Changelog
unzip (5.51-2ubuntu0.3) warty-security; urgency=low
* SECURITY UPDATE: Arbitrary code execution on specially crafted long file
names (which should not happen in many scenarios, though).
* unzpriv.h, Info macro:
- Use snprintf() instead of sprintf() as inner formatting function.
- Use fputs() instead of fprintf() as outer function to ignore leftover
format strings which might not have been substituted in the inner
snprintf().
- Throw away the three different implementations of that macro and use
just one safe one.
* unix/unix.c, do_wild():
- Replace unchecked strcpy() calls from user provided file argument to
statically sized buffer with strncpy() and ensure null termination.
* CVE-2005-4667
-- Martin Pitt <email address hidden> Fri, 10 Feb 2006 21:18:25 +0100