Details at $URL. @maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.
@ Arches, please test and mark stable: =app-arch/libarchive-3.3.1
amd64 stable
arm stable
x86 stable
sparc stable
ia64 stable
ppc64 stable
Stable on alpha.
ppc stable
second CVE is CVE-2016-10350
Arches, please finish stabilizing hppa Gentoo Security Padawan ChrisADR
hppa stable
GLSA request filed. @maintainer(s), please clean the vulnerable versions.
This issue was resolved and addressed in GLSA 201710-19 at https://security.gentoo.org/glsa/201710-19 by GLSA coordinator Aaron Bauman (b-man).
commit 7cd820a867b08c4de305661ddce7136fac639a56 Author: Mart Raudsepp <leio@gentoo.org> Date: Fri Mar 2 22:16:38 2018 +0200 app-arch/libarchive-3.3.1: arm64 stable