|Description||An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)|
|References||DLA-1281-1, DLA-1702-1, DLA-2868-1|
Vulnerable and fixed packages
The table below lists information on source packages.
|advancecomp (PTS)||buster, bullseye||2.1-2.1||fixed|
|trixie, sid, bookworm||2.5-1||fixed|
The information below is based on the following data on fixed versions.