unzip 6.0-21ubuntu1.1 source package in Ubuntu
Changelog
unzip (6.0-21ubuntu1.1) bionic-security; urgency=medium
* SECURITY UPDATE: buffer overflow in password protected ZIP archives
- debian/patches/20-cve-2018-1000035-unzip-buffer-overflow.patch: Perform
check before allocating memory in fileio.c.
- CVE-2018-1000035
* SECURITY UPDATE: denial of service (resource consumption)
- debian/patches/22-cve-2019-13232-fix-bug-in-undefer-input.patch: Fix bug
in undefer_input() of fileio.c that misplaced the input state.
- debian/patches/23-cve-2019-13232-zip-bomb-with-overlapped-entries.patch:
Detect and reject a zip bomb using overlapped entries.
- debian/patches/24-cve-2019-13232-do-not-raise-alert-for-misplaced-central-directory.patch:
Do not raise a zip bomb alert for a misplaced central directory.
- CVE-2019-13232
-- Avital Ostromich <email address hidden> Thu, 26 Nov 2020 16:01:36 -0500
Upload details
- Uploaded by:
- Avital Ostromich
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| unzip_6.0.orig.tar.gz | 1.3 MiB | 036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37 |
| unzip_6.0-21ubuntu1.1.debian.tar.xz | 25.6 KiB | e793a0078ba3d94726e477042fcecba123a7d4d4c43872ae03290fcebaac1824 |
| unzip_6.0-21ubuntu1.1.dsc | 1.6 KiB | e40161a20191eeae40c9b936237db322c6add5713cd66dc8ceeb54c988b92f2f |
Available diffs
Binary packages built by this source
- unzip: De-archiver for .zip files
InfoZIP's unzip program. With the exception of multi-volume archives
(ie, .ZIP files that are split across several disks using PKZIP's /& option),
this can handle any file produced either by PKZIP, or the corresponding
InfoZIP zip program.
.
This version supports encryption.
- unzip-dbgsym: debug symbols for unzip
