12 matches found
Huawei EulerOS: Security Advisory for zziplib (EulerOS-SA-2018-1397)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 28 : zziplib (2018-237e9b550c)
Update zziplib to 0.13.69 version, fixes all known CVEs for the package. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
EulerOS 2.0 SP3 : zziplib (EulerOS-SA-2018-1397)
According to the versions of the zziplib package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - zziplib: out of bound read in mmapped.c:zzipdiskfread causes crash.CVE-2018-7725 - zziplib: Bus error in zip.c:zzipparserootdirectory cause cras...
Scientific Linux Security Update : zziplib on SL7.x x86_64 (20181030)
Security Fixes : - zziplib: out of bound read in mmapped.c:zzipdiskfread causes crash CVE-2018-7725 - zziplib: Bus error in zip.c:zzipparserootdirectory cause crash via crafted zip file CVE-2018-7726 - zziplib: Memory leak in memdisk.c:zzipmemdisknew can lead to denial of service via crafted zip...
Oracle Linux 7 : zziplib (ELSA-2018-3229)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3229 advisory. - 'Variable 'file' going out of scope leaks the storage it points to.' has been introduced by the original version of 0001-fix-CVE-2018-7725.patch - Fi...
zziplib security update
0.13.62-9 - Fix covscan warning - 'Variable 'file' going out of scope leaks the storage it points to.' has been introduced by the original version of 0001-fix-CVE-2018-7725.patch - Related: 1558596 0.13.62-8 - Fix CVE-2018-7727 - Resolves: 1558891 0.13.62-7 - Fix CVE-2018-7726 - Resolves: 1558623...
Ubuntu: Security Advisory (USN-3699-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : zziplib (openSUSE-2018-359)
This update for zziplib fixes the following issues : Security issues fixed : - CVE-2018-7726: There is a bus error caused by thezzipparserootdirectory function of zip.c. Attackers could leverage thisvulnerability to cause a denial of service bsc1084517. - CVE-2018-7725: An invalid memory address...
SUSE SLED12 Security Update : zziplib (SUSE-SU-2018:0919-1)
This update for zziplib fixes the following issues: Security issues fixed : - CVE-2018-7726: There is a bus error caused by thezzipparserootdirectory function of zip.c. Attackers could leverage thisvulnerability to cause a denial of service bsc1084517. - CVE-2018-7725: An invalid memory address...
SUSE-SU-2018:0919-1 Security update for zziplib
This update for zziplib fixes the following issues: Security issues fixed: - CVE-2018-7726: There is a bus error caused by thezzipparserootdirectory function of zip.c. Attackers could leverage thisvulnerability to cause a denial of service bsc1084517. - CVE-2018-7725: An invalid memory address...
CVE-2018-7726
CVE-2018-7726 affects ZZIPlib up to version 0.13.68. The issue is a bus error in __zzip_parse_root_directory (zip.c) that could crash a target via a crafted ZIP file, enabling a denial of service. Connected advisories confirm upstream fixed in 0.13.69; multiple OS advisories/patches reference thi...
CVE-2018-7726
An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the zzipparserootdirectory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...