Red Hat Bugzilla – Bug 180411
unzip - CVE-2005-4667 - long file name buffer overflow
Last modified: 2007-04-18 13:37:16 EDT
Description of problem:
Bug #178961 gives a description, with a simple test, of a bug which affects
unzip. It is filed only for FC but it affects really all releases.
For FC3 binaries from FC4 updates work without any changes. Where unzip-5.51
is used a patch from unzip-5.51-13.fc4.src.rpm can be applied "as is".
With unzip-5.50, like it shows up in RHL7.3, a patched src.rpm can be found at:
or one can update to unzip-5.51 by recompiling update FC4 sources.
*** This bug has been marked as a duplicate of 180159 ***