unzip 6.0-9ubuntu1.4 source package in Ubuntu


unzip (6.0-9ubuntu1.4) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible code execution via
    heap overflow
    - debian/patches/14-cve-2015-7696: add check to crypt.c.
    - CVE-2015-7696
  * SECURITY UPDATE: infinite loop when extracting empty bzip2 data
    - debian/patches/15-cve-2015-7697: check for empty input in extract.c.
    - CVE-2015-7697
  * SECURITY UPDATE: unsigned overflow on invalid input
    - debian/patches/16-fix-integer-underflow-csiz-decrypted: make sure
      csiz_decrypted doesn't overflow in extract.c.
    - No CVE number

 -- Marc Deslauriers <email address hidden>  Thu, 29 Oct 2015 10:33:05 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Original maintainer:
Ubuntu Developers
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section


File Size SHA-256 Checksum
unzip_6.0.orig.tar.gz 1.3 MiB 036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37
unzip_6.0-9ubuntu1.4.debian.tar.gz 19.5 KiB 63f2a682ee40be059c9a61e11255cfb6f96d8f55b5650e0bac18949d47c278a6
unzip_6.0-9ubuntu1.4.dsc 1.7 KiB 3ec7993e4ea7f9e18850a1406bc4c39d59c637b54226d917d5cbde0070ed1582

View changes file

Binary packages built by this source

unzip: De-archiver for .zip files

 InfoZIP's unzip program. With the exception of multi-volume archives
 (ie, .ZIP files that are split across several disks using PKZIP's /& option),
 this can handle any file produced either by PKZIP, or the corresponding
 InfoZIP zip program.
 This version supports encryption.