Bug 24564 - unzip new security issue CVE-2018-18384
Summary: unzip new security issue CVE-2018-18384
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Shlomi Fish
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-03-25 22:26 CET by David Walser
Modified: 2019-03-26 16:03 CET (History)
1 user (show)

See Also:
Source RPM: unzip-6.1c-2.mga7.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2019-03-25 22:26:12 CET 
SUSE has issued an advisory on March 21:
http://lists.suse.com/pipermail/sle-security-updates/2019-March/005218.html

Mageia 6 is also affected.
David Walser 2019-03-25 22:26:18 CET

Whiteboard: (none) => MGA6TOO

Comment 1 Marja Van Waes 2019-03-26 08:43:14 CET 
Assigning to our registered  unzip maintainer.

Assignee: bugsquad => shlomif
CC: (none) => marja11

Comment 2 Shlomi Fish 2019-03-26 16:00:17 CET 
Patch already applied from upstream on cauldron.

Whiteboard: MGA6TOO => (none)
Version: Cauldron => 6

Comment 3 Shlomi Fish 2019-03-26 16:03:15 CET 
also in mga6.

Resolution: (none) => FIXED
Status: NEW => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.