-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 13 May 2022 19:39:31 -0400
Source: lrzip
Binary: lrzip lrzip-dbgsym
Architecture: armhf
Version: 0.641-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: arm Build Daemon (arm-arm-01) <buildd_arm64-arm-arm-01@buildd.debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Description:
 lrzip      - compression program with a very high compression ratio
Changes:
 lrzip (0.641-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security updates:
     Two issues that allow remote attackers to cause a denial of service via a
     crafted lrz file:
     - CVE-2018-5786: Resolve a potential infinite loop and application hang in the
       get_fileinfo function.
     - CVE-2022-26291: Resolve a multiple concurrency use-after-free between
       the functions zpaq_decompress_buf() and clear_rulist().
     A memory corruption issue:
     - CVE-2022-28044: Resolve a potential heap corruption.
Checksums-Sha1:
 50abc1e60f04abbb87eb6088a98884c99c7b0a77 722828 lrzip-dbgsym_0.641-1+deb11u1_armhf.deb
 6103912187a64367accceacdf46b8af0fe3a0e52 5953 lrzip_0.641-1+deb11u1_armhf-buildd.buildinfo
 c3e0a0c89bd2cdafca0738ecba86bc3fa129b97b 243420 lrzip_0.641-1+deb11u1_armhf.deb
Checksums-Sha256:
 0ee98586b5bd96244a87defdddf2d698444fccba8d57c47b64d1ee3680edc9b0 722828 lrzip-dbgsym_0.641-1+deb11u1_armhf.deb
 e91000d5658ed24c01a46928e19de6c1bbecf8ea4c6920b5c856236701bad951 5953 lrzip_0.641-1+deb11u1_armhf-buildd.buildinfo
 f3fe557ceb366dff898e0353270cd0bf5c99eb38b5be41f3771f57bf36f7b6d9 243420 lrzip_0.641-1+deb11u1_armhf.deb
Files:
 e3d0d6a8eab1f683e0a4109a837a2730 722828 debug optional lrzip-dbgsym_0.641-1+deb11u1_armhf.deb
 5b0f5476131ac2bed4389e2cdb02aa04 5953 utils optional lrzip_0.641-1+deb11u1_armhf-buildd.buildinfo
 28378273d96a5afb3f9e61b5badcaad2 243420 utils optional lrzip_0.641-1+deb11u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZQFXxoklRUh1v2q+Cr4sS911++cFAmKH9AgACgkQCr4sS911
++c8WBAAosnZOVqZ6d8rVJhr30RU2vbpWkJHrj6I5TxwbkzLRntCobbpHFwRdV2S
Pw78uK7p5DRUlJzroJ0kl2TjdDfIRtCTpKmGjLlmRDTiAaKU1pTY9g9zb9Z+m9e7
A02GYm5ElbqfOqVe9b38vpLXAj1Ge7Q97XcspGvuG4cwgqNjou0d7HbWlLEB+YeZ
W/0dcsvZV+yAnzRX7hINCaqyCfU4huAoKY9gz0FqvAo5xh+6eFPYN0mk/vdWGTFX
WwtoOk6GkxT8oWGENnOgI4GnMuHRcJJLXZ0SC1fGGzRQNttywgm4nYU7Jm86Aktw
6bE2sDHAhr85rABKL564yfRsmdec3i6S1fccyQuT+Y5VLCJiYjM2zlAvLN1a2V3E
SPwq5iPRAZwrh9ORaVJwasEMY3UX4c8GmW77RS3ZGWXrynFTANA2R/keSA/t/QVU
3P27weeZx6Dbmb2jfXEcfZ069TKlOLi1Dn5mZP+0t5TFsWvWlDu4qox21HL6/vGa
7VXFgPYwKJqGcYyTA3osa/fCLBB2HMlI388BHSF6Y5Xw/F39kuhkmGxX5OoPYdjK
z77/Q5h8tgWX5Jn/nB7XX5kn543C1JocBWI0rWuCIXMqzmOoCZg+l26biXdVj86N
VvxsPsD8JrsByTVHrCtnuyQOyRUPuPikQEbWJE5LjZK3/NIcwbw=
=5v8d
-----END PGP SIGNATURE-----