FreeBSD Bugzilla – Attachment 171712 Details for
Bug 210493
archivers/libarchive: update to 3.2.1
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
vuln.xml fragment ready for pasting
libarchive_vuln.xml (text/xml), 1.13 KB, created by
Christoph Moench-Tegeder
on 2016-06-23 13:41:12 UTC
(
hide
)
Description:
vuln.xml fragment ready for pasting
Filename:
MIME Type:
Creator:
Christoph Moench-Tegeder
Created:
2016-06-23 13:41:12 UTC
Size:
1.13 KB
patch
obsolete
> <vuln vid="143a6b34-3a91-4bff-a468-0107dc9f20ef"> > <topic>libarchive -- multiple vulnerabilities</topic> > <affects> > <package> > <name>libarchive</name> > <range><lt>3.2.1,1</lt></range> > </package> > </affects> > <description> > <body xmlns="http://www.w3.org/1999/xhtml"> > <p>Cisco Talos reports:</p> > <blockquote cite="http://blog.talosintel.com/2016/06/the-poisoned-archives.html"> > <ul> > <li>TALOS-2016-0152 [CVE-2016-4300]: 7-Zip read_SubStreamsInfo Integer Overflow</li> > <li>TALOS-2016-0153 [CVE-2016-4301]: mtree parse_device Stack Based Buffer Overflow</li> > <li>TALOS-2016-0154 [CVE-2016-4302]: Libarchive Rar RestartModel Heap Overfl</li> > </ul> > </blockquote> > </body> > </description> > <references> > <url>http://blog.talosintel.com/2016/06/the-poisoned-archives.html</url> > <url>https://github.com/libarchive/libarchive/blob/master/NEWS</url> > <cvename>CVE-2016-4300</cvename> > <cvename>CVE-2016-4301</cvename> > <cvename>CVE-2016-4302</cvename> > </references> > <dates> > <discovery>2016-06-20</discovery> > <entry>2016-06-23</entry> > </dates> > </vuln>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=171712">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 210493
:
171710
|
171711
| 171712 |
171719