FEDORA-2017-7bd193c0ed created by remi 2 years ago for Fedora 27
stable

Version 1.3.0

It contains fixes for two possible security problems. The problems were identified by Brian 'geeknik' Carpenter and Agostino Sarubbo using AFL.

The changes are:

  • Support bzip2 compressed zip archives
  • Improve file progress callback code
  • Fix zip_fdopen()
  • CVE-2017-12858: Fix double free().
  • CVE-2017-14107: Improve EOCD64 parsing.

How to install

sudo dnf upgrade --advisory=FEDORA-2017-7bd193c0ed
This update has been submitted for testing by remi. 2 years ago
User Icon besser82 commented & provided feedback 2 years ago
karma

WFM!

BZ#1484515 CVE-2017-12858 libzip: Double free in _zip_dirent_read function in zip_dirent.c [fedora-all]
This update has been pushed to testing. 2 years ago
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes 2 years ago
This update has been submitted for stable by remi. 2 years ago
This update has been pushed to stable. 2 years ago

Please login to add feedback.

Metadata
Type
security
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
BZ#1484515 CVE-2017-12858 libzip: Double free in _zip_dirent_read function in zip_dirent.c [fedora-all]
0
1

Automated Test Results