CVE-2016-9844 log

Source
Severity Low
Remote Yes
Type Denial of service
Description
A buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large compression method value in the central directory file header.
Group Package Affected Fixed Severity Status Ticket
AVG-611 unzip 6.0-14 6.0-15 Medium Fixed
References
https://www.openwall.com/lists/oss-security/2016/12/05/13
https://www.openwall.com/lists/oss-security/2016/12/05/13
https://www.openwall.com/lists/oss-security/2016/12/05/20
https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1643750
https://src.fedoraproject.org/rpms/unzip/raw/rawhide/f/0001-Fix-CVE-2016-9844-rhbz-1404283.patch