Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 15 Sep 2015 18:38:42 +0200
From: Hanno Böck <>
Subject: Re: Heap overflow and DoS in unzip 6.0

On Tue, 15 Sep 2015 13:10:17 -0300
Gustavo Grieco <> wrote:

> AFAIK, upstream is still working on the heap overflow issue (the DoS
> is fixed in the last unzip beta). In concrete, they said:

Actually talking about upstream: The state of the info-zip packages is
pretty dismal.

There are issues from 2009(!) that haven't seen a fix yet, at least
not in a release:

Are you in contact with upstream?

Hanno Böck


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