Slackware Local Security Checks : Slackware: Security Advisory (SSA:2019-060-01)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.13.2019.060.01

Categoría: Slackware Local Security Checks

Título: Slackware: Security Advisory (SSA:2019-060-01)

Resumen: The remote host is missing an update for the 'infozip' package(s) announced via the SSA:2019-060-01 advisory.

Descripción: Summary:
The remote host is missing an update for the 'infozip' package(s) announced via the SSA:2019-060-01 advisory.

Vulnerability Insight:
New infozip packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/infozip-6.0-i586-4_slack14.2.txz: Rebuilt.
Added some patches that should fix extracting archives with non-latin
characters in the filenames. Thanks to saahriktu.
This update also fixes various security issues in zip and unzip.
For more information, see:
[links moved to references]
(* Security fix *)
+--------------------------+

Affected Software/OS:
'infozip' package(s) on Slackware 14.0, Slackware 14.1, Slackware 14.2, Slackware current.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-8139
http://www.ocert.org/advisories/ocert-2014-011.html
http://www.securitytracker.com/id/1031433
https://access.redhat.com/errata/RHSA-2015:0700
https://bugzilla.redhat.com/show_bug.cgi?id=1174844
Common Vulnerability Exposure (CVE) ID: CVE-2014-8140
https://bugzilla.redhat.com/show_bug.cgi?id=1174851
Common Vulnerability Exposure (CVE) ID: CVE-2014-8141
https://bugzilla.redhat.com/show_bug.cgi?id=1174856
Common Vulnerability Exposure (CVE) ID: CVE-2016-9844
BugTraq ID: 94728
http://www.securityfocus.com/bid/94728
http://www.openwall.com/lists/oss-security/2016/12/05/13
http://www.openwall.com/lists/oss-security/2016/12/05/19
http://www.openwall.com/lists/oss-security/2016/12/05/20
Common Vulnerability Exposure (CVE) ID: CVE-2018-1000035
https://security.gentoo.org/glsa/202003-58
https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html
Common Vulnerability Exposure (CVE) ID: CVE-2018-18384
https://bugzilla.suse.com/show_bug.cgi?id=1110194
https://sourceforge.net/p/infozip/bugs/53/
RedHat Security Advisories: RHSA-2019:2159
https://access.redhat.com/errata/RHSA-2019:2159
SuSE Security Announcement: openSUSE-SU-2019:1117 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00009.html

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.13.2019.060.01
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2019-060-01)
Resumen:	The remote host is missing an update for the 'infozip' package(s) announced via the SSA:2019-060-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'infozip' package(s) announced via the SSA:2019-060-01 advisory. Vulnerability Insight: New infozip packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/infozip-6.0-i586-4_slack14.2.txz: Rebuilt. Added some patches that should fix extracting archives with non-latin characters in the filenames. Thanks to saahriktu. This update also fixes various security issues in zip and unzip. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'infozip' package(s) on Slackware 14.0, Slackware 14.1, Slackware 14.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8139 http://www.ocert.org/advisories/ocert-2014-011.html http://www.securitytracker.com/id/1031433 https://access.redhat.com/errata/RHSA-2015:0700 https://bugzilla.redhat.com/show_bug.cgi?id=1174844 Common Vulnerability Exposure (CVE) ID: CVE-2014-8140 https://bugzilla.redhat.com/show_bug.cgi?id=1174851 Common Vulnerability Exposure (CVE) ID: CVE-2014-8141 https://bugzilla.redhat.com/show_bug.cgi?id=1174856 Common Vulnerability Exposure (CVE) ID: CVE-2016-9844 BugTraq ID: 94728 http://www.securityfocus.com/bid/94728 http://www.openwall.com/lists/oss-security/2016/12/05/13 http://www.openwall.com/lists/oss-security/2016/12/05/19 http://www.openwall.com/lists/oss-security/2016/12/05/20 Common Vulnerability Exposure (CVE) ID: CVE-2018-1000035 https://security.gentoo.org/glsa/202003-58 https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html Common Vulnerability Exposure (CVE) ID: CVE-2018-18384 https://bugzilla.suse.com/show_bug.cgi?id=1110194 https://sourceforge.net/p/infozip/bugs/53/ RedHat Security Advisories: RHSA-2019:2159 https://access.redhat.com/errata/RHSA-2019:2159 SuSE Security Announcement: openSUSE-SU-2019:1117 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00009.html
Copyright	Copyright (C) 2022 Greenbone AG