GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Thu Aug 15, 2019 9:26 pm Post subject: [ GLSA 201908-11 ] libarchive |
 |
|
Gentoo Linux Security Advisory
Title: libarchive: Multiple vulnerabilities (GLSA 201908-11)
Severity: normal
Exploitable: remote
Date: 2019-08-15
Bug(s): #631294, #636070
ID: 201908-11
Synopsis
Multiple vulnerabilities have been found in libarchive, the worst
of which could result in the arbitrary execution of code.
Background
libarchive is a library for manipulating different streaming archive
formats, including certain tar variants, several cpio formats, and both
BSD and GNU ar variants.
Affected Packages
Package: app-arch/libarchive
Vulnerable: < 3.3.3
Unaffected: >= 3.3.3
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in libarchive. Please
review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All libarchive users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=app-arch/libarchive-3.3.3"
|
References
CVE-2017-14166
CVE-2017-14501
CVE-2017-14502
CVE-2017-14503 |
|
News & Announcements
