Overview

File _patchinfo of Package patchinfo.23281

<patchinfo incident="23281">
  <issue tracker="cve" id="2017-5601"/>
  <issue tracker="cve" id="2021-36976"/>
  <issue tracker="bnc" id="1022528">VUL-1: CVE-2017-5601: libarchive: "lha_read_file_header_1()" Out-Of-Bounds Memory Access DoS</issue>
  <issue tracker="bnc" id="1188572">VUL-0: CVE-2021-36976: libarchive: use-after-free in copy_string (called from do_uncompress_block and process_block)</issue>
  <issue tracker="bnc" id="1189528">[HUAWEI NOT FOR THE USA] Requests a PTF for CVE-2017-5601 on SLES 12 SP5</issue>
  <packager>dspinella</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for libarchive</summary>
  <description>This update for libarchive fixes the following issues:

- CVE-2021-36976: Fixed an invalid memory access that could cause data
  corruption (bsc#1188572).

Non-security updates:

- Updated references for CVE-2017-5601, which was already fixed in a previous
  version (bsc#1022528 bsc#1189528).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places