We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
There is a security issue CVE-2023-45853 which was found in minizip. A long filename, comment or extra field can cause a buffer overflow. Here is the patch: https://github.com/madler/zlib/pull/843/commits/431e66398552effd82d5c0ea982a521821782ebd#diff-1b810588fb7a7b13dd4b92b803214212dc9e9198b9e246e5e5e59de2a245ff56R1059
The text was updated successfully, but these errors were encountered:
I forgot to follow the security policy ... But I guess this issue is already known for a long time.
Sorry, something went wrong.
Thank you for bringing this up. There is a task to update minizip but there are quite a lot of changes so it won't land anytime soon.
However, the patch you linked seems to be compatible with the existing code so I think I'll be able to simply pull this in.
No branches or pull requests
There is a security issue CVE-2023-45853 which was found in minizip.
A long filename, comment or extra field can cause a buffer overflow.
Here is the patch: https://github.com/madler/zlib/pull/843/commits/431e66398552effd82d5c0ea982a521821782ebd#diff-1b810588fb7a7b13dd4b92b803214212dc9e9198b9e246e5e5e59de2a245ff56R1059
The text was updated successfully, but these errors were encountered: