From ${URL} : Package: gettext Version: 0.19.3-1 The attached (slightly corrupted) MO file crashes msgunfmt: $ msgunfmt messages.mo Segmentation fault I suspect there's a integer overflow somewhere. This bug was brought to you by American fuzzy lop: http://lcamtuf.coredump.cx/afl/ message.mo: https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=3;filename=messages.mo;att=1;bug=769901 commit fix: http://git.savannah.gnu.org/cgit/gettext.git/commit/?id=abf93d1305d1fc59142d2231ec5f94286038a98a
this is fixed in the 0.19.4 release which is also stable now via bug #551828
No PoC for ACE/RCE, downgraded to A4. Repository is clean.