An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of crafted file. References: https://tukaani.org/xz/ https://github.com/snappyJack/CVE-request-XZ-5.2.5-has-denial-of-service-vulnerability
https://github.com/snappyJack/CVE-request-XZ-5.2.5-has-denial-of-service-vulnerability is a broken link
Created xz tracking bugs for this issue: Affects: fedora-all [bug 2235294]
Created mingw-xz tracking bugs for this issue: Affects: fedora-all [bug 2235295]