-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 13 May 2022 19:39:31 -0400
Source: lrzip
Binary: lrzip lrzip-dbgsym
Architecture: mipsel
Version: 0.641-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: mipsel Build Daemon (mipsel-osuosl-05) <buildd_mips64el-mipsel-osuosl-05@buildd.debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Description:
 lrzip      - compression program with a very high compression ratio
Changes:
 lrzip (0.641-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security updates:
     Two issues that allow remote attackers to cause a denial of service via a
     crafted lrz file:
     - CVE-2018-5786: Resolve a potential infinite loop and application hang in the
       get_fileinfo function.
     - CVE-2022-26291: Resolve a multiple concurrency use-after-free between
       the functions zpaq_decompress_buf() and clear_rulist().
     A memory corruption issue:
     - CVE-2022-28044: Resolve a potential heap corruption.
Checksums-Sha1:
 7e84e583bf01850138feb5d125c8fd779aa53ce0 781628 lrzip-dbgsym_0.641-1+deb11u1_mipsel.deb
 815e319d12f591f8e37e1126d84782f8894874b4 5909 lrzip_0.641-1+deb11u1_mipsel-buildd.buildinfo
 2a4ede761028987656571457a96a72f0c7682a49 281660 lrzip_0.641-1+deb11u1_mipsel.deb
Checksums-Sha256:
 4fd1abbd369b993a6eef59b4ee48a4f258c2225214363e10ee4824291709167f 781628 lrzip-dbgsym_0.641-1+deb11u1_mipsel.deb
 3fa4c6e075bb59d7317709c5f97c0c6804f56e47841f1a3763f9238908660c30 5909 lrzip_0.641-1+deb11u1_mipsel-buildd.buildinfo
 d010e60e53174acdaa0458deaf1cc20c623a5ca5996adaebed869ea30ecc669a 281660 lrzip_0.641-1+deb11u1_mipsel.deb
Files:
 83bc3e16b2b6c91b40a007b02a0f8678 781628 debug optional lrzip-dbgsym_0.641-1+deb11u1_mipsel.deb
 17387922de4bf7f72d2b29775be2fc79 5909 utils optional lrzip_0.641-1+deb11u1_mipsel-buildd.buildinfo
 5c1efdeaa7c7c96dc82022fb473c80cc 281660 utils optional lrzip_0.641-1+deb11u1_mipsel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEB/LZjIxKoy4YPfehZlR40KOuoLkFAmKH9WsACgkQZlR40KOu
oLmzRw//Q+TqQvEmIYOVwo8PN3j7qFidRiSFStERDGfp4T3EhMa9fptq1Lb2BTg0
3zyCF31N8TZC9PBVp2HshOUcRvNApRue0WNEmC3GYjuFT+PqnHeRWQUI09NHS+q6
4L5pqv7ugtop9bUgKdSBpI6G/eGpSocgKw6MBb/oYxdvZmsRykGrWLjRhXHv9mbb
HhWtWvNCq86iotm+mKYHFILRu6fRv+N4PQ+PecqsgLIJoHv9vnPYJkFpjFxH2H/r
YbAR0dPiw8gmxDCBkM6/AiYLdfapstuUX0FnEofzFyMaHw5l6GNYklPwdqjtscvu
03/FMaxKNBHQ/FnivUe2yQ2WPVJhp+2mo3AurgpwJ/o/kCVXfP//5fX789iCo+Tr
20qj5ybHOQke7JOGcs0ajZS1dJhUsRDTxFQFrmvZ9sJimryS1oBCgoEHj1bEmiCI
KvOhHVMbWHDiB+gpweh+RVJeYVRW1tV3Y/X6BtdUL6/oLla/VOhjyFavOnWA7/bO
rsV82+ufWVusIkYwkMqNPZg1G95/epwyKoa/g0ij3OQ0/P1EdmTQJ+vVkVwhzcpK
MUl2vBohwIcfX0KWQ5gPAvrubb0roKw6JxsAEUSKD6vNWcuZRQUAjLVx5Rgtu+gs
wvyLzYj8AxcRAoncG7y4Ac8jaVHEzSWiIIYBJIVo2ndd8+o62Cs=
=lhGj
-----END PGP SIGNATURE-----