News for package dpkg

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 3.0 (native)
Source: dpkg
Binary: libdpkg-dev, dpkg, dpkg-dev, libdpkg-perl, dselect
Architecture: any all
Version: 1.17.26
Origin: debian
Maintainer: Dpkg Developers <[email protected]>
Uploaders: Guillem Jover <[email protected]>
Homepage: https://wiki.debian.org/Teams/Dpkg
Standards-Version: 3.9.6
Vcs-Browser: https://anonscm.debian.org/cgit/dpkg/dpkg.git
Vcs-Git: git://anonscm.debian.org/dpkg/dpkg.git
Build-Depends: debhelper (>= 7), pkg-config, flex, gettext (>= 0.18), po4a (>= 0.41), zlib1g-dev, libbz2-dev, liblzma-dev, libselinux1-dev (>= 1.28-4) [linux-any], libkvm-dev [kfreebsd-any], libncursesw5-dev, libtimedate-perl, libio-string-perl
Package-List:
 dpkg deb admin required arch=any
 dpkg-dev deb utils optional arch=all
 dselect deb admin optional arch=any
 libdpkg-dev deb libdevel optional arch=any
 libdpkg-perl deb perl optional arch=all
Checksums-Sha1:
 27e5649d983cae956268207bce59a70fe6379fe9 4410860 dpkg_1.17.26.tar.xz
Checksums-Sha256:
 aa4e758752cdfd7ecb118d7a7d31139a0c090c92aa494aa2e46603006deb1ec8 4410860 dpkg_1.17.26.tar.xz
Files:
 07911f1c575f196f108a3c19c5bd517e 4410860 dpkg_1.17.26.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWVthWAAoJELlyvz6krlej440QAO644zLovX4K4qll+jgmmltJ
gBJCf2g7Iiw35sJ2QRFWHEyA84FhmZxevUnwNahQprbULJHocfZB9QnaBvgBNwcv
3J7hiNNlcRMAMHktWvyZabmQwR1dQIPYwP3sR/LwDS9XzV59ZekacxOE51IhdSeO
l5lSblZgnw5OQ+75rrCVQu5mOZQbwhRuW+p9g2+8l5EL9nvoYR0NzyC+uO7jFm8c
wIiw/LK8hSUUbIXjriI3DqiTeZup18rGbRdKtKR8DGd6NHKflliQeMD6+C6utX76
FCho32QmtAD5zjAEWaAarE0LD1R9F5Hfrq3IvWkF+SB82VFPFAvjMaGOCuOZ0jB9
t5H3JGzaOO/LuOOPmkG+PXHQ993wNi56L3DEeu8WVabHEnbq6njne5DhXlOpWO7J
DSETq/tmEFzP3C8Nt3Bz9AyYyN1YNbVIRNTv1jf/n0Zq8i+ufUARQfRvjA8++fG6
N4xQ33l0qX3Od/pQyY1NhlvItIwcfhRlqtvpYcBPSatMUFAHkUeuI8y+GRAn+e9v
iWBHb8J4XgpJodu6P6QL3sklrYoX8nvDT4cEbs3w2bf69L4iB9h4eKaQzH8QSiVO
6Pb2Dpe/AnK9no4O6I5soIQ5eTOV+8A0/Z530o4fXoRwpKjiIXFC4kD38dMgMfMN
gT0bNz2D5FYtsna69ncG
=Cmh+
-----END PGP SIGNATURE-----

Changes:
dpkg (1.17.26) jessie-security; urgency=high

  [ Guillem Jover ]
  * Fix an off-by-one write access in dpkg-deb when parsing the .deb magic.
    Reported by Jacek Wielemborek <[email protected]>. Closes: #798324
  * Fix an off-by-one write access in dpkg-deb when parsing the old format
    .deb control member size. Thanks to Hanno Böck <[email protected]>.
    Fixes CVE-2015-0860.
  * Fix an off-by-one read access in dpkg-deb when parsing ar member names.
    Thanks to Hanno Böck <[email protected]>.

  [ Updated programs translations ]
  * Catalan (Jordi Mallach).
  * Turkish (Mert Dirik). Closes: #785095

  [ Updated scripts translations ]
  * German (Helge Kreutzmann). (Various fixes)
  * Spanish (Santiago Vila). Closes: #799020

  [ Updated manpages translations ]
  * German (Helge Kreutzmann). (Various fixes)

 -- Guillem Jover <[email protected]>  Wed, 25 Nov 2015 22:54:54 +0100