Download
| Alert*
|
oval:org.secpod.oval:def:606216
cleemy desu wayo reported that incorrect handling of filenames by zgrep in gzip, the GNU compression utilities, can result in overwrite of arbitrary files or execution of arbitrary code if a file with a specially crafted filename is processed. oval:org.secpod.oval:def:85945 cleemy desu wayo reported that incorrect handling of filenames by xzgrep in xz-utils, the XZ-format compression utilities, can result in overwrite of arbitrary files or execution of arbitrary code if a file with a specially crafted filename is processed. oval:org.secpod.oval:def:606214 cleemy desu wayo reported that incorrect handling of filenames by xzgrep in xz-utils, the XZ-format compression utilities, can result in overwrite of arbitrary files or execution of arbitrary code if a file with a specially crafted filename is processed. oval:org.secpod.oval:def:506940 The gzip packages contain the gzip data compression utility. gzip is used to compress regular files. It replaces them with files containing the .gz extension, while retaining ownership modes, access, and modification times. Security Fix: * gzip: arbitrary-file-write vulnerability For more details ... oval:org.secpod.oval:def:506829 The gzip packages contain the gzip data compression utility. gzip is used to compress regular files. It replaces them with files containing the .gz extension, while retaining ownership modes, access, and modification times. Security Fix: * gzip: arbitrary-file-write vulnerability For more details ... oval:org.secpod.oval:def:86386 cleemy desu wayo reported that incorrect handling of filenames by zgrep in gzip, the GNU compression utilities, can result in overwrite of arbitrary files or execution of arbitrary code if a file with a specially crafted filename is processed. oval:org.secpod.oval:def:506998 XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm , which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fix: * gzip: arbitrary-file-wr ... oval:org.secpod.oval:def:506996 XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm , which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fix: * gzip: arbitrary-file-wr ... oval:org.secpod.oval:def:506971 The gzip packages contain the gzip data compression utility. gzip is used to compress regular files. It replaces them with files containing the .gz extension, while retaining ownership modes, access, and modification times. Security Fix: * gzip: arbitrary-file-write vulnerability For more details ... oval:org.secpod.oval:def:506992 XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm , which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fix: * gzip: arbitrary-file-wr ... oval:org.secpod.oval:def:2501021 XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm , which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. oval:org.secpod.oval:def:19500052 An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name , this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two ... oval:org.secpod.oval:def:19500102 An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name , this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two ... oval:org.secpod.oval:def:1601536 An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name , this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two ... oval:org.secpod.oval:def:121900 The gzip package contains the popular GNU gzip data compression program. Gzipped files have a .gz extension. Gzip should be installed on your system, because it is a very commonly used data compression program. oval:org.secpod.oval:def:121906 XZ Utils are an attempt to make LZMA compression easy to use on free operating systems. This is achieved by providing tools and libraries which are similar to use than the equivalents of the most popular existing compression algorithms. LZMA is a general purpose compression algorithm designed by Ig ... oval:org.secpod.oval:def:1505868 [1.10-9] - fix an arbitrary-file-write vulnerability in zgrep Resolves: CVE-2022-1271 oval:org.secpod.oval:def:1601546 An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name , this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two ... oval:org.secpod.oval:def:1505963 [5.2.5-8] - Fix arbitrary file write vulnerability Resolves: CVE-2022-1271 oval:org.secpod.oval:def:706421 gzip: GNU compression utilities Gzip could be made to overwrite arbitrary files. oval:org.secpod.oval:def:2600170 XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm , which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. oval:org.secpod.oval:def:1505771 [5.2.4-4] - Fix arbitrary file write vulnerability Resolves: CVE-2022-1271 oval:org.secpod.oval:def:2500692 The gzip packages contain the gzip data compression utility. gzip is used to compress regular files. It replaces them with files containing the .gz extension, while retaining ownership modes, access, and modification times. oval:org.secpod.oval:def:4500903 The gzip packages contain the gzip data compression utility. gzip is used to compress regular files. It replaces them with files containing the .gz extension, while retaining ownership modes, access, and modification times. Security Fix: * gzip: arbitrary-file-write vulnerability For more details ... oval:org.secpod.oval:def:2107805 Oracle Solaris 11 - ( CVE-2022-1271 ) oval:org.secpod.oval:def:89046236 This update for gzip fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames . The following non-security bugs were fixed: - Fixed an issue when "gzexe" counts the lines to skip wrong. - Fixed a potential segfault when zlib acceleration is enabled oval:org.secpod.oval:def:1505776 [5.2.2-2] - Fix CVE-2022-1271 Resolves: CVE-2022-1271 oval:org.secpod.oval:def:1700893 An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name , this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two ... oval:org.secpod.oval:def:1505615 [1.5-11] - fix an arbitrary-file-write vulnerability in zgrep Resolves: CVE-2022-1271 oval:org.secpod.oval:def:3300439 SUSE Security Update: Security update for xz oval:org.secpod.oval:def:706411 xz-utils: XZ-format compression utilities XZ Utils could be made to overwrite arbitrary files. oval:org.secpod.oval:def:3300677 SUSE Security Update: Security update for gzip oval:org.secpod.oval:def:5800059 The gzip packages contain the gzip data compression utility. gzip is used to compress regular files. It replaces them with files containing the .gz extension, while retaining ownership modes, access, and modification times. Security Fix: * gzip: arbitrary-file-write vulnerability For more details ... oval:org.secpod.oval:def:1505785 [5.2.2-2] - Fix CVE-2022-1271 Resolves: CVE-2022-1271 oval:org.secpod.oval:def:1505587 [1.9-13] - fix an arbitrary-file-write vulnerability in zgrep Resolves: CVE-2022-1271 oval:org.secpod.oval:def:205971 Security Fix: gzip: arbitrary-file-write vulnerability For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:89046301 This update for gzip fixes the following issues: - CVE-2022-1271: Add hardening for zgrep oval:org.secpod.oval:def:89046302 This update for gzip fixes the following issues: - CVE-2022-1271: Add hardening for zgrep oval:org.secpod.oval:def:89047630 This update for gzip fixes the following issues: - CVE-2022-1271: Fix escaping of malicious filenames oval:org.secpod.oval:def:89046222 This update for xz fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames oval:org.secpod.oval:def:89046221 This update for xz fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames oval:org.secpod.oval:def:5800121 XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm , which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fix: * gzip: arbitrary-file-wr ... oval:org.secpod.oval:def:122092 The gzip package contains the popular GNU gzip data compression program. Gzipped files have a .gz extension. Gzip should be installed on your system, because it is a very commonly used data compression program. oval:org.secpod.oval:def:4500893 XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm , which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short. Security Fix: * gzip: arbitrary-file-wr ... oval:org.secpod.oval:def:89047618 This update for xz fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames oval:org.secpod.oval:def:89046219 This update for xz fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames oval:org.secpod.oval:def:122098 XZ Utils are an attempt to make LZMA compression easy to use on free operating systems. This is achieved by providing tools and libraries which are similar to use than the equivalents of the most popular existing compression algorithms. LZMA is a general purpose compression algorithm designed by Ig ... oval:org.secpod.oval:def:89046296 This update for gzip fixes the following issues: - CVE-2022-1271: Add hardening for zgrep oval:org.secpod.oval:def:89046293 This update for gzip fixes the following issues: - CVE-2022-1271: Fix escaping of malicious filenames oval:org.secpod.oval:def:1505760 [5.2.4-4] - Fix arbitrary file write vulnerability Resolves: CVE-2022-1271 oval:org.secpod.oval:def:80425 xz-utils: XZ-format compression utilities XZ Utils could be made to overwrite arbitrary files. oval:org.secpod.oval:def:80424 gzip: GNU compression utilities Gzip could be made to overwrite arbitrary files. oval:org.secpod.oval:def:89046247 This update for gzip fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames oval:org.secpod.oval:def:89046244 This update for gzip fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames oval:org.secpod.oval:def:205957 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:97638 [CLSA-2022:1653005178] Fixed CVE-2022-1271 in gzip |
