MGASA-2022-0060

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2022-0060.html

Import Source

https://advisories.mageia.org/MGASA-2022-0060.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2022-0060

Related

Published

2022-02-12T17:31:35Z

Modified

2022-02-12T16:49:08Z

Summary

Updated libarchive packages fix security vulnerability

Details

Processing fixup entries may follow symbolic links. (CVE-2021-31566)

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring (called from douncompressblock and processblock). (CVE-2021-36976)

References

Credits

Affected packages