AVG-273

Package zziplib
Status Fixed
Severity Medium
Type denial of service
Affected 0.13.66-1
Fixed 0.13.67-1
Current 0.13.69-1 [extra]
Ticket FS#53133
Created Thu May 11 22:32:18 2017
Issue Severity Remote Type Description
CVE-2017-5978 Medium Yes Denial of service
The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a...
CVE-2017-5977 Medium Yes Denial of service
The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash)...
Date Advisory Package Description
18 Jan 2018 ASA-201801-17 zziplib denial of service
References
http://www.openwall.com/lists/oss-security/2017/02/14/3