-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 22 Apr 2023 20:48:00 +0000 Source: pev Binary: pev pev-dbgsym Architecture: i386 Version: 0.81-3+deb11u1 Distribution: bullseye Urgency: medium Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) Changed-By: David da Silva Polverari Description: pev - text-based tool to analyze PE files Closes: 1034725 Changes: pev (0.81-3+deb11u1) bullseye; urgency=medium . * debian/patches/0002-fix-bo-pe_exports.patch: created to fix a buffer overflow vulnerability present on libpe's pe_exports function from exports.c (CVE-2021-45423). Without this patch, a maliciously-crafted PE file opened by pev utilities can trigger arbitrary code execution. (Closes: #1034725) Checksums-Sha1: 742a4b8a3227e5671c508f1c6c2d9b5c0abf98be 357776 pev-dbgsym_0.81-3+deb11u1_i386.deb 6e28185f764029bac2ac7c927480c5bf93ca8c15 5940 pev_0.81-3+deb11u1_i386-buildd.buildinfo ad1cd6988d9e8b3d82542979e4fd87e253151510 171852 pev_0.81-3+deb11u1_i386.deb Checksums-Sha256: 71f618f9afd5b6d448c8b0170ab06b750a76568ab1391c5321fd2479753e74ec 357776 pev-dbgsym_0.81-3+deb11u1_i386.deb 38a4ec874cff2ecfc5585bb3b79f4177375881524356a26dd34cdec59c6fe6b0 5940 pev_0.81-3+deb11u1_i386-buildd.buildinfo e6bd0100764ee043ad984b7c064926e075414da5016c88d61ca2fce35859dfd1 171852 pev_0.81-3+deb11u1_i386.deb Files: 2ef3cf7741af3a92c955d8c124ab3f0a 357776 debug optional pev-dbgsym_0.81-3+deb11u1_i386.deb 99f02f0cba1e24808651e863cc15a633 5940 utils optional pev_0.81-3+deb11u1_i386-buildd.buildinfo 0781f890c41add9dd5c005bd42c67066 171852 utils optional pev_0.81-3+deb11u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE2q+i4qaoTi/nmbi10RfxDyMLhSIFAmROfUoACgkQ0RfxDyML hSLhHQ//cLdLKLs9CzNS4fArjTofuifs5Yi7WTUJpsYkj5JaIuyXkNLIg+T9vdN9 NUoAnXz2qaxdcfWQ4Ut/RJz6G2tK/zCPFekfHPsp2rdEaOR+ZHEnuekKFfS08+J9 kTgdlAfVJ3MbJfufYT/J1hBf4y5l9NbVbF9bpUe/iEdgtmmnrimvhiQ6UZdp6DFE XMRoJ2RYyqoq6WF6b23UiqEMjiMX+/RRuIQQ7bYfOAA9m/hJu46ZSUP33i/7Vwqn EQ8thtbrt//iIXOgFIUOwUdg8HLNRBpeyiCtoa9bPcbO7tWHuaJ9XMMYnP2jrlvq hwP0MnZktAXg7NydKpn21mtUvB16S/AK5MNxN6GDPaRJbWxlR/mBLXdznuilCyql levG1oEncmBHLBUReKSFcjJKnGG5L+SRX81Y924qW2pCR2iCMDG3DIHPAnAWJ30A NeaFQAjuLa0PKPHRaaqkGQFwgoNV5Ko2I0B+vyjspZLzGlAByUCAK1VU3UxAf6HG XHcG9vV5J4xCQunZOdLgz/vIsBDwJWOIiDFCd84EWt4VFHircKwqkY8R1JFJyUVN mWlZrePofx2SxFeu5wE4iqExhyEOaLVr2jiWf7+u4ZRlCG4z2R8cYmisW5C0FmYQ L6asJIHkCXBWbLtKOPBJT2qhuOd8Mq2l6hn63bXA+X9DPq6FIIY= =o+IJ -----END PGP SIGNATURE-----