Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Won't Do
Priority: Major
Fix Version/s: None
Affects Version/s: rhel-8.5.0
Component/s: unzip
Labels:
- MigratedToJIRA
- auto-closed

Regression:
None
Severity:
Moderate

AssignedTeam:
rhel-plumbers
Sub-System Group:

ssg_core_services

Story Points:
1
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Sprint:
None

Preliminary Testing:
None
Test Coverage:
None

Release Note Type:
If docs needed, set a value

Experience:
Architecture:

All
Bugzilla Bug:
RHBZ: 2035510

PX Impact Score:
PX Priority Data:
PX Review Complete:
SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None
Internal Target Milestone numeric:
57,005

Description of problem:

A customer using latest unzip on RHEL8 (unzip-6.0-45.el8_4.x86_64) cannot extract his war archive due to getting:
"""
error: invalid zip file with overlapped components (possible zip bomb)
"""

I don't manage to unzip the file myself on my Fedora 35 system (unzip-6.0-53.fc35.x86_64) nor latest on RHEL7 (only unzip-6.0-20.el7.x86_64 works).

Version-Release number of selected component (if applicable):

unzip-6.0-45.el8_4

How reproducible:

Always

external trackers

Red Hat Customer Portal 03112128

Red Hat Issue Tracker RHELPLAN-106575

Red Hat Knowledge Base (Solution) 5735561

Assignee:: Jakub Martisko

Reporter:: Renaud Métrich

Developer:: Jakub Martisko

QA Contact:: RHEL CS Plumbers QE Bot

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2023/09/21 3:51 PM

Updated:: 2025/09/12 11:53 PM

Resolved:: 2025/03/14 5:13 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

Hide