| Release | Version |
|---|---|
| jessie | 1:4.2+20130409-2+deb8u2 |
| stretch | 1:4.3-3+deb9u3 |
| buster | 1:4.3-12+deb10u2 |
| bullseye | 1:4.4-2+deb11u2 |
| bookworm | 1:4.5.1-1 |
| trixie | 1:4.6.1-1 |
| sid | 1:4.6.1-1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-4646 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | (1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash ... |
| CVE-2015-4645 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | Integer overflow in the read_fragment_table_4 function in unsquash-4.c ... |
| Bug | Description |
|---|---|
| CVE-2021-41072 | squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Director ... |
| CVE-2021-40153 | squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the file ... |
| CVE-2012-4025 | Integer overflow in the queue_init function in unsquashfs.c in unsquas ... |
| CVE-2012-4024 | Stack-based buffer overflow in the get_component function in unsquashf ... |
| DSA / DLA | Description |
|---|---|
| ELA-497-1 | squashfs-tools - security update |
| DLA-2789-1 | squashfs-tools - security update |
| DSA-4987-1 | squashfs-tools - security update |
| DSA-4967-1 | squashfs-tools - security update |
| DLA-2752-1 | squashfs-tools - security update |
| ELA-480-1 | squashfs-tools - security update |