drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in ZZIPlib
Name: |
Ausführen beliebiger Kommandos in ZZIPlib |
|
ID: |
FEDORA-2018-a24be2586d |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 27 |
|
Datum: |
Di, 6. Februar 2018, 18:53 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6381 |
|
Applikationen: |
ZZIPlib |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2018-a24be2586d 2018-02-06 15:24:55.360377 ------------------------------------------------------------------------------- -
Name : zziplib Product : Fedora 27 Version : 0.13.67 Release : 1.fc27 URL : http://zziplib.sourceforge.net/ Summary : Lightweight library to easily extract data from zip files Description : The zziplib library is intentionally lightweight, it offers the ability to easily extract data from files archived in a single zip file. Applications can bundle files into a single zip archive and access them. The implementation is based only on the (free) subset of compression with the zlib algorithm which is actually used by the zip/unzip tools.
------------------------------------------------------------------------------- - Update Information:
Security fix for CVE-2018-6381 ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1540183 - CVE-2018-6381 zziplib: Invalid memory access in the zzip_disk_fread function in zzip/mmapped.c https://bugzilla.redhat.com/show_bug.cgi?id=1540183 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade zziplib' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
|
|
|
|