Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2016-1844

Опубликовано: 12 сент. 2016
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2016-1844: libarchive security update (IMPORTANT)

[3.1.2-10]

  • Fixes variation of CVE-2016-5418: Hard links could include '..' in their path.

[3.1.2-9]

  • Fixes CVE-2016-5418: Archive Entry with type 1 (hardlink) causes file overwrite (#1365777)

[3.1.2-8]

  • a bunch of security fixes (rhbz#1353065)

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

bsdcpio

3.1.2-10.el7_2

bsdtar

3.1.2-10.el7_2

libarchive

3.1.2-10.el7_2

libarchive-devel

3.1.2-10.el7_2

Oracle Linux x86_64

bsdcpio

3.1.2-10.el7_2

bsdtar

3.1.2-10.el7_2

libarchive

3.1.2-10.el7_2

libarchive-devel

3.1.2-10.el7_2

Связанные уязвимости

suse-cvrf
почти 9 лет назад

Security update for libarchive

suse-cvrf
около 9 лет назад

Security update for libarchive

CVSS3: 8.8
ubuntu
больше 9 лет назад

Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.

CVSS3: 8.4
redhat
больше 9 лет назад

Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.

CVSS3: 8.8
nvd
больше 9 лет назад

Heap-based buffer overflow in the zip_read_mac_metadata function in archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive.