drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in libarchive
Name: |
Pufferüberlauf in libarchive |
|
ID: |
DSA-3574-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian jessie |
|
Datum: |
Di, 10. Mai 2016, 22:40 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541 |
|
Applikationen: |
libarchive |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3574-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 10, 2016 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : libarchive CVE ID : CVE-2016-1541 Debian Bug : 823893
Rock Stevens, Andrew Ruef and Marcin 'Icewall' Noga discovered a heap-based buffer overflow vulnerability in the zip_read_mac_metadata function in libarchive, a multi-format archive and compression library, which may lead to the execution of arbitrary code if a user or automated system is tricked into processing a specially crafted ZIP file.
For the stable distribution (jessie), this problem has been fixed in version 3.1.2-11+deb8u1.
We recommend that you upgrade your libarchive packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJXMh7bAAoJEAVMuPMTQ89EpTIP/0NKCwRC0sXwanP4JRS6Bhbn FByC7rQ7RbLuypcE4W1rojKDsLjqIUIk1pn2ZkVt/FxqkIX+ybQSWm4z8mfO5naS nZhEJia22G2vqJ0d/PWsBaHr3oZCk+z6XNOLNgyZPldF630TIabkL0/8d2DAQcKC faokVokCa3vw8Dzd37FQf8DrMeOmak6AIXC69yabGvXs6nYxDDuSiktPekdKidfP IG9jd9+3cyYVGONIOH1KobnSa7kFy0qy68TwAxYTe8oqATh13pX3WK2yO1ZN36XW pSd7nZbCcDNjLHTC7Jinbvy55eLXMpV5Hu0QGoOky3ynbFrQXNNoq4YH2+QCGntw EidYcz0f7xN3vDJdufBj2NJhAE9YaBM709C22t5JJPTsr0gX3X0eMSnsmePwGOB/ xEBuFl46NPrk4ikhtHb3zjAHPbWbYtOqkbqI5L8P/dMElQFA2tQg3UMZX2bg8dzO ZkLlOQ+BDnLHE3s6pmPv6quyWqYGCT1Z19f3CRIzRnAtiKbFyUJ5QKQPS05EBQ1V 4uV5DdoM0tW2K8oNQfV2LiBx8xUW1ItmmStWTWbs6TJkL22rfF7pxMTVHnvJFvmb 7Uzun6stgkQCoEE+2IzcwG2/aQh+F8uja+ylRwUSHz2Fu4jNevowsOz6wy7LaaPz 5NmzDuq97YhbP+BRgH9P =yR7s -----END PGP SIGNATURE-----
|
|
|
|