oss-sec mailing list archives
Re: more unzip issues
From: Alexander Cherepanov <cherepan () mccme ru>
Date: Mon, 03 Nov 2014 15:35:19 +0300
On 2014-11-03 14:14, Hanno Böck wrote:
Surfing the upstream forum I saw that there are two further buffer overflows which didn't get a release yet: http://www.info-zip.org/phpBB3/viewtopic.php?f=7&t=437 http://www.info-zip.org/phpBB3/viewtopic.php?f=7&t=267 (these two seem to refer to the same issue) Also here: https://bugzilla.redhat.com/show_bug.cgi?id=532380 http://bugs.debian.org/744212 And this one: http://www.info-zip.org/phpBB3/viewtopic.php?f=7&t=432 Should they get CVEs? (I was kind of surprised that on my Gentoo system the samples crashed although these issues were several months old)
https://bugzilla.redhat.com/show_bug.cgi?id=532380 is from 2009. -- Alexander Cherepanov
Current thread:
- more unzip issues Hanno Böck (Nov 03)
- Re: more unzip issues Alexander Cherepanov (Nov 03)