Mageia 2024-0019: zlib security update
Updated zlib packages fix a security vulnerability: Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 migh...
Summary
Updated zlib packages fix a security vulnerability:
Directory traversal vulnerability in the do_extract_currentfile
function in miniunz.c in miniunzip in minizip before 1.1-5 might
allow remote attackers to write to arbitrary files via a crafted
entry in a ZIP archive.
References
- https://bugs.mageia.org/show_bug.cgi?id=32785
- https://www.openwall.com/lists/oss-security/2024/01/24/10
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9485
Resolution
MGASA-2024-0019 - Updated zlib packages fix a security vulnerability
SRPMS
- 9/core/zlib-1.2.13-1.2.mga9
Severity
Publication date: 30 Jan 2024
URL: https://advisories.mageia.org/MGASA-2024-0019.html
Type: security
CVE: CVE-2014-9485
