[SECURITY] [DLA 657-1] libarchive security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : libarchive
Version : 3.0.4-3+wheezy4
CVE ID : CVE-2016-5418
Debian Bug : 837714
It was found that libarchive mishandled hardlink archive entries of
non-zero data size, possibly allowing remote attackers to to write to
arbitrary files via especially crafted archives.
For Debian 7 "Wheezy", these problems have been fixed in version
3.0.4-3+wheezy4.
We recommend that you upgrade your libarchive packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJYA1d3AAoJEJ1GxIjkNoMCDS0P/iOz0wc16JBLE5ZRAwpn8EI/
cDvL7/wRpTieCK9deA7hBVMOxqb2dlOuofk+SPu9dtFtPiT/XTD52DE/sEkHIl76
vA1mPzWix5rOAJlxw/FO1s0cYI9FeiTOf/h7HriUmhxUuI+32QkswCHkLwMl4MFo
nEKXEKLCPhdahb8ptX54pMkoE7SkOHj5tOiy8rsZ8O6tfomoMbVOMOYgPuLcKF2D
ujgXfmnGmuuJkgkUvFR+Nn9dMVPm4R3o41zrxpsUZtdoP/puMObeqgrEH+3jbMqQ
CcPaMJRg5x410xJjSNmulga1O+0Yxrnh0um+pHHK0vbu/NPznIMXk1jxzc4pee+a
Tbo5bkLLkVxVfLCzUa7VYyACUY9IUQ+VP9+KVzawyx7HlxE/LUOCmt7lHMgmIX08
xCr0Pm+fMM18VJ+wzHR0P8SjHJMN28fhvRzUhNd++jo0JgoHgGh/5toNR5v+f08v
dj6JAJf6+aArM4lclxjARzQ7pWokm22tzCVg+sQN8mAfvCQsZLIQi5IBBKePCK40
cAXt3J5kDaNcoUihj5fipepRuRLlT6fSUtNf53V4zLdjytFnb9RWsSSNGZum+FpJ
8BYWXQBGw2/4B+/Kir11PdLnVqY+FtSuhCwghvX3zsef1aoBsr++c7LFYVevekuA
HnBIy/oG/TTzqdsyhybF
=BBkY
-----END PGP SIGNATURE-----
Reply to: