| Package | zlib |
|---|---|
| Version | 1:1.2.7.dfsg-13+deb7u2 |
| Related CVEs | CVE-2014-9485 |
Jakub Wilk discovered that miniunzip in zlib-bin was affected by a directory traversal security vulnerability. An attacker could use this flaw to extract the contents of a specially crafted zip file to arbitrary locations.
For Debian 7 Wheezy, these problems have been fixed in version 1:1.2.7.dfsg-13+deb7u2.
We recommend that you upgrade your zlib packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.