Dismissed
by @LeSuisse Activity log
- Created automatic suggestion
-
@LeSuisse
removed
5 packages
- runzip
- ripunzip
- unzipNLS
- haskellPackages.unzip-traversable
- haskellPackages.wai-middleware-gunzip
- @LeSuisse dismissed
The NEEDBITS macro in the inflate_dynamic function in inflate.c for …
The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.
References
- 29415 third-party-advisory x_refsource_SECUNIA
- 20080321 rPSA-2008-0116-1 unzip mailing-list x_refsource_BUGTRAQ
- 29427 third-party-advisory x_refsource_SECUNIA
- ADV-2008-1744 vdb-entry x_refsource_VUPEN
- 29440 third-party-advisory x_refsource_SECUNIA
- DSA-1522 vendor-advisory x_refsource_DEBIAN
- 29432 third-party-advisory x_refsource_SECUNIA
- https://issues.rpath.com/browse/RPL-2317 x_refsource_CONFIRM
- http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
- http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_refsource_CONFIRM
- APPLE-SA-2010-03-29-1 vendor-advisory x_refsource_APPLE
- 29392 third-party-advisory x_refsource_SECUNIA
- 29681 third-party-advisory x_refsource_SECUNIA
- MDVSA-2008:068 vendor-advisory x_refsource_MANDRIVA
- SUSE-SR:2008:007 vendor-advisory x_refsource_SUSE
- ADV-2008-0913 vdb-entry x_refsource_VUPEN
- 30535 third-party-advisory x_refsource_SECUNIA
- http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_refsource_CONFIRM
- http://support.apple.com/kb/HT4077 x_refsource_CONFIRM
- 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_refsource_BUGTRAQ
- GLSA-200804-06 vendor-advisory x_refsource_GENTOO
- oval:org.mitre.oval:def:9733 vdb-entry signature x_refsource_OVAL
- 29406 third-party-advisory x_refsource_SECUNIA
- 29495 third-party-advisory x_refsource_SECUNIA
- 31204 third-party-advisory x_refsource_SECUNIA
- 1019634 vdb-entry x_refsource_SECTRACK
- RHSA-2008:0196 x_refsource_REDHAT vendor-advisory
- unzip-inflatedynamic-code-execution(41246) vdb-entry x_refsource_XF
- USN-589-1 vendor-advisory x_refsource_UBUNTU
- 28288 vdb-entry x_refsource_BID
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
- 29432 third-party-advisory x_refsource_SECUNIA x_transferred
- https://issues.rpath.com/browse/RPL-2317 x_refsource_CONFIRM x_transferred
- http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_refsource_CONFIRM x_transferred
- http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_refsource_CONFIRM x_transferred
- APPLE-SA-2010-03-29-1 vendor-advisory x_transferred x_refsource_APPLE
- 29392 third-party-advisory x_refsource_SECUNIA x_transferred
- 29681 third-party-advisory x_refsource_SECUNIA x_transferred
- MDVSA-2008:068 vendor-advisory x_transferred x_refsource_MANDRIVA
- SUSE-SR:2008:007 vendor-advisory x_refsource_SUSE x_transferred
- ADV-2008-0913 vdb-entry x_refsource_VUPEN x_transferred
- 30535 third-party-advisory x_refsource_SECUNIA x_transferred
- http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_refsource_CONFIRM x_transferred
- http://support.apple.com/kb/HT4077 x_refsource_CONFIRM x_transferred
- 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_refsource_BUGTRAQ x_transferred
- GLSA-200804-06 vendor-advisory x_refsource_GENTOO x_transferred
- oval:org.mitre.oval:def:9733 vdb-entry signature x_refsource_OVAL x_transferred
- 29406 third-party-advisory x_refsource_SECUNIA x_transferred
