Debian Patches
Status for xz-utils/5.8.1-1+deb13u1
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-liblzma-Fix-a-buffer-overflow-in-lzma_index_append.patch | liblzma: Fix a buffer overflow in lzma_index_append() If lzma_index_decoder() was used to decode an Index that contained no Records, the resulting lzma_index had an invalid internal "prealloc" value. If lzma_index_append() was called on this lzma_index, too little memory would be allocated and a buffer overflow would occur. While this combination of the API functions is meant to work, in the real-world apps this call sequence is rare or might not exist at all. This bug is older than xz 5.0.0, so all stable releases are affected. |
Lasse Collin <lasse.collin@tukaani.org> | no | 2026-03-29 |
All known versions for source package 'xz-utils'
- 5.8.3-1 (forky, sid)
- 5.8.1-1+deb13u1 (trixie, trixie-proposed-updates)
- 5.4.1-1+deb12u1 (bookworm)
- 5.4.1-1 (bookworm-security)
