Advisories ยป MGASA-2023-0312

Updated zlib packages fix a security vulnerability

Publication date: 09 Nov 2023
Modification date: 09 Nov 2023
Type: security
Affected Mageia releases : 8 , 9
CVE: CVE-2023-45853

Description

The updated packages fix a security vulnerability:

MiniZip in zlib through 1.3 has an integer overflow and resultant
heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long
filename, comment, or extra field. (CVE-2023-45853)
                

References

SRPMS

9/core

8/core