Opened 10 years ago

Closed 10 years ago

Last modified 9 years ago

#354 closed defect (fixed)

LMS-2014-06-16-1 (LZO vulnerability, does not affect samhain)

Reported by: rainer Owned by: rainer
Priority: major Milestone: 3.1.2
Component: main Version:
Keywords: Cc:

Description

There is an integer overflow in the lzo decompress_safe function While this does not affect samhain (only compiled-in data is decompressed, and only in the exepack binary), it can't harm to fix it.

Change History (1)

comment:1 by rainer, 10 years ago

Resolution: fixed
Status: newclosed

Believed to be fixed by changeset [455].

Note: See TracTickets for help on using tickets.