A libarchive security update has been released for Debian GNU/Linux 8 and 9 Extended LTS to address missing checks after calloc that may result in null pointer dereferences.
ELA-790-1 libarchive security update
Package : libarchive
ELA-790-1 libarchive security update
Version : 3.1.2-11+deb8u10 (jessie), 3.2.2-2+deb9u4 (stretch)
Related CVEs :
CVE-2022-36227
An issue has been found in libarchive, a multi-format archive and compression library. Due to missing checks after calloc, null pointer dereferences might happen.