- 29495 third-party-advisory x_refsource_SECUNIA x_transferred
- 31204 third-party-advisory x_refsource_SECUNIA x_transferred
- 1019634 vdb-entry x_refsource_SECTRACK x_transferred
- RHSA-2008:0196 x_refsource_REDHAT vendor-advisory x_transferred
- unzip-inflatedynamic-code-execution(41246) vdb-entry x_refsource_XF x_transferred
- USN-589-1 vendor-advisory x_refsource_UBUNTU x_transferred
- 28288 vdb-entry x_refsource_BID x_transferred
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_refsource_CONFIRM x_transferred
- 29415 third-party-advisory x_refsource_SECUNIA x_transferred
- 20080321 rPSA-2008-0116-1 unzip mailing-list x_refsource_BUGTRAQ x_transferred
- 29427 third-party-advisory x_refsource_SECUNIA x_transferred
- ADV-2008-1744 vdb-entry x_refsource_VUPEN x_transferred
- 29440 third-party-advisory x_refsource_SECUNIA x_transferred
- DSA-1522 vendor-advisory x_refsource_DEBIAN x_transferred
- 29415 third-party-advisory x_refsource_SECUNIA
- 20080321 rPSA-2008-0116-1 unzip mailing-list x_refsource_BUGTRAQ
- 29427 third-party-advisory x_refsource_SECUNIA
- ADV-2008-1744 vdb-entry x_refsource_VUPEN
- 29440 third-party-advisory x_refsource_SECUNIA
- DSA-1522 vendor-advisory x_refsource_DEBIAN
- 29432 third-party-advisory x_refsource_SECUNIA
- https://issues.rpath.com/browse/RPL-2317 x_refsource_CONFIRM
- http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
- http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_refsource_CONFIRM
- APPLE-SA-2010-03-29-1 vendor-advisory x_refsource_APPLE
- 29392 third-party-advisory x_refsource_SECUNIA
- 29681 third-party-advisory x_refsource_SECUNIA
- MDVSA-2008:068 vendor-advisory x_refsource_MANDRIVA
- SUSE-SR:2008:007 vendor-advisory x_refsource_SUSE
- ADV-2008-0913 vdb-entry x_refsource_VUPEN
- 30535 third-party-advisory x_refsource_SECUNIA
- http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_refsource_CONFIRM
- http://support.apple.com/kb/HT4077 x_refsource_CONFIRM
- 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_refsource_BUGTRAQ
- GLSA-200804-06 vendor-advisory x_refsource_GENTOO
- oval:org.mitre.oval:def:9733 vdb-entry signature x_refsource_OVAL
- 29406 third-party-advisory x_refsource_SECUNIA
- 29495 third-party-advisory x_refsource_SECUNIA
- 31204 third-party-advisory x_refsource_SECUNIA
- 1019634 vdb-entry x_refsource_SECTRACK
- RHSA-2008:0196 x_refsource_REDHAT vendor-advisory
- unzip-inflatedynamic-code-execution(41246) vdb-entry x_refsource_XF
- USN-589-1 vendor-advisory x_refsource_UBUNTU
- 28288 vdb-entry x_refsource_BID
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
- 29415 third-party-advisory x_refsource_SECUNIA x_transferred
- 20080321 rPSA-2008-0116-1 unzip mailing-list x_refsource_BUGTRAQ x_transferred
- 29427 third-party-advisory x_refsource_SECUNIA x_transferred
- ADV-2008-1744 vdb-entry x_refsource_VUPEN x_transferred
- 29440 third-party-advisory x_refsource_SECUNIA x_transferred
- DSA-1522 vendor-advisory x_refsource_DEBIAN x_transferred
- 29432 third-party-advisory x_refsource_SECUNIA x_transferred
- https://issues.rpath.com/browse/RPL-2317 x_refsource_CONFIRM x_transferred
- http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_refsource_CONFIRM x_transferred
- http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_refsource_CONFIRM x_transferred
