Download
| Alert*
[3.6] libzip: Multiple vulnerabilities (CVE-2017-14107, CVE-2017-12858)
CVE-2017-14107: Memory allocation failure in _zip_cdir_grow function; The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which allows attackers to cause a denial of service via a crafted ZIP archive. Fixed in: libzip 1.3.0
|