Overview

File _patchinfo of Package patchinfo.13903

<patchinfo incident="13903">
<issue tracker="bnc" id="1154002">unzip-mem command unzip file error</issue>
  <issue tracker="bnc" id="1214577">VUL-0: CVE-2020-18770: zziplib: denial-of-service in function zzip_disk_entry_to_file_header in mmapped.c</issue>
  <issue tracker="cve" id="2020-18770"/>
  <issue tracker="bnc" id="1187526">VUL-0: CVE-2020-18442: zziplib: infinite loop via the return value of zzip_file_read() as used in unzzip_cat_file()</issue>
  <issue tracker="cve" id="2020-18442"/>
  <packager>jmoellers</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for zziplib</summary>
  <description>This update for zziplib fixes the following issues:

Security issue fixed:

- CVE-2020-18442: Fixed infinite loop in zzip_file_read() as used in unzzip_cat_file() (bsc#1187526).
- CVE-2020-18770: Fixed denial-of-service in function zzip_disk_entry_to_file_header in mmapped.c (bsc#1214577).

Non-security issue fixed:

- Implement an error message with a condition by checking the return value of a function call. (bsc#1154002)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places