+gzip (1.3.5-10sarge2) stable-security; urgency=high
+
+ * Non-maintainer upload by the Security Team:
+ * Fix several security problems discovered by Tavis Ormandy of Google:
+ - DoS through null pointer deference in the Huffman code (CVE-2006-4334)
+ - Out-of-bands stack write in LZH decompression code (CVE-2006-4335)
+ - Buffer overflow in pack code (CVE-2006-4336)
+ - Buffer overflow in LZH code (CVE-2006-4337)
+ - DoS through an infinite loop in LZH code (CVE-2006-4337)
+ (Patch by Thomas Biege of SuSe)
+
+ -- Moritz Muehlenhoff <jmm@debian.org> Sun, 10 Sep 2006 21:01:47 +0000
+
+gzip (1.3.5-10sarge1) stable; urgency=low
+
+ * merge patch from Matt Zimmerman for futex hang due to improper signal
+ handling, closes: #310053, #315612
+ * backport to stable since this problem affects several debian.org servers
+
+ -- Bdale Garbee <bdale@gag.com> Tue, 8 Nov 2005 22:25:19 -0700
+