{"id":"MGASA-2024-0289","summary":"Updated zziplib packages fix security vulnerability","details":"A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows\nattackers to cause a denial of service via the\n__zzip_fetch_disk_trailer() function at /zzip/zip.c. (CVE-2024-39134)\n","modified":"2026-04-16T04:43:02.511844258Z","published":"2024-09-10T16:40:31Z","upstream":["CVE-2024-39134"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0289.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33527"},{"type":"WEB","url":"https://lists.suse.com/pipermail/sle-security-updates/2024-August/019205.html"}],"affected":[{"package":{"name":"zziplib","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/zziplib?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.13.72-2.2.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0289.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}