stable

sharpziplib-1.1.0-0.fc30

FEDORA-2019-d43282031d created by tpokorra 5 years ago for Fedora 30

upgrade to version 1.1.0 which fixes the vulnerability of directory traversal

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2019-d43282031d

This update has been submitted for testing by tpokorra.

5 years ago

This update has been pushed to testing.

5 years ago
User Icon bynt commented & provided feedback 5 years ago

fyi, this is CVE-2018-1002208 and NVD was confused regarding the order of lib and zip in the name

check

https://nvd.nist.gov/vuln/detail/CVE-2018-1002208

and

https://github.com/icsharpcode/SharpZipLib/issues/232

compare to Red Hat Bug

https://bugzilla.redhat.com/show_bug.cgi?id=1584412

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

5 years ago

This update has been submitted for batched by tpokorra.

5 years ago

This update has been submitted for stable by bodhi.

5 years ago

This update has been pushed to stable.

5 years ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
5 years ago
in testing
5 years ago
in stable
5 years ago
BZ#1585949 sharpziplib: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file [fedora-28]
0
0

Automated Test Results