Slackware 2022-098-01 Moderate: Libarchive Heap Buffer Issues

slackware

April 8, 2022

New libarchive packages are available for Slackware 14.1, 14.2, 15.0, and -current to fix security issues

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libarchive-3.6.1-i586-1_slack15.0.txz: Upgraded. This is a bugfix and security release. Security fixes: 7zip reader: fix PPMD read beyond boundary. ZIP reader: fix possible out of bounds read. ISO reader: fix possible heap buffer overflow in read_children(). RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in libarchive 3.6.0). Fix heap use after free in archive_read_format_rar_read_data(). Fix null dereference in read_data_compressed(). Fix heap user after free in run_filters(). (* Security fix *)

Topics Covered

security advisory moderate software update slackware out of bounds libarchive heap buffer

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 14.1:
Updated package for Slackware x86_64 14.1:
Updated package for Slackware 14.2:
Updated package for Slackware x86_64 14.2:
Updated package for Slackware 15.0:
Updated package for Slackware x86_64 15.0:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 14.1 package: 92f511489c8d2ead6cc3cda79eae2135 libarchive-3.6.1-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 5c3650ceafa4268f013de7e24fa03e09 libarchive-3.6.1-x86_64-1_slack14.1.txz
Slackware 14.2 package: 44dddbfb5b16435a349ab7862c3f2dd0 libarchive-3.6.1-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 79b95b91f09655923de1a0d5fccbb536 libarchive-3.6.1-x86_64-1_slack14.2.txz
Slackware 15.0 package: b792ffcf8e2c948e1277c19f90498bab libarchive-3.6.1-i586-1_slack15.0.txz
Slackware x86_64 15.0 package: 7a5bb83a67a78e7b7af0a47f1fc3391e libarchive-3.6.1-x86_64-1_slack15.0.txz
Slackware -current package: 848794aa1c4b7da6f998b4b074745986 l/libarchive-3.6.1-i586-1.txz
Slackware x86_64 -current package: 4d57b10b4428a5f26aaa76fede077691 l/libarchive-3.6.1-x86_64-1.txz

Severity

important

Lowest

Low

Medium

High

Critical

Topics Covered

security advisory moderate software update slackware out of bounds libarchive heap buffer

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg libarchive-3.6.1-i586-1_slack15.0.txz

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Slackware 2022-098-01 Moderate: Libarchive Heap Buffer Issues

Summary

Topics Covered

Where Find New Packages

MD5 Signatures

Topics Covered

Get the latest News and Insights

Installation Instructions

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Slackware 2022-098-01 Moderate: Libarchive Heap Buffer Issues

Summary

Topics Covered

Where Find New Packages

MD5 Signatures

Topics Covered

Get the latest News and Insights

Installation Instructions

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!