Debian 10260 Published by

A zziplib security update has been released for Debian GNU/Linux 8 Extended LTS to address a denial of service issue.



ELA-532-1 zziplib security update

Package zziplib
Version 0.13.62-3+deb8u3
Related CVEs CVE-2020-18442

An issue has been found in zziplib, a library providing read access on ZIP-archive. Because of mishandling a return value, an attacker might cause a denial of service due to an infinite loop.

For Debian 8 jessie, these problems have been fixed in version 0.13.62-3+deb8u3.

We recommend that you upgrade your zziplib packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-532-1 zziplib security update