UbuntuUpdates.org

Package "unzip"

Name: unzip

Description:

De-archiver for .zip files
Latest version: 6.0-25ubuntu1.2
Release: focal (20.04)
Level: updates
Repository: main
Homepage: http://www.info-zip.org/UnZip.html

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "unzip"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "unzip" in Focal

Repository Area Version
base main 6.0-25ubuntu1
security main 6.0-25ubuntu1.1

Changelog

Version: 6.0-25ubuntu1.2 2024-02-15 15:07:25 UTC

  unzip (6.0-25ubuntu1.2) focal; urgency=medium

  * Properly handle Microsoft ZIP64 file (LP: #2051952)
    - debian/patches/handle_windows_zip64.patch: ignore invalid "Total
      number of disks" field in process.c.

 -- Marc Deslauriers <email address hidden> Thu, 01 Feb 2024 10:54:32 -0500
Source diff to previous version
2051952 unzip rejects Microsoft OneDrive zip files

Version: 6.0-25ubuntu1.1 2022-10-13 12:06:36 UTC

  unzip (6.0-25ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: Null pointer dereference in unzip (LP: #1957077)
    - debian/patches/CVE-2021-4217.patch: Fix null pointer dereference and use
      of uninitialized data
    - CVE-2021-4217
  * SECURITY UPDATE: Out-of-bound write vulnerability in unzip
    - debian/patches/CVE-2022-0529.patch: Fix wide string conversion in
      process.c
    - debian/patches/CVE-2022-0530.patch: Add missing error handling in
      fileio.c and process.c
    - CVE-2022-0529
    - CVE-2022-0530

 -- Nishit Majithia <email address hidden> Fri, 07 Oct 2022 22:39:47 +0530
1957077 SIGSEGV during processing of unicode string
CVE-2021-4217 A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This f
CVE-2022-0529 A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound wri
CVE-2022-0530 A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound wri


About   -   Send Feedback to @ubuntu_updates