| Errata ID | 449 |
|---|---|
| Date | 2017-08-16 |
| Source package | unzip |
| Fixed in version | 6.0-8.34.201708101423 |
| Description | This update addresses the following issues: * Out of bands memory read when processing malformed ZIP archives (CVE-2014-9636) * Buffer overflow in "unzip -l" via list_files() in list.c (CVE-2014-9913) * Fix infinite loop when extracting password-protected archive (CVE-2015-7696, CVE-2015-7697) * zipinfo buffer overflow (CVE-2016-9844) |
| Additional notes | |
| CVE ID | CVE-2014-9636 CVE-2014-9913 CVE-2015-7696 CVE-2015-7697 CVE-2016-9844 |
| UCS Bug number | #37657 |
