Bugs fixes in "libarchive"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2018-1000880 | libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vuln | 2019-01-15 |
| CVE | CVE-2018-1000878 | libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability | 2019-01-15 |
| CVE | CVE-2018-1000877 | libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in | 2019-01-15 |
| CVE | CVE-2017-14502 | read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an | 2019-01-15 |
| CVE | CVE-2017-14503 | libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially craf | 2018-08-13 |
| CVE | CVE-2017-14501 | An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted | 2018-08-13 |
| CVE | CVE-2017-14166 | libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar | 2018-08-13 |
| CVE | CVE-2016-10350 | The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial o | 2018-08-13 |
| CVE | CVE-2016-10349 | The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-rea | 2018-08-13 |
| CVE | CVE-2016-10209 | The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL point | 2018-08-13 |
| CVE | CVE-2017-14503 | libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially craf | 2018-08-13 |
| CVE | CVE-2017-14501 | An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted | 2018-08-13 |
| CVE | CVE-2017-14166 | libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar | 2018-08-13 |
| CVE | CVE-2016-10350 | The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial o | 2018-08-13 |
| CVE | CVE-2016-10349 | The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-rea | 2018-08-13 |
| CVE | CVE-2016-10209 | The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL point | 2018-08-13 |
| CVE | CVE-2017-14503 | libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially craf | 2018-08-13 |
| CVE | CVE-2017-14501 | An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted | 2018-08-13 |
| CVE | CVE-2017-14166 | libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar | 2018-08-13 |
| CVE | CVE-2016-10350 | The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial o | 2018-08-13 |
About
-
Send Feedback to @ubuntu_updates
