[ubuntu/hardy-security] gzip, gzip (delayed) 1.3.12-3.2ubuntu0.1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Wed Jan 20 18:05:35 GMT 2010
gzip (1.3.12-3.2ubuntu0.1) hardy-security; urgency=low
* SECURITY UPDATE: denial of service or possible code execution via
missing input sanitation
- inflate.c: avoid creating undersized hufts table.
- http://git.savannah.gnu.org/cgit/gzip.git/commit/?id=39a362ae9d9b007473381dba5032f4dfc1744cf2
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507263
- CVE-2009-2624
* SECURITY UPDATE: denial of service or possible code execution via
integer underflow
- unlzw.c: prevent integer underflow.
- Patch thanks to Jim Meyering
- CVE-2010-0001
Date: Tue, 19 Jan 2010 16:16:48 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/gzip/1.3.12-3.2ubuntu0.1
-------------- next part --------------
Format: 1.7
Date: Tue, 19 Jan 2010 16:16:48 -0500
Source: gzip
Binary: gzip
Architecture: source
Version: 1.3.12-3.2ubuntu0.1
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
gzip - The GNU compression utility
Changes:
gzip (1.3.12-3.2ubuntu0.1) hardy-security; urgency=low
.
* SECURITY UPDATE: denial of service or possible code execution via
missing input sanitation
- inflate.c: avoid creating undersized hufts table.
- http://git.savannah.gnu.org/cgit/gzip.git/commit/?id=39a362ae9d9b007473381dba5032f4dfc1744cf2
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507263
- CVE-2009-2624
* SECURITY UPDATE: denial of service or possible code execution via
integer underflow
- unlzw.c: prevent integer underflow.
- Patch thanks to Jim Meyering
- CVE-2010-0001
Files:
26bb99c8353a1cea7817da3ac5b72936 690 utils required gzip_1.3.12-3.2ubuntu0.1.dsc
35ac77f9806cfaf89b44ad13f036ebb0 21097 utils required gzip_1.3.12-3.2ubuntu0.1.diff.gz
Original-Maintainer: Bdale Garbee <bdale at gag.com>
More information about the Hardy-changes
mailing list