Menu

#71 when the next version 6.1 will be released

v1.0 (example)
open
nobody
None
5
2023-10-16
2023-06-27
Peyton Zhong
No

Hello,

In website: https://infozip.sourceforge.net/UnZip.html, it says The next major release will be version 6.1. Here is to check when the next version will be released and whether it will solve below vulnerabilities:

CVE-2014-8139
CVE-2018-1000035
CVE-2014-8140
CVE-2014-8141
CVE-2014-9636
CVE-2014-9913
CVE-2015-7696
CVE-2015-7697
CVE-2016-9844
CVE-2018-18384
CVE-2019-13232
CVE-2022-0529
CVE-2022-0530
CVE-2021-4217

Thanks for your time.

Best regards,
Peyton Zhong

Discussion

  • Neustradamus

    Neustradamus - 2023-10-13

    Dear @infozip team, @antinode2, @eewhite, @goathunter, @gordone, @roelofs,

    Can you answer to @allwit and me.

    There are a lot of CVEs never patched.

    In more, it will be nice to have an official InfoZip GitHub organization to contribute etc.

    Thanks in advance.

    Regards.

     

  • Paul Marquess

    Paul Marquess - 2023-10-16

    I note that all of the issues listed have been addressed downstream by the main Linux distributions. Not necessarily all of them in each of the distributions, but at least there are fixes available.

    I have a couple of GH repos that have tried to collect all the variations of zip & unzip that are out in the wild. By no means complete, but it does show the fragmentation that has happened over the last few years. See nfo-ZIP-Family-Tree-for-Zip and nfo-ZIP-Family-Tree-for-UnZip) for more details.

    Having the real Info-ZIP source of GH would be much better.

     

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.