Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:0670-1

Опубликовано: 24 мар. 2015
Источник: suse-cvrf

Описание

Security update for pigz

Pigz, a multi-threaded implementation of gzip, was updated to fix one vulnerability.

The following vulnerability was fixed:

  • A crafted file could have caused an unwanted directory traversal on extract (CVE-2015-1191)

Список пакетов

SUSE Linux Enterprise Desktop 12
pigz-2.3-5.1
SUSE Linux Enterprise Server 12
pigz-2.3-5.1
SUSE Linux Enterprise Server for SAP Applications 12
pigz-2.3-5.1

Ссылки

Описание

Multiple directory traversal vulnerabilities in pigz 2.3.1 allow remote attackers to write to arbitrary files via a (1) full pathname or (2) .. (dot dot) in an archive.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:pigz-2.3-5.1
SUSE Linux Enterprise Server 12:pigz-2.3-5.1
SUSE Linux Enterprise Server for SAP Applications 12:pigz-2.3-5.1
Ссылки