Updated libarchive packages fix CVE-2016-1541
Publication date: 18 May 2016Type: security
Affected Mageia releases : 5
CVE: CVE-2016-1541
Description
Updated libarchive packages fix security vulnerability: Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive (CVE-2016-1541). The libarchive package has been updated to version 3.2.0, fixing this issue and other bugs.
References
SRPMS
5/core
- libarchive-3.2.0-1.mga5