MDVSA-2012:034 -- Mandriva libzipID: oval:org.secpod.oval:def:1300047 | Date: (C)2013-04-08 (M)2022-10-10 |
Class: PATCH | Family: unix |
Multiple vulnerabilities has been found and corrected in libzip: libzip uses an incorrect loop construct, which can result in a heap overflow on corrupted zip files . libzip has a numeric overflow condition, which, for example, results in improper restrictions of operations within the bounds of a memory buffer . The updated packages have been upgraded to the 0.10.1 version to correct these issues.
Platform: |
Mandriva Enterprise Server 5.2 |