Resolved Bugs
1191118 – CVE-2014-8139 CVE-2014-8141 CVE-2014-8140 unzip: various flaws [fedora-all]
1174844 – CVE-2014-8139 unzip: CRC32 verification heap-based buffer overread (oCERT-2014-011)
1174851 – CVE-2014-8140 unzip: out-of-bounds write issue in test_compr_eb() (oCERT-2014-011)
1174856 – CVE-2014-8141 unzip: getZip64Data() out-of-bounds read issues (oCERT-2014-011)
1191136 – unzip: buffer overflows on long compression factors and methods
1184985 – CVE-2014-9636 unzip: out-of-bounds read/write in test_compr_eb() in extract.c
1184986 – CVE-2014-9636 unzip: out-of-bounds read/write in test_compr_eb() in extract.c [fedora-all]<br
– Fix CVE-2014-8139 – CRC32 verification heap-based buffer overread (#1174844)
– Fix CVE-2014-8140 – out-of-bounds write issue in test_compr_eb() (#1174851)
– Fix CVE-2014-8141 – getZip64Data() out-of-bounds read issues (#1174856)
– Fix buffer overflow on long file sizes (#1191136)
– CVE-2014-9636 unzip: out-of-bounds read/write in test_compr_eb() in extract.c – re-fix (see https://bugzilla.redhat.com/show_bug.cgi?id=1184985#c7)
– Fix CVE-2014-8139 – CRC32 verification heap-based buffer overread (#1174844)
– Fix CVE-2014-8140 – out-of-bounds write issue in test_compr_eb() (#1174851)
– Fix CVE-2014-8141 – getZip64Data() out-of-bounds read issues (#1174856)
– Fix buffer overflow on long file sizes (#1191136)
– Fix CVE-2014-8139 – CRC32 verification heap-based buffer overread (#1174844)
– Fix CVE-2014-8140 – out-of-bounds write issue in test_compr_eb() (#1174851)
– Fix CVE-2014-8141 – getZip64Data() out-of-bounds read issues (#1174856)
– Fix buffer overflow on long file sizes (#1191136)