TEMP-0000000-9B1564

NameTEMP-0000000-9B1564
Descriptiontryton zipbomb DoS
SourceAutomatically generated temporary name. Not for external reference.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
tryton-server (PTS)jessie, jessie (lts)3.4.0-3+deb8u3vulnerable
stretch (security), stretch (lts), stretch4.2.1-2+deb9u2vulnerable
buster5.0.4-2+deb10u1vulnerable
buster (security)5.0.4-2+deb10u2vulnerable
bullseye (security), bullseye5.0.33-2+deb11u2vulnerable
bookworm (security), bookworm6.0.29-2+deb12u1vulnerable
sid, trixie6.0.46-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
tryton-serversourcejessie(unfixed)end-of-life
tryton-serversourcestretch(unfixed)end-of-life
tryton-serversource(unstable)6.0.45-1

Notes

[bookworm] - tryton-server <no-dsa> (Minor issue)
[bullseye] - tryton-server <no-dsa> (Minor issue)
https://discuss.tryton.org/t/security-release-for-issue-13142/7196
https://foss.heptapod.net/tryton/tryton/-/issues/13142
Search for package or bug name: Reporting problems