Severity: Unknown
Affected Package: libarchive
Summary: libarchive cpio directory traversal and zip integer signedness error
Two libarchive issues were fixed: a directory traversal vulnerability in bsdcpio when extracting archives, and an integer signedness error in the ZIP archive write routine. These could allow files to be written outside the intended directory or trigger memory corruption when processing crafted archives. Fixed in the 0.7.9 release.
No specific recommendations provided.
Aliases: CVE-2015-2304, CVE-2013-0211
Published: May 31, 2016
Last Modified: May 31, 2016