Advisories ยป MGASA-2016-0318

Updated libarchive packages fix security vulnerability

Publication date: 25 Sep 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-5418

Description

The updated packages fix several security vulnerabilities:

A flaw was found in the way libarchive handled hardlink archive entries
of non-zero size. Combined with flaws in libarchive's file system
sandboxing, this issue could cause an application using libarchive to
overwrite arbitrary files with arbitrary data from the archive.
(CVE-2016-5418, issues #745 and #746)

Very long pathnames evade symlink checks (issue#744)

size_t underflow leading to out of bounds heap read in process_extra()
/ archive_read_support_format_zip.c (issue#770)

stack-based buffer overflow in bsdtar_expand_char (util.c) (issue#767)

libarchive can compress, but cannot decompress zip some files (issue#748)

hang in tar parser (issue#731)

Out of bounds read in mtree parser (issue#747)

heap-based buffer overflow in read_Header (archive_read_support_format_7zip.c) (issue#761)
                

References

SRPMS

5/core