oss-sec mailing list archives
Re: CVE request: libarchive, multiple overflows
From: Josh Bressers <bressers () redhat com>
Date: Mon, 9 May 2011 15:57:26 -0400 (EDT)
----- Original Message -----
Hello, our maintainer found the following patches: ----------- I was doing some maintainance on bsdtar package and noticed that there was a buffer overflow fix upstream, see http://code.google.com/p/libarchive/source/detail?r=3158&path=/trunk/libarchive/archive_read_support_format_iso9660.c
Use CVE-2011-1777
Also SUSE package does not include the http://pkgs.fedoraproject.org/gitweb/?p=libarchive.git;a=blob_plain;f=libarchive-2.8.4-iso9660-data-types.patch;hb=HEAD patch which seems to be security sensitive also.
I'm not sure I'd call this one security. It's a crash only from what I can see: https://code.google.com/p/libarchive/source/detail?r=1984&path=/trunk/libarchive/archive_read_support_format_iso9660.c It's just silly input to a format string. If you want one I'll assign it though.
More overflow fixes: http://code.google.com/p/libarchive/source/detail?r=2842
This one needs a 2010 ID. Use CVE-2010-4666
http://code.google.com/p/libarchive/source/detail?r=3160
Use CVE-2011-1778
Use-after-free fix (not sure if exploitable): http://code.google.com/p/libarchive/source/detail?r=3038
I'm going to give this an ID, I'd rather have it revoked than not assigned. Use CVE-2011-1779 Thanks. -- JB
Current thread:
- CVE request: libarchive, multiple overflows Thomas Biege (May 06)
- Re: CVE request: libarchive, multiple overflows Josh Bressers (May 09)