- APPLE-SA-2010-03-29-1 vendor-advisory x_transferred x_refsource_APPLE
- 29392 third-party-advisory x_refsource_SECUNIA x_transferred
- 29681 third-party-advisory x_refsource_SECUNIA x_transferred
- MDVSA-2008:068 vendor-advisory x_transferred x_refsource_MANDRIVA
- SUSE-SR:2008:007 vendor-advisory x_refsource_SUSE x_transferred
- ADV-2008-0913 vdb-entry x_refsource_VUPEN x_transferred
- 30535 third-party-advisory x_refsource_SECUNIA x_transferred
- http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_refsource_CONFIRM x_transferred
- http://support.apple.com/kb/HT4077 x_refsource_CONFIRM x_transferred
- 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_refsource_BUGTRAQ x_transferred
- GLSA-200804-06 vendor-advisory x_refsource_GENTOO x_transferred
- oval:org.mitre.oval:def:9733 vdb-entry signature x_refsource_OVAL x_transferred
- 29406 third-party-advisory x_refsource_SECUNIA x_transferred
- 29495 third-party-advisory x_refsource_SECUNIA x_transferred
- 31204 third-party-advisory x_refsource_SECUNIA x_transferred
- 1019634 vdb-entry x_refsource_SECTRACK x_transferred
- RHSA-2008:0196 x_refsource_REDHAT vendor-advisory x_transferred
- unzip-inflatedynamic-code-execution(41246) vdb-entry x_refsource_XF x_transferred
- USN-589-1 vendor-advisory x_refsource_UBUNTU x_transferred
- 28288 vdb-entry x_refsource_BID x_transferred
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_refsource_CONFIRM x_transferred
- unzip-inflatedynamic-code-execution(41246) vdb-entry x_refsource_XF
- USN-589-1 vendor-advisory x_refsource_UBUNTU
- 28288 vdb-entry x_refsource_BID
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
- 29415 third-party-advisory x_refsource_SECUNIA
- 20080321 rPSA-2008-0116-1 unzip mailing-list x_refsource_BUGTRAQ
- 29427 third-party-advisory x_refsource_SECUNIA
- ADV-2008-1744 vdb-entry x_refsource_VUPEN
- 29440 third-party-advisory x_refsource_SECUNIA
- DSA-1522 vendor-advisory x_refsource_DEBIAN
- 29432 third-party-advisory x_refsource_SECUNIA
- https://issues.rpath.com/browse/RPL-2317 x_refsource_CONFIRM
- http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
- http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_refsource_CONFIRM
- APPLE-SA-2010-03-29-1 vendor-advisory x_refsource_APPLE
- 29392 third-party-advisory x_refsource_SECUNIA
- 29681 third-party-advisory x_refsource_SECUNIA
- MDVSA-2008:068 vendor-advisory x_refsource_MANDRIVA
- SUSE-SR:2008:007 vendor-advisory x_refsource_SUSE
- ADV-2008-0913 vdb-entry x_refsource_VUPEN
- 30535 third-party-advisory x_refsource_SECUNIA
- http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_refsource_CONFIRM
- http://support.apple.com/kb/HT4077 x_refsource_CONFIRM
- 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_refsource_BUGTRAQ
- GLSA-200804-06 vendor-advisory x_refsource_GENTOO
- oval:org.mitre.oval:def:9733 vdb-entry signature x_refsource_OVAL
- 29406 third-party-advisory x_refsource_SECUNIA
- 29495 third-party-advisory x_refsource_SECUNIA
- 31204 third-party-advisory x_refsource_SECUNIA
- 1019634 vdb-entry x_refsource_SECTRACK
- RHSA-2008:0196 x_refsource_REDHAT vendor-advisory
- 29415 third-party-advisory x_refsource_SECUNIA x_transferred
- 20080321 rPSA-2008-0116-1 unzip mailing-list x_refsource_BUGTRAQ x_transferred
