Multiple vulnerabilities have been discovered in the lrzip compression
program which could result in denial of service or potentially the
execution of arbitrary code
For the oldstable distribution (buster), these problems have been fixed
in version 0631+git180528-1+deb10u1 This update also addresses
CVE-2021-27345,
CVE-2020-25467 and
CVE-2021-27 ...
Debian Bug report logs -
#866020
lrzip: CVE-2017-9929: Stack buffer overflow in get_fileinfo in lrzipc, allows attackers to cause DoS
Package:
src:lrzip;
Maintainer for src:lrzip is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 26 Jun 2017 17:15:07 UTC
Se ...
Debian Bug report logs -
#888506
lrzip: CVE-2018-5786: Infinite Loop Vulnerability in get_fileinfo
Package:
src:lrzip;
Maintainer for src:lrzip is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 26 Jan 2018 14:00:02 UTC
Severity: important
Tags: security, up ...
Debian Bug report logs -
#887065
lrzip: CVE-2018-5650: Infinite Loop Vulnerability in unzip_match function
Package:
src:lrzip;
Maintainer for src:lrzip is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 13 Jan 2018 10:51:01 UTC
Severity: important
Tags: secu ...
Debian Bug report logs -
#863153
lrzip: CVE-2017-8844: heap-based buffer overflow write in read_1g
Package:
src:lrzip;
Maintainer for src:lrzip is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 22 May 2017 18:45:01 UTC
Severity: important
Tags: security, up ...
Debian Bug report logs -
#898451
lrzip: CVE-2018-5747: use-after-free in ucompthread (src/streamc)
Package:
src:lrzip;
Maintainer for src:lrzip is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 11 May 2018 19:42:01 UTC
Severity: important
Tags: security, u ...
Debian Bug report logs -
#866022
lrzip: CVE-2017-9928: Stack buffer overflow in get_fileinfoin lrzipc, allows attackers to cause DoS
Package:
src:lrzip;
Maintainer for src:lrzip is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 26 Jun 2017 17:21:06 UTC
Sev ...
Debian Bug report logs -
#863145
lrzip: CVE-2017-8847: NULL pointer dereference in bufRead::get
Package:
src:lrzip;
Maintainer for src:lrzip is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 22 May 2017 17:12:03 UTC
Severity: important
Tags: security, upstr ...
Debian Bug report logs -
#863151
lrzip: CVE-2017-8845: invalid memory read in lzo_decompress_buf
Package:
src:lrzip;
Maintainer for src:lrzip is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 22 May 2017 18:36:07 UTC
Severity: important
Tags: security, upst ...
Debian Bug report logs -
#897645
lrzip: CVE-2018-10685: use-after-free in lzma_decompress_buf
Package:
src:lrzip;
Maintainer for src:lrzip is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 3 May 2018 18:57:01 UTC
Severity: important
Tags: security, upstrea ...
Debian Bug report logs -
#863156
lrzip: CVE-2017-8842: divide-by-zero in bufRead::get
Package:
src:lrzip;
Maintainer for src:lrzip is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 22 May 2017 18:57:02 UTC
Severity: important
Tags: security, upstream
Found ...
Debian Bug report logs -
#863155
lrzip: CVE-2017-8843: NULL pointer dereference in join_pthread
Package:
src:lrzip;
Maintainer for src:lrzip is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 22 May 2017 18:54:01 UTC
Severity: important
Tags: security, upstr ...
Debian Bug report logs -
#863150
lrzip: CVE-2017-8846: use-after-free in read_stream (streamc)
Package:
src:lrzip;
Maintainer for src:lrzip is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 22 May 2017 18:36:04 UTC
Severity: important
Tags: security, upstr ...