MDVSA-2012:034 -- Mandriva libzipID: oval:org.secpod.oval:def:302865 | Date: (C)2012-12-11 (M)2021-06-02 |
Class: PATCH | Family: unix |
Multiple vulnerabilities has been found and corrected in libzip: libzip uses an incorrect loop construct, which can result in a heap overflow on corrupted zip files . libzip has a numeric overflow condition, which, for example, results in improper restrictions of operations within the bounds of a memory buffer . The updated packages have been upgraded to the 0.10.1 version to correct these issues.
Platform: |
Mandriva Linux 2011.0 |
Mandriva Linux 2010.1 |