Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

Scientific Linux SL7: SLSA-2018-3229-1 Low Severity zziplib Crashes

Scientific Large Esm H446
zziplib: out of bound read in mmapped.c:zzip_disk_fread() causes crash (CVE-2018-7725) * zziplib: Bus error in zip.c:__zzip_parse_root_directory() cause crash via crafted zip file (CVE-2018-7726) * zziplib: Memory leak in memdisk.c:zzip_mem_disk_new() can lead to denial of service via crafted zip (CVE-2018-7727) SL7 x86_64 zziplib-0.13.62-9.el7.i686.rpm zziplib-0.13.62-9.el7.x86_6 [More...]
Synopsis:          Low: zziplib security update
Advisory ID:       SLSA-2018:3229-1
Issue Date:        2018-10-30
CVE Numbers:       CVE-2018-7725
                   CVE-2018-7726
                   CVE-2018-7727
--

Security Fix(es):

* zziplib: out of bound read in mmapped.c:zzip_disk_fread() causes crash
(CVE-2018-7725)

* zziplib: Bus error in zip.c:__zzip_parse_root_directory() cause crash
via crafted zip file (CVE-2018-7726)

* zziplib: Memory leak in memdisk.c:zzip_mem_disk_new() can lead to denial
of service via crafted zip (CVE-2018-7727)
--

SL7
  x86_64
    zziplib-0.13.62-9.el7.i686.rpm
    zziplib-0.13.62-9.el7.x86_64.rpm
    zziplib-debuginfo-0.13.62-9.el7.i686.rpm
    zziplib-debuginfo-0.13.62-9.el7.x86_64.rpm
    zziplib-devel-0.13.62-9.el7.i686.rpm
    zziplib-devel-0.13.62-9.el7.x86_64.rpm
    zziplib-utils-0.13.62-9.el7.x86_64.rpm

- Scientific Linux Development Team