#12199: libarchive-3.4.0
-------------------------+-----------------------
Reporter: renodr | Owner: blfs-book
Type: enhancement | Status: new
Priority: high | Milestone: 8.5
Component: BOOK | Version: SVN
Severity: normal | Keywords:
-------------------------+-----------------------
New minor version
[https://github.com/libarchive/libarchive/releases] - look here, I was
tipped off by Arch
{{{
Libarchive 3.4.0 is a feature and security release.
Feature higlights:
Support for file and directory symlinks on Windows
Read support for RAR 5.0 archives
Read support for ZIPX archives with xz, lzma, ppmd8 and bzip2
compression
Support for non-recursive list and extract
New tar option: --exclude-vcs
Improved file attribute support on Linux and file flags support on
FreeBSD
64-bit ar format support
Important bugfixes:
fix reading Android APK archives (#1055 )
fix problems related to unreadable directories (#1167)
patches from OpenBSD to libarchive_fe/passphrase.c
support extracting ACLs with in-entry comments (#1096)
support extracting extattrs as non-root on non-user-writable files
(#1023)
a two-digit number of OSS-Fuzz issues was resolved in this release
various resource leak, use-after-free and crash fixes
Thanks to all contributors and bug reporters for making libarchive such a
great piece of software.
Special thanks to @antekone for implementing RAR 5.0 reader and ZIPX
decompression support.
}}}
[https://github.com/libarchive/libarchive/issues/1216] - explanation as to
why we can't find it
{{{
CVE-2018-1000877
A double-free issue has been found in libarchive >= 3.1.0 and <=3.3.3, in
the parse_codes() function in archive_read_support_format_rar.c. An
attacker can use a specially crafted RAR file to cause a call to realloc
with a size of 0, effectively freeing the memory which will be freed again
at a later time.
CVE-2018-1000878
A use-after-free issue has been found in libarchive >= 3.1.0 and <=3.3.3,
in the archive_read_format_rar_read_header() function in
archive_read_support_format_rar.c. An attacker can use a specially crafted
RAR file to cause the vulnerable function to free the buffer and allocate
a new one, causing the ppmd7 decoder to continue reading from and writing
to the freed buffer.
CVE-2018-1000879
A NULL-pointer dereference issue has been found in libarchive >= 3.3.0 and
<=3.3.3, in the archive_acl_from_text_l() function in archive_acl.c. An
attacker can use a specially crafted archive file to cause a crash via a
malformed ACL.
CVE-2018-1000880
A resource consumption issue has been found in libarchive >= 3.2.0 and
<=3.3.3, in the _warc_read() function in
archive_read_support_format_warm.c. An attacker can use a specially
crafted WARC file to cause quasi-infinite run time and disk usage from a
tiny file.
CVE-2019-1000019
libarchive version >=v3.0.2 contains a CWE-125: Out-of-bounds Read
vulnerability in 7zip decompression, archive_read_support_format_7zip.c,
header_bytes() that can result in a crash (denial of service). This attack
appears to be exploitable via the victim opening a specially crafted 7zip
file.
CVE-2019-1000020
libarchive version >=v2.8.0 contains a CWE-835: Loop with Unreachable Exit
Condition ('Infinite Loop') vulnerability in ISO9660 parser,
archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that
can result in DoS by infinite loop. This attack appears to be exploitable
via the victim opening a specially crafted ISO9660 file.
}}}
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/12199>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
