-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 13 May 2022 19:39:31 -0400
Source: lrzip
Binary: lrzip lrzip-dbgsym
Architecture: armel
Version: 0.641-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-03) <buildd_armhf-arm-conova-03@buildd.debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Description:
 lrzip      - compression program with a very high compression ratio
Changes:
 lrzip (0.641-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security updates:
     Two issues that allow remote attackers to cause a denial of service via a
     crafted lrz file:
     - CVE-2018-5786: Resolve a potential infinite loop and application hang in the
       get_fileinfo function.
     - CVE-2022-26291: Resolve a multiple concurrency use-after-free between
       the functions zpaq_decompress_buf() and clear_rulist().
     A memory corruption issue:
     - CVE-2022-28044: Resolve a potential heap corruption.
Checksums-Sha1:
 e4b74ec219d394e9e1d0baa5e562f1232844d37b 713176 lrzip-dbgsym_0.641-1+deb11u1_armel.deb
 3ccc86115122418099aeacc957aeb663d408484a 5951 lrzip_0.641-1+deb11u1_armel-buildd.buildinfo
 4b6b7f65a82fdec8ccd7912a5bb53e1eb25d553d 241864 lrzip_0.641-1+deb11u1_armel.deb
Checksums-Sha256:
 e7f0c7f6730f910feb218c312dc1a0685934baa59611075e52114d2c99c0b97a 713176 lrzip-dbgsym_0.641-1+deb11u1_armel.deb
 b12c6c620637d1d5e9efbf2bcaa341ab080c91c66ceeb57883800cc705d91e24 5951 lrzip_0.641-1+deb11u1_armel-buildd.buildinfo
 eeb60de2be973ba851be13470ab9108bad385a3f39f52dadfde5a96ed5bc7179 241864 lrzip_0.641-1+deb11u1_armel.deb
Files:
 961976229b3ca9a561892b74e392d398 713176 debug optional lrzip-dbgsym_0.641-1+deb11u1_armel.deb
 44541eebf531555e0486b721bb194fd4 5951 utils optional lrzip_0.641-1+deb11u1_armel-buildd.buildinfo
 a8646f9a37e70807e26fd270112bdd40 241864 utils optional lrzip_0.641-1+deb11u1_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEzCs98PTgyiLYw2uf9nOAcgkXaN8FAmKH9BEACgkQ9nOAcgkX
aN+vPQ/+PFJD+/Za5C9aDHeLy76W3lOTifi34b62o+uIm3lxfEk2Xn6a4/cAZVpC
ym2LEjxHjfsVKas1KPZxG/kxNTQgPWVCeMc3Diz0an9706Yb36bzInDTZ3hvrn/c
sHagkaf1HmyRFiaWALhRxvr5hzUhToG1NRy6oNQg9WEaL11g5gM7D7pvjXWWmAbt
77EShvWAt2CRdiPjZmAXEvM8esQSUoHZq/tQ8Vg05KxYCMv0GSp3nbACdGyQ2csa
bpd1QKbIDgQ+QdzySSa25NnAM4kXwspIYpicN+jSElsFEWU8adc45ZD3T+p0vpNY
iXVCzJwTuQwpz//PPKmfgkDwa9Jyspbb8/sDevPY8Pdqd8ALFJvmqVJS3LwSHLuT
OWZGUBbfw+o0NIYQi9gvczJG4TC2q2Mke4SDeHSufx6ctDXqK5pn2Al2pp3XLqKX
MAqzNglEA9DxsQyioI+Ugekk+L72VPuyb8UuLG/8nmHQvJePKYsauztRMHHTrdzX
/t6k+21HBbU0wekg2Bx7/yGFw+cIbQBPNL4swmWFO6cLGzzgBj5BBTa14jkURqzz
5NbtB33yFl9EZu1UPUuaSW0RA+pzrNMNuB8U1uByCcC1lFTmuajRpUuztjDOIMIb
KW/CL71gvVqlO9T/63/UA6bmWjjZf9S0BJrSllZCaaEkQC8fi6Q=
=06vQ
-----END PGP SIGNATURE-----