Mageia 2024-0289: zziplib Security Advisory Updates
A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer() function at /zzip/zip.c
Summary
A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows
attackers to cause a denial of service via the
__zzip_fetch_disk_trailer() function at /zzip/zip.c. (CVE-2024-39134)
References
- https://bugs.mageia.org/show_bug.cgi?id=33527
- https://lists.suse.com/pipermail/sle-security-updates/2024-August/019205.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39134
Resolution
MGASA-2024-0289 - Updated zziplib packages fix security vulnerability
SRPMS
- 9/core/zziplib-0.13.72-2.2.mga9
Severity
Publication date: 10 Sep 2024
URL: https://advisories.mageia.org/MGASA-2024-0289.html
Type: security
CVE: CVE-2024-39134
