[Bug 197300] archivers/unzip: Port should be marked vulnerable to CVE-2014-9636

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Tue Feb 3 20:41:54 UTC 2015 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197300

            Bug ID: 197300
           Summary: archivers/unzip: Port should be marked vulnerable to
                    CVE-2014-9636
           Product: Ports & Packages
           Version: Latest
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ehaupt at FreeBSD.org
          Reporter: rsimmons0 at gmail.com
          Assignee: ehaupt at FreeBSD.org
             Flags: maintainer-feedback?(ehaupt at FreeBSD.org)

Created attachment 152529
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=152529&action=edit
patch for CVE-2014-9636

The port archivers/unzip is vulnerable to CVE-2014-9636. Further information is
here:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9636
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-9636.html

Here is the patch from upstream:
http://www.info-zip.org/phpBB3/download/file.php?id=95&sid=95e98be32f791909977347bca032d3bc

I have merged this patch with the previous extract.c patch into one. Attached
is an patch that fixes the port.

The message attached to the patch above is:

=================

>From a9bfab5b52d08879bbc5e0991684b700127ddcff Mon Sep 17 00:00:00 2001
From: mancha <mancha1 AT zoho DOT com>
Date: Mon, 3 Nov 2014
Subject: Info-ZIP UnZip buffer overflow

By carefully crafting a corrupt ZIP archive with "extra fields" that
purport to have compressed blocks larger than the corresponding
uncompressed blocks in STORED no-compression mode, an attacker can
trigger a heap overflow that can result in application crash or
possibly have other unspecified impact.

This patch ensures that when extra fields use STORED mode, the
"compressed" and uncompressed block sizes match.

--- Comment #1 from Bugzilla Automation <bugzilla at FreeBSD.org> ---
Auto-assigned to maintainer ehaupt at FreeBSD.org

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-ports-bugs mailing list