[Bug 238620] [NEW] Please sync unzip 5.52-11 (main) from Debian unstable (main).

Launchpad Bug Tracker 238620 at bugs.launchpad.net
Mon Jun 9 18:03:29 BST 2008


You have been subscribed to a public bug by Kees Cook (kees):

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 affects ubuntu/unzip
 status confirmed
 importance wishlist
 subscribe ubuntu-archive

Please sync unzip 5.52-11 (main) from Debian unstable (main).


Explanation of the Ubuntu delta and why it can be dropped:

Security fixes applied upstream.

Changelog since current intrepid version 5.52-10ubuntu2:

unzip (5.52-11) unstable; urgency=high

  * Apply patch from Tavis Ormandy to address invalid free() calls in
    the inflate_dynamic() function (CVE-2008-0888).

 -- Santiago Vila <sanvila at debian.org>  Thu, 20 Mar 2008 17:53:00 +0100


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Kees Cook <kees at outflux.net>

iEYEARECAAYFAkhNYboACgkQH/9LqRcGPm2cLQCdF8C6VcbmWkrdZPapC7jVBqlg
V64AnApTj8Dqi3c/YQnGZSR9+hlUL2wQ
=zQOC
-----END PGP SIGNATURE-----

** Affects: unzip (Ubuntu)
     Importance: Wishlist
         Status: Confirmed

-- 
Please sync unzip 5.52-11 (main) from Debian unstable (main).
https://bugs.launchpad.net/bugs/238620
You received this bug notification because you are a member of Ubuntu Package Archive Administrators, which is a direct subscriber.



More information about the ubuntu-archive mailing list