Opened 3 weeks ago

Closed 2 weeks ago

#19724 closed enhancement (fixed)

libarchive-3.7.4 (Hold for security advisory)

Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: elevated Milestone: 12.2
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (5)

comment:1 by Xi Ruoyao, 2 weeks ago

Priority: normalelevated

Security fixes:

  • rar: Fix OOB in rar e8 filter (#2135) (CVE-2024-26256)
  • zip: Fix out of boundary access (#2145)

Important bugfixes:

  • 7zip: Limit amount of properties (#2131)
  • bsdtar: Fix error handling around strtol() usages (#2110)
  • passphrase: Improve newline handling on Windows (#2115)
  • passphrase: Never allow empty passwords (#2116)
  • rar: Fix "File CRC Error" when extracting specific rar4 archives (#2124)
  • xar: Avoid infinite link loop (#2123)
  • zip: Update AppleDouble support for directories (#2108)
  • zstd: Implement core detection (#2083, #2071)

comment:2 by Bruce Dubbs, 2 weeks ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:3 by Bruce Dubbs, 2 weeks ago

Fixed at commit 87e814123c, but holding open for security advisory.

comment:4 by Bruce Dubbs, 2 weeks ago

Summary: libarchive-3.7.4libarchive-3.7.4 (Hold for security advisory)

comment:5 by Douglas R. Reno, 2 weeks ago

Resolution: fixed
Status: assignedclosed

SA-12.1-026 issued

Note: See TracTickets for help on using tickets.