Signed PGP partPackage : unaceVersion : 1.2b-7+deb6u1CVE ID : CVE-2015-2063Debian Bug : 775003Jakub Wilk discovered that unace, an utility to extract, test and view.ace archives, contained an integer overflow leading to a bufferoverflow. If a user or automated system were tricked into processing aspecially crafted ace archive, an attacker could cause a denial ofservice (application crash) or, possibly, execute arbitrary code.-- To UNSUBSCRIBE, email to debian-lts-announce-request@lists.debian.orgwith a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.orgArchive: https://lists.debian.org/alpine.DEB.2.02.1503032007150.17209@jupiter.server.alteholz.net
Attachment: signature.asc Description: Message signed with OpenPGP using GPGMail