Summary: | <app-arch/libarchive-3.3.0: two heap-based buffer overflow read (CVE-2016-{10349,10350}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | bsd+disabled |
Priority: | Normal | Keywords: | STABLEREQ |
Version: | unspecified | Flags: | stable-bot:
sanity-check+
|
Hardware: | All | ||
OS: | Linux | ||
URL: | https://blogs.gentoo.org/ago/2017/05/01/libarchive-two-heap-based-buffer-overflow-read/ | ||
Whiteboard: | A3 [glsa cve cleanup] | ||
Package list: |
app-arch/libarchive-3.3.1
|
Runtime testing required: | --- |
Description
Agostino Sarubbo
2017-05-09 18:34:27 UTC
@ Arches, please test and mark stable: =app-arch/libarchive-3.3.1 amd64 stable arm stable x86 stable sparc stable ia64 stable ppc64 stable Stable on alpha. ppc stable second CVE is CVE-2016-10350 Arches, please finish stabilizing hppa Gentoo Security Padawan ChrisADR hppa stable GLSA request filed. @maintainer(s), please clean the vulnerable versions. This issue was resolved and addressed in GLSA 201710-19 at https://security.gentoo.org/glsa/201710-19 by GLSA coordinator Aaron Bauman (b-man). commit 7cd820a867b08c4de305661ddce7136fac639a56 Author: Mart Raudsepp <leio@gentoo.org> Date: Fri Mar 2 22:16:38 2018 +0200 app-arch/libarchive-3.3.1: arm64 stable |