Information on source package libarchive

Available versions

ReleaseVersion
wheezy3.0.4-3+wheezy1
wheezy (security)3.0.4-3+wheezy6+deb7u1
jessie (security)3.1.2-11+deb8u3
stretch3.2.2-2
buster3.2.2-3.1
sid3.2.2-3.1

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-7068undeterminedundeterminedundeterminedundeterminedundeterminedAn issue was discovered in certain Apple products. iOS before 10.3.3 ...
CVE-2017-5601fixedvulnerable (no DSA)fixedfixedfixedAn error in the lha_read_file_header_1() function ...
CVE-2017-2390undeterminedundeterminedundeterminedundeterminedundeterminedAn issue was discovered in certain Apple products. iOS before 10.3 is ...
CVE-2017-14503vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablelibarchive 3.3.2 suffers from an out-of-bounds read within ...
CVE-2017-14502vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableread_header in archive_read_support_format_rar.c in libarchive 3.3.2 ...
CVE-2017-14501vulnerablevulnerablevulnerablevulnerablevulnerableAn out-of-bounds read flaw exists in parse_file_info in ...
CVE-2017-14166fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedlibarchive 3.3.2 allows remote attackers to cause a denial of service ...
CVE-2016-8689fixedvulnerable (no DSA)fixedfixedfixedThe read_Header function in archive_read_support_format_7zip.c in ...
CVE-2016-8688fixedvulnerable (no DSA)fixedfixedfixedThe mtree bidder in libarchive 3.2.1 does not keep track of line sizes ...
CVE-2016-8687fixedvulnerable (no DSA)fixedfixedfixedStack-based buffer overflow in the safe_fprintf function in tar/util.c ...
CVE-2016-4736undeterminedundeterminedundeterminedundeterminedundeterminedlibarchive in Apple OS X before 10.12 allows remote attackers to cause ...
CVE-2016-10350fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedThe archive_read_format_cab_read_header function in ...
CVE-2016-10349fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedThe archive_le32dec function in archive_endian.h in libarchive 3.2.2 ...
CVE-2016-10209fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedThe archive_wstring_append_from_mbs function in archive_string.c in ...
CVE-2015-8915fixedvulnerable (no DSA)fixedfixedfixedbsdcpio in libarchive before 3.2.0 allows remote attackers to cause a ...

Resolved issues

BugDescription
CVE-2016-7166libarchive before 3.2.0 does not limit the number of recursive ...
CVE-2016-6250Integer overflow in the ISO9660 writer in libarchive before 3.2.1 ...
CVE-2016-5844Integer overflow in the ISO parser in libarchive before 3.2.1 allows ...
CVE-2016-5418The sandboxing code in libarchive 3.2.0 and earlier mishandles ...
CVE-2016-4809The archive_read_format_cpio_read_header function in ...
CVE-2016-4302Heap-based buffer overflow in the parse_codes function in ...
CVE-2016-4301Stack-based buffer overflow in the parse_device function in ...
CVE-2016-4300Integer overflow in the read_SubStreamsInfo function in ...
CVE-2016-1541Heap-based buffer overflow in the zip_read_mac_metadata function in ...
CVE-2015-8934The copy_from_lzss_window function in ...
CVE-2015-8933Integer overflow in the archive_read_format_tar_skip function in ...
CVE-2015-8932The compress_bidder_init function in ...
CVE-2015-8931Multiple integer overflows in the (1) get_time_t_max and (2) ...
CVE-2015-8930bsdtar in libarchive before 3.2.0 allows remote attackers to cause a ...
CVE-2015-8929Memory leak in the __archive_read_get_extract function in ...
CVE-2015-8928The process_add_entry function in archive_read_support_format_mtree.c ...
CVE-2015-8927The trad_enc_decrypt_update function in ...
CVE-2015-8926The archive_read_format_rar_read_data function in ...
CVE-2015-8925The readline function in archive_read_support_format_mtree.c in ...
CVE-2015-8924The archive_read_format_tar_read_header function in ...
CVE-2015-8923The process_extra function in libarchive before 3.2.0 uses the size ...
CVE-2015-8922The read_CodersInfo function in archive_read_support_format_7zip.c in ...
CVE-2015-8921The ae_strtofflags function in archive_entry.c in libarchive before ...
CVE-2015-8920The _ar_read_header function in archive_read_support_format_ar.c in ...
CVE-2015-8919The lha_read_file_extended_header function in ...
CVE-2015-8918The archive_string_append function in archive_string.c in libarchive ...
CVE-2015-8917bsdtar in libarchive before 3.2.0 allows remote attackers to cause a ...
CVE-2015-8916bsdtar in libarchive before 3.2.0 returns a success code without ...
CVE-2015-2304Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 ...
CVE-2013-0211Integer signedness error in the archive_write_zip_data function in ...
CVE-2011-1779Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 ...
CVE-2011-1778Buffer overflow in libarchive through 2.8.5 allows remote attackers to ...
CVE-2011-1777Multiple buffer overflows in the (1) heap_add_entry and (2) ...
CVE-2010-4666Buffer overflow in libarchive 3.0 pre-release code allows remote ...
CVE-2007-3645archive_read_support_format_tar.c in libarchive before 2.2.4 allows ...
CVE-2007-3644archive_read_support_format_tar.c in libarchive before 2.2.4 allows ...
CVE-2007-3641archive_read_support_format_tar.c in libarchive before 2.2.4 does not ...
CVE-2006-5680The libarchive library in FreeBSD 6-STABLE after 2006-09-05 and before ...

Security announcements

DSA / DLADescription
DLA-1092-1libarchive - security update
DLA-1006-1libarchive - security update
DLA-810-1libarchive - security update
DLA-661-1libarchive - security update
DLA-657-1libarchive - security update
DSA-3677-1libarchive - security update
DLA-617-1libarchive - security update
DSA-3657-1libarchive - security update
DLA-554-1libarchive - security update
DSA-3574-1libarchive - security update
DLA-166-1libarchive - security update
DSA-3180-1libarchive - security update
DSA-2413-1libarchive - buffer overflows
DSA-1455-1libarchive

Search for package or bug name: Reporting problems