Git : Code : libarchive package : Ubuntu

Ubuntu
libarchive package

Overview
Code
Bugs
Blueprints
Translations
Answers

View Bazaar branches

Get this repository:: git clone https://git.launchpad.net/ubuntu/+source/libarchive

Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name	Last Modified	Last Commit
importer/ubuntu/dsc	2019-07-30 22:10:35 UTC 2019-07-30	DSC file for 3.2.2-3.1ubuntu0.4 Author: Ubuntu Git Importer Author Date: 2019-07-30 22:10:35 UTC DSC file for 3.2.2-3.1ubuntu0.4
applied/ubuntu/bionic-proposed	2019-07-30 21:58:18 UTC 2019-07-30	Import patches-applied version 3.2.2-3.1ubuntu0.4 to applied/ubuntu/bionic-pr... Author: Sebastien Bacher Author Date: 2019-06-28 19:20:28 UTC Import patches-applied version 3.2.2-3.1ubuntu0.4 to applied/ubuntu/bionic-proposed Imported using git-ubuntu import. Changelog parent: 9915fc404d0dc2cce147f92d829d4fc52a5c630a Unapplied parent: 9d44261394a52057a4692e7233f817d6787511a3 New changelog entries: * debian/patches/git_zip_directories.patch: - backport a fix for an issue where files are created instead of directories (lp: #1830629)
ubuntu/bionic-proposed	2019-07-30 21:58:18 UTC 2019-07-30	Import patches-unapplied version 3.2.2-3.1ubuntu0.4 to ubuntu/bionic-proposed Author: Sebastien Bacher Author Date: 2019-06-28 19:20:28 UTC Import patches-unapplied version 3.2.2-3.1ubuntu0.4 to ubuntu/bionic-proposed Imported using git-ubuntu import. Changelog parent: 6f1115f931c3e3c93da6e6d1073e9a7bbffd0fe6 New changelog entries: * debian/patches/git_zip_directories.patch: - backport a fix for an issue where files are created instead of directories (lp: #1830629)
ubuntu/bionic-devel	2019-07-30 21:58:18 UTC 2019-07-30	Import patches-unapplied version 3.2.2-3.1ubuntu0.4 to ubuntu/bionic-proposed Author: Sebastien Bacher Author Date: 2019-06-28 19:20:28 UTC Import patches-unapplied version 3.2.2-3.1ubuntu0.4 to ubuntu/bionic-proposed Imported using git-ubuntu import. Changelog parent: 6f1115f931c3e3c93da6e6d1073e9a7bbffd0fe6 New changelog entries: * debian/patches/git_zip_directories.patch: - backport a fix for an issue where files are created instead of directories (lp: #1830629)
applied/ubuntu/bionic-devel	2019-07-30 21:58:18 UTC 2019-07-30	Import patches-applied version 3.2.2-3.1ubuntu0.4 to applied/ubuntu/bionic-pr... Author: Sebastien Bacher Author Date: 2019-06-28 19:20:28 UTC Import patches-applied version 3.2.2-3.1ubuntu0.4 to applied/ubuntu/bionic-proposed Imported using git-ubuntu import. Changelog parent: 9915fc404d0dc2cce147f92d829d4fc52a5c630a Unapplied parent: 9d44261394a52057a4692e7233f817d6787511a3 New changelog entries: * debian/patches/git_zip_directories.patch: - backport a fix for an issue where files are created instead of directories (lp: #1830629)
applied/ubuntu/bionic-updates	2019-07-30 21:58:18 UTC 2019-07-30	Import patches-applied version 3.2.2-3.1ubuntu0.4 to applied/ubuntu/bionic-pr... Author: Sebastien Bacher Author Date: 2019-06-28 19:20:28 UTC Import patches-applied version 3.2.2-3.1ubuntu0.4 to applied/ubuntu/bionic-proposed Imported using git-ubuntu import. Changelog parent: 9915fc404d0dc2cce147f92d829d4fc52a5c630a Unapplied parent: 9d44261394a52057a4692e7233f817d6787511a3 New changelog entries: * debian/patches/git_zip_directories.patch: - backport a fix for an issue where files are created instead of directories (lp: #1830629)
ubuntu/bionic-updates	2019-07-30 21:58:18 UTC 2019-07-30	Import patches-unapplied version 3.2.2-3.1ubuntu0.4 to ubuntu/bionic-proposed Author: Sebastien Bacher Author Date: 2019-06-28 19:20:28 UTC Import patches-unapplied version 3.2.2-3.1ubuntu0.4 to ubuntu/bionic-proposed Imported using git-ubuntu import. Changelog parent: 6f1115f931c3e3c93da6e6d1073e9a7bbffd0fe6 New changelog entries: * debian/patches/git_zip_directories.patch: - backport a fix for an issue where files are created instead of directories (lp: #1830629)
importer/debian/dsc	2019-02-16 17:39:18 UTC 2019-02-16	DSC file for 3.2.2-2+deb9u1 Author: Ubuntu Git Importer Author Date: 2019-02-16 17:39:18 UTC DSC file for 3.2.2-2+deb9u1
debian/stretch	2019-02-16 17:08:22 UTC 2019-02-16	Import patches-unapplied version 3.2.2-2+deb9u1 to debian/stretch Author: Markus Koschany Author Date: 2018-12-21 20:11:50 UTC Import patches-unapplied version 3.2.2-2+deb9u1 to debian/stretch Imported using git-ubuntu import. Changelog parent: bff56950c829e095473da75ac0874fac308601ee New changelog entries: * Non-maintainer upload. * Fix the following security vulnerabilities: CVE-2016-10209, CVE-2016-10349, CVE-2016-10350, CVE-2017-14166, CVE-2017-14501, CVE-2017-14502, CVE-2017-14503, CVE-2018-1000877, CVE-2018-1000878, CVE-2018-1000879 and CVE-2018-1000880. Multiple security vulnerabilities were found in libarchive, a multi-format archive and compression library. Heap-based buffer over-reads, NULL pointer dereferences, use-after-frees and out-of-bounds reads allow remote attackers to cause a denial-of-service (application crash) via specially crafted archive files. (Closes: #859456, #861609, #874539, #875966, #875974, #875960, #916964, #916963, #916960)
applied/debian/stretch	2019-02-16 17:08:22 UTC 2019-02-16	Import patches-applied version 3.2.2-2+deb9u1 to applied/debian/stretch Author: Markus Koschany Author Date: 2018-12-21 20:11:50 UTC Import patches-applied version 3.2.2-2+deb9u1 to applied/debian/stretch Imported using git-ubuntu import. Changelog parent: 5e3a226161343b8cf81e3ad1317ab139db97ca87 Unapplied parent: a95ea3b9b719c74d372e87ed33545d00edb32c23 New changelog entries: * Non-maintainer upload. * Fix the following security vulnerabilities: CVE-2016-10209, CVE-2016-10349, CVE-2016-10350, CVE-2017-14166, CVE-2017-14501, CVE-2017-14502, CVE-2017-14503, CVE-2018-1000877, CVE-2018-1000878, CVE-2018-1000879 and CVE-2018-1000880. Multiple security vulnerabilities were found in libarchive, a multi-format archive and compression library. Heap-based buffer over-reads, NULL pointer dereferences, use-after-frees and out-of-bounds reads allow remote attackers to cause a denial-of-service (application crash) via specially crafted archive files. (Closes: #859456, #861609, #874539, #875966, #875974, #875960, #916964, #916963, #916960)
applied/ubuntu/trusty-devel	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-applied version 3.1.2-7ubuntu2.8 to applied/ubuntu/trusty-secu... Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:48:45 UTC Import patches-applied version 3.1.2-7ubuntu2.8 to applied/ubuntu/trusty-security Imported using git-ubuntu import. Changelog parent: afb6eab260e9569e95d1d324bfcc7dfbfb5e8e74 Unapplied parent: 0b233f5752e310b98d3887516a53841292388a17 New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
ubuntu/trusty-security	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-unapplied version 3.1.2-7ubuntu2.8 to ubuntu/trusty-security Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:48:45 UTC Import patches-unapplied version 3.1.2-7ubuntu2.8 to ubuntu/trusty-security Imported using git-ubuntu import. Changelog parent: 6934cf74bf26eabb83886951ce62174f2690e854 New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
applied/ubuntu/trusty-security	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-applied version 3.1.2-7ubuntu2.8 to applied/ubuntu/trusty-secu... Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:48:45 UTC Import patches-applied version 3.1.2-7ubuntu2.8 to applied/ubuntu/trusty-security Imported using git-ubuntu import. Changelog parent: afb6eab260e9569e95d1d324bfcc7dfbfb5e8e74 Unapplied parent: 0b233f5752e310b98d3887516a53841292388a17 New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
ubuntu/bionic-security	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-unapplied version 3.2.2-3.1ubuntu0.3 to ubuntu/bionic-security Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:54:50 UTC Import patches-unapplied version 3.2.2-3.1ubuntu0.3 to ubuntu/bionic-security Imported using git-ubuntu import. Changelog parent: d61e033e35231d40421305c70f9f9286c892a17e New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
applied/ubuntu/trusty-updates	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-applied version 3.1.2-7ubuntu2.8 to applied/ubuntu/trusty-secu... Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:48:45 UTC Import patches-applied version 3.1.2-7ubuntu2.8 to applied/ubuntu/trusty-security Imported using git-ubuntu import. Changelog parent: afb6eab260e9569e95d1d324bfcc7dfbfb5e8e74 Unapplied parent: 0b233f5752e310b98d3887516a53841292388a17 New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
ubuntu/xenial-devel	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-unapplied version 3.1.2-11ubuntu0.16.04.6 to ubuntu/xenial-sec... Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:53:41 UTC Import patches-unapplied version 3.1.2-11ubuntu0.16.04.6 to ubuntu/xenial-security Imported using git-ubuntu import. Changelog parent: 809ff5c9c658ea914a5b748f5909ef4c37ba2b4d New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
ubuntu/trusty-updates	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-unapplied version 3.1.2-7ubuntu2.8 to ubuntu/trusty-security Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:48:45 UTC Import patches-unapplied version 3.1.2-7ubuntu2.8 to ubuntu/trusty-security Imported using git-ubuntu import. Changelog parent: 6934cf74bf26eabb83886951ce62174f2690e854 New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
applied/ubuntu/bionic-security	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-applied version 3.2.2-3.1ubuntu0.3 to applied/ubuntu/bionic-se... Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:54:50 UTC Import patches-applied version 3.2.2-3.1ubuntu0.3 to applied/ubuntu/bionic-security Imported using git-ubuntu import. Changelog parent: 2867a79a389ca72b48b7661bdc91819db8ad15d0 Unapplied parent: d9f02fe91bf7f5d32445a1c7fe38d9a88d18ab45 New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
applied/ubuntu/cosmic-updates	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-applied version 3.2.2-5ubuntu0.2 to applied/ubuntu/cosmic-secu... Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:55:41 UTC Import patches-applied version 3.2.2-5ubuntu0.2 to applied/ubuntu/cosmic-security Imported using git-ubuntu import. Changelog parent: b633248024bd082d1c1b9f3b96082b051bfbb448 Unapplied parent: 55f9de3f0c4ac158bd69d35aaebd049f6a58535d New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
applied/ubuntu/xenial-devel	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-applied version 3.1.2-11ubuntu0.16.04.6 to applied/ubuntu/xeni... Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:53:41 UTC Import patches-applied version 3.1.2-11ubuntu0.16.04.6 to applied/ubuntu/xenial-security Imported using git-ubuntu import. Changelog parent: 54fce7d61c74c4caf015508b4a1d5d918024e861 Unapplied parent: ef1083e1267fdde3da9ef097172b790fe9083610 New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
applied/ubuntu/cosmic-security	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-applied version 3.2.2-5ubuntu0.2 to applied/ubuntu/cosmic-secu... Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:55:41 UTC Import patches-applied version 3.2.2-5ubuntu0.2 to applied/ubuntu/cosmic-security Imported using git-ubuntu import. Changelog parent: b633248024bd082d1c1b9f3b96082b051bfbb448 Unapplied parent: 55f9de3f0c4ac158bd69d35aaebd049f6a58535d New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
ubuntu/cosmic-updates	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-unapplied version 3.2.2-5ubuntu0.2 to ubuntu/cosmic-security Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:55:41 UTC Import patches-unapplied version 3.2.2-5ubuntu0.2 to ubuntu/cosmic-security Imported using git-ubuntu import. Changelog parent: 56427107438786204f603375626edbd12ec99fcc New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
applied/ubuntu/cosmic-devel	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-applied version 3.2.2-5ubuntu0.2 to applied/ubuntu/cosmic-secu... Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:55:41 UTC Import patches-applied version 3.2.2-5ubuntu0.2 to applied/ubuntu/cosmic-security Imported using git-ubuntu import. Changelog parent: b633248024bd082d1c1b9f3b96082b051bfbb448 Unapplied parent: 55f9de3f0c4ac158bd69d35aaebd049f6a58535d New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
applied/ubuntu/xenial-updates	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-applied version 3.1.2-11ubuntu0.16.04.6 to applied/ubuntu/xeni... Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:53:41 UTC Import patches-applied version 3.1.2-11ubuntu0.16.04.6 to applied/ubuntu/xenial-security Imported using git-ubuntu import. Changelog parent: 54fce7d61c74c4caf015508b4a1d5d918024e861 Unapplied parent: ef1083e1267fdde3da9ef097172b790fe9083610 New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
