#354 closed defect (fixed)
LMS-2014-06-16-1 (LZO vulnerability, does not affect samhain)
| Reported by: | rainer | Owned by: | rainer |
|---|---|---|---|
| Priority: | major | Milestone: | 3.1.2 |
| Component: | main | Version: | |
| Keywords: | Cc: |
Description
There is an integer overflow in the lzo decompress_safe function While this does not affect samhain (only compiled-in data is decompressed, and only in the exepack binary), it can't harm to fix it.
Note:
See TracTickets
for help on using tickets.
Believed to be fixed by changeset [455].