unzip bug fix update

Advisory:	RHBA-2007:0418-2
Type:	Bug Fix Advisory
Severity:	N/A
Issued on:	2007-06-11
Last updated on:	2007-06-11
Affected Products:	Red Hat Desktop (v. 3) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux WS (v. 3)
OVAL:	N/A
CVEs (cve.mitre.org):	CVE-2005-2475 CVE-2005-4667

Details

Updated unzip packages that address various bugs are now available.

The unzip utility is used to list, test, or extract files from a zip
archive.

This update addresses the following issues:

* a TOCTOU bug that could be exploited to change file permissions (CVE-2005-2475)

* a long filename buffer overflow vulnerability (CVE-2005-4667)

All users of unzip should upgrade to these updated packages, which
resolve these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Updated packages

Red Hat Desktop (v. 3)

SRPMS:
unzip-5.50-35.EL3.src.rpm File outdated by: RHSA-2008:0196	`93f4ce97178a3e969c5756ce7a5dd5c8`

IA-32:
unzip-5.50-35.EL3.i386.rpm File outdated by: RHSA-2008:0196	`d25bf99f4dcbd1eb3615189e67f96564`

x86_64:
unzip-5.50-35.EL3.x86_64.rpm File outdated by: RHSA-2008:0196	`75bcd070eecf4f1c695b58c5cceff598`

Red Hat Enterprise Linux AS (v. 3)

SRPMS:
unzip-5.50-35.EL3.src.rpm File outdated by: RHSA-2008:0196	`93f4ce97178a3e969c5756ce7a5dd5c8`

IA-32:
unzip-5.50-35.EL3.i386.rpm File outdated by: RHSA-2008:0196	`d25bf99f4dcbd1eb3615189e67f96564`

IA-64:
unzip-5.50-35.EL3.ia64.rpm File outdated by: RHSA-2008:0196	`83c5554f283075bf3aa9c42a8d851098`

PPC:
unzip-5.50-35.EL3.ppc.rpm File outdated by: RHSA-2008:0196	`8aed54ca977849fe92aef448f990d96a`

s390:
unzip-5.50-35.EL3.s390.rpm File outdated by: RHSA-2008:0196	`0fd314caa8c785838477f3b1c21ca527`

s390x:
unzip-5.50-35.EL3.s390x.rpm File outdated by: RHSA-2008:0196	`bf35d8f307a6ef8198634debad5f9eda`

x86_64:
unzip-5.50-35.EL3.x86_64.rpm File outdated by: RHSA-2008:0196	`75bcd070eecf4f1c695b58c5cceff598`

Red Hat Enterprise Linux ES (v. 3)

SRPMS:
unzip-5.50-35.EL3.src.rpm File outdated by: RHSA-2008:0196	`93f4ce97178a3e969c5756ce7a5dd5c8`

IA-32:
unzip-5.50-35.EL3.i386.rpm File outdated by: RHSA-2008:0196	`d25bf99f4dcbd1eb3615189e67f96564`

IA-64:
unzip-5.50-35.EL3.ia64.rpm File outdated by: RHSA-2008:0196	`83c5554f283075bf3aa9c42a8d851098`

x86_64:
unzip-5.50-35.EL3.x86_64.rpm File outdated by: RHSA-2008:0196	`75bcd070eecf4f1c695b58c5cceff598`

Red Hat Enterprise Linux WS (v. 3)

SRPMS:
unzip-5.50-35.EL3.src.rpm File outdated by: RHSA-2008:0196	`93f4ce97178a3e969c5756ce7a5dd5c8`

IA-32:
unzip-5.50-35.EL3.i386.rpm File outdated by: RHSA-2008:0196	`d25bf99f4dcbd1eb3615189e67f96564`

IA-64:
unzip-5.50-35.EL3.ia64.rpm File outdated by: RHSA-2008:0196	`83c5554f283075bf3aa9c42a8d851098`

x86_64:
unzip-5.50-35.EL3.x86_64.rpm File outdated by: RHSA-2008:0196	`75bcd070eecf4f1c695b58c5cceff598`

(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

186570 - CVE-2005-4667 unzip long filename buffer overflow
226749 - CVE-2005-2475 TOCTOU issue in unzip

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2475
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4667
http://www.redhat.com/security/updates/classification/#low

Keywords

file, large, toctou, unzip

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/