[3.1] libarchive: Multiple issues (CVE-2015-8934, CVE-2016-4300, CVE-2016-4302, CVE-2016-4809, CVE-2016-5844, CVE-2016-6250)
CVE-2015-8934: out of bounds heap read in RAR parser
Fixed In Version:
libarchive 3.2.1
References:
https://github.com/libarchive/libarchive/issues/521
Patch:
https://github.com/libarchive/libarchive/commit/603454ec03040c29bd051fcc749e3c1433c11a8e
CVE-2016-4300: Heap buffer overflow vulnerability in the 7zip read_SubStreamsInfo
Fixed In Version:
libarchive 3.2.1
References:
http://www.talosintelligence.com/reports/TALOS-2016-0152/
Patch:
https://github.com/libarchive/libarchive/commit/e79ef306afe332faf22e9b442a2c6b59cb175573
CVE-2016-4302: Heap buffer overflow in the Rar decompression functionality
Fixed In Version:
libarchive 3.2.1
References:
https://github.com/libarchive/libarchive/issues/719
Patch:
https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700
CVE-2016-4809: Memory allocate error with symbolic links in cpio archives
Fixed In Version:
libarchive 3.2.1
References:
https://github.com/libarchive/libarchive/issues/705
Patch:
https://github.com/libarchive/libarchive/commit/fd7e0c02e272913a0a8b6d492c7260dfca0b1408
CVE-2016-5844: undefined behaviour (integer overflow) in iso parser
Fixed In Version:
libarchive 3.2.1
References:
http://seclists.org/oss-sec/2016/q2/591
https://github.com/libarchive/libarchive/issues/717
Patch:
https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22
CVE-2016-6250: Buffer overflow when writing large iso9660 containers
Fixed In Version:
libarchive 3.2.1
References:
https://github.com/libarchive/libarchive/issues/711
Patch:
https://github.com/libarchive/libarchive/commit/3014e19820ea53c15c90f9d447ca3e668a0b76c6
(from redmine: issue id 5974, created on 2016-07-26, closed on 2016-08-09)
- Relations:
- parent #5970 (closed)
- Changesets:
- Revision e9bdabd6 on 2016-08-08T06:28:08Z:
main/libarchive: security fixes. Fixes #5974
CVE-2016-4302
CVE-2016-4809
CVE-2016-5844
CVE-2016-6250
(cherry picked from commit 9d0f5e1e02079c44a9c58169c8b78c743edaf7b8)