1 |
On Thursday 08 May 2008, Doug Goldstein wrote: |
2 |
> Additionally to follow myself up, I believe one of the security |
3 |
> issues was execution of arbitrary data either when untarred or just |
4 |
> decompressed (assuming a specially crafted lzma file). |
5 |
|
6 |
Can you please point me to the location where this is mentioned. I read |
7 |
through the lzma git log, and I all I could find was data corruption |
8 |
(which usually is not a security issue) and the mention of the |
9 |
word "security" inside the announcement. |
10 |
|
11 |
Thanks, |
12 |
Robert |