Updated libarchive packages fix security vulnerability
Publication date: 25 Sep 2016Modification date: 25 Sep 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-5418
Description
The updated packages fix several security vulnerabilities:
A flaw was found in the way libarchive handled hardlink archive entries
of non-zero size. Combined with flaws in libarchive's file system
sandboxing, this issue could cause an application using libarchive to
overwrite arbitrary files with arbitrary data from the archive.
(CVE-2016-5418, issues #745 and #746)
Very long pathnames evade symlink checks (issue#744)
size_t underflow leading to out of bounds heap read in process_extra()
/ archive_read_support_format_zip.c (issue#770)
stack-based buffer overflow in bsdtar_expand_char (util.c) (issue#767)
libarchive can compress, but cannot decompress zip some files (issue#748)
hang in tar parser (issue#731)
Out of bounds read in mtree parser (issue#747)
heap-based buffer overflow in read_Header (archive_read_support_format_7zip.c) (issue#761)
References
- https://bugs.mageia.org/show_bug.cgi?id=19351
- https://rhn.redhat.com/errata/RHSA-2016-1844.html
- https://github.com/libarchive/libarchive/issues/745
- https://github.com/libarchive/libarchive/issues/746
- https://github.com/libarchive/libarchive/issues/744
- https://github.com/libarchive/libarchive/issues/770
- https://github.com/libarchive/libarchive/issues/767
- https://github.com/libarchive/libarchive/issues/748
- https://github.com/libarchive/libarchive/issues/731
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5418
SRPMS
5/core
- libarchive-3.2.1-1.2.mga5