Information on source package zziplib

Available versions

ReleaseVersion
jessie0.13.62-3+deb8u3
stretch0.13.62-3.2~deb9u2
buster0.13.62-3.2+deb10u1
bullseye0.13.62-3.3+deb11u1
bookworm0.13.72+dfsg.1-1.1
trixie0.13.72+dfsg.1-1.2
sid0.13.72+dfsg.1-1.3

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2024-39134vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerablevulnerableA Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attac ...
CVE-2024-39133vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerablevulnerableHeap Buffer Overflow vulnerability in zziplib v0.13.77 allows attacker ...
CVE-2020-18770vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerablevulnerableAn issue was discovered in function zzip_disk_entry_to_file_header in ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2018-17828vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableDirectory traversal vulnerability in ZZIPlib 0.13.69 allows attackers ...
CVE-2018-7727vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableAn issue was discovered in ZZIPlib 0.13.68. There is a memory leak tri ...
CVE-2018-6542vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableIn ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trail ...

Resolved issues

BugDescription
CVE-2020-18442Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a d ...
CVE-2018-16548An issue was discovered in ZZIPlib through 0.13.69. There is a memory ...
CVE-2018-7726An issue was discovered in ZZIPlib 0.13.68. There is a bus error cause ...
CVE-2018-7725An issue was discovered in ZZIPlib 0.13.68. An invalid memory address ...
CVE-2018-6869In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a c ...
CVE-2018-6541In ZZIPlib 0.13.67, there is a bus error caused by loading of a misali ...
CVE-2018-6540In ZZIPlib 0.13.67, there is a bus error caused by loading of a misali ...
CVE-2018-6484In ZZIPlib 0.13.67, there is a memory alignment error and bus error in ...
CVE-2018-6381In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13. ...
CVE-2017-5981seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial o ...
CVE-2017-5980The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows ...
CVE-2017-5979The prescan_entry function in fseeko.c in zziplib 0.13.62 allows remot ...
CVE-2017-5978The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows ...
CVE-2017-5977The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.6 ...
CVE-2017-5976Heap-based buffer overflow in the zzip_mem_entry_extra_block function ...
CVE-2017-5975Heap-based buffer overflow in the __zzip_get64 function in fetch.c in ...
CVE-2017-5974Heap-based buffer overflow in the __zzip_get32 function in fetch.c in ...
CVE-2007-1614Stack-based buffer overflow in the zzip_open_shared_io function in zzi ...

Security announcements

DSA / DLADescription
DLA-2859-1zziplib - security update
ELA-532-1zziplib - security update
DLA-2258-1zziplib - security update
DLA-1287-1zziplib - security update
DLA-994-1zziplib - security update
DSA-3878-1zziplib - security update

Search for package or bug name: Reporting problems