ELSA-2022-0892

ELSA-2022-0892 - libarchive security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2022-03-16

Description

[3.3.3-3]
- Do not follow symlinks when processing the fixup list (CVE-2021-31566)

[3.3.3-2]
- Fix handling of symbolic link ACLs (CVE-2021-23177)

Related CVEs

CVE-2021-23177

CVE-2021-31566

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory
Oracle Linux 8 (aarch64)	libarchive-3.3.3-3.el8_5.src.rpm	6b7cadb9c945afb80e1a245170df2de7	-
	bsdtar-3.3.3-3.el8_5.aarch64.rpm	d4ff1e66d6a9cd825bfeb9d7b34e377b	-
	libarchive-3.3.3-3.el8_5.aarch64.rpm	b914e37d88630c32be1dee6dbcbc0b78	-
	libarchive-devel-3.3.3-3.el8_5.aarch64.rpm	8f4a31a10ffe60c58a051e1a7b2fe50e	-
Oracle Linux 8 (x86_64)	libarchive-3.3.3-3.el8_5.src.rpm	6b7cadb9c945afb80e1a245170df2de7	-
	bsdtar-3.3.3-3.el8_5.x86_64.rpm	f86e1e1667ab39a1c0caba3b001d75b5	-
	libarchive-3.3.3-3.el8_5.i686.rpm	375f85791b9b226b15279cef6b27f94b	-
	libarchive-3.3.3-3.el8_5.x86_64.rpm	bfe5b869b788624ad91c829af6795485	-
	libarchive-devel-3.3.3-3.el8_5.i686.rpm	dbc712a9788c4a412310508500e333dc	-
	libarchive-devel-3.3.3-3.el8_5.x86_64.rpm	c70b901d69df34f1a94f7513b1b9b546	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team