{"id":"MGASA-2018-0422","summary":"Updated unzip packages fix security vulnerabilities","details":"Updated unzip packages fix security vulnerabilities\n\nHeap-based out-of-bounds write (CVE-2018-1000031).\n\nHeap/BSS-based buffer overflow (Bypass of CVE-2015-1315)\n(CVE-2018-1000032).\n\nHeap out-of-bounds access in ef_scan_for_stream (CVE-2018-1000033).\n\nMultiple vulnerabilities in the LZMA compression algorithm\n(CVE-2018-1000034).\n\nHeap-based buffer overflow in password protected ZIP archives\n(CVE-2018-1000035).\n","modified":"2026-01-30T07:17:44.279390Z","published":"2018-10-30T18:01:43Z","related":["CVE-2018-1000031","CVE-2018-1000032","CVE-2018-1000033","CVE-2018-1000034","CVE-2018-1000035"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0422.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=22571"},{"type":"REPORT","url":"https://www.openwall.com/lists/oss-security/2018/02/08/1"}],"affected":[{"package":{"name":"unzip","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/unzip?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.1c-1.1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0422.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}