oss-sec mailing list archives
Re: Heap overflow and DoS in unzip 6.0
From: Hanno Böck <hanno () hboeck de>
Date: Tue, 15 Sep 2015 18:38:42 +0200
On Tue, 15 Sep 2015 13:10:17 -0300 Gustavo Grieco <gustavo.grieco () gmail com> wrote:
AFAIK, upstream is still working on the heap overflow issue (the DoS is fixed in the last unzip beta). In concrete, they said:
Actually talking about upstream: The state of the info-zip packages is pretty dismal. There are issues from 2009(!) that haven't seen a fix yet, at least not in a release: http://www.info-zip.org/phpBB3/viewtopic.php?f=7&t=267 Are you in contact with upstream? -- Hanno Böck http://hboeck.de/ mail/jabber: hanno () hboeck de GPG: BBB51E42
Attachment:
_bin
Description: OpenPGP digital signature
Current thread:
- Heap overflow and DoS in unzip 6.0 Gustavo Grieco (Sep 07)
- Re: Heap overflow and DoS in unzip 6.0 Stefan Cornelius (Sep 15)
- Re: Heap overflow and DoS in unzip 6.0 Gustavo Grieco (Sep 15)
- Re: Heap overflow and DoS in unzip 6.0 Hanno Böck (Sep 15)
- Re: Heap overflow and DoS in unzip 6.0 Gustavo Grieco (Sep 15)
- Re: Heap overflow and DoS in unzip 6.0 Mark Felder (Sep 17)
- Re: Heap overflow and DoS in unzip 6.0 Stefan Cornelius (Sep 21)
- Re: Heap overflow and DoS in unzip 6.0 Gustavo Grieco (Sep 15)
- Re: Heap overflow and DoS in unzip 6.0 Stefan Cornelius (Sep 15)