-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-5145-1
security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff
May 24, 2022
https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : lrzip
CVE ID : CVE-2018-5786 CVE-2022-26291 CVE-2022-28044
Multiple vulnerabilities have been discovered in the lrzip compression
program which could result in denial of service or potentially the
execution of arbitrary code.
For the oldstable distribution (buster), these problems have been fixed
in version 0.631+git180528-1+deb10u1. This update also addresses CVE-2021-27345, CVE-2020-25467 and CVE-2021-27347.
For the stable distribution (bullseye), these problems have been fixed in version 0.641-1+deb11u1.
We recommend that you upgrade your lrzip packages.
For the detailed security status of lrzip please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/lrzip
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at:
https://www.debian.org/security/
Mailing list:
debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmKNGTcACgkQEMKTtsN8 TjazGRAApfFESYp0z9yJHmiF/rqBm2bJGh1UH0/Zv97a1fpFyCwAQHseA5r6p3Ky gl9339yuiU6E2lSNeMp+hsO2YP8CCW9hmhfQoAZSwcyp/997Fz0jQ1oSdti4rDV2 LpxhA1sjw8xuA2jaS2078Hkwf0t6TbhG8RR0w178NCK9QrKgR1mJ23Pgna7ZH3Wa r4JmYRpS09aKJbO0k4FrWjDsneTLszob++TvYerYXpU/lkW+Xjx+8NLL5VGfn5W8 qT0yk1Wcl9eOU1QbsSgM897ntcvce4xcSrb/I3VYuLX1piFfu9qTdXknn07MKimt 3C57lxkSRv/P6n6UNsVdKrnapxyfTXVwDkNI16VrSUTN4t2Ro5Rt/RX6mZip80dG WdbeC/FiP+9JiwW6x9P8f1jnDhx0bGry/EcWAvLBLw0IyytD3teV7q98zsQcLPOZ Bkr2kR6xJGhIDHdhzgYHONJccK5y14tPTeamM5BFVGC8he5zBBSZdryAAaAwwoW/ F4gkSt3+5d3gE2Dp3zrjNWNlM/72mz4iUGew9ob5DN6j9v47ZWn39Va3g1pS0BWg dzTDjZlYRi5THRG/1myz6/6WfGS5yMP14P4tk94c8VamdFocMtbIaYUKA/P4vv6u SqKLOu7PGcJW5pLL4qxk24Uj+4V0BG3OihZfnfiGCfGxYrVBRvU=
=bEKA
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)