Information on source package libarchive

Available versions

ReleaseVersion
jessie3.1.2-11+deb8u11
stretch3.2.2-2+deb9u4
stretch (security)3.2.2-2+deb9u3
buster3.3.3-4+deb10u3
bullseye3.4.3-2+deb11u1
bookworm3.6.2-1+deb12u1
trixie3.7.4-1
sid3.7.4-1.1

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2024-20696vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablefixedWindows libarchive Remote Code Execution Vulnerability
CVE-2022-36227fixedfixedfixedvulnerable (no DSA)fixedfixedfixedIn libarchive before 3.6.2, the software does not check for an error a ...
CVE-2022-26280fixedfixedfixedvulnerable (no DSA)fixedfixedfixedLibarchive v3.6.0 was discovered to contain an out-of-bounds read via ...
CVE-2021-36976fixedfixedfixedvulnerable (no DSA)fixedfixedfixedlibarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (ca ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-30571vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableLibarchive through 3.6.2 can cause directories to have world-writable ...

Resolved issues

BugDescription
CVE-2024-48958execute_filter_delta in archive_read_support_format_rar.c in libarchiv ...
CVE-2024-48957execute_filter_audio in archive_read_support_format_rar.c in libarchiv ...
CVE-2024-37407Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP ar ...
CVE-2024-26256Libarchive Remote Code Execution Vulnerability
CVE-2022-28066
CVE-2021-31566An improper link resolution flaw can occur while extracting an archive ...
CVE-2021-23177An improper link resolution flaw while extracting an archive can lead ...
CVE-2020-21674Heap-based buffer overflow in archive_string_append_from_wcs() (archiv ...
CVE-2020-9308archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts ...
CVE-2019-1000020libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onw ...
CVE-2019-1000019libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onw ...
CVE-2019-19221In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string ...
CVE-2019-18408archive_read_format_rar_read_data in archive_read_support_format_rar.c ...
CVE-2019-11463A memory leak in archive_read_format_zip_cleanup in archive_read_suppo ...
CVE-2018-1000880libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onw ...
CVE-2018-1000879libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onw ...
CVE-2018-1000878libarchive version commit 416694915449219d505531b1096384f3237dd6cc onw ...
CVE-2018-1000877libarchive version commit 416694915449219d505531b1096384f3237dd6cc onw ...
CVE-2017-14503libarchive 3.3.2 suffers from an out-of-bounds read within lha_read_da ...
CVE-2017-14502read_header in archive_read_support_format_rar.c in libarchive 3.3.2 s ...
CVE-2017-14501An out-of-bounds read flaw exists in parse_file_info in archive_read_s ...
CVE-2017-14166libarchive 3.3.2 allows remote attackers to cause a denial of service ...
CVE-2017-5601An error in the lha_read_file_header_1() function (archive_read_suppor ...
CVE-2016-10350The archive_read_format_cab_read_header function in archive_read_suppo ...
CVE-2016-10349The archive_le32dec function in archive_endian.h in libarchive 3.2.2 a ...
CVE-2016-10209The archive_wstring_append_from_mbs function in archive_string.c in li ...
CVE-2016-8689The read_Header function in archive_read_support_format_7zip.c in liba ...
CVE-2016-8688The mtree bidder in libarchive 3.2.1 does not keep track of line sizes ...
CVE-2016-8687Stack-based buffer overflow in the safe_fprintf function in tar/util.c ...
CVE-2016-7166libarchive before 3.2.0 does not limit the number of recursive decompr ...
CVE-2016-6250Integer overflow in the ISO9660 writer in libarchive before 3.2.1 allo ...
CVE-2016-5844Integer overflow in the ISO parser in libarchive before 3.2.1 allows r ...
CVE-2016-5418The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlin ...
CVE-2016-4809The archive_read_format_cpio_read_header function in archive_read_supp ...
CVE-2016-4302Heap-based buffer overflow in the parse_codes function in archive_read ...
CVE-2016-4301Stack-based buffer overflow in the parse_device function in archive_re ...
