[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2859-1] zziplib security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2859-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
December 28, 2021                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : zziplib
Version        : 0.13.62-3.2~deb9u2
CVE ID         : CVE-2020-18442


An issue has been found in zziplib, a library providing read access on ZIP-archive. Because of mishandling a return value, an attacker might cause a denial of service due to an infinite loop.


For Debian 9 stretch, this problem has been fixed in version
0.13.62-3.2~deb9u2.

We recommend that you upgrade your zziplib packages.

For the detailed security status of zziplib please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/zziplib

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmHKUUBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEe1PxAArwOdcfFQxbr/586cZqUEpmevI9yqf9W4DVNgwjyXybyLDRJmFJP31Dbm
77FwZ+7qtbJDcfxRzVYdoT81asXlwHOyrGiKlLkU7ahkAGsI+qmyo3nwqtForOyd
z3DZZEJ5EObpr9P395ei15fwxmCgHB83Nb6LuBkDprK1uGLjq0azMX3A2sn+68u/
6avr/xM2fV8ytUGX5hYV4nhMi8JC9v++0wiTpPNpCvDlJUae3HjgG6oqKA31/GYd
rSaFifYsMtljiIgQt0qo4yPkCJHac5wnn+bQu46OHuwEHww0IpNzvRoIHul3wszu
/sS6cpnTQbmTsO9l7sF16/3KmkPxMQryohgCKh5b0ANwOv3BxKb3OEavU0Tqnxo3
D32jimwtptvrFsi+2HMVO3B6bAlcnjKpEj7J2/CyzKzk552Vjbfb8AhRKypiLXKf
Wa9xoGVR+cm7B2aHtqSQ9vhLd1K7oPHXVxrhzz87vvFg4IsMHlLRSwkbzIZ/SnZB
LDHL/Gpi0L4IE8DyTtnOArk6+ZLzU/4ggLGKIMwAl51laMl6XD/rRRduPLNUMu3z
Pc8tjfRc97eqk9Lagky5NHK3gvCz3UR8WCqV6a+FbckwbAes1nEuF4eVr5BTl7qi
BwAvPHPkZG+awCzT8tj9EBrc6TP80o6KswcxSl4VWBCWP3yhAfw=
=56tm
-----END PGP SIGNATURE-----


Reply to: