[SECURITY] [DLA 2657-1] lz4 security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2657-1] lz4 security update
From: "Chris Lamb" <lamby@debian.org>
Date: Wed, 12 May 2021 11:23:19 +0100
Message-id: <[🔎] 162081313206.2401736.16120758269669598205@tinycat.chris-lamb.co.uk>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2657-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                           Chris Lamb
May 12, 2021                                  https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : lz4
Version        : 0.0~r131-2+deb9u1
CVE ID         : CVE-2021-3520
Debian Bug     : #987856

It was discovered that there was a potential memory corruption
vulnerability in the lz4 compression algorithm library.

For Debian 9 "Stretch", this problem has been fixed in version
0.0~r131-2+deb9u1.

We recommend that you upgrade your lz4 packages.

For the detailed security status of lz4 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/lz4

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmCbpUUACgkQHpU+J9Qx
HlibTA/+J+ZqxYaBV0IgWDtncbxBXbP0WpMym4zrLbPKvo/w8L+77ln/O0HyPTa1
2PQC9AurTpYqHJlcs89sRDdJtsiIlcf2DnSKzNI/tqMpkJdN3JeZ0Um6zKsK5xe6
SRtJMvnDFyqnotOGjou29odHugEKdsN4Mi2zXGuf0V4LsdZQpoeeDya4fRf7c6vc
QwxtAmwcLt29+1PSEled8PggggY7P4/QAf8kMNP/HI8ucv7v/MUw9JhAiw2hqR/8
vO2zpNXgwDG0opMXvx3H+uNipVT4qPu4nwPEi37if7bU0I3DtM2d3f4E3jM4CK48
Ns/435+YC263Ibqt/nP2+LrfgChmDqRbCzjUlTrpstOyhTeE/9qSzH1sOcL4jUsS
nv0OatSJlA7llAiUOZ/NaaEX5oKV7uhYCEkJhfZItnuhr+FN2OE4y7YF2et1qtg2
xhyIlZIC5JQusIpIa1pBJy7ZA7laYeH8VdPXIw6b1DxJLICd2rg+rqMWrsoOCZS+
GyxFOz9ZceFr5sD9f033gcO4QNKE8X2J1Urp/xGtBeMZcCnF8tPDYTGKrOsmkOwV
2HLQnCgCGJ121RGeF6qjb6ECnbOgj3JNwgXKUjiUQFQM9Yww/aqq77xPiDVHz7n8
PFFw5kT5ORgIRk7/zNxcNTSUPr6TNOEA9T21994yfD9GfyP8StI=
=U50D
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2656-1] hivex security update
Next by Date: [SECURITY] [DLA 2658-1] redmine security update
Previous by thread: [SECURITY] [DLA 2656-1] hivex security update
Next by thread: [SECURITY] [DLA 2658-1] redmine security update
Index(es):
- Date
- Thread