Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipxlzmaalone_init.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "libarchive-dev", "binary_version": "3.4.0-2ubuntu1.2" }, { "binary_name": "libarchive-tools", "binary_version": "3.4.0-2ubuntu1.2" }, { "binary_name": "libarchive-tools-dbgsym", "binary_version": "3.4.0-2ubuntu1.2" }, { "binary_name": "libarchive13", "binary_version": "3.4.0-2ubuntu1.2" }, { "binary_name": "libarchive13-dbgsym", "binary_version": "3.4.0-2ubuntu1.2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "libarchive-dev", "binary_version": "3.6.0-1ubuntu1" }, { "binary_name": "libarchive-tools", "binary_version": "3.6.0-1ubuntu1" }, { "binary_name": "libarchive-tools-dbgsym", "binary_version": "3.6.0-1ubuntu1" }, { "binary_name": "libarchive13", "binary_version": "3.6.0-1ubuntu1" }, { "binary_name": "libarchive13-dbgsym", "binary_version": "3.6.0-1ubuntu1" } ] }