19 matches found
RLSA-2024:2377 Moderate: zziplib security update
The zziplib is a lightweight library to easily extract data from zip files. Security Fixes: zziplib: invalid memory access at zzipdiskentrytofileheader in mmapped.c CVE-2020-18770 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
zziplib security update
An update is available for zziplib. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The zziplib is a lightweight library to easily extract data from zip files...
MGASA-2024-0167 Updated zziplib packages fix security vulnerability
An issue was discovered in function zzipdiskentrytofileheader in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service. CVE-2020-18770...
SUSE-SU-2024:0970-1 Security update for zziplib
This update for zziplib fixes the following issues: Security issue fixed: - CVE-2020-18442: Fixed infinite loop in zzipfileread as used in unzzipcatfile bsc1187526. - CVE-2020-18770: Fixed denial-of-service in function zzipdiskentrytofileheader in mmapped.c bsc1214577. Non-security issue fixed: -...
SUSE-SU-2024:0961-1 Security update for zziplib
This update for zziplib fixes the following issues: - CVE-2020-18770: Fixed denial-of-service in function zzipdiskentrytofileheader in mmapped.c bsc1214577...
Amazon Linux 2023 : zziplib, zziplib-devel, zziplib-utils (ALAS2023-2023-006)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-006 advisory. Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value zzipfileread in the function unzzipcatfile. CVE-2020-18442 Tenable has extracted the preceding...
DLA-2859-1 zziplib - security update
Bulletin has no description...
Low: zziplib security update
The zziplib is a lightweight library to easily extract data from zip files. Security Fixes: zziplib: infinite loop via the return value of zzipfileread as used in unzzipcatfile CVE-2020-18442 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and othe...
MGASA-2021-0359 Updated zziplib packages fix security vulnerability
Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzipfileread" in the function "unzzipcatfile" CVE-2020-18442...
SUSE-SU-2021:2164-1 Security update for zziplib
This update for zziplib fixes the following issues: - CVE-2020-18442: Fixed infinite loop in zzipfileread as used in unzzipcatfile bsc1187526...
SUSE-SU-2018:3379-1 Security update for zziplib
This update for zziplib fixes the following issues: - CVE-2018-17828: Remove any '../' components from pathnames of extracted files to avoid path traversal during unpacking. bsc1110687...
SUSE-SU-2018:3220-1 Security update for zziplib
This update for zziplib fixes the following issues: - CVE-2018-17828: Remove any '../' components from pathnames of extracted files to avoid path traversal during unpacking. bsc1110687...
Security update for zziplib (moderate)
This update for zziplib fixes the following issues: Security issue fixed: - CVE-2018-6542: Reject file if the size of the central directory is too big and display an error message bsc1079094. This update was imported from the SUSE:SLE-12:Update update project...
SUSE-SU-2018:1507-1 Security update for zziplib
This update for zziplib fixes the following issues: Security issue fixed: - CVE-2018-6542: Reject file if the size of the central directory is too big and display an error message bsc1079094...
SUSE-SU-2018:0919-1 Security update for zziplib
This update for zziplib fixes the following issues: Security issues fixed: - CVE-2018-7726: There is a bus error caused by thezzipparserootdirectory function of zip.c. Attackers could leverage thisvulnerability to cause a denial of service bsc1084517. - CVE-2018-7725: An invalid memory address...
SUSE-SU-2018:0548-1 Security update for zziplib
This update for zziplib fixes the following issues: Version update to 0.13.67 contains lots of bug- and security fixes. - If an extension block is too small to hold an extension, do not use the information therein. - CVE-2018-6540: If the End of central directory record EOCD contains an Offset of...
DLA-1287-1 zziplib - security update
Bulletin has no description...
MGASA-2017-0163 Updated zziplib packages fix security vulnerability
Heap-based buffer overflow in zzipget32 in fetch.c CVE-2017-5974. Heap-based buffer overflow in zzipget64 in fetch.c CVE-2017-5975. Heap-based buffer overflow in zzipmementryextrablock in memdisk.c CVE-2017-5976. Invalid memory read in zzipmementryextrablock in memdisk.c CVE-2017-5977. Out of...
SUSE-SU-2017:1095-1 Security update for zziplib
This update for zziplib fixes the following issues: Secuirty issues fixed: - CVE-2017-5974: heap-based buffer overflow in zzipget32 fetch.c bsc1024517 - CVE-2017-5975: heap-based buffer overflow in zzipget64 fetch.c bsc1024528 - CVE-2017-5976: heap-based buffer overflow in zzipmementryextrablock...