[CLSA-2022:1652801011] Fix CVE(s): CVE-2022-1271
Type:
security
Severity:
moderate
Release date:
2022-05-17 15:23:31 UTC
Description:
* SECURITY UPDATE: arbitrary file overwrite or code execution with crafted file names - debian/patches/CVE-2022-1271.patch: fix escaping of malicious filenames in src/scripts/xzgrep.in. - CVE-2022-1271
Updated packages:
  • liblzma-dev_5.1.1alpha+20120614-2ubuntu2+tuxcare.els1_amd64.deb
    sha:9dae3ade27e6630c70c7b7185b319e77039bd1d4
  • liblzma-doc_5.1.1alpha+20120614-2ubuntu2+tuxcare.els1_all.deb
    sha:52801c75659c8623aaf0acfc541b98190d4dc041
  • liblzma5_5.1.1alpha+20120614-2ubuntu2+tuxcare.els1_amd64.deb
    sha:ddf6bd4d398efe62aa8d2ee8b3f09612e4543cec
  • xz-utils_5.1.1alpha+20120614-2ubuntu2+tuxcare.els1_amd64.deb
    sha:54e697bd41e4a313eaa5dc3987236fd4b1a2026e
  • xzdec_5.1.1alpha+20120614-2ubuntu2+tuxcare.els1_amd64.deb
    sha:9aa0c0471e57c9210e9854dee21d9b251f7e0ce4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.