Publishing details

Published on 2016-09-23
Copied from ubuntu trusty in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot

Changelog

unadf (0.7.11a-3+deb7u1~build0.14.04.1) trusty-security; urgency=medium

  * fake sync from Debian

unadf (0.7.11a-3+deb7u1) wheezy-security; urgency=high

  * CVE-2016-1243: Fix stack buffer overflow caused by blindly trusting on
    pathname lengths of archived files. Stack allocated buffer sysbuf was
    filled with sprintf() without any bounds checking in extracTree() function.
    (Closes: #838248)

  * CVE-2016-1244: Correct execution of unsanitized input. Shell command used
    for creating directory paths was constructed by oncatenating names of
    archived files to the end of the command string. (Closes: #838248)

 -- Tyler Hicks <email address hidden>  Thu, 22 Sep 2016 16:47:13 -0500

Available diffs

diff from 0.7.11a-3 (in Debian) to 0.7.11a-3+deb7u1~build0.14.04.1 (1.9 KiB)

Builds

Built packages

unadf Extract files from an Amiga Disk File dump (.adf)

unadf-dbgsym debug symbols for package unadf

Package files

unadf-dbgsym_0.7.11a-3+deb7u1~build0.14.04.1_amd64.ddeb (57.5 KiB)
unadf-dbgsym_0.7.11a-3+deb7u1~build0.14.04.1_arm64.ddeb (60.2 KiB)
unadf-dbgsym_0.7.11a-3+deb7u1~build0.14.04.1_armhf.ddeb (56.6 KiB)
unadf-dbgsym_0.7.11a-3+deb7u1~build0.14.04.1_i386.ddeb (52.2 KiB)
unadf-dbgsym_0.7.11a-3+deb7u1~build0.14.04.1_powerpc.ddeb (56.0 KiB)
unadf-dbgsym_0.7.11a-3+deb7u1~build0.14.04.1_ppc64el.ddeb (76.6 KiB)
unadf_0.7.11a-3+deb7u1~build0.14.04.1.debian.tar.gz (21.3 KiB)
unadf_0.7.11a-3+deb7u1~build0.14.04.1.dsc (1.7 KiB)
unadf_0.7.11a-3+deb7u1~build0.14.04.1_amd64.deb (105.9 KiB)
unadf_0.7.11a-3+deb7u1~build0.14.04.1_arm64.deb (101.0 KiB)
unadf_0.7.11a-3+deb7u1~build0.14.04.1_armhf.deb (100.5 KiB)
unadf_0.7.11a-3+deb7u1~build0.14.04.1_i386.deb (104.7 KiB)
unadf_0.7.11a-3+deb7u1~build0.14.04.1_powerpc.deb (101.8 KiB)
unadf_0.7.11a-3+deb7u1~build0.14.04.1_ppc64el.deb (113.7 KiB)
unadf_0.7.11a.orig.tar.gz (204.5 KiB)