MGASA-2022-0142 - Updated libarchive packages fix security vulnerability

Publication date: 15 Apr 2022
URL: https://advisories.mageia.org/MGASA-2022-0142.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2022-26280

7zip reader: fix PPMD read beyond boundary.
ZIP reader: fix possible out of bounds read.
ISO reader: fix possible heap buffer overflow in read_children().
RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in libarchive 3.6.0):
  - fix heap use after free in archive_read_format_rar_read_data();
  - fix null dereference in read_data_compressed();
  - fix heap user after free in run_filters().

References:
- https://bugs.mageia.org/show_bug.cgi?id=30271
- https://github.com/libarchive/libarchive/releases/tag/v3.6.1
- https://ubuntu.com/security/notices/USN-5374-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26280

SRPMS:
- 8/core/libarchive-3.6.1-1.mga8

Mageia 2022-0142: libarchive security update

7zip reader: fix PPMD read beyond boundary

Summary

7zip reader: fix PPMD read beyond boundary. ZIP reader: fix possible out of bounds read. ISO reader: fix possible heap buffer overflow in read_children(). RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in libarchive 3.6.0): - fix heap use after free in archive_read_format_rar_read_data(); - fix null dereference in read_data_compressed(); - fix heap user after free in run_filters().

References

- https://bugs.mageia.org/show_bug.cgi?id=30271

- https://github.com/libarchive/libarchive/releases/tag/v3.6.1

- https://ubuntu.com/security/notices/USN-5374-1

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26280

Resolution

MGASA-2022-0142 - Updated libarchive packages fix security vulnerability

SRPMS

- 8/core/libarchive-3.6.1-1.mga8

Severity

Publication date: 15 Apr 2022

URL: https://advisories.mageia.org/MGASA-2022-0142.html

Type: security

CVE: CVE-2022-26280

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.

Learn More About Our Cookie Policy

What Are You Looking For?

Popular Tags

Mageia 2022-0142: libarchive security update

Summary

References

Resolution

SRPMS

News

Advisories

HOWTOs

Features

An Enterprise’s Guide To Strengthening Linux Cloud Security

Keeping Your Private Files Private: An Introduction to GNU Privacy Guard

Complete Guide to Ethical Hacking

Authoritative Guide on Linux Disk Encryption

Linux Database Security Tips

About Us

Powered By

What Are You Looking For?

Popular Tags

Mageia 2022-0142: libarchive security update

Summary

References

Resolution

SRPMS

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

An Enterprise’s Guide To Strengthening Linux Cloud Security

Keeping Your Private Files Private: An Introduction to GNU Privacy Guard

Complete Guide to Ethical Hacking

Authoritative Guide on Linux Disk Encryption

Linux Database Security Tips

About Us

Powered By