Copied from
ubuntu xenial in
Private PPA for Ubuntu Security Team
by Ubuntu Archive Robot
Changelog
bchunk (1.2.0-12+deb8u1build0.16.04.1) xenial-security; urgency=medium
* fake sync from Debian
bchunk (1.2.0-12+deb8u1) jessie-security; urgency=high
* Non-maintainer upload.
* Fix CVE-2017-15953, CVE-2017-15954 and CVE-2017-15955.
bchunk was vulnerable to a heap-based buffer overflow with an resultant
invalid free when processing a malformed CUE (.cue) file that may lead to
the execution of arbitrary code or a application crash. (Closes: #880116)
-- Marc Deslauriers <email address hidden> Mon, 13 Nov 2017 09:05:57 -0500