Описание
Security update for libarchive
This update for libarchive fixes several issues.
These security issues were fixed:
- CVE-2016-8687: Buffer overflow when printing a filename (bsc#1005070).
- CVE-2016-8689: Heap overflow when reading corrupted 7Zip files (bsc#1005072).
- CVE-2016-8688: Use after free because of incorrect calculation in next_line (bsc#1005076).
- CVE-2016-5844: Integer overflow in the ISO parser in libarchive allowed remote attackers to cause a denial of service (application crash) via a crafted ISO file (bsc#986566).
- CVE-2016-6250: Integer overflow in the ISO9660 writer in libarchive allowed remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow (bsc#989980).
- CVE-2016-5418: The sandboxing code in libarchive mishandled hardlink archive entries of non-zero data size, which might allowed remote attackers to write to arbitrary files via a crafted archive file (bsc#998677).
This update was imported from the SUSE:SLE-12:Update update project.
Список пакетов
openSUSE Leap 42.2
Ссылки
- E-Mail link for openSUSE-SU-2016:3002-1
- SUSE Security Ratings
Описание
Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 and earlier allows remote attackers to write to arbitrary files via a full pathname in an archive.
Затронутые продукты
Ссылки
- CVE-2015-2304
- SUSE Bug 920870
Описание
The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.
Затронутые продукты
Ссылки
- CVE-2016-5418
- SUSE Bug 998677
Описание
Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.
Затронутые продукты
Ссылки
- CVE-2016-5844
- SUSE Bug 986566
Описание
Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via vectors related to verifying filename lengths when writing an ISO9660 archive, which trigger a buffer overflow.
Затронутые продукты
Ссылки
- CVE-2016-6250
- SUSE Bug 989980
Описание
Stack-based buffer overflow in the safe_fprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename.
Затронутые продукты
Ссылки
- CVE-2016-8687
- SUSE Bug 1005070
Описание
The mtree bidder in libarchive 3.2.1 does not keep track of line sizes when extending the read-ahead, which allows remote attackers to cause a denial of service (crash) via a crafted file, which triggers an invalid read in the (1) detect_form or (2) bid_entry function in libarchive/archive_read_support_format_mtree.c.
Затронутые продукты
Ссылки
- CVE-2016-8688
- SUSE Bug 1005076
Описание
The read_Header function in archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote attackers to cause a denial of service (out-of-bounds read) via multiple EmptyStream attributes in a header in a 7zip archive.
Затронутые продукты
Ссылки
- CVE-2016-8689
- SUSE Bug 1005072