Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-5145-1:9B718
HistoryMay 24, 2022 - 5:48 p.m.

[SECURITY] [DSA 5145-1] lrzip security update

2022-05-2417:48:54
lists.debian.org
24
lrzip
security update
denial of service
arbitrary code
cve-2018-5786
cve-2022-26291
cve-2022-28044
cve-2021-27345
cve-2020-25467
cve-2021-27347
debian
stable distribution
oldstable distribution

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

High

EPSS

0.002

Percentile

54.9%

JSON

Debian Security Advisory DSA-5145-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
May 24, 2022 https://www.debian.org/security/faq

Package : lrzip
CVE ID : CVE-2018-5786 CVE-2022-26291 CVE-2022-28044

Multiple vulnerabilities have been discovered in the lrzip compression
program which could result in denial of service or potentially the
execution of arbitrary code.

For the oldstable distribution (buster), these problems have been fixed
in version 0.631+git180528-1+deb10u1. This update also addresses
CVE-2021-27345, CVE-2020-25467 and CVE-2021-27347.

For the stable distribution (bullseye), these problems have been fixed in
version 0.641-1+deb11u1.

We recommend that you upgrade your lrzip packages.

For the detailed security status of lrzip please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/lrzip

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian11i386lrzip< 0.641-1+deb11u1lrzip_0.641-1+deb11u1_i386.deb
Debian9amd64lrzip< 0.631-1+deb9u3lrzip_0.631-1+deb9u3_amd64.deb
Debian9armhflrzip< 0.631-1+deb9u3lrzip_0.631-1+deb9u3_armhf.deb
Debian10ppc64ellrzip-dbgsym< 0.631+git180528-1+deb10u1lrzip-dbgsym_0.631+git180528-1+deb10u1_ppc64el.deb
Debian10ppc64ellrzip< 0.631+git180528-1+deb10u1lrzip_0.631+git180528-1+deb10u1_ppc64el.deb
Debian11armhflrzip< 0.641-1+deb11u1lrzip_0.641-1+deb11u1_armhf.deb
Debian10armhflrzip< 0.631+git180528-1+deb10u1lrzip_0.631+git180528-1+deb10u1_armhf.deb
Debian11s390xlrzip< 0.641-1+deb11u1lrzip_0.641-1+deb11u1_s390x.deb
Debian10armhflrzip-dbgsym< 0.631+git180528-1+deb10u1lrzip-dbgsym_0.631+git180528-1+deb10u1_armhf.deb
Debian11ppc64ellrzip< 0.641-1+deb11u1lrzip_0.641-1+deb11u1_ppc64el.deb
Rows per page:
1-10 of 461

Related

osv 12
openvas 6
nessus 7
ubuntu 3
debian 3
redos 1
nvd 6
ubuntucve 6
cvelist 6
debiancve 6
prion 6
cve 6
veracode 6
alpinelinux 5
osv
osv
lrzip vulnerabilities
2023-02-02 13:36:09
lrzip - security update
2022-04-13 00:00:00
lrzip - security update
2022-05-24 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5840-1)
2023-02-03 00:00:00
Debian: Security Advisory (DSA-5145-1)
2022-05-25 00:00:00
Debian: Security Advisory (DLA-2981-1)
2022-04-14 00:00:00
nessus
nessus
Debian DSA-5145-1 : lrzip - security update
2022-05-24 00:00:00
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : Long Range ZIP vulnerabilities (USN-5840-1)
2023-02-02 00:00:00
Debian DLA-2981-1 : lrzip - LTS security update
2022-04-13 00:00:00
ubuntu
ubuntu
Long Range ZIP vulnerabilities
2023-02-02 00:00:00
Long Range ZIP vulnerabilities
2021-12-06 00:00:00
Long Range ZIP vulnerabilities
2021-12-09 00:00:00
debian
debian
[SECURITY] [DLA 2981-1] lrzip security update
2022-04-13 13:47:08
[SECURITY] [DLA 3005-1] lrzip security update
2022-05-14 01:36:54
[SECURITY] [DLA 2725-1] lrzip security update
2021-08-01 21:53:40
redos
redos
ROS-20240607-03
2024-06-07 00:00:00
nvd
nvd
CVE-2022-28044
2022-04-15 14:15:07
CVE-2020-25467
2021-06-10 16:15:07
CVE-2021-27345
2021-06-10 16:15:08
ubuntucve
ubuntucve
CVE-2022-28044
2022-04-15 00:00:00
CVE-2020-25467
2021-06-10 00:00:00
CVE-2021-27345
2021-06-10 00:00:00
cvelist
cvelist
CVE-2022-28044
2022-04-15 13:06:35
CVE-2021-27345
2021-06-10 15:45:02
CVE-2020-25467
2021-06-10 15:41:29
debiancve
debiancve
CVE-2020-25467
2021-06-10 16:15:07
CVE-2021-27345
2021-06-10 16:15:08
CVE-2022-28044
2022-04-15 14:15:07
prion
prion
Null pointer dereference
2021-06-10 16:15:00
Null pointer dereference
2021-06-10 16:15:00
Memory corruption
2022-04-15 14:15:00
cve
cve
CVE-2020-25467
2021-06-10 16:15:07
CVE-2022-28044
2022-04-15 14:15:07
CVE-2021-27345
2021-06-10 16:15:08
veracode
veracode
Null Pointer Dereference
2022-04-14 03:42:18
Null Pointer Dereference
2022-04-14 08:34:58
Denial Of Service (DoS)
2022-04-18 08:20:13
alpinelinux
alpinelinux
CVE-2020-25467
2021-06-10 16:15:07
CVE-2021-27345
2021-06-10 16:15:08
CVE-2021-27347
2021-06-10 16:15:08

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

High

EPSS

0.002

Percentile

54.9%

JSON
Related for DEBIAN:DSA-5145-1:9B718
osv12openvas6nessus7ubuntu3debian3redos1nvd6ubuntucve6cvelist6debiancve6prion6cve6veracode6alpinelinux5