Sicherheit: Pufferüberlauf in unzip
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in unzip
ID: FEDORA-2018-fef0a6a8b0
Distribution: Fedora
Plattformen: Fedora 29
Datum: Di, 13. November 2018, 07:41
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18384
Applikationen: UnZip


Fedora Update Notification
2018-11-13 02:18:59.073362

Name : unzip
Product : Fedora 29
Version : 6.0
Release : 42.fc29
URL : http://www.info-zip.org/UnZip.html
Summary : A utility for unpacking zip files
Description :
The unzip utility is used to list, test, or extract files from a zip
archive. Zip archives are commonly found on MS-DOS systems. The zip
utility, included in the zip package, creates zip archives. Zip and
unzip are both compatible with archives created by PKWARE(R)'s PKZIP
for MS-DOS, but the programs' options and default behaviors do differ
in some respects.

Install the unzip package if you need to list, test or extract files from
a zip archive.

Update Information:

Fix several possibly unterminated strings. When using long enough strings with
the -I or -O modifiers, these string could end up unterminated (wrongly used

* Thu Nov 8 2018 Jakub Martisko <jamartis@redhat.com> - 6.0-42
- fix several possibly unterminated strings
When copying to OEM_CP and ISO_CP strings, the string could end unterminated
(stncpy does not append '\0').
* Thu Nov 8 2018 Jakub Martisko <jamartis@redhat.com> - 6.0-41
- Fix CVE-2018-18384
Resolves: CVE-2018-18384

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-fef0a6a8b0' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Pro-Linux @Facebook
Neue Nachrichten