Lucene search
OracleLinuxELSA-2016-1844HistorySep 12, 2016 - 12:00 a.m.
libarchive security update
2016-09-1200:00:00
linux.oracle.com
14
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.112 Low
EPSS
Percentile
94.6%
[3.1.2-10]
- Fixes variation of CVE-2016-5418: Hard links could include ‘…’ in their path.
[3.1.2-9] - Fixes CVE-2016-5418: Archive Entry with type 1 (hardlink) causes file overwrite (#1365777)
[3.1.2-8] - a bunch of security fixes (rhbz#1353065)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | libarchive | < 3.1.2-10.el7_2 | libarchive-3.1.2-10.el7_2.src.rpm |
| oracle linux | 7 | aarch64 | bsdcpio | < 3.1.2-10.el7_2 | bsdcpio-3.1.2-10.el7_2.aarch64.rpm |
| oracle linux | 7 | aarch64 | bsdtar | < 3.1.2-10.el7_2 | bsdtar-3.1.2-10.el7_2.aarch64.rpm |
| oracle linux | 7 | aarch64 | libarchive | < 3.1.2-10.el7_2 | libarchive-3.1.2-10.el7_2.aarch64.rpm |
| oracle linux | 7 | aarch64 | libarchive-devel | < 3.1.2-10.el7_2 | libarchive-devel-3.1.2-10.el7_2.aarch64.rpm |
| oracle linux | 7 | src | libarchive | < 3.1.2-10.el7_2 | libarchive-3.1.2-10.el7_2.src.rpm |
| oracle linux | 7 | x86_64 | bsdcpio | < 3.1.2-10.el7_2 | bsdcpio-3.1.2-10.el7_2.x86_64.rpm |
| oracle linux | 7 | x86_64 | bsdtar | < 3.1.2-10.el7_2 | bsdtar-3.1.2-10.el7_2.x86_64.rpm |
| oracle linux | 7 | i686 | libarchive | < 3.1.2-10.el7_2 | libarchive-3.1.2-10.el7_2.i686.rpm |
| oracle linux | 7 | x86_64 | libarchive | < 3.1.2-10.el7_2 | libarchive-3.1.2-10.el7_2.x86_64.rpm |
Related
nessus
nessus
EulerOS 2.0 SP1 : libarchive (EulerOS-SA-2016-1045)
2017-05-01 00:00:00
Scientific Linux Security Update : libarchive on SL7.x x86_64 (20160912)
2016-09-13 00:00:00
CentOS 7 : libarchive (CESA-2016:1844)
2016-09-16 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2016-743)
2016-10-26 00:00:00
CentOS Update for bsdcpio CESA-2016:1844 centos7
2016-09-16 00:00:00
Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2016-1045)
2020-01-23 00:00:00
redhat
redhat
(RHSA-2016:1844) Important: libarchive security update
2016-09-12 15:10:21
(RHSA-2016:1850) Important: libarchive security update
2016-09-12 15:10:17
ibm
ibm
Security Bulletin: Vulnerabilities in libarchive affect PowerKVM
2018-06-18 01:33:29
cloudfoundry
cloudfoundry
USN-3033-1 libarchive vulnerability | Cloud Foundry
2016-08-25 00:00:00
USN-3225-1: libarchive vulnerabilities | Cloud Foundry
2017-03-31 00:00:00
centos
centos
bsdcpio, bsdtar, libarchive security update
2016-09-16 00:18:58
libarchive security update
2016-09-15 22:26:12
amazon
amazon
Important: libarchive
2016-09-27 10:30:00
debian
debian
[SECURITY] [DLA 554-1] libarchive security update
2016-07-21 06:10:45
[SECURITY] [DSA 3657-1] libarchive security update
2016-08-30 21:15:15
[SECURITY] [DSA 3677-1] libarchive security update
2016-09-25 09:50:39
ubuntu
ubuntu
libarchive vulnerabilities
2016-07-14 00:00:00
libarchive vulnerabilities
2017-03-09 00:00:00
suse
suse
Security update for libarchive (important)
2016-08-11 17:13:38
Security update for libarchive (important)
2016-07-29 14:09:01
Security update for bsdtar (important)
2016-08-02 17:08:50
gentoo
gentoo
libarchive: Multiple vulnerabilities
2017-01-01 00:00:00
oraclelinux
oraclelinux
libarchive security update
2016-09-12 00:00:00
mageia
mageia
Updated libarchive packages fix security vulnerability
2016-07-05 18:47:08
ubuntucve
ubuntucve
freebsd
freebsd
libarchive -- multiple vulnerabilities
2016-06-23 00:00:00
f5
f5
K91432940 : libarchive vulnerabilities CVE-2015-8920 and CVE-2016-4809
2016-12-07 00:00:00
K90412202 : libarchive vulnerability CVE-2015-8932
2016-12-08 00:00:00
threatpost
threatpost
Patched libarchive Vulnerabilities Have Big Reach
2016-06-22 16:27:33
debiancve
debiancve
prion
prion
Null pointer dereference
2016-09-20 14:15:00
Code injection
2016-09-20 14:15:00
Integer overflow
2016-09-20 14:15:00
redhatcve
redhatcve
veracode
veracode
Undefined Behavior Through Integer Overflow
2018-04-10 07:43:45
Denial Of Service (DoS) Through Stack Buffer Underflow
2019-01-15 09:13:06
Denial Of Service (DoS)
2018-07-31 09:07:32
cve
cve
osv
osv
CVE-2016-4809
2016-09-21 14:25:00
CVE-2015-8934
2016-09-20 14:15:00
alpinelinux
alpinelinux
fedora
fedora
[SECURITY] Fedora 24 Update: mingw-xz-5.2.2-3.fc24
2016-08-16 19:28:58
[SECURITY] Fedora 24 Update: mingw-libarchive-3.2.1-2.fc24
2016-08-16 19:28:58
[SECURITY] Fedora 24 Update: libarchive-3.2.1-3.fc24
2016-07-27 18:59:35
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.112 Low
EPSS
Percentile
94.6%
Related for ELSA-2016-1844