|Category:||Debian Local Security Checks|
|Title:||Debian LTS Advisory ([SECURITY] [DLA 1612-1] libarchive security update)|
|Summary:||Daniel Axtens discovered a double-free and use-after-free vulnerability;in libarchive's RAR decoder that can result in a denial-of-service;(application crash) or may have other unspecified impact when a;malformed RAR archive is processed.|
Daniel Axtens discovered a double-free and use-after-free vulnerability
in libarchive's RAR decoder that can result in a denial-of-service
(application crash) or may have other unspecified impact when a
malformed RAR archive is processed.
The libarchive library provides a flexible interface for reading and
writing streaming archive files such as tar and cpio.
libarchive on Debian Linux
For Debian 8 'Jessie', these problems have been fixed in version
We recommend that you upgrade your libarchive packages.
Common Vulnerability Exposure (CVE) ID: CVE-2018-1000877|
Common Vulnerability Exposure (CVE) ID: CVE-2018-1000878
|Copyright||Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net|
|This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.