Format: 1.8 Date: Fri, 14 Oct 2022 17:22:43 -0300 Source: zlib Binary: lib64z1 lib64z1-dev libx32z1 libx32z1-dev zlib1g zlib1g-dev zlib1g-udeb Architecture: i386 Version: 1:1.2.11.dfsg-2ubuntu1.5 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Rodrigo Figueiredo Zaiden Description: lib64z1 - compression library - 64 bit runtime lib64z1-dev - compression library - 64 bit - DO NOT USE EXCEPT FOR PACKAGING libx32z1 - compression library - x32 runtime libx32z1-dev - compression library - x32 - DO NOT USE EXCEPT FOR PACKAGING zlib1g - compression library - runtime zlib1g-dev - compression library - development zlib1g-udeb - compression library - runtime for Debian installer (udeb) Launchpad-Bugs-Fixed: 1988548 Changes: zlib (1:1.2.11.dfsg-2ubuntu1.5) focal-security; urgency=medium . * SECURITY UPDATE: heap-based buffer over-read (LP: #1988548) - debian/patches/CVE-2022-37434-1.patch: in inflate.c, add an extra condition to check if state->head->extra_max is greater than len before copying, and move the len assignment to be placed before the check. - debian/patches/CVE-2022-37434-2.patch: in the previous patch, in inflate.c, the place of the len assignment was causing issues so it was moved to be placed within the check. - CVE-2022-37434 Checksums-Sha1: b23b9fc2b02662fbc315b36ea9761f55cd396a0b 104800 lib64z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_i386.ddeb 35af15a6546b5bfcc3851b7d08442bacd263a29c 54232 lib64z1-dev_1.2.11.dfsg-2ubuntu1.5_i386.deb 7c9e0a7033f4da778775b5a41a6e7fa85b156ea7 54060 lib64z1_1.2.11.dfsg-2ubuntu1.5_i386.deb a76b55219f3ccf5705afa75075170a64ada31836 99600 libx32z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_i386.ddeb 1aafb410d1e81b6e785f77cc7e948a442164e6c3 53512 libx32z1-dev_1.2.11.dfsg-2ubuntu1.5_i386.deb ebad46dd299667c6bdeaede9c5082d031a3d512c 53492 libx32z1_1.2.11.dfsg-2ubuntu1.5_i386.deb 5a84a1bc3a58451029ba866929f8c9726fa10e67 99364 zlib1g-dbgsym_1.2.11.dfsg-2ubuntu1.5_i386.ddeb ff896dc429a72efe464b621c3efb21942cd70854 159144 zlib1g-dev_1.2.11.dfsg-2ubuntu1.5_i386.deb 9b555555923ab463e7f80e89142b295badc501bf 52600 zlib1g-udeb_1.2.11.dfsg-2ubuntu1.5_i386.udeb 52528069cebf641559674d17866f0d8ca70d2f45 56988 zlib1g_1.2.11.dfsg-2ubuntu1.5_i386.deb 42385a5f8dd77c80a12ab2a705b683b066d05c71 8856 zlib_1.2.11.dfsg-2ubuntu1.5_i386.buildinfo Checksums-Sha256: e1d7de2e9f586ed0916fa2243d80c56bf580770ac16fbf9d27318455a82916a3 104800 lib64z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_i386.ddeb f6ee29b1a24db0c4ffcc61cb8c5cdbff9503d5ce19ce725c1fdd36e6ecfccce1 54232 lib64z1-dev_1.2.11.dfsg-2ubuntu1.5_i386.deb af1cd2e88ce667db1a8bd5284d46f2d481b578ca6978099f1aad2e062a66c3f7 54060 lib64z1_1.2.11.dfsg-2ubuntu1.5_i386.deb 6a5ec5bf34b19d5689255631e8fddd7d9b40a7ff203fd89758990956333699a7 99600 libx32z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_i386.ddeb ffd8f878b83d1b9f678f7fa7f7682426495b6191c9139a30dd7547259a1929a4 53512 libx32z1-dev_1.2.11.dfsg-2ubuntu1.5_i386.deb 4685c2ce0e334c90165f7325dae2de5a9d6944f869bdf31092b674e13f0a976d 53492 libx32z1_1.2.11.dfsg-2ubuntu1.5_i386.deb ebd34fcd5175ed2fff1aff16d38f60d6a41a5d32fa8aa8b7cd3812303e94ad9c 99364 zlib1g-dbgsym_1.2.11.dfsg-2ubuntu1.5_i386.ddeb bb5a7b179f8cf14487d6727d335f246e83be6f33a180f3b49b30f228ec560f2a 159144 zlib1g-dev_1.2.11.dfsg-2ubuntu1.5_i386.deb fcb81b4471056f1bea8877f22168d6468a3d10afd122a91ee6a6b9094739bb3e 52600 zlib1g-udeb_1.2.11.dfsg-2ubuntu1.5_i386.udeb 2b1162769fa71efb13d4044b98781001432424ab181d0a885e7fa6f420af27dd 56988 zlib1g_1.2.11.dfsg-2ubuntu1.5_i386.deb 3fbced2e2637271d00e90afca90d280b3480992c828c3dcd257b48414b8281b8 8856 zlib_1.2.11.dfsg-2ubuntu1.5_i386.buildinfo Files: d93934291ba803c5c5a2c2bd5ffa89f0 104800 debug optional lib64z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_i386.ddeb 8e8066aaf5cc1bb5b7578bef06a0962b 54232 libdevel optional lib64z1-dev_1.2.11.dfsg-2ubuntu1.5_i386.deb 336e4ef03c408d4e7020a1d4006607dd 54060 libs optional lib64z1_1.2.11.dfsg-2ubuntu1.5_i386.deb a59cff37fb8a07a4833ad3f45139ec9f 99600 debug optional libx32z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_i386.ddeb 102cf3eec50435a6475ec11396635cef 53512 libdevel optional libx32z1-dev_1.2.11.dfsg-2ubuntu1.5_i386.deb f54a229659a01617c9726cdad7e34578 53492 libs optional libx32z1_1.2.11.dfsg-2ubuntu1.5_i386.deb 78582950625aaef46e42d3097dca0255 99364 debug optional zlib1g-dbgsym_1.2.11.dfsg-2ubuntu1.5_i386.ddeb afd5ce17eed373bf74a06ac8009263a6 159144 libdevel optional zlib1g-dev_1.2.11.dfsg-2ubuntu1.5_i386.deb 4dcd530d01a9f3b9ae1c1f9abe99b500 52600 debian-installer optional zlib1g-udeb_1.2.11.dfsg-2ubuntu1.5_i386.udeb 66c485f2cf2dad674770b7ff721405d9 56988 libs required zlib1g_1.2.11.dfsg-2ubuntu1.5_i386.deb fd32df815e25cb0498121b40c7228121 8856 libs optional zlib_1.2.11.dfsg-2ubuntu1.5_i386.buildinfo Original-Maintainer: Mark Brown Package-Type: udeb