--%> SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)
[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2016:1909-1 -- Suse libarchive

ID: oval:org.secpod.oval:def:400781Date: (C)2016-11-22   (M)2017-10-12
Class: PATCHFamily: unix




libarchive was updated to fix 20 security issues. These security issues were fixed: - CVE-2015-8918: Overlapping memcpy in CAB parser . - CVE-2015-8919: Heap out of bounds read in LHA/LZH parser . - CVE-2015-8920: Stack out of bounds read in ar parser . - CVE-2015-8921: Global out of bounds read in mtree parser . - CVE-2015-8922: Null pointer access in 7z parser . - CVE-2015-8923: Unclear crashes in ZIP parser . - CVE-2015-8924: Heap buffer read overflow in tar . - CVE-2015-8925: Unclear invalid memory read in mtree parser . - CVE-2015-8926: NULL pointer access in RAR parser . - CVE-2015-8928: Heap out of bounds read in mtree parser . - CVE-2015-8929: Memory leak in tar parser . - CVE-2015-8930: Endless loop in ISO parser . - CVE-2015-8931: Undefined behavior / signed integer overflow in mtree parser . - CVE-2015-8932: Compress handler left shifting larger than int size . - CVE-2015-8933: Undefined behavior / signed integer overflow in TAR parser . - CVE-2015-8934: Out of bounds read in RAR . - CVE-2016-4300: Heap buffer overflow vulnerability in the 7zip read_SubStreamsInfo . - CVE-2016-4301: Stack buffer overflow in the mtree parse_device . - CVE-2016-4302: Heap buffer overflow in the Rar decompression functionality . - CVE-2016-4809: Memory allocate error with symbolic links in cpio archives .

Platform:
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Desktop 12 SP1
Product:
libarchive13
Reference:
SUSE-SU-2016:1909-1
CVE-2015-8918
CVE-2015-8919
CVE-2015-8920
CVE-2015-8921
CVE-2015-8922
CVE-2015-8923
CVE-2015-8924
CVE-2015-8925
CVE-2015-8926
CVE-2015-8928
CVE-2015-8929
CVE-2015-8930
CVE-2015-8931
CVE-2015-8932
CVE-2015-8933
CVE-2015-8934
CVE-2016-4300
CVE-2016-4301
CVE-2016-4302
CVE-2016-4809
CVE    20
CVE-2016-4301
CVE-2015-8918
CVE-2015-8919
CVE-2015-8923
...
CPE    16
cpe:/a:libarchive:libarchive13
cpe:/o:redhat:enterprise_linux_hpc_node:6.0
cpe:/o:canonical:ubuntu_linux:15.10
cpe:/o:redhat:enterprise_linux_hpc_node:7.0
...

© 2013 SecPod Technologies