Red Hat Security Advisory 2014-0861-02 - LZO is a portable lossless data compression library written in ANSI C. An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.
2b79806c5506601a649fcadead2d724e2e194a128b8d64da2b4a6ad1636a84ba