FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libzip -- integer overflow

Affected packages
libzip < 0.11.2_2
ppsspp < 1.0.1_5
ppsspp-devel < 1.0.1.2668_1
radare2 < 0.9.8_1
openlierox < 0.58.r3_5,1

Details

VuXML ID 264749ae-d565-11e4-b545-00269ee29e57
Discovery 2015-03-18
Entry 2015-03-28
Modified 2015-09-20

libzip developers report:

Avoid integer overflow. Fixed similarly to patch used in PHP copy of libzip.

References

CVE Name CVE-2015-2331
URL http://hg.nih.at/libzip/rev/9f11d54f692e
URL https://bugs.php.net/bug.php?id=69253
URL https://github.com/php/php-src/commit/ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5