Packages
- libarchive - Library to read/write archive files
Details
It was discovered that libarchive incorrectly handled certain ISO 9660
image files. If a user were tricked into using a specially crafted
ISO 9660 image file, a remote attacker could cause libarchive to crash or
possibly execute arbitrary code with user privileges. (CVE-2011-1777)
It was discovered that libarchive incorrectly handled certain tar archive
files. If a user were tricked into using a specially crafted tar file, a
remote attacker could cause libarchive to crash or possibly execute
arbitrary code with user privileges. (CVE-2011-1778)
It was discovered that libarchive incorrectly handled certain ISO 9660
image files. If a user were tricked into using a specially crafted
ISO 9660 image file, a remote attacker could cause libarchive to crash or
possibly execute arbitrary code with user privileges. (CVE-2011-1777)
It was discovered that libarchive incorrectly handled certain tar archive
files. If a user were tricked into using a specially crafted tar file, a
remote attacker could cause libarchive to crash or possibly execute
arbitrary code with user privileges. (CVE-2011-1778)
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 11.10 oneiric | libarchive1 – 2.8.4-1ubuntu0.11.10.1 | ||
| 11.04 natty | libarchive1 – 2.8.4-1ubuntu0.11.04.1 | ||
| 10.10 maverick | libarchive1 – 2.8.4-1ubuntu0.10.10.1 | ||
| 10.04 lucid | libarchive1 – 2.8.0-2ubuntu0.1 | ||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.