exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2013-147

Mandriva Linux Security Advisory 2013-147
Posted Apr 19, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-147 - Fabian Yamaguchi reported a read buffer overflow flaw in libarchive on 64-bit systems where sizeof is equal to 8. In the archive_write_zip_data() function in libarchive/ archive_write_set_format_zip.c, the s parameter is of type size_t and is cast to a 64 bit signed integer. If s is larger than MAX_INT, it will not be set to zip->remaining_data_bytes even though it is larger than zip->remaining_data_bytes, which leads to a buffer overflow when calling deflate(). This can lead to a segfault in an application that uses libarchive to create ZIP archives. The updated packages have been patched to correct this issue.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2013-0211
SHA-256 | 5bb6edb00d4a3a97d18eff54273e8d8f6e8a9f9af0bf690de5590fd4a7f7e83b

Mandriva Linux Security Advisory 2013-147

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:147
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : libarchive
Date : April 19, 2013
Affected: Business Server 1.0, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A vulnerability has been found and corrected in libarchive:

Fabian Yamaguchi reported a read buffer overflow flaw in
libarchive on 64-bit systems where sizeof(size_t) is equal
to 8. In the archive_write_zip_data() function in libarchive/
archive_write_set_format_zip.c, the "s" parameter is of type size_t
(64 bit, unsigned) and is cast to a 64 bit signed integer. If "s" is
larger than MAX_INT, it will not be set to "zip->remaining_data_bytes"
even though it is larger than "zip->remaining_data_bytes", which
leads to a buffer overflow when calling deflate(). This can lead to a
segfault in an application that uses libarchive to create ZIP archives
(CVE-2013-0211).

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0211
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0119
_______________________________________________________________________

Updated Packages:

Mandriva Enterprise Server 5:
db7909eb958a090af3abeec3e4427f20 mes5/i586/bsdtar-2.5.5-1.2mdvmes5.2.i586.rpm
8ce2a7ce2501bb7bd6a53e3dffd8fd31 mes5/i586/libarchive2-2.5.5-1.2mdvmes5.2.i586.rpm
ba4c4e8717271abf9f2228886617409c mes5/i586/libarchive-devel-2.5.5-1.2mdvmes5.2.i586.rpm
52d76a6e66d3e63c981b947dc8d58f50 mes5/SRPMS/libarchive-2.5.5-1.2mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
f922a9da676ae2d2de2f717bd5841c73 mes5/x86_64/bsdtar-2.5.5-1.2mdvmes5.2.x86_64.rpm
4218a2812e89dc233b1e1eeb6f407e44 mes5/x86_64/lib64archive2-2.5.5-1.2mdvmes5.2.x86_64.rpm
a928fa095d7cf3f3ef5c4338b1fba506 mes5/x86_64/lib64archive-devel-2.5.5-1.2mdvmes5.2.x86_64.rpm
52d76a6e66d3e63c981b947dc8d58f50 mes5/SRPMS/libarchive-2.5.5-1.2mdvmes5.2.src.rpm

Mandriva Business Server 1/X86_64:
05b377385a447c33cd6e85efeeaa4fd0 mbs1/x86_64/bsdcpio-3.0.3-2.1.mbs1.x86_64.rpm
3ff28cd1ce2047a8dfed99a978d238a2 mbs1/x86_64/bsdtar-3.0.3-2.1.mbs1.x86_64.rpm
4adb27059351ae756462e9e25c87e11e mbs1/x86_64/lib64archive12-3.0.3-2.1.mbs1.x86_64.rpm
52850e175df3b0b48a307d87c7b5f3ea mbs1/x86_64/lib64archive-devel-3.0.3-2.1.mbs1.x86_64.rpm
890acf6fa9dafa2303be49bc1d42bdf1 mbs1/SRPMS/libarchive-3.0.3-2.1.mbs1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFRcTdymqjQ0CJFipgRAs/4AKC3K7COuqRwVL6Ecq8yZ8chXthyWQCg04Q5
PRlg9lwbUt4q80+7fmRJ8Kk=
=jL85
-----END PGP SIGNATURE-----


Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close