-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2657-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 12, 2021 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : lz4 Version : 0.0~r131-2+deb9u1 CVE ID : CVE-2021-3520 Debian Bug : #987856 It was discovered that there was a potential memory corruption vulnerability in the lz4 compression algorithm library. For Debian 9 "Stretch", this problem has been fixed in version 0.0~r131-2+deb9u1. We recommend that you upgrade your lz4 packages. For the detailed security status of lz4 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/lz4 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmCbpUUACgkQHpU+J9Qx HlibTA/+J+ZqxYaBV0IgWDtncbxBXbP0WpMym4zrLbPKvo/w8L+77ln/O0HyPTa1 2PQC9AurTpYqHJlcs89sRDdJtsiIlcf2DnSKzNI/tqMpkJdN3JeZ0Um6zKsK5xe6 SRtJMvnDFyqnotOGjou29odHugEKdsN4Mi2zXGuf0V4LsdZQpoeeDya4fRf7c6vc QwxtAmwcLt29+1PSEled8PggggY7P4/QAf8kMNP/HI8ucv7v/MUw9JhAiw2hqR/8 vO2zpNXgwDG0opMXvx3H+uNipVT4qPu4nwPEi37if7bU0I3DtM2d3f4E3jM4CK48 Ns/435+YC263Ibqt/nP2+LrfgChmDqRbCzjUlTrpstOyhTeE/9qSzH1sOcL4jUsS nv0OatSJlA7llAiUOZ/NaaEX5oKV7uhYCEkJhfZItnuhr+FN2OE4y7YF2et1qtg2 xhyIlZIC5JQusIpIa1pBJy7ZA7laYeH8VdPXIw6b1DxJLICd2rg+rqMWrsoOCZS+ GyxFOz9ZceFr5sD9f033gcO4QNKE8X2J1Urp/xGtBeMZcCnF8tPDYTGKrOsmkOwV 2HLQnCgCGJ121RGeF6qjb6ECnbOgj3JNwgXKUjiUQFQM9Yww/aqq77xPiDVHz7n8 PFFw5kT5ORgIRk7/zNxcNTSUPr6TNOEA9T21994yfD9GfyP8StI= =U50D -----END PGP SIGNATURE-----
