Overview

File _patchinfo of Package patchinfo.6930

<patchinfo incident="6930">
  <issue id="1084517" tracker="bnc">VUL-1: CVE-2018-7726: zziplib: There is a bus error caused by the__zzip_parse_root_directory function of zip.c. Attackers could leverage thisvulnerability to cause a denial of service</issue>
  <issue id="1084519" tracker="bnc">VUL-1: CVE-2018-7725: zziplib: An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service</issue>
  <issue id="2018-7726" tracker="cve" />
  <issue id="2018-7725" tracker="cve" />
  <category>security</category>
  <rating>low</rating>
  <packager>jmoellers</packager>
  <description>This update for zziplib fixes the following issues:

Security issues fixed:

- CVE-2018-7726: There is a bus error caused by the__zzip_parse_root_directory function of zip.c. Attackers could leverage thisvulnerability to cause a denial of service (bsc#1084517).
- CVE-2018-7725: An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service (bsc#1084519).
</description>
  <summary>Security update for zziplib</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places