Security update for libarchive
libarchive was updated to fix a directory traversal in the bsdcpio tool, which
allowed attackers supplying crafted archives to overwrite files. (CVE-2015-2304)
Also, a integer overflow was fixed that could also overflow buffers. (CVE-2013-0211)
-
Submitted by
Adrian Schröter (adrianSuSE)
Fixed bugs
bnc#920870
VUL-0: CVE-2015-2304 libarchive, bsdtar: directory traversal vulnerability via absolute paths
bnc#800024
VUL-1: CVE-2013-0211: libarchive: integer overflow
