Updated zlib packages fix a security vulnerability
Publication date: 30 Jan 2024Modification date: 30 Jan 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2014-9485
Description
Updated zlib packages fix a security vulnerability: Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive.
References
SRPMS
9/core
- zlib-1.2.13-1.2.mga9