MGASA-2018-0362 - Updated quazip packages fix security vulnerability Publication date: 31 Aug 2018 URL: https://advisories.mageia.org/MGASA-2018-0362.html Type: security Affected Mageia releases: 6 CVE: CVE-2018-1002209 Updated quazip packages fix security vulnerability: A vulnerability has been found in the way developers have implemented the archive extraction of files. An arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar,xz, war, cpio, 7z), that holds path traversal filenames. So when the filename gets concatenated to the target extraction directory, the final path ends up outside of the target folder. Of course if an executable or a configuration file is overwritten with a file containing malicious code, the problem can turn into an arbitrary code execution issue quite easily. This affects multiple libraries that lacks of a high level APIs that provide the archive extraction functionality (CVE-2018-1002209). References: - https://bugs.mageia.org/show_bug.cgi?id=23446 - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TMQZPZKZJRQ6ESHXO5LCLIBYWOJX4HAX/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002209 SRPMS: - 6/core/quazip-0.7.6-1.mga6
Mageia 2018-0362: quazip security update
Updated quazip packages fix security vulnerability: A vulnerability has been found in the way developers have implemented the archive extraction of files
Summary
Updated quazip packages fix security vulnerability:
A vulnerability has been found in the way developers have implemented the
archive extraction of files. An arbitrary file write vulnerability, that
can be achieved using a specially crafted zip archive (affects other
archives as well, bzip2, tar,xz, war, cpio, 7z), that holds path traversal
filenames. So when the filename gets concatenated to the target extraction
directory, the final path ends up outside of the target folder. Of course
if an executable or a configuration file is overwritten with a file
containing malicious code, the problem can turn into an arbitrary code
execution issue quite easily. This affects multiple libraries that lacks of
a high level APIs that provide the archive extraction functionality
(CVE-2018-1002209).
References
- https://bugs.mageia.org/show_bug.cgi?id=23446
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/TMQZPZKZJRQ6ESHXO5LCLIBYWOJX4HAX/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002209
Resolution
MGASA-2018-0362 - Updated quazip packages fix security vulnerability
SRPMS
- 6/core/quazip-0.7.6-1.mga6
Severity
Publication date: 31 Aug 2018
URL: https://advisories.mageia.org/MGASA-2018-0362.html
Type: security
CVE: CVE-2018-1002209
News
HOWTOs
Features
About Us
Powered By
