Kali Linux Package Tracker
Register | Log in

unzip 6.0-8+deb7u2 has been added to Kali Security

News for package unzip

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 3.0 (quilt)
Source: unzip
Binary: unzip
Architecture: any
Version: 6.0-8+deb7u2
Maintainer: Santiago Vila <[email protected]>
Homepage: http://www.info-zip.org/UnZip.html
Standards-Version: 3.9.2
Build-Depends: libbz2-dev
Package-List: 
 unzip deb utils optional
Checksums-Sha1: 
 abf7de8a4018a983590ed6f5cbd990d4740f8a22 1376845 unzip_6.0.orig.tar.gz
 f62b356bf40fcbf0e1143f99ed90860583c3ddbc 14193 unzip_6.0-8+deb7u2.debian.tar.gz
Checksums-Sha256: 
 036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37 1376845 unzip_6.0.orig.tar.gz
 667c03e6b9ec219444f8a43c09532412d5e088f7c1803d673af899af34ebd6ab 14193 unzip_6.0-8+deb7u2.debian.tar.gz
Files: 
 62b490407489521db863b523a7f86375 1376845 unzip_6.0.orig.tar.gz
 4fa58132df8930e551a5087f281149d4 14193 unzip_6.0-8+deb7u2.debian.tar.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJU0JegAAoJEAVMuPMTQ89EWUoQAI778zVZo5BmYhIxTSJ9bnTV
3pFQaR6JKO0Z/TV93cvqPPMdzskcrS8ZmbdLR/rO6uUnYwZIsccsk/MDbaf6fYkK
Ru7V1w99DucmIVsz8nfbLwYF+lKD4L6T3I5N2qeLyQKDv0shMERL0ENzuDtWNHpE
Dr4afCupb7xDKMng/FAPW37/9itInyUomkhf2zToy1I8Y3joKGmzOwHQq3K0zFTB
O94o4HoX11FleVKy8lUKcr7ZF/dR905dmbaoj47KhQcUrtgo2vm6JCcN0cr/RlYG
Go6c4qoFKu5ygY//8qIVX/6auYhj45qEpauXCZexIhA61xfPy33zTZldbd7GAham
FDCEp77ABM4FnNxKN3u0jT3m2j4vriWTSAMZ09M0+/kd/HqvhlnMUNsmLEDJfJ3+
ScqIIHN+fuVGPGVKa7InTEPXTGlyyuPmugeq/4TyVk5LEGI0C0iswKLMeO3HnDPB
oPywN+9wQHTierAUKKQBuyg6tOCJT6que9/bGaxtUT+lLKLl1r8yXN+4apoWvvXL
XDg96KLwXO7ZTF2A++fXKVuKVDxBzI3tMicHtB7se5EpVQNrtdsLbX6MlRqseher
MvsifQE6zbHg4sJiiwY1rN4pso5UEjUyiCbtjUx46/Fqb0D1l/iqLBzwXm2o691X
pBUxL2bA8HgGq7oBYz9t
=QRZ9
-----END PGP SIGNATURE-----

Changes:
unzip (6.0-8+deb7u2) wheezy-security; urgency=high

  * Security upload.
  * CVE-2014-9636: Fix heap overflow. Ensure that compressed
    and uncompressed block sizes match when using STORED method
    in extract.c. Closes: #776589.
  * CVE-2014-8139: Update patch. The old one was not right
    and had regressions with executable jar files. Closes: #775640

 -- Santiago Vila <[email protected]>  Sun, 01 Feb 2015 23:48:28 +0100