[SECURITY] [DLA 1281-1] advancecomp security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : advancecomp
Version : 1.15-1+deb7u1
CVE ID : CVE-2018-1056
Debian Bug : 889270
Joonun Jang discovered that the advzip tool in advancecomp, a
collection of recompression utilities, was prone to a heap-based
buffer overflow. This might allow an attacker to cause a
denial-of-service (application crash) or other unspecified impact via
a crafted file.
For Debian 7 "Wheezy", these problems have been fixed in version
1.15-1+deb7u1.
We recommend that you upgrade your advancecomp packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlqDEx9fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeSDfg/8C5HUZH8Ak4ZDdpmhKGs28FCLtiVAXHxSaoa14b9FKS79vVxWaVIQnyJU
KhwAJeP+N7/mc5y6sqnm0AUommwxP1cJtJ5bwPZHz0+ZEFRilIFct2N6q83F7zB2
gAe0a9y+ZBJzfvckp8O5bi15y0extwdKijOuOKy81BZmqZOnYHtMItxVihpsKfBu
hxQjosliPrkE4kgxm/En2HYsuyrjeiYvC+At0j2vv8hdEk+NjuwjxpOb/hNDvGqE
bdmFfGQYVQRvw6hSrikOexM2QpyA1U3LOTavPrjlKXWO11KUBjUkjCLq686vuBmV
AEegSSIQih618yMA49g8yoxP2rUBAVdcnBAkQlSdhUuKwy4ZPnaWH4MQg5iUtPYu
jZnlTakDm/kPXxRyrY6/V2h3/BUJWqJ/RedqIjN5ciOrOgEb5/wTxlQh/oTCPxD1
WV/JfZAWURS+vQUHi/irjhvdohEGTXPc7A/vMbVZWyzZDqdnj+VUd/DoIBVamH9n
oZo9Np57seBEr7xzZai4/wvf1XgdF3kxxpYMczJ+mM9SO8hT88POoZ9mrxwOGgSp
wOo484zKbHEYpBDSeWDpbysfa5UR1g7TLFQGX4nemTKwFtytk2lGJQ+GrcDjPv0A
3nJiMBt1eXyoedhhDqBxa3iRcGr28F3s+hCOXxiG7yivPRR1zaY=
=D4vU
-----END PGP SIGNATURE-----
Reply to: