Ubuntu
unzip package

  1. Bug #1957077
  2. Comment #10

Comment 10 for bug 1957077

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unzip - 6.0-26ubuntu3.1

---------------
unzip (6.0-26ubuntu3.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Null pointer dereference in unzip (LP: #1957077)
    - debian/patches/CVE-2021-4217.patch: Fix null pointer dereference and use
      of uninitialized data
    - CVE-2021-4217
  * SECURITY UPDATE: Out-of-bound write vulnerability in unzip
    - debian/patches/CVE-2022-0529.patch: Fix wide string conversion in
      process.c
    - debian/patches/CVE-2022-0530.patch: Add missing error handling in
      fileio.c and process.c
    - CVE-2022-0529
    - CVE-2022-0530

 -- Nishit Majithia <email address hidden> Fri, 07 Oct 2022 22:51:05 +0530