Fedora 23: FEDORA-2015-15273 Critical: Php-Pecl-Zip Directory Traversal
fedora
September 19, 2015
Upstream change, **Version 1.13** * update bundled libzip to 1.0.1 (Remi, Anatol) * new methods for ZipArchive: setCompressionName, setCompressionIndex (Cedric Delmas) * allow to b...
Summary
Zip is an extension to create and read zip files.
Update Information:
Upstream change, **Version 1.13** * update bundled libzip to 1.0.1 (Remi, Anatol) * new methods for ZipArchive: setCompressionName, setCompressionIndex (Cedric Delmas) * allow to build with PHP 7 * Fixed bug 70350 (ZipArchive::extractTo allows for directory traversal when creating directories). (neal at fb dot com) * Fixed bug 70322 (ZipArchive::close() doesn't indicate errors). (cmb)
Topics Covered
Change Log
References
[ 1 ] Bug #1260716 - php: ZipArchive::extractTo allows for directory traversal when creating directories
https://bugzilla.redhat.com/show_bug.cgi?id=1260716
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update php-pecl-zip' at the command line. For more information, refer to "Managing Software with yum", available at .
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: php-pecl-zip
Product: Fedora 23
Version: 1.13.1
Release: 1.fc23
URL: Summary : A ZIP archive management extension
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!