oss-sec mailing list archives

Re: cve request: miniunzip directory traversal

From: cve-assign () mitre org
Date: Sat, 3 Jan 2015 17:44:54 -0500 (EST)


On Wed, 31 Dec 2014, Michael Gilbert wrote:

Jakub Wilk discovered a directory traversal issue in the miniunzip
tool [0], which is part of minizip [1].  Attached is a proposed
solution.

Please assign a CVE id.

Best wishes,
Mike

[0] http://bugs.debian.org/774321
[1] http://www.winimage.com/zLibDll/minizip.html


Use CVE-2014-9485.

---

CVE assignment team, MITRE CVE Numbering Authority M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]

Current thread:

Re: cve request: miniunzip directory traversal Alexander Cherepanov (Jan 01)
- <Possible follow-ups>
- Re: cve request: miniunzip directory traversal cve-assign (Jan 03)