Accepted unzip 5.52-6ubuntu2 (source)
Martin Pitt
martin.pitt at ubuntu.com
Fri Feb 10 19:35:06 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 10 Feb 2006 20:14:01 +0100
Source: unzip
Binary: unzip
Architecture: source
Version: 5.52-6ubuntu2
Distribution: dapper
Urgency: low
Maintainer: Santiago Vila <sanvila at debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
unzip - De-archiver for .zip files
Changes:
unzip (5.52-6ubuntu2) dapper; urgency=low
.
* SECURITY UPDATE: Arbitrary code execution on specially crafted long file
names (which should not happen in many scenarios, though).
* unzpriv.h, Info macro:
- Use snprintf() instead of sprintf() as inner formatting function.
- Use fputs() instead of fprintf() as outer function to ignore leftover
format strings which might not have been substituted in the inner
snprintf().
- Throw away the three different implementations of that macro and use
just one safe one.
- CVE-2005-4667
Files:
fa84fa30a84ff9cc3d05f5c18f29415e 531 utils optional unzip_5.52-6ubuntu2.dsc
3832784bc5aef49d2057166b6f47fe79 11499 utils optional unzip_5.52-6ubuntu2.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFD7ObZDecnbV4Fd/IRAuGRAJ9lK8Tksnr7xz9lnizplc6FWVND8wCgrWo3
GNu5RWiMF45GtnVOJH7rCII=
=MqB+
-----END PGP SIGNATURE-----
Accepted:
OK: unzip_5.52-6ubuntu2.dsc
-> Component: main Section: utils
OK: unzip_5.52-6ubuntu2.diff.gz
More information about the dapper-changes
mailing list