A heap buffer overflow in advancecomp through version 2.0 can allow an attacker to cause a denial of service (DoS) via a crafted ZIP file. External References: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889270
Created advancecomp tracking bugs for this issue: Affects: fedora-all [bug 1542334]
Red Hat OpenStack 6 will be unsupported from the 17th February 2018. This package is shipped to support the installation of Red Hat OpenStack Platform 6 and should not be used. This vulnerability will not be fixed in Red Hat OpenStack Platform 6.
Statement: This issue affects the versions of advancecomp as shipped with Red Hat Satellite 6. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
The issue has been forwarded upstream to https://sourceforge.net/p/advancemame/bugs/259/