Format: 1.8 Date: Tue, 16 Aug 2022 19:08:38 -0300 Source: zlib Binary: zlib1g zlib1g-dev zlib1g-dbg zlib1g-udeb lib64z1 lib64z1-dev lib32z1 lib32z1-dev libn32z1 libn32z1-dev libx32z1 libx32z1-dev Architecture: arm64 Version: 1:1.2.11.dfsg-0ubuntu2.2 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Rodrigo Figueiredo Zaiden Description: lib32z1 - compression library - 32 bit runtime lib32z1-dev - compression library - 32 bit development lib64z1 - compression library - 64 bit runtime lib64z1-dev - compression library - 64 bit development libn32z1 - compression library - n32 runtime libn32z1-dev - compression library - n32 development libx32z1 - compression library - x32 runtime libx32z1-dev - compression library - x32 development zlib1g - compression library - runtime zlib1g-dbg - compression library - development zlib1g-dev - compression library - development zlib1g-udeb - compression library - runtime for Debian installer (udeb) Changes: zlib (1:1.2.11.dfsg-0ubuntu2.2) bionic-security; urgency=medium . * SECURITY UPDATE: heap-based buffer over-read - debian/patches/CVE-2022-37434-1.patch: in inflate.c, add an extra condition to check if state->head->extra_max is greater than len before copying, and move the len assignment to be placed before the check. - debian/patches/CVE-2022-37434-2.patch: in the previous patch, in inflate.c, the place of the len assignment was causing issues so it was moved to be placed within the check. - CVE-2022-37434 Checksums-Sha1: b3b0a27c2fc5a01d9f50970c0cafb86dd7a25585 98072 zlib1g-dbg_1.2.11.dfsg-0ubuntu2.2_arm64.deb 614b35c337bd1c3a5c1f4608c552757cc7fb3ba7 171816 zlib1g-dev_1.2.11.dfsg-0ubuntu2.2_arm64.deb f5f5374606b0bb5a876752e88208752e8a4694d2 49304 zlib1g-udeb_1.2.11.dfsg-0ubuntu2.2_arm64.udeb a6eae73311fea3cde54111d0c4ddfcf691462d0b 52756 zlib1g_1.2.11.dfsg-0ubuntu2.2_arm64.deb 1374be65430b2e95399b9365982f445fcc06aa9b 6110 zlib_1.2.11.dfsg-0ubuntu2.2_arm64.buildinfo Checksums-Sha256: ad866484fd23551d364397d1828bf9f8efce37e38d4bc76d4f565a5814cff7e3 98072 zlib1g-dbg_1.2.11.dfsg-0ubuntu2.2_arm64.deb bfedb8a92fdbba879a25a43a9a41d3b20849b1d0512bfbaee9137f2e0da82413 171816 zlib1g-dev_1.2.11.dfsg-0ubuntu2.2_arm64.deb d4842e3ffda19141ea2a30e0d0a579b7fc9417724a0fb195ce8efea0b6385c14 49304 zlib1g-udeb_1.2.11.dfsg-0ubuntu2.2_arm64.udeb f635c78ffb4e13b1451a9b4ac7f68e8b3a29cdf3b60e85a5561441f2d46b3ea8 52756 zlib1g_1.2.11.dfsg-0ubuntu2.2_arm64.deb 36f312f3a811e9476f6d320998b1ff0018dfcafa1dd82f21cf56025eefe30cda 6110 zlib_1.2.11.dfsg-0ubuntu2.2_arm64.buildinfo Files: 6aaeb2e112ddf70095ff55d1bc09f56f 98072 debug extra zlib1g-dbg_1.2.11.dfsg-0ubuntu2.2_arm64.deb f706963a25a6480c225b1889a3187253 171816 libdevel optional zlib1g-dev_1.2.11.dfsg-0ubuntu2.2_arm64.deb 5a1930d6266876ea1cc30353db178ec4 49304 debian-installer optional zlib1g-udeb_1.2.11.dfsg-0ubuntu2.2_arm64.udeb d1395f6eb7ec48c18d0aef1e42996803 52756 libs required zlib1g_1.2.11.dfsg-0ubuntu2.2_arm64.deb 2c3653ee779323aa7f82cc66c88eddc9 6110 libs optional zlib_1.2.11.dfsg-0ubuntu2.2_arm64.buildinfo Original-Maintainer: Mark Brown Package-Type: udeb