-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 18 Oct 2024 01:45:17 +0900
Source: 7zip
Binary: 7zip 7zip-dbgsym
Architecture: ppc64el
Version: 22.01+dfsg-8+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) <buildd_ppc64el-ppc64el-osuosl-02@buildd.debian.org>
Changed-By: YOKOTA Hiroshi <yokota.hgml@gmail.com>
Description:
 7zip       - 7-Zip file archiver with a high compression ratio
Changes:
 7zip (22.01+dfsg-8+deb12u1) bookworm; urgency=medium
 .
   * Fix CVE-2023-52168 (buffer overflow) and CVE-2023-52169 (buffer over-read)
 .
     * CVE-2023-52168: heap-based buffer overflow
         NTFS handler allows an attacker to overwrite two bytes at multiple
         offsets beyond the allocated buffer size.
     * CVE-2023-52169: out-of-bounds read
         NTFS handler allows an attacker to read beyond the intended buffer.
         The bytes read beyond the intended buffer are presented as a part of
         a filename listed in the file system image. This has security relevance
         in some known web-service use cases where untrusted users can upload
         files and have them extracted by a server-side 7-Zip process.
 .
     Detailed report about these issues are available at:
     https://dfir.ru/2024/06/19/vulnerabilities-in-7-zip-and-ntfs3/
Checksums-Sha1:
 4d36fdb1876234d296ccbf8622a7e9fae3b2f02e 6766076 7zip-dbgsym_22.01+dfsg-8+deb12u1_ppc64el.deb
 ec24874033a7a7ebe815d83745559a5dc8363e10 6081 7zip_22.01+dfsg-8+deb12u1_ppc64el-buildd.buildinfo
 060c5a78921c012555af3803739c4a103bfab84b 1036520 7zip_22.01+dfsg-8+deb12u1_ppc64el.deb
Checksums-Sha256:
 583b5e356a96b71133d1f094e039ab4d00ed841e5890a5e482730dc7a0d4fbc1 6766076 7zip-dbgsym_22.01+dfsg-8+deb12u1_ppc64el.deb
 340cd4c88a53e1672839d7f23f26639237961ab0356c499002708c85ba4176de 6081 7zip_22.01+dfsg-8+deb12u1_ppc64el-buildd.buildinfo
 2aaa80675510095b028aa429047d6b829939251fe346fd7ffa1da1bcc03630e7 1036520 7zip_22.01+dfsg-8+deb12u1_ppc64el.deb
Files:
 0dab68028c581cdae8b9475ad02880c6 6766076 debug optional 7zip-dbgsym_22.01+dfsg-8+deb12u1_ppc64el.deb
 ce3182034ca72b7eec31973e8ae371f8 6081 utils optional 7zip_22.01+dfsg-8+deb12u1_ppc64el-buildd.buildinfo
 237258fe4d09f45f59dc6ba68ee3d414 1036520 utils optional 7zip_22.01+dfsg-8+deb12u1_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0YcVZfZCWQv84jpRNcqbeolus3sFAmcTuVUACgkQNcqbeolu
s3vGnw//bZhVj76vVWCHyCJC3xFYvRTJEiCF1yabch/T6RlMBoTaY6lzOLkMolrd
OkuOz1VerxYPXgo2mWN6u77OLUi5lLIFtBr9rL0HVX4TUaPTQiUauj2hZ0LQeCIl
wbfsCou5AK4bOsCcCKR4XoqEn7ppgMYlC4V6mK+teTrtbH8rmrVc9tJiq3Vo5s0Y
550CFsnpi1xUH5Kl2XpD9Va5cKvm/kJWkYxkO1mgnCHp/GnA2HeI0ATbvBtd63Do
zvpV1lCIciY/VQ6TPz2WY1o0uz3JzkjdYrKd9eBOHtQ+RG83L06SUITl+P65vVKu
FrLQ8jLwz7u3CJoMgxA1KjlnnSwOC13CZwjLjtuWucsmIaNM5xcwf+H/LUtkTHqf
5ohTFFMOcE/w/UCTSXsrc8zhLaJoErxS925oizNH4qHaAhtlvUrs9SdGbcz4T1e7
HPn7RZ4Lhwp0bxh3yLzaT4I5RtJzThfPYkoreyL84WUGxBa1qMDuHW5pEl3tr0JD
xaUXYsEChTfWQayWeVT4mD9F6gadlvfW1JXNxRPRXdUic5/TYOQ54WxJVLe3QnUw
2gQfvPW5zLafwZdQJV5SBLrh2mXoBQ3kJBO5O+IScKA/a/Jux8RwTTq2+BMHX/tM
S3Is/KXsEzvf4IeVdELmeE5rYX8Po/RwMxd/ZwxC+wKaJlBgeI0=
=wmEK
-----END PGP SIGNATURE-----