diff options
| author | junovitch <junovitch@FreeBSD.org> | 2016-01-19 07:50:10 +0800 |
|---|---|---|
| committer | junovitch <junovitch@FreeBSD.org> | 2016-01-19 07:50:10 +0800 |
| commit | 77512f073652b9e7780712d4e69e56815324a58f (patch) | |
| tree | bf1fa82502a8b1f1e368dd069c48e6240df25e72 | |
| parent | 0167ce9cbb09a5f217681d4e166c1c4f6dd62db3 (diff) | |
| download | freebsd-ports-gnome-77512f073652b9e7780712d4e69e56815324a58f.tar.gz freebsd-ports-gnome-77512f073652b9e7780712d4e69e56815324a58f.tar.zst freebsd-ports-gnome-77512f073652b9e7780712d4e69e56815324a58f.zip | |
Document several vulnerabilities in libarchive
PR: 200176
Reported by: Sevan Janiyan <venture37@geeklan.co.uk>
Security: CVE-2013-0211
Security: CVE-2015-2304
Security: https://vuxml.FreeBSD.org/freebsd/7c63775e-be31-11e5-b5fe-002590263bf5.html
| -rw-r--r-- | security/vuxml/vuln.xml | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 73879ce71c97..3d804bc6de4f 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,58 @@ Notes: --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="7c63775e-be31-11e5-b5fe-002590263bf5"> + <topic>libarchive -- multiple vulnerabilities</topic> + <affects> + <package> + <name>libarchive</name> + <range><lt>3.1.2_5,1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>MITRE reports:</p> + <blockquote cite="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0211"> + <p>Integer signedness error in the archive_write_zip_data function in + archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when + running on 64-bit machines, allows context-dependent attackers to + cause a denial of service (crash) via unspecified vectors, which + triggers an improper conversion between unsigned and signed types, + leading to a buffer overflow.</p> + </blockquote> + <blockquote cite="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2304"> + <p>Absolute path traversal vulnerability in bsdcpio in libarchive + 3.1.2 and earlier allows remote attackers to write to arbitrary + files via a full pathname in an archive.</p> + </blockquote> + <p>Libarchive issue tracker reports:</p> + <blockquote cite="https://github.com/libarchive/libarchive/issues/502"> + <p>Using a crafted tar file bsdtar can perform an out-of-bounds memory + read which will lead to a SEGFAULT. The issue exists when the + executable skips data in the archive. The amount of data to skip is + defined in byte offset [16-19] If ASLR is disabled, the issue can + lead to an infinite loop.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2013-0211</cvename> + <cvename>CVE-2015-2304</cvename> + <freebsdpr>ports/200176</freebsdpr> + <url>https://github.com/libarchive/libarchive/pull/110</url> + <url>https://github.com/libarchive/libarchive/commit/5935715</url> + <url>https://github.com/libarchive/libarchive/commit/2253154</url> + <url>https://github.com/libarchive/libarchive/issues/502</url> + <url>https://github.com/libarchive/libarchive/commit/3865cf2</url> + <url>https://github.com/libarchive/libarchive/commit/e6c9668</url> + <url>https://github.com/libarchive/libarchive/commit/24f5de6</url> + </references> + <dates> + <discovery>2012-12-06</discovery> + <entry>2016-01-18</entry> + </dates> + </vuln> + <vuln vid="6809c6db-bdeb-11e5-b5fe-002590263bf5"> <topic>go -- information disclosure vulnerability</topic> <affects> |