MGASA-2017-0056

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2017-0056.html

Import Source

https://advisories.mageia.org/MGASA-2017-0056.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2017-0056

Related

CVE-2017-5601

Published

2017-02-20T13:00:19Z

Modified

2017-02-20T12:49:40Z

Summary

Updated libarchive packages fix security vulnerability

Details

An error in the lhareadfileheader1() function (archivereadsupportformatlha.c) in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive. (CVE-2017-5601)

References

https://advisories.mageia.org/MGASA-2017-0056.html
https://bugs.mageia.org/show_bug.cgi?id=20223
https://lwn.net/Alerts/713127/
https://security-tracker.debian.org/tracker/CVE-2017-5601

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2017-0056

Affected packages