Security update for lzo (important)

2014-07-16T19:04:17
ID SUSE-SU-2014:0904-1
Type suse
Reporter Suse
Modified 2014-07-16T19:04:17

Description

lzo was updated to fix a potential denial of service issue or possible remote code execution by allowing an attacker, if the LZO decompression algorithm is used in a threaded or kernel context, to corrupt memory structures that control the flow of execution in other contexts. (CVE-2014-4607)