Debian Security Advisory

DLA-417-1 xdelta3 -- LTS security update

Date Reported:

16 Feb 2016

Affected Packages:

xdelta3

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 814067.
In Mitre's CVE dictionary: CVE-2014-9765.

More information:

It was discovered that there was a buffer overflow in in xdelta3, a diff utility which works with binary files. This vulnerability allowed arbitrary code execution from input files.

For Debian 6 Squeeze, this issue has been fixed in xdelta3 version 0y.dfsg-1+deb6u1.

This page is also available in the following languages:

dansk français Русский (Russkij)

How to set the default document language

To report a problem with the web site, please e-mail our publicly archived mailing list debian-www@lists.debian.org in English. For other contact information, see the Debian contact page. Web site source code is available.

Last Modified: Sat, Feb 9 04:52:41 UTC 2019 Last Built: Sun, Oct 10 11:49:07 UTC 2021
Copyright © 2016-2021 SPI and others; See license terms
Debian is a registered trademark of Software in the Public Interest, Inc.