On 04.10.2018 23:14, Salvatore Bonaccorso wrote: > Source: zziplib > Version: 0.13.62-3 > Severity: normal > Tags: security upstream > Forwarded: https://github.com/gdraheim/zziplib/issues/58 > > Hi, > > The following vulnerability was published for zziplib. > > CVE-2018-16548[0]: > | An issue was discovered in ZZIPlib through 0.13.69. There is a memory > | leak triggered in the function __zzip_parse_root_directory in zip.c, > | which will lead to a denial of service attack. > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
I'm sorry. It's the same here. Thanks for the reminder. Josef > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2018-16548 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16548 > [1] https://github.com/gdraheim/zziplib/issues/58 > > Regards, > Salvatore >