FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libzip -- integer overflow

Affected packages
		libzip	<	0.11.2_2
		ppsspp	<	1.0.1_5
		ppsspp-devel	<	1.0.1.2668_1
		radare2	<	0.9.8_1
		openlierox	<	0.58.r3_5,1

Details

VuXML ID	264749ae-d565-11e4-b545-00269ee29e57
Discovery	2015-03-18
Entry	2015-03-28
Modified	2015-09-20

libzip developers report:

Avoid integer overflow. Fixed similarly to patch used in PHP copy of libzip.

[source]

References

CVE Name	CVE-2015-2331
URL	http://hg.nih.at/libzip/rev/9f11d54f692e
URL	https://bugs.php.net/bug.php?id=69253
URL	https://github.com/php/php-src/commit/ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.