Information on source package libzip

Available versions

ReleaseVersion
jessie0.11.2-1.2
stretch1.1.2-1.1+deb9u1
buster1.5.1-4
bullseye1.7.3-1
bookworm1.7.3-1
trixie1.7.3-1
sid1.7.3-1.1

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2017-14107vulnerable (no DSA)fixedfixedfixedfixedfixedfixedThe _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mis ...

Resolved issues

BugDescription
CVE-2019-17582A use-after-free in the _zip_dirent_read function of zip_dirent.c in l ...
CVE-2017-12858Double free vulnerability in the _zip_dirent_read function in zip_dire ...
CVE-2015-2331Integer overflow in the _zip_cdir_new function in zip_dirent.c in libz ...
CVE-2012-1163Integer overflow in the _zip_readcdir function in zip_open.c in libzip ...
CVE-2012-1162Heap-based buffer overflow in the _zip_readcdir function in zip_open.c ...
CVE-2011-0421The _zip_name_locate function in zip_name_locate.c in the Zip extensio ...

Security announcements

DSA / DLADescription
DLA-2858-1libzip - security update

Search for package or bug name: Reporting problems