1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
PublicDateAtUSN: 2015-10-12
Candidate: CVE-2015-7697
PublicDate: 2015-11-06
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7697
http://www.openwall.com/lists/oss-security/2015/10/11/5
http://www.ubuntu.com/usn/usn-2788-1
Description:
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service
(infinite loop) via empty bzip2 data in a ZIP archive.
Ubuntu-Description:
Notes:
Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1260944
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802160
Priority: low
Discovered-by: Gustavo Grieco
Assigned-to: mdeslaur
Patches_unzip:
upstream_unzip: released (6.0-19)
precise_unzip: released (6.0-4ubuntu2.4)
trusty_unzip: released (6.0-9ubuntu1.4)
vivid_unzip: released (6.0-13ubuntu3.1)
wily_unzip: released (6.0-17ubuntu1.1)
devel_unzip: not-affected (6.0-19ubuntu1)
vivid/stable-phone-overlay_unzip: released (6.0-13ubuntu3.1)
vivid/ubuntu-core_unzip: DNE
|