-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 02 Jun 2024 16:38:00 +0200 Source: libarchive Binary: libarchive-dev libarchive-tools libarchive-tools-dbgsym libarchive13 libarchive13-dbgsym Architecture: i386 Version: 3.6.2-1+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) Changed-By: Salvatore Bonaccorso Description: libarchive-dev - Multi-format archive and compression library (development files) libarchive-tools - FreeBSD implementations of 'tar' and 'cpio' and other archive too libarchive13 - Multi-format archive and compression library (shared library) Closes: 1068047 1072107 Changes: libarchive (3.6.2-1+deb12u1) bookworm-security; urgency=high . [ Peter Pentchev ] * Add the robust-error-reporting upstream patch. Closes: #1068047 . [ Salvatore Bonaccorso ] * fix: OOB in rar e8 filter (CVE-2024-26256) (Closes: #1072107) * fix: OOB in rar delta filter * fix: OOB in rar audio filter Checksums-Sha1: dbd145be2fe5544eb771e9ae9a99f80f79712eb8 608276 libarchive-dev_3.6.2-1+deb12u1_i386.deb df85af466717d07ad335760f3a2864b4719bbd35 88340 libarchive-tools-dbgsym_3.6.2-1+deb12u1_i386.deb 8f8dc295eca0423d0d81ae3cdf57d0aa28d9da2e 77044 libarchive-tools_3.6.2-1+deb12u1_i386.deb 771f5f697a2b5174459c1b4cbf61f3e0c01a7fd4 972044 libarchive13-dbgsym_3.6.2-1+deb12u1_i386.deb 7e46a5ea9bb19c684f34bd6b5b015463b72f81ad 384892 libarchive13_3.6.2-1+deb12u1_i386.deb 7c914785a9467cfcbcc5e07d596d140fc0b1a145 7694 libarchive_3.6.2-1+deb12u1_i386-buildd.buildinfo Checksums-Sha256: 9827ef39fa2f0414c735c38a21816a591818d6f67395dfa6676ab2b93e426141 608276 libarchive-dev_3.6.2-1+deb12u1_i386.deb c602ae6c8f220e050f4a095d1f92d25190fc973028ee2f5a5e69803b7b3a3591 88340 libarchive-tools-dbgsym_3.6.2-1+deb12u1_i386.deb 46d2327845a7b4d297af4bf77777bde5e58962a75bd66d45c273a5a13e3b00f3 77044 libarchive-tools_3.6.2-1+deb12u1_i386.deb 3738c7d57699c81dad68cc40f75b107063f5c47cdae6de53bdd044bb5ae0b338 972044 libarchive13-dbgsym_3.6.2-1+deb12u1_i386.deb e755692ab1b2150f353957c6b5391527fcda3f1378c4c44fee667d78b39ad570 384892 libarchive13_3.6.2-1+deb12u1_i386.deb 3516716b82fc6cddf04bf64ae414a4275fa4d52b4be2214505174e2bd9d2765a 7694 libarchive_3.6.2-1+deb12u1_i386-buildd.buildinfo Files: c866c9e8934e7bea10a7ccb03aa822f3 608276 libdevel optional libarchive-dev_3.6.2-1+deb12u1_i386.deb 30ca45bc38b5757189d66d407865edd3 88340 debug optional libarchive-tools-dbgsym_3.6.2-1+deb12u1_i386.deb e158efd3133f558cc83ef29b06aafe6b 77044 utils optional libarchive-tools_3.6.2-1+deb12u1_i386.deb b6f605d3be2cfd38a7af5f87a87e5033 972044 debug optional libarchive13-dbgsym_3.6.2-1+deb12u1_i386.deb 262d13f8f64237f594b1911bbe0eb1e1 384892 libs optional libarchive13_3.6.2-1+deb12u1_i386.deb e7b515c63e161e7e299540f171c84d6b 7694 libs optional libarchive_3.6.2-1+deb12u1_i386-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEgdRoRGwEM09wlaMzOni7ZmUpKEcFAmZcig8ACgkQOni7ZmUp KEdFkQ/+K2RwjZmc5nkI0uw7DCS020tnMeNvDxOvMOjwYS7KIh9TLLuHdWlhbnJP vFF65VbBw6ETes1qK8Ujw2cGZQcB67tbnIREinbSv3z3DHZdB2iDgWyDx4yOCjdX GgUYn+G1bdoxRk45Or+kI5rn4vd4l4lm+C1sQ0uZQt2B63B/A9HWXst9xvoYwKRa x/ghF8+n0Z6qTT+BKdi3XI9uZ3RWYs4XHJWS9I2EfdcooZwW+RTp0SViaMS/SjYm ddCFBytWDyPVohkmc4IqhwdqD5o+7LIeraIwy1TD+O5504/UsSXg4JCQaVhrVjtm a/uBB6PrwdLXddgSuKSUUXeER8uG40H1aXpQmgEbmHJ/1dk6UVU/RgjpXg1iNm/o iRUad0FBqAxEzRRxTT+DTycuMVz1GZS0MLBnUsS9DGDfD5T1gtGAgrO0GZpFf3Vq sIaJZqrkRpd6Ay8jWaXyq8YqcmfoqcbPcpRkAq9ayLFASjbfzjByqk2MD49kMP/9 cc7NKsApeoYFsgKnT8naAZjqML3pABHVGeXPiIT6/jKbijHUNxqn3hKn4nSKLry2 paS69LthkN1+WFG6KL3enb+IslEFseJiXKCZS4NTWRVHwFYLuIpMQyMXf+Q3WFFn 9qJyoJZxSp/lgbotGGn4rOVxQDUJ+H49vUNPowvYCVb9EqMQ4KQ= =xx10 -----END PGP SIGNATURE-----