arj 3.10.22-10+deb7u1build0.12.04.1 source package in Ubuntu
Changelog
arj (3.10.22-10+deb7u1build0.12.04.1) precise-security; urgency=medium
* fake sync from Debian
arj (3.10.22-10+deb7u1) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team with patches from Guillem Jover
* Fix buffer overflow from size under user control.
This is causing free() on an invalid pointer.
Fixes: CVE-2015-2782 (Closes: #774015)
* Fix absolute path directory traversal.
Fixes: CVE-2015-0557 (Closes: #774435)
* Fix symlink directory traversal.
Fixes: CVE-2015-0556 (Closes: #774434)
-- Steve Beattie <email address hidden> Wed, 13 May 2015 00:47:20 -0700
Upload details
- Uploaded by:
- Steve Beattie
- Uploaded to:
- Precise
- Original maintainer:
- Guillem Jover
- Architectures:
- any
- Section:
- utils
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Precise | updates | universe | utils | |
| Precise | security | universe | utils |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| arj_3.10.22.orig.tar.gz | 421.4 KiB | 589e4c9bccc8669e7b6d8d6fcd64e01f6a2c21fe10aad56a83304ecc3b96a7db |
| arj_3.10.22-10+deb7u1build0.12.04.1.debian.tar.gz | 12.9 KiB | 97534a0a58be12b58ad1d4d2dd87c3bcb3dc296ecc46848096201d375ee0396b |
| arj_3.10.22-10+deb7u1build0.12.04.1.dsc | 1.9 KiB | 21bdd70c1fe5678e4f21d4094c46ade03bc18a7c77bba19af4a7673c3c77b9e1 |
Available diffs
Binary packages built by this source
- arj: archiver for .arj files
This package is an open source version of the arj archiver. This version
has been created with the intent to preserve maximum compatibility and
retain the feature set of original ARJ archiver as provided by
ARJ Software, Inc.
