[SECURITY] Fedora 18 Update: libarchive-3.0.4-4.fc18

updates at fedoraproject.org updates at fedoraproject.org
Fri Apr 12 22:25:02 UTC 2013 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-4537
2013-03-29 00:54:27
--------------------------------------------------------------------------------

Name        : libarchive
Product     : Fedora 18
Version     : 3.0.4
Release     : 4.fc18
URL         : http://code.google.com/p/libarchive/
Summary     : A library for handling streaming archive formats
Description :
Libarchive is a programming library that can create and read several different
streaming archive formats, including most popular tar variants, several cpio
formats, and both BSD and GNU ar variants. It can also write shar archives and
read ISO9660 CDROM images and ZIP archives.

--------------------------------------------------------------------------------
Update Information:

This update fixes CVE-2013-0211 libarchive: read buffer overflow on 64-bit systems
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 28 2013 Tomas Bzatek <tbzatek at redhat.com> - 3.0.4-4
- Fix CVE-2013-0211: read buffer overflow on 64-bit systems (#927105)
* Wed Oct  3 2012 Pavel Raiskup <praiskup at redhat.com> - 3.0.4-3
- better install manual pages for libarchive/bsdtar/bsdcpio (# ... )
- several fedora-review fixes ...:
- Source0 has moved to github.com
- remove trailing white spaces
- repair summary to better describe bsdtar/cpiotar utilities
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #902998 - CVE-2013-0211 libarchive: read buffer overflow on 64-bit systems
        https://bugzilla.redhat.com/show_bug.cgi?id=902998
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update libarchive' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list