File _patchinfo of Package patchinfo.24195

<patchinfo incident="24195">
  <issue tracker="cve" id="2021-36976"/>
  <issue tracker="cve" id="2017-5601"/>
  <issue tracker="cve" id="2022-26280"/>
  <issue tracker="bnc" id="1189528">[HUAWEI NOT FOR THE USA] Requests a PTF for CVE-2017-5601 on SLES 12 SP5</issue>
  <issue tracker="bnc" id="1197634">VUL-0: CVE-2022-26280: libarchive: out-of-bounds read via the component zipx_lzma_alone_init</issue>
  <issue tracker="bnc" id="1022528">VUL-1: CVE-2017-5601: libarchive: "lha_read_file_header_1()" Out-Of-Bounds Memory Access DoS</issue>
  <issue tracker="bnc" id="1188572">VUL-0: CVE-2021-36976: libarchive: use-after-free in copy_string (called from do_uncompress_block and process_block)</issue>
  <packager>dspinella</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for libarchive</summary>
  <description>This update for libarchive fixes the following issues:

- CVE-2022-26280: Fixed out-of-bounds read via the component zipx_lzma_alone_init (bsc#1197634).
- CVE-2021-36976: Fixed use-after-free in copy_string (called from do_uncompress_block and process_block) (bsc#1188572).
- CVE-2017-5601: Fixed out-of-bounds memory access preventing denial-of-service (bsc#1197634, bsc#1189528).
</description>
</patchinfo>