-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 18 Oct 2024 01:45:17 +0900
Source: 7zip
Binary: 7zip 7zip-dbgsym
Architecture: armel
Version: 22.01+dfsg-8+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-02) <buildd_arm64-arm-conova-02@buildd.debian.org>
Changed-By: YOKOTA Hiroshi <yokota.hgml@gmail.com>
Description:
 7zip       - 7-Zip file archiver with a high compression ratio
Changes:
 7zip (22.01+dfsg-8+deb12u1) bookworm; urgency=medium
 .
   * Fix CVE-2023-52168 (buffer overflow) and CVE-2023-52169 (buffer over-read)
 .
     * CVE-2023-52168: heap-based buffer overflow
         NTFS handler allows an attacker to overwrite two bytes at multiple
         offsets beyond the allocated buffer size.
     * CVE-2023-52169: out-of-bounds read
         NTFS handler allows an attacker to read beyond the intended buffer.
         The bytes read beyond the intended buffer are presented as a part of
         a filename listed in the file system image. This has security relevance
         in some known web-service use cases where untrusted users can upload
         files and have them extracted by a server-side 7-Zip process.
 .
     Detailed report about these issues are available at:
     https://dfir.ru/2024/06/19/vulnerabilities-in-7-zip-and-ntfs3/
Checksums-Sha1:
 6181b725f77324648ba1f0bbf8c40d1fcee6f732 6570008 7zip-dbgsym_22.01+dfsg-8+deb12u1_armel.deb
 ac68146bc9c6c2df263ea6192dcdf3a6d155a3d3 5955 7zip_22.01+dfsg-8+deb12u1_armel-buildd.buildinfo
 408421f84b14b29b9e3d9cde59ec5653210a10ab 803100 7zip_22.01+dfsg-8+deb12u1_armel.deb
Checksums-Sha256:
 29b71e3fd8b67f1a53b0c6f99665aa511de8085918f1e41920cbe0773118ad84 6570008 7zip-dbgsym_22.01+dfsg-8+deb12u1_armel.deb
 63562982fba42ba5a40fd8daaecda340de6e5ecf3c77b84aafb1295b1b512a0f 5955 7zip_22.01+dfsg-8+deb12u1_armel-buildd.buildinfo
 9e141b98d3a924dc02f512b99ab3a8a3967792ff69b0a79d0b839833f7a0961c 803100 7zip_22.01+dfsg-8+deb12u1_armel.deb
Files:
 02c7285e432eac57b76e8e7780dcba62 6570008 debug optional 7zip-dbgsym_22.01+dfsg-8+deb12u1_armel.deb
 beb0de47d9f247475c7e8d3d6b008212 5955 utils optional 7zip_22.01+dfsg-8+deb12u1_armel-buildd.buildinfo
 1f6758953ba7018029bc722412640082 803100 utils optional 7zip_22.01+dfsg-8+deb12u1_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEKAzExpjGvTI78ZO8LARVyvnD3xkFAmcTuWEACgkQLARVyvnD
3xmC1RAAnAo6Q4Se6N9f6fwJ/5W793ob3tmlosv6JdC2zeVMVcZtuZFGMVv2ejs5
Xenq4VrSWG8DohhOfe5Zja62GCBG2gRaWtdwdHNuWwCSYpzeSrQ4ENUiWQt7xehA
Yfb046/qzS5ZzGZp3hNhzwD6snne9nYBjeHc2nmyTj34kwcL3Bs1Lszx22CCXlgB
w3SW2caBrS9PQLzeb9aHD3Fjn3y5o2FhiviHNimftrzjXIZSZed1rQDipPuW/YZn
/DhioROcYRGUf/Eso/8vx3S9wB5HrBwdu4+aA4FPZUQkCUQVT1hYPOvSJaQrWH2+
ACc8oJVAxDtiVVzMVDsup44Iqvyww3F/YDzF3z988W9poP1OouEwIXIwS29DA8Oa
agtzVN+zRL1qjVoC3RpPDp+pm/FQp65+UooEFfU9D1qfHfdVpu/w0aBsxTC4z2Gw
xQ3KW0ySNgulNinf8IoCDZe+KNYgZMqscn73wHvoPkISVgJ4QtQN16bJTs7YXlbp
bfpgKP/yW+ADrlCAY2E5hR8mw5Jb5cuOZZ7S2PFp4K3qOwJ57l+vZ0rRUs142xid
e+U0Uo7fTVT/pnnCdXERGMOJ+JdYh+WHQ609Ie35q3cZdSXW6TPGhmgI+0lNnhyE
39iaw0HSJL7gafdkrjqajctz8aBLInq6ZQjjCP7boiv4spuwSC8=
=yUUC
-----END PGP SIGNATURE-----