-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 13 May 2022 19:39:31 -0400
Source: lrzip
Binary: lrzip lrzip-dbgsym
Architecture: mips64el
Version: 0.641-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: mipsel Build Daemon (mipsel-osuosl-05) <buildd_mips64el-mipsel-osuosl-05@buildd.debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Description:
 lrzip      - compression program with a very high compression ratio
Changes:
 lrzip (0.641-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security updates:
     Two issues that allow remote attackers to cause a denial of service via a
     crafted lrz file:
     - CVE-2018-5786: Resolve a potential infinite loop and application hang in the
       get_fileinfo function.
     - CVE-2022-26291: Resolve a multiple concurrency use-after-free between
       the functions zpaq_decompress_buf() and clear_rulist().
     A memory corruption issue:
     - CVE-2022-28044: Resolve a potential heap corruption.
Checksums-Sha1:
 057417585d00d80111b5ccde3bf8c93fc387d2e5 825664 lrzip-dbgsym_0.641-1+deb11u1_mips64el.deb
 2eae5695960a884a71772a5f37dc13edd2fe0187 5932 lrzip_0.641-1+deb11u1_mips64el-buildd.buildinfo
 004690b83be39cdfe9df112b7ce8682bd0cc45fd 273052 lrzip_0.641-1+deb11u1_mips64el.deb
Checksums-Sha256:
 5f0c94b43a261495288600fea2badb5f0164e935de93dd825bf0bf32a6e33d43 825664 lrzip-dbgsym_0.641-1+deb11u1_mips64el.deb
 cb5baad1166763df1a0e82ac8b0b88ebe23edf71943ca6204b1efaca8e541940 5932 lrzip_0.641-1+deb11u1_mips64el-buildd.buildinfo
 57a0e81802b6a7793005e4a81c2461420101c777838a5db56fe867f399797c96 273052 lrzip_0.641-1+deb11u1_mips64el.deb
Files:
 136bc22e95fcffe3946ff4b3828fe80c 825664 debug optional lrzip-dbgsym_0.641-1+deb11u1_mips64el.deb
 2f758ec9d30c420b39672fca83d46c85 5932 utils optional lrzip_0.641-1+deb11u1_mips64el-buildd.buildinfo
 e790739f29b32b95383a23fd9bb30bbe 273052 utils optional lrzip_0.641-1+deb11u1_mips64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEB/LZjIxKoy4YPfehZlR40KOuoLkFAmKH9fUACgkQZlR40KOu
oLmqnxAAoVh1i5lXhHxbIebwL43xx7iObvd/IvUNlm6rf1rcalqzbFa5vimpSAE1
KIMCjLx4hJAGfmRuqYc20jycVSG/dE8BtZJcBVOYHYSG4V4QeElqzBIjco1/7YEn
TjT+P/JJyxp7EEBaHo1iRmjPcg81H+imx9LwZsoMU6LZ5uqQK5PELlS3IxoTKsva
LCccUzxZoA0OJshvGy5oC4rLYHCjJbl1NpvHUecx1Sjccdd+rkcIptZLnbmB7sKT
nwVoToTT59t6n2EncKZcyVVQxd664plqtw1b754o0JEDE292UfjHHzjnIggoXgsH
4I7P5Cx2inD4Wq20rmEMgMXjsYz6Akv/h1TbIbU8zXMm012/WU7GcAejYAbJA4Wm
29zdU/qS07SktBz2o38KWvnquLIHjnzNZ7sh+t9Mf39MhzQTIQhO3Ycf8wvY15Iy
dTLmtWdoIDsfUv5+U2/IV4c0zCzwTcSS4AT3uobP1Aq9vuGeSdq/7iVIhsbPHB02
hNfW0vOmH5WvahUa2S8knIWuNudhBBb92BW5v9WB0cfnE7vJrypkSPCrjwVEOvJV
VjjXaV/Wp5pmd6g6YWYGA55zRlAtPDGF+Xf4Mg1/Mp/WdcuKSF/1/lFmtdqJwEuv
9XwwB2T7uJ62GFpMqNEShfZIWNgVcDHh43ZUlGZtTEuu/FGwBnM=
=gxCE
-----END PGP SIGNATURE-----