Description
This update for zziplib fixes the following issues:
Secuirty issues fixed:
- CVE-2017-5974: heap-based buffer overflow in __zzip_get32 (fetch.c)
(bsc#1024517)
- CVE-2017-5975: heap-based buffer overflow in __zzip_get64 (fetch.c)
(bsc#1024528)
- CVE-2017-5976: heap-based buffer overflow in zzip_mem_entry_extra_block
(memdisk.c) (bsc#1024531)
- CVE-2017-5977: invalid memory read in zzip_mem_entry_extra_block
(memdisk.c) (bsc#1024534)
- CVE-2017-5978: out of bounds read in zzip_mem_entry_new (memdisk.c)
(bsc#1024533)
- CVE-2017-5979: NULL pointer dereference in prescan_entry (fseeko.c)
(bsc#1024535)
- CVE-2017-5980: NULL pointer dereference in zzip_mem_entry_new
(memdisk.c) (bsc#1024536)
- CVE-2017-5981: assertion failure in seeko.c (bsc#1024539) - NULL pointer dereference in main (unzzipcat-mem.c) (bsc#1024532) - NULL pointer dereference in main (unzzipcat.c) (bsc#1024537)