[ubuntu/lucid-security] libarchive 2.8.0-2ubuntu0.1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Dec 19 14:03:43 UTC 2011
libarchive (2.8.0-2ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via iso9660 overflows
- debian/patches/CVE-2011-1777.patch: correctly fail on out of memory
conditions in libarchive/archive_read_support_format_iso9660.c.
- CVE-2011-1777
* SECURITY UPDATE: arbitrary code execution via tar overflows
- debian/patches/CVE-2011-1778.patch: correctly fail on out of memory
conditions in libarchive/archive_read_support_format_tar.c
- CVE-2011-1778
Date: Fri, 09 Dec 2011 15:25:53 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/libarchive/2.8.0-2ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Fri, 09 Dec 2011 15:25:53 -0500
Source: libarchive
Binary: libarchive-dev libarchive1 bsdtar bsdcpio
Architecture: source
Version: 2.8.0-2ubuntu0.1
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
bsdcpio - cpio(1) from FreeBSD, using libarchive
bsdtar - tar(1) from FreeBSD, using libarchive
libarchive-dev - Single library to read/write tar, cpio, pax, zip, iso9660, etc.
libarchive1 - Single library to read/write tar, cpio, pax, zip, iso9660, etc.
Changes:
libarchive (2.8.0-2ubuntu0.1) lucid-security; urgency=low
.
* SECURITY UPDATE: arbitrary code execution via iso9660 overflows
- debian/patches/CVE-2011-1777.patch: correctly fail on out of memory
conditions in libarchive/archive_read_support_format_iso9660.c.
- CVE-2011-1777
* SECURITY UPDATE: arbitrary code execution via tar overflows
- debian/patches/CVE-2011-1778.patch: correctly fail on out of memory
conditions in libarchive/archive_read_support_format_tar.c
- CVE-2011-1778
Checksums-Sha1:
723f2d6ea6403a950e55dd8fc5d1ecf35cf210bd 2107 libarchive_2.8.0-2ubuntu0.1.dsc
99a6b8f555918d7ff3ab5f36aaa5e115bebf4ce2 14009 libarchive_2.8.0-2ubuntu0.1.debian.tar.gz
Checksums-Sha256:
25a146f192da9c0fede8715c8678ae79bf633f37b26c969f56a962aba2f955d9 2107 libarchive_2.8.0-2ubuntu0.1.dsc
55655ec63fe54fb9411bb2a4e352503c867c2b762e02016fe7cf10aab346a2a8 14009 libarchive_2.8.0-2ubuntu0.1.debian.tar.gz
Files:
61e2bd47a593ad83daf703bee6418f8e 2107 libs optional libarchive_2.8.0-2ubuntu0.1.dsc
4790b8144abad4d167e571bf56a767b9 14009 libs optional libarchive_2.8.0-2ubuntu0.1.debian.tar.gz
Original-Maintainer: Andreas Henriksson <andreas at fatal.se>
More information about the Lucid-changes
mailing list