[Bug 1820524] Re: Sync zziplib 0.13.62-3.2 (main) from Debian unstable (main)
Dmitry Shachnev
mitya57 at gmail.com
Mon Mar 18 09:24:01 UTC 2019
This bug was fixed in the package zziplib - 0.13.62-3.2
Sponsored for Logan Rosen (logan)
---------------
zziplib (0.13.62-3.2) unstable; urgency=medium
* Non-maintainer upload.
* Invalid memory access in zzip_disk_fread (CVE-2018-6381) (Closes: #889096)
* Reject the ZIP file and report it as corrupt if the size of the central
directory and/or the offset of start of central directory point beyond the
end of the ZIP file (CVE-2018-6484, CVE-2018-6541, CVE-2018-6869)
(Closes: #889089)
* bus error in zzip_disk_findfirst function in zzip/mmapped.c
(CVE-2018-6540) (Closes: #923659)
* out of bound read in mmapped.c:zzip_disk_fread() causes crash
(CVE-2018-7725) (Closes: #913165)
* Bus error in zip.c:__zzip_parse_root_directory() cause crash via crafted
zip file (CVE-2018-7726) (Closes: #913165)
* Memory leak triggered in the function __zzip_parse_root_directory in zip.c
(CVE-2018-16548) (Closes: #910335)
-- Salvatore Bonaccorso <carnil at debian.org> Mon, 04 Mar 2019 22:43:14
+0100
** Changed in: zziplib (Ubuntu)
Status: New => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16548
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6381
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6484
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6540
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6541
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6869
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-7725
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-7726
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1820524
Title:
Sync zziplib 0.13.62-3.2 (main) from Debian unstable (main)
Status in zziplib package in Ubuntu:
Fix Released
Bug description:
Please sync zziplib 0.13.62-3.2 (main) from Debian unstable (main)
Explanation of the Ubuntu delta and why it can be dropped:
* SECURITY UPDATE: invalid mem access in zzip_disk_fread
- debian/patches/CVE-2018-6381.patch: check sizes in zzip/memdisk.c.
- CVE-2018-6381
* SECURITY UPDATE: alignment and bus errors in __zzip_fetch_disk_trailer
- debian/patches/CVE-2018-6484.patch: check sizes in zzip/zip.c.
- CVE-2018-6484
- CVE-2018-6541
- CVE-2018-6869
* SECURITY UPDATE: bus error in zzip_disk_findfirst
- debian/patches/CVE-2018-6540.patch: check endbuf in zzip/mmapped.c.
- CVE-2018-6540
* SECURITY UPDATE: invalid memory dereference
- debian/patches/CVE-2018-7725.patch: check zlib space in
zzip/memdisk.c, zzip/mmapped.c.
- CVE-2018-7725
* SECURITY UPDATE: bus error in __zzip_parse_root_directory
- debian/patches/CVE-2018-7726-1.patch: check rootseek and rootsize in
zzip/zip.c.
- debian/patches/CVE-2018-7726-2.patch: check rootseek in zzip/zip.c.
- debian/patches/CVE-2018-7726-3.patch: check zz_rootsize in
zzip/zip.c.
- CVE-2018-7726
All CVE fixes are now in Debian, plus one new one (for CVE-2018-16548) that we don't currently have.
Changelog entries since current disco version 0.13.62-3.1ubuntu1:
zziplib (0.13.62-3.2) unstable; urgency=medium
* Non-maintainer upload.
* Invalid memory access in zzip_disk_fread (CVE-2018-6381) (Closes: #889096)
* Reject the ZIP file and report it as corrupt if the size of the central
directory and/or the offset of start of central directory point beyond the
end of the ZIP file (CVE-2018-6484, CVE-2018-6541, CVE-2018-6869)
(Closes: #889089)
* bus error in zzip_disk_findfirst function in zzip/mmapped.c
(CVE-2018-6540) (Closes: #923659)
* out of bound read in mmapped.c:zzip_disk_fread() causes crash
(CVE-2018-7725) (Closes: #913165)
* Bus error in zip.c:__zzip_parse_root_directory() cause crash via crafted
zip file (CVE-2018-7726) (Closes: #913165)
* Memory leak triggered in the function __zzip_parse_root_directory in zip.c
(CVE-2018-16548) (Closes: #910335)
-- Salvatore Bonaccorso <carnil at debian.org> Mon, 04 Mar 2019
22:43:14 +0100
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/zziplib/+bug/1820524/+subscriptions
More information about the Ubuntu-sponsors
mailing list