3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/pkgs/development/libraries/zziplib
Florian Klink 9f6a942fc7 zziplib: 0.13.67 -> 0.13.68
Bump zziplib to 0.13.68 to fix multiple CVE issues:

 - CVE-2018-6381
 (a803559fa9)
 - CVE-2018-6484
 (https://github.com/gdraheim/zziplib/issues/14#issuecomment-363198084)
 - CVE-2018-6540
 (72ec933663)
 - CVE-2018-6541
 (https://github.com/gdraheim/zziplib/issues/16#issuecomment-363197718)
 - CVE-2018-6542
 (931f962ddf)

Unfortunately, getting only those patches is hard, as they're not well
referenced to linked issues. The testsuite checking for vulns
requires network access (so we can't easily test it here).

https://github.com/gdraheim/zziplib/issues/20 might still be an issue,
so keeping this as a TODO here.
2018-02-23 21:39:48 +01:00
..
default.nix zziplib: 0.13.67 -> 0.13.68 2018-02-23 21:39:48 +01:00