CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2015/02/06 14:37:04
Modified files:
archivers/unzip: Makefile
archivers/unzip/patches: patch-process_c
Added files:
archivers/unzip/patches: patch-extract_c patch-fileio_c
Log message:
Security fixes:
CVE-2014-8139: CRC32 verification heap-based overflow
CVE-2014-8140: out-of-bounds write issue in test_compr_eb()
CVE-2014-8141: out-of-bounds read issues in getZip64Data()
CVE-2014-9636: out-of-bounds read/write in test_compr_eb()
Via Debian; ok sthen@
