Date: Mon, 9 May 2011 15:57:26 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: coley <coley@...re.org> Subject: Re: CVE request: libarchive, multiple overflows ----- Original Message ----- > Hello, > our maintainer found the following patches: > ----------- > I was doing some maintainance on bsdtar package and noticed that there > was a buffer overflow fix upstream, see > http://code.google.com/p/libarchive/source/detail?r=3158&path=/trunk/libarchive/archive_read_support_format_iso9660.c Use CVE-2011-1777 > > Also SUSE package does not include the > http://pkgs.fedoraproject.org/gitweb/?p=libarchive.git;a=blob_plain;f=libarchive-2.8.4-iso9660-data-types.patch;hb=HEAD > patch which seems to be security sensitive also. I'm not sure I'd call this one security. It's a crash only from what I can see: https://code.google.com/p/libarchive/source/detail?r=1984&path=/trunk/libarchive/archive_read_support_format_iso9660.c It's just silly input to a format string. If you want one I'll assign it though. > More overflow fixes: > > http://code.google.com/p/libarchive/source/detail?r=2842 This one needs a 2010 ID. Use CVE-2010-4666 > http://code.google.com/p/libarchive/source/detail?r=3160 Use CVE-2011-1778 > > Use-after-free fix (not sure if exploitable): > > http://code.google.com/p/libarchive/source/detail?r=3038 I'm going to give this an ID, I'd rather have it revoked than not assigned. Use CVE-2011-1779 Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