Note:
This project will be discontinued after December 13, 2021. [more]
2018-07-17
GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).
| Products | Debian_linux, Libextractor |
| Type | Out-of-bounds Write (CWE-787) |
| First patch | - None (likely due to unavailable code) |
| Links |
• http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html
• https://gnunet.org/git/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e • https://lists.debian.org/debian-lts-announce/2018/08/msg00025.html • https://www.debian.org/security/2018/dsa-4290 |