Debian Security Advisory
DLA-417-1 xdelta3 -- LTS security update
- Date Reported:
- 16 Feb 2016
- Affected Packages:
- xdelta3
- Vulnerable:
- Yes
- Security database references:
- In the Debian bugtracking system: Bug 814067.
In Mitre's CVE dictionary: CVE-2014-9765. - More information:
-
It was discovered that there was a buffer overflow in in xdelta3, a diff utility which works with binary files. This vulnerability allowed arbitrary code execution from input files.
For Debian 6 Squeeze, this issue has been fixed in xdelta3 version 0y.dfsg-1+deb6u1.