USN-3033-1: libarchive vulnerabilities<\/p>\n
14th July, 2016<\/em><\/p>\n A security issue affects these releases of Ubuntu and its libarchive could be made to crash or run programs if it opened a specially Hanno B\u00f6ck discovered that libarchive contained multiple security issues Marcin "Icewall" Noga discovered that libarchive contained multiple It was discovered that libarchive incorrectly handled memory allocation The problem can be corrected by updating your system to the following To update your system, please follow these instructions: In general, a standard system update will make all the necessary changes.<\/p>\n CVE-2015-8916<\/a>, <\/p>\n CVE-2015-8917<\/a>, <\/p>\n CVE-2015-8919<\/a>, <\/p>\n CVE-2015-8920<\/a>, <\/p>\n CVE-2015-8921<\/a>, <\/p>\n CVE-2015-8922<\/a>, <\/p>\n CVE-2015-8923<\/a>, <\/p>\n CVE-2015-8924<\/a>, <\/p>\n CVE-2015-8925<\/a>, <\/p>\n CVE-2015-8926<\/a>, <\/p>\n CVE-2015-8928<\/a>, <\/p>\n CVE-2015-8930<\/a>, <\/p>\n CVE-2015-8931<\/a>, <\/p>\n CVE-2015-8932<\/a>, <\/p>\n CVE-2015-8933<\/a>, <\/p>\n CVE-2015-8934<\/a>, <\/p>\n CVE-2016-4300<\/a>, <\/p>\n CVE-2016-4302<\/a>, <\/p>\n CVE-2016-4809<\/a>, <\/p>\n CVE-2016-5844<\/a><\/p>\n Source: USN-3033-1: libarchive vulnerabilities<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" USN-3033-1: libarchive vulnerabilities Ubuntu Security Notice USN-3033-1 14th July, 2016 libarchive vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary libarchive could be made to crash or run programs if it opened a specially crafted file. Software description libarchive – Library to read\/write archive files Details Hanno B\u00f6ck discovered that libarchive contained multiple security issueswhen processing certain malformed archive files. A remote attacker coulduse this issue to cause libarchive to crash, resulting in a denial ofservice, or possibly execute arbitrary code. (CVE-2015-8916, CVE-2015-8917CVE-2015-8919, CVE-2015-8920, CVE-2015-8921, CVE-2015-8922, CVE-2015-8923,CVE-2015-8924, CVE-2015-8925, CVE-2015-8926, CVE-2015-8928, CVE-2015-8930,CVE-2015-8931, CVE-2015-8932, CVE-2015-8933, CVE-2015-8934, CVE-2016-5844) Marcin "Icewall" Noga discovered that libarchive contained multiplesecurity issues when processing certain malformed archive files. A remoteattacker could use this issue to cause libarchive to crash, resulting in adenial of [ more… ]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-8636","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/8636","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=8636"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/8636\/revisions"}],"predecessor-version":[{"id":8637,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/8636\/revisions\/8637"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=8636"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=8636"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=8636"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}libarchive vulnerabilities<\/h3>\n
\n derivatives:<\/p>\n\n
Summary<\/h3>\n
\ncrafted file.\n<\/p>\nSoftware description<\/h3>\n
\n
\n – Library to read\/write archive files<\/p>\n<\/li>\n<\/ul>\nDetails<\/h3>\n
when processing certain malformed archive files. A remote attacker could
use this issue to cause libarchive to crash, resulting in a denial of
service, or possibly execute arbitrary code. (CVE-2015-8916<\/a>, CVE-2015-8917<\/a>
CVE-2015-8919<\/a>, CVE-2015-8920<\/a>, CVE-2015-8921<\/a>, CVE-2015-8922<\/a>, CVE-2015-8923<\/a>,
CVE-2015-8924<\/a>, CVE-2015-8925<\/a>, CVE-2015-8926<\/a>, CVE-2015-8928<\/a>, CVE-2015-8930<\/a>,
CVE-2015-8931<\/a>, CVE-2015-8932<\/a>, CVE-2015-8933<\/a>, CVE-2015-8934<\/a>, CVE-2016-5844<\/a>)<\/p>\n
security issues when processing certain malformed archive files. A remote
attacker could use this issue to cause libarchive to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2016-4300<\/a>,
CVE-2016-4302<\/a>)<\/p>\n
with large cpio symlinks. A remote attacker could use this issue to
possibly cause libarchive to crash, resulting in a denial of service.
(CVE-2016-4809<\/a>)<\/p>\nUpdate instructions<\/h3>\n
\npackage version:<\/p>\n\n
\n
\n 3.1.2-11ubuntu0.16.04.2<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 3.1.2-11ubuntu0.15.10.2<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 3.1.2-7ubuntu2.3<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 3.0.3-6ubuntu1.3<\/a>
\n <\/span>\n <\/dd>\n<\/dl>\n
\nhttps:\/\/wiki.ubuntu.com\/Security\/Upgrades<\/a>.\n<\/p>\nReferences<\/h3>\n