[ubuntu/vivid-proposed] unzip 6.0-13ubuntu3 (Accepted)

[Marc Deslauriers]

unzip (6.0-13ubuntu3) vivid; urgency=medium

  * SECURITY UPDATE: heap overflow in charset_to_intern()
    - debian/patches/20-unzip60-alt-iconv-utf8: updated to fix buffer
      overflow in unix/unix.c.
    - CVE-2015-1315
  * SECURITY REGRESSION: regression with executable jar files
    - debian/patches/09-cve-2014-8139-crc-overflow: updated to fix
      regression.
  * SECURITY REGRESSION: regression with certain compressed data headers
    - debian/patches/12-cve-2014-9636-test-compr-eb: updated to fix
      regression.

Date: Tue, 17 Feb 2015 14:22:58 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/unzip/6.0-13ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 17 Feb 2015 14:22:58 -0500
Source: unzip
Binary: unzip
Architecture: source
Version: 6.0-13ubuntu3
Distribution: vivid
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 unzip      - De-archiver for .zip files
Changes:
 unzip (6.0-13ubuntu3) vivid; urgency=medium
 .
   * SECURITY UPDATE: heap overflow in charset_to_intern()
     - debian/patches/20-unzip60-alt-iconv-utf8: updated to fix buffer
       overflow in unix/unix.c.
     - CVE-2015-1315
   * SECURITY REGRESSION: regression with executable jar files
     - debian/patches/09-cve-2014-8139-crc-overflow: updated to fix
       regression.
   * SECURITY REGRESSION: regression with certain compressed data headers
     - debian/patches/12-cve-2014-9636-test-compr-eb: updated to fix
       regression.
Checksums-Sha1:
 30400845a531ae149bbb789a8297c2f8d2d9e2d4 1764 unzip_6.0-13ubuntu3.dsc
 ea91a834543bb653585b27564d7efb174897f5b7 17512 unzip_6.0-13ubuntu3.debian.tar.xz
Checksums-Sha256:
 91c10f07203d4cead9ec10f3106f28d65485f448292ecb5efbd502ee4cf96afe 1764 unzip_6.0-13ubuntu3.dsc
 e8b3d0ad35acf0dce1a264d925de382a743682825e3cc36c5e3b742972d055fd 17512 unzip_6.0-13ubuntu3.debian.tar.xz
Files:
 b839d65dc666952207fc5530937d0cf4 1764 utils optional unzip_6.0-13ubuntu3.dsc
 08c1ad226dd50ed00ef6ee2f2135aef8 17512 utils optional unzip_6.0-13ubuntu3.debian.tar.xz
Original-Maintainer: Santiago Vila <sanvila at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJU45e3AAoJEGVp2FWnRL6Tu1sP/3DH6Queda8Ra6nnSEjj4hxl
dyPJWs/r4gaQb9tpK7AWV0COUvzyESkLdqlyZLJHDeFFybkn6BQwcQpIRGLURmDv
jLdqc8fO9fb4UzbrWMOuErNLAjaJJi4GafowGmUGmcKD42VJWPxQaiJZZwisaucl
puwvSnK4XMqm2fPODJeuqJ3yZCrvJu5xrQxDxQhSPvzkkKeTmuytoouHBCW1qgVi
MiB9zq4nee5ui0dWWRz3PkMQRNNB/9NZCKJ8mW/vsSlugW9BMSlZZuOLSNdTnwNa
q/1ptLJs/Jluca/1RXNv1CPWDzQBSJDFvTrRFSPOcRmUtmryACw/saJPuvLK3KpH
cKUnKwcqUK8Qts25xzib5abmoOJhm4p3OGIk9ffb+erAU9v9kEA4pXz4ivMzuoIF
CM4MXYUipkdc3cQX8ZO/Zam6YaA+ECQCwie55ktt4uYLQFY/PLb6h3k4P8/fcy85
D/q3WHdY9SYZ2y5KMDQr4V9WUjhau1IZl5FDxmYed9hgHUoev8XmgFh/DBfkEDwO
pxrhTr8SCuTL1FJLPJGZRG82mnjUv0toDN5lCJbqEGPanHscv0RzUgFFXlfnxD6+
dhsA0P55w6PF0BJQF7E+o7TstJss5MyebrI3mNog4oIer5tTHtwM8LXqPfG8M1+9
g0RRokz9iIlYOnMw+Qaa
=Swkb
-----END PGP SIGNATURE-----