23 matches found
SUSE-SU-2019:0831-1 Security update for libarchive
This update for libarchive fixes the following issues: Security issues fixed: - CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653 - CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654 - CVE-2018-1000879: Fixed a NULL Pointer Dereference...
[SECURITY] [DLA 1668-1] libarchive security update
Package : libarchive Version : 3.1.2-11+deb8u7 CVE ID : CVE-2019-1000019 CVE-2019-1000020 Fuzzing found two further file-format specific issues in libarchive, a read-only segfault in 7z, and an infinite loop in ISO9660. CVE-2019-1000019 Out-of-bounds Read vulnerability in 7zip decompression, that...
Design/Logic Flaw
libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards version v2.8.0 onwards contains a CWE-835: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in ISO9660 parser, archivereadsupportformatiso9660.c, readCE/parserockridge that can result in DoS by infinite...