- libzip-1.3.0 released, Thomas Klausner (2017/09/02 16:22:52)
Hi! We've just released libzip 1.3.0. It contains fixes for two possible security problems. The problems were identified by Brian 'geeknik' Carpenter and Agostino Sarubbo using AFL. The changes are: * Support bzip2 compressed zip archives * Improve file progress callback code * Fix zip_fdopen() * CVE-2017-12858: Fix double free(). * CVE-2017-14107: Improve EOCD64 parsing. Let us know if you have any problems. Thanks, Thomas
Made by MHonArc.