DebianDEBIAN:DLA-330-1:A343E[SECURITY] [DLA 330-1] unzip security update
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.044 Low
EPSS
Percentile
92.3%
Package : unzip
Version : 6.0-4+deb6u3
CVE ID : CVE-2015-7696 CVE-2015-7697
Debian Bug : 802160 802162
Gustavo Grieco discovered with a fuzzer that unzip was vulnerable to a
heap overflow and to a denial of service with specially crafted
password-protected ZIP archives.
For the Debian 6 squeeze, these issues haven been fixed in unzip
6.0-4+deb6u3.
β
RaphaΓ«l Hertzog β Debian Developer
Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/
Attachment:
signature.asc
Description: PGP signature
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 8 | arm64 | unzip | <Β 6.0-16+deb8u1 | unzip_6.0-16+deb8u1_arm64.deb |
| Debian | 7 | ia64 | unzip | <Β 6.0-8+deb7u4 | unzip_6.0-8+deb7u4_ia64.deb |
| Debian | 7 | kfreebsd-amd64 | unzip | <Β 6.0-8+deb7u4 | unzip_6.0-8+deb7u4_kfreebsd-amd64.deb |
| Debian | 7 | amd64 | unzip | <Β 6.0-8+deb7u4 | unzip_6.0-8+deb7u4_amd64.deb |
| Debian | 8 | kfreebsd-amd64 | unzip | <Β 6.0-16+deb8u1 | unzip_6.0-16+deb8u1_kfreebsd-amd64.deb |
| Debian | 7 | i386 | unzip | <Β 6.0-8+deb7u4 | unzip_6.0-8+deb7u4_i386.deb |
| Debian | 8 | mipsel | unzip | <Β 6.0-16+deb8u1 | unzip_6.0-16+deb8u1_mipsel.deb |
| Debian | 7 | armel | unzip | <Β 6.0-8+deb7u4 | unzip_6.0-8+deb7u4_armel.deb |
| Debian | 7 | all | unzip | <Β 6.0-8+deb7u4 | unzip_6.0-8+deb7u4_all.deb |
| Debian | 8 | kfreebsd-i386 | unzip | <Β 6.0-16+deb8u1 | unzip_6.0-16+deb8u1_kfreebsd-i386.deb |
Related
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.044 Low
EPSS
Percentile
92.3%