Vulnerability Database
Blog
FAQ
Docs
SUSE-SU-2017:0639-1
See a problem?
Please try reporting it
to the source
first.
Source
https://www.suse.com/support/update/announcement/2017/suse-su-20170639-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0639-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2017:0639-1
Related
CVE-2014-9913
CVE-2015-7696
CVE-2015-7697
CVE-2016-9844
Published
2017-03-06T10:25:18Z
Modified
2017-03-06T10:25:18Z
Summary
Security update for unzip
Details
This update for unzip fixes the following issues:
CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption (bsc#1013993)
CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to denial of service (bsc#950110)
CVE-2015-7697: Specially crafted zip files could trigger an endless loop and lead to denial of service (bsc#950111)
CVE-2016-9844: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption (bsc#1013992)
References
https://www.suse.com/support/update/announcement/2017/suse-su-20170639-1/
https://bugzilla.suse.com/1013992
https://bugzilla.suse.com/1013993
https://bugzilla.suse.com/950110
https://bugzilla.suse.com/950111
https://www.suse.com/security/cve/CVE-2014-9913
https://www.suse.com/security/cve/CVE-2015-7696
https://www.suse.com/security/cve/CVE-2015-7697
https://www.suse.com/security/cve/CVE-2016-9844
Affected packages
SUSE:Linux Enterprise Server 11 SP4
/
unzip
Package
Name
unzip
Purl
pkg:rpm/suse/unzip&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
6.00-11.17.1
Ecosystem specific
{ "binaries": [ { "unzip": "6.00-11.17.1" } ] }
SUSE:Linux Enterprise Server for SAP Applications 11 SP4
/
unzip
Package
Name
unzip
Purl
pkg:rpm/suse/unzip&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
6.00-11.17.1
Ecosystem specific
{ "binaries": [ { "unzip": "6.00-11.17.1" } ] }
SUSE-SU-2017:0639-1 - OSV