-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Package: unzip Version: 6.0-18 Severity: normal Tags: security
Infinite loop when extracting password-protected archive issue has been from from unzip. Proof-of-concept file can be downloaded from http://seclists.org/oss-sec/2015/q3/att-512/sigxcpu_zip.bin Announcement: http://www.openwall.com/lists/oss-security/2015/09/07/4 - -- Henri Salo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJWIrI3AAoJECet96ROqnV0zY8P/2VJEDLAnX60/vGlGBDW9o0D PcwNE2DQrbq677AWejDeZJRpZ2xZmdK92YOFnkgNQsFWGDuJN/T8lKLurRb2vuJ0 Iv7KwwJ6tgrNqlKW2YPaZSx0QS765F8G510F/Z3ql/8VYY0Y0dTMdwyWN3HQyWrD e7fVtQxcvXzBhVsIGOfuRLWAUFMOPg8svcZ9sh0aOi2i1q38NA8OAaeousY2nBkI p60yr8QEBYM2XK3kRE9yrgx9APbMobw7hhrkOl5ZwmhWUcicCT5L5i/RH202afbc BYF7Ds8FrOMkTiSxAosk/4nMP0tg0J6IaZ1JfoxP8dQ1LEEwPqhfA+p0efRzu8SI PO+JOZ/m0TKFlTjh7xhUf93G2wRWcGLq9lr1oz8MyKoyf/32XptomoO3l3MblkGo Ly6fkNj/LMTT4G9gSF/uqaihJWFBrSeVIgmwlk7wWmq96PrFd+UFjGAlbgoywj+X KpOli0P4KH/HOAKRLWjbLgm45iyF8tVymuebTtG9ULOj9cJgHWloNoJJCIPU35VZ Y4nWO/Kq37qgv3Ug5YyfaQhBmY52YSFvglTHyE+EBDRZGmrnudJ97h3yR/c79n5K bHdfD7dLscSwI8brLn7HNwXB88MmP+YEeYz7wNcptefdlsbFMLh8d3CwRvKAK7jm TPtOwvJg2KUVd+4bff9h =tqjh -----END PGP SIGNATURE-----