/ 
Archive-Zip-1.15_02 UNAUTHORIZED RELEASE
Security Advisories (1)
CVE-2018-10860 (2018-06-28)

perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter.

Changes for version 1.15_02 - 2005-03-12

  • fixed dates in previous entry!
  • began the process of migrating from the monolithic t/test.t to smaller scripts using Test::More.
  • started work on improving Archive::Zip's test coverage. Coverage is now up to just over 80%.
  • added error handling to writeToFileHandle
  • fixed small bug in extractMember from previous version

Changes for version 1.15_01 - 2005-03-09

  • added fix for RT #11818 extractMember method corrupts archive
  • added t/pod.t to test for pod correctness

Documentation

Archive::Zip::FAQ
Answers to a few frequently asked questions about Archive::Zip

Modules

Archive::Zip
Provide an interface to ZIP archive files.
Archive::Zip::MemberRead
A wrapper that lets you read Zip archive members as if they were files. UNAUTHORIZED
Archive::Zip::Tree
methods for adding/extracting trees using Archive::Zip UNAUTHORIZED

Provides

Archive::Zip::Archive
in lib/Archive/Zip.pm UNAUTHORIZED
Archive::Zip::BufferedFileHandle
in lib/Archive/Zip/BufferedFileHandle.pm UNAUTHORIZED
Archive::Zip::DirectoryMember
in lib/Archive/Zip.pm UNAUTHORIZED
Archive::Zip::FileMember
in lib/Archive/Zip.pm UNAUTHORIZED
Archive::Zip::Member
in lib/Archive/Zip.pm UNAUTHORIZED
Archive::Zip::MockFileHandle
in lib/Archive/Zip/MockFileHandle.pm UNAUTHORIZED
Archive::Zip::NewFileMember
in lib/Archive/Zip.pm UNAUTHORIZED
Archive::Zip::StringMember
in lib/Archive/Zip.pm UNAUTHORIZED
Archive::Zip::ZipFileMember
in lib/Archive/Zip.pm UNAUTHORIZED

Examples

Other files