Package "libarchive"

Name:	libarchive
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: Multi-format archive and compression library (development files) Multi-format archive and compression library (shared library)
Latest version:	3.2.2-3.1ubuntu0.7
Release:	bionic (18.04)
Level:	updates
Repository:	main

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "libarchive" in Bionic

Repository	Area	Version
base	main	3.2.2-3.1
base	universe	3.2.2-3.1
security	universe	3.2.2-3.1ubuntu0.7
security	main	3.2.2-3.1ubuntu0.7
updates	universe	3.2.2-3.1ubuntu0.7

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 3.2.2-3.1ubuntu0.2 2019-01-15 16:06:37 UTC

libarchive (3.2.2-3.1ubuntu0.2) bionic-security; urgency=medium * SECURITY UPDATE: Out-of-bounds read - debian/patches/CVE-2017-14502.patch: fix in libarchive/archive_read_support_format_rar.c. - CVE-2017-14502 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2018-1000877.patch: fix in libarchive/archive_read_support_format_rar.c. - CVE-2018-1000877 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2018-1000878.patch: fix in libarchive/archive_read_support_format_rar.c. - CVE-2018-1000878 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2018-1000880.patch: fix in libarchive/archive_read_support_format_warc.c. - CVE-2018-1000880 -- <email address hidden> (Leonidas S. Barbosa) Mon, 14 Jan 2019 09:53:14 -0300

Source diff to previous version

CVE-2017-14502	read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an
CVE-2018-1000877	libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in
CVE-2018-1000878	libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability
CVE-2018-1000880	libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vuln

Version: 3.2.2-3.1ubuntu0.1 2018-08-13 16:06:46 UTC

libarchive (3.2.2-3.1ubuntu0.1) bionic-security; urgency=medium * SECURITY UPDATE: Out-of-bounds read - debian/patches/CVE-2017-14501.patch: fix in libarchive/archive_read_support_format_iso9660.c. - CVE-2017-14501 * SECURITY UPDATE: Out-of-bounds read - debian/patches/CVE-2017-14503.patch: fix in libarchive/archive_read_support_format_lha.c. - CVE-2017-14503 -- <email address hidden> (Leonidas S. Barbosa) Tue, 07 Aug 2018 15:23:21 -0300

CVE-2017-14501	An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted
CVE-2017-14503	libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially craf

About - Send Feedback to @ubuntu_updates

Package "libarchive"

Links

Other versions of "libarchive" in Bionic

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

base

updates

security

PPA updates