Описание
Security update for libarchive
This update for libarchive fixes several issues.
These security issues were fixed:
- CVE-2016-8687: Buffer overflow when printing a filename (bsc#1005070).
- CVE-2016-8689: Heap overflow when reading corrupted 7Zip files (bsc#1005072).
- CVE-2016-8688: Use after free because of incorrect calculation in next_line (bsc#1005076).
- CVE-2016-5844: Integer overflow in the ISO parser in libarchive allowed remote attackers to cause a denial of service (application crash) via a crafted ISO file (bsc#986566).
- CVE-2016-6250: Integer overflow in the ISO9660 writer in libarchive allowed remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow (bsc#989980).
- CVE-2016-5418: The sandboxing code in libarchive mishandled hardlink archive entries of non-zero data size, which might allowed remote attackers to write to arbitrary files via a crafted archive file (bsc#998677).
Список пакетов
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
Ссылки
- Link for SUSE-SU-2016:2911-1
- E-Mail link for SUSE-SU-2016:2911-1
- SUSE Security Ratings
- SUSE Bug 1005070
- SUSE Bug 1005072
- SUSE Bug 1005076
- SUSE Bug 986566
- SUSE Bug 989980
- SUSE Bug 998677
- SUSE CVE CVE-2015-2304 page
- SUSE CVE CVE-2016-5418 page
- SUSE CVE CVE-2016-5844 page
- SUSE CVE CVE-2016-6250 page
- SUSE CVE CVE-2016-8687 page
- SUSE CVE CVE-2016-8688 page
- SUSE CVE CVE-2016-8689 page
Описание
Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.
Затронутые продукты
Ссылки
- CVE-2015-2304
- SUSE Bug 920870
Описание
The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.
Затронутые продукты
Ссылки
- CVE-2016-5418
- SUSE Bug 998677
Описание
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
Затронутые продукты
Ссылки
- CVE-2016-5844
- SUSE Bug 986566
Описание
Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow.
Затронутые продукты
Ссылки
- CVE-2016-6250
- SUSE Bug 989980
Описание
Stack-based buffer overflow in the safe_fprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename.
Затронутые продукты
Ссылки
- CVE-2016-8687
- SUSE Bug 1005070
Описание
The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c.
Затронутые продукты
Ссылки
- CVE-2016-8688
- SUSE Bug 1005076
Описание
The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archive.
Затронутые продукты
Ссылки
- CVE-2016-8689
- SUSE Bug 1005072