CVE-2022-28044

Published: 15 April 2022

Irzip v0.640 was discovered to contain a heap memory corruption via the component lrzip.c:initialise_control.

Priority

9.8

Package	Release	Status
lrzip Launchpad, Ubuntu, Debian	jammy	Released (0.651-2ubuntu0.22.04.1)
	kinetic	Released (0.651-2ubuntu0.22.10.1)
	upstream	Released (0.650-1)
	impish	Ignored (end of life)
	bionic	Released (0.631-1+deb9u3build0.18.04.1)
	trusty	Released (0.616-1ubuntu0.1~esm2) Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
	xenial	Released (0.621-1ubuntu0.1~esm2) Available with Ubuntu Pro
	focal	Released (0.631+git180528-1+deb10u1build0.20.04.1)

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.