GNU bug report logs - #74283
[PATCH] gnu: libarchive: Graft to 3.7.7. [security fixes]

Previous Next

Package: guix-patches;

Reported by: Liliana Marie Prikler <liliana.prikler <at> gmail.com>

Date: Sat, 9 Nov 2024 16:11:02 UTC

Severity: normal

Tags: patch

Done: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

Message #10 received at 74283-done <at> debbugs.gnu.org (full text, mbox):

From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: Liliana Marie Prikler <liliana.prikler <at> gmail.com>
Cc: 74283-done <at> debbugs.gnu.org
Subject: Re: [bug#74283] [PATCH] gnu: libarchive: Graft to 3.7.7. [security
 fixes]
Date: Tue, 12 Nov 2024 20:32:50 +0900

Hi,

Liliana Marie Prikler <liliana.prikler <at> gmail.com> writes:

> * gnu/packages/backup.scm (libarchive): Add replacement with libarchive/fixed.
> (libarchive/fixed): New variable.
>
> Fixes: Out of bounds access in ZIP files [CVE-2024-37407].
> Fixes: Out of bounds access in RAR files [CVE-2024-48957, CVE-2024-48958].
> Fixes: Race condition in multi-threaded systems [CVE-2023-30571].
> Fixes: NULL pointer dereference [CVE-2022-36227].

Pushed with a6dab6e915!  Thank you.

-- 
Thanks,
Maxim

This bug report was last modified 193 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #74283 [PATCH] gnu: libarchive: Graft to 3.7.7. [security fixes]

GNU bug report logs - #74283
[PATCH] gnu: libarchive: Graft to 3.7.7. [security fixes]