{"id":"MGASA-2016-0084","summary":"Updated xdelta3 packages fix CVE-2014-9765","details":"Updated xdelta3 package fixes security vulnerability:\n\nStepan Golosunov discovered that xdelta3, a diff utility which works with\nbinary files, is affected by a buffer overflow vulnerability within the\nmain_get_appheader function, which may lead to the execution of arbitrary\ncode (CVE-2014-9765).\n","modified":"2026-04-16T06:25:27.346051186Z","published":"2016-03-02T18:28:46Z","upstream":["CVE-2014-9765"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0084.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=17713"},{"type":"WEB","url":"https://www.debian.org/security/2016/dsa-3484"}],"affected":[{"package":{"name":"xdelta3","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/xdelta3?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.0-5.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0084.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}