Kali Linux Package Tracker
Register | Log in

arj 3.10.22-10+deb7u1 has been added to Kali Moto Security

News for package arj

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 3.0 (quilt)
Source: arj
Binary: arj
Architecture: any
Version: 3.10.22-10+deb7u1
Maintainer: Guillem Jover <[email protected]>
Uploaders: Ola Lundqvist <[email protected]>
Homepage: http://sf.net/projects/arj/
Standards-Version: 3.9.1
Vcs-Browser: http://git.hadrons.org/?p=debian/pkgs/arj.git
Vcs-Git: git://git.hadrons.org/git/debian/pkgs/arj.git
Build-Depends: debhelper (>= 7), autotools-dev, autoconf
Package-List: 
 arj deb utils optional
Checksums-Sha1: 
 e8470f480e9eee14906e5485a8898e5c24738c8b 431467 arj_3.10.22.orig.tar.gz
 14b9e82b5efcd5dfed26eef9e22421ac4d90b443 13070 arj_3.10.22-10+deb7u1.debian.tar.gz
Checksums-Sha256: 
 589e4c9bccc8669e7b6d8d6fcd64e01f6a2c21fe10aad56a83304ecc3b96a7db 431467 arj_3.10.22.orig.tar.gz
 98d8447055d7de1f4c651d39617b6092d65facfbe612283fa7d350e5bb64ca45 13070 arj_3.10.22-10+deb7u1.debian.tar.gz
Files: 
 f263bf3cf6d42a8b7e85b4fb514336d3 431467 arj_3.10.22.orig.tar.gz
 ebb6688ad836b69bbea84a50a13abd95 13070 arj_3.10.22-10+deb7u1.debian.tar.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVH2v0AAoJEAVMuPMTQ89E+KkP/1tixvR9JxBAsvhEPUhvLAG5
MtVpEry0neL+46BnH7quIxXauHiXkSSzuRsK7gFhYNaVeY8mnlTJMQX6KY6N45nt
1YBo/yId8/EwnAJ2zmJ9PyICMhuHIH6B9J91ckHO60GKDLtxVaxorgB4/3eI1VSO
anyum7Y8UN8gKkjr/RMjIhDebkE9iJcVUD6EhmuGkwFeQjHfjkOilIzcfj6IUee9
DH497cccLjN3ceiQGCdMypckREy1Hfcsa9cmEY90UwNG125rozUMk2aVd6rv6XYa
dxQfmYSzn8f/YLCgviGdDJS/AHPzpGmhhS6SeapBvxbTILB97lFJhIhDst8n7m12
reDW1vbuEZtlrsCTZdda8dWyweKOJ7LGf4S0qLZIDP2G+gP7YgJjibudSRPBSg4E
qMHh+BJk6KZuMZlwH+illuOpiQAayDr99zG90CIHN1KmjXtX7G5TWZVIonPRD4b1
M+z9BV5FuRejV2L+S48P0LOsX41cP/bcryZyI1jUiblYfjMiY7d08A2pcpu9mqYr
PZADYiIX8NB9Vvcvr4Io5K5xPJkdFurSyyaZrFDyxKfGcbRbAHOhWui0UDcbThlk
yv7z8VBkQlAsNGCDeWpi1Llrtw5xaO0pq1eOISe+6iSvuJVd/MypyR/TzWG/xhpZ
w5E9QerHlvWECj+N+vQa
=g3Ma
-----END PGP SIGNATURE-----

Changes:
arj (3.10.22-10+deb7u1) wheezy-security; urgency=high

  * Non-maintainer upload by the Security Team with patches from Guillem Jover
  * Fix buffer overflow from size under user control.
    This is causing free() on an invalid pointer.
    Fixes: CVE-2015-2782 (Closes: #774015)
  * Fix absolute path directory traversal.
    Fixes: CVE-2015-0557 (Closes: #774435)
  * Fix symlink directory traversal.
    Fixes: CVE-2015-0556 (Closes: #774434)

 -- Salvatore Bonaccorso <[email protected]>  Fri, 03 Apr 2015 20:21:46 +0200