Summary: | <app-arch/unzip-6.0_p27: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | filip ambroz <filip.ambroz> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | base-system, sam |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1957077 | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=866386 | ||
Whiteboard: | A2 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 867352 | ||
Bug Blocks: |
Description
filip ambroz
2022-01-14 12:47:30 UTC
CVE-2022-0530 (https://bugzilla.redhat.com/show_bug.cgi?id=2051395): A flaw was found in unzip 6.0. The vulnerability occurs during the conversion of an utf-8 string to a local string that leads to a segmentation fault. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. Red Hat has seemingly made this bug semi-public without publicizing details about a fix. CVE-2022-0529 (https://bugzilla.redhat.com/show_bug.cgi?id=2051402): A flaw was found in unzip 6.0. The vulnerability occurs during the conversion of wide string to local string that leads to a heap of out-of-bound writes. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bff42a923fb9b8ce5af167cc3032420d4a666307 commit bff42a923fb9b8ce5af167cc3032420d4a666307 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-08-25 02:18:16 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-08-25 02:19:14 +0000 app-arch/unzip: add 6.0_p27 Contains patches for CVE-2022-0529, CVE-2022-0530 (bug 831190) and for a unicode issue which *might* be CVE-2021-4217 (bug 866386). Bug: https://bugs.gentoo.org/866386 Bug: https://bugs.gentoo.org/831190 Signed-off-by: Sam James <sam@gentoo.org> app-arch/unzip/Manifest | 1 + app-arch/unzip/unzip-6.0_p27.ebuild | 93 +++++++++++++++++++++++++++++++++++++ 2 files changed, 94 insertions(+) Please cleanup Deliberately not filing a GLSA yet as it's uncertain all of the outstanding vulnerabilities for this package are fixed. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a73b8193b39630b9d17a4c66adde3dd0b7cefcd9 commit a73b8193b39630b9d17a4c66adde3dd0b7cefcd9 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-12-26 08:15:01 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-12-26 08:32:53 +0000 app-arch/unzip: drop 6.0_p26 Bug: https://bugs.gentoo.org/831190 Signed-off-by: Sam James <sam@gentoo.org> app-arch/unzip/Manifest | 1 - app-arch/unzip/unzip-6.0_p26.ebuild | 88 ------------------------------------- 2 files changed, 89 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=d44fbd3569e6b230de77614e030e307f7362fbeb commit d44fbd3569e6b230de77614e030e307f7362fbeb Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-10-30 09:22:56 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2023-10-30 09:23:35 +0000 [ GLSA 202310-17 ] UnZip: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/831190 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202310-17.xml | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) |