|Related CVE||CVE-2019-1000019 CVE-2019-1000020|
Two vulnerabilities were discovered and corrected in the libarchive multi-format compression library, first fixing an issue where a specially-crafted .z7ip file could cause a denial-of-service attack via a crash (CVE-2019-1000019) in addition to an endless-loop vulnerability where a malicious ISO9660 image could cause an infinite loop (CVE-2019-1000020).
For Debian 7 Wheezy, these problems have been fixed in version 3.0.4-3+wheezy6+deb7u3.
We recommend that you upgrade your libarchive packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/