[ubuntu/lucid-updates] unzip 6.0-1ubuntu0.1 (Accepted)

Ubuntu Archive Robot Wed, 14 Jan 2015 12:58:38 -0800

unzip (6.0-1ubuntu0.1) lucid-security; urgency=medium

  * SECURITY UPDATE: CRC32 verification heap-based overflow
    - extract.c: check extra block length.
    - CVE-2014-8139
  * SECURITY UPDATE: out-of-bounds write issue in test_compr_eb()
    - extract.c: properly validate sizes.
    - CVE-2014-8140
  * SECURITY UPDATE: out-of-bounds read issues in getZip64Data()
    - fileio.c: validate extra fields.
    - process.c: check sizes.
    - CVE-2014-8141


Date: 2015-01-07 21:22:26.263650+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
Signed-By: Ubuntu Archive Robot 
<cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/unzip/6.0-1ubuntu0.1

Sorry, changesfile not available.

-- 
Lucid-changes mailing list
Lucid-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/lucid-changes

[ubuntu/lucid-updates] unzip 6.0-1ubuntu0.1 (Accepted)

Reply via email to