Control: tag 1129722 pending
Hi!
Bug #1129722 in package dpkg reported by you has been fixed in
the dpkg/dpkg.git Git repository. You can see the changelog below, and
you can check the diff of the fix at:
https://git.dpkg.org/cgit/dpkg/dpkg.git/diff/?id=f53a8d4f4
---
libdpkg: Terminate zstd decompression when we have no more data
We should be checking whether the input buffer is zero-sized, and then
mark the stream as finished. Otherwise the zstd implementation does not
detect that as an end of stream situation and we get stuck in an
infinite loop spinning the CPU. This means the decompression process
in dpkg-deb does not terminate, so no EPIPE gets generated and the
other processes that are part of the unpacking do not stop either.
Reported-by: Yashashree Gund <[email protected]>
Fixes: commit 2c2f7066bd8c3209762762fa6905fa567b08ca5a
Fixes: CVE-2026-2219
Closes: #1129722
Stable-Candidate: 1.21.x 1.22.x
(cherry picked from commit 6610297a62c0780dd0e80b0e302ef64fdcc9d313)
