Package name
libarchive
Date
2013-04-19
Advisory ID
MDVSA-2013:147
Affected versions
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problem description

A vulnerability has been found and corrected in libarchive:

Fabian Yamaguchi reported a read buffer overflow flaw in
libarchive on 64-bit systems where sizeof(size_t) is equal
to 8. In the archive_write_zip_data() function in libarchive/
archive_write_set_format_zip.c, the "s" parameter is of type size_t
(64 bit, unsigned) and is cast to a 64 bit signed integer. If "s" is
larger than MAX_INT, it will not be set to "zip->remaining_data_bytes"
even though it is larger than "zip->remaining_data_bytes", which
leads to a buffer overflow when calling deflate(). This can lead to a
segfault in an application that uses libarchive to create ZIP archives
(CVE-2013-0211).

The updated packages have been patched to correct this issue.

Updated packages

MES5 i586

 db7909eb958a090af3abeec3e4427f20  mes5/i586/bsdtar-2.5.5-1.2mdvmes5.2.i586.rpm
 8ce2a7ce2501bb7bd6a53e3dffd8fd31  mes5/i586/libarchive2-2.5.5-1.2mdvmes5.2.i586.rpm
 ba4c4e8717271abf9f2228886617409c  mes5/i586/libarchive-devel-2.5.5-1.2mdvmes5.2.i586.rpm 
 52d76a6e66d3e63c981b947dc8d58f50  mes5/SRPMS/libarchive-2.5.5-1.2mdvmes5.2.src.rpm

MBS1 x86_64

 05b377385a447c33cd6e85efeeaa4fd0  mbs1/x86_64/bsdcpio-3.0.3-2.1.mbs1.x86_64.rpm
 3ff28cd1ce2047a8dfed99a978d238a2  mbs1/x86_64/bsdtar-3.0.3-2.1.mbs1.x86_64.rpm
 4adb27059351ae756462e9e25c87e11e  mbs1/x86_64/lib64archive12-3.0.3-2.1.mbs1.x86_64.rpm
 52850e175df3b0b48a307d87c7b5f3ea  mbs1/x86_64/lib64archive-devel-3.0.3-2.1.mbs1.x86_64.rpm 
 890acf6fa9dafa2303be49bc1d42bdf1  mbs1/SRPMS/libarchive-3.0.3-2.1.mbs1.src.rpm

MES5 x86_64

 f922a9da676ae2d2de2f717bd5841c73  mes5/x86_64/bsdtar-2.5.5-1.2mdvmes5.2.x86_64.rpm
 4218a2812e89dc233b1e1eeb6f407e44  mes5/x86_64/lib64archive2-2.5.5-1.2mdvmes5.2.x86_64.rpm
 a928fa095d7cf3f3ef5c4338b1fba506  mes5/x86_64/lib64archive-devel-2.5.5-1.2mdvmes5.2.x86_64.rpm 
 52d76a6e66d3e63c981b947dc8d58f50  mes5/SRPMS/libarchive-2.5.5-1.2mdvmes5.2.src.rpm

References