SUSE-SU-2017:0639-1
- Source
- https://www.suse.com/support/update/announcement/2017/suse-su-20170639-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0639-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2017:0639-1
- Upstream
- Related
- Published
- 2017-03-06T10:25:18Z
- Modified
- 2025-05-08T17:00:57.138288Z
- Summary
- Security update for unzip
- Details
-
This update for unzip fixes the following issues:
- CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption (bsc#1013993)
- CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to denial of service (bsc#950110)
- CVE-2015-7697: Specially crafted zip files could trigger an endless loop and lead to denial of service (bsc#950111)
- CVE-2016-9844: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption (bsc#1013992)
- References
-
- https://www.suse.com/support/update/announcement/2017/suse-su-20170639-1/
- https://bugzilla.suse.com/1013992
- https://bugzilla.suse.com/1013993
- https://bugzilla.suse.com/950110
- https://bugzilla.suse.com/950111
- https://www.suse.com/security/cve/CVE-2014-9913
- https://www.suse.com/security/cve/CVE-2015-7696
- https://www.suse.com/security/cve/CVE-2015-7697
- https://www.suse.com/security/cve/CVE-2016-9844
Affected packages
SUSE:Linux Enterprise Server 11 SP4 / unzip
Package
- Name
- unzip
- Purl
- pkg:rpm/suse/unzip&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4