-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2015-01-07 16:15:57 UTC
-
Revision ID:
package-import@ubuntu.com-20150107161557-htf7wfeokxkh6s4f
Tags: 6.0-1ubuntu0.1
* SECURITY UPDATE: CRC32 verification heap-based overflow
- extract.c: check extra block length.
- CVE-2014-8139
* SECURITY UPDATE: out-of-bounds write issue in test_compr_eb()
- extract.c: properly validate sizes.
- CVE-2014-8140
* SECURITY UPDATE: out-of-bounds read issues in getZip64Data()
- fileio.c: validate extra fields.
- process.c: check sizes.
- CVE-2014-8141