MGASA-2016-0179

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0179.html

Import Source

https://advisories.mageia.org/MGASA-2016-0179.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2016-0179

Related

CVE-2016-1541

Published

2016-05-18T20:14:22Z

Modified

2016-05-18T20:05:46Z

Summary

Updated libarchive packages fix CVE-2016-1541

Details

Updated libarchive packages fix security vulnerability:

Heap-based buffer overflow in the zipreadmacmetadata function in archivereadsupportformat_zip.c in libarchive before 3.2.0 allows remote attackers to execute arbitrary code via crafted entry-size values in a ZIP archive (CVE-2016-1541).

The libarchive package has been updated to version 3.2.0, fixing this issue and other bugs.

References

https://advisories.mageia.org/MGASA-2016-0179.html
https://bugs.mageia.org/show_bug.cgi?id=18420
https://groups.google.com/forum/#!topic/libarchive-announce/qdeGf_DRvN4
https://www.debian.org/security/2016/dsa-3574

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2016-0179

Affected packages