-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 23 Jun 2004 00:47:38 +0900
Source: lha
Binary: lha
Architecture: alpha arm i386 ia64 m68k powerpc s390 source 
Version: 1.14i-2woody2
Distribution: stable-security
Urgency: high
Maintainer: GOTO Masanori <gotom@debian.org>
Changed-By: GOTO Masanori <gotom@debian.org>
Description: 
 lha        - lzh archiver
Changes: 
 lha (1.14i-2woody2) stable-security; urgency=high
 .
   * debian/patch.header-overflow: Add fix another lha buffer overflow
     problem.  It warns when hitting an archive which includes
     long directory name with option l, v, x.  See:
       http://lw.ftw.zamosc.pl/lha-exploit.txt
       http://www.securityfocus.com/archive/1/363418
       http://bugs.gentoo.org/show_bug.cgi?id=51285
     Thanks to Lukasz Wojtow <lw@wszia.edu.pl> for pointing this problem.
Files: 
 3f1ccdaca672862553faf6f7dd149bc1 65112 non-free/utils optional lha_1.14i-2woody2_alpha.deb
 49fcd63a92fcc5376783f3b6d2bdedb8 55802 non-free/utils optional lha_1.14i-2woody2_arm.deb
 8957839bd80f6407526bdbeb8680b26b 21941 non-free/utils optional lha_1.14i-2woody2.diff.gz
 8e6f2f6bc15c8a1cfd3bb305485c854a 54170 non-free/utils optional lha_1.14i-2woody2_s390.deb
 a1cffa3880d733c513369fed30c61810 73872 non-free/utils optional lha_1.14i-2woody2_ia64.deb
 c12123dc43341d616f4984993daef376 48914 non-free/utils optional lha_1.14i-2woody2_m68k.deb
 c35125c8bc20a2a341538965c4d57577 55364 non-free/utils optional lha_1.14i-2woody2_powerpc.deb
 fbacd6dfcd49eced0eb8e46f80164084 556 non-free/utils optional lha_1.14i-2woody2.dsc
 ff7f61d1a96fa6deb076625350eaa444 50366 non-free/utils optional lha_1.14i-2woody2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA22Y/qIqasIZIJsMRApPJAJ0ZnWXJwe4URM5iXGrZMCROVhSDOwCgkkPn
cpJFEeRHF0ML2sTMfGueHqg=
=LYuS
-----END PGP SIGNATURE-----