[Git][security-tracker-team/security-tracker][master] Add CVE-2019-13453/zipios++

Sat Jul 20 16:53:03 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fc8658e9 by Salvatore Bonaccorso at 2019-07-20T15:52:30Z
Add CVE-2019-13453/zipios++

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2558,7 +2558,9 @@ CVE-2019-13454 (ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplic
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1629
 	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4
 CVE-2019-13453 (Zipios before 0.1.7 does not properly handle certain malformed zip arc ...)
-	TODO: check
+	- zipios++ <unfixed>
+	NOTE: https://sourceforge.net/p/zipios/news/2019/07/version-017-cve-/
+	NOTE: Patch: https://sourceforge.net/p/zipios/code-git/ci/96e26640573410709bb863b8916a8216f4c6a546/tree/infinite_loop.patch
 CVE-2019-13452
 	RESERVED
 CVE-2019-13451



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fc8658e9c2c06786a6f3ccf87c6c5431eca9dae9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fc8658e9c2c06786a6f3ccf87c6c5431eca9dae9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190720/6e72f566/attachment.html>
