-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 18 Oct 2024 01:45:17 +0900
Source: 7zip
Binary: 7zip 7zip-dbgsym
Architecture: s390x
Version: 22.01+dfsg-8+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: s390x Build Daemon (zani) <buildd_s390x-zani@buildd.debian.org>
Changed-By: YOKOTA Hiroshi <yokota.hgml@gmail.com>
Description:
 7zip       - 7-Zip file archiver with a high compression ratio
Changes:
 7zip (22.01+dfsg-8+deb12u1) bookworm; urgency=medium
 .
   * Fix CVE-2023-52168 (buffer overflow) and CVE-2023-52169 (buffer over-read)
 .
     * CVE-2023-52168: heap-based buffer overflow
         NTFS handler allows an attacker to overwrite two bytes at multiple
         offsets beyond the allocated buffer size.
     * CVE-2023-52169: out-of-bounds read
         NTFS handler allows an attacker to read beyond the intended buffer.
         The bytes read beyond the intended buffer are presented as a part of
         a filename listed in the file system image. This has security relevance
         in some known web-service use cases where untrusted users can upload
         files and have them extracted by a server-side 7-Zip process.
 .
     Detailed report about these issues are available at:
     https://dfir.ru/2024/06/19/vulnerabilities-in-7-zip-and-ntfs3/
Checksums-Sha1:
 8434e019b6f7e989db37a6e5019d3dad757064ee 6654528 7zip-dbgsym_22.01+dfsg-8+deb12u1_s390x.deb
 2ca7c467998ae2f60c419fe8e6c4f5a6f6062a9c 5993 7zip_22.01+dfsg-8+deb12u1_s390x-buildd.buildinfo
 9ce7637ac0de1d38d60e1d4a1da7c0d7adb24e45 884424 7zip_22.01+dfsg-8+deb12u1_s390x.deb
Checksums-Sha256:
 bbdb8b21e7a5117810975ee6ab55b7ae4e09010fcafef8811ff801d86a747084 6654528 7zip-dbgsym_22.01+dfsg-8+deb12u1_s390x.deb
 e346da8ccd068af6b079d7d11487c3be20ec028c0cf7e844c46209c944240b9b 5993 7zip_22.01+dfsg-8+deb12u1_s390x-buildd.buildinfo
 44d4adf9b70ad1e08e3bb83e44311b18c516db80d317c406c70a077427ccac0a 884424 7zip_22.01+dfsg-8+deb12u1_s390x.deb
Files:
 fbb490a2f0fa63e85a870f9439034f70 6654528 debug optional 7zip-dbgsym_22.01+dfsg-8+deb12u1_s390x.deb
 5f89c1719b1ad18f15196b32a82a046e 5993 utils optional 7zip_22.01+dfsg-8+deb12u1_s390x-buildd.buildinfo
 8d9fa88a3dcf74ef35ddea0240aa855d 884424 utils optional 7zip_22.01+dfsg-8+deb12u1_s390x.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZTC4/c20pi1/n7UBUhVQ83ojQ7QFAmcTucwACgkQUhVQ83oj
Q7RXMQ/7BXXMpPqEwlDNr7kej7tKHod/mmV8xv41ZLLUKSlFlsrl7L0UQSyN5T2Q
LEhJjqctwQ+WR9jawLd97idFX0qeZfPcRyu0rr/eh5b8yk5nvIJE3q166G0Xypyl
kJuW8EfjRKNbjQ4wwCytddPNzbWgkGubQWLSA+adpU9eINc3CpQ0scYZHMbuTD9E
XJ5Rp/J1F6n80TxsnLOX+Qku5JuUdRdFGIStLRlaG6dI6cRIx8B6/ItNkWoAtHl4
TztMz/on/kJPbthnSNfP14tBSERqaSDZKz9OnIRZVNINzDhQ/Ew8TxPGx9I9PW0Q
j+XoYCv/38aO/5PBLlTToi0uLtOuOUYk9cmdPf2q2BmgrLQzGjrkWVqEIHCK2ZJ4
8pbbyhH/xsfOvTczqhguJ7uQFuiuoCkn1WJ0wOT0Sz1mnz1B6D7cEk8fSzU37nXB
s4oiZfTSeMeDxTt6zR4ec88Nn95Rgp0lWDMzPsP1zwb0hOv/8Xfx4sX3Hf8LPMLH
lc4jAqCqMkC7mLccJ3nhkZV/bUUf5apQdrK7iUKAv24p75wN3/SS7kiw0Q/XKMbz
Av4J+sg03dxi3VchtPMaEfTBNk5hu41jW3edon4+um//QrcpkNPtLsglZKAKdP6p
pjYaJLJ1MbFUVFGeHU1r3Dv8q+MQWsgYmhityYSlXtTzt9Kl/kc=
=yNjl
-----END PGP SIGNATURE-----