On Sat, Dec 02, 2006 at 01:54:57PM +0100, Stefan Fritsch wrote: > Package: lha > Version: 1.14i-10 > Severity: grave > Tags: security > Justification: user security hole > > > LHA seems to be affected by > CVE-2006-4335 > CVE-2006-4337 > CVE-2006-4338
If GNU gzip can handle LHA archives I'm wondering if the non-free lha is really worth keeping? Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]