Package name
Advisory ID
Affected versions
10.1 i586 , 10.1 x86_64

Problem description

Recently, it was noticed that several antivirus programs miss viruses that are contained in ZIP archives with manipulated directory data. The global archive directory of these ZIP file have been manipulated to indicate zero file sizes. Archive::Zip produces files of zero length when decompressing this type of ZIP file. This causes AV products that use Archive::ZIP to fail to detect viruses in manipulated ZIP archives. One of these products is amavisd-new. The updated packages are patched to fix this problem.

Updated packages

10.1 i586

 1b0b561bb9766e70bcfd481e25605617  10.1/RPMS/perl-Archive-Zip-1.14-1.0.101mdk.noarch.rpm
c6766a6f3ac0cce36a72e06a1b5f3070  10.1/SRPMS/perl-Archive-Zip-1.14-1.0.101mdk.src.rpm

10.1 x86_64

 527e70bd67497e63ce949ac195d8f28b  x86_64/10.1/RPMS/perl-Archive-Zip-1.14-1.0.101mdk.noarch.rpm
c6766a6f3ac0cce36a72e06a1b5f3070  x86_64/10.1/SRPMS/perl-Archive-Zip-1.14-1.0.101mdk.src.rpm