Information on source package unzip

Available versions

ReleaseVersion
jessie6.0-16+deb8u3
jessie (security)6.0-16+deb8u2
stretch6.0-21
buster6.0-21
sid6.0-21

Open issues

BugjessiestretchbustersidDescription
CVE-2018-1000035vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableA heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 ...

Resolved issues

BugDescription
CVE-2018-18384Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive ...
CVE-2018-1000034An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that ...
CVE-2018-1000033An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that ...
CVE-2018-1000032A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 ...
CVE-2018-1000031A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 ...
CVE-2016-9844Buffer overflow in the zi_short function in zipinfo.c in Info-Zip ...
CVE-2015-7697Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of ...
CVE-2015-7696Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of ...
CVE-2015-1315Buffer overflow in the charset_to_intern function in unix/unix.c in ...
CVE-2014-9913Buffer overflow in the list_files function in list.c in Info-Zip UnZip ...
CVE-2014-9636unzip 6.0 allows remote attackers to cause a denial of service ...
CVE-2014-8141heap overflow in getZip64Data
CVE-2014-8140heap overflow in test_compr_eb
CVE-2014-8139CRC32 heap overflow
CVE-2008-0888The NEEDBITS macro in the inflate_dynamic function in inflate.c for ...
CVE-2005-4667Buffer overflow in UnZip 5.50 and earlier allows user-assisted ...
CVE-2005-2475Race condition in Unzip 5.52 allows local users to modify permissions ...
CVE-2005-0602Unzip 5.51 and earlier does not properly warn the user when extracting ...
CVE-2003-0282Directory traversal vulnerability in UnZip 5.50 allows attackers to ...

Security announcements

DSA / DLADescription
DLA-741-1unzip - security update
DSA-3386-2unzip - regression update
DSA-3386-2unzip - regression update
DSA-3386-1unzip - security update
DSA-3386-1unzip - security update
DLA-330-1unzip - security update
DLA-150-1unzip - security update
DSA-3152-1unzip - security update
DSA-3113-1unzip - security update
DLA-124-1unzip - security update
DSA-1522-1unzip - potential code execution
DSA-1522-1unzip - potential code execution
DSA-1012-1unzip - buffer overflow
DSA-1012-1unzip - buffer overflow
DSA-903-1unzip - race condition
DSA-903-1unzip - race condition
DSA-344unzip - directory traversal

Search for package or bug name: Reporting problems