File _patchinfo of Package patchinfo.1754

<patchinfo incident="1754">
 <issue id="CVE-2015-2282" tracker="cve" />
  <issue id="CVE-2015-2278" tracker="cve" />
  <issue id="935939" tracker="bnc">Security fix for compression algorithms implementation LZH and LZC</issue>
  <category>security</category>
  <rating>moderate</rating>
  <packager>varkoly</packager>
  <description>

This update fixes the following security issues: 

CVE-2015-2278: The LZH decompression implementation allows context-dependent attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to look-ups of non-simple codes.

CVE-2015-2282: Stack-based buffer overflow in the LZC decompression implementation allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors

</description>
  <summary>Security update for clamsap</summary>
</patchinfo>
Places

File _patchinfo of Package patchinfo.1754

Places
