| 1 |
On Thursday 08 May 2008, Doug Goldstein wrote: |
| 2 |
> Additionally to follow myself up, I believe one of the security |
| 3 |
> issues was execution of arbitrary data either when untarred or just |
| 4 |
> decompressed (assuming a specially crafted lzma file). |
| 5 |
|
| 6 |
Can you please point me to the location where this is mentioned. I read |
| 7 |
through the lzma git log, and I all I could find was data corruption |
| 8 |
(which usually is not a security issue) and the mention of the |
| 9 |
word "security" inside the announcement. |
| 10 |
|
| 11 |
Thanks, |
| 12 |
Robert |
Archives