Summary: | <app-arch/libarchive-2.8.5: Multiple vulnerabilities (CVE-2010-4666, CVE-2011-{1777,1778,1779}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Tim Sammut (RETIRED) <underling> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | alexanderyt, bsd+disabled, ferringb |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2011/05/09/12 | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Tim Sammut (RETIRED)
2011-05-10 04:15:38 UTC
Poking the rest of upstream (specifically the lead kientzle) about this... haven't seen any notification on that end. Doubt it, but checking into a release being cut for it also; extracting the patches out is potential, but may require tweaking (2.8.4 is near a year old now). According to [1] libarchive 2.8.5 fixes this hole. The current Gentoo stable is 2.8.4-r1. Can we stabilize 2.8.5? [1] http://securitytracker.com/id/1026365 (In reply to comment #2) > According to [1] libarchive 2.8.5 fixes this hole. > The current Gentoo stable is 2.8.4-r1. Can we stabilize 2.8.5? > > > [1] http://securitytracker.com/id/1026365 sure Arches, please test and mark stable: =app-arch/libarchive-2.8.5 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" amd64 stable Stable on alpha. ppc/ppc64 done Stable for HPPA. arm stable Archtested on x86: Everything fine x86 done. thanks JD ia64/s390/sh/sparc stable Thanks, everyone. GLSA request filed. CVE-2011-1779 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1779): Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted (1) TAR archive or (2) ISO9660 image. CVE-2011-1778 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1778): Buffer overflow in libarchive through 2.8.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TAR archive. CVE-2011-1777 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1777): Multiple buffer overflows in the (1) heap_add_entry and (2) relocate_dir functions in archive_read_support_format_iso9660.c in libarchive through 2.8.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ISO9660 image. CVE-2010-4666 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4666): Buffer overflow in libarchive 3.0 pre-release code allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CAB file, which is not properly handled during the reading of Huffman code data within LZX compressed data. This issue was resolved and addressed in GLSA 201406-02 at http://security.gentoo.org/glsa/glsa-201406-02.xml by GLSA coordinator Sean Amoss (ackle). |