Overview

File _patchinfo of Package patchinfo.3618

<patchinfo incident="3618">
  <issue id="920870" tracker="bnc">VUL-0: CVE-2015-2304 libarchive, bsdtar: directory traversal vulnerability via absolute paths</issue>
  <issue id="800024" tracker="bnc">VUL-1: CVE-2013-0211: libarchive: integer overflow</issue>
  <issue id="CVE-2013-0211" tracker="cve" />
  <issue id="CVE-2015-2304" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>adrianSuSE</packager>
  <description>
libarchive was updated to fix a directory traversal in the bsdcpio tool, which
allowed attackers supplying crafted archives to overwrite files. (CVE-2015-2304)

Also, a integer overflow was fixed that could also overflow buffers. (CVE-2013-0211)
</description>
  <summary>Security update for libarchive</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places