File _patchinfo of Package patchinfo.23281
<patchinfo incident="23281">
<issue tracker="cve" id="2017-5601"/>
<issue tracker="cve" id="2021-36976"/>
<issue tracker="bnc" id="1022528">VUL-1: CVE-2017-5601: libarchive: "lha_read_file_header_1()" Out-Of-Bounds Memory Access DoS</issue>
<issue tracker="bnc" id="1188572">VUL-0: CVE-2021-36976: libarchive: use-after-free in copy_string (called from do_uncompress_block and process_block)</issue>
<issue tracker="bnc" id="1189528">[HUAWEI NOT FOR THE USA] Requests a PTF for CVE-2017-5601 on SLES 12 SP5</issue>
<packager>dspinella</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for libarchive</summary>
<description>This update for libarchive fixes the following issues:
- CVE-2021-36976: Fixed an invalid memory access that could cause data
corruption (bsc#1188572).
Non-security updates:
- Updated references for CVE-2017-5601, which was already fixed in a previous
version (bsc#1022528 bsc#1189528).
</description>
</patchinfo>