Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:0548-1

Опубликовано: 27 фев. 2018
Источник: suse-cvrf

Описание

Security update for zziplib

This update for zziplib fixes the following issues:

Version update to 0.13.67 contains lots of bug- and security fixes.

  • If an extension block is too small to hold an extension, do not use the information therein.
  • CVE-2018-6540: If the End of central directory record (EOCD) contains an Offset of start of central directory which is beyond the end of the file, reject the file. (bsc#1079096)
  • CVE-2018-6484: Reject the ZIP file and report it as corrupt if the size of the central directory and/or the offset of start of central directory point beyond the end of the ZIP file. (bsc#1078701)
  • CVE-2018-6381: If a file is uncompressed, compressed and uncompressed sizes should be identical. (bsc#1078497)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2
libzzip-0-13-0.13.67-10.5.1
SUSE Linux Enterprise Desktop 12 SP3
libzzip-0-13-0.13.67-10.5.1
SUSE Linux Enterprise Software Development Kit 12 SP2
libzzip-0-13-0.13.67-10.5.1
zziplib-devel-0.13.67-10.5.1
SUSE Linux Enterprise Software Development Kit 12 SP3
libzzip-0-13-0.13.67-10.5.1
zziplib-devel-0.13.67-10.5.1
SUSE Linux Enterprise Workstation Extension 12 SP2
libzzip-0-13-0.13.67-10.5.1
SUSE Linux Enterprise Workstation Extension 12 SP3
libzzip-0-13-0.13.67-10.5.1

Ссылки

Описание

In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libzzip-0-13-0.13.67-10.5.1
SUSE Linux Enterprise Desktop 12 SP3:libzzip-0-13-0.13.67-10.5.1
SUSE Linux Enterprise Software Development Kit 12 SP2:libzzip-0-13-0.13.67-10.5.1
SUSE Linux Enterprise Software Development Kit 12 SP2:zziplib-devel-0.13.67-10.5.1
Ссылки

Описание

In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the __zzip_fetch_disk_trailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libzzip-0-13-0.13.67-10.5.1
SUSE Linux Enterprise Desktop 12 SP3:libzzip-0-13-0.13.67-10.5.1
SUSE Linux Enterprise Software Development Kit 12 SP2:libzzip-0-13-0.13.67-10.5.1
SUSE Linux Enterprise Software Development Kit 12 SP2:zziplib-devel-0.13.67-10.5.1
Ссылки

Описание

In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libzzip-0-13-0.13.67-10.5.1
SUSE Linux Enterprise Desktop 12 SP3:libzzip-0-13-0.13.67-10.5.1
SUSE Linux Enterprise Software Development Kit 12 SP2:libzzip-0-13-0.13.67-10.5.1
SUSE Linux Enterprise Software Development Kit 12 SP2:zziplib-devel-0.13.67-10.5.1
Ссылки