|
|
Subscribe / Log in / New account

Debian-LTS alert DLA-810-1 (libarchive)



From:
    	      Chris Lamb <lamby@debian.org> 


To:
    	      debian-lts-announce@lists.debian.org 


Subject:
    	      [SECURITY] [DLA 810-1] libarchive security update 


Date:
    	      Tue, 31 Jan 2017 20:46:53 +1300


Message-ID:
    	      <1485848813.774043.865123520.5919CF7B@webmail.messagingengine.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libarchive
Version        : 3.0.4-3+wheezy5+deb7u1
CVE ID         : CVE-2017-5601
Debian Bug     : #853278

It was discovered that there was a heap buffer overflow in libarchive,
a multi-format archive and compression library.

For Debian 7 "Wheezy", this issue has been fixed in libarchive version
3.0.4-3+wheezy5+deb7u1.

We recommend that you upgrade your libarchive packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAliQQIYACgkQHpU+J9Qx
HlhWBBAArVcNIQgBYFQR6A6+zk37Z6q4pslH2JiaRW4Ol2ySH6H7LS6UiU4Rpvgo
QH8/fXujvt1/242Fx2W8cjv4L8HnE4GVszLML6bMiyWhLVZ9TLRMmlTyvBk6xdy8
fpJTeC3rCEzTvID5KsIciJhDIssGnlgyGBTyxqFE03hmtO5aWn9cPxs0aFY8dTXa
aH+CWaG3M4efMxKFNJWiSY8R8jayUHoUaBCNeKeP7fR8Q9qROQX+tFaV14el24C0
W2MQgBH3E8sCXYMbLvnCDFWq0bAKkF/1KUGXnfYBTbft6G9s/BD7s1hQ3a1ZhGDY
RRwNgj9Ss+zR1znBfNvm3l9331Vgwdnt4ihNvbiAzgqDY1SrdkzGvqts5w1T2cDQ
R0uy3VozWbUEjjTEVSwDhEtSNpZF52Nv2EHNbSg8b3r/Lgcsl2oUHUZ0IKJgjeP0
CveFujs5kN+W/DfBpwXTKvLV6UrjwsQ87p02OOCep9Hiw+CheGeugR+JZNpB1uCV
Z9R+6nhxBOE25ZP66Yt5axjjgsZmD+k+z527KJD6+Z8UEQM4wOQ1B5VRcNdSlfbD
R6j/cPKJH9IgDScdk9MGx8jDNAdf/RfM+g4At+aGgCTl0oweFtP89uW8ebOmB0+y
Cf+29NWULOuMeye9y2zXj7u+D6O7242mp5P48eDKEVzJqCCKJo8=
=9PcV
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds