On Saturday 28 June 2014 15:33, Isaac Dunham wrote: > There's an integer overflow in LZO (LMS-2014-06-16-1): > http://www.openwall.com/lists/oss-security/2014/06/26/20 > > I suspect that this affects Busybox; the code would be in > archival/libarchive/lzo1x_d.c > But I wouldn't be able to verify that or to fix it.
Thanks for the report. Fixed in git just now. _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
