[ubuntu/vivid-proposed] unzip 6.0-13ubuntu2 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu Jan 29 16:49:15 UTC 2015
unzip (6.0-13ubuntu2) vivid; urgency=medium
* SECURITY UPDATE: heap overflow via mismatched block sizes
- debian/patches/12-cve-2014-9636-test-compr-eb: ensure compressed and
uncompressed block sizes match when using STORED method in extract.c.
- CVE-2014-9636
Date: Thu, 29 Jan 2015 11:16:07 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/unzip/6.0-13ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 29 Jan 2015 11:16:07 -0500
Source: unzip
Binary: unzip
Architecture: source
Version: 6.0-13ubuntu2
Distribution: vivid
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
unzip - De-archiver for .zip files
Changes:
unzip (6.0-13ubuntu2) vivid; urgency=medium
.
* SECURITY UPDATE: heap overflow via mismatched block sizes
- debian/patches/12-cve-2014-9636-test-compr-eb: ensure compressed and
uncompressed block sizes match when using STORED method in extract.c.
- CVE-2014-9636
Checksums-Sha1:
ce0524992ad99db0155a90e02baca0d94c4b1ee2 1764 unzip_6.0-13ubuntu2.dsc
9c38429b99a68b4c27c2ef56eb86ad08b3eb7064 17344 unzip_6.0-13ubuntu2.debian.tar.xz
Checksums-Sha256:
4f5b03b56374c73628bb5e8632d93afecad84ac8645da7b031e40122aa7476a6 1764 unzip_6.0-13ubuntu2.dsc
143bdbae4aa3e0e221e04735802fd1674f2c97aad07c3b2c38cee03a9c2a4e27 17344 unzip_6.0-13ubuntu2.debian.tar.xz
Files:
fd8d7b148bc61206989b5ef2eabd1f24 1764 utils optional unzip_6.0-13ubuntu2.dsc
716beb613a4b7c93c21cc810535010cf 17344 utils optional unzip_6.0-13ubuntu2.debian.tar.xz
Original-Maintainer: Santiago Vila <sanvila at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJUymQ8AAoJEGVp2FWnRL6ToikP/0ZzXrO4jG2RjwK9uhFjpQzb
Wfh8WS43iUxB5kP4f/NvKlCJxmW8vewExb2HtRkCq291NsPEcY/aKiih683ZN0Ct
LZv+PW94Hx5mMPVfoeV6/LUWFPo5J3q9HVBCSdo8UT0EC09VARIlEv8GvteKMByd
g5RghWAa79pal2m/75VUSXZIhIJLXkxB46ncbedZlwKHGXlfPEWIEEyKKNEtywQr
itN1/NuAGEur27mbflcCFYdHM23J5HBL52HhIrnvMR8marozzpWjvjHGMhHeS32v
iKSBWSqFqnNlCo1bA8TACm/Vfa7/SBb2BWMz+1i5RdI8n4rWDbYMoK/DXpqAy4CB
kqZTHgqJ3tw/+Rk/7p5ZvwjqFY5nCZrEN8cGZYMDemtJoPcp92vIA4twfS37X2Pz
Zh9O5hax3fLi7T38ryIuGKtdUn/wB5SA/+23MQm7Hb4zy3Xj8EEcqIA0RNiwbxjh
R769+sVEE507SvUigVqctGHVlePVfrNpvKUnljPjITAqer8Zkth6DYgdwjvQWsZt
bIXbxh0tFZVy4se3zItOR3T5A19EHrzYeZYL3hBu+EbY4wauwW/i6M3FRD721/l5
Og6+MNMBvK0gRZtEQaAcIx9KOvkF1E3Wljclt1WHnS7rhtvTAg6L8kvK3dRYbMPF
spew9wspInSk1q3b1Iia
=c9Fm
-----END PGP SIGNATURE-----
More information about the Vivid-changes
mailing list