A flaw was found in Sharutils 4.15.2, a heap buffer overflow in Unshar. This may allow an attacker to perform a Denial of Service attack or possible have another unspecified impact.
Created sharutils tracking bugs for this issue: Affects: fedora-all [bug 1548019]
Is this the upstream bug report <http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00004.html>? (The same author send another bug report sooner <http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00003.html>.)
Created attachment 1399466 [details] A proposed fix
(In reply to Petr Pisar from comment #2) > Is this this upstream bug report > <http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00004.html>? It is according to the back trace.
sharutils-4.15.2-8.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.
sharutils-4.15.2-6.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.