Bug 19606

Summary: libarchive new security issues CVE-2016-868[7-9]
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED DUPLICATE QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: nicolas.salguero
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA5TOO
Source RPM: libarchive-3.2.1-4.mga6.src.rpm CVE:
Status comment:

Description David Walser 2016-10-16 22:47:56 CEST 
CVEs have been assigned for multiple security issues fixed upstream in libarchive:
http://openwall.com/lists/oss-security/2016/10/16/11

Links to commits to fix the issues are included in the message above.
David Walser 2016-10-16 22:48:03 CEST

Whiteboard: (none) => MGA5TOO

Comment 1 Nicolas Salguero 2016-10-17 09:58:06 CEST 
Hi,

All those security issues are already corrected in our packages because:
  - CVE-2016-8687 is Issue #767
  - CVE-2016-8688 is Issue #747
  - CVE-2016-8689 is Issue #761

As you can see in bug 19351.

Best regards,

Nico.

Status: NEW => RESOLVED
CC: (none) => nicolas.salguero
Resolution: (none) => FIXED

Comment 2 David Walser 2016-10-17 12:26:11 CEST 
Thanks.  Marking as duplicate then.

*** This bug has been marked as a duplicate of bug 19351 ***

Resolution: FIXED => DUPLICATE