Updated Libarchive packages has been released for Debian GNU/Linux 7 Extended LTS
Package: libarchive
Version: 3.0.4-3+wheezy6+deb7u4
Related CVE: CVE-2019-18408
An issue has been found in libarchive, a multi-format archive and compression library.
In case of a crafted archive containing several parts and one part being corrupt, there would be an use-after-free for the next part of the archive.
For Debian 7 Wheezy, these problems have been fixed in version 3.0.4-3+wheezy6+deb7u4.
We recommend that you upgrade your libarchive packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/