Processed: Re: Bug#882177: busybox: unzip creates world-writable directories

Processing commands for cont...@bugs.debian.org: > forwarded 882177 > http://lists.busybox.net/pipermail/busybox/2017-November/085975.html Bug #882177 [busybox] busybox: unzip creates world-writable directories Set Bug forwarded-to-address to 'http://lists.busybox.net/pipermail/busybox/2017-Nove

Processed: Re: Bug#882177: busybox: unzip creates world-writable directories

Processing commands for cont...@bugs.debian.org: > tags 882175 confirmed upstream Bug #882175 [busybox] busybox: out-of-bounds read in get_header_ar() Added tag(s) confirmed and upstream. > tags 882177 confirmed upstream Bug #882177 [busybox] busybox: unzip creates world-writable directories Added

Bug#882177: busybox: unzip creates world-writable directories

tags 882175 confirmed upstream tags 882177 confirmed upstream thanks Jakub Wilk wrote... > Adding forgotten attachment... Thanks, was already able to reproduce without that one. Christoph signature.asc Description: Digital signature

Bug#882177: busybox: unzip creates world-writable directories

Package: busybox Version: 1:1.27.2-1 Tags: security When busybox's unzip creates a directory that is not shipped directly in the zip file, it makes the directory world-writable: $ zipinfo moo.zip Archive: moo.zip Zip file size: 112 bytes, number of entries: 1 -rw-r--r-- 3.0 unx