-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 13 May 2022 19:39:31 -0400
Source: lrzip
Binary: lrzip lrzip-dbgsym
Architecture: ppc64el
Version: 0.641-1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-01) <buildd_ppc64el-ppc64el-osuosl-01@buildd.debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Description:
 lrzip      - compression program with a very high compression ratio
Changes:
 lrzip (0.641-1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security updates:
     Two issues that allow remote attackers to cause a denial of service via a
     crafted lrz file:
     - CVE-2018-5786: Resolve a potential infinite loop and application hang in the
       get_fileinfo function.
     - CVE-2022-26291: Resolve a multiple concurrency use-after-free between
       the functions zpaq_decompress_buf() and clear_rulist().
     A memory corruption issue:
     - CVE-2022-28044: Resolve a potential heap corruption.
Checksums-Sha1:
 cf60ba1c7153dfba73839cd87c8eddc562181d93 797864 lrzip-dbgsym_0.641-1+deb11u1_ppc64el.deb
 5a1f1382230ed15a9066d55cad59739c2bb7c30f 6070 lrzip_0.641-1+deb11u1_ppc64el-buildd.buildinfo
 cd5fc3a32250fdd965f77aed9dd3ac880eb5cca9 273100 lrzip_0.641-1+deb11u1_ppc64el.deb
Checksums-Sha256:
 259e5a7edede9e63c570620be10f1b8ac974f4d2d5d289a456fa8bd15a84590e 797864 lrzip-dbgsym_0.641-1+deb11u1_ppc64el.deb
 26d02ae1316a60d4d1983d01b0e1612178fc182abaad422ffa5ee81c1fb92736 6070 lrzip_0.641-1+deb11u1_ppc64el-buildd.buildinfo
 5a15f9997fcffd2e3b611e8b9769167b8e0922ab0cc157d6821497a4fe21fbb3 273100 lrzip_0.641-1+deb11u1_ppc64el.deb
Files:
 23346bc19ffd4b903fbbbf91e8846d87 797864 debug optional lrzip-dbgsym_0.641-1+deb11u1_ppc64el.deb
 86c355611fb0f9303ebabf067ca8333d 6070 utils optional lrzip_0.641-1+deb11u1_ppc64el-buildd.buildinfo
 4c321c9591ee005ea55261cad23720c2 273100 utils optional lrzip_0.641-1+deb11u1_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEzxcBZLbWYROS8SGLQ0vh8H8HxvwFAmKH9AIACgkQQ0vh8H8H
xvw4IA/9GeZBQBcSqGBVAc75ZIhF86gLP3HJyQNbmSQTZ++5iY2Avly9WXs+Jy7C
hc3ixlNMP4zC6h7Ka7YTVKtXlM35374u4QAiSNCD7zuBS5a38KAHF7NRExmrsewa
BZTbIILPGKhkyYyIzDGdMzYhIT32YfncmU9jPmbOZoW5T+97XhG1cyM8p4Vqvu/M
eEzgp+4TyYtGX6JPtAAvmsFSQNoXJ99uutP5tjeAZXteDytw3OndFpQut6CQtjdC
AxfmxeetrmfTcXAN2gZQLY5kBjlEc/9bfKrjPwnuIVakgdTCzFFWeldAoKsw9GF/
nIE9xkBYwd1Zcx03/Ct67cKtxaUPOoOpt8NRIwI77pG6ahVAZ+ZPK7JufBoy0KMS
W2jhBefP7Mrg6LmBDcKrSV2v0LjqHWv0MjOGyVoGPQb3eTDpB+VMVM17PYjon1lw
9iVfGQqRWqg9O19FF1dRwqD8FIH6U/6DSNvoH807RS438coN4vceU3VGNHstADMB
RLhdM4m6lj/PuFWahvO0Xq/pzVIm6e9XQ++PFBNZnDMVgv+/QkrdOnN82i357hh+
FHHHp3oWY+VF2ZABkCY0ssCwT3uelheCJyYcOXjBnk1LrtyswvL/gIHl8cIxbwj9
0x9hI6R6FEfHHUT5TSwzGRRkKHWUIEATASvQBrAbWXPjsfgupfI=
=uHeC
-----END PGP SIGNATURE-----