Описание
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| lrzip | fixed | 0.631+git180517-1 | package | |
| lrzip | no-dsa | jessie | package | |
| lrzip | no-dsa | wheezy | package |
Примечания
https://github.com/ckolivas/lrzip/issues/75
https://github.com/ckolivas/lrzip/commit/7123f5545bc68833a7a017bfeaf5720577d00041 (v0.640)
Связанные уязвимости
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file.
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file.
In lrzip 0.631, a stack buffer overflow was found in the function get_fileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file.