- ------------------------------------------------------------------------- Debian LTS Advisory DLA-2858-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz December 28, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : libzip Version : 1.1.2-1.1+deb9u1 CVE ID : CVE-2017-14107 An issue has been found in libzip, a library for reading, creating, and modifying zip archives. Crafted ZIP archives could allow remote attackers to cause denial of service due to memorey allocation failure by mishandling EOCD records. For Debian 9 stretch, this problem has been fixed in version 1.1.2-1.1+deb9u1. We recommend that you upgrade your libzip packages. For the detailed security status of libzip please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libzip Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Debian LTS: DLA-2858-1: libzip security update
December 27, 2021
An issue has been found in libzip, a library for reading, creating, and modifying zip archives
Summary
An issue has been found in libzip, a library for reading, creating, and
modifying zip archives.
Crafted ZIP archives could allow remote attackers to cause denial of
service due to memorey allocation failure by mishandling EOCD records.
For Debian 9 stretch, this problem has been fixed in version
1.1.2-1.1+deb9u1.
We recommend that you upgrade your libzip packages.
For the detailed security status of libzip please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libzip
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Severity
Package : libzip
Version : 1.1.2-1.1+deb9u1
CVE ID : CVE-2017-14107
News
HOWTOs
About Us
Powered By
Get Customized Security Advisories that Impact You Directly Create My Customized Advisories Now >>
To stay up-to-date on the latest open-source security news, feature articles and Linux distribution security advisories Subscribe to Our Newsletters!