ELSA-2019-3698

ULN >
Oracle Linux Errata repository >
ELSA-2019-3698

ELSA-2019-3698 - libarchive security and bug fix update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2019-11-14

Description

[3.3.2-7]
- fix use-after-free in delayed newc link processing (#1602575)
- fix a few obvious resource leaks and strcpy() misuses (#1602575)

[3.3.2-6]
- fixed use after free in RAR decoder (#1700752)
- fixed double free in RAR decoder (#1700753)

[3.3.2-5]
- release bump due to gating (#1680768)

[3.3.2-4]
- fix out-of-bounds read within lha_read_data_none() (CVE-2017-14503)
- fix crash on crafted 7zip archives (CVE-2019-1000019)
- fix infinite loop in ISO9660 (CVE-2019-1000020)

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	libarchive-3.3.2-7.el8.src.rpm	ec28f22e8f7f634c67525ace513da382e6e65ff5dcc838113695cede694ccd09	-	ol8_aarch64_baseos_latest
	libarchive-3.3.2-7.el8.src.rpm	ec28f22e8f7f634c67525ace513da382e6e65ff5dcc838113695cede694ccd09	-	ol8_aarch64_codeready_builder
	bsdtar-3.3.2-7.el8.aarch64.rpm	abd7824370183fa63a820e838dde791040a9667d97b6f2301812b0fbf96e89fd	-	ol8_aarch64_baseos_latest
	libarchive-3.3.2-7.el8.aarch64.rpm	2f81fcd5ae9810f27e3b8ffc12bbe0a4377657739a41e669f314bccf79924b26	-	ol8_aarch64_baseos_latest
	libarchive-devel-3.3.2-7.el8.aarch64.rpm	45f53c34b7193a8a6d29fb76f8d7607393b426003ab72a394d1907a99495a812	-	ol8_aarch64_codeready_builder

Oracle Linux 8 (x86_64)	libarchive-3.3.2-7.el8.src.rpm	ec28f22e8f7f634c67525ace513da382e6e65ff5dcc838113695cede694ccd09	-	ol8_x86_64_baseos_latest
	libarchive-3.3.2-7.el8.src.rpm	ec28f22e8f7f634c67525ace513da382e6e65ff5dcc838113695cede694ccd09	-	ol8_x86_64_codeready_builder
	libarchive-3.3.2-7.el8.src.rpm	ec28f22e8f7f634c67525ace513da382e6e65ff5dcc838113695cede694ccd09	-	ol8_x86_64_u1_baseos_base
	bsdtar-3.3.2-7.el8.x86_64.rpm	6137e43de1fb126d0f93c6eec59fb077a88112589fa57bb545474c99b88a4132	-	ol8_x86_64_baseos_latest
	bsdtar-3.3.2-7.el8.x86_64.rpm	6137e43de1fb126d0f93c6eec59fb077a88112589fa57bb545474c99b88a4132	-	ol8_x86_64_u1_baseos_base
	libarchive-3.3.2-7.el8.i686.rpm	decc5433a45cd9d20506dd27556a4d0d395f32f25f3d8631f1da9ca87491b2c0	-	ol8_x86_64_baseos_latest
	libarchive-3.3.2-7.el8.i686.rpm	decc5433a45cd9d20506dd27556a4d0d395f32f25f3d8631f1da9ca87491b2c0	-	ol8_x86_64_u1_baseos_base
	libarchive-3.3.2-7.el8.x86_64.rpm	b7b82fb121dd2b1640ae3d818490276da05c41242fe0417828cf5ff7b94d7db9	-	ol8_x86_64_baseos_latest
	libarchive-3.3.2-7.el8.x86_64.rpm	b7b82fb121dd2b1640ae3d818490276da05c41242fe0417828cf5ff7b94d7db9	-	ol8_x86_64_u1_baseos_base
	libarchive-devel-3.3.2-7.el8.i686.rpm	003d7407fe06c61d46eb8bdbabf57fb101d94a20d5e4292c6bb648fb38c33d99	-	ol8_x86_64_codeready_builder
	libarchive-devel-3.3.2-7.el8.x86_64.rpm	ae70002df4e4982f168a7e872975d434c82a04d586cb0c942d7b5288df198751	-	ol8_x86_64_codeready_builder

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691