UbuntuUpdates.org

Package "libzzip-0-13"

Name: libzzip-0-13

Description:

library providing read access on ZIP-archives - library

Latest version: 0.13.62-3.2ubuntu1.1
Release: focal (20.04)
Level: updates
Repository: universe
Head package: zziplib
Homepage: http://zziplib.sourceforge.net

Links


Download "libzzip-0-13"


Other versions of "libzzip-0-13" in Focal

Repository Area Version
base universe 0.13.62-3.2ubuntu1
security universe 0.13.62-3.2ubuntu1.1

Changelog

Version: 0.13.62-3.2ubuntu1.1 2023-08-17 18:06:51 UTC

  zziplib (0.13.62-3.2ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: Denial of Service
    - debian/patches/CVE-2018-7727.patch: fixed a denial of service in memdisk
    - debian/patches/CVE-2020-18442-[1-5].patch: fixed an infinite loop in zzip
    - CVE-2018-7727
    - CVE-2020-18442

 -- Amir Naseredini <email address hidden> Thu, 17 Aug 2023 12:16:53 +0100

CVE-2018-7727 An issue was discovered in ZZIPlib 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a den
CVE-2020-18442 Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_



About   -   Send Feedback to @ubuntu_updates