Information on source package lz4

Available versions

ReleaseVersion
jessie0.0~r122-2+deb8u1
stretch0.0~r131-2+deb9u1
buster1.8.3-1+deb10u1
bullseye1.9.3-2
bookworm1.9.4-1
trixie1.9.4-3
sid1.9.4-3

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2019-17543vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedLZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (rela ...

Resolved issues

BugDescription
CVE-2021-3520There's a flaw in lz4. An attacker who submits a crafted file to an ap ...
CVE-2014-4715Yann Collet LZ4 before r119, when used on certain 32-bit platforms tha ...
CVE-2014-4611Integer overflow in the LZ4 algorithm implementation, as used in Yann ...

Security announcements

DSA / DLADescription
DSA-4919-1lz4 - security update
DLA-2657-1lz4 - security update
ELA-427-1lz4 - security update

Search for package or bug name: Reporting problems