SUSE-SU-2016:1909-1 -- Suse libarchiveID: oval:org.secpod.oval:def:400781 | Date: (C)2016-11-22 (M)2023-09-20 |
Class: PATCH | Family: unix |
libarchive was updated to fix 20 security issues. These security issues were fixed: - CVE-2015-8918: Overlapping memcpy in CAB parser . - CVE-2015-8919: Heap out of bounds read in LHA/LZH parser . - CVE-2015-8920: Stack out of bounds read in ar parser . - CVE-2015-8921: Global out of bounds read in mtree parser . - CVE-2015-8922: Null pointer access in 7z parser . - CVE-2015-8923: Unclear crashes in ZIP parser . - CVE-2015-8924: Heap buffer read overflow in tar . - CVE-2015-8925: Unclear invalid memory read in mtree parser . - CVE-2015-8926: NULL pointer access in RAR parser . - CVE-2015-8928: Heap out of bounds read in mtree parser . - CVE-2015-8929: Memory leak in tar parser . - CVE-2015-8930: Endless loop in ISO parser . - CVE-2015-8931: Undefined behavior / signed integer overflow in mtree parser . - CVE-2015-8932: Compress handler left shifting larger than int size . - CVE-2015-8933: Undefined behavior / signed integer overflow in TAR parser . - CVE-2015-8934: Out of bounds read in RAR . - CVE-2016-4300: Heap buffer overflow vulnerability in the 7zip read_SubStreamsInfo . - CVE-2016-4301: Stack buffer overflow in the mtree parse_device . - CVE-2016-4302: Heap buffer overflow in the Rar decompression functionality . - CVE-2016-4809: Memory allocate error with symbolic links in cpio archives .
Platform: |
SUSE Linux Enterprise Server 12 SP1 |
SUSE Linux Enterprise Desktop 12 SP1 |