godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-06 18:09:44 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
621867d6904d9810591c36c1ffaa0082ffe2fda4
buildroot/package/zziplib
History
Fabrice Fontaine 401d18b2e9 package/zziplib: fix CVE-2018-17828 
Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to
overwrite arbitrary files via a .. (dot dot) in a zip file, because of
the function unzzip_cat in the bins/unzzipcat-mem.c file.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-03-03 22:42:04 +01:00
..
0001-Avoid-memory-leak-from-__zzip_parse_root_directory.patch
0002-Avoid-memory-leak-from-__zzip_parse_root_directory-2.patch
0003-One-more-free-to-avoid-memory-leak.patch
0004-Fix-issue-62-Remove-any-components-from-pathnames-of-extracte.patch
Config.in
zziplib.hash
zziplib.mk