File _patchinfo of Package patchinfo.9869

<patchinfo incident="9869">
  <issue tracker="bnc" id="1120653">VUL-1: CVE-2018-1000877: libarchive: double free vulnerability in RAR decoder</issue>
  <issue tracker="bnc" id="1120654">VUL-1: CVE-2018-1000878: libarchive: Use After Free vulnerability in RAR decoder</issue>
  <issue tracker="bnc" id="1124341">VUL-1: CVE-2019-1000019: libarchive: Out-of-bounds Read vulnerability in 7zip decompression</issue>
  <issue tracker="bnc" id="1124342">VUL-1: CVE-2019-1000020: libarchive: Infinite Loop vulnerability in ISO9660 parser</issue>
  <issue tracker="bnc" id="1155079">VUL-1: CVE-2019-18408: libarchive: use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol</issue>
  <issue tracker="cve" id="2018-1000877"/>
  <issue tracker="cve" id="2018-1000878"/>
  <issue tracker="cve" id="2019-1000019"/>
  <issue tracker="cve" id="2019-1000020"/>
  <issue tracker="cve" id="2019-18408"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>kbabioch</packager>
  <description>This update for libarchive fixes the following issues:

Security issues fixed:

- CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder (bsc#1120653).
- CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder (bsc#1120654).
- CVE-2019-1000019: Fixed an Out-Of-Bounds Read vulnerability in 7zip decompression (bsc#1124341).
- CVE-2019-1000020: Fixed an Infinite Loop vulnerability in ISO9660 parser (bsc#1124342).
- CVE-2019-18408: Fixed a use-after-free in RAR format support (bsc#1155079).
</description>
  <summary>Security update for libarchive</summary>
</patchinfo>