f46efde3fe46553db1372646a6 119676 utils optional 
unadf_0.7.11a-3+deb7u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJX4fzCAAoJEB6VPifUMR5Yi3sP/2KLZIcRXBxGEcl9gQqWPtqo
v8goh1o4qGXTkPyxuLEt4CHCadEFUa5xlMFlvXu8HYklFqXAxlNHJqEWwDqNvTmH
6Vvsy4/CsCKVEVhjbbhw1uIulJ1NqKmZ2weHrEJLmQnbFs98heqWktqKuCU5qu5z
eAes9BJzE644Ag6PxNrp4s8LB/ZPUHQCzKdeXQT0vbV30s5OiB5PXH7OUc+3gQfC
vZJtTQ/5qE7JYkI0oyffe6G2hLDbzy4tWyUuKaATXyMwGgB2Y90W8wQHcYX+0AFJ
p/Nm1cL46cwzl0xpg0A0gRDoS9VKwy4yVkTWGLRChw8wbSWn7Qze/DET82/fyuco
d53/9HydBtgAEwrOHCcdxafGJ90Hv1uUXWAPcysnJMif43XC1JcfzrAJu86IaIW0
BkHH3MKj1EcH0WqC3O7MQ96iTi6z0LAcThSN8J7+yxEPqrU/iLQXMhQciMgsrgJd
+VO4plwn1ETD7MYWLWuRGLoiTGv6lRVrj3XTTobtDhbr3ZTGrOwVX7XPwhf57HQ2
7YgE5UKH2veKmU9btWBmPPsdevNCSQe9cDEg6Ief8OalfjqDNDqqc+YfShZPQZVP
WgrhWMunGMzG6rF8umICNJ2KbwW6g0TflY+LqM0SevBi/ZK8wTE+Elvmns9iW3T+
T0y4cq4UOuVTm1qfdHHW
=NX4b
-----END PGP SIGNATURE-----

Reply via email to