401d18b2e9
Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file. Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> |
||
|---|---|---|
| .. | ||
| 0001-Avoid-memory-leak-from-__zzip_parse_root_directory.patch | ||
| 0002-Avoid-memory-leak-from-__zzip_parse_root_directory-2.patch | ||
| 0003-One-more-free-to-avoid-memory-leak.patch | ||
| 0004-Fix-issue-62-Remove-any-components-from-pathnames-of-extracte.patch | ||
| Config.in | ||
| zziplib.hash | ||
| zziplib.mk | ||