[SECURITY] [DLA 2189-1] rzip security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : rzip
Version : 2.1-2+deb8u1
CVE ID : CVE-2017-8364
Agostino Sarubbo of Gentoo discovered a heap buffer overflow write in the
rzip program (a compression program for large files) when uncompressing
maliciously crafted files.
For Debian 8 "Jessie", this problem has been fixed in version
2.1-2+deb8u1.
We recommend that you upgrade your rzip packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl6lzrpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEeT9Q//ce61QUo3EPS41zV71daeql3YF8cswmYa6r2n6z40AxD2qKzH1P4yjF1W
JoSguJTwYOtZf755t3QqOsy6pCE53tOgCcW+xi03Q6oc/kZhKkgaE3hEuIrCsUjK
FeROqGobwHWhQzgpIEA1XyM22Xo6Nit0eRBZL/zr9O5tjX9ckX3g9wn8L+kHDnYx
rMV7cpcJHZxV7HYAV+/7or1T75bNwjTTTJ3JcwVGNcyNkGIo46MZOFNp3iGZxSVA
9y5edv+NzUKmABXnD1ibHS55a5cGf76VaTtuGfdRiT4mKTIxU8mFux/1/Jfuiyrh
I/CtTLvHNsiVraU+IIyH6IXcR+JzheyO7d2xy/ZQArZBG2lLjB2ylQ2P2aSffc1b
8jKqYHUc/2BS1wUgLqBMn3jrBmh3zeYV0yv4h9oYMmKZQ05ZfQ4M+l0PCM9ucBN4
SXGZSpVOyDDyEW9IcvLYUYjH+nnkK2sasSsX0XZScX6+ZZrVJcjktz4cnpFZZphH
Uvml5w83z89Jg96S+ZpQvvpAYohftRytnSrsuALCJu73WQPznE+UtACw6781mwJM
+QCtB6rNTLoi7dh53qYjxgp/kJ4RwkolMwOfJjhe1+V7iIiBJjkIm6iPVaMarURy
x/zeNq/E7A/q26IDCyFzIPeBp/4dtjJdqhSjy/eyEnpJxXvf6oo=
=e6Id
-----END PGP SIGNATURE-----
Reply to: