Accepted lha 1.14i-10 (source)

Ubuntu Archive Auto-Sync katie at jackass.ubuntu.com
Fri Feb 4 13:45:23 CST 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Origin: Debian/unstable
Format: 1.7
Date: Fri,  04 Feb 2005 19:16:37 +0000
Source: lha
Binary: lha
Architecture: source
Version: 1.14i-10
Distribution: hoary
Urgency: high
Maintainer: GOTO Masanori <gotom at debian.org>
Changed-By: Ubuntu Archive Auto-Sync <katie at jackass.ubuntu.com>
Description: 
 lha        - lzh archiver
Closes: 277545 279870
Changes: 
 lha (1.14i-10) unstable; urgency=high
 .
   * debian/patch.redhat-sec2: Add one more security patch to fix:
       - CAN-2004-0771 (-w working directory option buffer overflow)
         http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0771
       - CAN-2004-0769 (buffer overflow can be executed arbitrary code
         via long pathnames in headers, another issue of bug fixed in -9)
         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0769
       - CAN-2004-0745 (execute arbitrary commands via a directory with
         shell metacharacters in its name.)
         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0745
       - CAN-2004-0694 (reserved number)
         http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0694
     taken from RedHat patch.  (Closes: #279870)
   * man/lha.n: Fix typo "flie" instead of "file".  (Closes: #277545)
Files: 
 5a57306a67be3f77bfb5ece08374180b 43875 non-free/utils optional lha_1.14i-10.diff.gz
 92158fe6e164862496138a410173a323 546 non-free/utils optional lha_1.14i-10.dsc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iQEVAwUBQgPKFQF4adwMEr3XAQJuEAgAsKSc5BnwsY8yzHODRTWQCgfXylLFQzUx
P7Iiumq+OkXx6BdjseAFJ2j7obZFI6hj5Apxa+a5BPk0V9zkbB9myORnpiQWgri2
Ewz3ljMQuazOqXFEBTQCPq8vQh1Po+RyVrwd140YaDK5/ONwFzv5f0qGowzQPqxl
+Rpyn+oFrFxcAfpy2zGXU2Nf67sEhpNdD+VgbO6+rKVI42j8PUq730Gyi8GEKHEu
6n/vgOviyA7bzqEMTYpf62r8qhFsFjJrcQqmtmusJjFln5JJmtNoI9h7nKLqVzJL
J8IRFxrhStYc0aqtYiZuJTMdRHBBrqHAMCy2YuCbambqO6aAIbM2NQ==
=49In
-----END PGP SIGNATURE-----


Accepted:
lha_1.14i-10.diff.gz
  to pool/multiverse/l/lha/lha_1.14i-10.diff.gz
lha_1.14i-10.dsc
  to pool/multiverse/l/lha/lha_1.14i-10.dsc

More information about the hoary-changes mailing list