Mandriva Update for libzip MDVSA-2012:034 (libzip)

Solution
Please Install the Updated Packages.
Insight
Multiple vulnerabilities has been found and corrected in libzip: libzip (version &lt = 0.10) uses an incorrect loop construct, which can result in a heap overflow on corrupted zip files (CVE-2012-1162). libzip (version &lt = 0.10) has a numeric overflow condition, which, for example, results in improper restrictions of operations within the bounds of a memory buffer (e.g., allowing information leaks) (CVE-2012-1163). The updated packages have been upgraded to the 0.10.1 version to correct these issues.
Affected
libzip on Mandriva Linux 2011.0, Mandriva Enterprise Server 5.2, Mandriva Linux 2010.1