CLD-283 Details

Other IDs this deficiency may be known by:

CVE ID CVE-2018-1000034 (nvd) (mitre) (debian) (archlinux) (red hat) (suse) (ubuntu)
Other ID(s)

Basic Information:

Affected Package(s) unzip
Deficiency Type SECURITY
Date Created 2018-02-08 15:53:10
Date Last Modified 2018-02-09 10:00:31

Version Specific Information:

Cucumber 1.0 i686 not affected
Cucumber 1.0 x86_64 not affected

Cucumber 1.1 i686 not affected
Cucumber 1.1 x86_64 not affected

Details:

From http://www.openwall.com/lists/oss-security/2018/02/08/1:

5) Multiple vulnerabilities in the LZMA compression algorithm (CVE-2018-1000034)

This vulnerability only affects UnZip 6.1c22 (next beta version of UnZip).
InfoZip's UnZip suffers from multiple vulnerabilities in the LZMA
implementation. Various crash dumps have been supplied to the vendor
but no further analysis has been performed.