applied/ubuntu/xenial-security	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-applied version 3.1.2-11ubuntu0.16.04.6 to applied/ubuntu/xeni... Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:53:41 UTC Import patches-applied version 3.1.2-11ubuntu0.16.04.6 to applied/ubuntu/xenial-security Imported using git-ubuntu import. Changelog parent: 54fce7d61c74c4caf015508b4a1d5d918024e861 Unapplied parent: ef1083e1267fdde3da9ef097172b790fe9083610 New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
ubuntu/cosmic-devel	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-unapplied version 3.2.2-5ubuntu0.2 to ubuntu/cosmic-security Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:55:41 UTC Import patches-unapplied version 3.2.2-5ubuntu0.2 to ubuntu/cosmic-security Imported using git-ubuntu import. Changelog parent: 56427107438786204f603375626edbd12ec99fcc New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
ubuntu/trusty-devel	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-unapplied version 3.1.2-7ubuntu2.8 to ubuntu/trusty-security Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:48:45 UTC Import patches-unapplied version 3.1.2-7ubuntu2.8 to ubuntu/trusty-security Imported using git-ubuntu import. Changelog parent: 6934cf74bf26eabb83886951ce62174f2690e854 New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
ubuntu/xenial-security	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-unapplied version 3.1.2-11ubuntu0.16.04.6 to ubuntu/xenial-sec... Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:53:41 UTC Import patches-unapplied version 3.1.2-11ubuntu0.16.04.6 to ubuntu/xenial-security Imported using git-ubuntu import. Changelog parent: 809ff5c9c658ea914a5b748f5909ef4c37ba2b4d New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
ubuntu/xenial-updates	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-unapplied version 3.1.2-11ubuntu0.16.04.6 to ubuntu/xenial-sec... Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:53:41 UTC Import patches-unapplied version 3.1.2-11ubuntu0.16.04.6 to ubuntu/xenial-security Imported using git-ubuntu import. Changelog parent: 809ff5c9c658ea914a5b748f5909ef4c37ba2b4d New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
ubuntu/cosmic-security	2019-02-07 12:03:23 UTC 2019-02-07	Import patches-unapplied version 3.2.2-5ubuntu0.2 to ubuntu/cosmic-security Author: Leonidas S. Barbosa Author Date: 2019-02-06 11:55:41 UTC Import patches-unapplied version 3.2.2-5ubuntu0.2 to ubuntu/cosmic-security Imported using git-ubuntu import. Changelog parent: 56427107438786204f603375626edbd12ec99fcc New changelog entries: * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000019.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-1000019 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-1000020.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2019-1000020
applied/ubuntu/eoan-devel	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-applied version 3.3.3-4 to applied/debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-applied version 3.3.3-4 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: d3c14aaf6b79a057122d84d10a2ec2a1df256857 Unapplied parent: 84d76bee88b9d7248c39b86f47779cdcdb170900 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
applied/ubuntu/eoan	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-applied version 3.3.3-4 to applied/debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-applied version 3.3.3-4 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: d3c14aaf6b79a057122d84d10a2ec2a1df256857 Unapplied parent: 84d76bee88b9d7248c39b86f47779cdcdb170900 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
ubuntu/eoan	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-unapplied version 3.3.3-4 to debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-unapplied version 3.3.3-4 to debian/sid Imported using git-ubuntu import. Changelog parent: b3732f8027e0b6d7ac08e65995bd2703515008d0 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
ubuntu/eoan-devel	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-unapplied version 3.3.3-4 to debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-unapplied version 3.3.3-4 to debian/sid Imported using git-ubuntu import. Changelog parent: b3732f8027e0b6d7ac08e65995bd2703515008d0 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
debian/sid	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-unapplied version 3.3.3-4 to debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-unapplied version 3.3.3-4 to debian/sid Imported using git-ubuntu import. Changelog parent: b3732f8027e0b6d7ac08e65995bd2703515008d0 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
ubuntu/disco	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-unapplied version 3.3.3-4 to debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-unapplied version 3.3.3-4 to debian/sid Imported using git-ubuntu import. Changelog parent: b3732f8027e0b6d7ac08e65995bd2703515008d0 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
applied/ubuntu/disco-devel	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-applied version 3.3.3-4 to applied/debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-applied version 3.3.3-4 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: d3c14aaf6b79a057122d84d10a2ec2a1df256857 Unapplied parent: 84d76bee88b9d7248c39b86f47779cdcdb170900 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
ubuntu/disco-devel	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-unapplied version 3.3.3-4 to debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-unapplied version 3.3.3-4 to debian/sid Imported using git-ubuntu import. Changelog parent: b3732f8027e0b6d7ac08e65995bd2703515008d0 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
ubuntu/disco-proposed	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-unapplied version 3.3.3-4 to debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-unapplied version 3.3.3-4 to debian/sid Imported using git-ubuntu import. Changelog parent: b3732f8027e0b6d7ac08e65995bd2703515008d0 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
ubuntu/devel	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-unapplied version 3.3.3-4 to debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-unapplied version 3.3.3-4 to debian/sid Imported using git-ubuntu import. Changelog parent: b3732f8027e0b6d7ac08e65995bd2703515008d0 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
applied/ubuntu/disco	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-applied version 3.3.3-4 to applied/debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-applied version 3.3.3-4 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: d3c14aaf6b79a057122d84d10a2ec2a1df256857 Unapplied parent: 84d76bee88b9d7248c39b86f47779cdcdb170900 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
applied/debian/sid	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-applied version 3.3.3-4 to applied/debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-applied version 3.3.3-4 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: d3c14aaf6b79a057122d84d10a2ec2a1df256857 Unapplied parent: 84d76bee88b9d7248c39b86f47779cdcdb170900 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
debian/buster	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-unapplied version 3.3.3-4 to debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-unapplied version 3.3.3-4 to debian/sid Imported using git-ubuntu import. Changelog parent: b3732f8027e0b6d7ac08e65995bd2703515008d0 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
applied/debian/buster	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-applied version 3.3.3-4 to applied/debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-applied version 3.3.3-4 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: d3c14aaf6b79a057122d84d10a2ec2a1df256857 Unapplied parent: 84d76bee88b9d7248c39b86f47779cdcdb170900 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
applied/ubuntu/devel	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-applied version 3.3.3-4 to applied/debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-applied version 3.3.3-4 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: d3c14aaf6b79a057122d84d10a2ec2a1df256857 Unapplied parent: 84d76bee88b9d7248c39b86f47779cdcdb170900 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
applied/ubuntu/disco-proposed	2019-02-06 16:37:28 UTC 2019-02-06	Import patches-applied version 3.3.3-4 to applied/debian/sid Author: Peter Pentchev Author Date: 2019-02-06 09:01:25 UTC Import patches-applied version 3.3.3-4 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: d3c14aaf6b79a057122d84d10a2ec2a1df256857 Unapplied parent: 84d76bee88b9d7248c39b86f47779cdcdb170900 New changelog entries: * Add three upstream patches: - CVE-2019-1000019: fix a crash when parsing some 7zip archives - CVE-2019-1000020: require the RockRidge extension for iso9660 - zip-nullptr: fix a null pointer deference in ZIP files handling
ubuntu/cosmic	2018-08-25 22:32:37 UTC 2018-08-25	Import patches-unapplied version 3.2.2-5 to debian/sid Author: Peter Pentchev Author Date: 2018-08-25 15:28:10 UTC Import patches-unapplied version 3.2.2-5 to debian/sid Imported using git-ubuntu import. Changelog parent: e9a01a756ca56a1f7f9812d4023bb2d368abb5cf New changelog entries: * Acknowledge NMUs; many thanks to Salvatore Bonaccorso! * Use my Debian e-mail address. * Declare compliance with Debian Policy 4.2.0: - add Rules-Requires-Root: no to the source control stanza - install the upstream release notes (NEWS) * Drop the duplicate Priority fields for the binary packages. * Switch to the HTTPS scheme in various upstream and Debian packaging URLs. * Drop some trailing whitespace from old changelog entries. * Bump the debhelper compatibility level to 11 with no changes and use the B-D: debhelper-compat (= 11) mechanism. * Add a trivial autopkgtest running adequate on the binary packages.
ubuntu/cosmic-proposed	2018-08-25 22:32:37 UTC 2018-08-25	Import patches-unapplied version 3.2.2-5 to debian/sid Author: Peter Pentchev Author Date: 2018-08-25 15:28:10 UTC Import patches-unapplied version 3.2.2-5 to debian/sid Imported using git-ubuntu import. Changelog parent: e9a01a756ca56a1f7f9812d4023bb2d368abb5cf New changelog entries: * Acknowledge NMUs; many thanks to Salvatore Bonaccorso! * Use my Debian e-mail address. * Declare compliance with Debian Policy 4.2.0: - add Rules-Requires-Root: no to the source control stanza - install the upstream release notes (NEWS) * Drop the duplicate Priority fields for the binary packages. * Switch to the HTTPS scheme in various upstream and Debian packaging URLs. * Drop some trailing whitespace from old changelog entries. * Bump the debhelper compatibility level to 11 with no changes and use the B-D: debhelper-compat (= 11) mechanism. * Add a trivial autopkgtest running adequate on the binary packages.
applied/ubuntu/cosmic-proposed	2018-08-25 22:32:37 UTC 2018-08-25	Import patches-applied version 3.2.2-5 to applied/debian/sid Author: Peter Pentchev Author Date: 2018-08-25 15:28:10 UTC Import patches-applied version 3.2.2-5 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 5acaf5e221942f72ae94dceb655a4c71bb113942 Unapplied parent: 7a3b904c45e7d219b49d98f22874e53622ef7e2a New changelog entries: * Acknowledge NMUs; many thanks to Salvatore Bonaccorso! * Use my Debian e-mail address. * Declare compliance with Debian Policy 4.2.0: - add Rules-Requires-Root: no to the source control stanza - install the upstream release notes (NEWS) * Drop the duplicate Priority fields for the binary packages. * Switch to the HTTPS scheme in various upstream and Debian packaging URLs. * Drop some trailing whitespace from old changelog entries. * Bump the debhelper compatibility level to 11 with no changes and use the B-D: debhelper-compat (= 11) mechanism. * Add a trivial autopkgtest running adequate on the binary packages.
applied/ubuntu/cosmic	2018-08-25 22:32:37 UTC 2018-08-25	Import patches-applied version 3.2.2-5 to applied/debian/sid Author: Peter Pentchev Author Date: 2018-08-25 15:28:10 UTC Import patches-applied version 3.2.2-5 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 5acaf5e221942f72ae94dceb655a4c71bb113942 Unapplied parent: 7a3b904c45e7d219b49d98f22874e53622ef7e2a New changelog entries: * Acknowledge NMUs; many thanks to Salvatore Bonaccorso! * Use my Debian e-mail address. * Declare compliance with Debian Policy 4.2.0: - add Rules-Requires-Root: no to the source control stanza - install the upstream release notes (NEWS) * Drop the duplicate Priority fields for the binary packages. * Switch to the HTTPS scheme in various upstream and Debian packaging URLs. * Drop some trailing whitespace from old changelog entries. * Bump the debhelper compatibility level to 11 with no changes and use the B-D: debhelper-compat (= 11) mechanism. * Add a trivial autopkgtest running adequate on the binary packages.
