Debian 9844 Published by

Updated zziplib packages has been released for Debian GNU/Linux 7 LTS



Package : zziplib
Version : 0.13.56-1.1+deb7u2
CVE ID : CVE-2018-6869

It was discovered that there was a uncontrolled memory allocation issue
in zziplib, a ZIP archive library. Remote attackers could leverage this
vulnerability to cause a denial of service via a specially-crafted file.

For Debian 7 "Wheezy", this issue has been fixed in zziplib version
0.13.56-1.1+deb7u2.

We recommend that you upgrade your zziplib packages.