{"id":"MGASA-2018-0422","summary":"Updated unzip packages fix security vulnerabilities","details":"Updated unzip packages fix security vulnerabilities\n\nHeap-based out-of-bounds write (CVE-2018-1000031).\n\nHeap/BSS-based buffer overflow (Bypass of CVE-2015-1315)\n(CVE-2018-1000032).\n\nHeap out-of-bounds access in ef_scan_for_stream (CVE-2018-1000033).\n\nMultiple vulnerabilities in the LZMA compression algorithm\n(CVE-2018-1000034).\n\nHeap-based buffer overflow in password protected ZIP archives\n(CVE-2018-1000035).\n","modified":"2026-04-16T06:26:00.181554714Z","published":"2018-10-30T18:01:43Z","upstream":["CVE-2018-1000031","CVE-2018-1000032","CVE-2018-1000033","CVE-2018-1000034","CVE-2018-1000035"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0422.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=22571"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2018/02/08/1"}],"affected":[{"package":{"name":"unzip","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/unzip?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.1c-1.1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0422.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}