http://www.csoonline.com/article/23...old-vulnerability-in-lzo-finally-patched.html
The article says most open source projects using LZO are already implementing patches. I'm not sure if Proxmox is getting the patches from upstream automatically or should incorporate it themselves into vzdump/vzrestore, hopefully the former.
US CERT report:
https://www.us-cert.gov/ncas/curren...erabilities-LZO-and-LZ4-compression-libraries
The article says most open source projects using LZO are already implementing patches. I'm not sure if Proxmox is getting the patches from upstream automatically or should incorporate it themselves into vzdump/vzrestore, hopefully the former.
US CERT report:
https://www.us-cert.gov/ncas/curren...erabilities-LZO-and-LZ4-compression-libraries