AVG-2847 log
| Package | minizip |
| Status | Fixed |
| Severity | Critical |
| Type | arbitrary code execution |
| Affected | 1:1.3-1 |
| Fixed | 1:1.3.1-1 |
| Current | 1:1.3.1-2 [core] |
| Ticket | None |
| Created | Tue Oct 24 14:22:35 2023 |
| Advisory | Pending |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2023-45853 | Critical | No | Arbitrary code execution | MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. |
| References |
|---|
https://www.openwall.com/lists/oss-security/2023/10/20/9 |