Summary: | <app-arch/unzip-6.0_p20: out-of-bounds read/write in test_compr_eb() in extract.c | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | base-system |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1184985 | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 528082 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2015-01-23 08:54:59 UTC
CVE-2014-9636 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9636): unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. There looks to be a link to the patch that was accepted upstream on the RedHat page in URL. Please take a look. per previous comments and links patch is available upstream, please bump fixed w/Debian patchset. should be fine for stable. https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f65df71cdc392f85fd95ad5b8ef1508434e2a239 This issue was resolved and addressed in GLSA 201611-01 at https://security.gentoo.org/glsa/201611-01 by GLSA coordinator Aaron Bauman (b-man). |