[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 554-1] libarchive security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libarchive
Version        : 3.0.4-3+wheezy2
CVE ID         : CVE-2015-8917 CVE-2015-8919 CVE-2015-8920
                 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923
                 CVE-2015-8924 CVE-2015-8925 CVE-2015-8926
                 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932
                 CVE-2015-8933 CVE-2015-8934 CVE-2016-4300
                 CVE-2016-4302 CVE-2016-4809 CVE-2016-5844


Several vulnerabilities were discovered in libarchive, a library for
reading and writing archives in various formats. An attacker can take
advantage of these flaws to cause a denial-of-service against an
application using the libarchive library (application crash), or
potentially execute arbitrary code with the privileges of the user
running the application.

For Debian 7 "Wheezy", these problems have been fixed in version
3.0.4-3+wheezy2.

We recommend that you upgrade your libarchive packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQJ8BAEBCgBmBQJXkGdkXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBQ0YzRDA4OEVGMzJFREVGNkExQTgzNUZE
OUFEMTRCOTUxM0I1MUU0AAoJENmtFLlRO1Hkwc0P/1PiF834ONtNzhnKxlrG1ah1
NFy/X4XkTxpEQNdbJ5x284ySs4Wodg6dXmXMFj5z197TK4vifmPGu6PxMwHulVEx
VJpsuUcvFwVvsBiee6QDM+YfF0xFuKc0PQkcfdFq9Ws5uNkk5ELKH8LnrHZ87N7V
4+9sOmARD+SRsK4OfjRDy445uM2kco4PgW/nWh46IYlLVqhT44ZzIoMnbZ1dtZq9
wB2JY/GEUoHncY/eqx6gyZ3YP2AXpc4H8Qdgqvt0VE+JFDSl98CCpgjVnMmGMnwy
z4NhBQuy9vvtxVoZzNH9UCs6k+jDJU+ohTpG+zZdHEZjH02wRdPK7gbgvNqtRuyU
zocSof8d3U/BQ0MnYwPJ8HQhdNyhaeyzZbSog4XqJcEm2lAabJyhUYzQ0BnrbCFP
YtjZBmPsOG3L0P/tlqletPsd1lRqRq/rQo+tMgsGAfnw0GFgWz1X6AkeSOK6wxpq
hm+nYqhOBaKO4UXqHEJMJHEKrVBNuLVqsn9rN4XhW5lX7hBw7qKUWdJafyY6NTAt
7lylbbLewPP789M7YyucaVaviBAxrdzFdodBvkt3/+b15jbHCTqsikqVTzcN5lY1
1Rwe0s+yMjfrKNeuFJnHOlGzCliRBr02Bhx4VGuNb4xt3+F8ge2oslvS5cBZKqFk
xlzjuIBSCMWPikiUKEjT
=21la
-----END PGP SIGNATURE-----


Reply to: