Описание
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| lrzip | fixed | 0.631+git180517-1 | package | |
| lrzip | no-dsa | jessie | package | |
| lrzip | no-dsa | wheezy | package |
Примечания
https://github.com/ckolivas/lrzip/issues/74
https://github.com/ckolivas/lrzip/commit/f12c4a35f971eed00b8979bda6cd5e647986ed63 (v0.640)
Связанные уязвимости
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file.
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file.
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file.