lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.
lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.
https://bugzilla.redhat.com/show_bug.cgi?id=1572058 https://src.fedoraproject.org/rpms/lrzsz/blob/rawhide/f/lrzsz-0.12.20.patch