-gzip (1.3.5-10sarge2) stable-security; urgency=high
+gzip (1.3.5-12) unstable; urgency=low
- * Non-maintainer upload by the Security Team:
- * Fix several security problems discovered by Tavis Ormandy of Google:
- - DoS through null pointer deference in the Huffman code (CVE-2006-4334)
- - Out-of-bands stack write in LZH decompression code (CVE-2006-4335)
- - Buffer overflow in pack code (CVE-2006-4336)
- - Buffer overflow in LZH code (CVE-2006-4337)
- - DoS through an infinite loop in LZH code (CVE-2006-4337)
- (Patch by Thomas Biege of SuSe)
+ * merge patch from Matt Zimmerman for futex hang due to improper signal
+ handling, closes: #310053, #315612
+ * merge patch to add --rsyncable to the man page, closes: #289616, #295721
+ * don't return failing result code on harmless warning, closes: #169669
- -- Moritz Muehlenhoff <jmm@debian.org> Sun, 10 Sep 2006 21:01:47 +0000
+ -- Bdale Garbee <bdale@gag.com> Mon, 11 Jul 2005 22:10:51 +0300
-gzip (1.3.5-10sarge1) stable; urgency=low
+gzip (1.3.5-11) unstable; urgency=low
- * merge patch from Matt Zimmerman for futex hang due to improper signal
- handling, closes: #310053, #315612
- * backport to stable since this problem affects several debian.org servers
+ * patch from Peter Samuelson for bashism in zgrep,
+ closes: #314342, #314211, #312380, #310329
- -- Bdale Garbee <bdale@gag.com> Tue, 8 Nov 2005 22:25:19 -0700
+ -- Bdale Garbee <bdale@gag.com> Wed, 15 Jun 2005 14:39:11 -0600
gzip (1.3.5-10) unstable; urgency=medium