-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 18 Oct 2024 01:45:17 +0900
Source: 7zip
Binary: 7zip 7zip-dbgsym
Architecture: armhf
Version: 22.01+dfsg-8+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: arm Build Daemon (arm-ubc-01) <buildd_arm64-arm-ubc-01@buildd.debian.org>
Changed-By: YOKOTA Hiroshi <yokota.hgml@gmail.com>
Description:
 7zip       - 7-Zip file archiver with a high compression ratio
Changes:
 7zip (22.01+dfsg-8+deb12u1) bookworm; urgency=medium
 .
   * Fix CVE-2023-52168 (buffer overflow) and CVE-2023-52169 (buffer over-read)
 .
     * CVE-2023-52168: heap-based buffer overflow
         NTFS handler allows an attacker to overwrite two bytes at multiple
         offsets beyond the allocated buffer size.
     * CVE-2023-52169: out-of-bounds read
         NTFS handler allows an attacker to read beyond the intended buffer.
         The bytes read beyond the intended buffer are presented as a part of
         a filename listed in the file system image. This has security relevance
         in some known web-service use cases where untrusted users can upload
         files and have them extracted by a server-side 7-Zip process.
 .
     Detailed report about these issues are available at:
     https://dfir.ru/2024/06/19/vulnerabilities-in-7-zip-and-ntfs3/
Checksums-Sha1:
 53bcafef483f6b35e1c65043f48d915fa190d1c6 6658040 7zip-dbgsym_22.01+dfsg-8+deb12u1_armhf.deb
 ff3b0ea2f3ac2ab8b573dcf751cbcaa72c8add06 5957 7zip_22.01+dfsg-8+deb12u1_armhf-buildd.buildinfo
 f40e4459b9813abeb08bb4c2268c1f3d98955998 818576 7zip_22.01+dfsg-8+deb12u1_armhf.deb
Checksums-Sha256:
 ef6eb32dca416037da414d597dc6f25f84afa7abc85cbb6ec8f0340ef1509eb5 6658040 7zip-dbgsym_22.01+dfsg-8+deb12u1_armhf.deb
 fff608b82e248d36b091b13eba23740d1266cfe35b6d30a92954823a416d10b0 5957 7zip_22.01+dfsg-8+deb12u1_armhf-buildd.buildinfo
 5268a2c73c3c875aef3baa990030b3d56fd5a7aabcc95b97f766688f1d550264 818576 7zip_22.01+dfsg-8+deb12u1_armhf.deb
Files:
 5b38acbda4a6f48c1cc4e77ec6f726e1 6658040 debug optional 7zip-dbgsym_22.01+dfsg-8+deb12u1_armhf.deb
 6df83a24742304e4f40c1b806eda6b64 5957 utils optional 7zip_22.01+dfsg-8+deb12u1_armhf-buildd.buildinfo
 16cb721e00d87ad001b52aeefadaafbc 818576 utils optional 7zip_22.01+dfsg-8+deb12u1_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEH43oX1cK+BEEs9Pe/9j0ct/+ZwwFAmcTumUACgkQ/9j0ct/+
ZwwMcBAAvla/jv+RqLcuHXKvUYKUem71rBAP52UWw0isVzBDsv3QLHayrHUxJmM8
Uz9qVurqljr6st5W3E0bCjw16Lza+dRquoKkqYVjLZBO7QD7aJckmbAlRQNujLdl
GfHI/AdbdSmC4I/v3YIpOBdW90Dmo3lSYf53qv0r+eq6gF3mXBSMZVraDUbydlLh
UOZ1pFpZu6pORI1sQbBNzJXCgb3u+WP/EgrPvY0ek//IDkUabuG4pGZHjbfROi2c
BfvZjoRMLHHc3SYgH6pb4xoapOng1hBMTp55WdbKq4eoxxLr2rF7ZZhZ6/GstdzT
dvh5haxlcyzACxJ12ifgWd3MFvlVjicLmLLx1Xl//xVkvNCQankeOzEfDNF+m3p3
ZH91nWcpeojqMhC/FIStPyKczAEN8gBy6LIFFBQN7kWLFkOVflzA3ic/htqiVz7d
tjLSdYYv3OnZntlVrhe8r/2Bs2SxK5Jqe2ziLZ3BMdVpazjjr4kYVujb3ExINzqA
+tGdqsptDfx8fgislxQXDnGwIVsMab5TxXj3jw+F4JEEuS32+qjnDWUK5ErY68qI
wdhdW46f158gRHYBEarwvSbjGc54DWoWsfEYMrGvkmhH58FApNdFAjHW0Z60U+ax
er4o/mpHV18JJWuouVU+j9zmQ+4FNr341WouzfbezfHeSAXN7PE=
=L4TZ
-----END PGP SIGNATURE-----