AVG-667 log

Package zziplib
Status Fixed
Severity Medium
Type denial of service
Affected 0.13.67-1
Fixed 0.13.68-1
Current 0.13.78-1 [extra]
Ticket None
Created Thu Apr 5 01:17:29 2018
Issue Severity Remote Type Description
CVE-2018-6869 Medium Yes Denial of service
An uncontrolled memory allocation was found in ZZIPlib before 0.13.68 that could lead to a crash in the __zzip_parse_root_directory function of zzip/zip.c....
CVE-2018-6542 Low No Denial of service
In ZZIPlib 0.13.67, there is a bus error (when handling a disk64_trailer seek value) caused by loading of a misaligned address in the zzip_disk_findfirst...
CVE-2018-6541 Medium Yes Denial of service
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address (when handling disk64_trailer local entries) in __zzip_fetch_disk_trailer...
CVE-2018-6540 Medium Yes Denial of service
In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address in the zzip_disk_findfirst function of zzip/mmapped.c. Remote attackers...
CVE-2018-6484 Low No Denial of service
An unaligned memory access bug was found in the way ZZIPlib handled ZIP files. This flaw could potentially be used to crash the application using ZZIPlib by...
CVE-2018-6381 Medium No Denial of service
In ZZIPlib 0.13.67, there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable...