-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 18 Oct 2024 01:45:17 +0900
Source: 7zip
Binary: 7zip 7zip-dbgsym
Architecture: arm64
Version: 22.01+dfsg-8+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-04) <buildd_arm64-arm-conova-04@buildd.debian.org>
Changed-By: YOKOTA Hiroshi <yokota.hgml@gmail.com>
Description:
 7zip       - 7-Zip file archiver with a high compression ratio
Changes:
 7zip (22.01+dfsg-8+deb12u1) bookworm; urgency=medium
 .
   * Fix CVE-2023-52168 (buffer overflow) and CVE-2023-52169 (buffer over-read)
 .
     * CVE-2023-52168: heap-based buffer overflow
         NTFS handler allows an attacker to overwrite two bytes at multiple
         offsets beyond the allocated buffer size.
     * CVE-2023-52169: out-of-bounds read
         NTFS handler allows an attacker to read beyond the intended buffer.
         The bytes read beyond the intended buffer are presented as a part of
         a filename listed in the file system image. This has security relevance
         in some known web-service use cases where untrusted users can upload
         files and have them extracted by a server-side 7-Zip process.
 .
     Detailed report about these issues are available at:
     https://dfir.ru/2024/06/19/vulnerabilities-in-7-zip-and-ntfs3/
Checksums-Sha1:
 61a4be900e80ee75354af764dc96b7c873a34763 6654716 7zip-dbgsym_22.01+dfsg-8+deb12u1_arm64.deb
 6d184778540eaa1b4bb5c7270c3aa861247361e4 6081 7zip_22.01+dfsg-8+deb12u1_arm64-buildd.buildinfo
 f14ba1a60c140fec5ecba265755c2b7734d94827 881296 7zip_22.01+dfsg-8+deb12u1_arm64.deb
Checksums-Sha256:
 e11b78f4e2c326f7922240ff205d3d775d134204fc81f11b16d980e53f1eddc7 6654716 7zip-dbgsym_22.01+dfsg-8+deb12u1_arm64.deb
 28bea842b4c0a5d65de825c39520d33886f0cd0bb6fa23392a3d02a4f7d525e1 6081 7zip_22.01+dfsg-8+deb12u1_arm64-buildd.buildinfo
 ca29296760ebfd372e1b28d764aea07b195a73821d62468040c2a260c5cbc46e 881296 7zip_22.01+dfsg-8+deb12u1_arm64.deb
Files:
 7a37c7ddaf088b50333707b43224bc98 6654716 debug optional 7zip-dbgsym_22.01+dfsg-8+deb12u1_arm64.deb
 27547a14684cc81a3effa2e323af08db 6081 utils optional 7zip_22.01+dfsg-8+deb12u1_arm64-buildd.buildinfo
 031d94b5f0ac9c9d88f9bf55239e8d2e 881296 utils optional 7zip_22.01+dfsg-8+deb12u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEvEwFZ4bqkVI+Rh6t+N4VxR6LZYEFAmcTuRcACgkQ+N4VxR6L
ZYG5zw/+NSHjWH822BGoVhkCD/4ixo9F6m27QcrE081ym/tbhR3wIMeXHbZCx2oo
LaR9my3bczuSUbJMUdSXk0ZXFc5dC4iywH3tNHbBKwV2s7RKEypNf7R4NVoEfp5Y
PzIhid21gTfmBFGjkkwLMvaC8i9UwvLFpCec9K9SCRtM53A6NM2KCLgRUwvFkbrZ
ZGYEMmymdpO/kFNiZM40dr5CR/6gqIo2yXYOVx73xvi3ol+9O+FeX4JB4nyYuTMq
BfHEkDaw1MkX/ChM2JqpLU4uWS3rBwZXcxZtw59hgGE7v+QEjNEPjjUGgiS0uALN
7vPpY7VGvLGa/kkpCToF2uhKKXrfFF7UjPrrI5Tv9WXnxBAIEKuueUA6Yj5WAQ/e
Wl9SlipUosLNp2gwb82g7mAsob1mP31rz4AEmLt2+RLNVyOyRDnmf2wBOmhlTVDR
5Oh5VORC9n0mkdmKhd/mUijb5OtKnXXZJcbImpK0LyA+Gsv7AdyaEtsmnZ8YL+25
iGyb2A+hzz8NzxWZdSrENgWKTunenUc60+6RdMd82CKdD3ML5bpOC6gQsffAg7xe
5V38r3WSeHbLBWYv5cedxewkFMz3V55rQWMoC5p0F24RMgc8By5f9ElFCOiYMniW
thLGh/x7KVpfdwN1/ntU5srOqBZVhNMBZb09Vb3v/Lu2i5ASlLs=
=8iIK
-----END PGP SIGNATURE-----