UbuntuUpdates.org

Package "libarchive"

Name: libarchive

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Multi-format archive and compression library (development files)
  • Multi-format archive and compression library (shared library)

Latest version: 3.2.2-3.1ubuntu0.7
Release: bionic (18.04)
Level: updates
Repository: main

Links



Other versions of "libarchive" in Bionic

Repository Area Version
base main 3.2.2-3.1
base universe 3.2.2-3.1
security universe 3.2.2-3.1ubuntu0.7
security main 3.2.2-3.1ubuntu0.7
updates universe 3.2.2-3.1ubuntu0.7

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.2.2-3.1ubuntu0.7 2021-06-07 18:06:24 UTC

  libarchive (3.2.2-3.1ubuntu0.7) bionic-security; urgency=medium

  * Add metadata support to fix issues with gnome-autoar security update
    (LP: #1929304)
    - debian/patches/metadata_support.patch: support reading metadata from
      compressed files.

 -- Marc Deslauriers <email address hidden> Fri, 04 Jun 2021 10:37:49 -0400

Source diff to previous version
1929304 file-roller / gnome archive manager fails to extract

Version: 3.2.2-3.1ubuntu0.6 2020-03-02 17:06:56 UTC

  libarchive (3.2.2-3.1ubuntu0.6) bionic-security; urgency=medium

  * SECURITY UPDATE: Out-of-read and Denial of service
    - debian/patches/CVE-2019-19221.patch: Bugfix and optimize
      archive_wstring_append_from_mbs() in libarchive/archive_string.c.
    - CVE-2019-19221

 -- <email address hidden> (Leonidas S. Barbosa) Thu, 20 Feb 2020 14:46:13 -0300

Source diff to previous version
CVE-2019-19221 In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. Fo

Version: 3.2.2-3.1ubuntu0.5 2019-10-29 19:06:26 UTC

  libarchive (3.2.2-3.1ubuntu0.5) bionic-security; urgency=medium

  * SECURITY UPDATE: Use-after-free
    - debian/patches/CVE-2019-18408.patch: RAR reader: fix use after free
      in libarchive/archive_read_support_format_rar.c.
    - CVE-2019-18408

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 28 Oct 2019 10:50:50 -0300

Source diff to previous version
CVE-2019-18408 archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED si

Version: 3.2.2-3.1ubuntu0.4 2019-09-04 02:06:32 UTC

  libarchive (3.2.2-3.1ubuntu0.4) bionic; urgency=medium

  * debian/patches/git_zip_directories.patch:
    - backport a fix for an issue where files are created instead of
      directories (lp: #1830629)

 -- Sebastien Bacher <email address hidden> Fri, 28 Jun 2019 21:20:28 +0200

Source diff to previous version
1830629 Errors when extracting ZIP files. It can not differentiate between files and directories

Version: 3.2.2-3.1ubuntu0.3 2019-02-07 13:07:33 UTC

  libarchive (3.2.2-3.1ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2019-1000019.patch: fix in
      libarchive/archive_read_support_format_7zip.c.
    - CVE-2019-1000019
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2019-1000020.patch: fix in
      libarchive/archive_read_support_format_iso9660.c.
    - CVE-2019-1000020

 -- <email address hidden> (Leonidas S. Barbosa) Wed, 06 Feb 2019 08:54:50 -0300

CVE-2019-1000019 libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerabil
CVE-2019-1000020 libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Co



About   -   Send Feedback to @ubuntu_updates