[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1287-1] zziplib security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : zziplib
Version        : 0.13.56-1.1+deb7u2
CVE ID         : CVE-2018-6869

It was discovered that there was a uncontrolled memory allocation issue
in zziplib, a ZIP archive library. Remote attackers could leverage this
vulnerability to cause a denial of service via a specially-crafted file.

For Debian 7 "Wheezy", this issue has been fixed in zziplib version
0.13.56-1.1+deb7u2.

We recommend that you upgrade your zziplib packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlqMoy8ACgkQHpU+J9Qx
HljLmA//TTNyEPy/DMyS7qsagn6EVj+ydHyt5BziCu2txQVCGxpMrKKpj1taafBP
uPyE3hFTrSZiNFmCpVZ9SwNKafuJ4Y3UNPsVgafw2mnyCCrD/YOviO1QOcxifeV2
RKq5KCeZwnQFx2a1N48KQg5c7K6qVKWYx6ffeLB+7xKZarJLkmRD1fJ10NkikqLx
kachtxi+u8QZg/tk4Az9154lPdvfpZj824OIwo2KJUrajWPQn9rxX0WeC+S1OIjn
z4FzkhPT/cXcqGYXSyLFNk4uF9U2A9pl6ovdBK8fqhcRqZUumoo/MS5XnruZ3jJm
khqCtb/QYKOT7hNj33Mj1Bq5GcFkf9APQrzIKX0SA2LRWuZ+fG9/U8YOyO6JGQH5
XWSN9MI2PuZsW8keo6s9oYkg1HiUSsZWxk3j31A6TLBA59knvK1V8uauONlGqP/B
V2/eS/AH8Sz6abwH5pPm+Fk6uTGzzymTMf4fHb94+4wTwjdXXj7zlE2Q7xt2UfqD
Es9/wr5LEiO0K3isL02WKDdEf/Tx0DC5FZP5Widq5yAoxkHf73CnI7leXa1cSCLG
z+bpb3Q5lgZjtg85qHCpvpNgypdApZraluNnWqss5OJ+Qen6lJH9wcwzOO5O2Oog
4LrL8xzGCerCmO5MdWrURpoBOiN1fbVBy1J+4RZwElq+44h856M=
=3l9/
-----END PGP SIGNATURE-----


Reply to: