A heap-based buffer overflow flaw was discovered in zziplib, a lightweight library for extracting data from ZIP files. An application using zziplib to process could crash when processing a malformed ZIP archive. External References: http://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-zzip_mem_entry_extra_block-memdisk-c/
Created zziplib tracking bugs for this issue: Affects: fedora-all [bug 1422517]