Format: 1.7
Date: Thu, 14 Sep 2006 13:45:18 +0200
Source: gzip
Binary: gzip
Architecture: i386
Version: 1.3.5-14ubuntu1
Distribution: autobuild
Urgency: low
Maintainer: Ubuntu/i386 Build Daemon <buildd@rothera.buildd>
Changed-By: Martin Pitt <martin.pitt@ubuntu.com>
Description: 
 gzip       - The GNU compression utility
Changes: 
 gzip (1.3.5-14ubuntu1) edgy; urgency=low
 .
   * SECURITY UPDATE: Arbitrary code execution or DoS with specially crafted
     gzipped/compress'ed files. Tavis Ormandy did a comprehensive security
     review, applied his patch to fix the following issues:
   * NULL Dereference [CVE-2006-4334].
   * Buffer overflows in LZH uncompressor's make_table() [CVE-2006-4335,
     CVE-2006-4337].
   * Buffer underflow in gzip unpacker's build_tree() [CVE-2006-4336].
   * Infinite loop in LZH uncompressor [CVE-2006-4338].
Files: 
 ee004e7be2c5bb4afb1aacec2f705fbe 73088 utils required gzip_1.3.5-14ubuntu1_i386.deb