libzip

Link	package \| bugs open \| bugs closed \| Wiki \| GitHub \| web search
Description	C library for reading, creating, and modifying zip archives
Version	1.11.4-1 [extra]

Resolved

Group	Affected	Fixed	Severity	Status	Ticket
AVG-390	1.2.0-1	1.3.0-1	High	Fixed

Issue	Group	Severity	Remote	Type	Description
CVE-2017-12858	AVG-390	High	Yes	Arbitrary code execution	Double free vulnerability in the _zip_dirent_read function in zip_dirent.c in libzip allows attackers to execute arbitrary code via a crafted zip file.

Date	Advisory	Group	Severity	Type
07 Nov 2017	ASA-201711-13	AVG-390	High	arbitrary code execution