| Revision Date: | 2019-12-19 | Version: | 1 |
| Title: | Security update for zziplib (Moderate) |
| Description: |
This update for zziplib fixes the following issues:
Security issues fixed:
- CVE-2018-16548: Avoid a memory leak from __zzip_parse_root_directory() which could lead to denial of service. (bsc#1107424) - CVE-2018-7727: Fixed a memory leak in unzzip_cat() (bsc#1084515).
Non-security issue fixed:
- Prevented division by zero by first checking if uncompressed size is 0. This may happen with directories which have a compressed and uncompressed size of 0. (bsc#1129403)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1084515
1107424
1129403
CVE-2018-16548
CVE-2018-7727
SUSE-SU-2019:3341-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 12 SP4
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP4 is installed AND libzzip-0-13-0.13.67-10.25.1 is installed
|