[ubuntu/cosmic-proposed] libarchive-zip-perl 1.60-1ubuntu1 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Tue Jul 10 12:38:12 UTC 2018
libarchive-zip-perl (1.60-1ubuntu1) cosmic; urgency=medium
* SECURITY UPDATE: Traversal path vulnerability
- debian/patches/CVE-2018-10860.patch: fix in
lib/Archive/Zip/Archive.pm and add test in
t/25_traversal.t and some .zip files for test.
- CVE-2018-10860
Date: Tue, 03 Jul 2018 16:39:03 -0300
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libarchive-zip-perl/1.60-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 03 Jul 2018 16:39:03 -0300
Source: libarchive-zip-perl
Binary: libarchive-zip-perl
Architecture: source
Version: 1.60-1ubuntu1
Distribution: cosmic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Leonidas S. Barbosa <leo.barbosa at canonical.com>
Description:
libarchive-zip-perl - Perl module for manipulation of ZIP archives
Changes:
libarchive-zip-perl (1.60-1ubuntu1) cosmic; urgency=medium
.
* SECURITY UPDATE: Traversal path vulnerability
- debian/patches/CVE-2018-10860.patch: fix in
lib/Archive/Zip/Archive.pm and add test in
t/25_traversal.t and some .zip files for test.
- CVE-2018-10860
Checksums-Sha1:
ac6bab3348c84d6e376ce58fdeddf6bded1da165 2308 libarchive-zip-perl_1.60-1ubuntu1.dsc
e496b64890ae37f6461bbba3382b9d9772012165 12268 libarchive-zip-perl_1.60-1ubuntu1.debian.tar.xz
bd4df564c7c2e633a92311cd3beff326d688487b 5583 libarchive-zip-perl_1.60-1ubuntu1_source.buildinfo
Checksums-Sha256:
143c6f06056f15019f4511cf735b3b73354e0b5746e504f304f35cdc0369a7a9 2308 libarchive-zip-perl_1.60-1ubuntu1.dsc
3529ccc9331e408ec3b81ecf8f6c603e087794f32e34c1fbdf316ac6379d78d8 12268 libarchive-zip-perl_1.60-1ubuntu1.debian.tar.xz
76ddead47541b9c0009685b1385c52f6e3709db7c65a8d2da1069accd34edc3d 5583 libarchive-zip-perl_1.60-1ubuntu1_source.buildinfo
Files:
a13f83eb832f8b46d8f0d8d606ee2f52 2308 perl optional libarchive-zip-perl_1.60-1ubuntu1.dsc
b724c737494a4df284359ed1fa1801bc 12268 perl optional libarchive-zip-perl_1.60-1ubuntu1.debian.tar.xz
3332b02b97443623d94a270402d9eb9f 5583 perl optional libarchive-zip-perl_1.60-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Perl Group <pkg-perl-maintainers at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAltEqEsACgkQZWnYVadE
vpPlew//Y2V5uFwoS7FhtAmZf101XoxO5JVj4sw12C2yKsW0UPF7W5n8AiXBPNa7
gokf5fkNv6RKFokOP+2mBMIcg8y80CC03hNBDtx78PUYEw2zi1+gtT2r1Dxn46jZ
ohmRYLU6VF3biVZmPltaamUpylWiW5Do/dkeexo2Hxe6LYC7DogLg4NnutCnprya
fv15cI3La4dEzHc9MsrjdLtBTpsvU/QnGp06ciVRIsQlGFORRff80p7RsNv7ZvsA
QPB631LoU0Q5JUsdQv3m36u+oTSq4i8zGEtUcFPJ5RZHhnMjETJ/fgJ+YNNVi9FR
emYQLyA2OT6ojtaG/MEKzEysnVYYq68VoYSJg/kBqqpMKY3VC8UCx/CoTGuyvalY
dYuibJdDxrOxRagWNEnszLe3tHGo8hYiCViRSR4fhmTWRkIqFhkY9VlV2ZHMFuNz
Hk9m131jOJgkwpCMRQvWxYCv7ov2+ANarvqqn7K6AuSswmfNyy5Qo80raQpBN36U
2uMZDMKQ4T7d/s/VLBeeYvgGzJqoexDKE2Ylj3YZ34GyBCXW4tsqhcG+vx8w7sqm
HRB6Pq+pddUNP8hg+gGrj4ltr2fVydZKp8L+brT0RbIFeqCnz60F0ws08e9vbRhX
II7cso9sTPZ4X3/I5Rx/odQ9h1IHxKUSKoxrP7zNmewLI72XBf0=
=mTAi
-----END PGP SIGNATURE-----
More information about the Cosmic-changes
mailing list