libarchive 3.7.2-2ubuntu0.3 source package in Ubuntu

Changelog

libarchive (3.7.2-2ubuntu0.3) noble-security; urgency=medium

  * SECURITY UPDATE: code execution via negative copy length
    - debian/patches/CVE-2024-20696.patch: protect
      copy_from_lzss_window_to_unp() in
      libarchive/archive_read_support_format_rar.c.
    - CVE-2024-20696

 -- Marc Deslauriers <email address hidden>  Tue, 29 Oct 2024 10:02:44 +0100

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Noble
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Noble updates main libs
Noble security main libs

Downloads

File Size SHA-256 Checksum
libarchive_3.7.2.orig.tar.xz 5.0 MiB 04357661e6717b6941682cde02ad741ae4819c67a260593dfb2431861b251acb
libarchive_3.7.2.orig.tar.xz.asc 659 bytes 2c2b98622c2f3e59608118fae3e412c900100ec1bf9f825775930b3a8b4f5635
libarchive_3.7.2-2ubuntu0.3.debian.tar.xz 29.0 KiB e3b221f2071d71ef7315d2fb67724f90f69605de845c8b1e00953811c49266e1
libarchive_3.7.2-2ubuntu0.3.dsc 2.6 KiB 41e87e23eef6727fe140cfc3dba16a0c4227907d8bcefafccefa093d57ead0ce

View changes file

Binary packages built by this source

libarchive-dev: Multi-format archive and compression library (development files)

 The libarchive library provides a flexible interface for reading and writing
 archives in various formats such as tar and cpio. libarchive also supports
 reading and writing archives compressed using various compression filters such
 as gzip and bzip2. The library is inherently stream-oriented; readers serially
 iterate through the archive, writers serially add things to the archive.
 .
 Archive formats supported are:
 .
    * tar (read and write, including GNU extensions)
    * pax (read and write, including GNU and star extensions)
    * cpio (read and write, including odc and newc variants)
    * iso9660 (read and write, including Joliet and Rockridge extensions, with
      some limitations)
    * zip (read only, with some limitations, uses zlib)
    * mtree (read and write)
    * shar (write only)
    * ar (read and write, including BSD and GNU/SysV variants)
    * empty (read only; in particular, note that no other format will accept an
      empty file)
    * raw (read only)
    * xar (read only)
    * rar (read only, with some limitations)
    * 7zip (read and write, with some limitations)
 .
 Filters supported are:
 .
    * gzip (read and write, uses zlib)
    * bzip2 (read and write, uses bzlib)
    * compress (read and write, uses an internal implementation)
    * uudecode (read only)
    * separate command-line compressors with fixed-signature auto-detection
    * xz and lzma (read and write using liblzma)
    * zstandard (read and write using libzstd)
 .
 This package provides the files necessary for development with libarchive.

libarchive-tools: FreeBSD implementations of 'tar' and 'cpio' and other archive tools

 This package contains several command-line tools based on the libarchive
 library.
 .
 The bsdtar program is the default system 'tar' program used on FreeBSD. bsdtar
 uses the libarchive library as a backend which does all of the work for reading
 and writing archives in various formats.
 .
 The bsdcpio program is the default system 'cpio' program used on FreeBSD.
 bsdcpio uses the libarchive library as a backend which does all of the work for
 reading and writing archives in various formats.
 .
 The bsdcat program reads archived data from files or from its standard input
 and uses the libarchive library to decompresses it to its standard output.
 It may be used for viewing the contents of archives or for passing it to other
 tools for further processing.

libarchive-tools-dbgsym: debug symbols for libarchive-tools
libarchive13t64: Multi-format archive and compression library (shared library)

 The libarchive library provides a flexible interface for reading and writing
 archives in various formats such as tar and cpio. libarchive also supports
 reading and writing archives compressed using various compression filters such
 as gzip and bzip2. The library is inherently stream-oriented; readers serially
 iterate through the archive, writers serially add things to the archive.
 .
 Archive formats supported are:
 .
    * tar (read and write, including GNU extensions)
    * pax (read and write, including GNU and star extensions)
    * cpio (read and write, including odc and newc variants)
    * iso9660 (read and write, including Joliet and Rockridge extensions, with
      some limitations)
    * zip (read only, with some limitations, uses zlib)
    * mtree (read and write)
    * shar (write only)
    * ar (read and write, including BSD and GNU/SysV variants)
    * empty (read only; in particular, note that no other format will accept an
      empty file)
    * raw (read only)
    * xar (read only)
    * rar (read only, with some limitations)
    * 7zip (read and write, with some limitations)
 .
 Filters supported are:
 .
    * gzip (read and write, uses zlib)
    * bzip2 (read and write, uses bzlib)
    * compress (read and write, uses an internal implementation)
    * uudecode (read only)
    * separate command-line compressors with fixed-signature auto-detection
    * xz and lzma (read and write using liblzma)
    * zstandard (read and write using libzstd)
 .
 This package provides the libarchive shared library.

libarchive13t64-dbgsym: debug symbols for libarchive13t64