Security update for libarchive SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:3717-1 Final 1 1 2018-11-09T20:02:06Z current 2018-11-09T20:02:06Z 2018-11-09T20:02:06Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libarchive This update for libarchive fixes the following issues: - CVE-2016-10209: The archive_wstring_append_from_mbs function in archive_string.c allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file. (bsc#1032089) - CVE-2016-10349: The archive_le32dec function in archive_endian.h allowed remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. (bsc#1037008) - CVE-2016-10350: The archive_read_format_cab_read_header function in archive_read_support_format_cab.c allowed remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. (bsc#1037009) - CVE-2017-14166: libarchive allowed remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_format_xar.c. (bsc#1057514) - CVE-2017-14501: An out-of-bounds read flaw existed in parse_file_info in archive_read_support_format_iso9660.c when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header. (bsc#1059139) - CVE-2017-14502: read_header in archive_read_support_format_rar.c suffered from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header. (bsc#1059134) - CVE-2017-14503: libarchive suffered from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16. (bsc#1059100) This update was imported from the SUSE:SLE-12:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2018-11/msg00017.html E-Mail link for openSUSE-SU-2018:3717-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.3 bsdtar-3.1.2-20.3.1 libarchive-3.1.2-20.3.1 libarchive-devel-3.1.2-20.3.1 libarchive13-3.1.2-20.3.1 libarchive13-32bit-3.1.2-20.3.1 bsdtar-3.1.2-20.3.1 as a component of openSUSE Leap 42.3 libarchive-3.1.2-20.3.1 as a component of openSUSE Leap 42.3 libarchive-devel-3.1.2-20.3.1 as a component of openSUSE Leap 42.3 libarchive13-3.1.2-20.3.1 as a component of openSUSE Leap 42.3 libarchive13-32bit-3.1.2-20.3.1 as a component of openSUSE Leap 42.3 The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file. CVE-2016-10209 openSUSE Leap 42.3:bsdtar-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive-devel-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive13-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive13-32bit-3.1.2-20.3.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-11/msg00017.html https://www.suse.com/security/cve/CVE-2016-10209.html CVE-2016-10209 https://bugzilla.suse.com/1032089 SUSE Bug 1032089 The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. CVE-2016-10349 openSUSE Leap 42.3:bsdtar-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive-devel-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive13-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive13-32bit-3.1.2-20.3.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-11/msg00017.html https://www.suse.com/security/cve/CVE-2016-10349.html CVE-2016-10349 https://bugzilla.suse.com/1037008 SUSE Bug 1037008 The archive_read_format_cab_read_header function in archive_read_support_format_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. CVE-2016-10350 openSUSE Leap 42.3:bsdtar-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive-devel-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive13-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive13-32bit-3.1.2-20.3.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-11/msg00017.html https://www.suse.com/security/cve/CVE-2016-10350.html CVE-2016-10350 https://bugzilla.suse.com/1037009 SUSE Bug 1037009 libarchive 3.3.2 allows remote attackers to cause a denial of service (xml_data heap-based buffer over-read and application crash) via a crafted xar archive, related to the mishandling of empty strings in the atol8 function in archive_read_support_format_xar.c. CVE-2017-14166 openSUSE Leap 42.3:bsdtar-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive-devel-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive13-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive13-32bit-3.1.2-20.3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-11/msg00017.html https://www.suse.com/security/cve/CVE-2017-14166.html CVE-2017-14166 https://bugzilla.suse.com/1057514 SUSE Bug 1057514 An out-of-bounds read flaw exists in parse_file_info in archive_read_support_format_iso9660.c in libarchive 3.3.2 when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header. CVE-2017-14501 openSUSE Leap 42.3:bsdtar-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive-devel-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive13-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive13-32bit-3.1.2-20.3.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-11/msg00017.html https://www.suse.com/security/cve/CVE-2017-14501.html CVE-2017-14501 https://bugzilla.suse.com/1059139 SUSE Bug 1059139 read_header in archive_read_support_format_rar.c in libarchive 3.3.2 suffers from an off-by-one error for UTF-16 names in RAR archives, leading to an out-of-bounds read in archive_read_format_rar_read_header. CVE-2017-14502 openSUSE Leap 42.3:bsdtar-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive-devel-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive13-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive13-32bit-3.1.2-20.3.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-11/msg00017.html https://www.suse.com/security/cve/CVE-2017-14502.html CVE-2017-14502 https://bugzilla.suse.com/1059134 SUSE Bug 1059134 libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_data_none() in archive_read_support_format_lha.c when extracting a specially crafted lha archive, related to lha_crc16. CVE-2017-14503 openSUSE Leap 42.3:bsdtar-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive-devel-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive13-3.1.2-20.3.1 openSUSE Leap 42.3:libarchive13-32bit-3.1.2-20.3.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2018-11/msg00017.html https://www.suse.com/security/cve/CVE-2017-14503.html CVE-2017-14503 https://bugzilla.suse.com/1059100 SUSE Bug 1059100