Re: [SECURITY] [DLA 3118-1] unzip security update

Fri, 07 Oct 2022 14:54:16 -0700 

чт, 22 сент. 2022 г., 19:54 Emilio Pozuelo Monfort <po...@debian.org>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> - -------------------------------------------------------------------------
> Debian LTS Advisory DLA-3118-1                debian-lts@lists.debian.org
> https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
> September 22, 2022                            https://wiki.debian.org/LTS
> - -------------------------------------------------------------------------
>
> Package        : unzip
> Version        : 6.0-23+deb10u3
> CVE ID         : CVE-2022-0529 CVE-2022-0530
> Debian Bug     : 1010355
>
> Sandipan Roy discovered two vulnerabilities in InfoZIP's unzip program,
> a de-archiver for .zip files, which could result in denial of service
> or potentially the execution of arbitrary code.
>
> For Debian 10 buster, these problems have been fixed in version
> 6.0-23+deb10u3.
>
> We recommend that you upgrade your unzip packages.
>
> For the detailed security status of unzip please refer to
> its security tracker page at:
> https://security-tracker.debian.org/tracker/unzip
>
> Further information about Debian LTS security advisories, how to apply
> these updates to your system and frequently asked questions can be
> found at: https://wiki.debian.org/LTS
> -----BEGIN PGP SIGNATURE-----
>
> iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmMsk0UACgkQnUbEiOQ2
> gwJY1g/9EYxe94HbGE5wKeq6ffJYTRZw2OIdRc/JHxxCBkbaXwk2IyzF9z48hpfP
> OsshmyYFzaHdKgV1Dts6PwgVVqokKH1jqKlmw6B89tY8OZxLzESB7gHyVTAEkbSJ
> 9jar0INcTNAlzSw6ew/wHRHxkdA/3j64MfuTZIzvqmmaFzuqJqT2gKd0bRFUm3Yd
> HSVk8AT5rca2LzGqDlg2yaxn+R1XpiIgjV8cyZV3q0Ccn7coeGPQ0P1XLMX1zbnN
> uEuhROMRte8LFvd9W+9I0vLSi0/qfoDaQEHBkA9m8oqo/3ASvuayE5bYrIG5fwHe
> zLtB3DSkZsQHTZV95a+/AnB30Shgfeof1c5d1yJWB6gGaQUR3Otpi3DEm0PUFnU4
> t+sDlc2U2aANByLtASP0kQ0DcFDD8vEkZsDv4NGM57nxHjLDF8QwXJCnq09JH5Iv
> 3GwvTiEQNLb9DxwS/8Gokjc/8+4goFyGDLK8MqixETRnwqx6/OTr0/mwiRwIY623
> xzhTPSEf05ANDR5YQyYTG/QDlDnCTyyv7OcB7CH3ILpAoxJXkFIUpRD3oXuwKp6Q
> D0OyMezJoQgZ0KbMcfu8+OMRpV/S3YRj+Fgtu47mLfFmfhtw2GvDBHndLZ2uGxBp
> XQUG2NueY1lEbjzmM6kQUjNZezn44znEtzk86vw5UWLVHeMv2uk=
> =8RtY
> -----END PGP SIGNATURE-----
>
>

Reply via email to