Package "libarchive"
Name: |
libarchive
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- Multi-format archive and compression library (development files)
- Multi-format archive and compression library (shared library)
|
Latest version: |
3.2.2-3.1ubuntu0.7 |
Release: |
bionic (18.04) |
Level: |
updates |
Repository: |
main |
Links
Other versions of "libarchive" in Bionic
Packages in group
Deleted packages are displayed in grey.
Changelog
libarchive (3.2.2-3.1ubuntu0.2) bionic-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds read
- debian/patches/CVE-2017-14502.patch: fix in
libarchive/archive_read_support_format_rar.c.
- CVE-2017-14502
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-1000877.patch: fix in
libarchive/archive_read_support_format_rar.c.
- CVE-2018-1000877
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-1000878.patch: fix in
libarchive/archive_read_support_format_rar.c.
- CVE-2018-1000878
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-1000880.patch: fix in
libarchive/archive_read_support_format_warc.c.
- CVE-2018-1000880
-- <email address hidden> (Leonidas S. Barbosa) Mon, 14 Jan 2019 09:53:14 -0300
|
Source diff to previous version |
CVE-2017-14502 |
read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an |
CVE-2018-1000877 |
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in |
CVE-2018-1000878 |
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability |
CVE-2018-1000880 |
libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vuln |
|
libarchive (3.2.2-3.1ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds read
- debian/patches/CVE-2017-14501.patch: fix in
libarchive/archive_read_support_format_iso9660.c.
- CVE-2017-14501
* SECURITY UPDATE: Out-of-bounds read
- debian/patches/CVE-2017-14503.patch: fix in
libarchive/archive_read_support_format_lha.c.
- CVE-2017-14503
-- <email address hidden> (Leonidas S. Barbosa) Tue, 07 Aug 2018 15:23:21 -0300
|
CVE-2017-14501 |
An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted |
CVE-2017-14503 |
libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially craf |
|
About
-
Send Feedback to @ubuntu_updates