| Package | squashfs-tools |
|---|---|
| Version | 1:4.2+20130409-2+deb8u1 |
| Related CVEs | CVE-2021-40153 |
An issue has been found in squashfs-tools, a tool to create and append to squashfs filesystems. As unsquashfs did not validate all filepaths, it would allow writing outside of the original destination.
For Debian 8 jessie, these problems have been fixed in version 1:4.2+20130409-2+deb8u1.
We recommend that you upgrade your squashfs-tools packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.