Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.1:Update
patchinfo.4927
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.4927
<patchinfo incident="4927"> <issue id="973790" tracker="bnc">VUL-0: CVE-2016-2347: lhasa: decode_level3_header Heap Corruption Vulnerability</issue> <issue id="CVE-2016-2347" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>jengelh</packager> <description>This update for lhasa to 0.3.1 fixes the following issues: These security issues were fixed: * CVE-2016-2347: Integer underflow vulnerability in the code for doing LZH level 3 header decodes (boo#973790)[ These non-security issues were fixed: * PMarc -pm1- archives that contain truncated compressed data (the decompressed length is longer than what can be read from the compressed data) now decompress as intended. Certain archives in the wild make the assumption that this can be done. * LArc -lz5- archives that make use of the initial history buffer now decompress correctly. * The tests no longer use predictable temporary paths. </description> <summary>Security update for lhasa</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
