Advisories » MGASA-2024-0167

Updated zziplib packages fix security vulnerability

Publication date: 09 May 2024
Modification date: 09 May 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2020-18770

Description

An issue was discovered in function zzip_disk_entry_to_file_header in
mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service.
(CVE-2020-18770)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33169
• https://lwn.net/Articles/971664/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18770

SRPMS

9/core

• zziplib-0.13.72-2.1.mga9