SUSE-SU-2024:0970-1 -- SLES zziplib, libzzip-0-13ID: oval:org.secpod.oval:def:89051677 | Date: (C)2024-04-26 (M)2024-04-26 |
Class: PATCH | Family: unix |
This update for zziplib fixes the following issues: Security issue fixed: * CVE-2020-18442: Fixed infinite loop in zzip_file_read as used in unzzip_cat_file . * CVE-2020-18770: Fixed denial-of-service in function zzip_disk_entry_to_file_header in mmapped.c . Non-security issue fixed: * Implement an error message with a condition by checking the return value of a function call
Platform: |
SUSE Linux Enterprise Desktop 15 SP5 |
SUSE Linux Enterprise Server 15 SP5 |
Product: |
zziplib |
libzzip-0-13 |