zziplib 0.13.62-2ubuntu0.2 source package in Ubuntu

Changelog

zziplib (0.13.62-2ubuntu0.2) trusty-security; urgency=medium

  * SECURITY UPDATE: invalid mem access in zzip_disk_fread
    - debian/patches/CVE-2018-6381.patch: check sizes in zzip/memdisk.c.
    - CVE-2018-6381
  * SECURITY UPDATE: alignment and bus errors in __zzip_fetch_disk_trailer
    - debian/patches/CVE-2018-6484.patch: check sizes in zzip/zip.c.
    - CVE-2018-6484
    - CVE-2018-6541
    - CVE-2018-6869
  * SECURITY UPDATE: bus error in zzip_disk_findfirst
    - debian/patches/CVE-2018-6540.patch: check endbuf in zzip/mmapped.c.
    - CVE-2018-6540
  * SECURITY UPDATE: invalid memory dereference
    - debian/patches/CVE-2018-7725.patch: check zlib space in
      zzip/memdisk.c, zzip/mmapped.c.
    - CVE-2018-7725
  * SECURITY UPDATE: bus error in __zzip_parse_root_directory
    - debian/patches/CVE-2018-7726-1.patch: check rootseek and rootsize in
      zzip/zip.c.
    - debian/patches/CVE-2018-7726-2.patch: check rootseek in zzip/zip.c.
    - debian/patches/CVE-2018-7726-3.patch: check zz_rootsize in
      zzip/zip.c.
    - CVE-2018-7726

 -- Marc Deslauriers <email address hidden>  Fri, 29 Jun 2018 12:28:33 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2018-06-29
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Trusty updates on 2018-07-03 main libs
Trusty security on 2018-07-03 main libs

Downloads

File Size SHA-256 Checksum
zziplib_0.13.62.orig.tar.bz2 669.7 KiB a1b8033f1a1fd6385f4820b01ee32d8eca818409235d22caf5119e0078c7525b
zziplib_0.13.62-2ubuntu0.2.debian.tar.gz 17.5 KiB aca909835b5788e83d34fd307f73dabd3d6baa7d1de1c5ca4c3bc8421ab4acc2
zziplib_0.13.62-2ubuntu0.2.dsc 2.1 KiB 1fc3c0592a4ef6e17244943dce176c8ff2153d92fb816095dd3b4151444104b6

View changes file

Binary packages built by this source

libzzip-0-13: library providing read access on ZIP-archives - library

 The zziplib library is intentionally lightweight, it offers the ability
 to easily extract data from files archived in a single zip file.
 Applications can bundle files into a single zip archive and access them.
 The implementation is based only on the (free) subset of compression
 with the zlib algorithm which is actually used by the zip/unzip tools.
 .
 This package contains the zziplib runtime library.

libzzip-dev: library providing read access on ZIP-archives - development

 The zziplib library is intentionally lightweight, it offers the ability
 to easily extract data from files archived in a single zip file.
 Applications can bundle files into a single zip archive and access them.
 The implementation is based only on the (free) subset of compression
 with the zlib algorithm which is actually used by the zip/unzip tools.
 .
 This package contains the header files and static library needed to
 compile applications that use zziplib.

zziplib-bin: library providing read access on ZIP-archives - binaries

 The zziplib library is intentionally lightweight, it offers the ability
 to easily extract data from files archived in a single zip file.
 Applications can bundle files into a single zip archive and access them.
 The implementation is based only on the (free) subset of compression
 with the zlib algorithm which is actually used by the zip/unzip tools.
 .
 This package contains some useful binaries to extract data from zip
 archives.