importer/ubuntu/pristine-tar	2018-03-28 07:08:21 UTC 2018-03-28	pristine-tar data for libarchive_3.2.2.orig.tar.gz Author: Ubuntu Git Importer Author Date: 2018-03-28 07:08:21 UTC pristine-tar data for libarchive_3.2.2.orig.tar.gz
importer/debian/pristine-tar	2018-03-28 06:44:18 UTC 2018-03-28	pristine-tar data for libarchive_3.2.2.orig.tar.gz Author: Ubuntu Git Importer Author Date: 2018-03-28 06:44:18 UTC pristine-tar data for libarchive_3.2.2.orig.tar.gz
applied/ubuntu/artful-devel	2017-09-14 22:34:17 UTC 2017-09-14	Import patches-applied version 3.2.2-3.1 to applied/debian/sid Author: Salvatore Bonaccorso Author Date: 2017-09-14 14:02:10 UTC Import patches-applied version 3.2.2-3.1 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 2dc104f802727d3457a9c13f7b535bb03c917052 Unapplied parent: 3d2a65827a79ffae932bfd3d9e9e0ea5cba87205 New changelog entries: * Non-maintainer upload. * Reupload 3.2.2-2.1 on top of 3.2.2-3 * archive_strncat_l(): allocate and do not convert if length == 0 (CVE-2016-10209) (Closes: #859456) * Reread the CAB header skipping the self-extracting binary code (CVE-2016-10349, CVE-2016-10350) (Closes: #861609) * Do something sensible for empty strings to make fuzzers happy (CVE-2017-14166) Fixes heap-based buffer over-read in the atol8 function. (Closes: #874539)
ubuntu/bionic	2017-09-14 22:34:17 UTC 2017-09-14	Import patches-unapplied version 3.2.2-3.1 to debian/sid Author: Salvatore Bonaccorso Author Date: 2017-09-14 14:02:10 UTC Import patches-unapplied version 3.2.2-3.1 to debian/sid Imported using git-ubuntu import. Changelog parent: d4b2822716f6d63288b822e268840966a0641480 New changelog entries: * Non-maintainer upload. * Reupload 3.2.2-2.1 on top of 3.2.2-3 * archive_strncat_l(): allocate and do not convert if length == 0 (CVE-2016-10209) (Closes: #859456) * Reread the CAB header skipping the self-extracting binary code (CVE-2016-10349, CVE-2016-10350) (Closes: #861609) * Do something sensible for empty strings to make fuzzers happy (CVE-2017-14166) Fixes heap-based buffer over-read in the atol8 function. (Closes: #874539)
applied/ubuntu/artful-proposed	2017-09-14 22:34:17 UTC 2017-09-14	Import patches-applied version 3.2.2-3.1 to applied/debian/sid Author: Salvatore Bonaccorso Author Date: 2017-09-14 14:02:10 UTC Import patches-applied version 3.2.2-3.1 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 2dc104f802727d3457a9c13f7b535bb03c917052 Unapplied parent: 3d2a65827a79ffae932bfd3d9e9e0ea5cba87205 New changelog entries: * Non-maintainer upload. * Reupload 3.2.2-2.1 on top of 3.2.2-3 * archive_strncat_l(): allocate and do not convert if length == 0 (CVE-2016-10209) (Closes: #859456) * Reread the CAB header skipping the self-extracting binary code (CVE-2016-10349, CVE-2016-10350) (Closes: #861609) * Do something sensible for empty strings to make fuzzers happy (CVE-2017-14166) Fixes heap-based buffer over-read in the atol8 function. (Closes: #874539)
ubuntu/artful	2017-09-14 22:34:17 UTC 2017-09-14	Import patches-unapplied version 3.2.2-3.1 to debian/sid Author: Salvatore Bonaccorso Author Date: 2017-09-14 14:02:10 UTC Import patches-unapplied version 3.2.2-3.1 to debian/sid Imported using git-ubuntu import. Changelog parent: d4b2822716f6d63288b822e268840966a0641480 New changelog entries: * Non-maintainer upload. * Reupload 3.2.2-2.1 on top of 3.2.2-3 * archive_strncat_l(): allocate and do not convert if length == 0 (CVE-2016-10209) (Closes: #859456) * Reread the CAB header skipping the self-extracting binary code (CVE-2016-10349, CVE-2016-10350) (Closes: #861609) * Do something sensible for empty strings to make fuzzers happy (CVE-2017-14166) Fixes heap-based buffer over-read in the atol8 function. (Closes: #874539)
ubuntu/artful-devel	2017-09-14 22:34:17 UTC 2017-09-14	Import patches-unapplied version 3.2.2-3.1 to debian/sid Author: Salvatore Bonaccorso Author Date: 2017-09-14 14:02:10 UTC Import patches-unapplied version 3.2.2-3.1 to debian/sid Imported using git-ubuntu import. Changelog parent: d4b2822716f6d63288b822e268840966a0641480 New changelog entries: * Non-maintainer upload. * Reupload 3.2.2-2.1 on top of 3.2.2-3 * archive_strncat_l(): allocate and do not convert if length == 0 (CVE-2016-10209) (Closes: #859456) * Reread the CAB header skipping the self-extracting binary code (CVE-2016-10349, CVE-2016-10350) (Closes: #861609) * Do something sensible for empty strings to make fuzzers happy (CVE-2017-14166) Fixes heap-based buffer over-read in the atol8 function. (Closes: #874539)
ubuntu/artful-proposed	2017-09-14 22:34:17 UTC 2017-09-14	Import patches-unapplied version 3.2.2-3.1 to debian/sid Author: Salvatore Bonaccorso Author Date: 2017-09-14 14:02:10 UTC Import patches-unapplied version 3.2.2-3.1 to debian/sid Imported using git-ubuntu import. Changelog parent: d4b2822716f6d63288b822e268840966a0641480 New changelog entries: * Non-maintainer upload. * Reupload 3.2.2-2.1 on top of 3.2.2-3 * archive_strncat_l(): allocate and do not convert if length == 0 (CVE-2016-10209) (Closes: #859456) * Reread the CAB header skipping the self-extracting binary code (CVE-2016-10349, CVE-2016-10350) (Closes: #861609) * Do something sensible for empty strings to make fuzzers happy (CVE-2017-14166) Fixes heap-based buffer over-read in the atol8 function. (Closes: #874539)
applied/ubuntu/artful	2017-09-14 22:34:17 UTC 2017-09-14	Import patches-applied version 3.2.2-3.1 to applied/debian/sid Author: Salvatore Bonaccorso Author Date: 2017-09-14 14:02:10 UTC Import patches-applied version 3.2.2-3.1 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 2dc104f802727d3457a9c13f7b535bb03c917052 Unapplied parent: 3d2a65827a79ffae932bfd3d9e9e0ea5cba87205 New changelog entries: * Non-maintainer upload. * Reupload 3.2.2-2.1 on top of 3.2.2-3 * archive_strncat_l(): allocate and do not convert if length == 0 (CVE-2016-10209) (Closes: #859456) * Reread the CAB header skipping the self-extracting binary code (CVE-2016-10349, CVE-2016-10350) (Closes: #861609) * Do something sensible for empty strings to make fuzzers happy (CVE-2017-14166) Fixes heap-based buffer over-read in the atol8 function. (Closes: #874539)
applied/ubuntu/bionic	2017-09-14 22:34:17 UTC 2017-09-14	Import patches-applied version 3.2.2-3.1 to applied/debian/sid Author: Salvatore Bonaccorso Author Date: 2017-09-14 14:02:10 UTC Import patches-applied version 3.2.2-3.1 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 2dc104f802727d3457a9c13f7b535bb03c917052 Unapplied parent: 3d2a65827a79ffae932bfd3d9e9e0ea5cba87205 New changelog entries: * Non-maintainer upload. * Reupload 3.2.2-2.1 on top of 3.2.2-3 * archive_strncat_l(): allocate and do not convert if length == 0 (CVE-2016-10209) (Closes: #859456) * Reread the CAB header skipping the self-extracting binary code (CVE-2016-10349, CVE-2016-10350) (Closes: #861609) * Do something sensible for empty strings to make fuzzers happy (CVE-2017-14166) Fixes heap-based buffer over-read in the atol8 function. (Closes: #874539)
ubuntu/zesty	2017-04-04 04:15:52 UTC 2017-04-04	Import patches-unapplied version 3.2.2-2 to debian/sid Author: Andreas Henriksson Author Date: 2017-04-03 20:20:05 UTC Import patches-unapplied version 3.2.2-2 to debian/sid Imported using git-ubuntu import. Changelog parent: 47cc4433d159e690cc165258221a045f67e26fd4 New changelog entries: * Disable tests (Closes: #859455)
applied/ubuntu/zesty-proposed	2017-04-04 04:15:52 UTC 2017-04-04	Import patches-applied version 3.2.2-2 to applied/debian/sid Author: Andreas Henriksson Author Date: 2017-04-03 20:20:05 UTC Import patches-applied version 3.2.2-2 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 21057d283f60388e8df0df16cd53698ae074e144 Unapplied parent: 4c629041c9e56ae4464b18c11b0309cf0140665f New changelog entries: * Disable tests (Closes: #859455)
applied/ubuntu/zesty-devel	2017-04-04 04:15:52 UTC 2017-04-04	Import patches-applied version 3.2.2-2 to applied/debian/sid Author: Andreas Henriksson Author Date: 2017-04-03 20:20:05 UTC Import patches-applied version 3.2.2-2 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 21057d283f60388e8df0df16cd53698ae074e144 Unapplied parent: 4c629041c9e56ae4464b18c11b0309cf0140665f New changelog entries: * Disable tests (Closes: #859455)
applied/ubuntu/zesty	2017-04-04 04:15:52 UTC 2017-04-04	Import patches-applied version 3.2.2-2 to applied/debian/sid Author: Andreas Henriksson Author Date: 2017-04-03 20:20:05 UTC Import patches-applied version 3.2.2-2 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 21057d283f60388e8df0df16cd53698ae074e144 Unapplied parent: 4c629041c9e56ae4464b18c11b0309cf0140665f New changelog entries: * Disable tests (Closes: #859455)
ubuntu/zesty-devel	2017-04-04 04:15:52 UTC 2017-04-04	Import patches-unapplied version 3.2.2-2 to debian/sid Author: Andreas Henriksson Author Date: 2017-04-03 20:20:05 UTC Import patches-unapplied version 3.2.2-2 to debian/sid Imported using git-ubuntu import. Changelog parent: 47cc4433d159e690cc165258221a045f67e26fd4 New changelog entries: * Disable tests (Closes: #859455)
ubuntu/zesty-proposed	2017-04-04 04:15:52 UTC 2017-04-04	Import patches-unapplied version 3.2.2-2 to debian/sid Author: Andreas Henriksson Author Date: 2017-04-03 20:20:05 UTC Import patches-unapplied version 3.2.2-2 to debian/sid Imported using git-ubuntu import. Changelog parent: 47cc4433d159e690cc165258221a045f67e26fd4 New changelog entries: * Disable tests (Closes: #859455)
applied/ubuntu/precise-updates	2017-03-09 18:33:18 UTC 2017-03-09	Import patches-applied version 3.0.3-6ubuntu1.4 to applied/ubuntu/precise-sec... Author: Marc Deslauriers Author Date: 2017-03-09 16:34:04 UTC Import patches-applied version 3.0.3-6ubuntu1.4 to applied/ubuntu/precise-security Imported using git-ubuntu import. Changelog parent: e8be0bbc247ae848eb753eaae08b76fc37f3cfda Unapplied parent: 0f86878f8bcf4854f0d526228495d2d71fdcf848 New changelog entries: * SECURITY UPDATE: arbitrary file write via hardlink entries - debian/patches/CVE-2016-5418-1.patch: enforce sandbox with very long pathnames in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-2.patch: fix path handling in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-3.patch: add test cases to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/main.c, libarchive/test/test.h, libarchive/test/test_write_disk_secure744.c, libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-4.patch: fix testcases in libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-5.patch: correct PATH_MAX usage in libarchive/archive_write_disk_posix.c. - CVE-2016-5418 * SECURITY UPDATE: denial of service and possible code execution when writing an ISO9660 archive - debian/patches/CVE-2016-6250.patch: check for overflow in libarchive/archive_write_set_format_iso9660.c. - CVE-2016-6250 * SECURITY UPDATE: denial of service via recursive decompression - debian/patches/CVE-2016-7166.patch: limit number of filters in libarchive/archive_read.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_too_many_filters.c, libarchive/test/test_read_too_many_filters.gz.uu. - CVE-2016-7166 * SECURITY UPDATE: denial of service via non-printable multibyte character in a filename - debian/patches/CVE-2016-8687.patch: expand buffer size in tar/util.c. - CVE-2016-8687 * SECURITY UPDATE: denial of service via multiple long lines - debian/patches/CVE-2016-8688.patch: fix bounds in libarchive/archive_read_support_format_mtree.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_mtree_crash747.c, libarchive/test/test_read_format_mtree_crash747.mtree.bz2.uu. - CVE-2016-8688 * SECURITY UPDATE: denial of service via multiple EmptyStream attributes - debian/patches/CVE-2016-8689.patch: reject files with multiple markers in libarchive/archive_read_support_format_7zip.c. - CVE-2016-8689 * SECURITY UPDATE: denial of service via invalid compressed file size - debian/patches/CVE-2017-5601.patch: add check to libarchive/archive_read_support_format_lha.c. - CVE-2017-5601
applied/ubuntu/precise-security	2017-03-09 18:33:18 UTC 2017-03-09	Import patches-applied version 3.0.3-6ubuntu1.4 to applied/ubuntu/precise-sec... Author: Marc Deslauriers Author Date: 2017-03-09 16:34:04 UTC Import patches-applied version 3.0.3-6ubuntu1.4 to applied/ubuntu/precise-security Imported using git-ubuntu import. Changelog parent: e8be0bbc247ae848eb753eaae08b76fc37f3cfda Unapplied parent: 0f86878f8bcf4854f0d526228495d2d71fdcf848 New changelog entries: * SECURITY UPDATE: arbitrary file write via hardlink entries - debian/patches/CVE-2016-5418-1.patch: enforce sandbox with very long pathnames in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-2.patch: fix path handling in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-3.patch: add test cases to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/main.c, libarchive/test/test.h, libarchive/test/test_write_disk_secure744.c, libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-4.patch: fix testcases in libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-5.patch: correct PATH_MAX usage in libarchive/archive_write_disk_posix.c. - CVE-2016-5418 * SECURITY UPDATE: denial of service and possible code execution when writing an ISO9660 archive - debian/patches/CVE-2016-6250.patch: check for overflow in libarchive/archive_write_set_format_iso9660.c. - CVE-2016-6250 * SECURITY UPDATE: denial of service via recursive decompression - debian/patches/CVE-2016-7166.patch: limit number of filters in libarchive/archive_read.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_too_many_filters.c, libarchive/test/test_read_too_many_filters.gz.uu. - CVE-2016-7166 * SECURITY UPDATE: denial of service via non-printable multibyte character in a filename - debian/patches/CVE-2016-8687.patch: expand buffer size in tar/util.c. - CVE-2016-8687 * SECURITY UPDATE: denial of service via multiple long lines - debian/patches/CVE-2016-8688.patch: fix bounds in libarchive/archive_read_support_format_mtree.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_mtree_crash747.c, libarchive/test/test_read_format_mtree_crash747.mtree.bz2.uu. - CVE-2016-8688 * SECURITY UPDATE: denial of service via multiple EmptyStream attributes - debian/patches/CVE-2016-8689.patch: reject files with multiple markers in libarchive/archive_read_support_format_7zip.c. - CVE-2016-8689 * SECURITY UPDATE: denial of service via invalid compressed file size - debian/patches/CVE-2017-5601.patch: add check to libarchive/archive_read_support_format_lha.c. - CVE-2017-5601
