Security update for zziplib
This update for zziplib to 0.13.67 contains multiple bug and security fixes:
- If an extension block is too small to hold an extension,
do not use the information therein.
- CVE-2018-6540: If the End of central directory record (EOCD) contains an
Offset of start of central directory which is beyond the end of
the file, reject the file. (bsc#1079096)
- CVE-2018-6484: Reject the ZIP file and report it as corrupt if the size of the
central directory and/or the offset of start of central directory
point beyond the end of the ZIP file. (bsc#1078701)
- CVE-2018-6381: If a file is uncompressed, compressed and uncompressed sizes
should be identical. (bsc#1078497)
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Josef Möllers (jmoellers)
Fixed bugs
bnc#1024532
VUL-1: zziplib: NULL pointer dereference in main (unzzipcat-mem.c)
bnc#1024536
VUL-1: CVE-2017-5980: zziplib: NULL pointer dereference in zzip_mem_entry_new (memdisk.c)
bnc#1079096
VUL-0: CVE-2018-6540: zziplib: In ZZIPlib 0.13.67, there is a bus error caused by loading of a misalignedaddress in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackerscould leverage this vulnerability to cause a denial of
bnc#1034539
AzureAD Driver - Hybrid entitlement package version should be changed to 1.0.1 which is still 1.0.0
bnc#1078497
VUL-1: CVE-2018-6381 zziplib: Invalid memory access in the zzip_disk_fread function in zzip/mmapped.c
bnc#1078701
VUL-0: CVE-2018-6484: zziplib: memory alignment error and bus error in the __zzip_fetch_disk_trailer function of zzip/zip.c
