Accepted zip 2.30-6ubuntu1 (source)
Martin Pitt
martin.pitt at canonical.com
Fri Nov 5 07:50:01 CST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 5 Nov 2004 14:43:59 +0100
Source: zip
Binary: zip
Architecture: source
Version: 2.30-6ubuntu1
Distribution: hoary
Urgency: low
Maintainer: Santiago Vila <sanvila at debian.org>
Changed-By: Martin Pitt <martin.pitt at canonical.com>
Description:
zip - Archiver for .zip files
Changes:
zip (2.30-6ubuntu1) hoary; urgency=low
.
* SECURITY UPDATE: fix buffer overflow that might be exploited to run
attacker provided code on systems which automatically generate ZIP
archives with very long file names.
* unix/unix.c, filetime(); the input parameter string was copied into a
fixed-length buffer without checking; now exit with an appropriate error
message if the string is too long.
* References:
http://lists.netsys.com/pipermail/full-disclosure/2004-November/028379.html
CAN-2004-1010
Files:
6d3238f6eaaea11209b16c2aa0b455fd 522 utils optional zip_2.30-6ubuntu1.dsc
0040582e83df56a4b171203cba7a6816 15677 utils optional zip_2.30-6ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBi4PLDecnbV4Fd/IRAoQ4AJ0Yf7ODJ+yyBTrZkcpWu11eOK+XEQCfZUsP
3miBbRnjc79RJhUvqfOydTE=
=sYhT
-----END PGP SIGNATURE-----
Accepted:
zip_2.30-6ubuntu1.diff.gz
to pool/main/z/zip/zip_2.30-6ubuntu1.diff.gz
zip_2.30-6ubuntu1.dsc
to pool/main/z/zip/zip_2.30-6ubuntu1.dsc
More information about the hoary-changes
mailing list