Univention Bugzilla – Attachment 6959 Details for
Bug 37413
unzip: Multiple issues (ES 3.1)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
unzip extsec3.1 Advisory
37413_unzip-extsec31.txt (text/plain), 951 bytes, created by
Philipp Hahn
on 2015-06-12 13:21:48 CEST
(
hide
)
Description:
unzip extsec3.1 Advisory
Filename:
MIME Type:
Creator:
Philipp Hahn
Created:
2015-06-12 13:21:48 CEST
Size:
951 bytes
patch
obsolete
>A new update is available for Univention Corporate Server 3.1 as >part of the extended security maintenance. >It addresses the following problem: > >Program component: unzip >Reference: CVE-2014-8139 > CVE-2014-8140 > CVE-2014-8141 > CVE-2014-9636 >Fixed version: 6.0-4.31.201506121311 > >It addresses the following issues: >* CVE-2014-8139: CRC32 verification heap-based overflow >* CVE-2014-8140: out-of-bounds write issue in test_compr_eb() >* CVE-2014-8141: out-of-bounds read issues in getZip64Data() >* CVE-2014-9636: Fix heap overflow. Ensure that compressed > and uncompressed block sizes match when using STORED method > in extract.c. > >-- >Univention GmbH >be open. >Mary-Somerville-Str.1 >28359 Bremen >Tel. : +49 421 22232-0 >Fax : +49 421 22232-99 > ><info@univention.de> >http://www.univention.de/ > >Geschäftsführer: Peter H. Ganten >HRB 20755 Amtsgericht Bremen >Steuer-Nr.: 71-597-02876
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=6959">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 37413
: 6959