| Revision Date: | 2018-04-11 | Version: | 1 |
| Title: | Security update for zziplib (Low) |
| Description: |
This update for zziplib fixes the following issues:
Security issues fixed:
- CVE-2018-7726: There is a bus error caused by the__zzip_parse_root_directory function of zip.c. Attackers could leverage thisvulnerability to cause a denial of service (bsc#1084517). - CVE-2018-7725: An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service (bsc#1084519).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1084517
1084519
CVE-2018-7725
CVE-2018-7726
SUSE-SU-2018:0919-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 12 SP3
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP3 is installed AND libzzip-0-13-0.13.67-10.8.1 is installed
|