CESA-2019:2196 -- centos 7 zziplibID: oval:org.secpod.oval:def:205353 | Date: (C)2019-09-17 (M)2023-12-20 |
Class: PATCH | Family: unix |
The zziplib is a lightweight library to easily extract data from zip files. Security Fix: * zziplib: Bus error caused by loading of a misaligned address inzzip/zip.c * zziplib: Memory leak triggered in the function __zzip_parse_root_directory in zip.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.