Overview

File _patchinfo of Package patchinfo.17988

<patchinfo incident="17988">
  <issue tracker="cve" id="2022-1271"/>
  <issue tracker="bnc" id="1198062">VUL-0: CVE-2022-1271: gzip,xz: Fix escaping of malicious filenames (ZDI-CAN-16587)</issue>  
  <issue tracker="bnc" id="1180713">gzexe works abnormal in SLES12sp5</issue>
  <issue tracker="bnc" id="1177047">SLES 12 SP5 / SLES 15 SP2 / (SLES 15 SP1) - gzip: When zlib acceleration is enabled, gzip fails when given multiple files larger than 5KB</issue>
  <packager>kstreitova</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for gzip</summary>
  <description>This update for gzip fixes the following issues:

- CVE-2022-1271: Fixed an incorrect escaping of malicious filenames (ZDI-CAN-16587). (bsc#1198062)

The following non-security bugs were fixed:

- Fixed an issue when 'gzexe' counts the lines to skip wrong. (bsc#1180713)
- Fixed a potential segfault when zlib acceleration is enabled (bsc#1177047)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places