[ubuntu/vivid-updates] unzip 6.0-13ubuntu3.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu Oct 29 17:28:11 UTC 2015

unzip (6.0-13ubuntu3.1) vivid-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible code execution via
    heap overflow
    - debian/patches/14-cve-2015-7696: add check to crypt.c.
    - CVE-2015-7696
  * SECURITY UPDATE: infinite loop when extracting empty bzip2 data
    - debian/patches/15-cve-2015-7697: check for empty input in extract.c.
    - CVE-2015-7697
  * SECURITY UPDATE: unsigned overflow on invalid input
    - debian/patches/16-fix-integer-underflow-csiz-decrypted: make sure
      csiz_decrypted doesn't overflow in extract.c.
    - No CVE number

Date: 2015-10-29 14:39:38.128616+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Vivid-changes mailing list