SUSE CVE-2017-14107

The zipreadeocd64 function in zipopen.c in libzip before 1.3.0 mishandles EOCD records, which allows remote attackers to cause a denial of service memory allocation failure in zipcdirgrow in zipdirent.c via a crafted ZIP archive...

The vulnerability of the _zip_read_eocd64 function in the zip_open.c component of the Libzip library allows a attacker to cause a service failure.

The vulnerability of the zipreadeocd64 function in the zipopen.c component of the Libzip library library for working with Zip archives is related to the allocation of unlimited memory. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

Fedora 27 : libzip (2017-7bd193c0ed)

Version 1.3.0 It contains fixes for two possible security problems. The problems were identified by Brian 'geeknik' Carpenter and Agostino Sarubbo using AFL. The changes are : - Support bzip2 compressed zip archives - Improve file progress callback code - Fix zipfdopen - CVE-2017-12858: Fix doubl...

Fedora 26 : libzip (2017-840db88351)

Version 1.3.0 It contains fixes for two possible security problems. The problems were identified by Brian 'geeknik' Carpenter and Agostino Sarubbo using AFL. The changes are : - Support bzip2 compressed zip archives - Improve file progress callback code - Fix zipfdopen - CVE-2017-12858: Fix doubl...