unzip 5.51-2ubuntu1.3 source package in Ubuntu
Changelog
unzip (5.51-2ubuntu1.3) hoary-security; urgency=low
* SECURITY UPDATE: Arbitrary code execution on specially crafted long file
names (which should not happen in many scenarios, though).
* unzpriv.h, Info macro:
- Use snprintf() instead of sprintf() as inner formatting function.
- Use fputs() instead of fprintf() as outer function to ignore leftover
format strings which might not have been substituted in the inner
snprintf().
- Throw away the three different implementations of that macro and use
just one safe one.
* unix/unix.c, do_wild():
- Replace unchecked strcpy() calls from user provided file argument to
statically sized buffer with strncpy() and ensure null termination.
* CVE-2005-4667
-- Martin Pitt <email address hidden> Fri, 10 Feb 2006 21:08:40 +0100
Upload details
- Uploaded by:
- Martin Pitt
- Uploaded to:
- Hoary
- Original maintainer:
- Santiago Vila
- Architectures:
- any
- Section:
- utils
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| unzip_5.51.orig.tar.gz | 1.1 MiB | bc638c2eb65720ebc1c06c77687bd396e105e9747513ea9c8c1cd816c49c90f4 |
| unzip_5.51-2ubuntu1.3.diff.gz | 7.1 KiB | 69d99aea92250679f17ddc9e47888a6b955f49ccb8c76eed355b52d2bd14ca5a |
| unzip_5.51-2ubuntu1.3.dsc | 534 bytes | 0af350e818551b9789f5ee38268b781fe6c2dc4f711f3bfa7283cb0d040e43a7 |
Binary packages built by this source
- unzip: No summary available for unzip in ubuntu hoary.
No description available for unzip in ubuntu hoary.
