200191 – base/head/contrib/libarchive out of bounds read vulnerability

Bug 200191 - base/head/contrib/libarchive out of bounds read vulnerability

Summary: base/head/contrib/libarchive out of bounds read vulnerability

Status:	Closed FIXED

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	bin (show other bugs)
Version:	CURRENT
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	Xin LI

URL:
Keywords:

Depends on:
Blocks:	206386
	Show dependency tree / graph

Reported:	2015-05-14 15:23 UTC by Sevan Janiyan
Modified:	2016-01-19 00:16 UTC (History)
CC List:	3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sevan Janiyan 2015-05-14 15:23:35 UTC

https://github.com/libarchive/libarchive/issues/502
fix: https://github.com/libarchive/libarchive/commit/e6c9668f3202215ddb71617b41c19b6f05acf008

applicable to 10.1-RELEASE as same version of libarchive is used there and 9.3.0 & 8.4.0 though libarchive is older there.

Comment 1 Xin LI freebsd_committer

2015-05-14 22:37:28 UTC

This should have been addressed by head@r282932.