MGASA-2018-0422

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2018-0422.html
Import Source
https://advisories.mageia.org/MGASA-2018-0422.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2018-0422
Related
  • CVE-2018-1000031
  • CVE-2018-1000032
  • CVE-2018-1000033
  • CVE-2018-1000034
  • CVE-2018-1000035
Published
2018-10-30T18:01:43Z
Modified
2018-10-30T17:34:16Z
Summary
Updated unzip packages fix security vulnerabilities
Details

Updated unzip packages fix security vulnerabilities

Heap-based out-of-bounds write (CVE-2018-1000031).

Heap/BSS-based buffer overflow (Bypass of CVE-2015-1315) (CVE-2018-1000032).

Heap out-of-bounds access in efscanfor_stream (CVE-2018-1000033).

Multiple vulnerabilities in the LZMA compression algorithm (CVE-2018-1000034).

Heap-based buffer overflow in password protected ZIP archives (CVE-2018-1000035).

References
Credits

Affected packages

Mageia:6 / unzip

Package

Name
unzip
Purl
pkg:rpm/mageia/unzip?distro=mageia-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1c-1.1.mga6

Ecosystem specific 

{
    "section": "core"
}