[3.0] libarchive: heap-based buffer overflow due to improper input validation (CVE-2016-1541)
A crafted zip file can provide an incorrect compressed size, which may
allow an attacker to place arbitrary code
on the heap and execute it in the context of the current user. The user
must be coerced into unzipping the crafted zip file.
Fixed In Version:
libarchive 3.2.0
References:
http://www.kb.cert.org/vuls/id/862384
https://bugzilla.redhat.com/show\_bug.cgi?id=CVE-2016-1541
Fix:
https://github.com/libarchive/libarchive/commit/d0331e8e5b05b475f20b1f3101fe1ad772d7e7e7
(from redmine: issue id 5565, created on 2016-05-13, closed on 2016-06-15)
- Relations:
- parent #5560 (closed)
- Changesets:
- Revision 821c3950 on 2016-06-02T07:49:58Z:
main/libarchive: securit fix (CVE-2016-1541). Fixes #5565