Commit ae0b39f4 authored by Lev Lamberov's avatar Lev Lamberov

[SECURITY] [DSA 4360-1] libarchive security update

parent 802c1c99
<define-tag pagetitle>DSA-4360-1 libarchive</define-tag>
<define-tag report_date>2018-12-27</define-tag>
<define-tag secrefs>CVE-2016-10209 CVE-2016-10349 CVE-2016-10350 CVE-2017-14166 CVE-2017-14501 CVE-2017-14502 CVE-2017-14503 CVE-2018-1000877 CVE-2018-1000878 CVE-2018-1000880</define-tag>
<define-tag packages>libarchive</define-tag>
<define-tag isvulnerable>yes</define-tag>
<define-tag fixed>yes</define-tag>
<define-tag fixed-section>no</define-tag>
#use wml::debian::security
</dl>
<define-tag description>security update</define-tag>
<define-tag moreinfo>
<p>Multiple security issues were found in libarchive, a multi-format archive
and compression library: Processing malformed RAR archives could result
in denial of service or the execution of arbitrary code and malformed
WARC, LHarc, ISO, Xar or CAB archives could result in denial of service.</p>
<p>For the stable distribution (stretch), these problems have been fixed in
version 3.2.2-2+deb9u1.</p>
<p>We recommend that you upgrade your libarchive packages.</p>
<p>For the detailed security status of libarchive please refer to
its security tracker page at:
<a href="https://security-tracker.debian.org/tracker/libarchive">\
https://security-tracker.debian.org/tracker/libarchive</a></p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/security/2018/dsa-4360.data"
# $Id: $
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment