It was discovered that libarchive incorrectly handled certain entry-size values in ZIP archives. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. (CVE-2016-1541)
It was discovered that libarchive incorrectly handled memory when processing certain tar files. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service. (CVE number pending)
{ "binaries": [ { "binary_name": "bsdcpio", "binary_version": "3.1.2-7ubuntu2.2" }, { "binary_name": "bsdcpio-dbgsym", "binary_version": "3.1.2-7ubuntu2.2" }, { "binary_name": "bsdtar", "binary_version": "3.1.2-7ubuntu2.2" }, { "binary_name": "bsdtar-dbgsym", "binary_version": "3.1.2-7ubuntu2.2" }, { "binary_name": "libarchive-dev", "binary_version": "3.1.2-7ubuntu2.2" }, { "binary_name": "libarchive13", "binary_version": "3.1.2-7ubuntu2.2" }, { "binary_name": "libarchive13-dbgsym", "binary_version": "3.1.2-7ubuntu2.2" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "bsdcpio", "binary_version": "3.1.2-11ubuntu0.16.04.1" }, { "binary_name": "bsdcpio-dbgsym", "binary_version": "3.1.2-11ubuntu0.16.04.1" }, { "binary_name": "bsdtar", "binary_version": "3.1.2-11ubuntu0.16.04.1" }, { "binary_name": "bsdtar-dbgsym", "binary_version": "3.1.2-11ubuntu0.16.04.1" }, { "binary_name": "libarchive-dev", "binary_version": "3.1.2-11ubuntu0.16.04.1" }, { "binary_name": "libarchive13", "binary_version": "3.1.2-11ubuntu0.16.04.1" }, { "binary_name": "libarchive13-dbgsym", "binary_version": "3.1.2-11ubuntu0.16.04.1" } ], "availability": "No subscription required" }