-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 13 May 2022 19:39:31 -0400
Source: lrzip
Binary: lrzip lrzip-dbgsym
Architecture: arm64
Version: 0.641-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: arm Build Daemon (arm-arm-03) <buildd_arm64-arm-arm-03@buildd.debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Description:
 lrzip      - compression program with a very high compression ratio
Changes:
 lrzip (0.641-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security updates:
     Two issues that allow remote attackers to cause a denial of service via a
     crafted lrz file:
     - CVE-2018-5786: Resolve a potential infinite loop and application hang in the
       get_fileinfo function.
     - CVE-2022-26291: Resolve a multiple concurrency use-after-free between
       the functions zpaq_decompress_buf() and clear_rulist().
     A memory corruption issue:
     - CVE-2022-28044: Resolve a potential heap corruption.
Checksums-Sha1:
 459016dbf58192504b9ce4dde9131fc882eb8ae8 773524 lrzip-dbgsym_0.641-1+deb11u1_arm64.deb
 57efba68bad8070ac10fadd4951fa4796b0e2737 6022 lrzip_0.641-1+deb11u1_arm64-buildd.buildinfo
 4a6cd28a1c3eb71596fe387318e14c21b9620ec5 252044 lrzip_0.641-1+deb11u1_arm64.deb
Checksums-Sha256:
 11fd5086d697d21514de4503dd01368a533e9bb4f99f4ccc8c24779b1520114a 773524 lrzip-dbgsym_0.641-1+deb11u1_arm64.deb
 487bc152455bfb4648ec7183a2eccc66ada895326bfd58e9d1cf6b9d5d00d914 6022 lrzip_0.641-1+deb11u1_arm64-buildd.buildinfo
 0661626cc64595b9928cd75a240430f14e3a485c0ba13eb664ac796004ef97e5 252044 lrzip_0.641-1+deb11u1_arm64.deb
Files:
 b3351572f4c236914946931465242200 773524 debug optional lrzip-dbgsym_0.641-1+deb11u1_arm64.deb
 47cedfe271c11b439f6987ed86bf7963 6022 utils optional lrzip_0.641-1+deb11u1_arm64-buildd.buildinfo
 0f8f4e6eecffbfceb46a10dfedeef0b8 252044 utils optional lrzip_0.641-1+deb11u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEIS72tuB86Di4j06asDFrxdWCRVIFAmKH9AwACgkQsDFrxdWC
RVIGqg/+PDHoYLD5443NaLVXLjHeOrDjCFlB/xlI/IJI6eky1W9Acf5br/D15oUJ
0PBOswFugJhVAtp9YmmseHU25tDDkhfMilvtHkOVj8mQiiufTwBxMHAtjB6Ok/bs
ZyOdsczGZHy+ljt3a46tMbgoPMp1rR9i0lESw9zGLtTeKWEDbNtDDkhjbcFtGkiF
uvHmJytMkkUZuFm2STsYRS6oyW2GzTlK6xe49Hr7uo3YJSUlVq+QSMuazWzYrYxH
LlSK/y/ZySXYenk1QKyXXOgRCz2mfp/WhxLcQuZ51ViwOyZjqAaw2lNb4jfM6097
6TgM1uTTx1pSrN1oBVakH5ijkWjo0SbcjccBCmgT7VkqpkCIDWfe07rSQ9gNA4Qs
3qVTaRfvEInJyeU7+6rq0O9bbz/3iEtCou0UzknlZV/qaI3CtIN2KXyppnpNW/GL
O+IpnzXOUPWrIq2UZdP/T/jNtOhtQWVyj1arnoHot4cnR4oQffSmq79YvV6c3RLO
7YaMLBzOwq/iEouEP2II11ibADEUnaYYsidHXBlPMRYh6HgAimjX8t0XCdEQOvPa
+FFTScCpr+q7KhqHTRiBBXkimHL17t/ksgr/qLX2gEdTYAmll5FLELgAC6dyOzIB
h7VVtVfJ+f1fDsF8+pqY6PbN4NhQXbpIGd2wCKeHmdGrskvxwic=
=05QT
-----END PGP SIGNATURE-----