MiracleLinux 7 : libarchive-3.1.2-10.el7 (AXSA:2016-661:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-661:01 advisory. Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants, severa...

Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2016-1045)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2016-743)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-8919

The lhareadfileextendedheader function in archivereadsupportformatlha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds heap via a crafted 1 lzh or 2 lha file...

BELL-CVE-2015-8919 CVE-2015-8919 does not affect BellSoft software

Bulletin has no description...

CVE-2015-8919

The lhareadfileextendedheader function in archivereadsupportformatlha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds heap via a crafted 1 lzh or 2 lha file...

CVE-2015-8919

CVE-2015-8919 affects libarchive prior to 3.2.0, where the lha_read_file_extended_header path in archive_read_support_format_lha.c is exploitable via crafted LHA/LZH files. This causes an out-of-bounds read which can overflow the heap, enabling a remote attacker to crash the application and poten...

SUSE SLED12 / SLES12 Security Update : libarchive (SUSE-SU-2016:1909-1)

libarchive was updated to fix 20 security issues. These security issues were fixed : - CVE-2015-8918: Overlapping memcpy in CAB parser bsc985698. - CVE-2015-8919: Heap out of bounds read in LHA/LZH parser bsc985697. - CVE-2015-8920: Stack out of bounds read in ar parser bsc985675. - CVE-2015-8921...

openSUSE Security Update : libarchive (openSUSE-2016-969)

libarchive was updated to fix 20 security issues. These security issues were fixed : - CVE-2015-8918: Overlapping memcpy in CAB parser bsc985698. - CVE-2015-8919: Heap out of bounds read in LHA/LZH parser bsc985697. - CVE-2015-8920: Stack out of bounds read in ar parser bsc985675. - CVE-2015-8921...

Security update for libarchive (important)

libarchive was updated to fix 20 security issues. These security issues were fixed: - CVE-2015-8918: Overlapping memcpy in CAB parser bsc985698. - CVE-2015-8919: Heap out of bounds read in LHA/LZH parser bsc985697. - CVE-2015-8920: Stack out of bounds read in ar parser bsc985675. - CVE-2015-8921:...

[SECURITY] [DLA 554-1] libarchive security update

Package : libarchive Version : 3.0.4-3+wheezy2 CVE ID : CVE-2015-8917 CVE-2015-8919 CVE-2015-8920 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8924 CVE-2015-8925 CVE-2015-8926 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932 CVE-2015-8933 CVE-2015-8934 CVE-2016-4300 CVE-2016-4302 CVE-2016-4809...

Ubuntu: Security Advisory (USN-3033-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : libarchive vulnerabilities (USN-3033-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3033-1 advisory. Hanno Bck discovered that libarchive contained multiple security issues when processing certain malformed archive files. A remote attacker...

USN-3033-1: libarchive vulnerabilities

Hanno Böck discovered that libarchive contained multiple security issues when processing certain malformed archive files. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2015-8916, CVE-2015-8917...