applied/ubuntu/precise-devel	2017-03-09 18:33:18 UTC 2017-03-09	Import patches-applied version 3.0.3-6ubuntu1.4 to applied/ubuntu/precise-sec... Author: Marc Deslauriers Author Date: 2017-03-09 16:34:04 UTC Import patches-applied version 3.0.3-6ubuntu1.4 to applied/ubuntu/precise-security Imported using git-ubuntu import. Changelog parent: e8be0bbc247ae848eb753eaae08b76fc37f3cfda Unapplied parent: 0f86878f8bcf4854f0d526228495d2d71fdcf848 New changelog entries: * SECURITY UPDATE: arbitrary file write via hardlink entries - debian/patches/CVE-2016-5418-1.patch: enforce sandbox with very long pathnames in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-2.patch: fix path handling in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-3.patch: add test cases to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/main.c, libarchive/test/test.h, libarchive/test/test_write_disk_secure744.c, libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-4.patch: fix testcases in libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-5.patch: correct PATH_MAX usage in libarchive/archive_write_disk_posix.c. - CVE-2016-5418 * SECURITY UPDATE: denial of service and possible code execution when writing an ISO9660 archive - debian/patches/CVE-2016-6250.patch: check for overflow in libarchive/archive_write_set_format_iso9660.c. - CVE-2016-6250 * SECURITY UPDATE: denial of service via recursive decompression - debian/patches/CVE-2016-7166.patch: limit number of filters in libarchive/archive_read.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_too_many_filters.c, libarchive/test/test_read_too_many_filters.gz.uu. - CVE-2016-7166 * SECURITY UPDATE: denial of service via non-printable multibyte character in a filename - debian/patches/CVE-2016-8687.patch: expand buffer size in tar/util.c. - CVE-2016-8687 * SECURITY UPDATE: denial of service via multiple long lines - debian/patches/CVE-2016-8688.patch: fix bounds in libarchive/archive_read_support_format_mtree.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_mtree_crash747.c, libarchive/test/test_read_format_mtree_crash747.mtree.bz2.uu. - CVE-2016-8688 * SECURITY UPDATE: denial of service via multiple EmptyStream attributes - debian/patches/CVE-2016-8689.patch: reject files with multiple markers in libarchive/archive_read_support_format_7zip.c. - CVE-2016-8689 * SECURITY UPDATE: denial of service via invalid compressed file size - debian/patches/CVE-2017-5601.patch: add check to libarchive/archive_read_support_format_lha.c. - CVE-2017-5601
ubuntu/precise-devel	2017-03-09 18:33:18 UTC 2017-03-09	Import patches-unapplied version 3.0.3-6ubuntu1.4 to ubuntu/precise-security Author: Marc Deslauriers Author Date: 2017-03-09 16:34:04 UTC Import patches-unapplied version 3.0.3-6ubuntu1.4 to ubuntu/precise-security Imported using git-ubuntu import. Changelog parent: 933df5037ca0a4911e7228edae15e96b054c0ba7 New changelog entries: * SECURITY UPDATE: arbitrary file write via hardlink entries - debian/patches/CVE-2016-5418-1.patch: enforce sandbox with very long pathnames in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-2.patch: fix path handling in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-3.patch: add test cases to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/main.c, libarchive/test/test.h, libarchive/test/test_write_disk_secure744.c, libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-4.patch: fix testcases in libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-5.patch: correct PATH_MAX usage in libarchive/archive_write_disk_posix.c. - CVE-2016-5418 * SECURITY UPDATE: denial of service and possible code execution when writing an ISO9660 archive - debian/patches/CVE-2016-6250.patch: check for overflow in libarchive/archive_write_set_format_iso9660.c. - CVE-2016-6250 * SECURITY UPDATE: denial of service via recursive decompression - debian/patches/CVE-2016-7166.patch: limit number of filters in libarchive/archive_read.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_too_many_filters.c, libarchive/test/test_read_too_many_filters.gz.uu. - CVE-2016-7166 * SECURITY UPDATE: denial of service via non-printable multibyte character in a filename - debian/patches/CVE-2016-8687.patch: expand buffer size in tar/util.c. - CVE-2016-8687 * SECURITY UPDATE: denial of service via multiple long lines - debian/patches/CVE-2016-8688.patch: fix bounds in libarchive/archive_read_support_format_mtree.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_mtree_crash747.c, libarchive/test/test_read_format_mtree_crash747.mtree.bz2.uu. - CVE-2016-8688 * SECURITY UPDATE: denial of service via multiple EmptyStream attributes - debian/patches/CVE-2016-8689.patch: reject files with multiple markers in libarchive/archive_read_support_format_7zip.c. - CVE-2016-8689 * SECURITY UPDATE: denial of service via invalid compressed file size - debian/patches/CVE-2017-5601.patch: add check to libarchive/archive_read_support_format_lha.c. - CVE-2017-5601
ubuntu/precise-security	2017-03-09 18:33:18 UTC 2017-03-09	Import patches-unapplied version 3.0.3-6ubuntu1.4 to ubuntu/precise-security Author: Marc Deslauriers Author Date: 2017-03-09 16:34:04 UTC Import patches-unapplied version 3.0.3-6ubuntu1.4 to ubuntu/precise-security Imported using git-ubuntu import. Changelog parent: 933df5037ca0a4911e7228edae15e96b054c0ba7 New changelog entries: * SECURITY UPDATE: arbitrary file write via hardlink entries - debian/patches/CVE-2016-5418-1.patch: enforce sandbox with very long pathnames in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-2.patch: fix path handling in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-3.patch: add test cases to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/main.c, libarchive/test/test.h, libarchive/test/test_write_disk_secure744.c, libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-4.patch: fix testcases in libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-5.patch: correct PATH_MAX usage in libarchive/archive_write_disk_posix.c. - CVE-2016-5418 * SECURITY UPDATE: denial of service and possible code execution when writing an ISO9660 archive - debian/patches/CVE-2016-6250.patch: check for overflow in libarchive/archive_write_set_format_iso9660.c. - CVE-2016-6250 * SECURITY UPDATE: denial of service via recursive decompression - debian/patches/CVE-2016-7166.patch: limit number of filters in libarchive/archive_read.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_too_many_filters.c, libarchive/test/test_read_too_many_filters.gz.uu. - CVE-2016-7166 * SECURITY UPDATE: denial of service via non-printable multibyte character in a filename - debian/patches/CVE-2016-8687.patch: expand buffer size in tar/util.c. - CVE-2016-8687 * SECURITY UPDATE: denial of service via multiple long lines - debian/patches/CVE-2016-8688.patch: fix bounds in libarchive/archive_read_support_format_mtree.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_mtree_crash747.c, libarchive/test/test_read_format_mtree_crash747.mtree.bz2.uu. - CVE-2016-8688 * SECURITY UPDATE: denial of service via multiple EmptyStream attributes - debian/patches/CVE-2016-8689.patch: reject files with multiple markers in libarchive/archive_read_support_format_7zip.c. - CVE-2016-8689 * SECURITY UPDATE: denial of service via invalid compressed file size - debian/patches/CVE-2017-5601.patch: add check to libarchive/archive_read_support_format_lha.c. - CVE-2017-5601
ubuntu/precise-updates	2017-03-09 18:33:18 UTC 2017-03-09	Import patches-unapplied version 3.0.3-6ubuntu1.4 to ubuntu/precise-security Author: Marc Deslauriers Author Date: 2017-03-09 16:34:04 UTC Import patches-unapplied version 3.0.3-6ubuntu1.4 to ubuntu/precise-security Imported using git-ubuntu import. Changelog parent: 933df5037ca0a4911e7228edae15e96b054c0ba7 New changelog entries: * SECURITY UPDATE: arbitrary file write via hardlink entries - debian/patches/CVE-2016-5418-1.patch: enforce sandbox with very long pathnames in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-2.patch: fix path handling in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-3.patch: add test cases to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/main.c, libarchive/test/test.h, libarchive/test/test_write_disk_secure744.c, libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-4.patch: fix testcases in libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-5.patch: correct PATH_MAX usage in libarchive/archive_write_disk_posix.c. - CVE-2016-5418 * SECURITY UPDATE: denial of service and possible code execution when writing an ISO9660 archive - debian/patches/CVE-2016-6250.patch: check for overflow in libarchive/archive_write_set_format_iso9660.c. - CVE-2016-6250 * SECURITY UPDATE: denial of service via recursive decompression - debian/patches/CVE-2016-7166.patch: limit number of filters in libarchive/archive_read.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_too_many_filters.c, libarchive/test/test_read_too_many_filters.gz.uu. - CVE-2016-7166 * SECURITY UPDATE: denial of service via non-printable multibyte character in a filename - debian/patches/CVE-2016-8687.patch: expand buffer size in tar/util.c. - CVE-2016-8687 * SECURITY UPDATE: denial of service via multiple long lines - debian/patches/CVE-2016-8688.patch: fix bounds in libarchive/archive_read_support_format_mtree.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_mtree_crash747.c, libarchive/test/test_read_format_mtree_crash747.mtree.bz2.uu. - CVE-2016-8688 * SECURITY UPDATE: denial of service via multiple EmptyStream attributes - debian/patches/CVE-2016-8689.patch: reject files with multiple markers in libarchive/archive_read_support_format_7zip.c. - CVE-2016-8689 * SECURITY UPDATE: denial of service via invalid compressed file size - debian/patches/CVE-2017-5601.patch: add check to libarchive/archive_read_support_format_lha.c. - CVE-2017-5601
applied/ubuntu/yakkety-updates	2017-03-09 18:33:18 UTC 2017-03-09	Import patches-applied version 3.2.1-2ubuntu0.1 to applied/ubuntu/yakkety-sec... Author: Marc Deslauriers Author Date: 2017-03-09 15:35:20 UTC Import patches-applied version 3.2.1-2ubuntu0.1 to applied/ubuntu/yakkety-security Imported using git-ubuntu import. Changelog parent: 6c1a360f6481bbb2a8a74bce3aed9d1454b92e0a Unapplied parent: e8d30d0307332fb9302715d10d4d91ce8b39b512 New changelog entries: * SECURITY UPDATE: arbitrary file write via hardlink entries - debian/patches/CVE-2016-5418-1.patch: enforce sandbox with very long pathnames in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-2.patch: fix path handling in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-3.patch: add test cases to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/main.c, libarchive/test/test.h, libarchive/test/test_write_disk_secure744.c, libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-4.patch: fix testcases in libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-5.patch: correct PATH_MAX usage in libarchive/archive_write_disk_posix.c. - CVE-2016-5418 * SECURITY UPDATE: denial of service via non-printable multibyte character in a filename - debian/patches/CVE-2016-8687.patch: expand buffer size in tar/util.c. - CVE-2016-8687 * SECURITY UPDATE: denial of service via multiple long lines - debian/patches/CVE-2016-8688.patch: fix bounds in libarchive/archive_read_support_format_mtree.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_mtree_crash747.c, libarchive/test/test_read_format_mtree_crash747.mtree.bz2.uu. - CVE-2016-8688 * SECURITY UPDATE: denial of service via multiple EmptyStream attributes - debian/patches/CVE-2016-8689.patch: reject files with multiple markers in libarchive/archive_read_support_format_7zip.c. - CVE-2016-8689 * SECURITY UPDATE: denial of service via invalid compressed file size - debian/patches/CVE-2017-5601.patch: add check to libarchive/archive_read_support_format_lha.c. - CVE-2017-5601
applied/ubuntu/yakkety-security	2017-03-09 18:33:18 UTC 2017-03-09	Import patches-applied version 3.2.1-2ubuntu0.1 to applied/ubuntu/yakkety-sec... Author: Marc Deslauriers Author Date: 2017-03-09 15:35:20 UTC Import patches-applied version 3.2.1-2ubuntu0.1 to applied/ubuntu/yakkety-security Imported using git-ubuntu import. Changelog parent: 6c1a360f6481bbb2a8a74bce3aed9d1454b92e0a Unapplied parent: e8d30d0307332fb9302715d10d4d91ce8b39b512 New changelog entries: * SECURITY UPDATE: arbitrary file write via hardlink entries - debian/patches/CVE-2016-5418-1.patch: enforce sandbox with very long pathnames in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-2.patch: fix path handling in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-3.patch: add test cases to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/main.c, libarchive/test/test.h, libarchive/test/test_write_disk_secure744.c, libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-4.patch: fix testcases in libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-5.patch: correct PATH_MAX usage in libarchive/archive_write_disk_posix.c. - CVE-2016-5418 * SECURITY UPDATE: denial of service via non-printable multibyte character in a filename - debian/patches/CVE-2016-8687.patch: expand buffer size in tar/util.c. - CVE-2016-8687 * SECURITY UPDATE: denial of service via multiple long lines - debian/patches/CVE-2016-8688.patch: fix bounds in libarchive/archive_read_support_format_mtree.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_mtree_crash747.c, libarchive/test/test_read_format_mtree_crash747.mtree.bz2.uu. - CVE-2016-8688 * SECURITY UPDATE: denial of service via multiple EmptyStream attributes - debian/patches/CVE-2016-8689.patch: reject files with multiple markers in libarchive/archive_read_support_format_7zip.c. - CVE-2016-8689 * SECURITY UPDATE: denial of service via invalid compressed file size - debian/patches/CVE-2017-5601.patch: add check to libarchive/archive_read_support_format_lha.c. - CVE-2017-5601
applied/ubuntu/yakkety-devel	2017-03-09 18:33:18 UTC 2017-03-09	Import patches-applied version 3.2.1-2ubuntu0.1 to applied/ubuntu/yakkety-sec... Author: Marc Deslauriers Author Date: 2017-03-09 15:35:20 UTC Import patches-applied version 3.2.1-2ubuntu0.1 to applied/ubuntu/yakkety-security Imported using git-ubuntu import. Changelog parent: 6c1a360f6481bbb2a8a74bce3aed9d1454b92e0a Unapplied parent: e8d30d0307332fb9302715d10d4d91ce8b39b512 New changelog entries: * SECURITY UPDATE: arbitrary file write via hardlink entries - debian/patches/CVE-2016-5418-1.patch: enforce sandbox with very long pathnames in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-2.patch: fix path handling in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-3.patch: add test cases to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/main.c, libarchive/test/test.h, libarchive/test/test_write_disk_secure744.c, libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-4.patch: fix testcases in libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-5.patch: correct PATH_MAX usage in libarchive/archive_write_disk_posix.c. - CVE-2016-5418 * SECURITY UPDATE: denial of service via non-printable multibyte character in a filename - debian/patches/CVE-2016-8687.patch: expand buffer size in tar/util.c. - CVE-2016-8687 * SECURITY UPDATE: denial of service via multiple long lines - debian/patches/CVE-2016-8688.patch: fix bounds in libarchive/archive_read_support_format_mtree.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_mtree_crash747.c, libarchive/test/test_read_format_mtree_crash747.mtree.bz2.uu. - CVE-2016-8688 * SECURITY UPDATE: denial of service via multiple EmptyStream attributes - debian/patches/CVE-2016-8689.patch: reject files with multiple markers in libarchive/archive_read_support_format_7zip.c. - CVE-2016-8689 * SECURITY UPDATE: denial of service via invalid compressed file size - debian/patches/CVE-2017-5601.patch: add check to libarchive/archive_read_support_format_lha.c. - CVE-2017-5601
ubuntu/yakkety-security	2017-03-09 18:33:18 UTC 2017-03-09	Import patches-unapplied version 3.2.1-2ubuntu0.1 to ubuntu/yakkety-security Author: Marc Deslauriers Author Date: 2017-03-09 15:35:20 UTC Import patches-unapplied version 3.2.1-2ubuntu0.1 to ubuntu/yakkety-security Imported using git-ubuntu import. Changelog parent: d3d704c1bc791ad9e8d86fb5c57a8a7ba2f21b2f New changelog entries: * SECURITY UPDATE: arbitrary file write via hardlink entries - debian/patches/CVE-2016-5418-1.patch: enforce sandbox with very long pathnames in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-2.patch: fix path handling in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-3.patch: add test cases to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/main.c, libarchive/test/test.h, libarchive/test/test_write_disk_secure744.c, libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-4.patch: fix testcases in libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-5.patch: correct PATH_MAX usage in libarchive/archive_write_disk_posix.c. - CVE-2016-5418 * SECURITY UPDATE: denial of service via non-printable multibyte character in a filename - debian/patches/CVE-2016-8687.patch: expand buffer size in tar/util.c. - CVE-2016-8687 * SECURITY UPDATE: denial of service via multiple long lines - debian/patches/CVE-2016-8688.patch: fix bounds in libarchive/archive_read_support_format_mtree.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_mtree_crash747.c, libarchive/test/test_read_format_mtree_crash747.mtree.bz2.uu. - CVE-2016-8688 * SECURITY UPDATE: denial of service via multiple EmptyStream attributes - debian/patches/CVE-2016-8689.patch: reject files with multiple markers in libarchive/archive_read_support_format_7zip.c. - CVE-2016-8689 * SECURITY UPDATE: denial of service via invalid compressed file size - debian/patches/CVE-2017-5601.patch: add check to libarchive/archive_read_support_format_lha.c. - CVE-2017-5601
ubuntu/yakkety-devel	2017-03-09 18:33:18 UTC 2017-03-09	Import patches-unapplied version 3.2.1-2ubuntu0.1 to ubuntu/yakkety-security Author: Marc Deslauriers Author Date: 2017-03-09 15:35:20 UTC Import patches-unapplied version 3.2.1-2ubuntu0.1 to ubuntu/yakkety-security Imported using git-ubuntu import. Changelog parent: d3d704c1bc791ad9e8d86fb5c57a8a7ba2f21b2f New changelog entries: * SECURITY UPDATE: arbitrary file write via hardlink entries - debian/patches/CVE-2016-5418-1.patch: enforce sandbox with very long pathnames in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-2.patch: fix path handling in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-3.patch: add test cases to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/main.c, libarchive/test/test.h, libarchive/test/test_write_disk_secure744.c, libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-4.patch: fix testcases in libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-5.patch: correct PATH_MAX usage in libarchive/archive_write_disk_posix.c. - CVE-2016-5418 * SECURITY UPDATE: denial of service via non-printable multibyte character in a filename - debian/patches/CVE-2016-8687.patch: expand buffer size in tar/util.c. - CVE-2016-8687 * SECURITY UPDATE: denial of service via multiple long lines - debian/patches/CVE-2016-8688.patch: fix bounds in libarchive/archive_read_support_format_mtree.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_mtree_crash747.c, libarchive/test/test_read_format_mtree_crash747.mtree.bz2.uu. - CVE-2016-8688 * SECURITY UPDATE: denial of service via multiple EmptyStream attributes - debian/patches/CVE-2016-8689.patch: reject files with multiple markers in libarchive/archive_read_support_format_7zip.c. - CVE-2016-8689 * SECURITY UPDATE: denial of service via invalid compressed file size - debian/patches/CVE-2017-5601.patch: add check to libarchive/archive_read_support_format_lha.c. - CVE-2017-5601
ubuntu/yakkety-updates	2017-03-09 18:33:18 UTC 2017-03-09	Import patches-unapplied version 3.2.1-2ubuntu0.1 to ubuntu/yakkety-security Author: Marc Deslauriers Author Date: 2017-03-09 15:35:20 UTC Import patches-unapplied version 3.2.1-2ubuntu0.1 to ubuntu/yakkety-security Imported using git-ubuntu import. Changelog parent: d3d704c1bc791ad9e8d86fb5c57a8a7ba2f21b2f New changelog entries: * SECURITY UPDATE: arbitrary file write via hardlink entries - debian/patches/CVE-2016-5418-1.patch: enforce sandbox with very long pathnames in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-2.patch: fix path handling in libarchive/archive_write_disk_posix.c. - debian/patches/CVE-2016-5418-3.patch: add test cases to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/main.c, libarchive/test/test.h, libarchive/test/test_write_disk_secure744.c, libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-4.patch: fix testcases in libarchive/test/test_write_disk_secure745.c, libarchive/test/test_write_disk_secure746.c. - debian/patches/CVE-2016-5418-5.patch: correct PATH_MAX usage in libarchive/archive_write_disk_posix.c. - CVE-2016-5418 * SECURITY UPDATE: denial of service via non-printable multibyte character in a filename - debian/patches/CVE-2016-8687.patch: expand buffer size in tar/util.c. - CVE-2016-8687 * SECURITY UPDATE: denial of service via multiple long lines - debian/patches/CVE-2016-8688.patch: fix bounds in libarchive/archive_read_support_format_mtree.c, added test to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_mtree_crash747.c, libarchive/test/test_read_format_mtree_crash747.mtree.bz2.uu. - CVE-2016-8688 * SECURITY UPDATE: denial of service via multiple EmptyStream attributes - debian/patches/CVE-2016-8689.patch: reject files with multiple markers in libarchive/archive_read_support_format_7zip.c. - CVE-2016-8689 * SECURITY UPDATE: denial of service via invalid compressed file size - debian/patches/CVE-2017-5601.patch: add check to libarchive/archive_read_support_format_lha.c. - CVE-2017-5601
debian/jessie	2017-01-14 17:26:24 UTC 2017-01-14	Import patches-unapplied version 3.1.2-11+deb8u3 to debian/jessie Author: Salvatore Bonaccorso Author Date: 2016-09-24 11:25:26 UTC Import patches-unapplied version 3.1.2-11+deb8u3 to debian/jessie Imported using git-ubuntu import. Changelog parent: 8645d67b774100884ae5b53e5f38b5450e603ff8 New changelog entries: * Non-maintainer upload by the Security Team. * CVE-2016-7166: Denial of service using a crafted gzip file * CVE-2016-6250: Integer overflow in the ISO9660 writer * CVE-2016-5418: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite (Closes: #837714)
applied/debian/jessie	2017-01-14 17:26:24 UTC 2017-01-14	Import patches-applied version 3.1.2-11+deb8u3 to applied/debian/jessie Author: Salvatore Bonaccorso Author Date: 2016-09-24 11:25:26 UTC Import patches-applied version 3.1.2-11+deb8u3 to applied/debian/jessie Imported using git-ubuntu import. Changelog parent: a41ffd4ffd8e7de7e8df44fd38263f2bf1fdc27e Unapplied parent: aff21464baeb61a8ae68a805c299d096b918d170 New changelog entries: * Non-maintainer upload by the Security Team. * CVE-2016-7166: Denial of service using a crafted gzip file * CVE-2016-6250: Integer overflow in the ISO9660 writer * CVE-2016-5418: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite (Closes: #837714)
applied/ubuntu/xenial-backports	2016-07-28 14:39:24 UTC 2016-07-28	Import patches-applied version 3.2.1-2~ubuntu16.04.1 to applied/ubuntu/xenial... Author: Iain Lane Author Date: 2016-07-28 13:28:03 UTC Import patches-applied version 3.2.1-2~ubuntu16.04.1 to applied/ubuntu/xenial-backports Imported using git-ubuntu import. Changelog parent: 6c1a360f6481bbb2a8a74bce3aed9d1454b92e0a Unapplied parent: 25dcc5aaac70380e9139f63cedf9cded58ac57cd New changelog entries: * No-change backport to xenial (LP: #1607385)
ubuntu/xenial-backports	2016-07-28 14:39:24 UTC 2016-07-28	Import patches-unapplied version 3.2.1-2~ubuntu16.04.1 to ubuntu/xenial-backp... Author: Iain Lane Author Date: 2016-07-28 13:28:03 UTC Import patches-unapplied version 3.2.1-2~ubuntu16.04.1 to ubuntu/xenial-backports Imported using git-ubuntu import. Changelog parent: d3d704c1bc791ad9e8d86fb5c57a8a7ba2f21b2f New changelog entries: * No-change backport to xenial (LP: #1607385)
applied/ubuntu/yakkety-proposed	2016-07-26 16:14:04 UTC 2016-07-26	Import patches-applied version 3.2.1-2 to applied/debian/sid Author: Andreas Henriksson Author Date: 2016-07-25 15:54:13 UTC Import patches-applied version 3.2.1-2 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 2b20c1d61077c1462310f49a3460643ef33e7a31 Unapplied parent: b983d8c6ab8fba36b9c17b85eec5f7ca8d9d9d7b New changelog entries: * The "welcome Peter to the team" upload [ Peter Pentchev ] * Declare compliancy with Debian Policy 3.9.8 with no changes. * Remove the "XS-Testsuite: autopkgtest" header from the control file: it has not been "XS-" for some time, and it is added by default by dpkg-1.17.11 when debian/tests/control is present. * Use the HTTPS scheme for the Alioth VCS URLs. * Switch to Alioth's cgit in the Vcs-Browser source control field. * Convert the copyright file to the machine-readable format. * Fill in the upstream metadata file. * Enable full build hardening. * Pass --as-needed to the linker to avoid overlinking. * Bump the debhelper build dependency to version 9 to reflect the debhelper compatibility level and drop the now-unused Lintian override. * Fold the bsdtar and bsdcpio packages into the new libarchive-tools binary package and install bsdcat into it, too. Make bsdtar and bsdcpio transitional dummy packages. * Drop the Breaks and Replaces relations to libarchive1, it's not even in oldstable any more. * Drop the misc:Pre-Depends that were needed for the multi-arch transition; dpkg-dev adds them automatically now. * Fix a typo in README.Debian. * Add an upstream patch to replace the use of SIGRTMAX with something that calculates the exact value of the highest signal actually used; hopefully this fixes the FTBFS on the GNU Hurd. * Drop the outdated and unused SONAME mismatch Lintian override. * Re-enable the use of minitar for extraction, too, in the CI test; keep the untar test for completeness. * Add the Typos patch to fix a couple of typographical errors. * Add the Candidate patch to fix a typographical error in a structure member field and, consequently, update all references to it. * Add the CPPCheck patch to fix some issues reported by cppcheck. [ Andreas Henriksson ] * Add Peter Pentchev to Uploaders
applied/ubuntu/yakkety	2016-07-26 16:14:04 UTC 2016-07-26	Import patches-applied version 3.2.1-2 to applied/debian/sid Author: Andreas Henriksson Author Date: 2016-07-25 15:54:13 UTC Import patches-applied version 3.2.1-2 to applied/debian/sid Imported using git-ubuntu import. Changelog parent: 2b20c1d61077c1462310f49a3460643ef33e7a31 Unapplied parent: b983d8c6ab8fba36b9c17b85eec5f7ca8d9d9d7b New changelog entries: * The "welcome Peter to the team" upload [ Peter Pentchev ] * Declare compliancy with Debian Policy 3.9.8 with no changes. * Remove the "XS-Testsuite: autopkgtest" header from the control file: it has not been "XS-" for some time, and it is added by default by dpkg-1.17.11 when debian/tests/control is present. * Use the HTTPS scheme for the Alioth VCS URLs. * Switch to Alioth's cgit in the Vcs-Browser source control field. * Convert the copyright file to the machine-readable format. * Fill in the upstream metadata file. * Enable full build hardening. * Pass --as-needed to the linker to avoid overlinking. * Bump the debhelper build dependency to version 9 to reflect the debhelper compatibility level and drop the now-unused Lintian override. * Fold the bsdtar and bsdcpio packages into the new libarchive-tools binary package and install bsdcat into it, too. Make bsdtar and bsdcpio transitional dummy packages. * Drop the Breaks and Replaces relations to libarchive1, it's not even in oldstable any more. * Drop the misc:Pre-Depends that were needed for the multi-arch transition; dpkg-dev adds them automatically now. * Fix a typo in README.Debian. * Add an upstream patch to replace the use of SIGRTMAX with something that calculates the exact value of the highest signal actually used; hopefully this fixes the FTBFS on the GNU Hurd. * Drop the outdated and unused SONAME mismatch Lintian override. * Re-enable the use of minitar for extraction, too, in the CI test; keep the untar test for completeness. * Add the Typos patch to fix a couple of typographical errors. * Add the Candidate patch to fix a typographical error in a structure member field and, consequently, update all references to it. * Add the CPPCheck patch to fix some issues reported by cppcheck. [ Andreas Henriksson ] * Add Peter Pentchev to Uploaders
ubuntu/yakkety	2016-07-26 16:14:04 UTC 2016-07-26	Import patches-unapplied version 3.2.1-2 to debian/sid Author: Andreas Henriksson Author Date: 2016-07-25 15:54:13 UTC Import patches-unapplied version 3.2.1-2 to debian/sid Imported using git-ubuntu import. Changelog parent: c33e09b3ff021ee0132abdaa7374234e6f76da91 New changelog entries: * The "welcome Peter to the team" upload [ Peter Pentchev ] * Declare compliancy with Debian Policy 3.9.8 with no changes. * Remove the "XS-Testsuite: autopkgtest" header from the control file: it has not been "XS-" for some time, and it is added by default by dpkg-1.17.11 when debian/tests/control is present. * Use the HTTPS scheme for the Alioth VCS URLs. * Switch to Alioth's cgit in the Vcs-Browser source control field. * Convert the copyright file to the machine-readable format. * Fill in the upstream metadata file. * Enable full build hardening. * Pass --as-needed to the linker to avoid overlinking. * Bump the debhelper build dependency to version 9 to reflect the debhelper compatibility level and drop the now-unused Lintian override. * Fold the bsdtar and bsdcpio packages into the new libarchive-tools binary package and install bsdcat into it, too. Make bsdtar and bsdcpio transitional dummy packages. * Drop the Breaks and Replaces relations to libarchive1, it's not even in oldstable any more. * Drop the misc:Pre-Depends that were needed for the multi-arch transition; dpkg-dev adds them automatically now. * Fix a typo in README.Debian. * Add an upstream patch to replace the use of SIGRTMAX with something that calculates the exact value of the highest signal actually used; hopefully this fixes the FTBFS on the GNU Hurd. * Drop the outdated and unused SONAME mismatch Lintian override. * Re-enable the use of minitar for extraction, too, in the CI test; keep the untar test for completeness. * Add the Typos patch to fix a couple of typographical errors. * Add the Candidate patch to fix a typographical error in a structure member field and, consequently, update all references to it. * Add the CPPCheck patch to fix some issues reported by cppcheck. [ Andreas Henriksson ] * Add Peter Pentchev to Uploaders
ubuntu/yakkety-proposed	2016-07-26 16:14:04 UTC 2016-07-26	Import patches-unapplied version 3.2.1-2 to debian/sid Author: Andreas Henriksson Author Date: 2016-07-25 15:54:13 UTC Import patches-unapplied version 3.2.1-2 to debian/sid Imported using git-ubuntu import. Changelog parent: c33e09b3ff021ee0132abdaa7374234e6f76da91 New changelog entries: * The "welcome Peter to the team" upload [ Peter Pentchev ] * Declare compliancy with Debian Policy 3.9.8 with no changes. * Remove the "XS-Testsuite: autopkgtest" header from the control file: it has not been "XS-" for some time, and it is added by default by dpkg-1.17.11 when debian/tests/control is present. * Use the HTTPS scheme for the Alioth VCS URLs. * Switch to Alioth's cgit in the Vcs-Browser source control field. * Convert the copyright file to the machine-readable format. * Fill in the upstream metadata file. * Enable full build hardening. * Pass --as-needed to the linker to avoid overlinking. * Bump the debhelper build dependency to version 9 to reflect the debhelper compatibility level and drop the now-unused Lintian override. * Fold the bsdtar and bsdcpio packages into the new libarchive-tools binary package and install bsdcat into it, too. Make bsdtar and bsdcpio transitional dummy packages. * Drop the Breaks and Replaces relations to libarchive1, it's not even in oldstable any more. * Drop the misc:Pre-Depends that were needed for the multi-arch transition; dpkg-dev adds them automatically now. * Fix a typo in README.Debian. * Add an upstream patch to replace the use of SIGRTMAX with something that calculates the exact value of the highest signal actually used; hopefully this fixes the FTBFS on the GNU Hurd. * Drop the outdated and unused SONAME mismatch Lintian override. * Re-enable the use of minitar for extraction, too, in the CI test; keep the untar test for completeness. * Add the Typos patch to fix a couple of typographical errors. * Add the Candidate patch to fix a typographical error in a structure member field and, consequently, update all references to it. * Add the CPPCheck patch to fix some issues reported by cppcheck. [ Andreas Henriksson ] * Add Peter Pentchev to Uploaders
applied/ubuntu/wily-updates	2016-07-14 19:05:29 UTC 2016-07-14	Import patches-applied version 3.1.2-11ubuntu0.15.10.2 to applied/ubuntu/wily... Author: Marc Deslauriers Author Date: 2016-07-13 15:17:13 UTC Import patches-applied version 3.1.2-11ubuntu0.15.10.2 to applied/ubuntu/wily-security Imported using git-ubuntu import. Changelog parent: c76ebafcdddd2ee23eff8b0767e6fd1d2b1d2d1b Unapplied parent: cf9f88c52b5282d7929c086034da3460fb489736 New changelog entries: * SECURITY UPDATE: denial of service via malformed rar or cab files - debian/patches/CVE-2015-8916.patch: ignore entries with empty filenames in tar/read.c. - CVE-2015-8916 - CVE-2015-8917 * SECURITY UPDATE: denial of service via malformed lzh file - debian/patches/CVE-2015-8919.patch: recognize empty dir name in libarchive/archive_read_support_format_lha.c. - CVE-2015-8919 * SECURITY UPDATE: buffer underflow parsing ar header - debian/patches/CVE-2015-8920.patch: check for empty filenames in libarchive/archive_read_support_format_ar.c. - CVE-2015-8920 * SECURITY UPDATE: read past end of string parsing - debian/patches/CVE-2015-8921.patch: properly calculate string length in libarchive/archive_entry.c. - CVE-2015-8921 * SECURITY UPDATE: segfault on malformed 7z archive - debian/patches/CVE-2015-8922.patch: reject some malformed files in libarchive/archive_read_support_format_7zip.c, added tests to Makefile.am, libarchive/test/test_read_format_7zip_malformed.7z.uu, libarchive/test/test_read_format_7zip_malformed.c, libarchive/test/test_read_format_7zip_malformed2.7z.uu, libarchive/test/CMakeLists.txt. - CVE-2015-8922 * SECURITY UPDATE: segfault on malformed Zip archive - debian/patches/CVE-2015-8923.patch: properly handle sizes in libarchive/archive_read_support_format_zip.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_zip_malformed.c, libarchive/test/test_read_format_zip_malformed1.zip.uu. - CVE-2015-8923 * SECURITY UPDATE: buffer overflow when processing tar files - debian/patches/CVE-2015-8924.patch: properly handle empty filenames in libarchive/archive_read_support_format_tar.c. - CVE-2015-8924 * SECURITY UPDATE: improper newline parsing - debian/patches/CVE-2015-8925.patch: fix escaped newline parsing in libarchive/archive_read_support_format_mtree.c, added tests to libarchive/test/test_read_format_mtree.c, libarchive/test/test_read_format_mtree.mtree.uu. - CVE-2015-8925 * SECURITY UPDATE: segfault on invalid rar archive - debian/patches/CVE-2015-8926.patch: properly handle return code in libarchive/archive_read_support_format_rar.c. - CVE-2015-8926 * SECURITY UPDATE: out-of-bounds read in mtree - debian/patches/CVE-2015-8928.patch: properly handle filename parsing in libarchive/archive_read_support_format_mtree.c. - CVE-2015-8928 * SECURITY UPDATE: segfault via dir loop in malformed ISO - debian/patches/CVE-2015-8930.patch: limit recursion in libarchive/archive_read_support_format_iso9660.c. - CVE-2015-8930 * SECURITY UPDATE: integer overflow parsing time values - debian/patches/CVE-2015-8931.patch: fix time handling in libarchive/archive_read_support_format_mtree.c. - CVE-2015-8931 * SECURITY UPDATE: crash via invalid compressed data - debian/patches/CVE-2015-8932.patch: add more checks to libarchive/archive_read_support_filter_compress.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_filter_compress.c. - CVE-2015-8932 * SECURITY UPDATE: integer overflow via negative-sized sparse blocks - debian/patches/CVE-2015-8933.patch: add check to libarchive/archive_read_support_format_tar.c. - CVE-2015-8933 * SECURITY UPDATE: heap overflow parsing malformed tar archives - debian/patches/CVE-2015-8934.patch: properly check reading from lzss decompression buffer in libarchive/archive_read_support_format_rar.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_rar_invalid1.c, libarchive/test/test_read_format_rar_invalid1.rar.uu. - CVE-2015-8934 * SECURITY UPDATE: overflow reading 7-Zip with large number of substreams - debian/patches/CVE-2016-4300.patch: add another limit to libarchive/archive_read_support_format_7zip.c. - CVE-2016-4300 * SECURITY UPDATE: crash via rar files with zero dictionary size - debian/patches/CVE-2016-4302.patch: handle zero-sized disctionary in libarchive/archive_ppmd7.c, libarchive/archive_read_support_format_rar.c. - CVE-2016-4302 * SECURITY UPDATE: memory allocation issues with large cpio symlinks - debian/patches/CVE-2016-4809.patch: reject large symlinks in libarchive/archive_read_support_format_cpio.c. - CVE-2016-4809 * SECURITY UPDATE: integer overflow when computing volume descriptor - debian/patches/CVE-2016-5844.patch: fix multiplications in libarchive/archive_read_support_format_iso9660.c. - CVE-2016-5844
applied/ubuntu/wily-security	2016-07-14 19:05:29 UTC 2016-07-14	Import patches-applied version 3.1.2-11ubuntu0.15.10.2 to applied/ubuntu/wily... Author: Marc Deslauriers Author Date: 2016-07-13 15:17:13 UTC Import patches-applied version 3.1.2-11ubuntu0.15.10.2 to applied/ubuntu/wily-security Imported using git-ubuntu import. Changelog parent: c76ebafcdddd2ee23eff8b0767e6fd1d2b1d2d1b Unapplied parent: cf9f88c52b5282d7929c086034da3460fb489736 New changelog entries: * SECURITY UPDATE: denial of service via malformed rar or cab files - debian/patches/CVE-2015-8916.patch: ignore entries with empty filenames in tar/read.c. - CVE-2015-8916 - CVE-2015-8917 * SECURITY UPDATE: denial of service via malformed lzh file - debian/patches/CVE-2015-8919.patch: recognize empty dir name in libarchive/archive_read_support_format_lha.c. - CVE-2015-8919 * SECURITY UPDATE: buffer underflow parsing ar header - debian/patches/CVE-2015-8920.patch: check for empty filenames in libarchive/archive_read_support_format_ar.c. - CVE-2015-8920 * SECURITY UPDATE: read past end of string parsing - debian/patches/CVE-2015-8921.patch: properly calculate string length in libarchive/archive_entry.c. - CVE-2015-8921 * SECURITY UPDATE: segfault on malformed 7z archive - debian/patches/CVE-2015-8922.patch: reject some malformed files in libarchive/archive_read_support_format_7zip.c, added tests to Makefile.am, libarchive/test/test_read_format_7zip_malformed.7z.uu, libarchive/test/test_read_format_7zip_malformed.c, libarchive/test/test_read_format_7zip_malformed2.7z.uu, libarchive/test/CMakeLists.txt. - CVE-2015-8922 * SECURITY UPDATE: segfault on malformed Zip archive - debian/patches/CVE-2015-8923.patch: properly handle sizes in libarchive/archive_read_support_format_zip.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_zip_malformed.c, libarchive/test/test_read_format_zip_malformed1.zip.uu. - CVE-2015-8923 * SECURITY UPDATE: buffer overflow when processing tar files - debian/patches/CVE-2015-8924.patch: properly handle empty filenames in libarchive/archive_read_support_format_tar.c. - CVE-2015-8924 * SECURITY UPDATE: improper newline parsing - debian/patches/CVE-2015-8925.patch: fix escaped newline parsing in libarchive/archive_read_support_format_mtree.c, added tests to libarchive/test/test_read_format_mtree.c, libarchive/test/test_read_format_mtree.mtree.uu. - CVE-2015-8925 * SECURITY UPDATE: segfault on invalid rar archive - debian/patches/CVE-2015-8926.patch: properly handle return code in libarchive/archive_read_support_format_rar.c. - CVE-2015-8926 * SECURITY UPDATE: out-of-bounds read in mtree - debian/patches/CVE-2015-8928.patch: properly handle filename parsing in libarchive/archive_read_support_format_mtree.c. - CVE-2015-8928 * SECURITY UPDATE: segfault via dir loop in malformed ISO - debian/patches/CVE-2015-8930.patch: limit recursion in libarchive/archive_read_support_format_iso9660.c. - CVE-2015-8930 * SECURITY UPDATE: integer overflow parsing time values - debian/patches/CVE-2015-8931.patch: fix time handling in libarchive/archive_read_support_format_mtree.c. - CVE-2015-8931 * SECURITY UPDATE: crash via invalid compressed data - debian/patches/CVE-2015-8932.patch: add more checks to libarchive/archive_read_support_filter_compress.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_filter_compress.c. - CVE-2015-8932 * SECURITY UPDATE: integer overflow via negative-sized sparse blocks - debian/patches/CVE-2015-8933.patch: add check to libarchive/archive_read_support_format_tar.c. - CVE-2015-8933 * SECURITY UPDATE: heap overflow parsing malformed tar archives - debian/patches/CVE-2015-8934.patch: properly check reading from lzss decompression buffer in libarchive/archive_read_support_format_rar.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_rar_invalid1.c, libarchive/test/test_read_format_rar_invalid1.rar.uu. - CVE-2015-8934 * SECURITY UPDATE: overflow reading 7-Zip with large number of substreams - debian/patches/CVE-2016-4300.patch: add another limit to libarchive/archive_read_support_format_7zip.c. - CVE-2016-4300 * SECURITY UPDATE: crash via rar files with zero dictionary size - debian/patches/CVE-2016-4302.patch: handle zero-sized disctionary in libarchive/archive_ppmd7.c, libarchive/archive_read_support_format_rar.c. - CVE-2016-4302 * SECURITY UPDATE: memory allocation issues with large cpio symlinks - debian/patches/CVE-2016-4809.patch: reject large symlinks in libarchive/archive_read_support_format_cpio.c. - CVE-2016-4809 * SECURITY UPDATE: integer overflow when computing volume descriptor - debian/patches/CVE-2016-5844.patch: fix multiplications in libarchive/archive_read_support_format_iso9660.c. - CVE-2016-5844
applied/ubuntu/wily-devel	2016-07-14 19:05:29 UTC 2016-07-14	Import patches-applied version 3.1.2-11ubuntu0.15.10.2 to applied/ubuntu/wily... Author: Marc Deslauriers Author Date: 2016-07-13 15:17:13 UTC Import patches-applied version 3.1.2-11ubuntu0.15.10.2 to applied/ubuntu/wily-security Imported using git-ubuntu import. Changelog parent: c76ebafcdddd2ee23eff8b0767e6fd1d2b1d2d1b Unapplied parent: cf9f88c52b5282d7929c086034da3460fb489736 New changelog entries: * SECURITY UPDATE: denial of service via malformed rar or cab files - debian/patches/CVE-2015-8916.patch: ignore entries with empty filenames in tar/read.c. - CVE-2015-8916 - CVE-2015-8917 * SECURITY UPDATE: denial of service via malformed lzh file - debian/patches/CVE-2015-8919.patch: recognize empty dir name in libarchive/archive_read_support_format_lha.c. - CVE-2015-8919 * SECURITY UPDATE: buffer underflow parsing ar header - debian/patches/CVE-2015-8920.patch: check for empty filenames in libarchive/archive_read_support_format_ar.c. - CVE-2015-8920 * SECURITY UPDATE: read past end of string parsing - debian/patches/CVE-2015-8921.patch: properly calculate string length in libarchive/archive_entry.c. - CVE-2015-8921 * SECURITY UPDATE: segfault on malformed 7z archive - debian/patches/CVE-2015-8922.patch: reject some malformed files in libarchive/archive_read_support_format_7zip.c, added tests to Makefile.am, libarchive/test/test_read_format_7zip_malformed.7z.uu, libarchive/test/test_read_format_7zip_malformed.c, libarchive/test/test_read_format_7zip_malformed2.7z.uu, libarchive/test/CMakeLists.txt. - CVE-2015-8922 * SECURITY UPDATE: segfault on malformed Zip archive - debian/patches/CVE-2015-8923.patch: properly handle sizes in libarchive/archive_read_support_format_zip.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_zip_malformed.c, libarchive/test/test_read_format_zip_malformed1.zip.uu. - CVE-2015-8923 * SECURITY UPDATE: buffer overflow when processing tar files - debian/patches/CVE-2015-8924.patch: properly handle empty filenames in libarchive/archive_read_support_format_tar.c. - CVE-2015-8924 * SECURITY UPDATE: improper newline parsing - debian/patches/CVE-2015-8925.patch: fix escaped newline parsing in libarchive/archive_read_support_format_mtree.c, added tests to libarchive/test/test_read_format_mtree.c, libarchive/test/test_read_format_mtree.mtree.uu. - CVE-2015-8925 * SECURITY UPDATE: segfault on invalid rar archive - debian/patches/CVE-2015-8926.patch: properly handle return code in libarchive/archive_read_support_format_rar.c. - CVE-2015-8926 * SECURITY UPDATE: out-of-bounds read in mtree - debian/patches/CVE-2015-8928.patch: properly handle filename parsing in libarchive/archive_read_support_format_mtree.c. - CVE-2015-8928 * SECURITY UPDATE: segfault via dir loop in malformed ISO - debian/patches/CVE-2015-8930.patch: limit recursion in libarchive/archive_read_support_format_iso9660.c. - CVE-2015-8930 * SECURITY UPDATE: integer overflow parsing time values - debian/patches/CVE-2015-8931.patch: fix time handling in libarchive/archive_read_support_format_mtree.c. - CVE-2015-8931 * SECURITY UPDATE: crash via invalid compressed data - debian/patches/CVE-2015-8932.patch: add more checks to libarchive/archive_read_support_filter_compress.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_filter_compress.c. - CVE-2015-8932 * SECURITY UPDATE: integer overflow via negative-sized sparse blocks - debian/patches/CVE-2015-8933.patch: add check to libarchive/archive_read_support_format_tar.c. - CVE-2015-8933 * SECURITY UPDATE: heap overflow parsing malformed tar archives - debian/patches/CVE-2015-8934.patch: properly check reading from lzss decompression buffer in libarchive/archive_read_support_format_rar.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_rar_invalid1.c, libarchive/test/test_read_format_rar_invalid1.rar.uu. - CVE-2015-8934 * SECURITY UPDATE: overflow reading 7-Zip with large number of substreams - debian/patches/CVE-2016-4300.patch: add another limit to libarchive/archive_read_support_format_7zip.c. - CVE-2016-4300 * SECURITY UPDATE: crash via rar files with zero dictionary size - debian/patches/CVE-2016-4302.patch: handle zero-sized disctionary in libarchive/archive_ppmd7.c, libarchive/archive_read_support_format_rar.c. - CVE-2016-4302 * SECURITY UPDATE: memory allocation issues with large cpio symlinks - debian/patches/CVE-2016-4809.patch: reject large symlinks in libarchive/archive_read_support_format_cpio.c. - CVE-2016-4809 * SECURITY UPDATE: integer overflow when computing volume descriptor - debian/patches/CVE-2016-5844.patch: fix multiplications in libarchive/archive_read_support_format_iso9660.c. - CVE-2016-5844
ubuntu/wily-updates	2016-07-14 19:05:29 UTC 2016-07-14	Import patches-unapplied version 3.1.2-11ubuntu0.15.10.2 to ubuntu/wily-security Author: Marc Deslauriers Author Date: 2016-07-13 15:17:13 UTC Import patches-unapplied version 3.1.2-11ubuntu0.15.10.2 to ubuntu/wily-security Imported using git-ubuntu import. Changelog parent: 4611965fd7986146fe73c4222e2a9f76ce1edf47 New changelog entries: * SECURITY UPDATE: denial of service via malformed rar or cab files - debian/patches/CVE-2015-8916.patch: ignore entries with empty filenames in tar/read.c. - CVE-2015-8916 - CVE-2015-8917 * SECURITY UPDATE: denial of service via malformed lzh file - debian/patches/CVE-2015-8919.patch: recognize empty dir name in libarchive/archive_read_support_format_lha.c. - CVE-2015-8919 * SECURITY UPDATE: buffer underflow parsing ar header - debian/patches/CVE-2015-8920.patch: check for empty filenames in libarchive/archive_read_support_format_ar.c. - CVE-2015-8920 * SECURITY UPDATE: read past end of string parsing - debian/patches/CVE-2015-8921.patch: properly calculate string length in libarchive/archive_entry.c. - CVE-2015-8921 * SECURITY UPDATE: segfault on malformed 7z archive - debian/patches/CVE-2015-8922.patch: reject some malformed files in libarchive/archive_read_support_format_7zip.c, added tests to Makefile.am, libarchive/test/test_read_format_7zip_malformed.7z.uu, libarchive/test/test_read_format_7zip_malformed.c, libarchive/test/test_read_format_7zip_malformed2.7z.uu, libarchive/test/CMakeLists.txt. - CVE-2015-8922 * SECURITY UPDATE: segfault on malformed Zip archive - debian/patches/CVE-2015-8923.patch: properly handle sizes in libarchive/archive_read_support_format_zip.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_zip_malformed.c, libarchive/test/test_read_format_zip_malformed1.zip.uu. - CVE-2015-8923 * SECURITY UPDATE: buffer overflow when processing tar files - debian/patches/CVE-2015-8924.patch: properly handle empty filenames in libarchive/archive_read_support_format_tar.c. - CVE-2015-8924 * SECURITY UPDATE: improper newline parsing - debian/patches/CVE-2015-8925.patch: fix escaped newline parsing in libarchive/archive_read_support_format_mtree.c, added tests to libarchive/test/test_read_format_mtree.c, libarchive/test/test_read_format_mtree.mtree.uu. - CVE-2015-8925 * SECURITY UPDATE: segfault on invalid rar archive - debian/patches/CVE-2015-8926.patch: properly handle return code in libarchive/archive_read_support_format_rar.c. - CVE-2015-8926 * SECURITY UPDATE: out-of-bounds read in mtree - debian/patches/CVE-2015-8928.patch: properly handle filename parsing in libarchive/archive_read_support_format_mtree.c. - CVE-2015-8928 * SECURITY UPDATE: segfault via dir loop in malformed ISO - debian/patches/CVE-2015-8930.patch: limit recursion in libarchive/archive_read_support_format_iso9660.c. - CVE-2015-8930 * SECURITY UPDATE: integer overflow parsing time values - debian/patches/CVE-2015-8931.patch: fix time handling in libarchive/archive_read_support_format_mtree.c. - CVE-2015-8931 * SECURITY UPDATE: crash via invalid compressed data - debian/patches/CVE-2015-8932.patch: add more checks to libarchive/archive_read_support_filter_compress.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_filter_compress.c. - CVE-2015-8932 * SECURITY UPDATE: integer overflow via negative-sized sparse blocks - debian/patches/CVE-2015-8933.patch: add check to libarchive/archive_read_support_format_tar.c. - CVE-2015-8933 * SECURITY UPDATE: heap overflow parsing malformed tar archives - debian/patches/CVE-2015-8934.patch: properly check reading from lzss decompression buffer in libarchive/archive_read_support_format_rar.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_rar_invalid1.c, libarchive/test/test_read_format_rar_invalid1.rar.uu. - CVE-2015-8934 * SECURITY UPDATE: overflow reading 7-Zip with large number of substreams - debian/patches/CVE-2016-4300.patch: add another limit to libarchive/archive_read_support_format_7zip.c. - CVE-2016-4300 * SECURITY UPDATE: crash via rar files with zero dictionary size - debian/patches/CVE-2016-4302.patch: handle zero-sized disctionary in libarchive/archive_ppmd7.c, libarchive/archive_read_support_format_rar.c. - CVE-2016-4302 * SECURITY UPDATE: memory allocation issues with large cpio symlinks - debian/patches/CVE-2016-4809.patch: reject large symlinks in libarchive/archive_read_support_format_cpio.c. - CVE-2016-4809 * SECURITY UPDATE: integer overflow when computing volume descriptor - debian/patches/CVE-2016-5844.patch: fix multiplications in libarchive/archive_read_support_format_iso9660.c. - CVE-2016-5844
