Описание
ELSA-2025-20478-0: zziplib security update (MODERATE)
[0.13.78-2]
- Fix directory traversal in unzip binary
- Disable the CVE tests during the check phase - the reproducers for these are downloaded from the github
- Resolves: RHEL-105822
Обновленные пакеты
Oracle Linux 10
Oracle Linux aarch64
zziplib
0.13.78-2.el10
zziplib-utils
0.13.78-2.el10
zziplib-devel
0.13.78-2.el10
Oracle Linux x86_64
zziplib
0.13.78-2.el10
zziplib-utils
0.13.78-2.el10
zziplib-devel
0.13.78-2.el10
Связанные CVE
Связанные уязвимости
Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file.
Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file.
Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file.
Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers ...