Format: 1.8
Date: Fri, 14 Oct 2022 18:33:00 -0300
Source: zlib
Binary: zlib1g zlib1g-dev
Built-For-Profiles: noudeb
Architecture: riscv64
Version: 1:1.2.11.dfsg-2ubuntu9.2
Distribution: jammy
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@riscv64-qemu-lgw01-084.buildd>
Changed-By: Rodrigo Figueiredo Zaiden <rodrigo.zaiden@canonical.com>
Description:
 zlib1g     - compression library - runtime
 zlib1g-dev - compression library - development
Launchpad-Bugs-Fixed: 1988548
Changes:
 zlib (1:1.2.11.dfsg-2ubuntu9.2) jammy-security; urgency=medium
 .
   * SECURITY UPDATE: heap-based buffer over-read (LP: #1988548)
     - debian/patches/CVE-2022-37434-1.patch: in inflate.c, add an extra
       condition to check if state->head->extra_max is greater than len
       before copying, and move the len assignment to be placed before the
       check.
     - debian/patches/CVE-2022-37434-2.patch: in the previous patch, in
       inflate.c, the place of the len assignment was causing issues so it
       was moved to be placed within the check.
     - CVE-2022-37434
Checksums-Sha1:
 2bd4d94c0fa1a74e4f4e3c72902c811545aaa62e 101384 zlib1g-dbgsym_1.2.11.dfsg-2ubuntu9.2_riscv64.ddeb
 e937e31dbcc9dfef9a4a4ba8e9f5ef38250d28f2 240834 zlib1g-dev_1.2.11.dfsg-2ubuntu9.2_riscv64.deb
 fff55bf4691c2d287ce122ebc22bb0e8576d83bb 56092 zlib1g_1.2.11.dfsg-2ubuntu9.2_riscv64.deb
 dffe1910c6f2c772141e75c4832d8479ebb4a2e8 6052 zlib_1.2.11.dfsg-2ubuntu9.2_riscv64.buildinfo
Checksums-Sha256:
 8d62df7febd219ae534a9985bbe09213eff738409253f3a7251ffcecff4f8917 101384 zlib1g-dbgsym_1.2.11.dfsg-2ubuntu9.2_riscv64.ddeb
 ba758755a7629e379aed218d831437660602a58373f02ce8b067a751f96678c8 240834 zlib1g-dev_1.2.11.dfsg-2ubuntu9.2_riscv64.deb
 07515a63bbca67e59891a495a3a3e27413671de5ea00b8b02f51fcebf7ff7b23 56092 zlib1g_1.2.11.dfsg-2ubuntu9.2_riscv64.deb
 b7e355444e30084f5b3ae39b1c188535f3aed8068ecff5e73c0d75c63cf96839 6052 zlib_1.2.11.dfsg-2ubuntu9.2_riscv64.buildinfo
Files:
 31cd0829175ddabe7175e28bb99ab375 101384 debug optional zlib1g-dbgsym_1.2.11.dfsg-2ubuntu9.2_riscv64.ddeb
 d0850150e024263b0d4245ceb04ab038 240834 libdevel optional zlib1g-dev_1.2.11.dfsg-2ubuntu9.2_riscv64.deb
 319a74af7a7eed0428f615c2e550b8cc 56092 libs required zlib1g_1.2.11.dfsg-2ubuntu9.2_riscv64.deb
 49f884de451060d15231758f9cec7311 6052 libs optional zlib_1.2.11.dfsg-2ubuntu9.2_riscv64.buildinfo
Original-Maintainer: Mark Brown <broonie@debian.org>