Bug#837714: libarchive: CVE-2016-5418: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite
On Sat, Sep 24, 2016 at 01:27:52PM +0200, Salvatore Bonaccorso wrote: > Hi, > > On Wed, Sep 14, 2016 at 06:43:41AM +0200, Salvatore Bonaccorso wrote: > > On Tue, Sep 13, 2016 at 09:41:49PM +0200, Salvatore Bonaccorso wrote: > > > [0] https://security-tracker.debian.org/tracker/CVE-2016-5418 > > > [1] > > > https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418.patch;jsessionid=1dexz8h9qdewibih5aonbu3 > > > [2] > > > https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418-variation.patch;jsessionid=1dexz8h9qdewibih5aonbu3 > > > [3] > > > https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9 > > > > Please note, not (yet) clear if [3] ist the only one. The CVE relates > > to https://bugzilla.redhat.com/show_bug.cgi?id=1362601 and to > > http://seclists.org/oss-sec/2016/q3/255 . > > I have added more information to the security-tracker page. Basically > two commits for #744, #745 and #746 plus two more for the testsuite. I'm looking into it. Thanks for doing the work so far, and sorry for not reacting sooner! G'luck, Peter -- Peter Pentchev r...@ringlet.net r...@freebsd.org p...@storpool.com PGP key:http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 signature.asc Description: PGP signature
Bug#837714: libarchive: CVE-2016-5418: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite
Hi, On Wed, Sep 14, 2016 at 06:43:41AM +0200, Salvatore Bonaccorso wrote: > On Tue, Sep 13, 2016 at 09:41:49PM +0200, Salvatore Bonaccorso wrote: > > [0] https://security-tracker.debian.org/tracker/CVE-2016-5418 > > [1] > > https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418.patch;jsessionid=1dexz8h9qdewibih5aonbu3 > > [2] > > https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418-variation.patch;jsessionid=1dexz8h9qdewibih5aonbu3 > > [3] > > https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9 > > Please note, not (yet) clear if [3] ist the only one. The CVE relates > to https://bugzilla.redhat.com/show_bug.cgi?id=1362601 and to > http://seclists.org/oss-sec/2016/q3/255 . I have added more information to the security-tracker page. Basically two commits for #744, #745 and #746 plus two more for the testsuite. Regards, Salvatore
Bug#837714: libarchive: CVE-2016-5418: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite
On Tue, Sep 13, 2016 at 09:41:49PM +0200, Salvatore Bonaccorso wrote: > [0] https://security-tracker.debian.org/tracker/CVE-2016-5418 > [1] > https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418.patch;jsessionid=1dexz8h9qdewibih5aonbu3 > [2] > https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418-variation.patch;jsessionid=1dexz8h9qdewibih5aonbu3 > [3] > https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9 Please note, not (yet) clear if [3] ist the only one. The CVE relates to https://bugzilla.redhat.com/show_bug.cgi?id=1362601 and to http://seclists.org/oss-sec/2016/q3/255 . Regards, Salvatore
Bug#837714: libarchive: CVE-2016-5418: Archive Entry with type 1 (hardlink), but has a non-zero data size file overwrite
Source: libarchive Version: 3.2.1-2 Severity: grave Tags: security upstream patch Hi, the following vulnerability was published for libarchive. CVE-2016-5418[0]: |Archive Entry with type 1 (hardlink), but has a non-zero data size |file overwrite This corresponds to [1] and [2], which is upstream as [3]. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2016-5418 [1] https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418.patch;jsessionid=1dexz8h9qdewibih5aonbu3 [2] https://git.centos.org/blob/rpms!libarchive.git/9952851f8b327a8c93d26a5873c190c1fb09ae6c/SOURCES!libarchive-3.1.2-CVE-2016-5418-variation.patch;jsessionid=1dexz8h9qdewibih5aonbu3 [3] https://github.com/libarchive/libarchive/commit/dfd6b54ce33960e420fb206d8872fb759b577ad9 Please adjust the affected versions in the BTS as needed. jessie version has not been checked yet, but is probably similar affected. Regards, Salvatore
