Univention Bugzilla – Bug 54661
gzip: Multiple issues (4.4)
Last modified: 2022-04-13 15:13:20 CEST
New Debian gzip 1.6-5+deb9u1 fixes: This update addresses the following issue: * arbitrary-file-write vulnerability (CVE-2022-1271)
--- mirror/ftp/4.3/unmaintained/4.3-0/source/gzip_1.6-5.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/gzip_1.6-5+deb9u1.dsc @@ -1,3 +1,9 @@ +1.6-5+deb9u1 [Sun, 10 Apr 2022 16:12:05 +0530] Utkarsh Gupta <utkarsh@debian.org>: + + * Non-maintainer upload by the LTS team. + * Add patch to avoid exploit via multi-newline file + namesfix. (Fixes: CVE-2022-1271) (Closes: #1009168) + 1.6-5 [Mon, 14 Mar 2016 14:41:45 -0600] Bdale Garbee <bdale@gag.com>: * stop including date in manual to enable reproducible builds, <http://piuparts.knut.univention.de/4.4-8/#8788785102086916433>
OK: yaml OK: announce_errata OK: patch OK: piuparts
<https://errata.software-univention.de/#/?erratum=4.4x1219>