CVE-2016-4300Integer overflow in the read_SubStreamsInfo function in archive_read_s ...
CVE-2016-1541Heap-based buffer overflow in the zip_read_mac_metadata function in ar ...
CVE-2015-8934The copy_from_lzss_window function in archive_read_support_format_rar. ...
CVE-2015-8933Integer overflow in the archive_read_format_tar_skip function in archi ...
CVE-2015-8932The compress_bidder_init function in archive_read_support_filter_compr ...
CVE-2015-8931Multiple integer overflows in the (1) get_time_t_max and (2) get_time_ ...
CVE-2015-8930bsdtar in libarchive before 3.2.0 allows remote attackers to cause a d ...
CVE-2015-8929Memory leak in the __archive_read_get_extract function in archive_read ...
CVE-2015-8928The process_add_entry function in archive_read_support_format_mtree.c ...
CVE-2015-8927The trad_enc_decrypt_update function in archive_read_support_format_zi ...
CVE-2015-8926The archive_read_format_rar_read_data function in archive_read_support ...
CVE-2015-8925The readline function in archive_read_support_format_mtree.c in libarc ...
CVE-2015-8924The archive_read_format_tar_read_header function in archive_read_suppo ...
CVE-2015-8923The process_extra function in libarchive before 3.2.0 uses the size fi ...
CVE-2015-8922The read_CodersInfo function in archive_read_support_format_7zip.c in ...
CVE-2015-8921The ae_strtofflags function in archive_entry.c in libarchive before 3. ...
CVE-2015-8920The _ar_read_header function in archive_read_support_format_ar.c in li ...
CVE-2015-8919The lha_read_file_extended_header function in archive_read_support_for ...
CVE-2015-8918The archive_string_append function in archive_string.c in libarchive b ...
CVE-2015-8917bsdtar in libarchive before 3.2.0 allows remote attackers to cause a d ...
CVE-2015-8916bsdtar in libarchive before 3.2.0 returns a success code without filli ...
CVE-2015-8915bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a ...
CVE-2015-2304Absolute path traversal vulnerability in bsdcpio in libarchive 3.1.2 a ...
CVE-2013-0211Integer signedness error in the archive_write_zip_data function in arc ...
CVE-2011-1779Multiple use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5 ...
CVE-2011-1778Buffer overflow in libarchive through 2.8.5 allows remote attackers to ...
CVE-2011-1777Multiple buffer overflows in the (1) heap_add_entry and (2) relocate_d ...
CVE-2010-4666Buffer overflow in libarchive 3.0 pre-release code allows remote attac ...
CVE-2007-3645archive_read_support_format_tar.c in libarchive before 2.2.4 allows us ...
CVE-2007-3644archive_read_support_format_tar.c in libarchive before 2.2.4 allows us ...
CVE-2007-3641archive_read_support_format_tar.c in libarchive before 2.2.4 does not ...
CVE-2006-5680The libarchive library in FreeBSD 6-STABLE after 2006-09-05 and before ...

Security announcements

DSA / DLADescription
DSA-5706-1libarchive - security update
ELA-804-1libarchive - security update
ELA-790-1libarchive - security update
DLA-3294-1libarchive - security update
DLA-3202-1libarchive - security update
DLA-2987-1libarchive - security update
ELA-603-1libarchive - security update
DSA-4557-1libarchive - security update
ELA-184-1libarchive - security update
DLA-1971-1libarchive - security update
DLA-1668-1libarchive - security update
ELA-82-1libarchive - security update
DSA-4360-1libarchive - security update
DLA-1612-1libarchive - security update
ELA-62-1libarchive - security update
DLA-1600-1libarchive - security update
DLA-1092-1libarchive - security update
DLA-1006-1libarchive - security update
DLA-810-1libarchive - security update
DLA-661-1libarchive - security update
DLA-657-1libarchive - security update
DSA-3677-1libarchive - security update
DLA-617-1libarchive - security update
DSA-3657-1libarchive - security update
DLA-554-1libarchive - security update
DSA-3574-1libarchive - security update
DLA-166-1libarchive - security update
DSA-3180-1libarchive - security update
DSA-2413-1libarchive - buffer overflows
DSA-1455-1libarchive

Search for package or bug name: Reporting problems