There are 2 open security issues in bullseye.
2 issues left for the package maintainer to handle:
- CVE-2016-1243:
(needs triaging)
Stack-based buffer overflow in the extractTree function in unADF allows remote attackers to execute arbitrary code via a long pathname.
- CVE-2016-1244:
(needs triaging)
The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file.
You can find information about how to handle these issues in the security team's documentation.