-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 27 Oct 2019 10:03:02 +0200
Source: libarchive
Binary: libarchive-dev libarchive13 libarchive-tools bsdtar bsdcpio
Architecture: mips64el
Version: 3.2.2-2+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: mipsel Build Daemon (eberlin) <buildd_mips64el-eberlin@buildd.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
 bsdcpio    - transitional dummy package for moving bsdcpio to libarchive-tools
 bsdtar     - transitional dummy package for moving bsdtar to libarchive-tools
 libarchive-dev - Multi-format archive and compression library (development files)
 libarchive-tools - FreeBSD implementations of 'tar' and 'cpio' and other archive too
 libarchive13 - Multi-format archive and compression library (shared library)
Changes:
 libarchive (3.2.2-2+deb9u2) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * CVE-2019-18408
     Fix use after free in case parts of the archive are corrupt but
     the archive contains several headers.
   * Fix CVE-2019-1000019
     Out-of-bounds Read vulnerability in 7zip decompression, that can
     result in a crash (denial of service, CWE-125)
   * Fix CVE-2019-1000020
     vulnerability in ISO9660 parser that can result in DoS by infinite
     loop (CWE-835)
Checksums-Sha1:
 2c25980405348586b85daa8b46702b87a13b9670 506108 libarchive-dev_3.2.2-2+deb9u2_mips64el.deb
 2a5e81df29c36452cb5ce030e826869f0f3ad91e 94978 libarchive-tools-dbgsym_3.2.2-2+deb9u2_mips64el.deb
 b6c2644c28f193195b2c63670527f5e8ea957f47 73744 libarchive-tools_3.2.2-2+deb9u2_mips64el.deb
 3cb7e37eaa6752291437e6b45679d563d8281b45 875998 libarchive13-dbgsym_3.2.2-2+deb9u2_mips64el.deb
 0fed6783c5243d1bdef82685211ad7b4323714bd 268294 libarchive13_3.2.2-2+deb9u2_mips64el.deb
 64111a374fb6f3e133ddd16a45bb9967f0134c57 7305 libarchive_3.2.2-2+deb9u2_mips64el.buildinfo
Checksums-Sha256:
 d5fc367f240abdac4872badf5a82511efb83adfa15df56c93561f642ba0a1d07 506108 libarchive-dev_3.2.2-2+deb9u2_mips64el.deb
 249225f83502e6ca2adcd41ce95b4928e40641d9c6cac1b5abca7ae7ce93913d 94978 libarchive-tools-dbgsym_3.2.2-2+deb9u2_mips64el.deb
 7ecfab283259d6d09fb3e3935fc85c5d93e91ca4cb54d53c644882c9f1f35b13 73744 libarchive-tools_3.2.2-2+deb9u2_mips64el.deb
 3606f4348cb2a3ad5888028b0d8084ed51652b4b7252a302fcbe2e637d20f420 875998 libarchive13-dbgsym_3.2.2-2+deb9u2_mips64el.deb
 9c86ef7d65890681c6ba58b5af334b815a10b765e3fe265d432dd42f3a91ae07 268294 libarchive13_3.2.2-2+deb9u2_mips64el.deb
 6f32bc4fc517825903a4856f60897af5dd7c6fa1ae30536aebce7071d198b891 7305 libarchive_3.2.2-2+deb9u2_mips64el.buildinfo
Files:
 b2826bd4e7aee830e9932c192ee2597d 506108 libdevel optional libarchive-dev_3.2.2-2+deb9u2_mips64el.deb
 a0e18478bb7a6da154f9c78c071d1010 94978 debug extra libarchive-tools-dbgsym_3.2.2-2+deb9u2_mips64el.deb
 57fa82f004d84a7ddaeee42a09504599 73744 utils optional libarchive-tools_3.2.2-2+deb9u2_mips64el.deb
 e23af68bc036febfbf333e5eed3167a3 875998 debug extra libarchive13-dbgsym_3.2.2-2+deb9u2_mips64el.deb
 105645eee0e99c92c0e3fba3ebb37837 268294 libs optional libarchive13_3.2.2-2+deb9u2_mips64el.deb
 b92317b83bd2164f83975a8a48251369 7305 libs optional libarchive_3.2.2-2+deb9u2_mips64el.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE1bZNAwdsTNyK4XzksHXR0JnmENkFAl26DOMACgkQsHXR0Jnm
ENkViw//UUElfhIPg/Jg+FjMPXtdisALgThOVuCoXMIn4tneqj3NWJM2k4rgJwUG
/j6Ynukq1UFByqv4hUag3T8Enoxi/FZ9kufHAqZ+AGcVX8HjEaCTfm1JUE5cw5ij
9uZucHBWdNUtdSvkLjDsNSI6XUjpfpmkGfoYdbUPTLADl3AEWOONOeaX+plKg+B5
5xzCTFV2UrRJ3EeGD/icxMgNBSXB+V9fpbII+q0p+HXF/1r5nkQF0IsQM8ifuIUM
e9BIhkSf1DpnbmHrsuAerfB/6VGELeb3O91DnYxkLPC/1xFxgXu/y5qpfZzfdKGH
SzwvOP877r9fjsbVI8uGiXNjxc9LghlKYK0HESz5yMHEm0ilPvHc1Ky+jNE3/tYD
n/3GYw3yEyglpHqVR/iVpmDBMea9CbO/ffqCT43m9EkZCsZZkHtYRAu3BFYQ7eTh
9Tw0oMgm7BiA/wWaV2BZ/AVbpVCM1dL+iRiQthMuwLnygSjNtYNQbdysGbW+WDl+
BsSARQFinBbJYDUn1lL4zLieRX0noeSo3SJlyGYYpVst6Ao8CXvUrtAhOvq31wHQ
pBKQg9dPFft+tmbJZwZ1fAUHci3yvjJag6S4rEkE4LvaiAcvMYv/iq5fR5RY1hPP
CvU8nwcgyLKFu86/Ht8j5sfPaP4mUyqiCh490tNWzwVBGcK0nXI=
=iCid
-----END PGP SIGNATURE-----