Debian 11: DLA-3950-1 moderate: libarchive multiple issues
debian lts
November 11, 2024
Multiple vulnerabilities have been fixed in libarchive, a multi-format archive and compression library
Topics Covered
Summary
CVE-2021-36976
RAR reader use-after-free
CVE-2022-26280
ZIP reader out-of-bounds-read
CVE-2022-36227
archive_write NULL dereference
CVE-2024-20696
RAR reader out-of-bounds write
For Debian 11 bullseye, these problems have been fixed in version
3.4.3-2+deb11u2.
We recommend that you upgrade your libarchive packages.
For the detailed security status of libarchive please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/libarchive
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
PREVIOUS
NEXT
Package: libarchive
Version: 3.4.3-2+deb11u2
CVE ID: CVE-2021-36976 CVE-2022-26280 CVE-2022-36227 CVE-2024-20696
Debian Bug: 991442 1008953 1024669 1086155
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!