UBUNTU-CVE-2019-17582

A use-after-free in the zipdirentread function of zipdirent.c in libzip 1.2.0 allows attackers to have an unspecified impact by attempting to unzip a malformed ZIP archive. NOTE: the discoverer states "This use-after-free is triggered prior to the double free reported in CVE-2017-12858."...

CVE-2019-17582

CVE-2019-17582 affects libzip 1.2.0, caused by a use-after-free in _zip_dirent_read within zip_dirent.c. The impact is described as unspecified in the CVE entry. Public sources in connected documents indicate upstream fixes and a later version (1.3.0) addressing related issues (e.g., CVE-2017-128...

CVE-2019-17582

A use-after-free in the zipdirentread function of zipdirent.c in libzip 1.2.0 allows attackers to have an unspecified impact by attempting to unzip a malformed ZIP archive. NOTE: the discoverer states "This use-after-free is triggered prior to the double free reported in CVE-2017-12858."...

new module: php:7.4

An update is available for php-pear, php-pecl-rrd, php, php-pecl-apcu, php-pecl-xdebug, libzip, php-pecl-zip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Thi...

Denial Of Service (DoS)

libzip is vulnerable to denial of service. A remote attacker is able to crash the application via a malicious ZIP archive due to a memory allocation failure in the zipcdirgrow function in zipdirent.c...

7.3 enhancement update

An update is available for php-pear, php-pecl-rrd, php-pecl-apcu, php-pecl-xdebug, libzip, php-pecl-zip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For...

php:7.3 security update

An update is available for libzip, php-pear, php-pecl-apcu, php-pecl-zip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PHP is an HTML-embedded scripting...

php:7.2 security update

An update is available for libzip, php-pear, php-pecl-apcu, php-pecl-zip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PHP is an HTML-embedded scripting...

new module: php:7.3

An update is available for libzip, php-pear, php-pecl-apcu, php-pecl-zip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list This enhancement update adds the php:7....

7.2 bug fix and enhancement update

An update is available for libzip, php-pear, php-pecl-apcu, php-pecl-zip. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in...

Fedora Update for libzip FEDORA-2019-615e060d4e

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 30 : libzip (2019-94fb5d75e6)

Version 1.5.2 - Fix bug in AES encryption affecting certain file sizes - Keep file permissions when modifying zip archives - Support systems with small stack size. - Add nullability annotations. Note that Tenable Network Security has extracted the preceding description block directly from the...

[SECURITY] Fedora 30 Update: libzip-1.5.2-1.fc30

libzip is a C library for reading, creating, and modifying zip archives. Fi les can be added from data buffers, files, or compressed data copied directly f rom other zip archives. Changes made without closing the archive can be reverte d. The API is documented by man pages...

Fedora Update for libzip FEDORA-2019-0b73bd3e5d

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 29 : libzip (2019-615e060d4e)

Version 1.5.2 - Fix bug in AES encryption affecting certain file sizes - Keep file permissions when modifying zip archives - Support systems with small stack size. - Add nullability annotations. Note that Tenable Network Security has extracted the preceding description block directly from the...

Fedora 28 : libzip (2019-0b73bd3e5d)

Version 1.5.2 - Fix bug in AES encryption affecting certain file sizes - Keep file permissions when modifying zip archives - Support systems with small stack size. - Add nullability annotations. Note that Tenable Network Security has extracted the preceding description block directly from the...

[SECURITY] Fedora 29 Update: libzip-1.5.2-1.fc29

libzip is a C library for reading, creating, and modifying zip archives. Fi les can be added from data buffers, files, or compressed data copied directly f rom other zip archives. Changes made without closing the archive can be reverte d. The API is documented by man pages...

[SECURITY] Fedora 28 Update: libzip-1.5.2-1.fc28

libzip is a C library for reading, creating, and modifying zip archives. Fi les can be added from data buffers, files, or compressed data copied directly f rom other zip archives. Changes made without closing the archive can be reverte d. The API is documented by man pages...

Fedora 27 : libzip (2017-7bd193c0ed)

Version 1.3.0 It contains fixes for two possible security problems. The problems were identified by Brian 'geeknik' Carpenter and Agostino Sarubbo using AFL. The changes are : - Support bzip2 compressed zip archives - Improve file progress callback code - Fix zipfdopen - CVE-2017-12858: Fix doubl...

Fedora 27 : mingw-libzip (2017-d5487d0f80)

Update to version 1.3.0, see https://nih.at/libzip/NEWS.html for details. ---- This update backports security fix for CVE-2017-14107. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to...