Information on source package gzip

Available versions

ReleaseVersion
jessie1.6-4
stretch1.6-5
buster1.9-3
bullseye1.9-3
sid1.9-3

Resolved issues

BugDescription
CVE-2010-0001Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 ...
CVE-2009-2624The huft_build function in inflate.c in gzip before 1.3.13 creates a h ...
CVE-2006-4338unlzh.c in the LHZ component in gzip 1.3.5 allows context-dependent at ...
CVE-2006-4337Buffer overflow in the make_table function in the LHZ component in gzi ...
CVE-2006-4336Buffer underflow in the build_tree function in unpack.c in gzip 1.3.5 ...
CVE-2006-4335Array index error in the make_table function in unlzh.c in the LZH dec ...
CVE-2006-4334Unspecified vulnerability in gzip 1.3.5 allows context-dependent attac ...
CVE-2005-1228Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1 ...
CVE-2005-0988Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a ...
CVE-2005-0758zgrep in gzip before 1.3.5 does not properly sanitize arguments, which ...
CVE-2004-1349gzip before 1.3 in Solaris 8, when called with the -f or -force flags, ...
CVE-2004-0970The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as ...
CVE-2004-0603gzexe in gzip 1.3.3 and earlier will execute an argument when the crea ...
CVE-2003-0367znew in the gzip package allows local users to overwrite arbitrary fil ...
CVE-1999-1332gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows loca ...

Security announcements

DSA / DLADescription
DSA-1974-1gzip - arbitrary code execution
DSA-1974-1gzip - arbitrary code execution
DSA-1181-1gzip
DSA-752-1gzip - several
DSA-588-1gzip - insecure temporary files
DSA-308gzip - insecure temporary files

Search for package or bug name: Reporting problems