mailing list archives
Re: CVE-2012-1162 / -1163: Incorrect loop construct and numeric overflow in libzip
From: Timo Warns <warns () pre-sense de>
Date: Thu, 29 Mar 2012 15:29:33 +0200
I just realized that only libzip 0.10 is affected by these
vulnerabilities, but not older versions of libzip.
Stefan Cornelius has identified the precise commits that introduced the
As PHP and zipruby include older versions of libzip, they are not
affected by the issues.