Lucene search
SuseOPENSUSE-SU-2018:1914-1HistoryJul 07, 2018 - 3:08 a.m.
Security update for unzip (moderate)
2018-07-0703:08:17
lists.opensuse.org
43
0.259 Low
EPSS
Percentile
96.2%
This update for unzip fixes the following issues:
- CVE-2014-9636: Prevent denial of service (out-of-bounds read or write
and crash) via an extra field with an uncompressed size smaller than the
compressed field size in a zip archive that advertises STORED method
compression (bsc#914442) - CVE-2018-1000035: Prevent heap-based buffer overflow in the processing
of password-protected archives that allowed an attacker to perform a
denial of service or to possibly achieve code execution (bsc#1080074)
This non-security issue was fixed:
± Allow processing of Windows zip64 archives (Windows archivers set
total_disks field to 0 but per standard, valid values are 1 and higher)
(bnc#910683)
This update was imported from the SUSE:SLE-15:Update update project.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.0 | i586 | unzip-doc | < 6.00-lp150.3.3.1 | unzip-doc-6.00-lp150.3.3.1.i586.rpm |
| openSUSE Leap | 15.0 | x86_64 | unzip-rcc-debugsource | < 6.00-lp150.3.3.1 | unzip-rcc-debugsource-6.00-lp150.3.3.1.x86_64.rpm |
| openSUSE Leap | 15.0 | i586 | unzip | < 6.00-lp150.3.3.1 | unzip-6.00-lp150.3.3.1.i586.rpm |
| openSUSE Leap | 15.0 | x86_64 | unzip-debuginfo | < 6.00-lp150.3.3.1 | unzip-debuginfo-6.00-lp150.3.3.1.x86_64.rpm |
| openSUSE Leap | 15.0 | x86_64 | unzip-doc | < 6.00-lp150.3.3.1 | unzip-doc-6.00-lp150.3.3.1.x86_64.rpm |
| openSUSE Leap | 15.0 | x86_64 | unzip | < 6.00-lp150.3.3.1 | unzip-6.00-lp150.3.3.1.x86_64.rpm |
| openSUSE Leap | 15.0 | x86_64 | unzip-debugsource | < 6.00-lp150.3.3.1 | unzip-debugsource-6.00-lp150.3.3.1.x86_64.rpm |
| openSUSE Leap | 15.0 | i586 | unzip-debugsource | < 6.00-lp150.3.3.1 | unzip-debugsource-6.00-lp150.3.3.1.i586.rpm |
| openSUSE Leap | 15.0 | i586 | unzip-debuginfo | < 6.00-lp150.3.3.1 | unzip-debuginfo-6.00-lp150.3.3.1.i586.rpm |
| openSUSE Leap | 15.0 | x86_64 | unzip-rcc | < 6.00-lp150.3.3.1 | unzip-rcc-6.00-lp150.3.3.1.x86_64.rpm |
Related
nessus
nessus
openSUSE Security Update : unzip (openSUSE-2019-509)
2019-03-27 00:00:00
openSUSE Security Update : unzip (openSUSE-2018-709)
2018-07-09 00:00:00
SUSE SLED15 / SLES15 Security Update : unzip (SUSE-SU-2018:1883-1)
2019-01-02 00:00:00
openvas
openvas
openSUSE: Security Advisory for unzip (openSUSE-SU-2018:1914-1)
2018-10-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:1883-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:0465-1)
2021-06-09 00:00:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2018-2.0-0052
2018-06-01 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2018-1.0-0144
2018-06-01 00:00:00
Important Photon OS Security Update - PHSA-2018-0052
2018-06-01 00:00:00
checkpoint_advisories
checkpoint_advisories
InfoZip UnZip Buffer Overflow (CVE-2018-1000035)
2022-09-18 00:00:00
Unzip Extra Field Uncompressed Size Buffer Overflow (CVE-2014-9636)
2015-04-20 00:00:00
prion
prion
Heap overflow
2018-02-09 23:29:00
Out-of-bounds
2015-02-06 15:59:00
osv
osv
unzip - security update
2020-01-28 00:00:00
CVE-2018-1000035
2018-02-09 23:29:01
unzip - security update
2015-02-07 00:00:00
debiancve
debiancve
CVE-2018-1000035
2018-02-09 23:29:00
CVE-2014-9636
2015-02-06 15:59:00
cbl_mariner
cbl_mariner
CVE-2018-1000035 affecting package unzip 6.0-19
2020-10-08 18:09:51
CVE-2018-1000035 affecting package unzip 6.0-20
2024-03-19 17:21:46
CVE-2018-1000035 affecting package unzip 6.0-20
2022-04-09 06:51:51
fedora
fedora
[SECURITY] Fedora 27 Update: unzip-6.0-37.fc27
2018-03-06 17:36:06
[SECURITY] Fedora 20 Update: unzip-6.0-15.fc20
2015-01-30 04:35:06
[SECURITY] Fedora 21 Update: unzip-6.0-18.fc21
2015-01-28 19:58:39
ubuntucve
ubuntucve
CVE-2018-1000035
2018-02-09 00:00:00
CVE-2014-9636
2014-12-31 00:00:00
debian
debian
[SECURITY] [DLA 2082-1] unzip security update
2020-01-28 21:18:22
[SECURITY] [DSA 3152-1] unzip security update
2015-02-03 15:04:37
[SECURITY] [DLA 150-1] unzip security update
2015-02-07 13:51:00
alpinelinux
alpinelinux
CVE-2018-1000035
2018-02-09 23:29:00
CVE-2014-9636
2015-02-06 15:59:00
redhatcve
redhatcve
CVE-2018-1000035
2018-02-08 09:19:14
veracode
veracode
Denial Of Service(DoS)
2020-12-17 06:43:42
Denial Of Service (DoS)
2019-05-02 05:17:42
cve
cve
CVE-2018-1000035
2018-02-09 23:29:00
CVE-2014-9636
2015-02-06 15:59:00
ubuntu
ubuntu
unzip vulnerability
2015-02-03 00:00:00
unzip vulnerabilities
2020-12-16 00:00:00
freebsd
freebsd
unzip -- out of boundary access issues in test_compr_eb
2014-11-02 00:00:00
archlinux
archlinux
unzip: arbitrary code execution
2015-03-15 00:00:00
suse
suse
Security update for unzip (moderate)
2018-10-05 21:18:21
gentoo
gentoo
UnZip: User-assisted execution of arbitrary code
2020-03-26 00:00:00
UnZip: Multiple vulnerabilities
2016-11-01 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3152-1] unzip security update
2015-02-11 00:00:00
UnZip multiple security vulnerabilities
2015-02-22 00:00:00
amazon
amazon
Important: unzip
2021-02-17 18:14:00
Medium: unzip
2015-04-15 21:48:00
ibm
ibm
redhat
redhat
(RHSA-2015:0700) Moderate: unzip security update
2015-03-18 00:00:00
oraclelinux
oraclelinux
unzip security update
2015-03-18 00:00:00
centos
centos
unzip security update
2015-03-18 18:53:06
rosalinux
rosalinux
Advisory ROSA-SA-2021-1991
2021-07-02 18:18:35
cloudfoundry
cloudfoundry
USN-4672-1: unzip vulnerabilities | Cloud Foundry
2021-02-10 00:00:00
mageia
mageia
Updated unzip packages fix security vulnerabilities
2018-10-30 21:01:43
packetstorm
packetstorm
InfoZip UnZip 6.00 / 6.1c22 Buffer Overflow
2018-02-07 00:00:00
slackware
slackware
[slackware-security] infozip
2019-03-01 20:58:06