Date: Wed, 31 Dec 2014 16:44:42 -0500 From: Michael Gilbert <mgilbert@...ian.org> To: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: cve request: miniunzip directory traversal Jakub Wilk discovered a directory traversal issue in the miniunzip tool , which is part of minizip . Attached is a proposed solution. Please assign a CVE id. Best wishes, Mike  http://bugs.debian.org/774321  http://www.winimage.com/zLibDll/minizip.html View attachment "traversal.patch" of type "text/x-patch" (473 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