Stay Connected:

ELSA-2019-2298

ELSA-2019-2298 - libarchive security update

Type:SECURITY
Severity:MODERATE
Release Date:2019-08-13

Description


[3.1.2-12]
- fixed use after free in RAR decoder (#1700749)
- fixed double free in RAR decoder (#1700748)

[3.1.2-11]
- fix out-of-bounds read within lha_read_data_none() (CVE-2017-14503)
- fix crash on crafted 7zip archives (CVE-2019-1000019)
- fix infinite loop in ISO9660 (CVE-2019-1000020)


Related CVEs


CVE-2017-14503
CVE-2018-1000877
CVE-2018-1000878
CVE-2019-1000019
CVE-2019-1000020

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) libarchive-3.1.2-12.el7.src.rpm7c0075c4681cfc3da377dbb18de6ac4cELSA-2020-0203
bsdcpio-3.1.2-12.el7.aarch64.rpmfb098df5bde7b95bcaf293d9f52b2e76ELSA-2020-0203
bsdtar-3.1.2-12.el7.aarch64.rpm0a7650137c23a451193326d1e8252ecfELSA-2020-0203
libarchive-3.1.2-12.el7.aarch64.rpm07d95a859fac1b8d910516b3ce348809ELSA-2020-0203
libarchive-devel-3.1.2-12.el7.aarch64.rpmcdd1ad7e3853e2d2b56b948b4fbb7830ELSA-2020-0203
Oracle Linux 7 (x86_64) libarchive-3.1.2-12.el7.src.rpm7c0075c4681cfc3da377dbb18de6ac4cELSA-2020-0203
bsdcpio-3.1.2-12.el7.x86_64.rpm80ee34d5f237f941694c5835e876e5bcELSA-2020-0203
bsdtar-3.1.2-12.el7.x86_64.rpmaa1c84fe90bac63b98a1305ada566304ELSA-2020-0203
libarchive-3.1.2-12.el7.i686.rpmc1b5e91a1f8798b32bd2e7ae6da51d5cELSA-2020-0203
libarchive-3.1.2-12.el7.x86_64.rpmd097ccf3a2b79b54b866f31eba24bd13ELSA-2020-0203
libarchive-devel-3.1.2-12.el7.i686.rpm8b065ebdd5f45ae4cc69aefdf6686e25ELSA-2020-0203
libarchive-devel-3.1.2-12.el7.x86_64.rpmdfc717327dd44effb60060e32ad3d82fELSA-2020-0203



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights