Advisories ยป MGASA-2017-0015

Updated unzip package fixes security vulnerabilities

Publication date: 13 Jan 2017
Modification date: 13 Jan 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2014-9913 , CVE-2016-9844

Description

It was discovered that "unzip -l" (CVE-2014-9913) and "zipinfo"
(CVE-2016-9844) were vulnerable to buffer overflows when provided
malformed or maliciously-crafted ZIP files.
                

References

SRPMS

5/core