-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2015-01-07 16:08:29 UTC
-
Revision ID:
package-import@ubuntu.com-20150107160829-n78ytiljrgwmj9qh
Tags: 6.0-12ubuntu1.1
* SECURITY UPDATE: CRC32 verification heap-based overflow
- debian/patches/09-cve-2014-8139-crc-overflow: check extra block
length in extract.c.
- CVE-2014-8139
* SECURITY UPDATE: out-of-bounds write issue in test_compr_eb()
- debian/patches/10-cve-2014-8140-test-compr-eb: properly validate
sizes in extract.c.
- CVE-2014-8140
* SECURITY UPDATE: out-of-bounds read issues in getZip64Data()
- debian/patches/11-cve-2014-8141-getzip64data: validate extra fields
in fileio.c, check sizes in process.c.
- CVE-2014-8141