Format: 1.8 Date: Fri, 14 Oct 2022 17:22:43 -0300 Source: zlib Binary: lib32z1 lib32z1-dev libx32z1 libx32z1-dev zlib1g zlib1g-dev zlib1g-udeb Architecture: amd64 Version: 1:1.2.11.dfsg-2ubuntu1.5 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Rodrigo Figueiredo Zaiden Description: lib32z1 - compression library - 32 bit runtime lib32z1-dev - compression library - 32 bit - DO NOT USE EXCEPT FOR PACKAGING libx32z1 - compression library - x32 runtime libx32z1-dev - compression library - x32 - DO NOT USE EXCEPT FOR PACKAGING zlib1g - compression library - runtime zlib1g-dev - compression library - development zlib1g-udeb - compression library - runtime for Debian installer (udeb) Launchpad-Bugs-Fixed: 1988548 Changes: zlib (1:1.2.11.dfsg-2ubuntu1.5) focal-security; urgency=medium . * SECURITY UPDATE: heap-based buffer over-read (LP: #1988548) - debian/patches/CVE-2022-37434-1.patch: in inflate.c, add an extra condition to check if state->head->extra_max is greater than len before copying, and move the len assignment to be placed before the check. - debian/patches/CVE-2022-37434-2.patch: in the previous patch, in inflate.c, the place of the len assignment was causing issues so it was moved to be placed within the check. - CVE-2022-37434 Checksums-Sha1: 0dd5610f88fdda2bca7405f7bdfc8c9d41e8896e 99436 lib32z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_amd64.ddeb 03f95c878d88b1c4d8aeb1b1e97e2d66e8570292 57920 lib32z1-dev_1.2.11.dfsg-2ubuntu1.5_amd64.deb 0c73bd980c48c2544e4c0e0ddfaf553d70f4e46c 57052 lib32z1_1.2.11.dfsg-2ubuntu1.5_amd64.deb b7390611f9d9615a83c44bf406a3487ca5d6ae64 99572 libx32z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_amd64.ddeb 179cb89fa3e2b1211a04ac163cec83e4c8f8b2ba 53520 libx32z1-dev_1.2.11.dfsg-2ubuntu1.5_amd64.deb d4efed0241b75d43aada774696173735f0e977e6 53508 libx32z1_1.2.11.dfsg-2ubuntu1.5_amd64.deb cb2e3f6ed141ec73d16ad9083854356f9ecd3f12 104868 zlib1g-dbgsym_1.2.11.dfsg-2ubuntu1.5_amd64.ddeb 8f1ccdd11f87fb3bc99eeee72903e44e72d96d5c 155496 zlib1g-dev_1.2.11.dfsg-2ubuntu1.5_amd64.deb 08b3ed012134bcdaa6f64487a6d7d634fb49f965 49768 zlib1g-udeb_1.2.11.dfsg-2ubuntu1.5_amd64.udeb 242763e419d07c183cbf699beca6e73110dfa4a8 54164 zlib1g_1.2.11.dfsg-2ubuntu1.5_amd64.deb ce065fddab9a871b3053004eddfa41be1b921635 8962 zlib_1.2.11.dfsg-2ubuntu1.5_amd64.buildinfo Checksums-Sha256: df1130d5010d31cda5a5fd9058e2e6b804887ad0d3f422bbee937fc0687783c7 99436 lib32z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_amd64.ddeb 381c25e3d8ac820a2f35797bcffe4cc1acfbb1d1e101c7ad77b00f55a7609fd2 57920 lib32z1-dev_1.2.11.dfsg-2ubuntu1.5_amd64.deb 6fff0b117cf1580901fa0f54440bb44b999cff6d13f69874e088340bbf1c8547 57052 lib32z1_1.2.11.dfsg-2ubuntu1.5_amd64.deb 3d511642a84e43686bc5ce3301a1c976b314e84a3d2c664e3a91b3bbb7e4493f 99572 libx32z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_amd64.ddeb 64db7c7a987a911544113a4acca272870346b17fcdf27c1b52c182f531fd9217 53520 libx32z1-dev_1.2.11.dfsg-2ubuntu1.5_amd64.deb 8bad60f85dd29fe4def2203a4bb3907de64b956394610494cd79dd84aa9e8bce 53508 libx32z1_1.2.11.dfsg-2ubuntu1.5_amd64.deb 4d44f34bc7c20e8dd14c6b86cfaffcc03b2d5262afab42f8ca4eef8bfcd9b561 104868 zlib1g-dbgsym_1.2.11.dfsg-2ubuntu1.5_amd64.ddeb bb036b14668f13c372937073926d43fec6129ae73d66c7e19b2e87595b1567d8 155496 zlib1g-dev_1.2.11.dfsg-2ubuntu1.5_amd64.deb c2ed909f15668e9d13a032fa42853b821f419739972b41b677dab6c73506bacc 49768 zlib1g-udeb_1.2.11.dfsg-2ubuntu1.5_amd64.udeb bf67018f5303466eb468680b637a5d3f3bb17b9d44decf3d82d40b35babcd3e0 54164 zlib1g_1.2.11.dfsg-2ubuntu1.5_amd64.deb d5abbaf13611c904c95263c5d5fb670a021edd6be4938a407c487e0d839ce065 8962 zlib_1.2.11.dfsg-2ubuntu1.5_amd64.buildinfo Files: ac849cc389d736ad229da741cb7c91c4 99436 debug optional lib32z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_amd64.ddeb eba651f2174240e1ab5c6ff4b56bd909 57920 libdevel optional lib32z1-dev_1.2.11.dfsg-2ubuntu1.5_amd64.deb 2dcbfb683749e760492bd9fffd2a7ab4 57052 libs optional lib32z1_1.2.11.dfsg-2ubuntu1.5_amd64.deb 98bdfb83fb6cffbc713865ec061f7301 99572 debug optional libx32z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_amd64.ddeb b67250e1a14403027a524add765f2c88 53520 libdevel optional libx32z1-dev_1.2.11.dfsg-2ubuntu1.5_amd64.deb 7ad16aa514685f3ddec561020ec0cb43 53508 libs optional libx32z1_1.2.11.dfsg-2ubuntu1.5_amd64.deb c317e0365d7792c5c16579a71cedf648 104868 debug optional zlib1g-dbgsym_1.2.11.dfsg-2ubuntu1.5_amd64.ddeb fd511f597148a149e6daa0f849a12a78 155496 libdevel optional zlib1g-dev_1.2.11.dfsg-2ubuntu1.5_amd64.deb 55291de13d6cf5835e8f47f0276f9d9c 49768 debian-installer optional zlib1g-udeb_1.2.11.dfsg-2ubuntu1.5_amd64.udeb acff3384fca38ac1bcb19df64ded4f73 54164 libs required zlib1g_1.2.11.dfsg-2ubuntu1.5_amd64.deb 9bfc58abe39675ffd31124a687a01789 8962 libs optional zlib_1.2.11.dfsg-2ubuntu1.5_amd64.buildinfo Original-Maintainer: Mark Brown Package-Type: udeb