ELSA-2016-1844

ELSA-2016-1844 - libarchive security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2016-09-12

Description


[3.1.2-10]
- Fixes variation of CVE-2016-5418: Hard links could include '..' in their path.

[3.1.2-9]
- Fixes CVE-2016-5418: Archive Entry with type 1 (hardlink) causes file overwrite (#1365777)

[3.1.2-8]
- a bunch of security fixes (rhbz#1353065)


Related CVEs


CVE-2015-8916
CVE-2015-8917
CVE-2015-8919
CVE-2015-8920
CVE-2015-8921
CVE-2015-8928
CVE-2015-8932
CVE-2016-1541
CVE-2016-4300
CVE-2016-4302
CVE-2016-4809
CVE-2016-5418
CVE-2016-5844
CVE-2016-7166
CVE-2015-8922
CVE-2015-8923
CVE-2015-8924
CVE-2015-8925
CVE-2015-8926
CVE-2015-8930
CVE-2015-8931
CVE-2015-8934
CVE-2016-6250

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) libarchive-3.1.2-10.el7_2.src.rpmdb9fd5a2117030b872422ca53a1c38fc-
bsdcpio-3.1.2-10.el7_2.x86_64.rpmf97b67095ac251be3f0d67f1469badc1-
bsdtar-3.1.2-10.el7_2.x86_64.rpm4262a308956877f1f8fe635acfd7823d-
libarchive-3.1.2-10.el7_2.i686.rpmc317d4c77e1329ad240c95506163da64-
libarchive-3.1.2-10.el7_2.x86_64.rpmb5266890b8561c7b11fbfdc85a66f284-
libarchive-devel-3.1.2-10.el7_2.i686.rpmc226130211d9206c8af012d7cf96e88e-
libarchive-devel-3.1.2-10.el7_2.x86_64.rpm8ed07c1bc0ee2421e55367efbcb28b69-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete