Format: 1.8 Date: Fri, 14 Oct 2022 17:22:43 -0300 Source: zlib Binary: lib32z1 lib32z1-dev zlib1g zlib1g-dev zlib1g-udeb Architecture: s390x Version: 1:1.2.11.dfsg-2ubuntu1.5 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Rodrigo Figueiredo Zaiden Description: lib32z1 - compression library - 32 bit runtime lib32z1-dev - compression library - 32 bit - DO NOT USE EXCEPT FOR PACKAGING zlib1g - compression library - runtime zlib1g-dev - compression library - development zlib1g-udeb - compression library - runtime for Debian installer (udeb) Launchpad-Bugs-Fixed: 1988548 Changes: zlib (1:1.2.11.dfsg-2ubuntu1.5) focal-security; urgency=medium . * SECURITY UPDATE: heap-based buffer over-read (LP: #1988548) - debian/patches/CVE-2022-37434-1.patch: in inflate.c, add an extra condition to check if state->head->extra_max is greater than len before copying, and move the len assignment to be placed before the check. - debian/patches/CVE-2022-37434-2.patch: in the previous patch, in inflate.c, the place of the len assignment was causing issues so it was moved to be placed within the check. - CVE-2022-37434 Checksums-Sha1: 48d27e41a850ed4d6339b1a90784c5060c1c67e8 118160 lib32z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_s390x.ddeb a80a4e01b3d13adfe1b8a91c5d8f491f1e2528d9 54800 lib32z1-dev_1.2.11.dfsg-2ubuntu1.5_s390x.deb 8864e889167741068c47851b213d75eb55f966a3 55088 lib32z1_1.2.11.dfsg-2ubuntu1.5_s390x.deb 7521c826d0e1dff76136dda7fa838203b57318e9 122900 zlib1g-dbgsym_1.2.11.dfsg-2ubuntu1.5_s390x.ddeb 37ea4365467073f56ceef9a7ece56991ac5be5d2 157664 zlib1g-dev_1.2.11.dfsg-2ubuntu1.5_s390x.deb 5cda09fdd07edbdac58ba660d15db912ec7932ee 51052 zlib1g-udeb_1.2.11.dfsg-2ubuntu1.5_s390x.udeb 4d0c1b2df5487f8c4c1435710e568d0846eef594 55392 zlib1g_1.2.11.dfsg-2ubuntu1.5_s390x.deb 4ca2128fd93976c545318d690d4ee17c9c78dd78 7469 zlib_1.2.11.dfsg-2ubuntu1.5_s390x.buildinfo Checksums-Sha256: f1057e91ff7ba6fc624929cc9b5e22ba161cafe48bca2d7beb085f0148881ce1 118160 lib32z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_s390x.ddeb 788778ad5cf9522d055b4293c309ac20d9661a8114a0cced56c3c665438875ab 54800 lib32z1-dev_1.2.11.dfsg-2ubuntu1.5_s390x.deb 460d8a1a1cc583b419b00fed70ce3afd0ee4069c43f6f9c9e7fb9167e114b19b 55088 lib32z1_1.2.11.dfsg-2ubuntu1.5_s390x.deb be1f3f24d07d8cdcd8712616474c4dfa73f254a2c6e090b6c4b90d89c7379df7 122900 zlib1g-dbgsym_1.2.11.dfsg-2ubuntu1.5_s390x.ddeb 88ff0c0e2de4c7abadbcbbc7551e01589c145c672f9d76d0ec0305faa5690ccf 157664 zlib1g-dev_1.2.11.dfsg-2ubuntu1.5_s390x.deb 61567ea0a0a52db41fddde95e77e7bad41a292b88603bbb3f284e91e0746a158 51052 zlib1g-udeb_1.2.11.dfsg-2ubuntu1.5_s390x.udeb dd625c07b31369661265d89f3c7a6ec873d06d234bde24f7c8e224f73fbb6cf0 55392 zlib1g_1.2.11.dfsg-2ubuntu1.5_s390x.deb b43fdc76897f340772ad795098e21c4968d41336ef61a25c12c5cd4332298562 7469 zlib_1.2.11.dfsg-2ubuntu1.5_s390x.buildinfo Files: 17d45671dc2f502beaceab76512d4c9b 118160 debug optional lib32z1-dbgsym_1.2.11.dfsg-2ubuntu1.5_s390x.ddeb 011ccec513a3275f195bc0332a3be271 54800 libdevel optional lib32z1-dev_1.2.11.dfsg-2ubuntu1.5_s390x.deb ddf22280159f6fe4ff2e243e34aeaec8 55088 libs optional lib32z1_1.2.11.dfsg-2ubuntu1.5_s390x.deb 30d11b3dffb77b8798257e3d28b6cefb 122900 debug optional zlib1g-dbgsym_1.2.11.dfsg-2ubuntu1.5_s390x.ddeb 69e19759356cc15cd8a43834466f843a 157664 libdevel optional zlib1g-dev_1.2.11.dfsg-2ubuntu1.5_s390x.deb 82e414d9822384fec0b306acd08a595a 51052 debian-installer optional zlib1g-udeb_1.2.11.dfsg-2ubuntu1.5_s390x.udeb ce8ee6d9b36e74698eeaab732fc2af80 55392 libs required zlib1g_1.2.11.dfsg-2ubuntu1.5_s390x.deb 505ecceafd62405d262d59c8f46cae71 7469 libs optional zlib_1.2.11.dfsg-2ubuntu1.5_s390x.buildinfo Original-Maintainer: Mark Brown Package-Type: udeb