-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 12 May 2022 20:53:05 -0400
Source: lrzip
Binary: lrzip lrzip-dbgsym
Architecture: armhf
Version: 0.631+git180528-1+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-04) <buildd_armhf-arm-ubc-04@buildd.debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Description:
 lrzip      - compression program with a very high compression ratio
Changes:
 lrzip (0.631+git180528-1+deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security updates:
     Two issues that allow remote attackers to cause a denial of service via a
     crafted lrz file:
     - CVE-2018-5786: Resolve a potential infinite loop and application hang in the
       get_fileinfo function.
     - CVE-2021-27345: Resolve a null pointer dereference.
     * CVE-2021-27347: Resolve a use after free.
     - CVE-2020-25467: Resolve a null pointer dereference.
     - CVE-2022-26291: Resolve a multiple concurrency use-after-free.
     A memory corruption issue:
     - CVE-2022-28044: Resolve a potential heap corruption.
Checksums-Sha1:
 01aeccafcd88372754a65fa76bc18835bd0c6e77 712964 lrzip-dbgsym_0.631+git180528-1+deb10u1_armhf.deb
 88b965de19c99685d22f01dddc396ceb6b9ac50a 5667 lrzip_0.631+git180528-1+deb10u1_armhf-buildd.buildinfo
 fceea02443a51fcc20253dd2c2ecc5d7f386d1f6 244148 lrzip_0.631+git180528-1+deb10u1_armhf.deb
Checksums-Sha256:
 7235c9f49ad0f06a0f32a0f5f71034dbeca3ba6f2c8aecc62760640f9fd12d1f 712964 lrzip-dbgsym_0.631+git180528-1+deb10u1_armhf.deb
 4d1ab444d6c7c3941d4b94ce258a4166e5bb201679d793c56b607d1c94cb391a 5667 lrzip_0.631+git180528-1+deb10u1_armhf-buildd.buildinfo
 6b419bddaf83b272cf69d5653b50f7af1c868a0d69c70b564e315b0913c06b8e 244148 lrzip_0.631+git180528-1+deb10u1_armhf.deb
Files:
 ba51c1f38a2feaba8d714521bc4ce07b 712964 debug optional lrzip-dbgsym_0.631+git180528-1+deb10u1_armhf.deb
 b49bbbc4f20324c1b796ab473fba982f 5667 utils optional lrzip_0.631+git180528-1+deb10u1_armhf-buildd.buildinfo
 69686fda452d5830790d33f2b0088323 244148 utils optional lrzip_0.631+git180528-1+deb10u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEbnebi1aZTKY54oji/NUSQB8TXIgFAmKH9IEACgkQ/NUSQB8T
XIhTnxAAlhQB5xMmLGmlINyFAmPxi0RBHY0tl81Vr2vyB0faOjpRv5mrEuvisDJl
PprJuBnjYoRFlKU3/Bbvd4A2Yhz1rxwS0lsxJnzNd9+s9WJQ9fdXGmll3jEzIdoN
gEhrfW2Y8tumDAGdgR285yUHIlFoKepTwdvnOCvqJecc7RFrGeYBel7AMCw8KPiP
5W3fvFEnucccFYzlf0vuMLqyZ8lZ2PHHQZtwbAPfGsIx8ZUMVe3AbWHesSkeNoPB
6y1LSK4dGhSWDqM2XDxrfzA23uvO8GsreF59GFmXBQn1gKj0s1dp8nQY211HwVuw
mT+0neKTDFuM8sktEa4JYj4VxhYkx5/INuoKL63lx1rvNNqd973kyaqlkZxpJ3+E
paFa4XzDlrIM1ti6ugWf1cPS/2H6K6Wnx72QrDj5SCU/exl15OxiX3ctO1rE6YE9
O6x0Zzzaid/bHVbOaESzsPx5QA/cwgU76J82GiChYg3aw494KX+YJ3nDB1gnyo/9
zOxDC3JIdtCcfHrAbFx24zPIynF3sN0XS26qCEHvLP1lK+5iACqxKLQHIj3ce4ix
oVdhReAdoCtNk5E/cGAC1fU+7+XJTYu8A8xpUBi66Z+Gz+xYbHObtHQhP+JGr9Fy
cXFVL2ofQLLuGod6QBQchtCBuGLw5kQc0+3RHCeoc9waho7x43s=
=44mj
-----END PGP SIGNATURE-----