Format: 1.8
Date: Fri, 08 Apr 2022 07:04:04 -0400
Source: gzip
Binary: gzip gzip-win32
Built-For-Profiles: noudeb
Architecture: amd64 all
Version: 1.10-4ubuntu1.1
Distribution: impish
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@ubuntu>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 gzip       - GNU compression utilities
 gzip-win32 - GNU compression utility (win32 build)
Changes:
 gzip (1.10-4ubuntu1.1) impish-security; urgency=medium
 .
   * SECURITY UPDATE: arbitrary file override with crafted file names
     - debian/patches/CVE-2022-1271-1.patch: avoid exploit via multi-newline
       file names in zgrep.in.
     - debian/patches/CVE-2022-1271-2.patch: add test in tests/Makefile.am,
       tests/zgrep-abuse.
     - debian/patches/CVE-2022-1271-3.patch: port to POSIX sed in zgrep.in.
     - debian/patches/CVE-2022-1271-4.patch: optimize out a grep in
       gzexe.in.
     - debian/patches/CVE-2022-1271-5.patch: use C locale more often in
       gzexe.in, sample/zfile, zdiff.in, zgrep.in, znew.in.
     - debian/patches/CVE-2022-1271-6.patch: fix "binary file matches"
       mislabeling in tests/Makefile.am, tests/zgrep-binary, zgrep.in.
     - debian/rules: fix permissions on new test scripts.
     - CVE-2022-1271
Checksums-Sha1:
 7ad0bed6e2db1658625c0210c4e5c034016923e5 107696 gzip-dbgsym_1.10-4ubuntu1.1_amd64.ddeb
 9d47a909fb3475ba8a0e28f1b78cf443c149d32a 97190 gzip-win32_1.10-4ubuntu1.1_all.deb
 5fd00c2fdc1731f33ddc9a1d1878ce8c6748969c 7667 gzip_1.10-4ubuntu1.1_amd64.buildinfo
 d5cbb9c40e4973159a95e46c87b5a4f48da03b67 96022 gzip_1.10-4ubuntu1.1_amd64.deb
Checksums-Sha256:
 f376c4b03e4716e6f1d7d6cca77d7466730849d63a35c195413485facea83351 107696 gzip-dbgsym_1.10-4ubuntu1.1_amd64.ddeb
 2a1f14eaefcc462c5584ed95119ab9d8c6000cd6e871aab0103ffa3b84034703 97190 gzip-win32_1.10-4ubuntu1.1_all.deb
 09db1e49846933e3d1649bdfa304f1e8f5ee889109da4ddda25da58b5d0c3e49 7667 gzip_1.10-4ubuntu1.1_amd64.buildinfo
 ba97c8211754d92ebe22793f1e9c8a22a0a5a4972b32d4b50674b3c14f245fdd 96022 gzip_1.10-4ubuntu1.1_amd64.deb
Files:
 3d806b1ca9e22e453c5acbb3571da4a2 107696 debug optional gzip-dbgsym_1.10-4ubuntu1.1_amd64.ddeb
 33b77973fe53fe5a273d26cdd74e96b6 97190 utils optional gzip-win32_1.10-4ubuntu1.1_all.deb
 ea944d645cc9b03e0fd6ac45dbace709 7667 utils required gzip_1.10-4ubuntu1.1_amd64.buildinfo
 bc7657b2194abca320dccc46aeeb371f 96022 utils required gzip_1.10-4ubuntu1.1_amd64.deb
Original-Maintainer: Milan Kupcevic <milan@debian.org>