Updated unzip package fixes security vulnerabilities
Publication date: 31 Dec 2014Modification date: 31 Dec 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-8139 , CVE-2014-8140 , CVE-2014-8141
Description
Updated unzip package fix security vulnerabilities:
The unzip command line tool is affected by heap-based buffer overflows within
the CRC32 verification (CVE-2014-8139), the test_compr_eb() (CVE-2014-8140)
and the getZip64Data() (CVE-2014-8141) functions. The input errors may result
in in arbitrary code execution. A specially crafted zip file, passed to the
command unzip -t, can be used to trigger the vulnerability.
OOB access (both read and write) issues also exist in test_compr_eb()
that can result in application crash or other unspecified impact. A
specially crafted zip file, passed to the command unzip -t, can be used to
trigger the issues.
References
- https://bugs.mageia.org/show_bug.cgi?id=14872
- http://www.ocert.org/advisories/ocert-2014-011.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1174844
- https://bugzilla.redhat.com/show_bug.cgi?id=1174851
- https://bugzilla.redhat.com/show_bug.cgi?id=1174856
- http://openwall.com/lists/oss-security/2014/12/22/12
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141
SRPMS
4/core
- unzip-6.0-7.2.mga4