AnNyung Official Homepage Home > Update [ 1.0 ]  

What is AnNyung
Packages System
White Paper
  . 3.x [RSS]
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]

  AnNyung banner 88x31

  AnNyung 1 banner 80x15
  AnNyung 2 banner 80x15
  AnNyung 3 banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15

unzip 보안버그 수정
Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1056985200
업데이트 : 2003.07.01


Updated unzip packages resolving a vulnerability allowing arbitrary files
to be overwritten are now available.

The unzip utility is used for manipulating archives, which are multiple
files stored inside of a single file.

A vulnerabilitiy in unzip version 5.50 and earlier allows attackers to
overwrite arbitrary files during archive extraction by placing invalid
(non-printable) characters between two "." characters. These non-printable
characters are filtered, resulting in a ".." sequence. The Common
Vulnerabilities and Exposures project ( has assigned the name
CAN-2003-0282 to this issue.

This erratum includes a patch ensuring that non-printable characters do not
make it possible for a malicious .zip file to write to parent directories
unless the "-:" command line parameter is specified.

Users of unzip are advised to upgrade to these updated packages, which are
not vulnerable to this issue.

update 패키지

  RPMS :

    . unzip-5.50-11,1.i686.rpm


    . unzip-5.50-11,1.src.rpm

참고 : 


 Home > Update [ 1.0 ]

Copyright 2019 OOPS Development Organization 
LAST MODIFIED: 2018/04/10