Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 911486 - <app-arch/libarchive-3.7.1: SEGV and stack buffer overflow in verbose mode of cpio
Summary: <app-arch/libarchive-3.7.1: SEGV and stack buffer overflow in verbose mode of...
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: A3 [glsa+]
Depends on: 911487
  Show dependency tree
Reported: 2023-07-30 03:04 UTC by Michał Górny
Modified: 2023-09-29 13:41 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2023-07-30 03:04:55 UTC
Libarchive 3.7.1 is a security, feature and bugfix release.

Security fixes:

    SEGV and stack buffer overflow in verbose mode of cpio (#1934, #1935)
Comment 1 Larry the Git Cow gentoo-dev 2023-09-29 13:39:36 UTC
The bug has been referenced in the following commit(s):

commit e05346e205e470b799ae6c0dafb506d6aa1cdae8
Author:     GLSAMaker <>
AuthorDate: 2023-09-29 13:38:51 +0000
Commit:     Hans de Graaff <>
CommitDate: 2023-09-29 13:39:30 +0000

    [ GLSA 202309-14 ] libarchive: Multiple Vulnerabilities
    Signed-off-by: GLSAMaker <>
    Signed-off-by: Hans de Graaff <>

 glsa-202309-14.xml | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)