[bts-link] source package src:lrzip

bts-link-upstream at lists.alioth.debian.org bts-link-upstream at lists.alioth.debian.org
Mon May 29 17:31:13 UTC 2017


#
# bts-link upstream status pull for source package src:lrzip
# see http://lists.debian.org/debian-devel-announce/2006/05/msg00001.html
#

user bts-link-upstream at lists.alioth.debian.org

# remote status report for #863145 (http://bugs.debian.org/863145)
# Bug title: lrzip: CVE-2017-8847: NULL pointer dereference in bufRead::get
#  * https://github.com/ckolivas/lrzip/issues/67
#  * remote status changed: (?) -> open
usertags 863145 + status-open

# remote status report for #863150 (http://bugs.debian.org/863150)
# Bug title: lrzip: CVE-2017-8846: use-after-free in read_stream (stream.c)
#  * https://github.com/ckolivas/lrzip/issues/71
#  * remote status changed: (?) -> open
usertags 863150 + status-open

# remote status report for #863151 (http://bugs.debian.org/863151)
# Bug title: lrzip: CVE-2017-8845: invalid memory read in lzo_decompress_buf
#  * https://github.com/ckolivas/lrzip/issues/68
#  * remote status changed: (?) -> open
usertags 863151 + status-open

# remote status report for #863153 (http://bugs.debian.org/863153)
# Bug title: lrzip: CVE-2017-8844: heap-based buffer overflow write in read_1g
#  * https://github.com/ckolivas/lrzip/issues/70
#  * remote status changed: (?) -> open
usertags 863153 + status-open

# remote status report for #863155 (http://bugs.debian.org/863155)
# Bug title: lrzip: CVE-2017-8843: NULL pointer dereference in join_pthread
#  * https://github.com/ckolivas/lrzip/issues/69
#  * remote status changed: (?) -> open
usertags 863155 + status-open

# remote status report for #863156 (http://bugs.debian.org/863156)
# Bug title: lrzip: CVE-2017-8842: divide-by-zero in bufRead::get
#  * https://github.com/ckolivas/lrzip/issues/66
#  * remote status changed: (?) -> open
usertags 863156 + status-open

thanks



More information about the Bts-link-upstream mailing list