[El-errata] ELSA-2016-1844 Important: Oracle Linux 7 libarchive security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Mon Sep 12 11:34:18 PDT 2016
Oracle Linux Security Advisory ELSA-2016-1844
http://linux.oracle.com/errata/ELSA-2016-1844.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
bsdcpio-3.1.2-10.el7_2.x86_64.rpm
bsdtar-3.1.2-10.el7_2.x86_64.rpm
libarchive-3.1.2-10.el7_2.i686.rpm
libarchive-3.1.2-10.el7_2.x86_64.rpm
libarchive-devel-3.1.2-10.el7_2.i686.rpm
libarchive-devel-3.1.2-10.el7_2.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libarchive-3.1.2-10.el7_2.src.rpm
Description of changes:
[3.1.2-10]
- Fixes variation of CVE-2016-5418: Hard links could include ".." in
their path.
[3.1.2-9]
- Fixes CVE-2016-5418: Archive Entry with type 1 (hardlink) causes file
overwrite (#1365777)
[3.1.2-8]
- a bunch of security fixes (rhbz#1353065)
More information about the El-errata
mailing list