CVE-2017-0359

Source
Severity Medium
Remote No
Type Arbitrary file overwrite
Description
It has been discovered that diffoscope may write to arbitrary locations on disk depending on the contents of an untrusted archive.
Group Package Affected Fixed Severity Status Ticket
AVG-175 diffoscope 67-1 77-1 Medium Fixed
Date Advisory Group Package Severity Description
17 Feb 2017 ASA-201702-14 AVG-175 diffoscope Medium arbitrary file overwrite
References
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854723
https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=632a40828a54b399787c25e7fa243f732aef7e05