Format: 1.8 Date: Tue, 16 Aug 2022 19:08:38 -0300 Source: zlib Binary: zlib1g zlib1g-dev zlib1g-dbg zlib1g-udeb lib64z1 lib64z1-dev lib32z1 lib32z1-dev libn32z1 libn32z1-dev libx32z1 libx32z1-dev Architecture: amd64 Version: 1:1.2.11.dfsg-0ubuntu2.2 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Rodrigo Figueiredo Zaiden Description: lib32z1 - compression library - 32 bit runtime lib32z1-dev - compression library - 32 bit development lib64z1 - compression library - 64 bit runtime lib64z1-dev - compression library - 64 bit development libn32z1 - compression library - n32 runtime libn32z1-dev - compression library - n32 development libx32z1 - compression library - x32 runtime libx32z1-dev - compression library - x32 development zlib1g - compression library - runtime zlib1g-dbg - compression library - development zlib1g-dev - compression library - development zlib1g-udeb - compression library - runtime for Debian installer (udeb) Changes: zlib (1:1.2.11.dfsg-0ubuntu2.2) bionic-security; urgency=medium . * SECURITY UPDATE: heap-based buffer over-read - debian/patches/CVE-2022-37434-1.patch: in inflate.c, add an extra condition to check if state->head->extra_max is greater than len before copying, and move the len assignment to be placed before the check. - debian/patches/CVE-2022-37434-2.patch: in the previous patch, in inflate.c, the place of the len assignment was causing issues so it was moved to be placed within the check. - CVE-2022-37434 Checksums-Sha1: 301104ce60098e9ccbb31c129429ca2f3bd978a2 60664 lib32z1-dev_1.2.11.dfsg-0ubuntu2.2_amd64.deb dfb63098fa62ea425e5e4f09bc853ef7d1237be3 58704 lib32z1_1.2.11.dfsg-0ubuntu2.2_amd64.deb e3a88c62de0fd9d7f40e120545137049d9127bb4 57508 libx32z1-dev_1.2.11.dfsg-0ubuntu2.2_amd64.deb 8ec4044ce8e650b67ffbdf29ac8af4c67faf796b 56508 libx32z1_1.2.11.dfsg-0ubuntu2.2_amd64.deb e28559a2c64a1212fe4d11571ffc9eb831405bcd 257800 zlib1g-dbg_1.2.11.dfsg-0ubuntu2.2_amd64.deb df3170187303d66d99653b09a9717f56787249a5 175640 zlib1g-dev_1.2.11.dfsg-0ubuntu2.2_amd64.deb a33087438771c4b73d930629a1ae1431a2c822bb 53352 zlib1g-udeb_1.2.11.dfsg-0ubuntu2.2_amd64.udeb f8ec2af66c56947b2b00f709e6a09a84658d183a 56852 zlib1g_1.2.11.dfsg-0ubuntu2.2_amd64.deb dea75a6974a52e3861e6950af634ad775b1b02c3 8445 zlib_1.2.11.dfsg-0ubuntu2.2_amd64.buildinfo Checksums-Sha256: d938faa8a317962cffc792c395a5e56c050c86a303928185f3eb61cb3bd4c5c4 60664 lib32z1-dev_1.2.11.dfsg-0ubuntu2.2_amd64.deb 95f4a851b891584aa1fd9b49df0996ecc1cb9e888560eb632880f7b5cd393f76 58704 lib32z1_1.2.11.dfsg-0ubuntu2.2_amd64.deb 814531e76dc12d8f86cf0e7e9680849f5102af455dabe491fb7c8e1393354b6a 57508 libx32z1-dev_1.2.11.dfsg-0ubuntu2.2_amd64.deb 24b31e1dbfa0687ad8269e86b7b0e94fcf1db80fcc1feba23a14c4cfa910ff76 56508 libx32z1_1.2.11.dfsg-0ubuntu2.2_amd64.deb e780a18646868af00839c399ceef870ff268ac6bc1675067735da3f9d07e3d4d 257800 zlib1g-dbg_1.2.11.dfsg-0ubuntu2.2_amd64.deb 33f5ec22778404069783abc5db2917d26d471d63dcb05448cd59b479c11142ab 175640 zlib1g-dev_1.2.11.dfsg-0ubuntu2.2_amd64.deb af33d491f19e21fec119ddef0db09cb2673dee720d968b2f48982b358b7e6dd5 53352 zlib1g-udeb_1.2.11.dfsg-0ubuntu2.2_amd64.udeb 515c904330188cc53238ae38bf16fbaa774ac9d168d8e400003416eb05bc6a86 56852 zlib1g_1.2.11.dfsg-0ubuntu2.2_amd64.deb 09d401c15b096b4c1a556124535538d79c1e1d35b81bce1c77ad2223df7b570a 8445 zlib_1.2.11.dfsg-0ubuntu2.2_amd64.buildinfo Files: 78359718ff4fdfd3919a2226396ffdda 60664 libdevel optional lib32z1-dev_1.2.11.dfsg-0ubuntu2.2_amd64.deb 71591104c95f4e117383dbc2443e08e4 58704 libs optional lib32z1_1.2.11.dfsg-0ubuntu2.2_amd64.deb b324988e30ed8e4c5358a8dbe5effe7b 57508 libdevel optional libx32z1-dev_1.2.11.dfsg-0ubuntu2.2_amd64.deb 68f7e709f55f995fb3b8c8ae01fe11c1 56508 libs optional libx32z1_1.2.11.dfsg-0ubuntu2.2_amd64.deb 08ad455d064e4666b97b0a763129047d 257800 debug extra zlib1g-dbg_1.2.11.dfsg-0ubuntu2.2_amd64.deb 4b44da4fca82fb48a925e608c237903d 175640 libdevel optional zlib1g-dev_1.2.11.dfsg-0ubuntu2.2_amd64.deb 2e3a9019a44ebd8eaef63a21c5c873a6 53352 debian-installer optional zlib1g-udeb_1.2.11.dfsg-0ubuntu2.2_amd64.udeb 174f1e8754d24648d9b826f9fa93d70b 56852 libs required zlib1g_1.2.11.dfsg-0ubuntu2.2_amd64.deb 049fb448d67b3f73546d3543113290cb 8445 libs optional zlib_1.2.11.dfsg-0ubuntu2.2_amd64.buildinfo Original-Maintainer: Mark Brown Package-Type: udeb