{"id":"MGASA-2015-0482","summary":"Updated dpkg packages fix CVE-2015-0860","details":"Updated dpkg packages fix security vulnerability:\n\nHanno Boeck discovered a stack-based buffer overflow in the dpkg-deb component\nof dpkg. This flaw could potentially lead to arbitrary code execution if a user\nor an automated system were tricked into processing a specially crafted Debian\nbinary package (.deb) in the old style Debian binary package format\n(CVE-2015-0860).\n","modified":"2026-02-02T04:45:57.556200Z","published":"2015-12-23T20:12:49Z","related":["CVE-2015-0860"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0482.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=17239"},{"type":"REPORT","url":"https://www.debian.org/security/2015/dsa-3407"}],"affected":[{"package":{"name":"dpkg","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/dpkg?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.17.26-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0482.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}