Publishing details

• Published on 2022-04-13
• Copied from ubuntu bionic in PPA for Ubuntu Security Proposed by Marc Deslauriers

Changelog

gzip (1.6-5ubuntu1.2) bionic-security; urgency=medium

  * SECURITY UPDATE: arbitrary file override with crafted file names
    - debian/patches/CVE-2022-1271-1.patch: avoid exploit via multi-newline
      file names in zgrep.in.
    - debian/patches/CVE-2022-1271-2.patch: add test in tests/Makefile.am,
      tests/zgrep-abuse.
    - debian/patches/CVE-2022-1271-3.patch: port to POSIX sed in zgrep.in.
    - debian/patches/CVE-2022-1271-4.patch: optimize out a grep in
      gzexe.in.
    - debian/patches/CVE-2022-1271-5.patch: use C locale more often in
      gzexe.in, sample/zfile, zdiff.in, zgrep.in, znew.in.
    - debian/patches/CVE-2022-1271-6.patch: fix "binary file matches"
      mislabeling in tests/Makefile.am, tests/zgrep-binary, zgrep.in.
    - debian/rules: fix permissions on new test scripts.
    - CVE-2022-1271

 -- Marc Deslauriers <email address hidden>  Fri, 08 Apr 2022 07:12:17 -0400

Builds

• amd64
• arm64
• armhf
• i386
• ppc64el
• s390x

Built packages

• gzip GNU compression utilities

• gzip-dbgsym debug symbols for gzip

• gzip-win32 GNU compression utility (win32 build)

Package files

• gzip-dbgsym_1.6-5ubuntu1.2_amd64.ddeb (100.6 KiB)
• gzip-dbgsym_1.6-5ubuntu1.2_arm64.ddeb (100.9 KiB)
• gzip-dbgsym_1.6-5ubuntu1.2_armhf.ddeb (95.8 KiB)
• gzip-dbgsym_1.6-5ubuntu1.2_i386.ddeb (93.1 KiB)
• gzip-dbgsym_1.6-5ubuntu1.2_ppc64el.ddeb (131.9 KiB)
• gzip-dbgsym_1.6-5ubuntu1.2_s390x.ddeb (101.0 KiB)
• gzip-win32_1.6-5ubuntu1.2_all.deb (67.4 KiB)
• gzip_1.6-5ubuntu1.2.debian.tar.xz (19.9 KiB)
• gzip_1.6-5ubuntu1.2.dsc (2.0 KiB)
• gzip_1.6-5ubuntu1.2_amd64.deb (88.2 KiB)
• gzip_1.6-5ubuntu1.2_arm64.deb (80.7 KiB)
• gzip_1.6-5ubuntu1.2_armhf.deb (81.7 KiB)
• gzip_1.6-5ubuntu1.2_i386.deb (89.4 KiB)
• gzip_1.6-5ubuntu1.2_ppc64el.deb (102.5 KiB)
• gzip_1.6-5ubuntu1.2_s390x.deb (85.7 KiB)
• gzip_1.6.orig.tar.gz (1.0 MiB)