- 29427 third-party-advisory x_refsource_SECUNIA x_transferred
- ADV-2008-1744 vdb-entry x_refsource_VUPEN x_transferred
- 29440 third-party-advisory x_refsource_SECUNIA x_transferred
- DSA-1522 vendor-advisory x_refsource_DEBIAN x_transferred
- 29432 third-party-advisory x_refsource_SECUNIA x_transferred
- https://issues.rpath.com/browse/RPL-2317 x_refsource_CONFIRM x_transferred
- http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_refsource_CONFIRM x_transferred
- http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_refsource_CONFIRM x_transferred
- APPLE-SA-2010-03-29-1 vendor-advisory x_transferred x_refsource_APPLE
- 29392 third-party-advisory x_refsource_SECUNIA x_transferred
- 29681 third-party-advisory x_refsource_SECUNIA x_transferred
- MDVSA-2008:068 vendor-advisory x_transferred x_refsource_MANDRIVA
- SUSE-SR:2008:007 vendor-advisory x_refsource_SUSE x_transferred
- ADV-2008-0913 vdb-entry x_refsource_VUPEN x_transferred
- 30535 third-party-advisory x_refsource_SECUNIA x_transferred
- http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_refsource_CONFIRM x_transferred
- http://support.apple.com/kb/HT4077 x_refsource_CONFIRM x_transferred
- 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_refsource_BUGTRAQ x_transferred
- GLSA-200804-06 vendor-advisory x_refsource_GENTOO x_transferred
- oval:org.mitre.oval:def:9733 vdb-entry signature x_refsource_OVAL x_transferred
- 29406 third-party-advisory x_refsource_SECUNIA x_transferred
- 29495 third-party-advisory x_refsource_SECUNIA x_transferred
- 31204 third-party-advisory x_refsource_SECUNIA x_transferred
- 1019634 vdb-entry x_refsource_SECTRACK x_transferred
- RHSA-2008:0196 x_refsource_REDHAT vendor-advisory x_transferred
- unzip-inflatedynamic-code-execution(41246) vdb-entry x_refsource_XF x_transferred
- USN-589-1 vendor-advisory x_refsource_UBUNTU x_transferred
- 28288 vdb-entry x_refsource_BID x_transferred
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_refsource_CONFIRM x_transferred
- 29415 third-party-advisory x_refsource_SECUNIA
- 20080321 rPSA-2008-0116-1 unzip mailing-list x_refsource_BUGTRAQ
- 29427 third-party-advisory x_refsource_SECUNIA
- ADV-2008-1744 vdb-entry x_refsource_VUPEN
- 29440 third-party-advisory x_refsource_SECUNIA
- DSA-1522 vendor-advisory x_refsource_DEBIAN
- 29432 third-party-advisory x_refsource_SECUNIA
- https://issues.rpath.com/browse/RPL-2317 x_refsource_CONFIRM
- http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
- http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_refsource_CONFIRM
- APPLE-SA-2010-03-29-1 vendor-advisory x_refsource_APPLE
- 29392 third-party-advisory x_refsource_SECUNIA
- 29681 third-party-advisory x_refsource_SECUNIA
- MDVSA-2008:068 vendor-advisory x_refsource_MANDRIVA
- SUSE-SR:2008:007 vendor-advisory x_refsource_SUSE
- ADV-2008-0913 vdb-entry x_refsource_VUPEN
- 30535 third-party-advisory x_refsource_SECUNIA
- http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_refsource_CONFIRM
- http://support.apple.com/kb/HT4077 x_refsource_CONFIRM
- 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_refsource_BUGTRAQ
- GLSA-200804-06 vendor-advisory x_refsource_GENTOO
- oval:org.mitre.oval:def:9733 vdb-entry signature x_refsource_OVAL
