MGASA-2021-0033 - Updated unzip package fixes a security vulnerability Publication date: 17 Jan 2021 URL: https://advisories.mageia.org/MGASA-2021-0033.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-13232 Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue (CVE-2019-13232). References: - https://bugs.mageia.org/show_bug.cgi?id=25076 - https://access.redhat.com/errata/RHSA-2020:1787 - https://ubuntu.com/security/notices/USN-4672-1 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13232 SRPMS: - 7/core/unzip-6.0-1.mga7
Mageia 2021-0033: unzip security update
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a "better zip bomb" issue (CVE-2019-13232)
Summary
CVE: CVE-2019-13232
Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container,
leading to denial of service (resource consumption), aka a "better zip bomb"
issue (CVE-2019-13232).
Resolution
MGASA-2021-0033 - Updated unzip package fixes a security vulnerability
References
- https://bugs.mageia.org/show_bug.cgi?id=25076
- https://access.redhat.com/errata/RHSA-2020:1787
- https://ubuntu.com/security/notices/USN-4672-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13232
Severity
Issued Date: 17 Jan 2021
URL: https://advisories.mageia.org/MGASA-2021-0033.html
Type: security
Affected Mageia releases: 7
News
HOWTOs
Features
Secure Linux Hosting for Businesses
What Is Threat Intelligence?
CloudLinux Simplifies & Enhances Linux Security with its TuxCare Unified Enterprise Support Services
LinuxSecurity, Leading Provider of Linux Security News and Information, Unveils its New Website
Biden's New Executive Cybersecurity Order Highlights the Power of Open-Source Security
About Us
Powered By
