MGASA-2022-0142

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2022-0142.html

Import Source

https://advisories.mageia.org/MGASA-2022-0142.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2022-0142

Related

CVE-2022-26280

Published

2022-04-15T21:35:09Z

Modified

2022-04-15T20:50:52Z

Summary

Updated libarchive packages fix security vulnerability

Details

7zip reader: fix PPMD read beyond boundary. ZIP reader: fix possible out of bounds read. ISO reader: fix possible heap buffer overflow in readchildren(). RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in libarchive 3.6.0): - fix heap use after free in archivereadformatrarreaddata(); - fix null dereference in readdatacompressed(); - fix heap user after free in run_filters().

References

https://advisories.mageia.org/MGASA-2022-0142.html
https://bugs.mageia.org/show_bug.cgi?id=30271
https://github.com/libarchive/libarchive/releases/tag/v3.6.1
https://ubuntu.com/security/notices/USN-5374-1

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2022-0142

Affected packages