Package "libzstd"

Name: libzstd


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • fast lossless compression algorithm -- CLI tool

Latest version: 1.4.4+dfsg-3ubuntu0.1
Release: focal (20.04)
Level: security
Repository: universe


Other versions of "libzstd" in Focal

Repository Area Version
base universe 1.4.4+dfsg-3
base main 1.4.4+dfsg-3
security main 1.4.4+dfsg-3ubuntu0.1
updates main 1.4.4+dfsg-3ubuntu0.1
updates universe 1.4.4+dfsg-3ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Version: 1.4.4+dfsg-3ubuntu0.1 2021-03-08 20:07:34 UTC

  libzstd (1.4.4+dfsg-3ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: race condition allows attacker to access
    world-readable destination file
    - debian/patches/0018-fix-file-permissions-on-compression.patch: set
      umask in programs/fileio.c, programs/util.c, programs/util.h.
    - CVE-2021-24031
    - CVE-2021-24032

 -- Marc Deslauriers <email address hidden> Wed, 03 Mar 2021 10:47:34 -0500

CVE-2021-24031 In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the inp
CVE-2021-24032 Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with de

About   -   Send Feedback to @ubuntu_updates