[SECURITY] [DLA 2189-1] rzip security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2189-1] rzip security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sun, 26 Apr 2020 20:11:06 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.20.2004262009150.1313@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : rzip
Version        : 2.1-2+deb8u1
CVE ID         : CVE-2017-8364

Agostino Sarubbo of Gentoo discovered a heap buffer overflow write in therzip program (a compression program for large files) when uncompressingmaliciously crafted files.



For Debian 8 "Jessie", this problem has been fixed in version
2.1-2+deb8u1.

We recommend that you upgrade your rzip packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl6lzrpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEeT9Q//ce61QUo3EPS41zV71daeql3YF8cswmYa6r2n6z40AxD2qKzH1P4yjF1W
JoSguJTwYOtZf755t3QqOsy6pCE53tOgCcW+xi03Q6oc/kZhKkgaE3hEuIrCsUjK
FeROqGobwHWhQzgpIEA1XyM22Xo6Nit0eRBZL/zr9O5tjX9ckX3g9wn8L+kHDnYx
rMV7cpcJHZxV7HYAV+/7or1T75bNwjTTTJ3JcwVGNcyNkGIo46MZOFNp3iGZxSVA
9y5edv+NzUKmABXnD1ibHS55a5cGf76VaTtuGfdRiT4mKTIxU8mFux/1/Jfuiyrh
I/CtTLvHNsiVraU+IIyH6IXcR+JzheyO7d2xy/ZQArZBG2lLjB2ylQ2P2aSffc1b
8jKqYHUc/2BS1wUgLqBMn3jrBmh3zeYV0yv4h9oYMmKZQ05ZfQ4M+l0PCM9ucBN4
SXGZSpVOyDDyEW9IcvLYUYjH+nnkK2sasSsX0XZScX6+ZZrVJcjktz4cnpFZZphH
Uvml5w83z89Jg96S+ZpQvvpAYohftRytnSrsuALCJu73WQPznE+UtACw6781mwJM
+QCtB6rNTLoi7dh53qYjxgp/kJ4RwkolMwOfJjhe1+V7iIiBJjkIm6iPVaMarURy
x/zeNq/E7A/q26IDCyFzIPeBp/4dtjJdqhSjy/eyEnpJxXvf6oo=
=e6Id
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2188-1] php5 security update
Next by Date: [SECURITY] [DLA 2190-1] ruby-json security update
Previous by thread: [SECURITY] [DLA 2188-1] php5 security update
Next by thread: [SECURITY] [DLA 2190-1] ruby-json security update
Index(es):
- Date
- Thread