Debian Bug report logs -
#854723
diffoscope: CVE-2017-0359: writes to arbitrary locations on disk based on the contents of an untrusted archive
Package:
diffoscope;
Maintainer for diffoscope is Reproducible builds folks <reproducible-builds@listsaliothdebianorg>; Source for diffoscope is src:diffoscope (PTS, buildd, popcon)
...