[ubuntu/jammy-proposed] xz-utils 5.2.5-2ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Fri Apr 8 13:55:50 UTC 2022 

xz-utils (5.2.5-2ubuntu1) jammy; urgency=medium

  * SECURITY UPDATE: arbitrary file overwrite or code execution with
    crafted file names
    - debian/patches/CVE-2022-1271.patch: fix escaping of malicious
      filenames in src/scripts/xzgrep.in.
    - CVE-2022-1271

Date: Fri, 08 Apr 2022 08:51:38 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/xz-utils/5.2.5-2ubuntu1
-------------- next part --------------
Format: 1.8
Date: Fri, 08 Apr 2022 08:51:38 -0400
Source: xz-utils
Built-For-Profiles: noudeb
Architecture: source
Version: 5.2.5-2ubuntu1
Distribution: jammy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 xz-utils (5.2.5-2ubuntu1) jammy; urgency=medium
 .
   * SECURITY UPDATE: arbitrary file overwrite or code execution with
     crafted file names
     - debian/patches/CVE-2022-1271.patch: fix escaping of malicious
       filenames in src/scripts/xzgrep.in.
     - CVE-2022-1271
Checksums-Sha1:
 77366d250b73ddc03efd24927eb109b16367f265 2593 xz-utils_5.2.5-2ubuntu1.dsc
 f50621054f6ed0ce76d7ed0ce2440805d21f1f16 35108 xz-utils_5.2.5-2ubuntu1.debian.tar.xz
 68ab3881eb75bf83e966bb241586a66c881c76b3 6291 xz-utils_5.2.5-2ubuntu1_source.buildinfo
Checksums-Sha256:
 f7072f3768e3da721040c019748ebfa71c668e21f82f87a053fd2059c409c0e6 2593 xz-utils_5.2.5-2ubuntu1.dsc
 e5dff6c1e4d0a77a8771b62fd67788b95525a5093bbf27e62fac52f55bc1978b 35108 xz-utils_5.2.5-2ubuntu1.debian.tar.xz
 4c879421397f35873a6288ff9d3abeefad0307a242015537975c7909ef0859a0 6291 xz-utils_5.2.5-2ubuntu1_source.buildinfo
Files:
 5a83e60805a000dff7e7a6f3eb04952d 2593 utils optional xz-utils_5.2.5-2ubuntu1.dsc
 ab1ee36cc5bf0e4e522115758bd9fffd 35108 utils optional xz-utils_5.2.5-2ubuntu1.debian.tar.xz
 b4c5af6526af1595b7b3cca745e18da9 6291 utils optional xz-utils_5.2.5-2ubuntu1_source.buildinfo
Original-Maintainer: Jonathan Nieder <jrnieder at gmail.com>

More information about the jammy-changes mailing list