[Secure-testing-team] Bug#778753: cabextract: Directory traversal (CVE pending)
Moritz Muehlenhoff
jmm at inutil.org
Thu Feb 19 10:38:07 UTC 2015
Package: cabextract
Severity: important
Tags: security
Justification: user security hole
Please see http://www.openwall.com/lists/oss-security/2015/02/18/3 for
the CVE request.
Upstream fix is here:
http://sourceforge.net/p/libmspack/code/217
Since unstable has a more recent version than testing, could you make
a targeted jessie upload with this patch?
Cheers,
Moritz
More information about the Secure-testing-team
mailing list