Package: lrzip | Debian Sources

Package: lrzip / 0.660-1

Metadata

Package	Version	Patches format
lrzip	0.660-1	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
CVE 2023 39741.patch \| (download)	libzpaq/libzpaq.cpp \| 1 1 + 0 - 0 ! 1 file changed, 1 insertion(+)	backport hsize validation for empty pcomp Backport hsize validation from libzpaq v7.15 This prevents Denial of Service via a crafted file due to a heap overflow via the ibzpaq::PostProcessor::write(int) function.

Patch

File delta

Description

CVE 2023 39741.patch | (download)

libzpaq/libzpaq.cpp | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 backport hsize validation for empty pcomp
 Backport hsize validation from libzpaq v7.15
 This prevents Denial of Service via a crafted file due to a heap overflow
 via the ibzpaq::PostProcessor::write(int) function.