Message info
 
To:664990@bugs.debian.org From:Henri Salo Subject:Bug#664990: More information Date:Thu, 29 Mar 2012 10:03:47 +0300
 

More information from Timo Warns:

- Only libzip 0.10 is affected.
- Stefan Cornelius has identified the precise commits that introduced the vulnerabilities:
https://bugzilla.redhat.com/show_bug.cgi?id=802564
https://bugzilla.redhat.com/show_bug.cgi?id=803028
- As PHP and zipruby include older versions of libzip, they are not
affected by the issues.



--
To UNSUBSCRIBE, email to debian-bugs-rc-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org