Debian 10260 Published by

Updated Libarchive packages has been released for Debian GNU/Linux 7 Extended LTS



Package: libarchive
Version: 3.0.4-3+wheezy6+deb7u4
Related CVE: CVE-2019-18408

An issue has been found in libarchive, a multi-format archive and compression library.

In case of a crafted archive containing several parts and one part being corrupt, there would be an use-after-free for the next part of the archive.

For Debian 7 Wheezy, these problems have been fixed in version 3.0.4-3+wheezy6+deb7u4.

We recommend that you upgrade your libarchive packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/