Описание
Security update for libarchive
This update for libarchive fixes the following issues:
- CVE-2024-20697: Fixed Out of bounds Remote Code Execution Vulnerability (bsc#1225972).
- CVE-2024-48958: Fixed out-of-bounds access via a crafted archive file in execute_filter_delta function (bsc#1231624).
Список пакетов
Container bci/spack:0.23
libarchive13-3.7.2-150600.3.9.1
Container bci/spack:latest
libarchive13-3.7.2-150600.3.9.1
Container containers/pytorch:2-nvidia
libarchive13-3.7.2-150600.3.9.1
Container containers/pytorch:2.5.0
libarchive13-3.7.2-150600.3.9.1
Container suse/manager/5.0/x86_64/server:latest
libarchive13-3.7.2-150600.3.9.1
Image SLES15-SP6-SAP
libarchive13-3.7.2-150600.3.9.1
Image SLES15-SP6-SAP-Azure
libarchive13-3.7.2-150600.3.9.1
Image SLES15-SP6-SAP-EC2
libarchive13-3.7.2-150600.3.9.1
Image SLES15-SP6-SAP-GCE
libarchive13-3.7.2-150600.3.9.1
Image SLES15-SP6-SAPCAL
libarchive13-3.7.2-150600.3.9.1
Image SLES15-SP6-SAPCAL-Azure
libarchive13-3.7.2-150600.3.9.1
Image SLES15-SP6-SAPCAL-EC2
libarchive13-3.7.2-150600.3.9.1
Image SLES15-SP6-SAPCAL-GCE
libarchive13-3.7.2-150600.3.9.1
Image ai_15_6
libarchive13-3.7.2-150600.3.9.1
Image server-image
libarchive13-3.7.2-150600.3.9.1
SUSE Linux Enterprise Module for Basesystem 15 SP6
libarchive-devel-3.7.2-150600.3.9.1
libarchive13-3.7.2-150600.3.9.1
SUSE Linux Enterprise Module for Development Tools 15 SP6
bsdtar-3.7.2-150600.3.9.1
openSUSE Leap 15.6
bsdtar-3.7.2-150600.3.9.1
libarchive-devel-3.7.2-150600.3.9.1
libarchive13-3.7.2-150600.3.9.1
libarchive13-32bit-3.7.2-150600.3.9.1
Ссылки
- Link for SUSE-SU-2024:3940-1
- E-Mail link for SUSE-SU-2024:3940-1
- SUSE Security Ratings
- SUSE Bug 1225972
- SUSE Bug 1231624
- SUSE CVE CVE-2024-20697 page
- SUSE CVE CVE-2024-48958 page
Описание
Windows libarchive Remote Code Execution Vulnerability
Затронутые продукты
Container bci/spack:0.23:libarchive13-3.7.2-150600.3.9.1
Container bci/spack:latest:libarchive13-3.7.2-150600.3.9.1
Container containers/pytorch:2-nvidia:libarchive13-3.7.2-150600.3.9.1
Container containers/pytorch:2.5.0:libarchive13-3.7.2-150600.3.9.1
Ссылки
- CVE-2024-20697
- SUSE Bug 1225972
Описание
execute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.
Затронутые продукты
Container bci/spack:0.23:libarchive13-3.7.2-150600.3.9.1
Container bci/spack:latest:libarchive13-3.7.2-150600.3.9.1
Container containers/pytorch:2-nvidia:libarchive13-3.7.2-150600.3.9.1
Container containers/pytorch:2.5.0:libarchive13-3.7.2-150600.3.9.1
Ссылки
- CVE-2024-48958
- SUSE Bug 1231622