Package "libzzip-0-13"
Name: |
libzzip-0-13
|
Description: |
library providing read access on ZIP-archives - library
|
Latest version: |
0.13.62-3.1ubuntu0.18.04.1 |
Release: |
bionic (18.04) |
Level: |
security |
Repository: |
main |
Head package: |
zziplib |
Homepage: |
http://zziplib.sourceforge.net |
Links
Download "libzzip-0-13"
Other versions of "libzzip-0-13" in Bionic
Changelog
zziplib (0.13.62-3.1ubuntu0.18.04.1) bionic-security; urgency=medium
* SECURITY UPDATE: invalid mem access in zzip_disk_fread
- debian/patches/CVE-2018-6381.patch: check sizes in zzip/memdisk.c.
- CVE-2018-6381
* SECURITY UPDATE: alignment and bus errors in __zzip_fetch_disk_trailer
- debian/patches/CVE-2018-6484.patch: check sizes in zzip/zip.c.
- CVE-2018-6484
- CVE-2018-6541
- CVE-2018-6869
* SECURITY UPDATE: bus error in zzip_disk_findfirst
- debian/patches/CVE-2018-6540.patch: check endbuf in zzip/mmapped.c.
- CVE-2018-6540
* SECURITY UPDATE: invalid memory dereference
- debian/patches/CVE-2018-7725.patch: check zlib space in
zzip/memdisk.c, zzip/mmapped.c.
- CVE-2018-7725
* SECURITY UPDATE: bus error in __zzip_parse_root_directory
- debian/patches/CVE-2018-7726-1.patch: check rootseek and rootsize in
zzip/zip.c.
- debian/patches/CVE-2018-7726-2.patch: check rootseek in zzip/zip.c.
- debian/patches/CVE-2018-7726-3.patch: check zz_rootsize in
zzip/zip.c.
- CVE-2018-7726
-- Marc Deslauriers <email address hidden> Fri, 29 Jun 2018 11:26:58 -0400
|
CVE-2018-6381 |
In ZZIPlib 0.13.67, there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size v |
CVE-2018-6484 |
In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the __zzip_fetch_disk_trailer function of zzip/zip.c. Remote attackers could l |
CVE-2018-6541 |
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_ |
CVE-2018-6869 |
In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a crash in the __zzip_parse_root_directory function of zzip/zip.c. Remote attacker |
CVE-2018-6540 |
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote atta |
CVE-2018-7725 |
An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability c |
CVE-2018-7726 |
An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the __zzip_parse_root_directory function of zip.c. Attackers could leverag |
|
About
-
Send Feedback to @ubuntu_updates