Oval Definition:oval:org.opensuse.security:def:110999
Revision Date:2021-08-10Version:1
Title:Security update for apache-commons-compress (Important)
Description:

This update for apache-commons-compress fixes the following issues:

- Updated to 1.21 - CVE-2021-35515: Fixed an infinite loop when reading a specially crafted 7Z archive. (bsc#1188463) - CVE-2021-35516: Fixed an excessive memory allocation when reading a specially crafted 7Z archive. (bsc#1188464) - CVE-2021-35517: Fixed an excessive memory allocation when reading a specially crafted TAR archive. (bsc#1188465) - CVE-2021-36090: Fixed an excessive memory allocation when reading a specially crafted ZIP archive. (bsc#1188466)

This update was imported from the SUSE:SLE-15-SP2:Update update project.
Family:unixClass:patch
Status:Reference(s):1188463
1188464
1188465
1188466
CVE-2021-35515
CVE-2021-35516
CVE-2021-35517
CVE-2021-36090
openSUSE-SU-2021:1115-1
Platform(s):openSUSE Leap 15.2
Product(s):
Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • apache-commons-compress-1.21-lp152.2.3.1 is installed
  • OR apache-commons-compress-javadoc-1.21-lp152.2.3.1 is installed
    • BACK