unzip 5.51-2ubuntu0.3 source package in Ubuntu
Changelog
unzip (5.51-2ubuntu0.3) warty-security; urgency=low
* SECURITY UPDATE: Arbitrary code execution on specially crafted long file
names (which should not happen in many scenarios, though).
* unzpriv.h, Info macro:
- Use snprintf() instead of sprintf() as inner formatting function.
- Use fputs() instead of fprintf() as outer function to ignore leftover
format strings which might not have been substituted in the inner
snprintf().
- Throw away the three different implementations of that macro and use
just one safe one.
* unix/unix.c, do_wild():
- Replace unchecked strcpy() calls from user provided file argument to
statically sized buffer with strncpy() and ensure null termination.
* CVE-2005-4667
-- Martin Pitt <email address hidden> Fri, 10 Feb 2006 21:18:25 +0100
Upload details
- Uploaded by:
- Martin Pitt
- Uploaded to:
- Warty
- Original maintainer:
- Santiago Vila
- Architectures:
- any
- Section:
- utils
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| unzip_5.51.orig.tar.gz | 1.1 MiB | bc638c2eb65720ebc1c06c77687bd396e105e9747513ea9c8c1cd816c49c90f4 |
| unzip_5.51-2ubuntu0.3.diff.gz | 6.3 KiB | f9a72875c345253dfa1f1be7b66cf9589ffd408e3a26192542a331afdab1a0d2 |
| unzip_5.51-2ubuntu0.3.dsc | 534 bytes | b270c426401708f974853c7dc1d86c370fc4c0a2b6c1b6670f14251a52f781c8 |
Binary packages built by this source
- unzip: No summary available for unzip in ubuntu warty.
No description available for unzip in ubuntu warty.
