Gentoo Linux Security Advisory 201701-3 - Multiple vulnerabilities have been found in libarchive, the worst of which allows for the remote execution of arbitrary code. Versions less than 3.2.2 are affected.
6e383d806a0d0bc5f7390454433a074fd47878257ac7fa6b5489c1564f435929
Red Hat Security Advisory 2016-1850-01 - The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix: A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive.
711241662188f0c0cfb9c91a6f39f28a53a23f91e708e6da3698d03b733d5d3a
Red Hat Security Advisory 2016-1844-01 - The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers. Security Fix: A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive.
ecc02ac8c19e821e663da1602fbb4cbf585f0740fa7472a450e18bdab7e321d2
Ubuntu Security Notice 3033-1 - Hanno Boeck discovered that libarchive contained multiple security issues when processing certain malformed archive files. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. Marcin "Icewall" Noga discovered that libarchive contained multiple security issues when processing certain malformed archive files. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
20397b68c196f08762e206ddfee872c463277203d02a0239edab2890f6948681