Issue31175
Created on 2017-08-10 13:05 by zyxtarmo, last changed 2022-04-11 14:58 by admin.
| Pull Requests |
|
|
|
| URL |
Status |
Linked |
Edit |
| PR 3035 |
zyxtarmo,2017-08-10 13:05 |
|
|
| Messages (2) |
|
|
| msg300080 - (view) |
Author: Tarmo Randel (zyxtarmo) * |
Date: 2017-08-10 13:05 |
| The problem: miscreants are modifying ZIP file header parts so, that Python based automated analysis tools are unable to process the contents of the ZIP file but intended clients are able to open the file and extract the possibly malicious contents. Github pull request contains patch addressing the issue so that developer can make conscious decision to allow extraction process to complete. Quite important feature for security researchers. |
|
|
| msg300081 - (view) |
Author: Tarmo Randel (zyxtarmo) * |
Date: 2017-08-10 13:08 |
| Proposed patch |
|
|
| History |
|
|
|
| Date |
User |
Action |
Args |
| 2022-04-11 14:58:50 |
admin |
set |
github: 75358 |
| 2017-08-10 13:08:08 |
zyxtarmo |
set |
files: + zipfile.patchkeywords: + patchmessages: + |
| 2017-08-10 13:05:08 |
zyxtarmo |
create |
|