Advisories » MGASA-2017-0337

Updated libarchive packages fix security vulnerability

Publication date: 10 Sep 2017
Modification date: 10 Sep 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-14166

Description

Heap-based buffer overflow in xml_data() in
archive_read_support_format_xar.c (CVE-2017-14166).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=21682
• http://openwall.com/lists/oss-security/2017/09/06/5
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166

SRPMS

6/core

• libarchive-3.3.1-1.1.mga6

5/core

• libarchive-3.2.2-1.4.mga5