[bts-link] source package src:lrzip
bts-link-upstream at lists.alioth.debian.org
bts-link-upstream at lists.alioth.debian.org
Mon May 29 17:31:13 UTC 2017
#
# bts-link upstream status pull for source package src:lrzip
# see http://lists.debian.org/debian-devel-announce/2006/05/msg00001.html
#
user bts-link-upstream at lists.alioth.debian.org
# remote status report for #863145 (http://bugs.debian.org/863145)
# Bug title: lrzip: CVE-2017-8847: NULL pointer dereference in bufRead::get
# * https://github.com/ckolivas/lrzip/issues/67
# * remote status changed: (?) -> open
usertags 863145 + status-open
# remote status report for #863150 (http://bugs.debian.org/863150)
# Bug title: lrzip: CVE-2017-8846: use-after-free in read_stream (stream.c)
# * https://github.com/ckolivas/lrzip/issues/71
# * remote status changed: (?) -> open
usertags 863150 + status-open
# remote status report for #863151 (http://bugs.debian.org/863151)
# Bug title: lrzip: CVE-2017-8845: invalid memory read in lzo_decompress_buf
# * https://github.com/ckolivas/lrzip/issues/68
# * remote status changed: (?) -> open
usertags 863151 + status-open
# remote status report for #863153 (http://bugs.debian.org/863153)
# Bug title: lrzip: CVE-2017-8844: heap-based buffer overflow write in read_1g
# * https://github.com/ckolivas/lrzip/issues/70
# * remote status changed: (?) -> open
usertags 863153 + status-open
# remote status report for #863155 (http://bugs.debian.org/863155)
# Bug title: lrzip: CVE-2017-8843: NULL pointer dereference in join_pthread
# * https://github.com/ckolivas/lrzip/issues/69
# * remote status changed: (?) -> open
usertags 863155 + status-open
# remote status report for #863156 (http://bugs.debian.org/863156)
# Bug title: lrzip: CVE-2017-8842: divide-by-zero in bufRead::get
# * https://github.com/ckolivas/lrzip/issues/66
# * remote status changed: (?) -> open
usertags 863156 + status-open
thanks
More information about the Bts-link-upstream
mailing list