From: Roy Li
Port four patches from unzip_6.0-8+deb7u2.debian.tar.gz to fix:
cve-2014-8139
cve-2014-8140
cve-2014-8141
cve-2014-9636
Signed-off-by: Roy Li
---
.../unzip/09-cve-2014-8139-crc-overflow.patch | 52
.../unzip/10-cve-2014-8140-test-compr-eb.patch
CVE-2014-9636 is also mentioned in commit
c9ec5427609f084d9cbfb7336777fe1e3d0f3ef1
unzip: Security Advisory -CVE-2014-9636 and CVE-2015-1315
can you clarify why its on both places?
- armin
On 06/22/2015 10:32 PM, rongqing...@windriver.com wrote:
From: Roy Li
Port four patches from unzip_6.0
On 2015年06月24日 06:41, akuster808 wrote:
CVE-2014-9636 is also mentioned in commit
c9ec5427609f084d9cbfb7336777fe1e3d0f3ef1
unzip: Security Advisory -CVE-2014-9636 and CVE-2015-1315
can you clarify why its on both places?
sorry, it is duplicated, but I did not know why it can
be applied, I