Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Are Info-ZIP tools affected by the zlib double-free security vulnerability?

affected info-zip security tools vulnerability zlib
0
Posted

Are Info-ZIP tools affected by the zlib double-free security vulnerability?

0 CommentsAdd a Comment

1 Answer

0

No–unless UnZip is compiled with USE_ZLIB defined and the relevant version of zlib has the bug (i.e., any version of zlib before 1.1.4; check UnZip with “unzip -v”). The double-free bug affected only the version of inflate() in zlib; UnZip’s version is not vulnerable, and Zip does not use inflate(). (Thanks to Mark Adler for verifying this.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123