Package: libarchive1 Version: 2.2.3-1 Tags: security Severity: grave FreeBSD has disclosed several security problems in libarchive:
| Several problems have been found in the code used to parse the tar and | pax interchange formats. These include entering an infinite loop if an | archive prematurely ends within a pax extension header or if certain | types of corruption occur in pax extension headers [CVE-2007-3644]; | dereferencing a NULL pointer if an archive prematurely ends within a | tar header immediately following a pax extension header or if certain | other types of corruption occur in pax extension headers [CVE-2007-3645]; | and miscomputing the length of a buffer resulting in a buffer overflow | if yet another type of corruption occurs in a pax extension header | [CVE-2007-3641]. Please mention the CVE names when fixing these bugs. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
