-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 18 Oct 2024 01:45:17 +0900
Source: 7zip
Binary: 7zip 7zip-dbgsym
Architecture: mipsel
Version: 22.01+dfsg-8+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: mipsel Build Daemon (mipsel-osuosl-04) <buildd_mips64el-mipsel-osuosl-04@buildd.debian.org>
Changed-By: YOKOTA Hiroshi <yokota.hgml@gmail.com>
Description:
 7zip       - 7-Zip file archiver with a high compression ratio
Changes:
 7zip (22.01+dfsg-8+deb12u1) bookworm; urgency=medium
 .
   * Fix CVE-2023-52168 (buffer overflow) and CVE-2023-52169 (buffer over-read)
 .
     * CVE-2023-52168: heap-based buffer overflow
         NTFS handler allows an attacker to overwrite two bytes at multiple
         offsets beyond the allocated buffer size.
     * CVE-2023-52169: out-of-bounds read
         NTFS handler allows an attacker to read beyond the intended buffer.
         The bytes read beyond the intended buffer are presented as a part of
         a filename listed in the file system image. This has security relevance
         in some known web-service use cases where untrusted users can upload
         files and have them extracted by a server-side 7-Zip process.
 .
     Detailed report about these issues are available at:
     https://dfir.ru/2024/06/19/vulnerabilities-in-7-zip-and-ntfs3/
Checksums-Sha1:
 ace20f7e960b89ba99152a02bc042e48d2d4d72b 6699616 7zip-dbgsym_22.01+dfsg-8+deb12u1_mipsel.deb
 3cd902dd195d26e1c3b24735584eadec93e95d74 5911 7zip_22.01+dfsg-8+deb12u1_mipsel-buildd.buildinfo
 c4f7ff7d2a14f0fd061d86e65437e854407e3ca7 985460 7zip_22.01+dfsg-8+deb12u1_mipsel.deb
Checksums-Sha256:
 64f478b8d7054b5da707c24f4067468e27a298338d2441cb04b0e089508b86fb 6699616 7zip-dbgsym_22.01+dfsg-8+deb12u1_mipsel.deb
 df5d3b0744c7e81cee26d94155f6bd65ce4469627cd92ad54aaacaec009d0379 5911 7zip_22.01+dfsg-8+deb12u1_mipsel-buildd.buildinfo
 c1c075fb4f097c6cb2927b7852588f65e96bf34026e42e9f42514be35bd57f12 985460 7zip_22.01+dfsg-8+deb12u1_mipsel.deb
Files:
 45046bd92359f6c537ca34e130d6d08a 6699616 debug optional 7zip-dbgsym_22.01+dfsg-8+deb12u1_mipsel.deb
 03219354d9ff89eb14392b1473bb1227 5911 utils optional 7zip_22.01+dfsg-8+deb12u1_mipsel-buildd.buildinfo
 69edcdcf10261537c36cf3a9cb4a071f 985460 utils optional 7zip_22.01+dfsg-8+deb12u1_mipsel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERbXMbY9VMQqnSaVEV4aVsMglzVcFAmcTvgsACgkQV4aVsMgl
zVf2Jw/8Cb6/W7iCmUhhf85+2BjulE/iaPSByCbFNFRKSdTql9AAQEPfqJGCd3OE
K/u3CDT22Dz+yM9D//Hx/aU29EPFpNymd1riq5QlynQkNrUlkP+1KOs8n7t59/nT
8NZVUdfn1BCZPsVXEpQqpxTt/V2vp2j1InUQKr0/YB0Mz4A7Y3wNBKXMFb9cyftP
gQKnYnVe5GOHnpGK1PoktNjb3E1lpQe5EYIL0x3a17hZeLOJful3nu8eyFoX1DM/
VHDmUcYhCYZtUKx0jDVs8CpI3pIqgtaw3AATUd06uRXfUUxCi7bBsUqSSz+zAjXJ
0Z+b4czokSRHldXfGm2moHZilfzBaAunLhORaQFEd6N9yUqUELKkkMqEYZ9AYERH
LW7zEhPD0WVNcCiieZruOPkUTAmF/874dbjPxebyBdtMz0ku8vn+70misChF1ntf
KUqDAGtQ2TppYf+Z5tfvo1fU6T2xhKxen8PxWfjp9RRefNNyh7CfoxlMRyEi4Ml6
NTTN9BFwU3bIqyHKS1KtXHT/uQVNC1xEX27OVezRzwVC9YO4cymaDoFc/nkkN+Wb
6VUWmiyQyXm3CVvARQzEQGZQI0YzYJs0UF09UrB9iS2ttgPLw7utdqqwdz5AuCIT
eCiIXPzvwKLzau7HYx2wFFD5NtLZkq4xZ+HekCv2AP1JJmEPTkE=
=45Ag
-----END PGP SIGNATURE-----