Re: Wheezy update of unzip?
Hi. I've just uploaded unzip 6.0-21 for unstable, which fixes both
CVE-2014-9913 and CVE-2016-9844.
You will need this from debian/patches:
18-cve-2014-9913-unzip-buffer-overflow.patch
19-cve-2016-9844-zipinfo-buffer-overflow.patch
but for wheezy I would drop again the .patch ending I've just added to
all patches to be consistent with the other debian/patches/* in wheezy
(but this is only my personal sense of aesthetics, since this is a
do-o-crazy, whoever makes the LTS version decides about this :-)
Thanks.
Reply to: