Linux users warned to update libarchive to beat flaw
The bug is identified as CVE-2019-18408, a high-priority ‘use-after-free’ bug when dealing with a failed archive. Continue reading Linux users warned to update libarchive to beat flaw
Category Archives: libarchive
Severe flaws patched in libarchive, dependent projects urged to follow
Three severe bugs that could be easily exploited to perform arbitrary code execution have been patched with version 3.2.1 of the libarchive open source multi-format archive and compression library. That would be the end of the problem if not for the fact that the library is widely used in several Linux and Unix-like distributions, many package managers, archiving tools, file browsers, and some security software. The developers of some of these software packages have already … More → Continue reading Severe flaws patched in libarchive, dependent projects urged to follow
Security holes found in widely-used file compression library, leaving other products dangerously exposed
Researchers have called for users to patch and upgrade their vulnerable software as soon as possible, after three severe vulnerabilities were found in libarchive, a widely-used open source compression library.
Read more in my article on the Tripwire St… Continue reading Security holes found in widely-used file compression library, leaving other products dangerously exposed
Patched libarchive Vulnerabilities Have Big Reach
Libarchive was patched against three memory-related vulnerabilities, putting pressure on admins to ensure third-party software that also uses the library is patched. Continue reading Patched libarchive Vulnerabilities Have Big Reach