Publishing details
-
Removed from disk
.
-
Removal requested
.
-
Superseded
by libarchive - 3.1.2-7ubuntu2.2
-
Published
-
Copied from
ubuntu trusty in
Private PPA for Ubuntu Security Team
by Ubuntu Archive Robot
Changelog
libarchive (3.1.2-7ubuntu2.1) trusty-security; urgency=medium
* SECURITY UPDATE: absolute path traversal vulnerability in bsdcpio
- debian/patches/CVE-2015-2304.patch: don't allow absolute paths by
default in cpio/cpio.c, libarchive/archive.h,
libarchive/archive_write_disk_posix.c, added test to
libarchive/test/test_write_disk_secure.c, updated documentation in
cpio/bsdcpio.1, libarchive/archive_write_disk.3.
- CVE-2015-2304
-- Marc Deslauriers <email address hidden> Tue, 24 Mar 2015 12:43:54 -0400
Builds
Package files