Fedora 20: FEDORA-2015-4556 Critical: Libzip Integer Overflow Issue
fedora
April 21, 2015
CVE-2015-2331: integer overflow when processing ZIP archives (#1204676,#1204677)
Summary
libzip is a C library for reading, creating, and modifying zip archives. Files
can be added from data buffers, files, or compressed data copied directly from
other zip archives. Changes made without closing the archive can be reverted.
The API is documented by man pages.
Update Information:
CVE-2015-2331: integer overflow when processing ZIP archives (#1204676,#1204677)
Topics Covered
Change Log
* Mon Mar 23 2015 Rex Dieter
References
[ 1 ] Bug #1204676 - CVE-2015-2331 libzip: integer overflow when processing ZIP archives
https://bugzilla.redhat.com/show_bug.cgi?id=1204676
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update libzip' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: libzip
Product: Fedora 20
Version: 0.11.2
Release: 5.fc20
URL: https://libzip.org/
Summary: C library for reading, creating, and modifying zip archives
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!