ubuntu/wily-devel	2016-07-14 19:05:29 UTC 2016-07-14	Import patches-unapplied version 3.1.2-11ubuntu0.15.10.2 to ubuntu/wily-security Author: Marc Deslauriers Author Date: 2016-07-13 15:17:13 UTC Import patches-unapplied version 3.1.2-11ubuntu0.15.10.2 to ubuntu/wily-security Imported using git-ubuntu import. Changelog parent: 4611965fd7986146fe73c4222e2a9f76ce1edf47 New changelog entries: * SECURITY UPDATE: denial of service via malformed rar or cab files - debian/patches/CVE-2015-8916.patch: ignore entries with empty filenames in tar/read.c. - CVE-2015-8916 - CVE-2015-8917 * SECURITY UPDATE: denial of service via malformed lzh file - debian/patches/CVE-2015-8919.patch: recognize empty dir name in libarchive/archive_read_support_format_lha.c. - CVE-2015-8919 * SECURITY UPDATE: buffer underflow parsing ar header - debian/patches/CVE-2015-8920.patch: check for empty filenames in libarchive/archive_read_support_format_ar.c. - CVE-2015-8920 * SECURITY UPDATE: read past end of string parsing - debian/patches/CVE-2015-8921.patch: properly calculate string length in libarchive/archive_entry.c. - CVE-2015-8921 * SECURITY UPDATE: segfault on malformed 7z archive - debian/patches/CVE-2015-8922.patch: reject some malformed files in libarchive/archive_read_support_format_7zip.c, added tests to Makefile.am, libarchive/test/test_read_format_7zip_malformed.7z.uu, libarchive/test/test_read_format_7zip_malformed.c, libarchive/test/test_read_format_7zip_malformed2.7z.uu, libarchive/test/CMakeLists.txt. - CVE-2015-8922 * SECURITY UPDATE: segfault on malformed Zip archive - debian/patches/CVE-2015-8923.patch: properly handle sizes in libarchive/archive_read_support_format_zip.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_zip_malformed.c, libarchive/test/test_read_format_zip_malformed1.zip.uu. - CVE-2015-8923 * SECURITY UPDATE: buffer overflow when processing tar files - debian/patches/CVE-2015-8924.patch: properly handle empty filenames in libarchive/archive_read_support_format_tar.c. - CVE-2015-8924 * SECURITY UPDATE: improper newline parsing - debian/patches/CVE-2015-8925.patch: fix escaped newline parsing in libarchive/archive_read_support_format_mtree.c, added tests to libarchive/test/test_read_format_mtree.c, libarchive/test/test_read_format_mtree.mtree.uu. - CVE-2015-8925 * SECURITY UPDATE: segfault on invalid rar archive - debian/patches/CVE-2015-8926.patch: properly handle return code in libarchive/archive_read_support_format_rar.c. - CVE-2015-8926 * SECURITY UPDATE: out-of-bounds read in mtree - debian/patches/CVE-2015-8928.patch: properly handle filename parsing in libarchive/archive_read_support_format_mtree.c. - CVE-2015-8928 * SECURITY UPDATE: segfault via dir loop in malformed ISO - debian/patches/CVE-2015-8930.patch: limit recursion in libarchive/archive_read_support_format_iso9660.c. - CVE-2015-8930 * SECURITY UPDATE: integer overflow parsing time values - debian/patches/CVE-2015-8931.patch: fix time handling in libarchive/archive_read_support_format_mtree.c. - CVE-2015-8931 * SECURITY UPDATE: crash via invalid compressed data - debian/patches/CVE-2015-8932.patch: add more checks to libarchive/archive_read_support_filter_compress.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_filter_compress.c. - CVE-2015-8932 * SECURITY UPDATE: integer overflow via negative-sized sparse blocks - debian/patches/CVE-2015-8933.patch: add check to libarchive/archive_read_support_format_tar.c. - CVE-2015-8933 * SECURITY UPDATE: heap overflow parsing malformed tar archives - debian/patches/CVE-2015-8934.patch: properly check reading from lzss decompression buffer in libarchive/archive_read_support_format_rar.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_rar_invalid1.c, libarchive/test/test_read_format_rar_invalid1.rar.uu. - CVE-2015-8934 * SECURITY UPDATE: overflow reading 7-Zip with large number of substreams - debian/patches/CVE-2016-4300.patch: add another limit to libarchive/archive_read_support_format_7zip.c. - CVE-2016-4300 * SECURITY UPDATE: crash via rar files with zero dictionary size - debian/patches/CVE-2016-4302.patch: handle zero-sized disctionary in libarchive/archive_ppmd7.c, libarchive/archive_read_support_format_rar.c. - CVE-2016-4302 * SECURITY UPDATE: memory allocation issues with large cpio symlinks - debian/patches/CVE-2016-4809.patch: reject large symlinks in libarchive/archive_read_support_format_cpio.c. - CVE-2016-4809 * SECURITY UPDATE: integer overflow when computing volume descriptor - debian/patches/CVE-2016-5844.patch: fix multiplications in libarchive/archive_read_support_format_iso9660.c. - CVE-2016-5844
ubuntu/wily-security	2016-07-14 19:05:29 UTC 2016-07-14	Import patches-unapplied version 3.1.2-11ubuntu0.15.10.2 to ubuntu/wily-security Author: Marc Deslauriers Author Date: 2016-07-13 15:17:13 UTC Import patches-unapplied version 3.1.2-11ubuntu0.15.10.2 to ubuntu/wily-security Imported using git-ubuntu import. Changelog parent: 4611965fd7986146fe73c4222e2a9f76ce1edf47 New changelog entries: * SECURITY UPDATE: denial of service via malformed rar or cab files - debian/patches/CVE-2015-8916.patch: ignore entries with empty filenames in tar/read.c. - CVE-2015-8916 - CVE-2015-8917 * SECURITY UPDATE: denial of service via malformed lzh file - debian/patches/CVE-2015-8919.patch: recognize empty dir name in libarchive/archive_read_support_format_lha.c. - CVE-2015-8919 * SECURITY UPDATE: buffer underflow parsing ar header - debian/patches/CVE-2015-8920.patch: check for empty filenames in libarchive/archive_read_support_format_ar.c. - CVE-2015-8920 * SECURITY UPDATE: read past end of string parsing - debian/patches/CVE-2015-8921.patch: properly calculate string length in libarchive/archive_entry.c. - CVE-2015-8921 * SECURITY UPDATE: segfault on malformed 7z archive - debian/patches/CVE-2015-8922.patch: reject some malformed files in libarchive/archive_read_support_format_7zip.c, added tests to Makefile.am, libarchive/test/test_read_format_7zip_malformed.7z.uu, libarchive/test/test_read_format_7zip_malformed.c, libarchive/test/test_read_format_7zip_malformed2.7z.uu, libarchive/test/CMakeLists.txt. - CVE-2015-8922 * SECURITY UPDATE: segfault on malformed Zip archive - debian/patches/CVE-2015-8923.patch: properly handle sizes in libarchive/archive_read_support_format_zip.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_zip_malformed.c, libarchive/test/test_read_format_zip_malformed1.zip.uu. - CVE-2015-8923 * SECURITY UPDATE: buffer overflow when processing tar files - debian/patches/CVE-2015-8924.patch: properly handle empty filenames in libarchive/archive_read_support_format_tar.c. - CVE-2015-8924 * SECURITY UPDATE: improper newline parsing - debian/patches/CVE-2015-8925.patch: fix escaped newline parsing in libarchive/archive_read_support_format_mtree.c, added tests to libarchive/test/test_read_format_mtree.c, libarchive/test/test_read_format_mtree.mtree.uu. - CVE-2015-8925 * SECURITY UPDATE: segfault on invalid rar archive - debian/patches/CVE-2015-8926.patch: properly handle return code in libarchive/archive_read_support_format_rar.c. - CVE-2015-8926 * SECURITY UPDATE: out-of-bounds read in mtree - debian/patches/CVE-2015-8928.patch: properly handle filename parsing in libarchive/archive_read_support_format_mtree.c. - CVE-2015-8928 * SECURITY UPDATE: segfault via dir loop in malformed ISO - debian/patches/CVE-2015-8930.patch: limit recursion in libarchive/archive_read_support_format_iso9660.c. - CVE-2015-8930 * SECURITY UPDATE: integer overflow parsing time values - debian/patches/CVE-2015-8931.patch: fix time handling in libarchive/archive_read_support_format_mtree.c. - CVE-2015-8931 * SECURITY UPDATE: crash via invalid compressed data - debian/patches/CVE-2015-8932.patch: add more checks to libarchive/archive_read_support_filter_compress.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_filter_compress.c. - CVE-2015-8932 * SECURITY UPDATE: integer overflow via negative-sized sparse blocks - debian/patches/CVE-2015-8933.patch: add check to libarchive/archive_read_support_format_tar.c. - CVE-2015-8933 * SECURITY UPDATE: heap overflow parsing malformed tar archives - debian/patches/CVE-2015-8934.patch: properly check reading from lzss decompression buffer in libarchive/archive_read_support_format_rar.c, added tests to Makefile.am, libarchive/test/CMakeLists.txt, libarchive/test/test_read_format_rar_invalid1.c, libarchive/test/test_read_format_rar_invalid1.rar.uu. - CVE-2015-8934 * SECURITY UPDATE: overflow reading 7-Zip with large number of substreams - debian/patches/CVE-2016-4300.patch: add another limit to libarchive/archive_read_support_format_7zip.c. - CVE-2016-4300 * SECURITY UPDATE: crash via rar files with zero dictionary size - debian/patches/CVE-2016-4302.patch: handle zero-sized disctionary in libarchive/archive_ppmd7.c, libarchive/archive_read_support_format_rar.c. - CVE-2016-4302 * SECURITY UPDATE: memory allocation issues with large cpio symlinks - debian/patches/CVE-2016-4809.patch: reject large symlinks in libarchive/archive_read_support_format_cpio.c. - CVE-2016-4809 * SECURITY UPDATE: integer overflow when computing volume descriptor - debian/patches/CVE-2016-5844.patch: fix multiplications in libarchive/archive_read_support_format_iso9660.c. - CVE-2016-5844
debian/experimental	2016-05-06 22:10:55 UTC 2016-05-06	Import patches-unapplied version 3.2.0-1 to debian/experimental Author: Andreas Henriksson Author Date: 2016-05-06 08:08:56 UTC Import patches-unapplied version 3.2.0-1 to debian/experimental Imported using git-ubuntu import. Changelog parent: 4fd14c8e11ec78f2401f81f9841ff40782dc80d9 New changelog entries: * New upstream test release (3.1.901a). * Add liblz4-dev build-dependency to enable lz4 support. * Enable new bsdcat utility in separate package * Drop all patches, now included in release. * Add pkg-config build-dependency * Have dh-autoreconf use upstream build/autogen.sh * New upstream release (3.2.0).
applied/debian/experimental	2016-05-06 22:10:55 UTC 2016-05-06	Import patches-applied version 3.2.0-1 to applied/debian/experimental Author: Andreas Henriksson Author Date: 2016-05-06 08:08:56 UTC Import patches-applied version 3.2.0-1 to applied/debian/experimental Imported using git-ubuntu import. Changelog parent: 83d3eb8b2cf0ceb27d4dc30643a2dfec14febdc4 Unapplied parent: 4e22485b837f1469ab3718920a6a67591a565c02 New changelog entries: * New upstream test release (3.1.901a). * Add liblz4-dev build-dependency to enable lz4 support. * Enable new bsdcat utility in separate package * Drop all patches, now included in release. * Add pkg-config build-dependency * Have dh-autoreconf use upstream build/autogen.sh * New upstream release (3.2.0).
applied/debian/wheezy	2015-09-05 17:03:14 UTC 2015-09-05	Import patches-applied version 3.0.4-3+wheezy1 to applied/debian/wheezy Author: Alessandro Ghedini Author Date: 2015-03-05 10:26:19 UTC Import patches-applied version 3.0.4-3+wheezy1 to applied/debian/wheezy Imported using git-ubuntu import. Changelog parent: b4e585eb9f548f029275f3e7ba6a55da1756cabb Unapplied parent: 1775368d81c97f9a9cefa6752bcc8d2534c01e90 New changelog entries: * Fix directory traversal vulnerability in bsdcpio (Closes: #778266)
debian/wheezy	2015-09-05 17:03:14 UTC 2015-09-05	Import patches-unapplied version 3.0.4-3+wheezy1 to debian/wheezy Author: Alessandro Ghedini Author Date: 2015-03-05 10:26:19 UTC Import patches-unapplied version 3.0.4-3+wheezy1 to debian/wheezy Imported using git-ubuntu import. Changelog parent: 9dbb0f2e90ecb73f78faab770eb3fedc3db2aa00 New changelog entries: * Fix directory traversal vulnerability in bsdcpio (Closes: #778266)
applied/ubuntu/xenial	2015-06-14 07:38:30 UTC 2015-06-14	Import patches-applied version 3.1.2-11build1 to applied/ubuntu/wily-proposed Author: Adam Conrad Author Date: 2015-06-14 07:30:37 UTC Import patches-applied version 3.1.2-11build1 to applied/ubuntu/wily-proposed Imported using git-ubuntu import. Changelog parent: 83d3eb8b2cf0ceb27d4dc30643a2dfec14febdc4 Unapplied parent: cde5a91f7c12b1d74379789d6c4c146498ed43ca New changelog entries: * Rebuild for the libnettle6 transition.
applied/ubuntu/wily-proposed	2015-06-14 07:38:30 UTC 2015-06-14	Import patches-applied version 3.1.2-11build1 to applied/ubuntu/wily-proposed Author: Adam Conrad Author Date: 2015-06-14 07:30:37 UTC Import patches-applied version 3.1.2-11build1 to applied/ubuntu/wily-proposed Imported using git-ubuntu import. Changelog parent: 83d3eb8b2cf0ceb27d4dc30643a2dfec14febdc4 Unapplied parent: cde5a91f7c12b1d74379789d6c4c146498ed43ca New changelog entries: * Rebuild for the libnettle6 transition.
applied/ubuntu/wily	2015-06-14 07:38:30 UTC 2015-06-14	Import patches-applied version 3.1.2-11build1 to applied/ubuntu/wily-proposed Author: Adam Conrad Author Date: 2015-06-14 07:30:37 UTC Import patches-applied version 3.1.2-11build1 to applied/ubuntu/wily-proposed Imported using git-ubuntu import. Changelog parent: 83d3eb8b2cf0ceb27d4dc30643a2dfec14febdc4 Unapplied parent: cde5a91f7c12b1d74379789d6c4c146498ed43ca New changelog entries: * Rebuild for the libnettle6 transition.
ubuntu/wily	2015-06-14 07:38:30 UTC 2015-06-14	Import patches-unapplied version 3.1.2-11build1 to ubuntu/wily-proposed Author: Adam Conrad Author Date: 2015-06-14 07:30:37 UTC Import patches-unapplied version 3.1.2-11build1 to ubuntu/wily-proposed Imported using git-ubuntu import. Changelog parent: 4fd14c8e11ec78f2401f81f9841ff40782dc80d9 New changelog entries: * Rebuild for the libnettle6 transition.

Other repositories

Name	Last Modified
lp:ubuntu/+source/libarchive	2019-09-04

You can't create new repositories for libarchive in Ubuntu.