- 29406 third-party-advisory x_refsource_SECUNIA
- 29495 third-party-advisory x_refsource_SECUNIA
- 31204 third-party-advisory x_refsource_SECUNIA
- 1019634 vdb-entry x_refsource_SECTRACK
- RHSA-2008:0196 x_refsource_REDHAT vendor-advisory
- unzip-inflatedynamic-code-execution(41246) vdb-entry x_refsource_XF
- USN-589-1 vendor-advisory x_refsource_UBUNTU
- 28288 vdb-entry x_refsource_BID
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_refsource_CONFIRM
- DSA-1522 vendor-advisory x_refsource_DEBIAN x_transferred
- 29432 third-party-advisory x_refsource_SECUNIA x_transferred
- https://issues.rpath.com/browse/RPL-2317 x_refsource_CONFIRM x_transferred
- http://wiki.rpath.com/Advisories:rPSA-2008-0116 x_refsource_CONFIRM x_transferred
- http://www.vmware.com/security/advisories/VMSA-2008-0009.html x_refsource_CONFIRM x_transferred
- APPLE-SA-2010-03-29-1 vendor-advisory x_transferred x_refsource_APPLE
- 29392 third-party-advisory x_refsource_SECUNIA x_transferred
- 29681 third-party-advisory x_refsource_SECUNIA x_transferred
- MDVSA-2008:068 vendor-advisory x_transferred x_refsource_MANDRIVA
- SUSE-SR:2008:007 vendor-advisory x_refsource_SUSE x_transferred
- ADV-2008-0913 vdb-entry x_refsource_VUPEN x_transferred
- 30535 third-party-advisory x_refsource_SECUNIA x_transferred
- http://www.ipcop.org/index.php?name=News&file=article&sid=40 x_refsource_CONFIRM x_transferred
- http://support.apple.com/kb/HT4077 x_refsource_CONFIRM x_transferred
- 20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues mailing-list x_refsource_BUGTRAQ x_transferred
- GLSA-200804-06 vendor-advisory x_refsource_GENTOO x_transferred
- oval:org.mitre.oval:def:9733 vdb-entry signature x_refsource_OVAL x_transferred
- 29406 third-party-advisory x_refsource_SECUNIA x_transferred
- 29495 third-party-advisory x_refsource_SECUNIA x_transferred
- 31204 third-party-advisory x_refsource_SECUNIA x_transferred
- 1019634 vdb-entry x_refsource_SECTRACK x_transferred
- RHSA-2008:0196 x_refsource_REDHAT vendor-advisory x_transferred
- unzip-inflatedynamic-code-execution(41246) vdb-entry x_refsource_XF x_transferred
- USN-589-1 vendor-advisory x_refsource_UBUNTU x_transferred
- 28288 vdb-entry x_refsource_BID x_transferred
- http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0116 x_refsource_CONFIRM x_transferred
- 29415 third-party-advisory x_refsource_SECUNIA x_transferred
- 20080321 rPSA-2008-0116-1 unzip mailing-list x_refsource_BUGTRAQ x_transferred
- 29427 third-party-advisory x_refsource_SECUNIA x_transferred
- ADV-2008-1744 vdb-entry x_refsource_VUPEN x_transferred
- 29440 third-party-advisory x_refsource_SECUNIA x_transferred
Affected products
n/a
- ==n/a
unzip
- <6.0
Matching in nixpkgs
Ignored packages (5)
pkgs.runzip
Tool to convert filename encoding inside a ZIP archive
-
nixos-unstable -
- nixpkgs-unstable 1.4
pkgs.unzipNLS
Extraction utility for archives compressed in .zip format
-
nixos-unstable -
- nixpkgs-unstable 6.0
pkgs.haskellPackages.unzip-traversable
Unzip functions for general Traversable containers
-
nixos-unstable -
- nixpkgs-unstable 0.1.1
pkgs.haskellPackages.wai-middleware-gunzip
WAI middleware to unzip request bodies
-
nixos-unstable -
- nixpkgs-unstable 0.0.2
Package maintainers
-
@RossComputerGuy Tristan Ross <tristan.ross@midstall.com>