Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 20 Jul 2016 09:32:53 +0200
From: Christian Wressnegger <c.wressnegger@...bs.de>
To: oss-security@...ts.openwall.com
Cc: Fabian Yamaguchi <f.yamaguchi@...bs.de>,
 Alwin Maier <alwin.maier@...bs.de>
Subject: Buffer overflow in libarchive-3.2.0

Hi oss-security,
(please note, I'm not on the list.)

We've recently discovered a vulnerability in libarchive-3.2.0 when
writing iso9660 containers and reported it to the developers.

https://github.com/libarchive/libarchive/issues/711

The issue has been addressed by the following commit

https://github.com/libarchive/libarchive/commit/3014e19820ea53c15c90f9d447ca3e668a0b76c6

and included in version 3.2.1 of the library.

I was wondering whether anybody could assign a CVE for this?

Thanks and kind regards,
Christian Wressnegger (TU Braunschweig)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