-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 12 May 2022 20:53:05 -0400
Source: lrzip
Binary: lrzip lrzip-dbgsym
Architecture: arm64
Version: 0.631+git180528-1+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: arm Build Daemon (arm-arm-04) <buildd_arm64-arm-arm-04@buildd.debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Description:
 lrzip      - compression program with a very high compression ratio
Changes:
 lrzip (0.631+git180528-1+deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security updates:
     Two issues that allow remote attackers to cause a denial of service via a
     crafted lrz file:
     - CVE-2018-5786: Resolve a potential infinite loop and application hang in the
       get_fileinfo function.
     - CVE-2021-27345: Resolve a null pointer dereference.
     * CVE-2021-27347: Resolve a use after free.
     - CVE-2020-25467: Resolve a null pointer dereference.
     - CVE-2022-26291: Resolve a multiple concurrency use-after-free.
     A memory corruption issue:
     - CVE-2022-28044: Resolve a potential heap corruption.
Checksums-Sha1:
 d96ee71a60e74622a236c7050572652208b64fc6 754780 lrzip-dbgsym_0.631+git180528-1+deb10u1_arm64.deb
 33a7243e7740a8aa9014d81c2a90a467cbc1e4d8 5733 lrzip_0.631+git180528-1+deb10u1_arm64-buildd.buildinfo
 4f4f0e97924c1958d71a22e7405d939261cdc334 249608 lrzip_0.631+git180528-1+deb10u1_arm64.deb
Checksums-Sha256:
 8913176e824309eb5a0bb81c9b5d6b45351b127d5cff777578c3c7ab023f4914 754780 lrzip-dbgsym_0.631+git180528-1+deb10u1_arm64.deb
 c69001ce5dd40222f0cad4f63fc4a2e02abb5f84056141402fdbf9b2a1bd6209 5733 lrzip_0.631+git180528-1+deb10u1_arm64-buildd.buildinfo
 59ab8aa45100bd2cc9443f973445da5125abc5f87306df0c29a9c48deb7f1529 249608 lrzip_0.631+git180528-1+deb10u1_arm64.deb
Files:
 c245240c9363c1cb88905a56b7dfeaa4 754780 debug optional lrzip-dbgsym_0.631+git180528-1+deb10u1_arm64.deb
 0a9ab56baf5535b3080d9d35a6e516fb 5733 utils optional lrzip_0.631+git180528-1+deb10u1_arm64-buildd.buildinfo
 e465fcb7103228f42b130c6d4d8d8c2f 249608 utils optional lrzip_0.631+git180528-1+deb10u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0rJCsRd9UuwwCh7AEqw6fuPcbjYFAmKH88sACgkQEqw6fuPc
bjYn+A//YuJt+n2OXPOeaqryLFfyzKZcJlFO8S871l2UtiJFrjo0Z+O81ZhQmJtg
jv5bwO9YyDstpF1ohqrZfbO8d9oAMUaiuclBY0LwzXc+4jinZKcIUCgtmI5mujJw
jLmQY8Y74Hnj0jLSzMJ9qmGQzGrb6K3kEe5jqC7L8A+rx/VZn0g6seFXEytcX4eZ
rDalrejP/O7HX6rEsfq5W72NGQJk0kiUH16PSp4wWmNdt+xrMEK/sCR3R1ynJE06
yo303pXMV3vBa606BJPCNiHnQq93wuVuCQNCXkyVihyRG7tAvsuXCsaQifTpyMnz
FVYFPwSLjvtvhLvg+hnnJ1Dd9Oy6O3U3J8MIMGfX5qjkbCkn5o71RvVbhKGRTP3/
3gkrhqzNIWjI7+KUGmFTBVAeLhf6crZJTI6PTQsJz97InFcCP74Lb87wz8i42ifZ
WKiFyRNw34l/gBPSLMASqTytYQCLvjhraRRFlrtg3MMz5iWM2oBAYjJ114IVOCXX
QE7MSkBpq/f6gBGzd1I4Qu4AQPwPjujr1Lw46KlUPvb9K4fnGeKBliW8k4vSGPRe
a2Oc1uLpvNnnns+0iynv5Vyis00rCi/lWpLzD8JcXmM7TBFYI1lgZQjHqWPuy0ZJ
IbpbsflEX+VEFs1sPXVYl7WZoq2ZwBtnhYGQqdgV4qQzGzEkpQE=
=4hSd
-----END PGP SIGNATURE-----