From: Petr Pisar Subject: Fix CVE-2018-1000097, heap buffer overflow in unshar Bug-Debian: https://bugs.debian.org/893525 X-Debian-version: 1:4.15.2-3 --- a/src/unshar.c +++ b/src/unshar.c @@ -240,7 +240,7 @@ off_t position = ftello (file); /* Read next line, fail if no more and no previous process. */ - if (!fgets (rw_buffer, BUFSIZ, file)) + if (!fgets (rw_buffer, rw_base_size, file)) { if (!start) error (0, 0, _("Found no shell commands in %s"), name);