Summary: | <app-arch/unzip-6.0_p21-r2: buffer overflow in ZipInfo (CVE-2016-9844) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Ian Zimmerman <nobrowser> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | CC: | base-system, slawomir.nizio | ||||
Priority: | Normal | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://www.openwall.com/lists/oss-security/2016/12/05/13 | ||||||
Whiteboard: | A4 [noglsa cve] | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Ian Zimmerman
2016-12-08 23:42:14 UTC
Created attachment 455550 [details, diff]
patch constrcuted according to the discussion on oss-security
Patch is in the Debian patchset which Gentoo ships: 19-cve-2016-9844-zipinfo-buffer-overflow.patch @base-system, please clean vulnerable |