You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa unzip

Sigurnosni nedostatak programskog paketa unzip

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2018-03-06 17:17:51.857605

Name : unzip
Product : Fedora 27
Version : 6.0
Release : 37.fc27
Summary : A utility for unpacking zip files
Description :
The unzip utility is used to list, test, or extract files from a zip
archive. Zip archives are commonly found on MS-DOS systems. The zip
utility, included in the zip package, creates zip archives. Zip and
unzip are both compatible with archives created by PKWARE(R)’s PKZIP
for MS-DOS, but the programs’ options and default behaviors do differ
in some respects.

Install the unzip package if you need to list, test or extract files from
a zip archive.

Update Information:

Fix CVE-2018-1000035 – heap based buffer overflow when opening

[ 1 ] Bug #1537043 – CVE-2018-1000035 unzip: Heap-based buffer overflow in fileio.c:UzpPassword function allows code execution

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade unzip’ at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to

AutorDanijel Kozinovic
Cert idNCERT-REF-2018-03-0001-ADV
More in Preporuke
Sigurnosni nedostatak programske biblioteke libXcursor

Otkriven je sigurnosni nedostatak u programskoj biblioteci libXcursor za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izvršavanje proizvoljnog programskog...